[Secure-testing-commits] r19396 - data/CVE
Federico Ceratto
federico-guest at alioth.debian.org
Thu May 31 21:26:09 UTC 2012
Author: federico-guest
Date: 2012-05-31 21:26:09 +0000 (Thu, 31 May 2012)
New Revision: 19396
Modified:
data/CVE/list
Log:
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-05-31 21:14:26 UTC (rev 19395)
+++ data/CVE/list 2012-05-31 21:26:09 UTC (rev 19396)
@@ -301,11 +301,11 @@
CVE-2012-2952 (SQL injection vulnerability in add_ons.php in Jaow 2.4.5 and earlier ...)
TODO: check
CVE-2012-2951 (SQL injection vulnerability in plog-rss.php in Plogger allows remote ...)
- TODO: check
+ NOT-FOR-US: Plogger
CVE-2012-2950
RESERVED
CVE-2012-2949 (The ZTE sync_agent program for Android 2.3.4 on the Score M device ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2012-2948 [asterisk: AST-2012-008 remote crash issue in chan_skinny]
RESERVED
- asterisk <unfixed> (bug #675210)
@@ -366,15 +366,15 @@
CVE-2012-2928 (The Gliffy plugin before 3.7.1 for Atlassian JIRA, and before 4.2 for ...)
NOT-FOR-US: JIRA plugin
CVE-2012-2927 (The TM Software Tempo plugin before 6.4.3.1, 6.5.x before 6.5.0.2, and ...)
- TODO: check
+ NOT-FOR-US: Atlassian JIRA
CVE-2012-2926 (Atlassian JIRA before 5.0.1; Confluence before 3.5.16, 4.0 before ...)
NOT-FOR-US: Atlassian JIRA
CVE-2012-2925 (SQL injection vulnerability in engine.php in Simple PHP Agenda 2.2.8 ...)
NOT-FOR-US: Simple PHP Agenda
CVE-2012-2924 (PHP remote file inclusion vulnerability in admin/setup.inc.php in ...)
- TODO: check
+ NOT-FOR-US: Hypermethod eLearning Server 4G
CVE-2012-2923 (SQL injection vulnerability in news.php4 in Hypermethod eLearning ...)
- TODO: check
+ NOT-FOR-US: Hypermethod eLearning Server 4G
CVE-2012-2922 (The request_path function in includes/bootstrap.inc in Drupal 7.14 and ...)
- drupal7 <unfixed> (unimportant)
NOTE: Path disclosure irrelevant for Debian
@@ -383,33 +383,33 @@
CVE-2012-2920 (Cross-site scripting (XSS) vulnerability in the userphoto_options_page ...)
TODO: check
CVE-2012-2919 (Directory traversal vulnerability in Upload/engine.php in Chevereto ...)
- TODO: check
+ NOT-FOR-US: Chevereto
CVE-2012-2918 (Cross-site scripting (XSS) vulnerability in Upload/engine.php in ...)
- TODO: check
+ NOT-FOR-US: Chevereto
CVE-2012-2917 (Cross-site scripting (XSS) vulnerability in the Share and Follow ...)
TODO: check
CVE-2012-2916 (Cross-site scripting (XSS) vulnerability in sabre_class_admin.php in ...)
TODO: check
CVE-2012-2915 (Stack-based buffer overflow in Lattice Semiconductor PAC-Designer ...)
- TODO: check
+ NOT-FOR-US: Lattice Semiconductor PAC-Designer
CVE-2012-2914 (Cross-site scripting (XSS) vulnerability in captchademo.php in ...)
- TODO: check
+ NOT-FOR-US: Unijimpe Captcha
CVE-2012-2913 (Multiple cross-site scripting (XSS) vulnerabilities in the Leaflet ...)
TODO: check
CVE-2012-2912 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
TODO: check
CVE-2012-2911 (Cross-site scripting (XSS) vulnerability in backupDB.php in ...)
