[Secure-testing-commits] r16121 - data/CVE
Federico Ceratto
federico-guest at alioth.debian.org
Sun Feb 13 12:35:05 UTC 2011
Author: federico-guest
Date: 2011-02-13 12:35:04 +0000 (Sun, 13 Feb 2011)
New Revision: 16121
Modified:
data/CVE/list
Log:
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2011-02-13 02:38:16 UTC (rev 16120)
+++ data/CVE/list 2011-02-13 12:35:04 UTC (rev 16121)
@@ -20,17 +20,17 @@
CVE-2011-0981 (Google Chrome before 9.0.597.94 does not properly perform event ...)
TODO: check
CVE-2011-0980 (Microsoft Office Excel 2003 does not properly parse Office Art ...)
- TODO: check
+ NOT-FOR-US: Microsoft Office Excel 2003
CVE-2011-0979 (Microsoft Office Excel does not properly handle errors during the ...)
- TODO: check
+ NOT-FOR-US: Microsoft Office Excel
CVE-2011-0978 (Stack-based buffer overflow in Microsoft Office Excel allows remote ...)
- TODO: check
+ NOT-FOR-US: Microsoft Office Excel
CVE-2011-0977 (Use-after-free vulnerability in Microsoft Excel 2007 allows remote ...)
- TODO: check
+ NOT-FOR-US: Microsoft Office Excel
CVE-2011-0976 (Microsoft Office PowerPoint 2007 does not properly handle Office Art ...)
- TODO: check
+ NOT-FOR-US: Microsoft Office
CVE-2011-0975 (Stack-based buffer overflow in BMC PATROL Agent Service Daemon for in ...)
- TODO: check
+ NOT-FOR-US: BMC PATROL
CVE-2011-0974
RESERVED
CVE-2011-0973
@@ -174,9 +174,9 @@
CVE-2011-0904
RESERVED
CVE-2011-0903 (Multiple directory traversal vulnerabilities in AR Web Content Manager ...)
- TODO: check
+ NOT-FOR-US: AR Web Content Manager
CVE-2011-0902 (Multiple untrusted search path vulnerabilities in the Java Service in ...)
- TODO: check
+ NOT-FOR-US: SunOS
CVE-2011-0901 (Multiple stack-based buffer overflows in the tsc_launch_remote ...)
- tsclient <unfixed>
TODO: check
@@ -208,11 +208,11 @@
CVE-2011-0888
RESERVED
CVE-2011-0887 (The web management portal on the SMC SMCD3G-CCR (aka Comcast Business ...)
- TODO: check
+ NOT-FOR-US: SMC SMCD3G-CCR
CVE-2011-0886 (Multiple cross-site request forgery (CSRF) vulnerabilities in the web ...)
- TODO: check
+ NOT-FOR-US: SMC SMCD3G-CCR
CVE-2011-0885 (A certain Comcast Business Gateway configuration of the SMC SMCD3G-CCR ...)
- TODO: check
+ NOT-FOR-US: SMC SMCD3G-CCR
CVE-2011-0884
RESERVED
CVE-2011-0883
@@ -534,7 +534,7 @@
- smarty <unfixed>
TODO: check
CVE-2011-0758 (The CA ETrust Secure Content Manager Common Services Transport ...)
- TODO: check
+ NOT-FOR-US: CA ETrust
CVE-2011-0757 (IBM DB2 9.1 before FP10, 9.5 before FP6a, and 9.7 before FP2 on Linux, ...)
NOT-FOR-US: IBM DB2
CVE-2011-0756
@@ -798,7 +798,7 @@
CVE-2011-0648
RESERVED
CVE-2011-0647 (The irccd.exe service in EMC Replication Manager Client before 5.3 and ...)
- TODO: check
+ NOT-FOR-US: EMC
CVE-2011-0646 (SQL injection vulnerability in viewfaqs.php in PHP LOW BIDS allows ...)
NOT-FOR-US: PHPLOWBIDS
CVE-2011-0645 (SQL injection vulnerability in data.php in PHPCMS 2008 V2 allows ...)
@@ -956,7 +956,7 @@
CVE-2011-0583 (Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 8.0 ...)
NOT-FOR-US: Adobe ColdFusion
CVE-2011-0582 (Unspecified vulnerability in the administrator console in Adobe ...)
- TODO: check
+ NOT-FOR-US: ColdFusion
CVE-2011-0581 (Multiple CRLF injection vulnerabilities in Adobe ColdFusion 8.0 ...)
