[Secure-testing-commits] r18677 - data/CVE
Federico Ceratto
federico-guest at alioth.debian.org
Wed Mar 14 22:45:00 UTC 2012
Author: federico-guest
Date: 2012-03-14 22:45:00 +0000 (Wed, 14 Mar 2012)
New Revision: 18677
Modified:
data/CVE/list
Log:
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-03-14 22:02:13 UTC (rev 18676)
+++ data/CVE/list 2012-03-14 22:45:00 UTC (rev 18677)
@@ -548,7 +548,7 @@
CVE-2012-1392 (Unspecified vulnerability in the Dolphin Browser HD ...)
NOT-FOR-US: Dolphin Browser HD
CVE-2012-1391 (Unspecified vulnerability in the mOffice - Outlook sync ...)
- TODO: check
+ NOT-FOR-US: mOffice - Outlook sync
CVE-2012-1390 (Unspecified vulnerability in the Miso (com.bazaarlabs.miso) ...)
NOT-FOR-US: Miso
CVE-2012-1389 (Unspecified vulnerability in the Di Long Weibo (com.icekirin.weibos) ...)
@@ -556,7 +556,7 @@
CVE-2012-1388 (Unspecified vulnerability in the XiXunTianTian (com.xixun.tiantian) ...)
NOT-FOR-US: XiXunTianTian
CVE-2012-1387 (Unspecified vulnerability in the RealTalk (com.tmsmanager.tms) ...)
- TODO: check
+ NOT-FOR-US: RealTalk
CVE-2012-1386 (Unspecified vulnerability in the YouMail Visual Voicemail Plus ...)
NOT-FOR-US: YouMail Visual Voicemail Plus
CVE-2012-1385 (Unspecified vulnerability in the NetEase WeiboHD (com.netease.wbhd) ...)
@@ -2349,15 +2349,15 @@
CVE-2012-0646 (Format string vulnerability in VPN in Apple iOS before 5.1 allows ...)
TODO: check
CVE-2012-0645 (Siri in Apple iOS before 5.1 does not properly restrict the ability of ...)
- TODO: check
+ NOT-FOR-US: Siri
CVE-2012-0644 (Race condition in the Passcode Lock feature in Apple iOS before 5.1 ...)
- TODO: check
+ NOT-FOR-US: Passcode Lock in Apple iOS
CVE-2012-0643 (The kernel in Apple iOS before 5.1 does not properly handle debug ...)
- TODO: check
+ NOT-FOR-US: kernel in Apple iOS
CVE-2012-0642 (Integer underflow in Apple iOS before 5.1 allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: Apple iOS
CVE-2012-0641 (CFNetwork in Apple iOS before 5.1 does not properly construct request ...)
- TODO: check
+ NOT-FOR-US: Apple iOS
CVE-2012-0640 (WebKit in Apple Safari before 5.1.4 does not properly implement "From ...)
TODO: check
CVE-2012-0639 (WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle ...)
@@ -2990,7 +2990,7 @@
CVE-2012-0398
RESERVED
CVE-2012-0397 (Buffer overflow in EMC RSA SecurID Software Token Converter before ...)
- TODO: check
+ NOT-FOR-US: EMC RSA SecurID Software Token Converter
CVE-2012-0396 (EMC Documentum xPlore 1.0, 1.1 before P07, and 1.2 does not properly ...)
NOT-FOR-US: EMC
CVE-2012-0395 (Buffer overflow in the server in EMC NetWorker 7.5.x and 7.6.x before ...)
@@ -3055,17 +3055,17 @@
CVE-2012-0372
RESERVED
CVE-2012-0371 (Cisco Wireless LAN Controller (WLC) devices with software 4.x, 5.x, ...)
- TODO: check
+ NOT-FOR-US: Cisco Wireless LAN Controller
CVE-2012-0370 (Cisco Wireless LAN Controller (WLC) devices with software 4.x, 5.x, ...)
