[Secure-testing-commits] r20438 - data/CVE
Federico Ceratto
federico-guest at alioth.debian.org
Fri Nov 2 15:29:21 UTC 2012
Author: federico-guest
Date: 2012-11-02 15:29:21 +0000 (Fri, 02 Nov 2012)
New Revision: 20438
Modified:
data/CVE/list
Log:
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-11-02 14:19:27 UTC (rev 20437)
+++ data/CVE/list 2012-11-02 15:29:21 UTC (rev 20438)
@@ -27,7 +27,7 @@
CVE-2012-5693
RESERVED
CVE-2012-5692 (Unspecified vulnerability in admin/sources/base/core.php in Invision ...)
- TODO: check
+ NOT-FOR-US: Invision Power Board
CVE-2012-5691
RESERVED
CVE-2012-5690
@@ -37,7 +37,7 @@
CVE-2012-5688
RESERVED
CVE-2012-5687 (Directory traversal vulnerability in the web-based management feature ...)
- TODO: check
+ NOT-FOR-US: TP-LINK TL-WR841N router
CVE-2012-5686
RESERVED
CVE-2012-5685
@@ -67,23 +67,23 @@
CVE-2012-5673
RESERVED
CVE-2011-5235 (SQL injection vulnerability in mnoGoSearch before 3.3.12 allows remote ...)
- TODO: check
+ NOT-FOR-US: mnoGoSearch
CVE-2011-5234 (SQL injection vulnerability in user.php in Social Network Community 2 ...)
- TODO: check
+ NOT-FOR-US: Social Network Community
CVE-2011-5233 (Heap-based buffer overflow in IrfanView before 4.32 allows remote ...)
- TODO: check
+ NOT-FOR-US: IrfanView
CVE-2011-5232 (Double free vulnerability in the Free_All_Memory function in ...)
- TODO: check
+ NOT-FOR-US: FlashPix PlugIn 4.2.2.0 for IrfanView
CVE-2011-5231
REJECTED
CVE-2011-5230 (Multiple SQL injection vulnerabilities in the selectUserIdByLoginPass ...)
- TODO: check
+ NOT-FOR-US: Seotoaster
CVE-2011-5229 (SQL injection vulnerability in quickstart/profile/index.php in the ...)
- TODO: check
+ NOT-FOR-US: appRain CMF
CVE-2011-5228 (Cross-site scripting (XSS) vulnerability in the Search module ...)
- TODO: check
+ NOT-FOR-US: appRain CMF
CVE-2011-5227 (Stack-based buffer overflow in the Syslog service (nssyslogd.exe) in ...)
- TODO: check
+ NOT-FOR-US: Enterasys Network Management Suite
CVE-2011-5226 (Cross-site request forgery (CSRF) vulnerability in ...)
TODO: check
CVE-2011-5225 (Cross-site scripting (XSS) vulnerability in wordpress_sentinel.php in ...)
@@ -101,7 +101,7 @@
CVE-2011-5219 (Directory traversal vulnerability in examples/show_code.php in mPDF ...)
TODO: check
CVE-2011-5218 (SQL injection vulnerability in DotA OpenStats 1.3.9 and earlier allows ...)
- TODO: check
+ NOT-FOR-US: DotA OpenStats
CVE-2011-5217 (Directory traversal vulnerability in the PXE Mtftp service in Hitachi ...)
TODO: check
CVE-2011-5216 (SQL injection vulnerability in ajax.php in SCORM Cloud For WordPress ...)
@@ -113,7 +113,7 @@
CVE-2011-5213 (Multiple SQL injection vulnerabilities in BrowserCRM 5.100.01 and ...)
TODO: check
CVE-2012-5672 (Microsoft Excel Viewer (aka Xlview.exe) and Excel in Microsoft Office ...)
- TODO: check
+ NOT-FOR-US: Microsoft Office
CVE-2012-5671 (Heap-based buffer overflow in the dkim_exim_query_dns_txt function in ...)
{DSA-2566-1}
- exim4 4.80-5.1 (medium)
@@ -546,13 +546,13 @@
CVE-2012-5457
RESERVED
CVE-2012-5456 (The Zoner AntiVirus Free application for Android does not verify that ...)
- TODO: check
+ NOT-FOR-US: Zoner AntiVirus Free
CVE-2012-5455 (Cross-site scripting (XSS) vulnerability in the language search ...)
TODO: check
CVE-2012-5454 (user/index_inline_editor_submit.php in ATutor AContent 1.2-1 does not ...)
NOT-FOR-US: ATutor AContent
CVE-2012-5453 (SQL injection vulnerability in user/index_inline_editor_submit.php in ...)
- TODO: check
+ NOT-FOR-US: ATutor AContent
CVE-2012-5452 (Multiple cross-site scripting (XSS) vulnerabilities in Subrion CMS ...)
