[Secure-testing-commits] r17255 - data/CVE

Federico Ceratto federico-guest at alioth.debian.org
Sat Sep 17 16:34:41 UTC 2011


Author: federico-guest
Date: 2011-09-17 16:34:40 +0000 (Sat, 17 Sep 2011)
New Revision: 17255

Modified:
   data/CVE/list
Log:
NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2011-09-17 11:26:50 UTC (rev 17254)
+++ data/CVE/list	2011-09-17 16:34:40 UTC (rev 17255)
@@ -172,7 +172,7 @@
 	[lenny] - wireshark <not-affected> (Affects only 1.6.0 and 1.6.1)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2011-12.html
 CVE-2011-3422 (The Keychain implementation in Apple Mac OS X 10.6.8 and earlier does ...)
-	TODO: check
+	NOT-FOR-US: Apple Mac OS X
 CVE-2011-3421 (Multiple unspecified vulnerabilities in Google Chrome before ...)
 	- chromium-browser <unfixed>
 	- webkit <undetermined>
@@ -230,9 +230,9 @@
 CVE-2011-3395
 	RESERVED
 CVE-2011-3394 (SQL injection vulnerability in findagent.php in MYRE Real Estate ...)
-	TODO: check
+	NOT-FOR-US: MYRE Real Estate
 CVE-2011-3393 (Multiple cross-site scripting (XSS) vulnerabilities in findagent.php ...)
-	TODO: check
+	NOT-FOR-US: MYRE Real Estate
 CVE-2009-5095 (PHP remote file inclusion vulnerability in index_inc.php in ea gBook ...)
 	TODO: check
 CVE-2009-5094 (SQL injection vulnerability in info.php in CMS Faethon 2.2.0 Ultimate ...)
@@ -246,11 +246,11 @@
 CVE-2009-5090 (SQL injection vulnerability in editcomments.php in Bloggeruniverse ...)
 	TODO: check
 CVE-2009-5089 (Directory traversal vulnerability in index.php in IdeaCart 0.02 and ...)
-	TODO: check
+	NOT-FOR-US: IdeaCart
 CVE-2009-5088 (SQL injection vulnerability in secure/index.php in IdeaCart 0.02 ...)
-	TODO: check
+	NOT-FOR-US: IdeaCart
 CVE-2009-5087 (Directory traversal vulnerability in geohttpserver in Geovision ...)
-	TODO: check
+	NOT-FOR-US: Geovision Digital Video Surveillance System
 CVE-2011-3392 (Cross-site scripting (XSS) vulnerability in control.php in the ...)
 	NOT-FOR-US: Phorum
 CVE-2011-3391 (IBM Rational Build Forge 7.1.2 relies on client-side JavaScript code ...)
@@ -402,7 +402,7 @@
 CVE-2010-4831 (Untrusted search path vulnerability in gdk/win32/gdkinput-win32.c in ...)
 	TODO: check
 CVE-2009-5086 (Cross-site scripting (XSS) vulnerability in Appliance Configuration ...)
-	TODO: check
+	NOT-FOR-US: Juniper IDP
 CVE-2011-XXXX [vsftpd namespace DoS]
 	- vsftpd 2.3.4-1 (bug #629373)
 	[squeeze] - vsftpd 2.3.2-3+squeeze3
@@ -445,9 +445,9 @@
 CVE-2011-3323
 	RESERVED
 CVE-2011-3322 (Core Server HMI Service (Coreservice.exe) in Scadatec Limited Procyon ...)
-	TODO: check
+	NOT-FOR-US: Scadatec Limited Procyon SCADA
 CVE-2011-3321 (Heap-based buffer overflow in the Siemens WinCC Runtime Advanced ...)
-	TODO: check
+	NOT-FOR-US: SIMATIC WinCC
 CVE-2011-3320
 	RESERVED
 CVE-2011-3319
@@ -909,11 +909,11 @@
 CVE-2011-XXXX [Fix decode_xs n-byte heap-overflow security bug in Unicode.xs]
 	- perl 5.12.4-4
 CVE-2011-3134 (Unspecified vulnerability in TIBCO Spotfire Server 3.0.x before 3.0.2, ...)