- TODO: check
+ NOT-FOR-US: Cisco Wireless LAN Controller
CVE-2012-0369 (Cisco Wireless LAN Controller (WLC) devices with software 6.0 and 7.0 ...)
- TODO: check
+ NOT-FOR-US: Cisco Wireless LAN Controller
CVE-2012-0368 (The administrative management interface on Cisco Wireless LAN ...)
- TODO: check
+ NOT-FOR-US: Cisco Wireless LAN Controller
CVE-2012-0367 (Cisco Unity Connection before 7.1.5b(Su5), 8.0 and 8.5 before ...)
- TODO: check
+ NOT-FOR-US: Cisco Unity Connection
CVE-2012-0366 (Cisco Unity Connection before 7.1.3b(Su2) allows remote authenticated ...)
- TODO: check
+ NOT-FOR-US: Cisco Unity Connection
CVE-2012-0365 (Directory traversal vulnerability in the Local TFTP file-upload ...)
TODO: check
CVE-2012-0364 (Cisco SRP 520 series devices with firmware before 1.1.26 and SRP ...)
@@ -3079,7 +3079,7 @@
CVE-2012-0360
RESERVED
CVE-2012-0359 (The Cisco Cius with software before 9.2(1) SR2 allows remote attackers ...)
- TODO: check
+ NOT-FOR-US: Cisco Cius
CVE-2012-0358
RESERVED
CVE-2012-0357
@@ -3135,9 +3135,9 @@
CVE-2012-0332
RESERVED
CVE-2012-0331 (Cisco TelePresence Video Communication Server with software before ...)
- TODO: check
+ NOT-FOR-US: Cisco TelePresence Video Communication Server
CVE-2012-0330 (Cisco TelePresence Video Communication Server with software before ...)
- TODO: check
+ NOT-FOR-US: Cisco TelePresence Video Communication Server
CVE-2012-0329 (Cisco Digital Media Manager 5.2.2 and earlier, and 5.2.3, allows ...)
NOT-FOR-US: Cisco Digital Media Manager
CVE-2012-0328
@@ -3153,9 +3153,9 @@
CVE-2012-0323 (Cross-site scripting (XSS) vulnerability in the Autocomplete plugin ...)
TODO: check
CVE-2012-0322 (The EStrongs ES File Explorer application 1.6.0.2 through 1.6.1.1 for ...)
- TODO: check
+ NOT-FOR-US: EStrongs ES File Explorer
CVE-2012-0321 (Unspecified vulnerability in the device driver in Kingsoft Internet ...)
- TODO: check
+ NOT-FOR-US: Kingsoft Internet Security 2011
CVE-2012-0320 (Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13 ...)
TODO: check
CVE-2012-0319 (The file-management system in Movable Type before 4.38, 5.0x before ...)
@@ -3165,7 +3165,7 @@
CVE-2012-0317 (Multiple cross-site request forgery (CSRF) vulnerabilities in Movable ...)
TODO: check
CVE-2012-0316 (The Cookpad 1.5.16 and earlier and Cookpad Noseru 1.1.1 and earlier ...)
- TODO: check
+ NOT-FOR-US: Cookpad
CVE-2012-0315 (Untrusted search path vulnerability in ALFTP before 5.31 allows local ...)
NOT-FOR-US: ALFTP
CVE-2012-0314 (Multiple cross-site request forgery (CSRF) vulnerabilities on the ...)
@@ -4072,15 +4072,15 @@
CVE-2012-0200 (The server in IBM solidDB 6.5 before Interim Fix 6 does not properly ...)
NOT-FOR-US: IBM solidDB
CVE-2012-0199 (Multiple SQL injection vulnerabilities in IBM Tivoli Provisioning ...)
- TODO: check
+ NOT-FOR-US: IBM Tivoli Provisioning Manager Express
CVE-2012-0198 (Stack-based buffer overflow in the RunAndUploadFile method in the ...)
- TODO: check
+ NOT-FOR-US: IBM Tivoli Provisioning Manager Express
CVE-2012-0197
RESERVED
CVE-2012-0196
RESERVED
CVE-2012-0195 (Cross-site scripting (XSS) vulnerability in the Start Center Layout ...)
