[Secure-testing-commits] r16682 - data/CVE
Federico Ceratto
federico-guest at alioth.debian.org
Tue May 17 10:11:11 UTC 2011
Author: federico-guest
Date: 2011-05-17 10:10:17 +0000 (Tue, 17 May 2011)
New Revision: 16682
Modified:
data/CVE/list
Log:
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2011-05-17 09:25:48 UTC (rev 16681)
+++ data/CVE/list 2011-05-17 10:10:17 UTC (rev 16682)
@@ -107,7 +107,7 @@
CVE-2011-2090
RESERVED
CVE-2011-2089 (Stack-based buffer overflow in the SetActiveXGUID method in the ...)
- TODO: check
+ NOT-FOR-US: ICONICS BizViz, GENESIS32
CVE-2011-2088 (XWork 2.2.1 in Apache Struts 2.2.1, and OpenSymphony XWork in ...)
TODO: check
CVE-2011-2087 (Multiple cross-site scripting (XSS) vulnerabilities in component ...)
@@ -602,21 +602,21 @@
CVE-2011-1856
RESERVED
CVE-2011-1855 (Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x ...)
- TODO: check
+ NOT-FOR-US: HP Network Node Manager
CVE-2011-1854 (Use-after-free vulnerability in HP Intelligent Management Center (IMC) ...)
- TODO: check
+ NOT-FOR-US: HP Intelligent Management Center
CVE-2011-1853 (tftpserver.exe in HP Intelligent Management Center (IMC) 5.0 before ...)
- TODO: check
+ NOT-FOR-US: HP Intelligent Management Center
CVE-2011-1852 (Multiple stack-based buffer overflows in tftpserver.exe in HP ...)
- TODO: check
+ NOT-FOR-US: HP Intelligent Management Center
CVE-2011-1851 (Stack-based buffer overflow in tftpserver.exe in HP Intelligent ...)
- TODO: check
+ NOT-FOR-US: HP Intelligent Management Center
CVE-2011-1850 (Stack-based buffer overflow in the logging functionality in dbman.exe ...)
- TODO: check
+ NOT-FOR-US: HP Intelligent Management Center
CVE-2011-1849 (tftpserver.exe in HP Intelligent Management Center (IMC) 5.0 before ...)
- TODO: check
+ NOT-FOR-US: HP Intelligent Management Center
CVE-2011-1848 (Stack-based buffer overflow in img.exe in HP Intelligent Management ...)
- TODO: check
+ NOT-FOR-US: HP Intelligent Management Center
CVE-2011-1847 (IBM DB2 9.5 before FP7 and 9.7 before FP4 on Linux, UNIX, and Windows ...)
NOT-FOR-US: IBM DB2 9.5
CVE-2011-1846 (IBM DB2 9.5 before FP7 and 9.7 before FP4 on Linux, UNIX, and Windows ...)
@@ -632,7 +632,7 @@
CVE-2011-1841 (Cross-site scripting (XSS) vulnerability in the link_to helper in ...)
- libmojolicious-perl 1.12-1
CVE-2011-1840 (The MartiniCreations PassmanLite Password Manager application before ...)
- TODO: check
+ NOT-FOR-US: MartiniCreations PassmanLite Password Manager for Android
CVE-2011-1839 (IBM Rational Build Forge 7.1.0 uses the HTTP GET method during ...)
NOT-FOR-US: IBM Rational Build Forge 7.1.0
CVE-2011-1838
@@ -923,29 +923,29 @@
CVE-2011-1739 (The makemask function in mountd.c in mountd in FreeBSD 7.4 through 8.2 ...)
TODO: check
CVE-2011-1738 (HP Palm webOS 1.4.5 and 1.4.5.1 does not properly restrict Plug-in ...)
- TODO: check
+ NOT-FOR-US: HP Palm webOS
CVE-2011-1737 (Multiple cross-site scripting (XSS) vulnerabilities in the Email ...)
- TODO: check
+ NOT-FOR-US: HP Palm webOS
CVE-2011-1736 (Directory traversal vulnerability in OmniInet.exe in the Backup Client ...)
- TODO: check
+ NOT-FOR-US: HP OpenView Storage Data Protector
CVE-2011-1735 (Stack-based buffer overflow in OmniInet.exe in the Backup Client ...)
