[Secure-testing-commits] r18296 - data/CVE
James Strandboge
jamie-guest at alioth.debian.org
Wed Jan 25 19:31:30 UTC 2012
Author: jamie-guest
Date: 2012-01-25 19:31:29 +0000 (Wed, 25 Jan 2012)
New Revision: 18296
Modified:
data/CVE/list
Log:
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-01-25 17:49:00 UTC (rev 18295)
+++ data/CVE/list 2012-01-25 19:31:29 UTC (rev 18296)
@@ -1,3 +1,19 @@
+CVE-2012-0919
+ NOT-FOR-US: Hitachi IT Operations Director
+CVE-2012-0918
+ NOT-FOR-US: Hitachi
+CVE-2012-0917
+ NOT-FOR-US: Hitachi IT Operations Analyzer
+CVE-2012-0916
+ NOT-FOR-US: RenRen Talk
+CVE-2012-0915
+ NOT-FOR-US: RenRen Talk
+CVE-2012-0914
+ NOT-FOR-US: admin view in the Panels module for Drupal
+CVE-2012-0913
+ NOT-FOR-US: ICloudCenter ICTimeAttendance
+CVE-2012-0912
+ NOT-FOR-US: Stoneware webNetwork
CVE-2012-0911
RESERVED
CVE-2012-0910
@@ -5,7 +21,7 @@
CVE-2012-0909
RESERVED
CVE-2012-0907 (Directory traversal vulnerability in the web player in NeoAxis NeoAxis ...)
- TODO: check
+ NOT-FOR-US: NeoAxis NeoAxis web player
CVE-2012-0906 (SQL injection vulnerability in the Moviebase addon for deV!L'z ...)
NOT-FOR-US: deV!L'z Clanportal
CVE-2012-0905 (SQL injection vulnerability in deV!L'z Clanportal (DZCP) Gamebase ...)
@@ -17,19 +33,19 @@
CVE-2012-0902 (AirTies Air 4450 1.1.2.18 allows remote attackers to cause a denial of ...)
NOT-FOR-US: AirTies Air
CVE-2012-0901 (Cross-site scripting (XSS) vulnerability in yousaytoo.php in YouSayToo ...)
- TODO: check
+ NOT-FOR-US: YouSayToo auto-publishing plugin for WordPress
CVE-2012-0900 (Multiple cross-site scripting (XSS) vulnerabilities in Beehive Forum ...)
- TODO: check
+ NOT-FOR-US: Beehive Forum
CVE-2012-0899 (Cross-site scripting (XSS) vulnerability in ...)
- TODO: check
+ NOT-FOR-US: Annuaire PHP
CVE-2012-0898 (Directory traversal vulnerability in meb_download.php in the ...)
- TODO: check
+ NOT-FOR-US: myEASYbackup plugin for WordPress
CVE-2012-0897 (Stack-based buffer overflow in the JPEG2000 plugin in IrfanView ...)
- TODO: check
+ NOT-FOR-US: IrfanView PlugIns
CVE-2012-0896 (Absolute path traversal vulnerability in download.php in the Count Per ...)
- TODO: check
+ NOT-FOR-US: Count Per Day module for WordPress
CVE-2012-0895 (Cross-site scripting (XSS) vulnerability in map/map.php in the Count ...)
- TODO: check
+ NOT-FOR-US: Count Per Day module for WordPress
CVE-2012-0894
RESERVED
CVE-2012-0893
@@ -1116,7 +1132,7 @@
- gnutls28 3.0.11-1
- gnutls26 <not-affected> (lacks DTLS support and is not affected)
CVE-2012-0389
- RESERVED
+ NOT-FOR-US: MailEnable Professional
CVE-2012-0388
RESERVED
CVE-2012-0387
@@ -1268,7 +1284,7 @@
CVE-2012-0314
RESERVED
CVE-2012-0313 (Cross-site scripting (XSS) vulnerability in glucose 2 before stage 6.2 ...)
- TODO: check
+ NOT-FOR-US: glucose
CVE-2012-0312
RESERVED
CVE-2012-0311
@@ -1400,9 +1416,9 @@
[squeeze] - wordpress <not-affected> (only 3.3.x vulnerable)
[lenny] - wordpress <not-affected> (only 3.3.x vulnerable)
CVE-2012-0286
- RESERVED
+ NOT-FOR-US: Stoneware webNetwork
CVE-2012-0285
- RESERVED
+ NOT-FOR-US: Stoneware webNetwork
CVE-2012-0284
RESERVED
CVE-2012-0283
@@ -1436,11 +1452,11 @@
CVE-2012-0269
RESERVED
CVE-2012-0268 (Integer overflow in the CYImage::LoadJPG method in YImage.dll in ...)