- TODO: check
+ NOT-FOR-US: SiliSoftware backupDB
CVE-2012-2910 (Multiple cross-site scripting (XSS) vulnerabilities in SiliSoftware ...)
- TODO: check
+ NOT-FOR-US: SiliSoftware phpThumb
CVE-2012-2909 (Multiple cross-site scripting (XSS) vulnerabilities in Viscacha ...)
- TODO: check
+ NOT-FOR-US: Viscacha
CVE-2012-2908 (Multiple SQL injection vulnerabilities in admin/bbcodes.php in ...)
- TODO: check
+ NOT-FOR-US: Viscacha
CVE-2012-2907 (Cross-site scripting (XSS) vulnerability in the aberdeen_breadcrumb ...)
TODO: check
CVE-2012-2906 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
- TODO: check
+ NOT-FOR-US: Artiphp CMS 5.5.0 Neo
CVE-2012-2905 (Artiphp CMS 5.5.0 Neo (r422) stores database backups with predictable ...)
NOT-FOR-US: Artiphp CMS
CVE-2012-2904 (player.swf in LongTail JW Player 5.9 allows remote attackers to ...)
@@ -1104,7 +1104,7 @@
CVE-2012-2569
RESERVED
CVE-2012-2568 (d41d8cd98f00b204e9800998ecf8427e.php in the management web server on ...)
- TODO: check
+ NOT-FOR-US: Seagate BlackArmor
CVE-2012-2567 (The Xelex MobileTrack application 2.3.7 and earlier for Android uses ...)
NOT-FOR-US: Xelex MobileTrack application
CVE-2012-2566
@@ -1264,7 +1264,7 @@
CVE-2012-2489
RESERVED
CVE-2012-2488 (Cisco IOS XR before 4.2.1 on ASR 9000 series devices and CRS series ...)
- TODO: check
+ NOT-FOR-US: Cisco IOS
CVE-2012-2487
RESERVED
CVE-2012-2486
@@ -1417,7 +1417,7 @@
CVE-2012-2412
RESERVED
CVE-2012-2411 (Buffer overflow in RealNetworks RealPlayer before 15.0.4.53, and ...)
- TODO: check
+ NOT-FOR-US: RealNetworks RealPlayer
CVE-2012-2410
RESERVED
CVE-2012-2409
@@ -1977,7 +1977,7 @@
CVE-2012-2272
RESERVED
CVE-2012-2271 (Buffer overflow in the InitLicenKeys function in a certain ActiveX ...)
- TODO: check
+ NOT-FOR-US: SkinCrafter
CVE-2012-2270 (Open redirect vulnerability in index.php (aka the Login Page) in ...)
- owncloud 4.0.0debian-1
CVE-2012-2269 (Multiple cross-site scripting (XSS) vulnerabilities in ownCloud 3.0.0 ...)
@@ -2057,7 +2057,7 @@
CVE-2012-2236 (SQL injection vulnerability in users.php in PHP Gift Registry 1.5.5 ...)
NOT-FOR-US: PHP Gift Registry
CVE-2012-2235 (Cross-site scripting (XSS) vulnerability in Support Incident Tracker ...)
- TODO: check
+ NOT-FOR-US: Support Incident Tracker
CVE-2012-2234 (Cross-site scripting (XSS) vulnerability in sources/users.queries.php ...)
NOT-FOR-US: TeamPass.net
CVE-2012-2233
@@ -2188,7 +2188,7 @@
CVE-2012-2177
RESERVED
CVE-2012-2176 (Multiple stack-based buffer overflows in a certain ActiveX control in ...)
- TODO: check
+ NOT-FOR-US: IBM Lotus Quickr
CVE-2012-2175
RESERVED
CVE-2012-2174
@@ -2584,7 +2584,7 @@
CVE-2012-2043
RESERVED
CVE-2012-2042 (Adobe Illustrator before CS6 allows attackers to execute arbitrary ...)
