[Secure-testing-commits] r20712 - data/CVE
Federico Ceratto
federico-guest at alioth.debian.org
Thu Dec 27 12:56:04 UTC 2012
Author: federico-guest
Date: 2012-12-27 12:56:04 +0000 (Thu, 27 Dec 2012)
New Revision: 20712
Modified:
data/CVE/list
Log:
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-12-26 21:14:26 UTC (rev 20711)
+++ data/CVE/list 2012-12-27 12:56:04 UTC (rev 20712)
@@ -233,9 +233,9 @@
- libnusoap-php <unfixed> (bug #696707)
NOTE: CVE request http://www.openwall.com/lists/oss-security/2012/12/26/1
CVE-2012-6428 (Carlo Gavazzi EOS-Box with firmware before 1.0.0.1080_2.1.10 ...)
- TODO: check
+ NOT-FOR-US: Carlo Gavazzi EOS-Box
CVE-2012-6427 (Multiple SQL injection vulnerabilities in Carlo Gavazzi EOS-Box with ...)
- TODO: check
+ NOT-FOR-US: Carlo Gavazzi EOS-Box
CVE-2012-6426 [lemonldap-ng: SAML messages signatures are not verified]
RESERVED
- lemonldap-ng 1.2.2-3 (bug #696329)
@@ -749,9 +749,9 @@
CVE-2012-6326
RESERVED
CVE-2012-6325 (VMware vCenter Server Appliance (vCSA) 5.0 before Update 2 does not ...)
- TODO: check
+ NOT-FOR-US: VMware vCenter Server Appliance
CVE-2012-6324 (Directory traversal vulnerability in VMware vCenter Server Appliance ...)
- TODO: check
+ NOT-FOR-US: VMware vCenter Server Appliance
CVE-2013-0450
RESERVED
CVE-2013-0449
@@ -2457,7 +2457,7 @@
CVE-2012-5955 (Unspecified vulnerability in the IBM HTTP Server component 5.3 in IBM ...)
NOT-FOR-US: WebSphere
CVE-2012-5954 (Unspecified vulnerability in IBM Tivoli Storage Manager for Space ...)
- TODO: check
+ NOT-FOR-US: IBM Tivoli Storage Manager
CVE-2012-5953
RESERVED
CVE-2012-5952
@@ -2503,11 +2503,11 @@
CVE-2012-5933
RESERVED
CVE-2012-5932 (Eval injection vulnerability in the ldapagnt_eval function in ...)
- TODO: check
+ NOT-FOR-US: NetIQ Privileged User Manager 2.3.x
CVE-2012-5931 (Directory traversal vulnerability in the set_log_config function in ...)
- TODO: check
+ NOT-FOR-US: NetIQ Privileged User Manager 2.3.x
CVE-2012-5930 (The pa_modify_accounts function in auth.dll in unifid.exe in NetIQ ...)
- TODO: check
+ NOT-FOR-US: NetIQ Privileged User Manager 2.3.x
CVE-2012-5929
RESERVED
CVE-2012-5928
@@ -5163,13 +5163,13 @@
CVE-2012-4860
RESERVED
CVE-2012-4859 (Unspecified vulnerability in IBM Tivoli Storage Manager for Space ...)
- TODO: check
+ NOT-FOR-US: IBM Tivoli Storage Manager
CVE-2012-4858
RESERVED
CVE-2012-4857 (Buffer overflow in IBM Informix 11.50 through 11.50.xC9W2 and 11.70 ...)
NOT-FOR-US: IBM Informix
CVE-2012-4856 (The Service Processor in the IBM Power 5 91##-### and 940#-### before ...)
- TODO: check
+ NOT-FOR-US: IBM Power 5
CVE-2012-4855
RESERVED
CVE-2012-4854
@@ -5185,11 +5185,11 @@
CVE-2012-4849
RESERVED
CVE-2012-4848 (Multiple cross-site scripting (XSS) vulnerabilities in IBM Lotus ...)
- TODO: check
+ NOT-FOR-US: IBM Lotus Foundations Start
CVE-2012-4847 (IBM Cognos Business Intelligence (BI) 8.4 and 8.4.1 allows remote ...)
NOT-FOR-US: IBM Cognos Business Intelligence
CVE-2012-4846 (IBM Lotus Notes 8.5.x before 8.5.3 FP3 does not include the HTTPOnly ...)
- TODO: check
+ NOT-FOR-US: IBM Lotus Notes
CVE-2012-4845 (The FTP client in AIX 6.1 and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, does ...)
NOT-FOR-US: AIX
CVE-2012-4844
@@ -5203,7 +5203,7 @@
CVE-2012-4840
RESERVED
CVE-2012-4839 (The OSLC interface in the Web Client (aka CQ Web) in IBM Rational ...)
- TODO: check
+ NOT-FOR-US: IBM Rational ClearQuest
CVE-2012-4838 (IBM Flex System Chassis Management Module (CMM) and Integrated ...)
NOT-FOR-US: IBM Flex
CVE-2012-4837
@@ -5714,7 +5714,7 @@
CVE-2012-4699
RESERVED
CVE-2012-4698 (Siemens RuggedCom Rugged Operating System (ROS) before 3.12, ROX I OS ...)
