[Secure-testing-commits] r20188 - data/CVE
Federico Ceratto
federico-guest at alioth.debian.org
Tue Sep 18 11:04:09 UTC 2012
Author: federico-guest
Date: 2012-09-18 11:04:08 +0000 (Tue, 18 Sep 2012)
New Revision: 20188
Modified:
data/CVE/list
Log:
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-09-18 10:48:47 UTC (rev 20187)
+++ data/CVE/list 2012-09-18 11:04:08 UTC (rev 20188)
@@ -5,17 +5,17 @@
- iceweasel <not-affected> (Firefox ESV not use TLS/SSL compression)
TODO: check openssl and chromium
CVE-2012-4928 (Cross-site scripting (XSS) vulnerability in ow_updates/index.php in ...)
- TODO: check
+ NOT-FOR-US: Oxwall 1.1.1
CVE-2012-4927 (SQL injection vulnerability in Limesurvey (a.k.a PHPSurveyor) before ...)
TODO: check
CVE-2012-4926 (approve.php in Img Pals Photo Host 1.0 does not authenticate requests, ...)
- TODO: check
+ NOT-FOR-US: Img Pals Photo Host 1.0
CVE-2012-4925 (Multiple SQL injection vulnerabilities in approve.php in Img Pals ...)
- TODO: check
+ NOT-FOR-US: Img Pals Photo Host 1.0
CVE-2012-4924 (Buffer overflow in the CxDbgPrint function in the ipswcom.dll ActiveX ...)
- TODO: check
+ NOT-FOR-US: ASUS Net4Switch
CVE-2012-4923 (Multiple cross-site scripting (XSS) vulnerabilities in Endian Firewall ...)
- TODO: check
+ NOT-FOR-US: Endian Firewall 2.4
CVE-2012-4922 (The tor_timegm function in common/util.c in Tor before 0.2.2.39, and ...)
{DSA-2548-1}
- tor 0.2.3.22-rc-1
@@ -40,35 +40,35 @@
CVE-2012-4912
RESERVED
CVE-2011-5176 (Multiple cross-site scripting (XSS) vulnerabilities in search.php in ...)
- TODO: check
+ NOT-FOR-US: Banana Dance
CVE-2011-5175 (SQL injection vulnerability in search.php in Banana Dance, possibly ...)
- TODO: check
+ NOT-FOR-US: Banana Dance
CVE-2011-5174 (Buffer overflow in Intel Trusted Execution Technology (TXT) SINIT ...)
- TODO: check
+ NOT-FOR-US: Intel Trusted Execution Technology
CVE-2011-5173 (Buffer overflow in Bugbear Entertainment FlatOut 2005 allows ...)
- TODO: check
+ NOT-FOR-US: Bugbear Entertainment FlatOut 2005
CVE-2011-5172 (Stack-based buffer overflow in StoryBoard Quick 6 Build 3786, and ...)
- TODO: check
+ NOT-FOR-US: StoryBoard Quick 6 Build, StoryBoard Artist and StoryBoard Studio
CVE-2011-5171 (Multiple stack-based buffer overflows in CyberLink Power2Go 7 (build ...)
- TODO: check
+ NOT-FOR-US: CyberLink Power2Go
CVE-2011-5170 (Stack-based buffer overflow in Castillo Bueno Systems CCMPlayer 1.5 ...)
- TODO: check
+ NOT-FOR-US: Castillo Bueno Systems CCMPlayer
CVE-2011-5169 (SQL injection vulnerability in ...)
- TODO: check
+ NOT-FOR-US: SonicWall ViewPoint
CVE-2011-5168 (SQL injection vulnerability in user.php in Banana Dance before B.1.5 ...)
- TODO: check
+ NOT-FOR-US: Banana Dance
CVE-2011-5167 (Heap-based buffer overflow in the SetDevNames method of the Tidestone ...)
- TODO: check
+ NOT-FOR-US: Oracle Hyperion Strategic Finance
CVE-2011-5166 (Multiple stack-based buffer overflows in KnFTP 1.0.0 allow remote ...)
- TODO: check
+ NOT-FOR-US: KnFTP
CVE-2011-5165 (Stack-based buffer overflow in Free MP3 CD Ripper 1.1, 2.6 and ...)
- TODO: check
+ NOT-FOR-US: Free MP3 CD Ripper
CVE-2011-5164 (Stack-based buffer overflow in VanDyke Software AbsoluteFTP 1.9.6 ...)