NOT-FOR-US: Subrion CMS
CVE-2011-5212 (SQL injection vulnerability in admin/index.php in Subrion CMS 2.0.4 ...)
@@ -644,7 +644,7 @@
CVE-2012-5410
RESERVED
CVE-2012-5409 (AscoServer.exe in the server in Siemens SiPass integrated MP2.6 and ...)
- TODO: check
+ NOT-FOR-US: Siemens SiPass
CVE-2012-5408
RESERVED
CVE-2012-5407
@@ -686,7 +686,7 @@
CVE-2012-5389
RESERVED
CVE-2012-5388 (Cross-site scripting (XSS) vulnerability in wlcms-plugin.php in the ...)
- TODO: check
+ NOT-FOR-US: White Label CMS
CVE-2012-5387 (Cross-site request forgery (CSRF) vulnerability in wlcms-plugin.php in ...)
TODO: check
CVE-2012-5386 (Directory traversal vulnerability in index.php in phpPaleo 4.8b180 ...)
@@ -1584,9 +1584,9 @@
CVE-2012-4991
RESERVED
CVE-2012-4990 (SQL injection vulnerability in admin/campaign-zone-link.php in OpenX ...)
- TODO: check
+ NOT-FOR-US: OpenX
CVE-2012-4989 (Cross-site scripting (XSS) vulnerability in admin/plugin-index.php in ...)
- TODO: check
+ NOT-FOR-US: OpenX
CVE-2012-4988
RESERVED
CVE-2012-4987
@@ -1706,9 +1706,9 @@
CVE-2012-4941
RESERVED
CVE-2012-4940 (Multiple directory traversal vulnerabilities in the View Log Files ...)
- TODO: check
+ NOT-FOR-US: Axigen Free Mail Server
CVE-2012-4939 (Cross-site scripting (XSS) vulnerability in IPAMSummaryView.aspx in ...)
- TODO: check
+ NOT-FOR-US: SolarWinds Orion Network Performance Monitor
CVE-2012-4938
RESERVED
CVE-2012-4937
@@ -1718,7 +1718,7 @@
CVE-2012-4935
RESERVED
CVE-2012-4934 (TomatoCart 1.1.7, when the PayPal Express Checkout module is enabled ...)
- TODO: check
+ NOT-FOR-US: TomatoCart
CVE-2012-4933 (The rtrlet web application in the Web Console in Novell ZENworks Asset ...)
NOT-FOR-US: Novell ZENworks
CVE-2012-4932
@@ -1985,7 +1985,7 @@
CVE-2012-4827
RESERVED
CVE-2012-4826 (Stack-based buffer overflow in the SQL/PSM (aka SQL Persistent Stored ...)
- TODO: check
+ NOT-FOR-US: IBM DB2
CVE-2012-4825 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
NOT-FOR-US: Lotus Notes
CVE-2012-4824 (Open redirect vulnerability in servlet/traveler in IBM Lotus Notes ...)
@@ -2404,7 +2404,7 @@
- request-tracker3.8 <removed>
- request-tracker4 4.0.7-2
CVE-2012-4729 (Wing FTP Server before 4.1.1 allows remote authenticated users to ...)
- TODO: check
+ NOT-FOR-US: Wing FTP Server
CVE-2012-4728
RESERVED
CVE-2012-4727
@@ -2557,15 +2557,15 @@
CVE-2012-4664
RESERVED
CVE-2012-4663 (The DCERPC inspection engine on Cisco Adaptive Security Appliances ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2012-4662 (The DCERPC inspection engine on Cisco Adaptive Security Appliances ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2012-4661 (Stack-based buffer overflow in the DCERPC inspection engine on Cisco ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2012-4660 (The SIP inspection engine on Cisco Adaptive Security Appliances (ASA) ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2012-4659 (The AAA functionality in the IPv4 SSL VPN implementations on Cisco ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2012-4658
RESERVED
CVE-2012-4657
@@ -2597,7 +2597,7 @@
CVE-2012-4644
RESERVED
CVE-2012-4643 (The DHCP server on Cisco Adaptive Security Appliances (ASA) 5500 ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2012-4642
RESERVED
CVE-2012-4641
@@ -2663,7 +2663,7 @@
CVE-2012-4611
RESERVED
CVE-2012-4610 (EMC Avamar Client for VMware 6.1 stores the cleartext server root ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2012-4609
RESERVED
CVE-2012-4608
@@ -3829,9 +3829,9 @@
NOTE: Since 3.3.0 openoffice.org is a transitional source package
NOTE: https://www.htbridge.com/advisory/HTB23106
CVE-2012-4232 (SQL injection vulnerability in admin/index.php in jCore before 1.0pre2 ...)
- TODO: check
+ NOT-FOR-US: jCore
CVE-2012-4231 (Cross-site scripting (XSS) vulnerability in admin/index.php in jCore ...)