- TODO: check
+ NOT-FOR-US: Siemens RuggedCom Rugged Operating System
CVE-2012-4697
RESERVED
CVE-2012-4696
@@ -6832,11 +6832,11 @@
CVE-2012-4351
RESERVED
CVE-2012-4350 (Multiple unquoted Windows search path vulnerabilities in the (1) ...)
- TODO: check
+ NOT-FOR-US: Symantec Enterprise Security Manager
CVE-2012-4349 (Unquoted Windows search path vulnerability in Symantec Network Access ...)
NOT-FOR-US: Symantec Network Access Control
CVE-2012-4348 (The management console in Symantec Endpoint Protection (SEP) 11.0 ...)
- TODO: check
+ NOT-FOR-US: Symantec Endpoint Protection
CVE-2012-4347 (Multiple directory traversal vulnerabilities in the management console ...)
NOT-FOR-US: Symantec
CVE-2012-4346
@@ -7596,7 +7596,7 @@
CVE-2012-4047
RESERVED
CVE-2012-4046 (The D-Link DCS-932L camera with firmware 1.02 allows remote attackers ...)
- TODO: check
+ NOT-FOR-US: D-Link DCS-932L camera
CVE-2012-4045 (Multiple heap-based buffer overflows in bmp.w5s in Winamp before 5.63 ...)
NOT-FOR-US: Winamp
CVE-2012-4044
@@ -9458,7 +9458,7 @@
CVE-2012-3330 (The proxy server in IBM WebSphere Application Server 7.0 before ...)
NOT-FOR-US: IBM WebSphere Application Server
CVE-2012-3329 (IBM Advanced Settings Utility (ASU) through 3.62 and 3.70 through 9.21 ...)
- TODO: check
+ NOT-FOR-US: IBM Advanced Settings Utility, Bootable Media Creator
CVE-2012-3328
RESERVED
CVE-2012-3327
@@ -9879,7 +9879,7 @@
CVE-2012-3134 (Unspecified vulnerability in the Core RDBMS component in Oracle ...)
NOT-FOR-US: Oracle Database Server
CVE-2012-3133 (Buffer overflow in the DataDirect ODBC driver, as used in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2012-3132 (SQL injection vulnerability in Oracle Database Server 10.2.0.3, ...)
NOT-FOR-US: Oracle Database
CVE-2012-3131 (Unspecified vulnerability in Oracle Sun Solaris 9, 10, and 11 allows ...)
@@ -10145,7 +10145,7 @@
CVE-2012-3003 (Open redirect vulnerability in an unspecified web application in ...)
NOT-FOR-US: WinCC
CVE-2012-3002 (The web interface on (1) Foscam and (2) Wansview IP cameras allows ...)
- TODO: check
+ NOT-FOR-US: Foscam, Wansview IP cameras
CVE-2012-3001 (Mutiny Standard before 4.5-1.12 allows remote attackers to execute ...)
NOT-FOR-US: Mutiny Standard
CVE-2012-3000
@@ -13406,13 +13406,13 @@
CVE-2012-1715 (Unspecified vulnerability in the Oracle Application Object Library ...)
NOT-FOR-US: Oracle E-Business Suite
CVE-2012-1714 (Unspecified vulnerability in a TList 6 ActiveX control in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle Hyperion Financial Management
CVE-2012-1713 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
{DSA-2507-1}
- openjdk-6 6b24-1.11.3-1 (bug #677487)
- openjdk-7 7~u3-2.1.1-1 (bug #677486)
CVE-2012-1712 (Directory traversal vulnerability in the Liferay component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle Sun GlassFish Web Space Server
CVE-2012-1711 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
{DSA-2507-1}
- openjdk-6 6b24-1.11.3-1 (bug #677487)
@@ -16608,15 +16608,15 @@
CVE-2012-0433
RESERVED
CVE-2012-0432 (Stack-based buffer overflow in the Novell NCP implementation in NetIQ ...)
- TODO: check
+ NOT-FOR-US: NetIQ eDirectory
CVE-2012-0431
RESERVED
CVE-2012-0430 (Unspecified vulnerability in NetIQ eDirectory 8.8.6.x before 8.8.6.7 ...)
- TODO: check
+ NOT-FOR-US: NetIQ eDirectory
CVE-2012-0429 (dhost in NetIQ eDirectory 8.8.6.x before 8.8.6.7 and 8.8.7.x before ...)
- TODO: check
+ NOT-FOR-US: NetIQ eDirectory
CVE-2012-0428 (Cross-site scripting (XSS) vulnerability in NetIQ eDirectory 8.8.6.x ...)
- TODO: check
+ NOT-FOR-US: NetIQ eDirectory
CVE-2012-0427
RESERVED
CVE-2012-0426
@@ -16650,7 +16650,7 @@
CVE-2012-0412
RESERVED
CVE-2012-0411 (Unspecified vulnerability in Novell iPrint Client before 5.82 allows ...)
- TODO: check
+ NOT-FOR-US: Novell iPrint Client
CVE-2012-0410 (Directory traversal vulnerability in WebAccess in Novell GroupWise ...)
NOT-FOR-US: Groupwise
CVE-2012-0409 (Multiple buffer overflows in EMC AutoStart 5.3.x and 5.4.x before ...)
More information about the Secure-testing-commits
mailing list