[Secure-testing-commits] r3388 - data/CVE

Moritz Muehlenhoff Sun, 29 Jan 2006 12:56:27 -0800

Author: jmm-guest
Date: 2006-01-29 20:55:51 +0000 (Sun, 29 Jan 2006)
New Revision: 3388


Modified:
   data/CVE/list
Log:
another no-dsa
two suspected helix issues were only present in real player
  (at the time of research the vendor information wasn't
   complete)


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2006-01-29 20:42:11 UTC (rev 3387)
+++ data/CVE/list       2006-01-29 20:55:51 UTC (rev 3388)
@@ -9028,9 +9028,11 @@
        {DSA-737-1 DTSA-3-1}
        - clamav 0.86.1-1 (bug #318756; medium)
 CVE-2005-2055 (RealPlayer 8, 10, 10.5 (6.0.12.1040-1069), and Enterprise and 
RealOne ...)
-       - helix-player 1.0.5-1 (bug #316276; high)
+       - helix-player 1.0.5-1 (bug #316276; unknown)
 CVE-2005-2054 (Unknown vulnerability in RealPlayer 10 and 10.5 
(6.0.12.1040-1069) and ...)
-       - helix-player 1.0.5-1 (bug #316276; unknown)
+       NOT-FOR-US: Real Player
+       NOTE: This didn't affected Helix, although the changelog claimed so, see
+       NOTE: http://service.real.com/help/faq/security/050623_player/EN/
 CVE-2002-1986 (Perception LiteServe 2.0 through 2.0.1 allows remote attackers 
to ...)
        NOT-FOR-US: Perception LiteServe
 CVE-2002-1985 (iSMTP 5.0.1 allows remote attackers to cause a denial of 
service via a ...)
@@ -9456,7 +9458,9 @@
 CVE-2005-2053 (Just another flat file (JAF) CMS before 3.0 Final allows remote 
...)
        NOT-FOR-US: JAF CMS
 CVE-2005-2052 (Heap-based buffer overflow in vidplin.dll in RealPlayer 10 and 
10.5 ...)
-       - helix-player 1.0.5-1 (bug #316276; high)
+       NOT-FOR-US: Real Player
+       NOTE: This didn't affected Helix, although the changelog claimed so, see
+       NOTE: http://service.real.com/help/faq/security/050623_player/EN/
 CVE-2005-2051 (Buffer overflow in the VERITAS Backup Exec Web Administration 
Console ...)
        NOT-FOR-US: BEWAC
 CVE-2005-2050 (Unknown vulnerability in Tor before 0.1.0.10 allows remote 
attackers ...)
@@ -13547,7 +13551,7 @@
        [sarge] - kernel-source-2.6.8 <not-affected> (Not vulnerable, see 
#306137)
 CVE-2005-0866 (cdrecord before 4:2.0, when DEBUG is enabled, allows local 
users to ...)
        - cdrtools 4:2.01+01a01-4 (bug #291376; low)
-       NOTE: Sarge and Woody affected
+       - cdrtools <no-dsa> (Only exploitable in rare debugging mode)
 CVE-2004-1771 (Scalable OGo (SOGo) 1.0 allows remote authenticated users to 
bypass ...)
        NOT-FOR-US: Scalable OGo (SOGo)
 CVE-2002-1628 (Directory traversal vulnerability in vote.cgi for Mike Spice 
Mike's ...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r3388 - data/CVE

Reply via email to