[Secure-testing-commits] r19652 - data/CVE
Federico Ceratto
federico-guest at alioth.debian.org
Tue Jul 3 21:19:23 UTC 2012
Author: federico-guest
Date: 2012-07-03 21:19:23 +0000 (Tue, 03 Jul 2012)
New Revision: 19652
Modified:
data/CVE/list
Log:
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-07-03 21:15:41 UTC (rev 19651)
+++ data/CVE/list 2012-07-03 21:19:23 UTC (rev 19652)
@@ -3766,13 +3766,13 @@
CVE-2012-2176 (Multiple stack-based buffer overflows in a certain ActiveX control in ...)
NOT-FOR-US: IBM Lotus Quickr
CVE-2012-2175 (Buffer overflow in the Attachment_Times method in a certain ActiveX ...)
- TODO: check
+ NOT-FOR-US: IBM Lotus iNotes
CVE-2012-2174 (The URL handler in IBM Lotus Notes 8.x before 8.5.3 FP2 allows remote ...)
NOT-FOR-US: Notes
CVE-2012-2173 (The ODBC driver in IBM Security AppScan Source 7.x and 8.x before 8.6 ...)
NOT-FOR-US: AppScan
CVE-2012-2172 (Cross-site scripting (XSS) vulnerability in SoftwareRegistration.do in ...)
- TODO: check
+ NOT-FOR-US: IBM System Storage DS Storage Manager
CVE-2012-2171 (SQL injection vulnerability in ModuleServlet.do in the Storage Manager ...)
NOT-FOR-US: IBM System Storage DS Storage Manager
CVE-2012-2170 (The Application Snoop Servlet in IBM WebSphere Application Server 7.0 ...)
@@ -3794,11 +3794,11 @@
CVE-2012-2162 (The Web Server Plug-in in IBM WebSphere Application Server (WAS) 8.0 ...)
NOT-FOR-US: WebSphere
CVE-2012-2161 (Cross-site scripting (XSS) vulnerability in deferredView.jsp in IBM ...)
- TODO: check
+ NOT-FOR-US: IBM Security AppScan Source
CVE-2012-2160
RESERVED
CVE-2012-2159 (Open redirect vulnerability in IBM Eclipse Help System (IEHS), as used ...)
- TODO: check
+ NOT-FOR-US: IBM Eclipse Help System
CVE-2012-2158
RESERVED
CVE-2012-2157
@@ -4222,17 +4222,17 @@
CVE-2012-2018
RESERVED
CVE-2012-2017 (Unspecified vulnerability on HP Photosmart Wireless e-All-in-One B110, ...)
- TODO: check
+ NOT-FOR-US: HP Photosmart Wireless e-All-in-One
CVE-2012-2016 (Unspecified vulnerability in HP System Management Homepage (SMH) ...)
- TODO: check
+ NOT-FOR-US: HP System Management Homepage
CVE-2012-2015 (Unspecified vulnerability in HP System Management Homepage (SMH) ...)
- TODO: check
+ NOT-FOR-US: HP System Management Homepage
CVE-2012-2014 (HP System Management Homepage (SMH) before 7.1.1 does not properly ...)
- TODO: check
+ NOT-FOR-US: HP System Management Homepage
CVE-2012-2013 (Unspecified vulnerability in HP System Management Homepage (SMH) ...)
- TODO: check
+ NOT-FOR-US: HP System Management Homepage
CVE-2012-2012 (HP System Management Homepage (SMH) before 7.1.1 does not have an off ...)
- TODO: check
+ NOT-FOR-US: HP System Management Homepage
CVE-2012-2011 (Multiple cross-site scripting (XSS) vulnerabilities in HP Web Jetadmin ...)
NOT-FOR-US: HP Web Jetadmin
CVE-2012-2010 (The ACMELOGIN implementation in HP OpenVMS 8.3 and 8.4 on the Alpha ...)
@@ -4513,7 +4513,7 @@
CVE-2012-1890
RESERVED
CVE-2012-1889 (Microsoft XML Core Services 3.0, 4.0, 5.0, and 6.0 accesses ...)
- TODO: check
+ NOT-FOR-US: Microsoft XML Core Services
CVE-2012-1888
RESERVED
CVE-2012-1887
@@ -4555,15 +4555,15 @@
CVE-2012-1869
RESERVED
CVE-2012-1868 (Race condition in the thread-creation implementation in win32k.sys in ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows XP
CVE-2012-1867 (Integer overflow in win32k.sys in the kernel-mode drivers in Microsoft ...)
- TODO: check
+ NOT-FOR-US: Windows Windows
CVE-2012-1866 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2012-1865 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2012-1864 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2012-1863
RESERVED
CVE-2012-1862
@@ -4575,13 +4575,13 @@
CVE-2012-1859
RESERVED
CVE-2012-1858 (The toStaticHTML API (aka the SafeHTML component) in Microsoft ...)
- TODO: check
+ NOT-FOR-US: MicrosoftInternet Explorer, Communicator, Lync
CVE-2012-1857 (Cross-site scripting (XSS) vulnerability in the Enterprise Portal ...)
- TODO: check
+ NOT-FOR-US: Microsoft Dynamics AX
CVE-2012-1856
RESERVED
CVE-2012-1855 (Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not ...)
- TODO: check
+ NOT-FOR-US: Microsoft .NET Framework
CVE-2012-1854
RESERVED
CVE-2012-1853
@@ -4593,7 +4593,7 @@
CVE-2012-1850
RESERVED
CVE-2012-1849 (Untrusted search path vulnerability in Microsoft Lync 2010, 2010 ...)
- TODO: check
+ NOT-FOR-US: Microsoft Lync, Attendee,, Attendant
CVE-2012-1848 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
NOT-FOR-US: Microsoft Windows
CVE-2012-1847 (Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; ...)
