[Secure-testing-commits] r17255 - data/CVE
Federico Ceratto
federico-guest at alioth.debian.org
Sat Sep 17 16:34:41 UTC 2011
Author: federico-guest
Date: 2011-09-17 16:34:40 +0000 (Sat, 17 Sep 2011)
New Revision: 17255
Modified:
data/CVE/list
Log:
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2011-09-17 11:26:50 UTC (rev 17254)
+++ data/CVE/list 2011-09-17 16:34:40 UTC (rev 17255)
@@ -172,7 +172,7 @@
[lenny] - wireshark <not-affected> (Affects only 1.6.0 and 1.6.1)
NOTE: http://www.wireshark.org/security/wnpa-sec-2011-12.html
CVE-2011-3422 (The Keychain implementation in Apple Mac OS X 10.6.8 and earlier does ...)
- TODO: check
+ NOT-FOR-US: Apple Mac OS X
CVE-2011-3421 (Multiple unspecified vulnerabilities in Google Chrome before ...)
- chromium-browser <unfixed>
- webkit <undetermined>
@@ -230,9 +230,9 @@
CVE-2011-3395
RESERVED
CVE-2011-3394 (SQL injection vulnerability in findagent.php in MYRE Real Estate ...)
- TODO: check
+ NOT-FOR-US: MYRE Real Estate
CVE-2011-3393 (Multiple cross-site scripting (XSS) vulnerabilities in findagent.php ...)
- TODO: check
+ NOT-FOR-US: MYRE Real Estate
CVE-2009-5095 (PHP remote file inclusion vulnerability in index_inc.php in ea gBook ...)
TODO: check
CVE-2009-5094 (SQL injection vulnerability in info.php in CMS Faethon 2.2.0 Ultimate ...)
@@ -246,11 +246,11 @@
CVE-2009-5090 (SQL injection vulnerability in editcomments.php in Bloggeruniverse ...)
TODO: check
CVE-2009-5089 (Directory traversal vulnerability in index.php in IdeaCart 0.02 and ...)
- TODO: check
+ NOT-FOR-US: IdeaCart
CVE-2009-5088 (SQL injection vulnerability in secure/index.php in IdeaCart 0.02 ...)
- TODO: check
+ NOT-FOR-US: IdeaCart
CVE-2009-5087 (Directory traversal vulnerability in geohttpserver in Geovision ...)
- TODO: check
+ NOT-FOR-US: Geovision Digital Video Surveillance System
CVE-2011-3392 (Cross-site scripting (XSS) vulnerability in control.php in the ...)
NOT-FOR-US: Phorum
CVE-2011-3391 (IBM Rational Build Forge 7.1.2 relies on client-side JavaScript code ...)
@@ -402,7 +402,7 @@
CVE-2010-4831 (Untrusted search path vulnerability in gdk/win32/gdkinput-win32.c in ...)
TODO: check
CVE-2009-5086 (Cross-site scripting (XSS) vulnerability in Appliance Configuration ...)
- TODO: check
+ NOT-FOR-US: Juniper IDP
CVE-2011-XXXX [vsftpd namespace DoS]
- vsftpd 2.3.4-1 (bug #629373)
[squeeze] - vsftpd 2.3.2-3+squeeze3
@@ -445,9 +445,9 @@
CVE-2011-3323
RESERVED
CVE-2011-3322 (Core Server HMI Service (Coreservice.exe) in Scadatec Limited Procyon ...)
- TODO: check
+ NOT-FOR-US: Scadatec Limited Procyon SCADA
CVE-2011-3321 (Heap-based buffer overflow in the Siemens WinCC Runtime Advanced ...)
- TODO: check
+ NOT-FOR-US: SIMATIC WinCC
CVE-2011-3320
RESERVED
CVE-2011-3319
@@ -909,11 +909,11 @@
CVE-2011-XXXX [Fix decode_xs n-byte heap-overflow security bug in Unicode.xs]
- perl 5.12.4-4
CVE-2011-3134 (Unspecified vulnerability in TIBCO Spotfire Server 3.0.x before 3.0.2, ...)