- TODO: check
+ NOT-FOR-US: Yahoo! Messenger
CVE-2012-0267 (The StopModule method in the NTR ActiveX control before 2.0.4.8 allows ...)
- TODO: check
+ NOT-FOR-US: NTR ActiveX control
CVE-2012-0266 (Multiple stack-based buffer overflows in the NTR ActiveX control ...)
- TODO: check
+ NOT-FOR-US: NTR ActiveX control
CVE-2012-0265
RESERVED
CVE-2011-5046 (win32k.sys in the kernel-mode drivers in Microsoft Windows 7 ...)
@@ -1947,7 +1963,7 @@
CVE-2011-4874
RESERVED
CVE-2011-4873 (Unspecified vulnerability in the server in Certec EDV atvise before ...)
- TODO: check
+ NOT-FOR-US: Certec EDV atvise
CVE-2011-4872
RESERVED
CVE-2011-4871
@@ -1961,15 +1977,15 @@
- isc-dhcp <unfixed> (low; bug #655746)
[squeeze] - isc-dhcp <not-affected> (vulnerable code not present)
CVE-2011-4867
- RESERVED
+ NOT-FOR-US: Tencent QQPhoto (com.tencent.qqphoto) application
CVE-2011-4866
- RESERVED
+ NOT-FOR-US: Kaixin001 (com.kaixin001.activity) application
CVE-2011-4865
- RESERVED
+ NOT-FOR-US: Tencent WBlog
CVE-2011-4864
- RESERVED
+ NOT-FOR-US: Tencent MobileQQ (com.tencent.mobileqq) application
CVE-2011-4863
- RESERVED
+ NOT-FOR-US: Tencent QQPimSecure (com.tencent.qqpimsecure) application
CVE-2011-4862 (Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 ...)
{DSA-2375-1 DSA-2373-1 DSA-2372-1}
- heimdal <unfixed> (high)
@@ -2038,7 +2054,7 @@
CVE-2006-7248
RESERVED
CVE-2006-7247
- RESERVED
+ NOT-FOR-US: Joomla
CVE-2005-4894
RESERVED
CVE-2005-4893
@@ -2147,15 +2163,15 @@
CVE-2012-0193 (IBM WebSphere Application Server (WAS) 6.0 through 6.0.2.43, 6.1 ...)
TODO: check
CVE-2012-0192 (Multiple integer overflows in vclmi.dll in the visual class library ...)
- TODO: check
+ NOT-FOR-US: IBM Lotus Symphony
CVE-2012-0191
RESERVED
CVE-2012-0190 (Unspecified vulnerability in the Render method in the ExportHTML.ocx ...)
- TODO: check
+ NOT-FOR-US: IBM SPSS Dimensions
CVE-2012-0189 (Multiple unspecified vulnerabilities in the (1) PrintFile and (2) ...)
- TODO: check
+ NOT-FOR-US: IBM SPSS SamplePower
CVE-2012-0188 (Unspecified vulnerability in the SetLicenseInfoEx method in an ActiveX ...)
- TODO: check
+ NOT-FOR-US: IBM SPSS Dimensions
CVE-2012-0187
RESERVED
CVE-2012-0186
@@ -2450,9 +2466,9 @@
CVE-2012-0111 (Unspecified vulnerability in the Oracle VM VirtualBox component in ...)
TODO: check
CVE-2012-0110 (Unspecified vulnerability in the Oracle Outside In Technology ...)
- TODO: check
+ NOT-FOR-US: Oracle Fusion Middleware
CVE-2012-0109 (Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express ...)
- TODO: check
+ NOT-FOR-US: Oracle Solaris
CVE-2012-0108
RESERVED
CVE-2012-0107
@@ -2464,7 +2480,7 @@
CVE-2012-0104 (Unspecified vulnerability in Oracle GlassFish Enterprise Server 3.0.1 ...)
TODO: check
CVE-2012-0103 (Unspecified vulnerability in Oracle Solaris 11 Express allows local ...)
