[Secure-testing-commits] r20003 - data/CVE
Federico Ceratto
federico-guest at alioth.debian.org
Tue Aug 21 21:08:48 UTC 2012
Author: federico-guest
Date: 2012-08-21 21:08:48 +0000 (Tue, 21 Aug 2012)
New Revision: 20003
Modified:
data/CVE/list
Log:
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-08-21 15:19:42 UTC (rev 20002)
+++ data/CVE/list 2012-08-21 21:08:48 UTC (rev 20003)
@@ -45,7 +45,7 @@
CVE-2012-4342 (Multiple cross-site scripting (XSS) vulnerabilities in Gallery 3 ...)
- gallery3 <itp> (bug #511715)
CVE-2012-4341 (Multiple stack-based buffer overflows in msg_server.exe in SAP ...)
- TODO: check
+ NOT-FOR-US: SAP NetWeaver ABAP
CVE-2012-4340 (Cross-site scripting (XSS) vulnerability in Sybase EAServer before 6.1 ...)
NOT-FOR-US: Sybase
CVE-2012-4339
@@ -172,23 +172,23 @@
CVE-2012-4283 (Cross-site scripting (XSS) vulnerability in the Login With Ajax plugin ...)
TODO: check
CVE-2012-4282 (SQL injection vulnerability in photo.php in Trombinoscope 3.5 allows ...)
- TODO: check
+ NOT-FOR-US: Trombinoscope 3.5
CVE-2012-4281 (Multiple SQL injection vulnerabilities in Travelon Express 6.2.2 allow ...)
- TODO: check
+ NOT-FOR-US: Travelon Express 6.2.2
CVE-2012-4280 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
- TODO: check
+ NOT-FOR-US: Free Realty 3.1-0.6
CVE-2012-4279 (Multiple SQL injection vulnerabilities in Free Realty 3.1-0.6 allow ...)
- TODO: check
+ NOT-FOR-US: Free Realty 3.1-0.6
CVE-2012-4278 (Multiple cross-site scripting (XSS) vulnerabilities in Free Realty ...)
- TODO: check
+ NOT-FOR-US: Free Realty
CVE-2012-4277 (Cross-site scripting (XSS) vulnerability in the ...)
TODO: check
CVE-2012-4276 (Unspecified vulnerability in Hitachi IT Operations Director 02-50-01 ...)
- TODO: check
+ NOT-FOR-US: Hitachi IT Operations Director
CVE-2012-4275 (Cross-site scripting (XSS) vulnerability in Hitachi IT Operations ...)
- TODO: check
+ NOT-FOR-US: Hitachi IT Operations Director
CVE-2012-4274 (Unspecified vulnerability in Hitachi Cobol GUI Option 06-00, 06-01 ...)
- TODO: check
+ NOT-FOR-US: Hitachi Cobol GUI Option
CVE-2012-4273 (Cross-site scripting (XSS) vulnerability in libs/xing.php in the 2 ...)
TODO: check
CVE-2012-4272 (Multiple cross-site scripting (XSS) vulnerabilities in the 2 Click ...)
@@ -196,33 +196,33 @@
CVE-2012-4271 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
NOT-FOR-US: Wordpress plugin
CVE-2012-4270 (Cross-site scripting (XSS) vulnerability in eFront 3.6.11 allows ...)
- TODO: check
+ NOT-FOR-US: eFront
CVE-2012-4269 (Unrestricted file upload vulnerability in eFront 3.6.11 allows remote ...)
- TODO: check
+ NOT-FOR-US: eFront
CVE-2012-4268 (Cross-site scripting (XSS) vulnerability in ...)
TODO: check
CVE-2012-4267 (Cross-site scripting (XSS) vulnerability in user/register in Sockso ...)
- TODO: check
+ NOT-FOR-US: Sockso
CVE-2012-4266 (Cross-site scripting (XSS) vulnerability in client_details.php in ...)