NOT-FOR-US: Adobe ColdFusion
CVE-2011-0580 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
@@ -1287,7 +1287,7 @@
CVE-2011-0452
RESERVED
CVE-2011-0451 (Multiple cross-site scripting (XSS) vulnerabilities in (1) ...)
- TODO: check
+ NOT-FOR-US: EC-CUBE
CVE-2011-0450 (The downloads manager in Opera before 11.01 on Windows does not ...)
NOT-FOR-US: Opera
CVE-2011-0449
@@ -1509,7 +1509,7 @@
CVE-2011-0355
RESERVED
CVE-2011-0354 (The default configuration of Cisco Tandberg C Series Endpoints, and ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2011-0353
RESERVED
CVE-2011-0352 (Buffer overflow in the web-based management interface on the Cisco ...)
@@ -1567,9 +1567,9 @@
CVE-2011-0325
RESERVED
CVE-2011-0324 (Multiple heap-based buffer overflows in Topaz Systems SigPlus Pro ...)
- TODO: check
+ NOT-FOR-US: Topaz Systems SigPlus
CVE-2011-0323 (Topaz Systems SigPlus Pro ActiveX Control 3.95, and possibly other ...)
- TODO: check
+ NOT-FOR-US: Topaz Systems SigPlus
CVE-2011-0322
RESERVED
CVE-2011-0321 (librpc.dll in nsrexecd in EMC NetWorker before 7.5 SP4, 7.5.3.x before ...)
@@ -1916,7 +1916,7 @@
CVE-2011-0278
RESERVED
CVE-2011-0277 (Cross-site request forgery (CSRF) vulnerability in HP Power Manager ...)
- TODO: check
+ NOT-FOR-US: HP Power Manager
CVE-2011-0276 (HP OpenView Performance Insight Server 5.2, 5.3, 5.31, 5.4, and 5.41 ...)
NOT-FOR-US: HP OpenView Performance Insight Server
CVE-2011-0275 (Unspecified vulnerability in HP OpenView Storage Data Protector 6.0, ...)
@@ -2308,21 +2308,21 @@
CVE-2011-0094
RESERVED
CVE-2011-0093 (ELEMENTS.DLL in Microsoft Visio 2002 SP2, 2003 SP3, and 2007 SP2 does ...)
- TODO: check
+ NOT-FOR-US: Microsoft Visio
CVE-2011-0092 (ORMELEMS.DLL in Microsoft Visio 2002 SP2, 2003 SP3, and 2007 SP2 does ...)
- TODO: check
+ NOT-FOR-US: Microsoft Visio
CVE-2011-0091 (Kerberos in Microsoft Windows Server 2008 R2 and Windows 7 does not ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2011-0090 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2011-0089 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2011-0088 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2011-0087 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2011-0086 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2011-0085
RESERVED
CVE-2011-0084
@@ -2546,37 +2546,37 @@
- typo3-src 4.3.9+dfsg1-1 (bug #607286)
NOTE: CVE ID requested
CVE-2011-0045 (The kernel in Microsoft Windows XP SP3 performs memory allocation ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2011-0044
RESERVED
CVE-2011-0043 (Kerberos in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2011-0042
RESERVED
CVE-2011-0041
RESERVED
CVE-2011-0040 (The server in Microsoft Active Directory on Windows Server 2003 SP2 ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2011-0039 (The Local Security Authority Subsystem Service (LSASS) in Microsoft ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2011-0038 (Untrusted search path vulnerability in Microsoft Internet Explorer 8 ...)
- TODO: check
+ NOT-FOR-US: Microsoft Internet Explorer
CVE-2011-0037
RESERVED
CVE-2011-0036 (Microsoft Internet Explorer 6, 7, and 8 does not properly handle ...)
- TODO: check
+ NOT-FOR-US: Microsoft Internet Explorer
CVE-2011-0035 (Microsoft Internet Explorer 6, 7, and 8 does not properly handle ...)
- TODO: check
+ NOT-FOR-US: Microsoft Internet Explorer
CVE-2011-0034
RESERVED
CVE-2011-0033 (The OpenType Compact Font Format (CFF) driver in Microsoft Windows XP ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2011-0032
RESERVED
CVE-2011-0031 (The (1) JScript 5.8 and (2) VBScript 5.8 scripting engines in ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2011-0030 (The Client/Server Run-time Subsystem (CSRSS) in Microsoft Windows XP ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2011-0029
RESERVED
CVE-2011-0028
@@ -3278,9 +3278,9 @@
CVE-2010-4308
RESERVED
CVE-2010-4307 (Buffer overflow in Adobe Shockwave Player before 11.5.9.620 allows ...)