- TODO: check
+ NOT-FOR-US: HP OpenView Storage Data Protector
CVE-2011-1734 (Stack-based buffer overflow in OmniInet.exe in the Backup Client ...)
- TODO: check
+ NOT-FOR-US: HP OpenView Storage Data Protector
CVE-2011-1733 (Stack-based buffer overflow in OmniInet.exe in the Backup Client ...)
- TODO: check
+ NOT-FOR-US: HP OpenView Storage Data Protector
CVE-2011-1732 (Stack-based buffer overflow in OmniInet.exe in the Backup Client ...)
- TODO: check
+ NOT-FOR-US: HP OpenView Storage Data Protector
CVE-2011-1731 (Stack-based buffer overflow in OmniInet.exe in the Backup Client ...)
- TODO: check
+ NOT-FOR-US: HP OpenView Storage Data Protector
CVE-2011-1730 (Stack-based buffer overflow in OmniInet.exe in the Backup Client ...)
- TODO: check
+ NOT-FOR-US: HP OpenView Storage Data Protector
CVE-2011-1729 (Stack-based buffer overflow in OmniInet.exe in the Backup Client ...)
- TODO: check
+ NOT-FOR-US: HP OpenView Storage Data Protector
CVE-2011-1728 (Stack-based buffer overflow in OmniInet.exe in the Backup Client ...)
- TODO: check
+ NOT-FOR-US: HP OpenView Storage Data Protector
CVE-2011-1727 (Cross-site scripting (XSS) vulnerability in HP SiteScope 9.54, 10.13, ...)
- TODO: check
+ NOT-FOR-US: HP SiteScope
CVE-2011-1726 (Cross-site scripting (XSS) vulnerability in HP SiteScope 9.54, 10.13, ...)
NOT-FOR-US: HP SiteScope
CVE-2011-1725 (Unspecified vulnerability in HP Network Automation 7.2x, 7.5x, 7.6x, ...)
@@ -1215,7 +1215,7 @@
CVE-2011-1611
RESERVED
CVE-2011-1610 (Multiple SQL injection vulnerabilities in xmldirectorylist.jsp in the ...)
- TODO: check
+ NOT-FOR-US: Cisco Unified Communications Manager
CVE-2011-1609 (SQL injection vulnerability in Cisco Unified Communications Manager ...)
NOT-FOR-US: Cisco Unified Communications Manager
CVE-2011-1608
@@ -1386,7 +1386,7 @@
- glibc <removed> (unimportant)
NOTE: Obscure attack
CVE-2011-1547 (Multiple stack consumption vulnerabilities in the kernel in NetBSD ...)
- TODO: check
+ NOT-FOR-US: NetBSD
CVE-2011-1546 (Multiple SQL injection vulnerabilities in Andy's PHP Knowledgebase ...)
NOT-FOR-US: Aphpkb
CVE-2011-1545 (Cross-site request forgery (CSRF) vulnerability in HP Insight Control ...)
@@ -1812,7 +1812,7 @@
CVE-2011-1424
RESERVED
CVE-2011-1423 (Cross-site scripting (XSS) vulnerability in RSA Data Loss Prevention ...)
- TODO: check
+ NOT-FOR-US: RSA Data Loss Prevention Enterprise Manager
CVE-2011-1422 (Cross-site scripting (XSS) vulnerability in an unspecified Shockwave ...)
NOT-FOR-US: EMC RSA Adaptive Authentication On-Premise
CVE-2011-1421 (EMC NetWorker 7.5.x before 7.5.4.3 and 7.6.x before 7.6.1.5, when the ...)
@@ -2017,13 +2017,13 @@
CVE-2011-1327
RESERVED
CVE-2011-1326 (Unspecified vulnerability on the La Fonera+ router with firmware ...)
- TODO: check
+ NOT-FOR-US: La Fonera+ router
CVE-2011-1325 (Cross-site request forgery (CSRF) vulnerability in EC-CUBE before ...)
TODO: check
CVE-2011-1324 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
TODO: check
CVE-2011-1323 (Yamaha RTX, RT, SRT, RTV, RTW, and RTA series routers with firmware ...)
- TODO: check
+ NOT-FOR-US: Yamaha RTX, RT, SRT, RTV, RTW, and RTA series routers
CVE-2011-1322 (The SOAP with Attachments API for Java (SAAJ) implementation in the ...)
