[Secure-testing-commits] r19230 - data/CVE
Helmut Grohne
helmut-guest at alioth.debian.org
Sat May 12 09:43:14 UTC 2012
Author: helmut-guest
Date: 2012-05-12 09:43:14 +0000 (Sat, 12 May 2012)
New Revision: 19230
Modified:
data/CVE/list
Log:
lots of NFUs (Cisco, Oracle), undetermined glassfish
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-05-12 09:14:54 UTC (rev 19229)
+++ data/CVE/list 2012-05-12 09:43:14 UTC (rev 19230)
@@ -3271,7 +3271,7 @@
CVE-2012-1243 (The TwitRocker2 application before 1.0.23 for Android does not ...)
NOT-FOR-US: Android app
CVE-2012-1242 (Untrusted search path vulnerability in JustSystems Ichitaro 2011 Sou, ...)
- TODO: check
+ NOT-FOR-US: various Ichitaro products
CVE-2012-1241 (GRScript18.dll before 1.2.2.0 in ActiveScriptRuby (ASR) before 1.8.7 ...)
NOT-FOR-US: ActiveScriptRuby
CVE-2012-1240 (Cross-site scripting (XSS) vulnerability in the RECRUIT Dokodemo ...)
@@ -4628,23 +4628,23 @@
CVE-2012-0738
RESERVED
CVE-2012-0737 (Cross-site scripting (XSS) vulnerability in IBM Rational AppScan ...)
- TODO: check
+ NOT-FOR-US: IBM Rational AppScan
CVE-2012-0736 (IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1 does not ...)
- TODO: check
+ NOT-FOR-US: IBM Rational AppScan
CVE-2012-0735 (IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1 does not ...)
- TODO: check
+ NOT-FOR-US: IBM Rational AppScan
CVE-2012-0734 (IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1 does not ...)
- TODO: check
+ NOT-FOR-US: IBM Rational AppScan
CVE-2012-0733 (IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1, when ...)
- TODO: check
+ NOT-FOR-US: IBM Rational AppScan
CVE-2012-0732 (The Enterprise Console client in IBM Rational AppScan Enterprise 5.x ...)
- TODO: check
+ NOT-FOR-US: IBM Rational AppScan
CVE-2012-0731 (IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1 does not ...)
- TODO: check
+ NOT-FOR-US: IBM Rational AppScan
CVE-2012-0730 (Multiple cross-site request forgery (CSRF) vulnerabilities in IBM ...)
- TODO: check
+ NOT-FOR-US: IBM Rational AppScan
CVE-2012-0729 (Unrestricted file upload vulnerability in IBM Rational AppScan ...)
- TODO: check
+ NOT-FOR-US: IBM Rational AppScan
CVE-2012-0728
RESERVED
CVE-2012-0727
@@ -5011,113 +5011,113 @@
CVE-2012-0562 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component ...)
TODO: check
CVE-2012-0561 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
- TODO: check
+ NOT-FOR-US: Oracle PeopleSoft Products
CVE-2012-0560 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
- TODO: check
+ NOT-FOR-US: Oracle PeopleSoft Products
CVE-2012-0559 (Unspecified vulnerability in the PeopleSoft Enterprise SCM component ...)
- TODO: check
+ NOT-FOR-US: Oracle PeopleSoft Products
CVE-2012-0558 (Unspecified vulnerability in the Primavera P6 Enterprise Project ...)
- TODO: check
+ NOT-FOR-US: Oracle Primavera Products Suite
CVE-2012-0557 (Unspecified vulnerability in the Oracle Outside In Technology ...)
- TODO: check
+ NOT-FOR-US: Oracle Fusion Middleware
CVE-2012-0556 (Unspecified vulnerability in the Oracle Outside In Technology ...)
- TODO: check
+ NOT-FOR-US: Oracle Fusion Middleware
CVE-2012-0555 (Unspecified vulnerability in the Oracle Outside In Technology ...)
- TODO: check
+ NOT-FOR-US: Oracle Fusion Middleware
CVE-2012-0554 (Unspecified vulnerability in the Oracle Outside In Technology ...)
- TODO: check
+ NOT-FOR-US: Oracle Fusion Middleware
CVE-2012-0553
RESERVED
CVE-2012-0552 (Unspecified vulnerability in the Oracle Spatial component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle Database Server
CVE-2012-0551 (Unspecified vulnerability in the GlassFish Enterprise Server component ...)
- TODO: check
+ - glassfish <undetermined>
CVE-2012-0550 (Unspecified vulnerability in the GlassFish Enterprise Server component ...)
- TODO: check
+ - glassfish <undetermined>
CVE-2012-0549 (Unspecified vulnerability in the Oracle AutoVue Office component in ...)