- TODO: check
+ NOT-FOR-US: TIBCO Spotfire Server
CVE-2011-3133 (Session fixation vulnerability in TIBCO Spotfire Server 3.0.x before ...)
TODO: check
CVE-2011-3132 (Cross-site scripting (XSS) vulnerability in TIBCO Spotfire Server ...)
- TODO: check
+ NOT-FOR-US: TIBCO Spotfire Server
CVE-2011-3131
RESERVED
CVE-2011-3130 (wp-includes/taxonomy.php in WordPress 3.1 before 3.1.3 and 3.2 before ...)
@@ -1957,11 +1957,11 @@
CVE-2011-2738
RESERVED
CVE-2011-2737 (RSA enVision 3.x and 4.x before 4 SP4 P3 allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: RSA enVision
CVE-2011-2736 (RSA enVision 4.x before 4 SP4 P3 places cleartext administrative ...)
- TODO: check
+ NOT-FOR-US: RSA enVision
CVE-2011-2735 (Multiple buffer overflows in EMC AutoStart 5.3.x and 5.4.x before ...)
- TODO: check
+ NOT-FOR-US: EMC AutoStart
CVE-2011-2734
RESERVED
CVE-2011-2733 (EMC RSA Adaptive Authentication On-Premise (AAOP) 6.0.2.1 SP1 Patch 2, ...)
@@ -2156,7 +2156,7 @@
CVE-2011-2672
RESERVED
CVE-2011-2671 (Unspecified vulnerability in Megalith 12th edition through 27th ...)
- TODO: check
+ NOT-FOR-US: Megalith
CVE-2011-2670
RESERVED
CVE-2011-2669
@@ -2343,7 +2343,7 @@
CVE-2011-2596
RESERVED
CVE-2011-2595 (Multiple stack-based buffer overflows in ACDSee FotoSlate 4.0 Build ...)
- TODO: check
+ NOT-FOR-US: ACDSee FotoSlate
CVE-2011-2594 (Heap-based buffer overflow in KMPlayer 3.0.0.1441, and possibly other ...)
TODO: check
CVE-2011-2593
@@ -2371,7 +2371,7 @@
CVE-2011-2582
RESERVED
CVE-2011-2581 (The ACL implementation in Cisco NX-OS 5.0(2) and 5.0(3) before ...)
- TODO: check
+ NOT-FOR-US: Cisco NX-OS
CVE-2011-2580
RESERVED
CVE-2011-2579
@@ -2405,15 +2405,15 @@
CVE-2011-2565
RESERVED
CVE-2011-2564 (Unspecified vulnerability in the Service Advertisement Framework (SAF) ...)
- TODO: check
+ NOT-FOR-US: Cisco Unified Communications Manager
CVE-2011-2563 (Unspecified vulnerability in the Service Advertisement Framework (SAF) ...)
- TODO: check
+ NOT-FOR-US: Cisco Unified Communications Manager
CVE-2011-2562 (Unspecified vulnerability in Cisco Unified Communications Manager (aka ...)
- TODO: check
+ NOT-FOR-US: Cisco Unified Communications Manager
CVE-2011-2561 (The SIP process in Cisco Unified Communications Manager (aka CUCM, ...)
- TODO: check
+ NOT-FOR-US: Cisco Unified Communications Manager
CVE-2011-2560 (The Packet Capture Service in Cisco Unified Communications Manager ...)
- TODO: check
+ NOT-FOR-US: Cisco Unified Communications Manager
CVE-2011-2559
RESERVED
CVE-2011-2558
@@ -2423,7 +2423,7 @@
CVE-2011-2556
RESERVED
CVE-2011-2555 (Cisco TelePresence Recording Server 1.7.2.x before 1.7.2.1 has a ...)
