[Secure-testing-commits] r15553 - data/CVE

Tue Nov 2 13:49:01 UTC 2010

Author: jamie-guest
Date: 2010-11-02 13:48:57 +0000 (Tue, 02 Nov 2010)
New Revision: 15553

Modified:
   data/CVE/list
Log:
NFUs

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2010-11-02 11:26:11 UTC (rev 15552)
+++ data/CVE/list	2010-11-02 13:48:57 UTC (rev 15553)
@@ -1,3 +1,19 @@
+CVE-2010-4149
+	NOT-FOR-US: FreshWebMaster Fresh FTP
+CVE-2010-4148
+	NOT-FOR-US: AnyConnect
+CVE-2010-4147
+	NOT-FOR-US: Pentasoft Avactis Shopping Cart
+CVE-2010-4146
+	NOT-FOR-US: Attachmate Reflection
+CVE-2010-4145
+	NOT-FOR-US: Kisisel Radyo Script
+CVE-2010-4144
+	NOT-FOR-US: Kisisel Radyo Script
+CVE-2010-4143
+	NOT-FOR-US: phpCheckZ
+CVE-2010-4142
+	NOT-FOR-US: DATAC RealWin
 CVE-2010-XXXX
 	- pithos 0.3.5-1
 CVE-2010-4141
@@ -73,19 +89,19 @@
 CVE-2010-4107
 	RESERVED
 CVE-2010-4106
-	RESERVED
+	NOT-FOR-US: HP Insight Orchestration
 CVE-2010-4105
-	RESERVED
+	NOT-FOR-US: HP Insight Orchestration
 CVE-2010-4104
-	RESERVED
+	NOT-FOR-US: HP Insight Orchestration
 CVE-2010-4103
-	RESERVED
+	NOT-FOR-US: HP Insight Managed System Setup Wizard
 CVE-2010-4102
-	RESERVED
+	NOT-FOR-US: HP Insight Recovery
 CVE-2010-4101
-	RESERVED
+	NOT-FOR-US: HP Insight Recovery
 CVE-2010-4100
-	RESERVED
+	NOT-FOR-US: HP Insight Control Performance Management
 CVE-2010-4099 (ess.pm in NitroSecurity NitroView ESM 8.4.0a, when ESSPMDebug is ...)
 	NOT-FOR-US: NitroSecurity NitroView
 CVE-2010-4098 (monotone before 0.48.1, when configured to allow remote commands, ...)
@@ -103,19 +119,19 @@
 CVE-2010-4091
 	RESERVED
 CVE-2010-4090 (Adobe Shockwave Player before 11.5.9.615 allows attackers to execute ...)
-	TODO: check
+	NOT-FOR-US: Adobe Shockwave Player
 CVE-2010-4089 (IML32.dll in Adobe Shockwave Player before 11.5.9.615 allows attackers ...)
-	TODO: check
+	NOT-FOR-US: Adobe Shockwave Player
 CVE-2010-4088 (dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows ...)
-	TODO: check
+	NOT-FOR-US: Adobe Shockwave Player
 CVE-2010-4087 (IML32.dll in Adobe Shockwave Player before 11.5.9.615 allows attackers ...)
-	TODO: check
+	NOT-FOR-US: Adobe Shockwave Player
 CVE-2010-4086 (dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows ...)
-	TODO: check
+	NOT-FOR-US: Adobe Shockwave Player
 CVE-2010-4085 (dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows ...)
-	TODO: check
+	NOT-FOR-US: Adobe Shockwave Player
 CVE-2010-4084 (dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows ...)
-	TODO: check
+	NOT-FOR-US: Adobe Shockwave Player
 CVE-2010-4083
 	RESERVED
 	- linux-2.6 <unfixed> (low)
@@ -254,11 +270,11 @@
 	- webkit <undetermined>
 	- chromium-browser <undetermined>
 CVE-2010-4032
-	RESERVED
+	NOT-FOR-US: HP Insight Control Performance Management
 CVE-2010-4031
-	RESERVED
+	NOT-FOR-US: HP Insight Control Performance Management
 CVE-2010-4030
-	RESERVED
+	NOT-FOR-US: HP Insight Control Performance Management
 CVE-2010-4029 (Unspecified vulnerability in HP Storage Essentials before 6.3.0, when ...)
 	NOT-FOR-US: HP Storage Essentials
 CVE-2010-4028 (Unspecified vulnerability in LoadRunner Web Tours 9.10 in HP ...)
@@ -1001,7 +1017,7 @@
 CVE-2010-3713 (rss.php in UseBB before 1.0.11 does not properly handle forum ...)
 	NOT-FOR-US: UseBB
 CVE-2010-3712 (Cross-site scripting (XSS) vulnerability in Joomla! 1.5.x before ...)
-	TODO: check
+	NOT-FOR-US: Joomla!
 CVE-2010-3711 (libpurple in Pidgin before 2.7.4 does not properly validate the return ...)
 	- pidgin 2.7.4-1
 	[squeeze] - pidgin 2.7.3-1+squeeze1
@@ -1046,7 +1062,7 @@
 CVE-2010-3701 (lib/MessageStoreImpl.cpp in Red Hat Enterprise MRG before 1.2.2 allows ...)
 	NOT-FOR-US: Red Hat Enterprise MRG
 CVE-2010-3700 (VMware SpringSource Spring Security 2.x before 2.0.6 and 3.x before ...)
-	TODO: check
+	NOT-FOR-US: VMware SpringSource Spring Security
 CVE-2010-3699
 	RESERVED
 CVE-2010-3698
@@ -1138,7 +1154,7 @@
 CVE-2010-3656 (Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
 CVE-2010-3655 (Stack-based buffer overflow in dirapi.dll in Adobe Shockwave Player ...)
-	TODO: check
+	NOT-FOR-US: Adobe Shockwave Player
 CVE-2010-3654 (Adobe Flash Player 10.1.85.3 and earlier on Windows, Mac OS X, Linux, ...)
 	TODO: check
 CVE-2010-3653 (The Director module (dirapi.dll) in Adobe Shockwave Player before ...)
@@ -2838,7 +2854,7 @@
 CVE-2010-3037
 	RESERVED
 CVE-2010-3036 (Multiple buffer overflows in the authentication functionality in the ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2010-3035 (Cisco IOS XR 3.4.0 through 3.9.1, when BGP is enabled, does not ...)
 	NOT-FOR-US: Cisco IOS XR
 CVE-2010-3034 (Cisco Wireless LAN Controller (WLC) software, possibly 6.0.x or ...)
@@ -4052,9 +4068,9 @@
 CVE-2010-2583
 	RESERVED
 CVE-2010-2582 (Heap-based buffer overflow in Adobe Shockwave Player before 11.5.9.615 ...)
-	TODO: check
+	NOT-FOR-US: Adobe Shockwave Player
 CVE-2010-2581 (dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows ...)
-	TODO: check
+	NOT-FOR-US: Adobe Shockwave Player
 CVE-2010-2580 (The SMTP service (MESMTPC.exe) in MailEnable 3.x and 4.25 does not ...)
 	NOT-FOR-US: MailEnable
 CVE-2010-2579
@@ -11370,7 +11386,7 @@
 CVE-2010-0113
 	RESERVED
 CVE-2010-0112 (Multiple SQL injection vulnerabilities in the Administrative Interface ...)
-	TODO: check
+	NOT-FOR-US: Symantec IM Manager
 CVE-2010-0111
 	RESERVED
 CVE-2010-0110


