[Secure-testing-commits] r20101 - data/CVE

Federico Ceratto federico-guest at alioth.debian.org
Wed Sep 5 18:22:54 UTC 2012 

Author: federico-guest
Date: 2012-09-05 18:22:54 +0000 (Wed, 05 Sep 2012)
New Revision: 20101

Modified:
   data/CVE/list
Log:
NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-09-05 17:57:24 UTC (rev 20100)
+++ data/CVE/list	2012-09-05 18:22:54 UTC (rev 20101)
@@ -1,13 +1,13 @@
 CVE-2011-3090 (Race condition in Google Chrome before 19.0.1084.46 allows remote ...)
 	TODO: check
 CVE-2012-4746 (Cross-site request forgery (CSRF) vulnerability in accessaccount.cgi ...)
-	TODO: check
+	NOT-FOR-US: ZTE ZXDSL
 CVE-2012-4745 (Cross-site scripting (XSS) vulnerability in admin/login.asp in Acuity ...)
-	TODO: check
+	NOT-FOR-US: Acuity CMS
 CVE-2012-4744 (Cross-site scripting (XSS) vulnerability in ssearch.php in the Siche ...)
-	TODO: check
+	NOT-FOR-US: Zeroboard
 CVE-2012-4743 (Multiple SQL injection vulnerabilities in ssearch.php in Siche search ...)
-	TODO: check
+	NOT-FOR-US: Zeroboard
 CVE-2012-4742 (The web_node_register function in web.pm in PacketFence before 3.0.2 ...)
 	TODO: check
 CVE-2012-4741 (The RADIUS extension in PacketFence before 3.3.0 uses a different user ...)
@@ -15,13 +15,13 @@
 CVE-2012-4740 (Cross-site scripting (XSS) vulnerability in the captive portal in ...)
 	TODO: check
 CVE-2012-4739 (Multiple cross-site scripting (XSS) vulnerabilities in Barracuda SSL ...)
-	TODO: check
+	NOT-FOR-US: Barracuda SSL VPN
 CVE-2012-4738
 	RESERVED
 CVE-2011-5150 (Multiple cross-site scripting (XSS) vulnerabilities in SpamTitan 5.07 ...)
-	TODO: check
+	NOT-FOR-US: SpamTitan 5.07
 CVE-2011-5149 (Multiple cross-site scripting (XSS) vulnerabilities in SpamTitan 5.08 ...)
-	TODO: check
+	NOT-FOR-US: SpamTitan 5.08
 CVE-2011-5148 (Multiple incomplete blacklist vulnerabilities in the Simple File ...)
 	TODO: check
 CVE-2011-5147 (Static code injection vulnerability in ajax_save_name.php in the Ajax ...)
@@ -39,15 +39,15 @@
 CVE-2011-5140 (Multiple SQL injection vulnerabilities in the blog module 1.0 for ...)
 	TODO: check
 CVE-2011-5139 (SQL injection vulnerability in page.php in Pre Studio Business Cards ...)
-	TODO: check
+	NOT-FOR-US: Pre Studio Business Cards Designer
 CVE-2011-5138 (Cross-site scripting (XSS) vulnerability in member.php in tForum ...)
 	TODO: check
 CVE-2011-5137 (Multiple SQL injection vulnerabilities in tForum b0.915 allow remote ...)
 	TODO: check
 CVE-2010-5194 (Stack-based buffer overflow in the Image2PDF function in the ...)
-	TODO: check
+	NOT-FOR-US: Viscom Image Viewer CP Pro
 CVE-2010-5193 (Stack-based buffer overflow in the TIFMergeMultiFiles function in the ...)
-	TODO: check
+	NOT-FOR-US: Viscom Image Viewer CP Pro
 CVE-2012-4736 (The Device Encryption Client component in Sophos SafeGuard Enterprise ...)
 	NOT-FOR-US: Sophos SafeGuard Enterprise
 CVE-2012-4735
@@ -1461,9 +1461,9 @@
 CVE-2012-4172
 	RESERVED
 CVE-2012-4171 (Adobe Flash Player before 10.3.183.23 and 11.x before 11.4.402.265 on ...)
-	TODO: check
+	NOT-FOR-US: Adobe Flash Player
 CVE-2012-4170 (Buffer overflow in Adobe Photoshop CS6 13.x before 13.0.1 allows ...)
-	TODO: check
+	NOT-FOR-US: Adobe Photoshop CS6
 CVE-2012-4169
 	RESERVED
 CVE-2012-4168 (Adobe Flash Player before 10.3.183.23 and 11.x before 11.4.402.265 on ...)
@@ -1816,7 +1816,7 @@
 CVE-2012-4009 (The WebView class in the Cybozu Live application 1.0.4 and earlier for ...)
 	TODO: check
 CVE-2012-4008 (The Cybozu Live application 1.0.4 and earlier for Android allows ...)
-	TODO: check
+	NOT-FOR-US: Cybozu Live
 CVE-2012-4007 (The mixi application before 4.3.0 for Android allows remote attackers ...)
 	NOT-FOR-US: mixi application for Android
 CVE-2012-4006 (The GREE application before 1.4.0, GREE Tanken Dorirando application ...)
@@ -2755,7 +2755,7 @@
 CVE-2012-3583
 	RESERVED
 CVE-2012-3582 (Symantec PGP Universal Server 3.2.x before 3.2.1 MP2 does not properly ...)
-	TODO: check
+	NOT-FOR-US: Symantec PGP Universal Server
 CVE-2012-3581 (Symantec Messaging Gateway before 10.0 allows remote attackers to ...)
 	NOT-FOR-US: Symantec Messaging Gateway
 CVE-2012-3580 (Symantec Messaging Gateway before 10.0 allows remote authenticated ...)
@@ -4165,7 +4165,7 @@
 CVE-2012-3015 (Untrusted search path vulnerability in Siemens SIMATIC STEP7 before ...)
 	NOT-FOR-US: Siemens SIMATIC
 CVE-2012-3014 (The Management Software application in GarrettCom Magnum MNS-6K before ...)
-	TODO: check
+	NOT-FOR-US: GarrettCom Magnum MNS-6K
 CVE-2012-3013
 	RESERVED
 CVE-2012-3012
@@ -5989,7 +5989,7 @@
 CVE-2012-2289 (EMC ApplicationXtender Desktop before 6.5 SP2 and ApplicationXtender ...)
 	NOT-FOR-US: EMC
 CVE-2012-2288 (Format string vulnerability in the nsrd RPC service in EMC NetWorker ...)
-	TODO: check
+	NOT-FOR-US: EMC NetWorker
 CVE-2012-2287
 	RESERVED
 CVE-2012-2286
@@ -11066,7 +11066,7 @@
 CVE-2012-0276 (Multiple heap-based buffer overflows in XnView before 1.99 allow ...)
 	NOT-FOR-US: XnView
 CVE-2012-0275 (Heap-based buffer overflow in Photoshop.exe in Adobe Photoshop CS5 ...)
-	TODO: check
+	NOT-FOR-US: Adobe Photoshop CS5
 CVE-2012-0274
 	RESERVED
 CVE-2012-0273

More information about the Secure-testing-commits mailing list