
Home	Get CVE	About CVE	News and Events	Editorial Board	Advisory Council	Compatible Products

CVE Reference Key

Introduction

Each reference used in CVE has the following structure:

SOURCE : NAME

SOURCE is an alphanumeric keyword.
NAME is a single line of ASCII text. It can include colons and spaces.

Where possible, the NAME is selected to facilitate search on a SOURCE's web site.

For references that do not have a well-defined identifier, a release date and/or subject header may be included.

Reference Order

This is a relatively new recommendation, so it is not used in all entries or candidates. References may be listed in the following order:

Initial announcement
Response team advisory
Vendor acknowledgement / advisory
All other public sources

Others may appear in random order.

Source List

AIXAPAR	ALLAIRE	APPLE	ASCEND	ATSTAKE
AUSCERT	BEA	BID	BINDVIEW	BUGTRAQ
CALDERA	CERT	CERT-VN	CHECKPOINT	CIAC
CISCO	COMPAQ	CONECTIVA	CONFIRM	DEBIAN
EEYE	EL8	ENGARDE	ERS	FEDORA
FREEBSD	FRSIRT	FULLDISC	FarmerVenema	FreeBSD
GENTOO	HERT	HP	IBM	IDEFENSE
IMMUNIX	INFOWAR	ISS	KSRT	L0PHT
MANDRAKE	MANDRIVA	MISC	MLIST	MS
MSKB	NAI	NETBSD	NETECT	NTBUGTRAQ
NetBSD	OPENBSD	OPENPKG	OSVDB	OVAL
REDHAT	RSI	SCO	SECTRACK	SECUNIA
SEKURE	SF-INCIDENTS	SGI	SLACKWARE	SNI
SUN	SUNALERT	SUNBUG	SUSE	TRUSTIX
TURBO	UBUNTU	URL	VIM	VULN-DEV
VULNWATCH	WIN2KSEC	XF

Editor's Commentary
Get CVE
CVE Version Number: 20061101 Total Unique Entries: 3050 Total Candidates: 18966

CVE LIST
Reference Key
A description of CVE references
Reference Maps
Link references to the CVE names
Versions
Data Sources
Content Decisions
Candidate Numbering Authorities
About CVE Names
Obtain a CVE Name

USING THE LIST
Search Tips
How to Read a CVE Name
FAQs

Common Configuration Enumeration
CCE List

Common Weakness Enumeration
CWE List

CVE Expanded
Free external services and capabilities that build upon CVE
CVE Change Logs
OVAL
National Vulnerability Database

Source Details

Download all reference maps - ZIP file

AIXAPAR : AIX APAR (Authorized Problem Analysis Report)

CVE reference map for Source AIXAPAR
Source URL: http://www-1.ibm.com/support/apar_search.html
Notes: If the apar_search URL doesn't find the APAR, then also try: http://techsupport.services.ibm.com/rs6k/fixdb.html or http://techsupport.services.ibm.com/server/aix.CAPARdb

ALLAIRE : Allaire Security Bulletin

CVE reference map for Source ALLAIRE
Source URL: http://www.macromedia.com/v1/developer/securityzone/
Notes: Allaire was acquired by Macromedia. ALLAIRE references might be converted into MACROMEDIA references in the future.

APPLE : Apple Security Update

ASCEND : Ascend vendor acknowledgement

CVE reference map for Source ASCEND
Source URL: http://www.ascend.com/2695.html

ATSTAKE : @stake security advisory

AUSCERT : AUSCERT advisory

BEA : BEA security advisory

BID : Security Focus Bugtraq ID database entry

CVE reference map for Source BID
Source URL: http://online.securityfocus.com/bid
Aliases: SF

BINDVIEW : BindView security advisory

BUGTRAQ : Posting to Bugtraq mailing list

CALDERA : Caldera security advisory

CVE reference map for Source CALDERA
Source URL: http://www.calderasystems.com/support/security/
Notes: Caldera/SCO advisories are at http://stage.caldera.com/support/security/

CERT : CERT/CC Advisories

CVE reference map for Source CERT
Source URL: http://www.cert.org/advisories

CERT-VN : CERT/CC vulnerability note

CVE reference map for Source CERT-VN
Source URL: http://www.kb.cert.org/vuls

CHECKPOINT : Check Point Alert

CIAC : DOE CIAC (Computer Incident Advisory Center) bulletins

CISCO : Cisco security advisory

COMPAQ : COMPAQ Service Security Patch

CONECTIVA : Conectiva Linux advisory

CONFIRM : URL to location where vendor confirms that the problem exists

CVE reference map for Source CONFIRM
Notes: This source is only used when a vendor confirms an issue with its own advisory, but the vendor is not otherwise a CVE reference source. The URL for the confirmation is specified in the name. Note that in some cases, the provider may have deleted or overwritten the portion of the web page that acknowledged the vulnerability or exposure.