- TODO: check
+ NOT-FOR-US: Oracle Solaris Kernel
CVE-2012-0102 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
TODO: check
CVE-2012-0101 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
@@ -2474,71 +2490,71 @@
CVE-2012-0099 (Unspecified vulnerability in Oracle Solaris 9, 10, and 11 Express ...)
TODO: check
CVE-2012-0098 (Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express ...)
- TODO: check
+ NOT-FOR-US: Oracle Solaris
CVE-2012-0097 (Unspecified vulnerability in Oracle Solaris 11 Express allows local ...)
TODO: check
CVE-2012-0096 (Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express ...)
- TODO: check
+ NOT-FOR-US: Oracle Solaris
CVE-2012-0095
RESERVED
CVE-2012-0094 (Unspecified vulnerability in Oracle Solaris 9, 10, and 11 Express ...)
- TODO: check
+ NOT-FOR-US: Oracle Solaris
CVE-2012-0093
RESERVED
CVE-2012-0092
RESERVED
CVE-2012-0091 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
- TODO: check
+ NOT-FOR-US: Oracle PeopleSoft Products
CVE-2012-0090
RESERVED
CVE-2012-0089 (Unspecified vulnerability in the PeopleSoft Enterprise HCM component ...)
- TODO: check
+ NOT-FOR-US: Oracle PeopleSoft Products
CVE-2012-0088 (Unspecified vulnerability in the PeopleSoft Enterprise HCM component ...)
- TODO: check
+ NOT-FOR-US: Oracle PeopleSoft Products
CVE-2012-0087 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
TODO: check
CVE-2012-0086
RESERVED
CVE-2012-0085 (Unspecified vulnerability in the Oracle WebCenter Content component in ...)
- TODO: check
+ NOT-FOR-US: Oracle Fusion Middleware
CVE-2012-0084 (Unspecified vulnerability in the Oracle WebCenter Content component in ...)
- TODO: check
+ NOT-FOR-US: Oracle Fusion Middleware
CVE-2012-0083 (Unspecified vulnerability in the Oracle WebCenter Content component in ...)
- TODO: check
+ NOT-FOR-US: Oracle Fusion Middleware
CVE-2012-0082 (Unspecified vulnerability in the Core RDBMS component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle Database Server
CVE-2012-0081 (Unspecified vulnerability in Oracle GlassFish Enterprise Server 3.1.1 ...)
TODO: check
CVE-2012-0080 (Unspecified vulnerability in the PeopleSoft Enterprise HCM component ...)
- TODO: check
+ NOT-FOR-US: Oracle PeopleSoft Products
CVE-2012-0079 (Unspecified vulnerability in Oracle OpenSSO 7.1 and 8.0 allows remote ...)
- TODO: check
+ NOT-FOR-US: Oracle OpenSSO
CVE-2012-0078 (Unspecified vulnerability in the Oracle Application Object Library ...)
- TODO: check
+ NOT-FOR-US: Oracle E-Business Suite
CVE-2012-0077 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
- TODO: check
+ NOT-FOR-US: Oracle WebLogic Server
CVE-2012-0076 (Unspecified vulnerability in the PeopleSoft Enterprise HCM component ...)
- TODO: check
+ NOT-FOR-US: Oracle PeopleSoft Products
CVE-2012-0075 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
TODO: check
CVE-2012-0074 (Unspecified vulnerability in the PeopleSoft Enterprise CRM component ...)
- TODO: check
+ NOT-FOR-US: Oracle PeopleSoft Products
CVE-2012-0073 (Unspecified vulnerability in the Oracle Forms component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle E-Business Suite
CVE-2012-0072 (Unspecified vulnerability in the Listener component in Oracle Database ...)
- TODO: check
+ NOT-FOR-US: Oracle Database Server
CVE-2012-0071
RESERVED
CVE-2011-4773
- RESERVED
+ NOT-FOR-US: AnGuanJia (com.anguanjia.safe) application
CVE-2011-4772
- RESERVED
+ NOT-FOR-US: 360 KouXin (com.qihoo360.kouxin) application
CVE-2011-4771
- RESERVED
+ NOT-FOR-US: Scan to PDF Free (com.scan.to.pdf.trial) application
CVE-2011-4770
- RESERVED
+ NOT-FOR-US: QIWI Wallet (ru.mw) application
CVE-2011-4769
- RESERVED
+ NOT-FOR-US: 360 MobileSafe (com.qihoo360.mobilesafe) application
CVE-2011-4768 (The Site Editor (aka SiteBuilder) feature in Parallels Plesk Small ...)
