[Secure-testing-commits] r17095 - data/CVE
Federico Ceratto
federico-guest at alioth.debian.org
Thu Aug 18 12:51:16 UTC 2011
Author: federico-guest
Date: 2011-08-18 12:51:15 +0000 (Thu, 18 Aug 2011)
New Revision: 17095
Modified:
data/CVE/list
Log:
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2011-08-17 21:14:18 UTC (rev 17094)
+++ data/CVE/list 2011-08-18 12:51:15 UTC (rev 17095)
@@ -49,15 +49,15 @@
CVE-2011-3145
RESERVED
CVE-2011-3144 (Cross-site scripting (XSS) vulnerability in Control Microsystems ...)
- TODO: check
+ NOT-FOR-US: Control Microsystems ClearSCADA
CVE-2011-3143 (Use-after-free vulnerability in Control Microsystems ClearSCADA 2005, ...)
- TODO: check
+ NOT-FOR-US: Control Microsystems ClearSCADA
CVE-2011-3142 (Stack-based buffer overflow in an ActiveX control in KVWebSvr.dll in ...)
- TODO: check
+ NOT-FOR-US: WellinTech KingView
CVE-2011-3141 (Buffer overflow in the InBatch BatchField ActiveX control for Invensys ...)
- TODO: check
+ NOT-FOR-US: Wonderware InBatch
CVE-2011-3140 (IBM Web Application Firewall, as used on the G400 IPS-G400-IB-1 and ...)
- TODO: check
+ NOT-FOR-US: IBM Web Application Firewall
CVE-2011-3139
RESERVED
CVE-2011-3138 (The LTPA STS module support implementation in IBM Tivoli Federated ...)
@@ -328,7 +328,7 @@
[squeeze] - openarena <no-dsa> (Minor issue, will be fixed in point update)
- ioquake3 1.36+svn1946-4
CVE-2011-3011 (BaseServiceImpl.class in CA ARCserve D2D r15 does not properly handle ...)
- TODO: check
+ NOT-FOR-US: CA ARCserve D2D
CVE-2011-3010
RESERVED
CVE-2011-3009 (Ruby before 1.8.6-p114 does not reset the random seed upon forking, ...)
@@ -1818,21 +1818,21 @@
CVE-2011-2425 (Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and ...)
NOT-FOR-US: Adobe Flash Player
CVE-2011-2424 (Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and ...)
- TODO: check
+ NOT-FOR-US: Adobe Flash Player
CVE-2011-2423 (msvcr90.dll in Adobe Shockwave Player before 11.6.1.629 allows remote ...)
- TODO: check
+ NOT-FOR-US: Adobe Shockwave Player
CVE-2011-2422 (Textra.x32 in Adobe Shockwave Player before 11.6.1.629 allows remote ...)
- TODO: check
+ NOT-FOR-US: Adobe Shockwave Player
CVE-2011-2421 (Dirapi.dll in Adobe Shockwave Player before 11.6.1.629 allows ...)
- TODO: check
+ NOT-FOR-US: Adobe Shockwave Player
CVE-2011-2420 (Adobe Shockwave Player before 11.6.1.629 allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: Adobe Shockwave Player
CVE-2011-2419 (IML32.dll in Adobe Shockwave Player before 11.6.1.629 allows remote ...)
- TODO: check
+ NOT-FOR-US: Adobe Shockwave Player
CVE-2011-2418
RESERVED
CVE-2011-2417 (Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and ...)
- TODO: check
+ NOT-FOR-US: Adobe Flash Player
CVE-2011-2416 (Integer overflow in Adobe Flash Player before 10.3.183.5 on Windows, ...)
NOT-FOR-US: Adobe Flash Player
CVE-2011-2415 (Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, ...)
@@ -1848,27 +1848,27 @@
CVE-2011-2410
RESERVED
CVE-2011-2409 (Cross-site scripting (XSS) vulnerability in the Calendar application ...)
- TODO: check
+ NOT-FOR-US: HP Palm webOS 3.x
CVE-2011-2408 (Cross-site scripting (XSS) vulnerability in the Contacts application ...)
- TODO: check
+ NOT-FOR-US: HP Palm webOS 3.x
CVE-2011-2407 (Unspecified vulnerability in HP OpenView Performance Insight 5.3, ...)
- TODO: check
+ NOT-FOR-US: HP OpenView Performance Insight
CVE-2011-2406 (Cross-site scripting (XSS) vulnerability in HP OpenView Performance ...)
- TODO: check
+ NOT-FOR-US: HP OpenView Performance Insight
CVE-2011-2405 (The HP ProLiant SL Advanced Power Manager (SL-APM) with firmware ...)