DEBIAN : Debian Linux Security Information

CVE reference map for Source DEBIAN
Source URL: http://www.debian.org/security/

EEYE : eEye security advisory

CVE reference map for Source EEYE
Source URL: http://www.eEye.com

EL8 : EL8 advisory

ENGARDE : En Garde Linux advisory

ERS : IBM ERS/BRS advisories

FEDORA : Fedora Project security advisory

FREEBSD : FreeBSD security advisory

CVE reference map for Source FREEBSD
Source URL: http://www.freebsd.org/security/

FRSIRT : French Security Incident Response Team (FrSIRT) Database

CVE reference map for Source FRSIRT
Source URL: http://www.frsirt.com/english/

FULLDISC : Full-Disclosure mailing list

FarmerVenema : "Improving the Security of Your Site by Breaking Into it" paper by Dan Farmer and Wietse Venema

FreeBSD : FreeBSD security advisory

CVE reference map for Source FreeBSD
Source URL: http://www.freebsd.org/security/
Notes: This source has been obsoleted in favor of FREEBSD. References using this source have been changed to FREEBSD.

GENTOO : Gentoo Linux security advisory

HERT : HERT security advisory

CVE reference map for Source HERT
Source URL: http://www.hert.org
Notes: This reference source is obsolete. References using this source will be replaced with the original Bugtraq posts that contained these advisories.

HP : HP security advisories

CVE reference map for Source HP
Source URL: http://archives.neohapsis.com/archives/hp/
Notes: The official HP web site is difficult to navigate and link to. It is not easy to quickly access advisories. Thus an unofficial URL is recommended over the official URL, since it is not possible to construct and disseminate an official URL. As of February 2006, this URL might help: http://www.itrc.hp.com/service/cki/secBullArchive.do Otherwise, to use the official HP site, follow these instructions: - http://us-support.external.hp.com/ - You must register on the site to obtain these advisories - Select "Search Technical Knowledge Base" under "Maintenance and Support" - Select "Security Bulletin Archive" under "Related Links" - The advisory number is in the last component of the advisory name, e.g. "HPSBUX9910-104" is HP's advisory number 104, whose description on this page is "104 Security Advisory regarding automountd"

IBM : IBM ERS/BRS advisories

IDEFENSE : iDEFENSE advisory

IMMUNIX : Immunix Linux advisory

CVE reference map for Source IMMUNIX
Source URL: http://download.immunix.org/ImmunixOS/
Notes: Advisories are in the "updates" directory of the directory for the affected Immunix OS version. Example: IMNX-2001-70-035-01 is in the 7.0/updates directory.

INFOWAR : INFOWAR security advisory

CVE reference map for Source INFOWAR
Notes: This reference source is obsolete. References using this source will be replaced with the original Bugtraq posts that contained these advisories.

ISS : ISS Security Advisory

CVE reference map for Source ISS
Source URL: http://xforce.iss.net/alerts

KSRT : KSR[T] Security Advisory

CVE reference map for Source KSRT
Source URL: http://www.ksrt.org

L0PHT : L0pht Security Advisory

CVE reference map for Source L0PHT
Source URL: http://www.l0pht.com/advisories.html

MANDRAKE : Linux-Mandrake advisory

MANDRIVA : Mandriva security advisory

MISC : Miscellaneous URL's

CVE reference map for Source MISC
Notes: The URL for MISC sources is encoded within the name portion of the reference.

MLIST : generic reference form for miscellaneous mailing lists

CVE reference map for Source MLIST
Notes: This is used for identifying miscellaneous mailing lists.

MS : Microsoft Security Bulletin

MSKB : Microsoft Knowledge Base article

CVE reference map for Source MSKB
Source URL: http://support.microsoft.com/search/

NAI : NAI Labs security advisory

NETBSD : NetBSD Security Advisory

NETECT : Netect security advisory

CVE reference map for Source NETECT
Source URL: http://www.bindview.com/security/index.html
Notes: This source has been obsoleted, as BindView acquired Netect in 1999. References using this source will be changed to BINDVIEW in a future version of CVE.

NTBUGTRAQ : Posting to NTBugtraq mailing list

NetBSD : NetBSD Security Advisory

CVE reference map for Source NetBSD
Source URL: http://www.netbsd.org/Security/advisory.html
Notes: This source has been obsoleted in favor of NETBSD. References using this source have been changed to NETBSD.

OPENBSD : OpenBSD Security Advisory