-	TODO: check
+	NOT-FOR-US: TIBCO Spotfire Server
 CVE-2011-3133 (Session fixation vulnerability in TIBCO Spotfire Server 3.0.x before ...)
 	TODO: check
 CVE-2011-3132 (Cross-site scripting (XSS) vulnerability in TIBCO Spotfire Server ...)
-	TODO: check
+	NOT-FOR-US: TIBCO Spotfire Server
 CVE-2011-3131
 	RESERVED
 CVE-2011-3130 (wp-includes/taxonomy.php in WordPress 3.1 before 3.1.3 and 3.2 before ...)
@@ -1957,11 +1957,11 @@
 CVE-2011-2738
 	RESERVED
 CVE-2011-2737 (RSA enVision 3.x and 4.x before 4 SP4 P3 allows remote attackers to ...)
-	TODO: check
+	NOT-FOR-US: RSA enVision
 CVE-2011-2736 (RSA enVision 4.x before 4 SP4 P3 places cleartext administrative ...)
-	TODO: check
+	NOT-FOR-US: RSA enVision
 CVE-2011-2735 (Multiple buffer overflows in EMC AutoStart 5.3.x and 5.4.x before ...)
-	TODO: check
+	NOT-FOR-US: EMC AutoStart
 CVE-2011-2734
 	RESERVED
 CVE-2011-2733 (EMC RSA Adaptive Authentication On-Premise (AAOP) 6.0.2.1 SP1 Patch 2, ...)
@@ -2156,7 +2156,7 @@
 CVE-2011-2672
 	RESERVED
 CVE-2011-2671 (Unspecified vulnerability in Megalith 12th edition through 27th ...)
-	TODO: check
+	NOT-FOR-US: Megalith
 CVE-2011-2670
 	RESERVED
 CVE-2011-2669
@@ -2343,7 +2343,7 @@
 CVE-2011-2596
 	RESERVED
 CVE-2011-2595 (Multiple stack-based buffer overflows in ACDSee FotoSlate 4.0 Build ...)
-	TODO: check
+	NOT-FOR-US: ACDSee FotoSlate
 CVE-2011-2594 (Heap-based buffer overflow in KMPlayer 3.0.0.1441, and possibly other ...)
 	TODO: check
 CVE-2011-2593
@@ -2371,7 +2371,7 @@
 CVE-2011-2582
 	RESERVED
 CVE-2011-2581 (The ACL implementation in Cisco NX-OS 5.0(2) and 5.0(3) before ...)
-	TODO: check
+	NOT-FOR-US: Cisco NX-OS
 CVE-2011-2580
 	RESERVED
 CVE-2011-2579
@@ -2405,15 +2405,15 @@
 CVE-2011-2565
 	RESERVED
 CVE-2011-2564 (Unspecified vulnerability in the Service Advertisement Framework (SAF) ...)
-	TODO: check
+	NOT-FOR-US: Cisco Unified Communications Manager
 CVE-2011-2563 (Unspecified vulnerability in the Service Advertisement Framework (SAF) ...)
-	TODO: check
+	NOT-FOR-US: Cisco Unified Communications Manager
 CVE-2011-2562 (Unspecified vulnerability in Cisco Unified Communications Manager (aka ...)
-	TODO: check
+	NOT-FOR-US: Cisco Unified Communications Manager
 CVE-2011-2561 (The SIP process in Cisco Unified Communications Manager (aka CUCM, ...)
-	TODO: check
+	NOT-FOR-US: Cisco Unified Communications Manager
 CVE-2011-2560 (The Packet Capture Service in Cisco Unified Communications Manager ...)
-	TODO: check
+	NOT-FOR-US: Cisco Unified Communications Manager
 CVE-2011-2559
 	RESERVED
 CVE-2011-2558
@@ -2423,7 +2423,7 @@
 CVE-2011-2556
 	RESERVED
 CVE-2011-2555 (Cisco TelePresence Recording Server 1.7.2.x before 1.7.2.1 has a ...)