- TODO: check
+ NOT-FOR-US: Oracle Supply Chain Products Suite
CVE-2012-0548 (Unspecified vulnerability in Oracle SPARC Enterprise M Series Servers ...)
- TODO: check
+ NOT-FOR-US: Oracle SPARC Enterprise M Series Servers XCP 1110
CVE-2012-0547
RESERVED
CVE-2012-0546 (Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking ...)
- TODO: check
+ NOT-FOR-US: Oracle Financial Services Software
CVE-2012-0545 (Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking ...)
- TODO: check
+ NOT-FOR-US: Oracle Financial Services Software
CVE-2012-0544 (Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking ...)
- TODO: check
+ NOT-FOR-US: Oracle Financial Services Software
CVE-2012-0543 (Unspecified vulnerability in the BI Publisher (formerly XML Publisher) ...)
- TODO: check
+ NOT-FOR-US: Oracle Fusion Middleware
CVE-2012-0542 (Unspecified vulnerability in the Oracle iStore component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle E-Business Suite
CVE-2012-0541 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking ...)
- TODO: check
+ NOT-FOR-US: Oracle Financial Services Software
CVE-2012-0540
RESERVED
CVE-2012-0539 (Unspecified vulnerability in Oracle Sun Solaris 8, 9, and 10 allows ...)
- TODO: check
+ NOT-FOR-US: Oracle Sun Solaris
CVE-2012-0538 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
- TODO: check
+ NOT-FOR-US: Oracle PeopleSoft Products
CVE-2012-0537 (Unspecified vulnerability in the Oracle Application Object Library ...)
- TODO: check
+ NOT-FOR-US: Oracle E-Business Suite
CVE-2012-0536 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component ...)
- TODO: check
+ NOT-FOR-US: Oracle PeopleSoft Products
CVE-2012-0535 (Unspecified vulnerability in the Oracle Application Object Library ...)
- TODO: check
+ NOT-FOR-US: Oracle E-Business Suite
CVE-2012-0534 (Unspecified vulnerability in the RDBMS Core component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle Database Server
CVE-2012-0533 (Unspecified vulnerability in the PeopleSoft Enterprise FCSM component ...)
- TODO: check
+ NOT-FOR-US: Oracle PeopleSoft Products
CVE-2012-0532 (Unspecified vulnerability in the Identity Manager component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle Fusion Middleware
CVE-2012-0531 (Unspecified vulnerability in the PeopleSoft Enterprise Portal ...)
- TODO: check
+ NOT-FOR-US: Oracle PeopleSoft Products
CVE-2012-0530 (Unspecified vulnerability in the PeopleSoft Enterprise SCM component ...)
- TODO: check
+ NOT-FOR-US: Oracle PeopleSoft Products
CVE-2012-0529 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
- TODO: check
+ NOT-FOR-US: Oracle PeopleSoft Products
CVE-2012-0528 (Unspecified vulnerability in the Enterprise Manager Base Platform ...)
- TODO: check
+ NOT-FOR-US: Oracle Database Server
CVE-2012-0527 (Unspecified vulnerability in the Enterprise Manager Base Platform ...)
- TODO: check
+ NOT-FOR-US: Oracle Database Server
CVE-2012-0526 (Unspecified vulnerability in the Enterprise Manager Base Platform ...)
- TODO: check
+ NOT-FOR-US: Oracle Database Server
CVE-2012-0525 (Unspecified vulnerability in the Enterprise Manager Base Platform ...)
- TODO: check
+ NOT-FOR-US: Oracle Database Server
CVE-2012-0524 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
- TODO: check
+ NOT-FOR-US: Oracle PeopleSoft Products
CVE-2012-0523 (Unspecified vulnerability in the Oracle Grid Engine component in ...)
- gridengine <unfixed>
NOTE: http://www.securityfocus.com/bid/53132
NOTE: http://gridscheduler.sourceforge.net/security.html
CVE-2012-0522 (Unspecified vulnerability in the Oracle JDeveloper component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle Fusion Middleware
CVE-2012-0521 (Unspecified vulnerability in the PeopleSoft Enterprise HCM component ...)
- TODO: check
+ NOT-FOR-US: Oracle PeopleSoft Products
CVE-2012-0520 (Unspecified vulnerability in the Enterprise Manager Base Platform ...)
- TODO: check
+ NOT-FOR-US: Oracle Database Server
CVE-2012-0519 (Unspecified vulnerability in the Core RDBMS component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle Database Server
CVE-2012-0518
RESERVED
CVE-2012-0517 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component ...)