- TODO: check
+ NOT-FOR-US: IBM Maximo Asset Management and others
CVE-2012-0194 (The TCP implementation in IBM AIX 5.3, 6.1, and 7.1, when the Large ...)
NOT-FOR-US: AIX
CVE-2012-0193 (IBM WebSphere Application Server (WAS) 6.0 through 6.0.2.43, 6.1 ...)
@@ -4139,11 +4139,11 @@
CVE-2011-4819 (Multiple cross-site scripting (XSS) vulnerabilities in IBM Maximo ...)
TODO: check
CVE-2011-4818 (Open redirect vulnerability in IBM Maximo Asset Management and Asset ...)
- TODO: check
+ NOT-FOR-US: IBM Maximo Asset Management
CVE-2011-4817 (The About option on the Help menu in IBM Maximo Asset Management and ...)
- TODO: check
+ NOT-FOR-US: IBM Maximo Asset Management
CVE-2011-4816 (SQL injection vulnerability in the KPI component in IBM Maximo Asset ...)
- TODO: check
+ NOT-FOR-US: IBM Maximo Asset Management
CVE-2011-4815 (Ruby (aka CRuby) before 1.8.7-p357 computes hash values without ...)
- ruby1.8 <unfixed>
- ruby1.9 <not-affected> (Includes randomisation of the hash function)
@@ -4205,9 +4205,9 @@
CVE-2012-0158
RESERVED
CVE-2012-0157 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2012-0156 (DirectWrite in Microsoft Windows Vista SP2, Windows Server 2008 SP2, ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2012-0155 (Microsoft Internet Explorer 9 does not properly handle objects in ...)
NOT-FOR-US: Microsoft
CVE-2012-0154 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers ...)
@@ -4215,7 +4215,7 @@
CVE-2012-0153
RESERVED
CVE-2012-0152 (The Remote Desktop Protocol (RDP) service in Microsoft Windows Server ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2012-0151
RESERVED
CVE-2012-0150 (Buffer overflow in msvcrt.dll in Microsoft Windows Vista SP2, Windows ...)
@@ -4271,13 +4271,13 @@
CVE-2012-0125
RESERVED
CVE-2012-0124 (Unspecified vulnerability in HP Data Protector Express (aka DPX) ...)
- TODO: check
+ NOT-FOR-US: HP Data Protector Express
CVE-2012-0123 (Unspecified vulnerability in HP Data Protector Express (aka DPX) ...)
- TODO: check
+ NOT-FOR-US: HP Data Protector Express
CVE-2012-0122 (Unspecified vulnerability in HP Data Protector Express (aka DPX) ...)
- TODO: check
+ NOT-FOR-US: HP Data Protector Express
CVE-2012-0121 (Unspecified vulnerability in HP Data Protector Express (aka DPX) ...)
- TODO: check
+ NOT-FOR-US: HP Data Protector Express
CVE-2011-4814 (Multiple cross-site scripting (XSS) vulnerabilities in Dolibarr 3.1.0 ...)
- dolibarr <itp> (bug #634783)
CVE-2011-4813 (Directory traversal vulnerability in clientarea.php in ...)
@@ -5428,9 +5428,9 @@
CVE-2011-4488
RESERVED
CVE-2011-4487 (SQL injection vulnerability in Cisco Unified Communications Manager ...)
- TODO: check
+ NOT-FOR-US: Cisco Unified Communications Manager
CVE-2011-4486 (Cisco Unified Communications Manager (CUCM) with software 6.x and 7.x ...)
- TODO: check
+ NOT-FOR-US: Cisco Unified Communications Manager
CVE-2011-4485
RESERVED
CVE-2011-4484
@@ -5540,7 +5540,7 @@
CVE-2012-0017 (Cross-site scripting (XSS) vulnerability in inplview.aspx in Microsoft ...)
NOT-FOR-US: Microsoft
CVE-2012-0016 (Untrusted search path vulnerability in Microsoft Expression Design; ...)