- TODO: check
+ NOT-FOR-US: Cisco TelePresence Recording Server
CVE-2011-2554
RESERVED
CVE-2011-2553
@@ -3893,29 +3893,29 @@
CVE-2011-1992
RESERVED
CVE-2011-1991 (Multiple untrusted search path vulnerabilities in Microsoft Windows XP ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2011-1990 (Microsoft Excel 2007 SP2; Excel in Office 2007 SP2; Excel Viewer SP2; ...)
- TODO: check
+ NOT-FOR-US: Microsoft Excel
CVE-2011-1989 (Microsoft Excel 2003 SP3 and 2007 SP2; Excel in Office 2007 SP2; Excel ...)
- TODO: check
+ NOT-FOR-US: Microsoft Excel
CVE-2011-1988 (Microsoft Excel 2003 SP3 and 2007 SP2; Excel in Office 2007 SP2; ...)
- TODO: check
+ NOT-FOR-US: Microsoft Excel
CVE-2011-1987 (Array index error in Microsoft Excel 2003 SP3 and 2007 SP2; Excel in ...)
- TODO: check
+ NOT-FOR-US: Microsoft Excel
CVE-2011-1986 (Use-after-free vulnerability in Microsoft Excel 2003 SP3 allows remote ...)
- TODO: check
+ NOT-FOR-US: Microsoft Excel
CVE-2011-1985
RESERVED
CVE-2011-1984 (WINS in Microsoft Windows Server 2003 SP2 and Server 2008 SP2, R2, and ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2011-1983
RESERVED
CVE-2011-1982 (Microsoft Office 2007 SP2, and 2010 Gold and SP1, does not initialize ...)
- TODO: check
+ NOT-FOR-US: Microsoft Office
CVE-2011-1981
RESERVED
CVE-2011-1980 (Untrusted search path vulnerability in Microsoft Office 2003 SP3 and ...)
- TODO: check
+ NOT-FOR-US: Microsoft Office
CVE-2011-1979 (Microsoft Visio 2003 SP3 and 2007 SP2 does not properly validate ...)
NOT-FOR-US: Microsoft Visio
CVE-2011-1978 (Microsoft .NET Framework 2.0 SP2, 3.5.1, and 4 does not properly ...)
@@ -4151,13 +4151,13 @@
CVE-2011-1894 (The MHTML protocol handler in Microsoft Windows XP SP2 and SP3, ...)
NOT-FOR-US: Microsoft Windows
CVE-2011-1893 (Cross-site scripting (XSS) vulnerability in Microsoft Office ...)
- TODO: check
+ NOT-FOR-US: Microsoft SharePoint
CVE-2011-1892 (Microsoft Office Groove 2007 SP2, SharePoint Workspace 2010 Gold and ...)
- TODO: check
+ NOT-FOR-US: Microsoft Office
CVE-2011-1891 (Cross-site scripting (XSS) vulnerability in Microsoft Windows ...)
- TODO: check
+ NOT-FOR-US: Microsoft SharePoint
CVE-2011-1890 (Cross-site scripting (XSS) vulnerability in EditForm.aspx in Microsoft ...)
- TODO: check
+ NOT-FOR-US: Microsoft SharePoint
CVE-2011-1889 (The NSPLookupServiceNext function in the client in Microsoft Forefront ...)
NOT-FOR-US: Microsoft Forefront Threat Management Gateway
CVE-2011-1888 (win32k.sys in the kernel-mode drivers in Microsoft Windows Vista SP1 ...)
@@ -4888,7 +4888,7 @@
CVE-2011-1644
RESERVED
CVE-2011-1643 (Cisco Unified Communications Manager (aka CUCM, formerly CallManager) ...)
- TODO: check
+ NOT-FOR-US: Cisco Unified Communications Manager
CVE-2011-1642
RESERVED
CVE-2011-1641
@@ -5768,7 +5768,7 @@
CVE-2011-1360
RESERVED
CVE-2011-1359 (Directory traversal vulnerability in the administration console in IBM ...)
- TODO: check
+ NOT-FOR-US: IBM WebSphere
CVE-2011-1358
RESERVED
CVE-2011-1357 (Cross-site scripting (XSS) vulnerability in agentDetect.jsp in the web ...)