- TODO: check
+ NOT-FOR-US: jCore
CVE-2012-4230
RESERVED
CVE-2012-4229
@@ -4352,7 +4352,7 @@
CVE-2012-4020
RESERVED
CVE-2012-4019 (Cross-site scripting (XSS) vulnerability in tokyo_bbs.cgi in Come on ...)
- TODO: check
+ NOT-FOR-US: Come on Girls Interface (CGI) Tokyo BBS
CVE-2012-4018 (Cross-site scripting (XSS) vulnerability in Final Beta Laboratory ...)
NOT-FOR-US: Final Beta Laboratory MyWebSearch
CVE-2012-4017 (The jigbrowser+ application before 1.5.0 for Android does not properly ...)
@@ -6786,7 +6786,7 @@
CVE-2012-3027
RESERVED
CVE-2012-3026 (rifsrvd.exe in the Remote Interface Service in GE Intelligent ...)
- TODO: check
+ NOT-FOR-US: GE Intelligent Platforms Proficy Real-Time Information Portal
CVE-2012-3025 (The default configuration of Tridium Niagara AX Framework through 3.6 ...)
NOT-FOR-US: Tridium Niagara AX Framework
CVE-2012-3024 (Tridium Niagara AX Framework through 3.6 uses predictable values for ...)
@@ -6796,7 +6796,7 @@
CVE-2012-3022
RESERVED
CVE-2012-3021 (rifsrvd.exe in the Remote Interface Service in GE Intelligent ...)
- TODO: check
+ NOT-FOR-US: GE Intelligent Platforms Proficy Real-Time Information Portal
CVE-2012-3020 (The Siemens Synco OZW Web Server devices OZW672.*, OZW772.*, and ...)
NOT-FOR-US: Siemens Synco OZW Web Server
CVE-2012-3019
@@ -6818,7 +6818,7 @@
CVE-2012-3011 (Directory traversal vulnerability in the web server in Fultek WinTr ...)
NOT-FOR-US: Fultek WinTr Scada web server
CVE-2012-3010 (rifsrvd.exe in the Remote Interface Service in GE Intelligent ...)
- TODO: check
+ NOT-FOR-US: GE Intelligent Platforms Proficy Real-Time Information Portal
CVE-2012-3009 (Siemens COMOS before 9.1 Patch 413, 9.2 before Update 03 Patch 023, ...)
NOT-FOR-US: Siemens COMOS
CVE-2012-3008 (Stack-based buffer overflow in OSIsoft PI OPC DA Interface before ...)
@@ -6836,7 +6836,7 @@
CVE-2012-3002
RESERVED
CVE-2012-3001 (Mutiny Standard before 4.5-1.12 allows remote attackers to execute ...)
- TODO: check
+ NOT-FOR-US: Mutiny Standard
CVE-2012-3000
RESERVED
CVE-2012-2999 (Multiple cross-site request forgery (CSRF) vulnerabilities in the web ...)
@@ -6896,9 +6896,9 @@
CVE-2012-2973
RESERVED
CVE-2012-2972 (The (1) server and (2) agent components in CA ARCserve Backup r12.5, ...)
- TODO: check
+ NOT-FOR-US: CA ARCserve Backup
CVE-2012-2971 (The server in CA ARCserve Backup r12.5, r15, and r16 on Windows does ...)
- TODO: check
+ NOT-FOR-US: CA ARCserve Backup
CVE-2012-2970 (The Synel SY-780/A Time & Attendance terminal allows remote attackers ...)
NOT-FOR-US: Synel terminal
CVE-2012-2969 (Caucho Quercus, as distributed in Resin before 4.0.29, allows remote ...)
@@ -8970,7 +8970,7 @@
CVE-2012-2168 (IBM Rational ClearQuest 7.1.x before 7.1.2.7 and 8.x before 8.0.0.3 ...)
NOT-FOR-US: IBM Rational ClearQuest
CVE-2012-2167 (The IBM XIV Storage System Gen3 before 11.1.0.a allows remote ...)
- TODO: check
+ NOT-FOR-US: IBM XIV Storage System Gen3
CVE-2012-2166
RESERVED
CVE-2012-2165 (IBM Rational ClearQuest 7.1.x before 7.1.2.7 and 8.x before 8.0.0.3, ...)
@@ -9680,7 +9680,7 @@
CVE-2012-1901 (Multiple cross-site request forgery (CSRF) vulnerabilities in FlexCMS ...)
NOT-FOR-US: FlexCMS
CVE-2012-1900 (Cross-site request forgery (CSRF) vulnerability in admin/index.php in ...)
- TODO: check
+ NOT-FOR-US: RazorCMS
CVE-2012-1899 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
NOT-FOR-US: Webfolio CMS
CVE-2012-1898 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
More information about the Secure-testing-commits
mailing list