- TODO: check
+ NOT-FOR-US: Proman Xpress
CVE-2012-4265 (SQL injection vulnerability in category_edit.php in Proman Xpress ...)
- TODO: check
+ NOT-FOR-US: Proman Xpress
CVE-2012-4264 (Multiple cross-site scripting (XSS) vulnerabilities in the Better WP ...)
TODO: check
CVE-2012-4263 (Cross-site scripting (XSS) vulnerability in inc/admin/content.php in ...)
TODO: check
CVE-2012-4262 (Multiple cross-site scripting (XSS) vulnerabilities in myCare2x allow ...)
- TODO: check
+ NOT-FOR-US: myCare2x
CVE-2012-4261 (SQL injection vulnerability in modules/patient/mycare2x_pat_info.php ...)
- TODO: check
+ NOT-FOR-US: myCare2x
CVE-2012-4260 (Multiple SQL injection vulnerabilities in myCare2x allow remote ...)
- TODO: check
+ NOT-FOR-US: myCare2x
CVE-2012-4259 (Cross-site scripting (XSS) vulnerability in the contacts in (1) XPhone ...)
- TODO: check
+ NOT-FOR-US: XPhone Virtual Directory
CVE-2012-4258 (Multiple SQL injection vulnerabilities in MYRE Real Estate Software ...)
- TODO: check
+ NOT-FOR-US: MYRE Real Estate Software
CVE-2012-4257 (Yaqas (Yet Another Question & Answer System) 1.0 Alpha 1 allows remote ...)
- TODO: check
+ NOT-FOR-US: Yaqas
CVE-2012-4256 (The jNews (com_jnews) component 7.5.1 for Joomla! allows remote ...)
TODO: check
CVE-2012-4255 (MySQLDumper 1.24.4 allows remote attackers to obtain sensitive ...)
@@ -236,7 +236,7 @@
CVE-2012-4251 (Multiple cross-site scripting (XSS) vulnerabilities in MySQLDumper ...)
TODO: check
CVE-2012-4250 (Stack-based buffer overflow in the RequestScreenOptimization function ...)
- TODO: check
+ NOT-FOR-US: Samsung NET-i viewer
CVE-2012-XXXX
- libapache2-mod-rpaf 0.6-1 (bug #683984)
CVE-2012-4249 (The Amazon Lab126 com.lab126.system sendEvent implementation on the ...)
@@ -1055,7 +1055,7 @@
CVE-2012-3870
RESERVED
CVE-2012-3869 (Cross-site scripting (XSS) vulnerability in ...)
- TODO: check
+ NOT-FOR-US: REDAXO
CVE-2012-3868 (Race condition in the ns_client structure management in ISC BIND 9.9.x ...)
NOTE: https://kb.isc.org/article/AA-00730
- bind9 <not-affected> (Vulnerable code not present, only affects 9.9.x)
@@ -2450,11 +2450,11 @@
CVE-2012-3297
RESERVED
CVE-2012-3296 (Cross-site scripting (XSS) vulnerability in the Help link in the login ...)
- TODO: check
+ NOT-FOR-US: IBM Power Hardware Management Console
CVE-2012-3295
RESERVED
CVE-2012-3294 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Web ...)
- TODO: check
+ NOT-FOR-US: IBM WebSphere
CVE-2012-3293
RESERVED
CVE-2012-3292 (The GridFTP in Globus Toolkit (GT) before 5.2.2, when certain autoconf ...)
@@ -3999,7 +3999,7 @@
CVE-2012-2602 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
NOT-FOR-US: SolarWinds Orion Network Performance Monitor
CVE-2012-2601 (SQL injection vulnerability in WrVMwareHostList.asp in Ipswitch ...)
- TODO: check
+ NOT-FOR-US: Ipswitch WhatsUp Gold
CVE-2012-2600
RESERVED
CVE-2012-2599
@@ -4061,7 +4061,7 @@
CVE-2012-2571 (Multiple cross-site scripting (XSS) vulnerabilities in WinWebMail ...)