@@ -5803,9 +5803,9 @@
CVE-2011-1343 (SQL injection vulnerability in the Web GUI in IBM Tivoli ...)
NOT-FOR-US: Tivoli
CVE-2011-1342 (SQL injection vulnerability in Aimluck Aipo before 5.1.1, and Aipo for ...)
- TODO: check
+ NOT-FOR-US: Aimluck Aipo
CVE-2011-1341 (Cross-site request forgery (CSRF) vulnerability in Aimluck Aipo before ...)
- TODO: check
+ NOT-FOR-US: Aimluck Aipo
CVE-2011-1340 (Cross-site scripting (XSS) vulnerability in ...)
TODO: check
CVE-2011-1339 (Cross-site scripting (XSS) vulnerability in Google Search Appliance ...)
@@ -7912,7 +7912,7 @@
CVE-2011-0654 (Integer underflow in the BowserWriteErrorLogEntry function in the ...)
NOT-FOR-US: Windows 2003
CVE-2011-0653 (Cross-site scripting (XSS) vulnerability in Microsoft Office ...)
- TODO: check
+ NOT-FOR-US: Microsoft SharePoint
CVE-2011-0652 (lnsfw1.sys 6.0.2900.5512 in Look 'n' Stop Firewall 2.06p4 and 2.07 ...)
NOT-FOR-US: Look 'n' Stop Firewall
CVE-2011-0651 (Buffer overflow in the key exchange functionality in Icon Labs ...)
@@ -8161,7 +8161,7 @@
CVE-2011-0548 (Buffer overflow in the Lotus Freelance Graphics PRZ file viewer in ...)
NOT-FOR-US: Lotus Freelance Graphics
CVE-2011-0547 (Multiple integer overflows in vxsvc.exe in the Veritas Enterprise ...)
- TODO: check
+ NOT-FOR-US: Veritas
CVE-2011-0546 (Symantec Backup Exec 11.0, 12.0, 12.5, 13.0, and 13.0 R2 does not ...)
NOT-FOR-US: Symantec Backup Exec
CVE-2011-0545 (Cross-site request forgery (CSRF) vulnerability in adduser.do in ...)
@@ -9165,7 +9165,7 @@
CVE-2011-0259
RESERVED
CVE-2011-0258 (Apple QuickTime before 7.7 on Windows allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: Apple QuickTime
CVE-2011-0257 (Integer signedness error in Apple QuickTime before 7.7 allows remote ...)
NOT-FOR-US: Apple QuickTime
CVE-2011-0256 (Integer overflow in Apple QuickTime before 7.7 allows remote attackers ...)
@@ -9237,7 +9237,7 @@
CVE-2011-0229
RESERVED
CVE-2011-0228 (The Data Security component in Apple iOS before 4.2.10 and 4.3.x ...)
- TODO: check
+ NOT-FOR-US: Apple iOS
CVE-2011-0227 (The queueing primitives in IOMobileFrameBuffer in Apple iOS before ...)
NOT-FOR-US: Apple iOS
CVE-2011-0226 (Integer signedness error in psaux/t1decode.c in FreeType before 2.4.6, ...)
@@ -9273,9 +9273,9 @@
- webkit <undetermined>
TODO: recheck, title says it affects some libxml
CVE-2011-0215 (ImageIO in Apple Safari before 5.0.6 on Windows does not properly ...)
- TODO: check
+ NOT-FOR-US: ImageIO in Apple Safari
CVE-2011-0214 (CFNetwork in Apple Safari before 5.0.6 on Windows does not properly ...)
- TODO: check
+ NOT-FOR-US: CFNetwork in Apple Safari
CVE-2011-0213 (Buffer overflow in QuickTime in Apple Mac OS X before 10.6.8 allows ...)
NOT-FOR-US: QuickTime in Apple Mac OS
CVE-2011-0212 (servermgrd in Apple Mac OS X before 10.6.8 allows remote attackers to ...)
More information about the Secure-testing-commits
mailing list