NOT-FOR-US: Plesk
CVE-2011-4767 (The Site Editor (aka SiteBuilder) feature in Parallels Plesk Small ...)
@@ -2668,23 +2684,23 @@
CVE-2011-4706
RESERVED
CVE-2011-4705
- RESERVED
+ NOT-FOR-US: Ming Blacklist Free (vc.software.blacklist) application
CVE-2011-4704
- RESERVED
+ NOT-FOR-US: Voxofon (com.voxofon) application
CVE-2011-4703
- RESERVED
+ NOT-FOR-US: Limit My Call (com.limited.call.view) application
CVE-2011-4702
- RESERVED
+ NOT-FOR-US: Nimbuzz (com.nimbuzz) application
CVE-2011-4701
- RESERVED
+ NOT-FOR-US: CallConfirm (jp.gr.java_conf.ofnhwx.callconfirm) application
CVE-2011-4700
- RESERVED
+ NOT-FOR-US: UberMedia UberSocial (com.twidroid) application
CVE-2011-4699
- RESERVED
+ NOT-FOR-US: Ubermedia Twidroyd Legacy (com.twidroydlegacy) application
CVE-2011-4698
- RESERVED
+ NOT-FOR-US: AndroidAppTools Easy Filter (com.phoneblocker.android)
CVE-2011-4697
- RESERVED
+ NOT-FOR-US: Xiaomi MiTalk Messenger (com.xiaomi.channel) application
CVE-2011-4696
RESERVED
CVE-2010-5075
@@ -2698,7 +2714,6 @@
RESERVED
NOT-FOR-US: spamdyke not in Debian
CVE-2012-0069
- RESERVED
NOT-FOR-US: batavi not in Debian
CVE-2012-0068 [heap-buffer underflow when parsing LANalyzer packet]
RESERVED
@@ -2962,7 +2977,7 @@
CVE-2011-4660
RESERVED
CVE-2011-4659 (Cisco TelePresence Software before TE 4.1.1 on the Cisco IP Video ...)
- TODO: check
+ NOT-FOR-US: Cisco TelePresence Software
CVE-2011-4658
RESERVED
CVE-2011-4657
@@ -4476,7 +4491,7 @@
CVE-2011-4143
RESERVED
CVE-2011-4142 (The Web Search feature in EMC SourceOne Email Management 6.5 before ...)
- TODO: check
+ NOT-FOR-US: EMC SourceOne Email Management
CVE-2011-4141 (Untrusted search path vulnerability in EMC RSA SecurID Software Token ...)
NOT-FOR-US: RSA SecurID
CVE-2011-4140 (The CSRF protection mechanism in Django through 1.2.7 and 1.3.x ...)
@@ -4495,9 +4510,9 @@
{DSA-2332-1}
- python-django 1.3.1-1 (bug #641405)
CVE-2011-4135 (Multiple directory traversal vulnerabilities in lmgrd in Flexera ...)
- TODO: check
+ NOT-FOR-US: Flexera FlexNet Publisher
CVE-2011-4134 (Heap-based buffer overflow in lmadmin in Flexera FlexNet Publisher ...)
- TODO: check
+ NOT-FOR-US: Flexera FlexNet Publisher
CVE-2011-4133 [MSA-11-0002]
RESERVED
{DSA-2262-1}
@@ -4539,7 +4554,6 @@
RESERVED
- ruby1.9.1 <not-affected> (Only affected trunk versions)
CVE-2011-4120 [authentication bypass by pressing ctrl-d]
- RESERVED
- libpam-yubico 2.10-1
CVE-2011-4119
RESERVED
@@ -4699,7 +4713,7 @@
{DSA-2374-1}
- openswan 1:2.6.37-1 (low; bug #650674)
CVE-2007-6744 (Flexera Macrovision InstallShield before 2008 sends a ...)
- TODO: check
+ NOT-FOR-US: Flexera Macrovision InstallShield
CVE-2006-7246
RESERVED
CVE-2011-4072
@@ -4744,7 +4758,6 @@
- phpmyadmin 4:3.4.6-1 (unimportant)
CVE-2011-4057 (Wibu-Systems AG CodeMeter Runtime 4.30c, 4.10b, and possibly other ...)
NOT-FOR-US: Wibu-Systems AG CodeMeter Runtime
- TODO: check
CVE-2011-4056 (An unspecified ActiveX control in ActBar.ocx in Siemens Tecnomatix ...)