NOT-FOR-US: WinWebMail
CVE-2012-2570 (Cross-site scripting (XSS) vulnerability in products_map.php in X-Cart ...)
- TODO: check
+ NOT-FOR-US: X-Cart Gold
CVE-2012-2569
RESERVED
CVE-2012-2568 (d41d8cd98f00b204e9800998ecf8427e.php in the management web server on ...)
@@ -4633,7 +4633,7 @@
- pidgin-otr 3.2.1-1 (medium; bug #673154)
NOTE: libotr not affected
CVE-2012-2368 (Bytemark Symbiosis before Revision 1322 does not properly validate ...)
- TODO: check
+ NOT-FOR-US: Bytemark Symbiosis
CVE-2012-2367 (Moodle 1.9.x before 1.9.18, 2.0.x before 2.0.9, 2.1.x before 2.1.6, ...)
- moodle 2.2.3.dfsg-1 (low; bug #674163)
CVE-2012-2366 (mod/data/preset.php in Moodle 2.1.x before 2.1.6 and 2.2.x before ...)
@@ -4867,7 +4867,7 @@
CVE-2012-2284
RESERVED
CVE-2012-2283 (The Iomega Home Media Network Hard Drive with EMC Lifeline firmware ...)
- TODO: check
+ NOT-FOR-US: Iomega Home Media Network Hard Drive
CVE-2012-2282 (EMC Celerra Network Server 6.x before 6.0.61.0, VNX 7.x before ...)
NOT-FOR-US: EMC Celerra/VNX/VNXe
CVE-2012-2281 (EMC RSA Access Manager Server 6.x before 6.1 SP4 and RSA Access ...)
@@ -4886,7 +4886,7 @@
CVE-2012-2275
RESERVED
CVE-2012-2274 (Cross-site scripting (XSS) vulnerability in pivotx/ajaxhelper.php in ...)
- TODO: check
+ NOT-FOR-US: PivotX
CVE-2012-2273 (Comodo Internet Security before 5.10.228257.2253 on Windows 7 x64 ...)
NOT-FOR-US: Comodo Internet Security
CVE-2012-2272
@@ -5116,7 +5116,7 @@
CVE-2012-2170 (The Application Snoop Servlet in IBM WebSphere Application Server 7.0 ...)
NOT-FOR-US: WebSphere
CVE-2012-2169 (Cross-site scripting (XSS) vulnerability in the file-upload ...)
- TODO: check
+ NOT-FOR-US: IBM Rational ClearQuest
CVE-2012-2168 (IBM Rational ClearQuest 7.1.x before 7.1.2.7 and 8.x before 8.0.0.3 ...)
NOT-FOR-US: IBM Rational ClearQuest
CVE-2012-2167
@@ -5927,19 +5927,19 @@
CVE-2012-1857 (Cross-site scripting (XSS) vulnerability in the Enterprise Portal ...)
NOT-FOR-US: Microsoft Dynamics AX
CVE-2012-1856 (The TabStrip ActiveX control in the Common Controls in MSCOMCTL.OCX in ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2012-1855 (Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not ...)
NOT-FOR-US: Microsoft .NET Framework
CVE-2012-1854 (Untrusted search path vulnerability in VBE6.dll in Microsoft Office ...)
NOT-FOR-US: Microsoft Office
CVE-2012-1853 (Stack-based buffer overflow in the Remote Administration Protocol ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows XP
CVE-2012-1852 (Heap-based buffer overflow in the Remote Administration Protocol (RAP) ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows XP
CVE-2012-1851 (Format string vulnerability in the Print Spooler service in Microsoft ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2012-1850 (The Remote Administration Protocol (RAP) implementation in the ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2012-1849 (Untrusted search path vulnerability in Microsoft Lync 2010, 2010 ...)
NOT-FOR-US: Microsoft Lync, Attendee,, Attendant
CVE-2012-1848 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
More information about the Secure-testing-commits
mailing list