@@ -4642,7 +4642,7 @@
CVE-2012-1826 (dotCMS 1.9 before 1.9.5.1 allows remote authenticated users to execute ...)
TODO: check
CVE-2012-1825 (Multiple cross-site scripting (XSS) vulnerabilities in the status ...)
- TODO: check
+ NOT-FOR-US: ForeScout CounterACT
CVE-2012-1824 (Untrusted search path vulnerability in Measuresoft ScadaPro Client ...)
NOT-FOR-US: Measuresoft ScadaPro
CVE-2012-1823 (sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when ...)
@@ -5375,7 +5375,7 @@
CVE-2012-1524
RESERVED
CVE-2012-1523 (Microsoft Internet Explorer 6 through 8 does not properly handle ...)
- TODO: check
+ NOT-FOR-US: Microsoft Internet Explorer
CVE-2012-1522
RESERVED
CVE-2012-1521 (Use-after-free vulnerability in the XML parser in Google Chrome before ...)
@@ -7342,15 +7342,15 @@
CVE-2012-0721
RESERVED
CVE-2012-0720 (Cross-site scripting (XSS) vulnerability in the Integration Solution ...)
- TODO: check
+ NOT-FOR-US: IBM WebSphere Application
CVE-2012-0719 (Cross-site scripting (XSS) vulnerability in IBM Tivoli Endpoint ...)
NOT-FOR-US: IBM Tivoli Endpoint Manager
CVE-2012-0718
RESERVED
CVE-2012-0717 (IBM WebSphere Application Server 7.0 before 7.0.0.23, when a certain ...)
- TODO: check
+ NOT-FOR-US: IBM WebSphere Application Server
CVE-2012-0716 (Cross-site scripting (XSS) vulnerability in the Administration Console ...)
- TODO: check
+ NOT-FOR-US: IBM WebSphere Application Server
CVE-2012-0715 (Cross-site scripting (XSS) vulnerability in the Gantt applet viewer in ...)
NOT-FOR-US: IBM Tivoli Change and Configuration Management Database
CVE-2012-0714
@@ -7460,7 +7460,7 @@
CVE-2012-0678
RESERVED
CVE-2012-0677 (Heap-based buffer overflow in Apple iTunes before 10.6.3 allows remote ...)
- TODO: check
+ NOT-FOR-US: Apple iTunes
CVE-2012-0676 (WebKit in Apple Safari before 5.1.7 does not properly track state ...)
- webkit <unfixed>
NOTE: http://packetstormsecurity.sebug.net/files/download/112596/APPLE-SA-2012-05-09-2.txt
@@ -8444,7 +8444,7 @@
CVE-2012-0305
RESERVED
CVE-2012-0304 (Symantec LiveUpdate Administrator before 2.3.1 uses weak permissions ...)
- TODO: check
+ NOT-FOR-US: Symantec LiveUpdate Administrator
CVE-2012-0303
RESERVED
CVE-2012-0302
@@ -9411,7 +9411,7 @@
CVE-2012-0192 (Multiple integer overflows in vclmi.dll in the visual class library ...)
NOT-FOR-US: IBM Lotus Symphony
CVE-2012-0191 (The web container in IBM Lotus Expeditor 6.1.x and 6.2.x before 6.2 ...)
- TODO: check
+ NOT-FOR-US: IBM Lotus Expeditor
CVE-2012-0190 (Unspecified vulnerability in the Render method in the ExportHTML.ocx ...)
NOT-FOR-US: IBM SPSS Dimensions
CVE-2012-0189 (Multiple unspecified vulnerabilities in the (1) PrintFile and (2) ...)
@@ -9419,9 +9419,9 @@
CVE-2012-0188 (Unspecified vulnerability in the SetLicenseInfoEx method in an ActiveX ...)
NOT-FOR-US: IBM SPSS Dimensions
CVE-2012-0187 (Untrusted search path vulnerability in IBM Lotus Expeditor 6.1.x and ...)
- TODO: check
+ NOT-FOR-US: IBM Lotus Expeditor
CVE-2012-0186 (Directory traversal vulnerability in the Eclipse Help component in IBM ...)
- TODO: check
+ NOT-FOR-US: IBM Lotus Expeditor
CVE-2011-4837 (Cross-site request forgery (CSRF) vulnerability in /ctrl in the web ...)
NOT-FOR-US: HomeSeer
CVE-2011-4836 (Cross-site scripting (XSS) vulnerability in the web interface in ...)
@@ -9496,7 +9496,7 @@
CVE-2012-0174 (Windows Firewall in tcpip.sys in Microsoft Windows Vista SP2, Windows ...)
NOT-FOR-US: Microsoft Windows
CVE-2012-0173 (The Remote Desktop Protocol (RDP) implementation in Microsoft Windows ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2012-0172 (Microsoft Internet Explorer 6 through 8 does not properly handle ...)
NOT-FOR-US: Microsoft Internet Explorer
CVE-2012-0171 (Microsoft Internet Explorer 6 through 9 does not properly handle ...)
@@ -16813,7 +16813,7 @@
CVE-2011-2546 (SQL injection vulnerability in the web-based management interface on ...)
NOT-FOR-US: Cisco SA 500 series appliances management interface
CVE-2011-2545 (Cross-site scripting (XSS) vulnerability in the SIP implementation on ...)
- TODO: check
+ NOT-FOR-US: Cisco SPA
CVE-2011-2544 (Cross-site scripting (XSS) vulnerability in the web interface in Cisco ...)
NOT-FOR-US: Cisco
CVE-2011-2543 (Buffer overflow in the cuil component in Cisco Telepresence System ...)
More information about the Secure-testing-commits
mailing list