- TODO: check
+ NOT-FOR-US: Adobe Illustrator
CVE-2012-2041
RESERVED
CVE-2012-2040
@@ -2688,7 +2688,7 @@
CVE-2012-1991
RESERVED
CVE-2012-1990 (Multiple cross-site scripting (XSS) vulnerabilities in Schneider ...)
- TODO: check
+ NOT-FOR-US: Schneider Electric Kerweb
CVE-2012-1989
RESERVED
- puppet 2.7.13-1
@@ -3043,7 +3043,7 @@
CVE-2012-1825
RESERVED
CVE-2012-1824 (Untrusted search path vulnerability in Measuresoft ScadaPro Client ...)
- TODO: check
+ NOT-FOR-US: Measuresoft ScadaPro
CVE-2012-1823 (sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when ...)
{DSA-2465-1}
- php5 5.4.3-1
@@ -3052,7 +3052,7 @@
CVE-2012-1822
RESERVED
CVE-2012-1821 (The Network Threat Protection module in the Manager component in ...)
- TODO: check
+ NOT-FOR-US: Symantec Endpoint Protection on Windows Server 2003
CVE-2012-1820
RESERVED
CVE-2012-1819 (Untrusted search path vulnerability in WellinTech KingView 6.53 allows ...)
@@ -4328,7 +4328,7 @@
CVE-2012-1250
RESERVED
CVE-2012-1249 (The iLunascape application 1.0.4.0 and earlier for Android does not ...)
- TODO: check
+ NOT-FOR-US: iLunascape
CVE-2012-1248 (app/config/core.php in baserCMS 1.6.15 and earlier does not properly ...)
TODO: check
CVE-2012-1247 (Cross-site scripting (XSS) vulnerability in KENT-WEB WEB MART 1.7 and ...)
@@ -6833,17 +6833,17 @@
CVE-2012-0300
RESERVED
CVE-2012-0299 (The file-management scripts in the management GUI in Symantec Web ...)
- TODO: check
+ NOT-FOR-US: Symantec Web Gateway
CVE-2012-0298 (The file-management scripts in the management GUI in Symantec Web ...)
- TODO: check
+ NOT-FOR-US: Symantec Web Gateway
CVE-2012-0297 (The management GUI in Symantec Web Gateway 5.0.x before 5.0.3 does not ...)
- TODO: check
+ NOT-FOR-US: Symantec Web Gateway
CVE-2012-0296 (Multiple cross-site scripting (XSS) vulnerabilities in the management ...)
- TODO: check
+ NOT-FOR-US: Symantec Web Gateway
CVE-2012-0295 (The Manager service in the management console in Symantec Endpoint ...)
- TODO: check
+ NOT-FOR-US: Symantec Endpoint Protection
CVE-2012-0294 (Directory traversal vulnerability in the Manager service in the ...)
- TODO: check
+ NOT-FOR-US: Symantec Endpoint Protection
CVE-2012-0293 (Multiple SQL injection vulnerabilities in Symantec Altiris WISE ...)
NOT-FOR-US: Symantec Altiris WISE Package Studio
CVE-2012-0292 (The awhost32 service in Symantec pcAnywhere through 12.5.3, Altiris IT ...)
@@ -6853,7 +6853,7 @@
CVE-2012-0290 (Symantec pcAnywhere through 12.5.3, Altiris IT Management Suite ...)
NOT-FOR-US: Symantec pcAnywhere
CVE-2012-0289 (Buffer overflow in Symantec Endpoint Protection (SEP) 11.0.600x ...)
- TODO: check
+ NOT-FOR-US: Symantec Network Access Control
CVE-2011-5052 (Stack-based buffer overflow in CoCSoft Stream Down 6.8.0 allows remote ...)
NOT-FOR-US: CoCSoft Stream Down
CVE-2011-5051 (Multiple unrestricted file upload vulnerabilities in the WP Symposium ...)
More information about the Secure-testing-commits
mailing list