NOT-FOR-US: Siemens Tecnomatix
CVE-2011-4055 (Buffer overflow in the WebClient ActiveX control in Siemens Tecnomatix ...)
@@ -4752,7 +4765,7 @@
CVE-2011-4054 (Cross-site scripting (XSS) vulnerability in login.fcc in CA SiteMinder ...)
NOT-FOR-US: CA SiteMinder
CVE-2011-4053 (Untrusted search path vulnerability in 7-Technologies (7T) Interactive ...)
- TODO: check
+ NOT-FOR-US: 7-Technologies (7T) Interactive Graphical SCADA System
CVE-2011-4052 (Stack-based buffer overflow in CEServer.exe in the CEServer component ...)
NOT-FOR-US: InduSoft Web Studio
CVE-2011-4051 (CEServer.exe in the CEServer component in the Remote Agent module in ...)
@@ -6288,25 +6301,25 @@
CVE-2011-3575 (Stack-based buffer overflow in the NSFComputeEvaluateExt function in ...)
NOT-FOR-US: IBM Lotus Domino
CVE-2011-3574 (Unspecified vulnerability in Oracle Communications Unified 7.0 allows ...)
- TODO: check
+ NOT-FOR-US: Oracle Communications Unified
CVE-2011-3573 (Unspecified vulnerability in Oracle Communications Unified 7.0 allows ...)
- TODO: check
+ NOT-FOR-US: Oracle Communications Unified
CVE-2011-3572
RESERVED
CVE-2011-3571 (Unspecified vulnerability in the Virtual Desktop Infrastructure (VDI) ...)
TODO: check
CVE-2011-3570 (Unspecified vulnerability in Oracle Communications Unified 7.0 allows ...)
- TODO: check
+ NOT-FOR-US: Oracle Communications Unified
CVE-2011-3569 (Unspecified vulnerability in the Oracle Web Services Manager component ...)
- TODO: check
+ NOT-FOR-US: Oracle Fusion Middleware
CVE-2011-3568 (Unspecified vulnerability in the Oracle Web Services Manager component ...)
- TODO: check
+ NOT-FOR-US: Oracle Fusion Middleware
CVE-2011-3567
RESERVED
CVE-2011-3566 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
- TODO: check
+ NOT-FOR-US: Oracle Fusion Middleware
CVE-2011-3565 (Unspecified vulnerability in Oracle Communications Unified 7.0 allows ...)
- TODO: check
+ NOT-FOR-US: Oracle Communications Unified
CVE-2011-3564 (Unspecified vulnerability in Oracle GlassFish Enterprise Server 2.1.1 ...)
TODO: check
CVE-2011-3563
@@ -6442,7 +6455,7 @@
CVE-2011-3532 (Unspecified vulnerability in the Oracle Agile Product Supplier ...)
NOT-FOR-US: Oracle Supply Chain
CVE-2011-3531 (Unspecified vulnerability in the Oracle Web Services Manager component ...)
- TODO: check
+ NOT-FOR-US: Oracle Fusion Middleware
CVE-2011-3530 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component ...)
NOT-FOR-US: Oracle PeopleSoft
CVE-2011-3529 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component ...)
@@ -6456,7 +6469,7 @@
CVE-2011-3525 (Unspecified vulnerability in the Application Express component in ...)
NOT-FOR-US: Oracle Database Server
CVE-2011-3524 (Unspecified vulnerability in the JD Edwards EnterpriseOne Tools ...)
- TODO: check
+ NOT-FOR-US: Oracle JD Edwards Products
CVE-2011-3523 (Unspecified vulnerability in the Oracle Web Services Manager component ...)
NOT-FOR-US: Oracle Fusion
CVE-2011-3522 (Unspecified vulnerability in SysFW 8.0 on certain SPARC T3, Netra ...)
@@ -6482,7 +6495,7 @@
CVE-2011-3515 (Unspecified vulnerability in the Oracle Solaris 10 and 11 Express ...)
NOT-FOR-US: Oracle Solaris
CVE-2011-3514 (Unspecified vulnerability in the JD Edwards EnterpriseOne Tools ...)
- TODO: check
+ NOT-FOR-US: Oracle JD Edwards Products
CVE-2011-3513 (Unspecified vulnerability in the Oracle Application Object Library ...)