- TODO: check
+ NOT-FOR-US: Microsoft Expression Design
CVE-2012-0015 (Microsoft .NET Framework 2.0 SP2 and 3.5.1 does not properly calculate ...)
NOT-FOR-US: Microsoft
CVE-2012-0014 (Microsoft .NET Framework 2.0 SP2, 3.5.1, and 4, and Silverlight 4 ...)
@@ -5556,11 +5556,11 @@
CVE-2012-0009 (Untrusted search path vulnerability in the Windows Object Packager ...)
NOT-FOR-US: Microsoft Windows
CVE-2012-0008 (Untrusted search path vulnerability in Microsoft Visual Studio 2008 ...)
- TODO: check
+ NOT-FOR-US: Microsoft Visual Studio 2008
CVE-2012-0007 (The Microsoft Anti-Cross Site Scripting (AntiXSS) Library 3.x and 4.0 ...)
NOT-FOR-US: Microsoft Anti-Cross Site Scripting Library
CVE-2012-0006 (The DNS server in Microsoft Windows Server 2003 SP2 and Server 2008 ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2012-0005 (The Client/Server Run-time Subsystem (aka CSRSS) in the Win32 ...)
NOT-FOR-US: Microsoft Windows
CVE-2012-0004 (Unspecified vulnerability in DirectShow in DirectX in Microsoft ...)
@@ -5568,7 +5568,7 @@
CVE-2012-0003 (Unspecified vulnerability in winmm.dll in Windows Multimedia Library ...)
NOT-FOR-US: Microsoft Windows
CVE-2012-0002 (The Remote Desktop Protocol (RDP) implementation in Microsoft Windows ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2012-0001 (The kernel in Microsoft Windows XP SP2, Windows Server 2003 SP2, ...)
NOT-FOR-US: Microsoft Windows
CVE-2011-4436 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
@@ -6371,7 +6371,7 @@
CVE-2011-4190
RESERVED
CVE-2011-4189 (The client in Novell GroupWise 8.0x through 8.02HP3 allows remote ...)
- TODO: check
+ NOT-FOR-US: Novell GroupWise
CVE-2011-4188
RESERVED
CVE-2011-4187 (Buffer overflow in the GetDriverSettings function in nipplib.dll in ...)
@@ -14726,11 +14726,11 @@
CVE-2011-1397 (Cross-site request forgery (CSRF) vulnerability in the Labor Reporting ...)
TODO: check
CVE-2011-1396 (Cross-site scripting (XSS) vulnerability in IBM Maximo Asset ...)
- TODO: check
+ NOT-FOR-US: IBM Maximo Asset Management
CVE-2011-1395 (Cross-site scripting (XSS) vulnerability in imicon.jsp in IBM Maximo ...)
- TODO: check
+ NOT-FOR-US: IBM Maximo Asset Management
CVE-2011-1394 (IBM Maximo Asset Management and Asset Management Essentials 6.2, 7.1, ...)
- TODO: check
+ NOT-FOR-US: IBM Maximo Asset Management
CVE-2011-1393 (Unspecified vulnerability in the authentication functionality in the ...)
NOT-FOR-US: IBM Lotus Domino
CVE-2011-1392 (The Blueberry FlashBack ActiveX control in BB FlashBack Recorder.dll ...)
@@ -14748,7 +14748,7 @@
CVE-2011-1386 (IBM Tivoli Federated Identity Manager (TFIM) and Tivoli Federated ...)
NOT-FOR-US: IBM Tivoli Federated Identity Manager
CVE-2011-1385 (IBM AIX 5.3, 6.1, and 7.1, and VIOS 2.1.x and 2.2.x, allows remote ...)
- TODO: check
+ NOT-FOR-US: IBM AIX
CVE-2011-1384 (The (1) bin/invscoutClient_VPD_Survey and (2) sbin/invscout_lsvpd ...)
NOT-FOR-US: IBM AIX
CVE-2011-1383
More information about the Secure-testing-commits
mailing list