NOT-FOR-US: WebSphere
CVE-2011-1321 (The AuthCache purge implementation in the Security component in IBM ...)
@@ -2154,11 +2154,11 @@
CVE-2011-1272
RESERVED
CVE-2011-1271 (The JIT compiler in Microsoft .NET Framework before 4 beta 2, when ...)
- TODO: check
+ NOT-FOR-US: Microsoft .NET Framework
CVE-2011-1270 (Buffer overflow in Microsoft PowerPoint 2002 SP3 and 2003 SP3 allows ...)
- TODO: check
+ NOT-FOR-US: Microsoft PowerPoint 2002 SP3 and 2003 SP3
CVE-2011-1269 (Microsoft PowerPoint 2002 SP3, 2003 SP3, and 2007 SP2; Office 2004 and ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2011-1268
RESERVED
CVE-2011-1267
@@ -2200,7 +2200,7 @@
CVE-2011-1249
RESERVED
CVE-2011-1248 (WINS in Microsoft Windows Server 2003 SP2 and Server 2008 Gold, SP2, ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2011-1247
RESERVED
CVE-2011-1246
@@ -2282,9 +2282,9 @@
CVE-2011-1210
RESERVED
CVE-2011-1209 (IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.39 and 7.0 ...)
- TODO: check
+ NOT-FOR-US: IBM WebSphere Application Server
CVE-2011-1208 (IBM solidDB 4.5.x before 4.5.182, 6.0.x before 6.0.1069, 6.1.x and ...)
- TODO: check
+ NOT-FOR-US: IBM solidDB
CVE-2011-1207 (The ActiveBar1 ActiveX control in the Data Dynamics ActiveBar ActiveX ...)
TODO: check
CVE-2011-1206 (Stack-based buffer overflow in the server process in ibmslapd.exe in ...)
@@ -3732,7 +3732,7 @@
CVE-2011-0757 (IBM DB2 9.1 before FP10, 9.5 before FP6a, and 9.7 before FP2 on Linux, ...)
NOT-FOR-US: IBM DB2
CVE-2011-0756 (The application server in Trustwave WebDefend Enterprise before 5.0 ...)
- TODO: check
+ NOT-FOR-US: Trustwave WebDefend Enterprise
CVE-2011-0755 (Integer overflow in the mt_rand function in PHP before 5.3.4 might ...)
- php5 5.3.5-1 (unimportant)
NOTE: Only exploitable with malicious script
@@ -4114,25 +4114,25 @@
CVE-2011-0628
RESERVED
CVE-2011-0627 (Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and ...)
- TODO: check
+ NOT-FOR-US: Adobe Flash Player
CVE-2011-0626 (Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and ...)
- TODO: check
+ NOT-FOR-US: Adobe Flash Player
CVE-2011-0625 (Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and ...)
- TODO: check
+ NOT-FOR-US: Adobe Flash Player
CVE-2011-0624 (Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and ...)
- TODO: check
+ NOT-FOR-US: Adobe Flash Player
CVE-2011-0623 (Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and ...)
- TODO: check
+ NOT-FOR-US: Adobe Flash Player
CVE-2011-0622 (Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and ...)
- TODO: check
+ NOT-FOR-US: Adobe Flash Player
CVE-2011-0621 (Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and ...)
- TODO: check
+ NOT-FOR-US: Adobe Flash Player
CVE-2011-0620 (Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and ...)
- TODO: check
+ NOT-FOR-US: Adobe Flash Player
CVE-2011-0619 (Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and ...)
- TODO: check
+ NOT-FOR-US: Adobe Flash Player
CVE-2011-0618 (Integer overflow in Adobe Flash Player before 10.3.181.14 on Windows, ...)
- TODO: check
+ NOT-FOR-US: Adobe Flash Player
CVE-2011-0617
RESERVED
CVE-2011-0616
@@ -4210,7 +4210,7 @@
CVE-2011-0580 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
NOT-FOR-US: Adobe ColdFusion
CVE-2011-0579 (Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and ...)
- TODO: check
+ NOT-FOR-US: Adobe Flash Player
CVE-2011-0578 (Adobe Flash Player before 10.2.152.26 allows attackers to execute ...)
NOT-FOR-US: Adobe Flash Player
CVE-2011-0577 (Unspecified vulnerability in Adobe Flash Player before 10.2.152.26 ...)
More information about the Secure-testing-commits
mailing list