- TODO: check
+ NOT-FOR-US: Oracle PeopleSoft Products
CVE-2012-0516 (Unspecified vulnerability in the Oracle iPlanet Web Server component ...)
- TODO: check
+ NOT-FOR-US: Oracle Sun Products Suite
CVE-2012-0515 (Unspecified vulnerability in the Identity Manager Connector component ...)
- TODO: check
+ NOT-FOR-US: Oracle Fusion Middleware
CVE-2012-0514 (Unspecified vulnerability in the PeopleSoft Enterprise CRM component ...)
- TODO: check
+ NOT-FOR-US: Oracle PeopleSoft Products
CVE-2012-0513 (Unspecified vulnerability in the Oracle Application Object Library ...)
- TODO: check
+ NOT-FOR-US: Oracle E-Business Suite
CVE-2012-0512 (Unspecified vulnerability in the Enterprise Manager Base Platform ...)
- TODO: check
+ NOT-FOR-US: Oracle Database Server
CVE-2012-0511 (Unspecified vulnerability in the OCI component in Oracle Database ...)
- TODO: check
+ NOT-FOR-US: Oracle Database Server
CVE-2012-0510 (Unspecified vulnerability in the Core RDBMS component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle Database Server
CVE-2012-0509 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking ...)
- TODO: check
+ NOT-FOR-US: Oracle Financial Services Software
CVE-2012-0508 (Unspecified vulnerability in the JavaFX component in Oracle Java SE ...)
- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
@@ -5633,9 +5633,9 @@
CVE-2012-0363 (The web interface on Cisco SRP 520 series devices with firmware before ...)
NOT-FOR-US: Cisco SRP devices
CVE-2012-0362 (The extended ACL functionality in Cisco IOS 12.2(58)SE2 and 15.0(1)SE ...)
- TODO: check
+ NOT-FOR-US: Cisco IOS
CVE-2012-0361 (The sccp-protocol component in Cisco IP Communicator (CIPC) 7.0 ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2012-0360
RESERVED
CVE-2012-0359 (The Cisco Cius with software before 9.2(1) SR2 allows remote attackers ...)
@@ -5679,19 +5679,19 @@
CVE-2012-0340 (Cross-site scripting (XSS) vulnerability in the management interface ...)
NOT-FOR-US: Cisco IronPort Encryption Appliance
CVE-2012-0339 (Cisco IOS 12.2 through 12.4 and 15.0 does not recognize the vrf-also ...)
- TODO: check
+ NOT-FOR-US: Cisco IOS
CVE-2012-0338 (Cisco IOS 12.2 through 12.4 and 15.0 does not recognize the vrf-also ...)
- TODO: check
+ NOT-FOR-US: Cisco IOS
CVE-2012-0337 (SQL injection vulnerability in the web component in Cisco Unified ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2012-0336
RESERVED
CVE-2012-0335 (Cisco Adaptive Security Appliances (ASA) 5500 series devices with ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2012-0334
RESERVED
CVE-2012-0333 (Cisco Small Business IP phones with SPA 500 series firmware 7.4.9 and ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2012-0332
RESERVED
CVE-2012-0331 (Cisco TelePresence Video Communication Server with software before ...)
@@ -5882,7 +5882,7 @@
CVE-2012-0280
RESERVED
CVE-2012-0279 (Quest Toad for Data Analysts 3.0.1 uses weak permissions (Everyone: ...)
- TODO: check
+ NOT-FOR-US: Quest (quest.com) Toad
CVE-2012-0278 (Heap-based buffer overflow in the FlashPix PlugIn before 4.3.4.0 for ...)
NOT-FOR-US: IrfanView
CVE-2012-0277
@@ -5906,7 +5906,7 @@
NOTE: http://secunia.com/secunia_research/2012-3/
NOTE: http://csound.git.sourceforge.net/git/gitweb.cgi?p=csound/csound5.git;a=commitdiff;h=7d617a9551fb6c552ba16874b71266fcd90f3a6f
CVE-2012-0269 (Buffer overflow in JustSystems Ichitaro 2011 Sou, Ichitaro 2006 ...)
- TODO: check
+ NOT-FOR-US: various Ichitaro products
CVE-2012-0268 (Integer overflow in the CYImage::LoadJPG method in YImage.dll in ...)
NOT-FOR-US: Yahoo! Messenger
CVE-2012-0267 (The StopModule method in the NTR ActiveX control before 2.0.4.8 allows ...)
@@ -8847,7 +8847,7 @@
CVE-2011-4238
RESERVED
CVE-2011-4237 (CRLF injection vulnerability in autologin.jsp in Cisco CiscoWorks ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2011-4236
RESERVED
CVE-2011-4235
@@ -8857,9 +8857,9 @@
CVE-2011-4233
RESERVED
CVE-2011-4232 (The web server in Cisco Unified MeetingPlace 6.1 and 8.5 produces ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2011-4231 (Cisco IOS 15.1 and 15.2 and IOS XE 3.x, when configured as an IPsec ...)