-	TODO: check
+	NOT-FOR-US: Cisco TelePresence Recording Server
 CVE-2011-2554
 	RESERVED
 CVE-2011-2553
@@ -3893,29 +3893,29 @@
 CVE-2011-1992
 	RESERVED
 CVE-2011-1991 (Multiple untrusted search path vulnerabilities in Microsoft Windows XP ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Windows
 CVE-2011-1990 (Microsoft Excel 2007 SP2; Excel in Office 2007 SP2; Excel Viewer SP2; ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Excel
 CVE-2011-1989 (Microsoft Excel 2003 SP3 and 2007 SP2; Excel in Office 2007 SP2; Excel ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Excel
 CVE-2011-1988 (Microsoft Excel 2003 SP3 and 2007 SP2; Excel in Office 2007 SP2; ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Excel
 CVE-2011-1987 (Array index error in Microsoft Excel 2003 SP3 and 2007 SP2; Excel in ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Excel
 CVE-2011-1986 (Use-after-free vulnerability in Microsoft Excel 2003 SP3 allows remote ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Excel
 CVE-2011-1985
 	RESERVED
 CVE-2011-1984 (WINS in Microsoft Windows Server 2003 SP2 and Server 2008 SP2, R2, and ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Windows
 CVE-2011-1983
 	RESERVED
 CVE-2011-1982 (Microsoft Office 2007 SP2, and 2010 Gold and SP1, does not initialize ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Office
 CVE-2011-1981
 	RESERVED
 CVE-2011-1980 (Untrusted search path vulnerability in Microsoft Office 2003 SP3 and ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Office
 CVE-2011-1979 (Microsoft Visio 2003 SP3 and 2007 SP2 does not properly validate ...)
 	NOT-FOR-US: Microsoft Visio
 CVE-2011-1978 (Microsoft .NET Framework 2.0 SP2, 3.5.1, and 4 does not properly ...)
@@ -4151,13 +4151,13 @@
 CVE-2011-1894 (The MHTML protocol handler in Microsoft Windows XP SP2 and SP3, ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2011-1893 (Cross-site scripting (XSS) vulnerability in Microsoft Office ...)
-	TODO: check
+	NOT-FOR-US: Microsoft SharePoint
 CVE-2011-1892 (Microsoft Office Groove 2007 SP2, SharePoint Workspace 2010 Gold and ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Office
 CVE-2011-1891 (Cross-site scripting (XSS) vulnerability in Microsoft Windows ...)
-	TODO: check
+	NOT-FOR-US: Microsoft SharePoint
 CVE-2011-1890 (Cross-site scripting (XSS) vulnerability in EditForm.aspx in Microsoft ...)
-	TODO: check
+	NOT-FOR-US: Microsoft SharePoint
 CVE-2011-1889 (The NSPLookupServiceNext function in the client in Microsoft Forefront ...)
 	NOT-FOR-US: Microsoft Forefront Threat Management Gateway
 CVE-2011-1888 (win32k.sys in the kernel-mode drivers in Microsoft Windows Vista SP1 ...)
@@ -4888,7 +4888,7 @@
 CVE-2011-1644
 	RESERVED
 CVE-2011-1643 (Cisco Unified Communications Manager (aka CUCM, formerly CallManager) ...)
-	TODO: check
+	NOT-FOR-US: Cisco Unified Communications Manager
 CVE-2011-1642
 	RESERVED
 CVE-2011-1641
@@ -5768,7 +5768,7 @@
 CVE-2011-1360
 	RESERVED
 CVE-2011-1359 (Directory traversal vulnerability in the administration console in IBM ...)
-	TODO: check
+	NOT-FOR-US: IBM WebSphere
 CVE-2011-1358
 	RESERVED
 CVE-2011-1357 (Cross-site scripting (XSS) vulnerability in agentDetect.jsp in the web ...)
@@ -5803,9 +5803,9 @@
 CVE-2011-1343 (SQL injection vulnerability in the Web GUI in IBM Tivoli ...)