- TODO: check
+ NOT-FOR-US: Adobe Shockwave Player
CVE-2010-4306 (Adobe Shockwave Player before 11.5.9.620 allows attackers to execute ...)
- TODO: check
+ NOT-FOR-US: Adobe Shockwave Player
CVE-2010-4305 (Cisco Unified Videoconferencing (UVC) System 3545, 5110, 5115, and ...)
NOT-FOR-US: Cisco Unified Videoconferencing
CVE-2010-4304 (The web interface in Cisco Unified Videoconferencing (UVC) System ...)
@@ -3594,25 +3594,25 @@
- chromium-browser 6.0.472.63~r59945-2
NOTE: http://trac.webkit.org/changeset/70594
CVE-2010-4196 (The Shockwave 3d Asset module in Adobe Shockwave Player before ...)
- TODO: check
+ NOT-FOR-US: Adobe Shockwave Player
CVE-2010-4195 (The TextXtra module in Adobe Shockwave Player before 11.5.9.620 does ...)
- TODO: check
+ NOT-FOR-US: Adobe Shockwave Player
CVE-2010-4194 (The dirapi.dll module in Adobe Shockwave Player before 11.5.9.620 does ...)
- TODO: check
+ NOT-FOR-US: Adobe Shockwave Player
CVE-2010-4193 (Adobe Shockwave Player before 11.5.9.620 does not properly validate ...)
- TODO: check
+ NOT-FOR-US: Adobe Shockwave Player
CVE-2010-4192 (Adobe Shockwave Player before 11.5.9.620 allows attackers to execute ...)
- TODO: check
+ NOT-FOR-US: Adobe Shockwave Player
CVE-2010-4191 (Adobe Shockwave Player before 11.5.9.620 allows attackers to execute ...)
- TODO: check
+ NOT-FOR-US: Adobe Shockwave Player
CVE-2010-4190 (Adobe Shockwave Player before 11.5.9.620 allows attackers to execute ...)
- TODO: check
+ NOT-FOR-US: Adobe Shockwave Player
CVE-2010-4189 (The IML32 module in Adobe Shockwave Player before 11.5.9.620 allows ...)
- TODO: check
+ NOT-FOR-US: Adobe Shockwave Player
CVE-2010-4188 (The dirapi.dll module in Adobe Shockwave Player before 11.5.9.620 ...)
- TODO: check
+ NOT-FOR-US: Adobe Shockwave Player
CVE-2010-4187 (Adobe Shockwave Player before 11.5.9.620 allows attackers to execute ...)
- TODO: check
+ NOT-FOR-US: Adobe Shockwave Player
CVE-2010-4186 (SQL injection vulnerability in process.asp in OnlineTechTools Online ...)
NOT-FOR-US: OnlineTechTools
CVE-2010-4185 (SQL injection vulnerability in index.php in Energine, possibly 2.3.8 ...)
@@ -3831,7 +3831,7 @@
CVE-2010-4094 (The Tomcat server in IBM Rational Quality Manager and Rational Test ...)
NOT-FOR-US: IBM Rational Quality Manager
CVE-2010-4093 (Adobe Shockwave Player before 11.5.9.620 allows attackers to execute ...)
- TODO: check
+ NOT-FOR-US: Adobe Shockwave Player
CVE-2010-4092 (Use-after-free vulnerability in an unspecified compatibility component ...)
NOT-FOR-US: Adobe Shockwave Player
CVE-2010-4091 (The EScript.api plugin in Adobe Reader and Acrobat 10.x before 10.0.1, ...)
@@ -7972,11 +7972,11 @@
CVE-2010-2590 (Heap-based buffer overflow in the ...)
NOT-FOR-US: ActiveX
CVE-2010-2589 (Integer overflow in the dirapi.dll module in Adobe Shockwave Player ...)
- TODO: check
+ NOT-FOR-US: Adobe Shockwave Player
CVE-2010-2588 (The dirapi.dll module in Adobe Shockwave Player before 11.5.9.620 ...)
- TODO: check
+ NOT-FOR-US: Adobe Shockwave Player
CVE-2010-2587 (The dirapi.dll module in Adobe Shockwave Player before 11.5.9.620 ...)
- TODO: check
+ NOT-FOR-US: Adobe Shockwave Player
CVE-2010-2586 (Multiple integer overflows in in_nsv.dll in the in_nsv plugin in ...)
NOT-FOR-US: Winamp
CVE-2010-2585 (Multiple buffer overflows in the RealPage Module Upload ActiveX ...)
More information about the Secure-testing-commits
mailing list