- TODO: check
+ NOT-FOR-US: Cisco IOS
CVE-2011-4230
RESERVED
CVE-2011-4229
@@ -9682,25 +9682,25 @@
- ocsinventory-server 2.0.2-1 (unimportant)
NOTE: Authentication is needed, only supported in trusted environments, see debtags
CVE-2011-4023 (Memory leak in libcmd in Cisco NX-OS 5.0 on Nexus switches allows ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2011-4022 (The sensor in Cisco Intrusion Prevention System (IPS) 7.0 and 7.1 ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2011-4021
RESERVED
CVE-2011-4020
RESERVED
CVE-2011-4019 (Memory leak in Cisco IOS 12.4 and 15.0 through 15.2, and Cisco Unified ...)
- TODO: check
+ NOT-FOR-US: Cisco IOS
CVE-2011-4018
RESERVED
CVE-2011-4017
RESERVED
CVE-2011-4016 (The PPP implementation in Cisco IOS 12.2 and 15.0 through 15.2, when ...)
- TODO: check
+ NOT-FOR-US: Cisco IOS
CVE-2011-4015 (Cisco IOS 15.2S allows remote attackers to cause a denial of service ...)
NOT-FOR-US: Cisco IOS
CVE-2011-4014 (The TAC Case Attachment tool in Cisco Wireless Control System (WCS) ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2011-4013
RESERVED
CVE-2011-4012 (Cisco IOS 12.0, 15.0, and 15.1, when a Policy Feature Card 3C (PFC3C) ...)
@@ -9716,7 +9716,7 @@
CVE-2011-4007 (Cisco IOS 15.0 and 15.1 and IOS XE 3.x do not properly handle the "set ...)
NOT-FOR-US: Cisco IOS
CVE-2011-4006 (The ESMTP inspection feature on Cisco Adaptive Security Appliances ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2011-4005 (Cross-site request forgery (CSRF) vulnerability in the Services Ready ...)
NOT-FOR-US: Cisco SRP
CVE-2011-4004 (Buffer overflow in the ATAS32 processing functionality in the Cisco ...)
@@ -11766,7 +11766,7 @@
CVE-2011-3318 (Cisco Video Surveillance 2421 and 2500 series cameras with software ...)
NOT-FOR-US: Cisco
CVE-2011-3317 (Multiple cross-site scripting (XSS) vulnerabilities in the Solution ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2011-3316
RESERVED
CVE-2011-3315 (Directory traversal vulnerability in Cisco Unified Communications ...)
@@ -11782,7 +11782,7 @@
CVE-2011-3310 (The Home Page component in Cisco CiscoWorks Common Services before 4.1 ...)
NOT-FOR-US: Cisco CiscoWorks
CVE-2011-3309 (Cisco Adaptive Security Appliances (ASA) 5500 series devices with ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2011-3308
RESERVED
CVE-2011-3307
@@ -11814,7 +11814,7 @@
CVE-2011-3294 (Cross-site scripting (XSS) vulnerability in the login page in the ...)
NOT-FOR-US: Cisco TelePresence
CVE-2011-3293 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2011-3292
RESERVED
CVE-2011-3291
@@ -11830,11 +11830,11 @@
CVE-2011-3286
RESERVED
CVE-2011-3285 (CRLF injection vulnerability in /+CSCOE+/logon.html on Cisco Adaptive ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2011-3284
RESERVED
CVE-2011-3283 (Cisco Carrier Routing System 3.9.1 allows remote attackers to cause a ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2011-3282 (Unspecified vulnerability in Cisco IOS 12.2SRE before 12.2(33)SRE4, ...)
NOT-FOR-US: Cisco
CVE-2011-3281 (Unspecified vulnerability in Cisco IOS 15.0 through 15.1, in certain ...)
@@ -14048,7 +14048,7 @@
CVE-2011-2584 (Cisco Show and Share 5(2), 5.2(1), and 5.2(2) before 5.2(2.1) allows ...)
NOT-FOR-US: Cisco Show and Share
CVE-2011-2583 (Cisco Unified Contact Center Express (aka CCX) 8.0 and 8.5 allows ...)
- TODO: check
+ NOT-FOR-US: Cisco CCX
CVE-2011-2582
RESERVED
CVE-2011-2581 (The ACL implementation in Cisco NX-OS 5.0(2) and 5.0(3) before ...)
More information about the Secure-testing-commits
mailing list