 	NOT-FOR-US: Tivoli
 CVE-2011-1342 (SQL injection vulnerability in Aimluck Aipo before 5.1.1, and Aipo for ...)
-	TODO: check
+	NOT-FOR-US: Aimluck Aipo
 CVE-2011-1341 (Cross-site request forgery (CSRF) vulnerability in Aimluck Aipo before ...)
-	TODO: check
+	NOT-FOR-US: Aimluck Aipo
 CVE-2011-1340 (Cross-site scripting (XSS) vulnerability in ...)
 	TODO: check
 CVE-2011-1339 (Cross-site scripting (XSS) vulnerability in Google Search Appliance ...)
@@ -7912,7 +7912,7 @@
 CVE-2011-0654 (Integer underflow in the BowserWriteErrorLogEntry function in the ...)
 	NOT-FOR-US: Windows 2003
 CVE-2011-0653 (Cross-site scripting (XSS) vulnerability in Microsoft Office ...)
-	TODO: check
+	NOT-FOR-US: Microsoft SharePoint
 CVE-2011-0652 (lnsfw1.sys 6.0.2900.5512 in Look 'n' Stop Firewall 2.06p4 and 2.07 ...)
 	NOT-FOR-US: Look 'n' Stop Firewall
 CVE-2011-0651 (Buffer overflow in the key exchange functionality in Icon Labs ...)
@@ -8161,7 +8161,7 @@
 CVE-2011-0548 (Buffer overflow in the Lotus Freelance Graphics PRZ file viewer in ...)
 	NOT-FOR-US: Lotus Freelance Graphics
 CVE-2011-0547 (Multiple integer overflows in vxsvc.exe in the Veritas Enterprise ...)
-	TODO: check
+	NOT-FOR-US: Veritas
 CVE-2011-0546 (Symantec Backup Exec 11.0, 12.0, 12.5, 13.0, and 13.0 R2 does not ...)
 	NOT-FOR-US: Symantec Backup Exec
 CVE-2011-0545 (Cross-site request forgery (CSRF) vulnerability in adduser.do in ...)
@@ -9165,7 +9165,7 @@
 CVE-2011-0259
 	RESERVED
 CVE-2011-0258 (Apple QuickTime before 7.7 on Windows allows remote attackers to ...)
-	TODO: check
+	NOT-FOR-US: Apple QuickTime
 CVE-2011-0257 (Integer signedness error in Apple QuickTime before 7.7 allows remote ...)
 	NOT-FOR-US: Apple QuickTime
 CVE-2011-0256 (Integer overflow in Apple QuickTime before 7.7 allows remote attackers ...)
@@ -9237,7 +9237,7 @@
 CVE-2011-0229
 	RESERVED
 CVE-2011-0228 (The Data Security component in Apple iOS before 4.2.10 and 4.3.x ...)
-	TODO: check
+	NOT-FOR-US: Apple iOS
 CVE-2011-0227 (The queueing primitives in IOMobileFrameBuffer in Apple iOS before ...)
 	NOT-FOR-US: Apple iOS
 CVE-2011-0226 (Integer signedness error in psaux/t1decode.c in FreeType before 2.4.6, ...)
@@ -9273,9 +9273,9 @@
 	- webkit <undetermined>
 	TODO: recheck, title says it affects some libxml
 CVE-2011-0215 (ImageIO in Apple Safari before 5.0.6 on Windows does not properly ...)
-	TODO: check
+	NOT-FOR-US: ImageIO in Apple Safari
 CVE-2011-0214 (CFNetwork in Apple Safari before 5.0.6 on Windows does not properly ...)
-	TODO: check
+	NOT-FOR-US: CFNetwork in Apple Safari
 CVE-2011-0213 (Buffer overflow in QuickTime in Apple Mac OS X before 10.6.8 allows ...)
 	NOT-FOR-US: QuickTime in Apple Mac OS
 CVE-2011-0212 (servermgrd in Apple Mac OS X before 10.6.8 allows remote attackers to ...)




More information about the Secure-testing-commits mailing list