5

In our enviroment we are often required to run old outdated versions of different applications, and im wondering about the security implications on that. So im hoping there is a site that basicly lists AppXX1 version V2 has X known exploits.

Im off course thinking about bigger applications like Java, IE.

JS.
  • 3,901
  • 21
  • 18
EKS
  • 535
  • 1
  • 5
  • 14

2 Answers2

6

Secunia has an application /OS / hardware appliance vulnerability database which has the info you are looking for.

IE6 Report page for example.

alt text http://secunia.com/advisories/graph/?type=sol&period=all&prod=11

and Java JRE 1.2.x

alt text http://secunia.com/advisories/graph/?type=sol&period=all&prod=785

JS.
  • 3,901
  • 21
  • 18
2

I think something like the Nessus vulnerability list is probably going to be your best bet, but I'm not sure how to do that without running Nessus itself. cve.mitre.org has the most comprehensive list of vulnerabilities, but I've never looked for a list organised by software product, so I don't know if there's anything like that there.

womble
  • 95,029
  • 29
  • 173
  • 228