- TODO: check
+ NOT-FOR-US: HP ProLiant SL Advanced Power Manager
CVE-2011-2404 (The HPTicketMgr.dll ActiveX control in HP Easy Printer Care Software ...)
- TODO: check
+ NOT-FOR-US: HP Easy Printer Care Software
CVE-2011-2403 (SQL injection vulnerability in HP Network Automation 7.2x, 7.5x, 7.6x, ...)
- TODO: check
+ NOT-FOR-US: HP Network Automation
CVE-2011-2402 (Cross-site scripting (XSS) vulnerability in HP Network Automation ...)
- TODO: check
+ NOT-FOR-US: HP Network Automation
CVE-2011-2401 (Session fixation vulnerability in HP SiteScope 9.x, 10.x, and 11.x ...)
NOT-FOR-US: HP SiteScope
CVE-2011-2400 (Cross-site scripting (XSS) vulnerability in HP SiteScope 9.x, 10.x, ...)
NOT-FOR-US: HP SiteScope
CVE-2011-2399 (Unspecified vulnerability in the Media Management Daemon (mmd) in HP ...)
- TODO: check
+ NOT-FOR-US: HP Data Protector
CVE-2011-2398 (Unspecified vulnerability in the dynamic loader in HP HP-UX B.11.11, ...)
NOT-FOR-US: HP-UX
CVE-2011-2397
@@ -2663,11 +2663,11 @@
CVE-2011-2134 (Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, ...)
NOT-FOR-US: Adobe Flash Player
CVE-2011-2133 (Cross-site scripting (XSS) vulnerability in Adobe RoboHelp 8 and 9 ...)
- TODO: check
+ NOT-FOR-US: Adobe RoboHelp
CVE-2011-2132 (Adobe Flash Media Server (FMS) before 3.5.7, and 4.x before 4.0.3, ...)
- TODO: check
+ NOT-FOR-US: Adobe Flash Media Server
CVE-2011-2131 (Adobe Photoshop 12.0 in Creative Suite 5 (CS5) and 12.1 in Creative ...)
- TODO: check
+ NOT-FOR-US: Adobe Photoshop
CVE-2011-2130 (Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, ...)
NOT-FOR-US: Adobe Flash Player
CVE-2011-2129
@@ -2974,45 +2974,45 @@
CVE-2011-1980
RESERVED
CVE-2011-1979 (Microsoft Visio 2003 SP3 and 2007 SP2 does not properly validate ...)
- TODO: check
+ NOT-FOR-US: Microsoft Visio
CVE-2011-1978 (Microsoft .NET Framework 2.0 SP2, 3.5.1, and 4 does not properly ...)
TODO: check
CVE-2011-1977 (The ASP.NET Chart controls in Microsoft .NET Framework 4, and Chart ...)
TODO: check
CVE-2011-1976 (Cross-site scripting (XSS) vulnerability in the Report Viewer Control ...)
- TODO: check
+ NOT-FOR-US: Microsoft Visual Studio
CVE-2011-1975 (Untrusted search path vulnerability in the Data Access Tracing ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2011-1974 (NDISTAPI.sys in the NDISTAPI driver in Remote Access Service (RAS) in ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2011-1973
RESERVED
CVE-2011-1972 (Microsoft Visio 2003 SP3, 2007 SP2, and 2010 Gold and SP1 does not ...)
- TODO: check
+ NOT-FOR-US: Microsoft Visio
CVE-2011-1971 (The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2, ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2011-1970 (The DNS server in Microsoft Windows Server 2003 SP2 and Windows Server ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2011-1969
RESERVED
CVE-2011-1968 (The Remote Desktop Protocol (RDP) implementation in Microsoft Windows ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2011-1967 (Winsrv.dll in the Client/Server Run-time Subsystem (aka CSRSS) in the ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2011-1966 (The DNS server in Microsoft Windows Server 2008 SP2, R2, and R2 SP1 ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2011-1965 (Tcpip.sys in the TCP/IP stack in Microsoft Windows 7 Gold and SP1 and ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2011-1964 (Microsoft Internet Explorer 6 through 9 does not properly handle ...)
- TODO: check
+ NOT-FOR-US: Microsoft Internet Explorer
CVE-2011-1963 (Microsoft Internet Explorer 7 through 9 does not properly handle ...)
- TODO: check
+ NOT-FOR-US: Microsoft Internet Explorer
CVE-2011-1962 (Microsoft Internet Explorer 6 through 9 does not properly handle ...)
- TODO: check
+ NOT-FOR-US: Microsoft Internet Explorer
CVE-2011-1961 (The telnet URI handler in Microsoft Internet Explorer 6 through 9 does ...)
- TODO: check
+ NOT-FOR-US: Microsoft Internet Explorer
CVE-2011-1960 (Microsoft Internet Explorer 6 through 9 does not properly implement ...)