NOT-FOR-US: Oracle E-Business Suite
CVE-2011-3512 (Unspecified vulnerability in the Core RDBMS component in Oracle ...)
@@ -6492,7 +6505,7 @@
CVE-2011-3510 (Unspecified vulnerability in the Oracle Business Intelligence ...)
NOT-FOR-US: Oracle Fusion Middleware
CVE-2011-3509 (Unspecified vulnerability in the JD Edwards EnterpriseOne Tools ...)
- TODO: check
+ NOT-FOR-US: Oracle JD Edwards Products
CVE-2011-3508 (Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express ...)
NOT-FOR-US: Oracle Solaris
CVE-2011-3507 (Unspecified vulnerability in the Oracle Communications Unified ...)
@@ -6552,9 +6565,9 @@
CVE-2011-3480
RESERVED
CVE-2011-3479
- RESERVED
+ NOT-FOR-US: Symantec pcAnywhere
CVE-2011-3478
- RESERVED
+ NOT-FOR-US: Symantec pcAnywhere
CVE-2011-3477
RESERVED
CVE-2011-3476
@@ -6954,7 +6967,7 @@
CVE-2011-3345 (ulp/sdp/sdp_proc.c in the ib_sdp module (aka ib_sdp.ko) in the ...)
- ofa-kernel <itp> (bug #541849)
CVE-2011-3344
- RESERVED
+ NOT-FOR-US: Red Hat Network Satellite server
CVE-2011-3343 (Multiple buffer overflows in OpenTTD before 1.1.3 allow local users to ...)
{DSA-2386-1}
- openttd 1.1.3-1
@@ -7444,7 +7457,7 @@
CVE-2010-4816
RESERVED
CVE-2010-4815
- RESERVED
+ NOT-FOR-US: coppermine gallery
CVE-2011-3169 (Unspecified vulnerability in the SMTP service implementation in HP ...)
NOT-FOR-US: HP OpenVMS
CVE-2011-3168 (Unspecified vulnerability in the POP and IMAP service implementations ...)
@@ -8143,7 +8156,7 @@
{DSA-2310-1 DSA-2303-1}
- linux-2.6 3.0.0-2
CVE-2011-2927
- RESERVED
+ NOT-FOR-US: Red Hat Network Satellite server
CVE-2011-2926
RESERVED
CVE-2011-2925 (Cumin in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0 ...)
@@ -8159,9 +8172,9 @@
RESERVED
- ktsuss <removed>
CVE-2011-2920
- RESERVED
+ NOT-FOR-US: Red Hat Network Satellite server
CVE-2011-2919
- RESERVED
+ NOT-FOR-US: Red Hat Network Satellite server
CVE-2011-2918
RESERVED
{DSA-2303-1}
@@ -9913,17 +9926,17 @@
CVE-2011-2327 (Unspecified vulnerability in the Oracle Communications Unified ...)
NOT-FOR-US: Oracle Sun Products Suite
CVE-2011-2326 (Unspecified vulnerability in the JD Edwards EnterpriseOne Tools ...)
- TODO: check
+ NOT-FOR-US: Oracle JD Edwards Products
CVE-2011-2325 (Unspecified vulnerability in the JD Edwards EnterpriseOne Tools ...)
- TODO: check
+ NOT-FOR-US: Oracle JD Edwards Products
CVE-2011-2324 (Unspecified vulnerability in the JD Edwards EnterpriseOne Tools ...)
- TODO: check
+ NOT-FOR-US: Oracle JD Edwards Products
CVE-2011-2323 (Unspecified vulnerability in the Health Sciences - Oracle Thesaurus ...)
NOT-FOR-US: Oracle Thesaurus Management System
CVE-2011-2322 (Unspecified vulnerability in the Database Vault component in Oracle ...)
NOT-FOR-US: Oracle Database Server
CVE-2011-2321 (Unspecified vulnerability in the JD Edwards EnterpriseOne Tools ...)
- TODO: check
+ NOT-FOR-US: Oracle JD Edwards Products
CVE-2011-2320 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
NOT-FOR-US: Oracle Fusion Middleware
CVE-2011-2319 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
@@ -9931,7 +9944,7 @@
CVE-2011-2318 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
NOT-FOR-US: Oracle Fusion Middleware
CVE-2011-2317 (Unspecified vulnerability in the JD Edwards EnterpriseOne Tools ...)