- TODO: check
+ NOT-FOR-US: Microsoft Internet Explorer
CVE-2011-1959 (The snoop_read function in wiretap/snoop.c in Wireshark 1.2.x before ...)
{DSA-2274-1}
- wireshark 1.6.0-1 (unimportant; bug #630159)
@@ -3248,7 +3248,7 @@
CVE-2011-1872 (Hyper-V in Microsoft Windows Server 2008 Gold, SP2, R2, and R2 SP1 ...)
NOT-FOR-US: Microsoft Windows
CVE-2011-1871 (Tcpip.sys in the TCP/IP stack in Microsoft Windows Vista SP2, Windows ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows Vista
CVE-2011-1870 (Integer overflow in the Client/Server Run-time Subsystem (aka CSRSS) ...)
NOT-FOR-US: MS Windows
CVE-2011-1869 (The Distributed File System (DFS) implementation in Microsoft Windows ...)
@@ -5039,7 +5039,7 @@
CVE-2011-1264 (Cross-site scripting (XSS) vulnerability in Active Directory ...)
NOT-FOR-US: Microsoft Windows
CVE-2011-1263 (Cross-site scripting (XSS) vulnerability in the logon page in Remote ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2011-1262 (Microsoft Internet Explorer 7 through 9 does not properly handle ...)
NOT-FOR-US: Microsoft Internet Explorer
CVE-2011-1261 (Microsoft Internet Explorer 6 through 9 does not properly handle ...)
@@ -5051,7 +5051,7 @@
CVE-2011-1258 (Microsoft Internet Explorer 6 through 8 does not properly restrict web ...)
NOT-FOR-US: Microsoft Internet Explorer
CVE-2011-1257 (Race condition in Microsoft Internet Explorer 6 through 8 allows ...)
- TODO: check
+ NOT-FOR-US: Microsoft Internet Explorer
CVE-2011-1256 (Microsoft Internet Explorer 6 through 8 does not properly handle ...)
NOT-FOR-US: Microsoft Internet Explorer
CVE-2011-1255 (The Timed Interactive Multimedia Extensions (aka HTML+TIME) ...)
@@ -8217,21 +8217,21 @@
- chromium-browser <undetermined>
- webkit <undetermined>
CVE-2011-0252 (Heap-based buffer overflow in Apple QuickTime before 7.7 allows remote ...)
- TODO: check
+ NOT-FOR-US: Apple QuickTime
CVE-2011-0251 (Heap-based buffer overflow in Apple QuickTime before 7.7 allows remote ...)
- TODO: check
+ NOT-FOR-US: Apple QuickTime
CVE-2011-0250 (Heap-based buffer overflow in Apple QuickTime before 7.7 allows remote ...)
- TODO: check
+ NOT-FOR-US: Apple QuickTime
CVE-2011-0249 (Heap-based buffer overflow in Apple QuickTime before 7.7 allows remote ...)
- TODO: check
+ NOT-FOR-US: Apple QuickTime
CVE-2011-0248 (Stack-based buffer overflow in the QuickTime ActiveX control in Apple ...)
- TODO: check
+ NOT-FOR-US: Apple QuickTime
CVE-2011-0247 (Multiple stack-based buffer overflows in Apple QuickTime before 7.7 on ...)
- TODO: check
+ NOT-FOR-US: Apple QuickTime
CVE-2011-0246 (Heap-based buffer overflow in Apple QuickTime before 7.7 on Windows ...)
- TODO: check
+ NOT-FOR-US: Apple QuickTime
CVE-2011-0245 (Buffer overflow in Apple QuickTime before 7.7 allows remote attackers ...)
- TODO: check
+ NOT-FOR-US: Apple QuickTime
CVE-2011-0244 (WebKit in Apple Safari before 5.0.6 allows user-assisted remote ...)
- chromium-browser <undetermined>
- webkit <undetermined>
@@ -9857,9 +9857,9 @@
CVE-2010-4310
RESERVED
CVE-2010-4309 (Adobe Shockwave Player before 11.6.1.629 allows attackers to execute ...)
- TODO: check
+ NOT-FOR-US: Adobe Shockwave Player
CVE-2010-4308 (Adobe Shockwave Player before 11.6.1.629 allows attackers to execute ...)
- TODO: check
+ NOT-FOR-US: Adobe Shockwave Player
CVE-2010-4307 (Buffer overflow in Adobe Shockwave Player before 11.5.9.620 allows ...)
NOT-FOR-US: Adobe Shockwave Player
CVE-2010-4306 (Adobe Shockwave Player before 11.5.9.620 allows attackers to execute ...)
More information about the Secure-testing-commits
mailing list