- TODO: check
+ NOT-FOR-US: Oracle JD Edwards Products
CVE-2011-2316 (Unspecified vulnerability in the Siebel Apps - Marketing component in ...)
NOT-FOR-US: Oracle Siebel
CVE-2011-2315 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
@@ -10025,7 +10038,7 @@
CVE-2011-2272 (Unspecified vulnerability in the PeopleSoft Enterprise FSCM component ...)
NOT-FOR-US: Oracle PeopleSoft Products
CVE-2011-2271 (Unspecified vulnerability in the Oracle Application Object Library ...)
- TODO: check
+ NOT-FOR-US: Oracle E-Business Suite
CVE-2011-2270
RESERVED
CVE-2011-2269
@@ -11427,7 +11440,6 @@
NOTE: CVE-2011-1774 is about webkit's interface to xmlsec, CVE-2011-1425 is the actual issue
NOTE: http://www.openwall.com/lists/oss-security/2011/05/09/4
CVE-2011-1773
- RESERVED
NOT-FOR-US: virt-v2v
CVE-2011-1772 (Multiple cross-site scripting (XSS) vulnerabilities in XWork in Apache ...)
NOT-FOR-US: Apache Struts 2.x
@@ -11874,7 +11886,7 @@
[squeeze] - rdesktop <no-dsa> (Minor issue)
[lenny] - rdesktop <no-dsa> (Minor issue)
CVE-2011-1594
- RESERVED
+ NOT-FOR-US: Red Hat Network Satellite server
CVE-2011-1593 (Multiple integer overflows in the next_pidmap function in kernel/pid.c ...)
{DSA-2264-1 DSA-2240-1}
- linux-2.6 2.6.38-4
@@ -12615,7 +12627,7 @@
CVE-2011-1390
RESERVED
CVE-2011-1389 (Multiple directory traversal vulnerabilities in the vendor daemon in ...)
- TODO: check
+ NOT-FOR-US: Telelogic License Server
CVE-2011-1388 (The Blueberry FlashBack ActiveX control in BB FlashBack Recorder.dll ...)
NOT-FOR-US: IBM Rational Rhapsody
CVE-2011-1387
@@ -13763,7 +13775,7 @@
[wheezy] - linux-2.6 2.6.32-31
[squeeze] - linux-2.6 2.6.32-31
CVE-2011-1009
- RESERVED
+ NOT-FOR-US: Vanilla Forums
CVE-2011-1008 (Scrips_Overlay.pm in Best Practical Solutions RT before 3.8.9 does not ...)
- request-tracker3.8 3.8.10-1 (bug #614576)
[squeeze] - request-tracker3.8 3.8.8-7+squeeze1
@@ -15116,7 +15128,7 @@
CVE-2011-0526 (Cross-site scripting (XSS) vulnerability in index.php in Vanilla ...)
NOT-FOR-US: Vanilla Forums
CVE-2011-0525
- RESERVED
+ NOT-FOR-US: Batavi
CVE-2011-0524
RESERVED
- gypsy <itp> (bug #491723)
@@ -15851,22 +15863,19 @@
CVE-2010-4664
RESERVED
CVE-2010-4663 (Unspecified vulnerability in the News module in CMS Made Simple ...)
- TODO: check
+ NOT-FOR-US: CMS Made Simple
CVE-2010-4662
- RESERVED
+ NOT-FOR-US: pmwiki
CVE-2010-4661 [arbitrary kernel module loading]
RESERVED
- udisks <unfixed>
NOTE: upstream bug https://bugs.freedesktop.org/show_bug.cgi?id=32232
NOTE: fixed by http://cgit.freedesktop.org/udisks/commit/?id=c933a929f07421ec747cebb24d5e620fc2b97037
CVE-2010-4660
- RESERVED
- statusnet <itp> (bug #491723)
CVE-2010-4659
- RESERVED
- statusnet <itp> (bug #491723)
CVE-2010-4658
- RESERVED
- statusnet <itp> (bug #491723)
CVE-2010-4657 [xmlTextWriterWriteAttribute heap disclosure]
RESERVED
@@ -17087,7 +17096,6 @@
CVE-2009-5026
RESERVED
CVE-2009-5025 [PyForum XSS+CSRF]
- RESERVED
NOT-FOR-US: PyForum
CVE-2009-5024 (ViewVC before 1.1.11 allows remote attackers to bypass the cvsdb ...)
TODO: check
More information about the Secure-testing-commits
mailing list