- TODO: check
+ NOT-FOR-US: VanDyke Software AbsoluteFTP
CVE-2011-5163 (Buffer overflow in an unspecified third-party component in the Batch ...)
- TODO: check
+ NOT-FOR-US: Schneider Electric CitectSCADA
CVE-2011-5162 (Stack-based buffer overflow in GOM Player 2.1.33.5071 allows ...)
- TODO: check
+ NOT-FOR-US: GOM Player
CVE-2012-4911
RESERVED
CVE-2012-4910
@@ -264,7 +264,7 @@
CVE-2012-4818
RESERVED
CVE-2012-4817 (The NFSv4 client implementation in IBM AIX 5.3, 6.1, and 7.1, and VIOS ...)
- TODO: check
+ NOT-FOR-US: IBM AIX, VIOS
CVE-2012-4816
RESERVED
CVE-2012-4815
@@ -1742,7 +1742,7 @@
CVE-2012-4337 (Foxit Reader before 5.3 on Windows XP and Windows 7 allows remote ...)
NOT-FOR-US: Foxit Reader
CVE-2012-4336 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
- TODO: check
+ NOT-FOR-US: Flogr 2.5.6
CVE-2012-4335 (Samsung NET-i viewer 1.37.120316 allows remote attackers to cause a ...)
NOT-FOR-US: Samsung NET-i
CVE-2012-4334 (The ConnectDDNS method in the (1) STWConfigNVR 1.1.13.15 and (2) ...)
@@ -2439,7 +2439,7 @@
CVE-2012-4014
RESERVED
CVE-2012-4013 (The WebView class in the Cybozu KUNAI Browser for Remote Service ...)
- TODO: check
+ NOT-FOR-US: Cybozu KUNAI Browser
CVE-2012-4012 (The WebView class in the Cybozu KUNAI application before 2.0.6 for ...)
NOT-FOR-US: Cybozu KUNAI
CVE-2012-4011 (The Cybozu KUNAI application before 2.0.6 for Android allows remote ...)
@@ -2677,9 +2677,9 @@
CVE-2012-3925
RESERVED
CVE-2012-3924 (The SSLVPN implementation in Cisco IOS 15.1 and 15.2, when DTLS is ...)
- TODO: check
+ NOT-FOR-US: Cisco IOS
CVE-2012-3923 (The SSLVPN implementation in Cisco IOS 12.4, 15.0, 15.1, and 15.2, ...)
- TODO: check
+ NOT-FOR-US: Cisco IOS
CVE-2012-3922
RESERVED
CVE-2012-3921
@@ -2687,7 +2687,7 @@
CVE-2012-3920
RESERVED
CVE-2012-3919 (The Cisco Application Control Engine (ACE) module 3.0 for Cisco ...)
- TODO: check
+ NOT-FOR-US: Cisco Application Control Engine
CVE-2012-3918
RESERVED
CVE-2012-3917
@@ -2695,7 +2695,7 @@
CVE-2012-3916
RESERVED
CVE-2012-3915 (The DMVPN tunnel implementation in Cisco IOS 15.2 allows remote ...)
- TODO: check
+ NOT-FOR-US: Cisco IOS
CVE-2012-3914
RESERVED
CVE-2012-3913
@@ -2709,7 +2709,7 @@
CVE-2012-3909
RESERVED
CVE-2012-3908 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ISE ...)
- TODO: check
+ NOT-FOR-US: Cisco Identity Services Engine
CVE-2012-3907
RESERVED
CVE-2012-3906
@@ -2723,11 +2723,11 @@
CVE-2012-3902
RESERVED
CVE-2012-3901 (The updateTime function in sensorApp on Cisco IPS 4200 series sensors ...)
- TODO: check
+ NOT-FOR-US: Cisco IPS 4200
CVE-2012-3900
RESERVED
CVE-2012-3899 (sensorApp on Cisco IPS 4200 series sensors 6.0, 6.2, and 7.0 does not ...)
- TODO: check
+ NOT-FOR-US: Cisco IPS 4200
CVE-2012-3898
RESERVED
CVE-2012-3897
@@ -2735,11 +2735,11 @@
CVE-2012-3896
RESERVED
CVE-2012-3895 (Cisco IOS 15.0 through 15.3 allows remote authenticated users to cause ...)
- TODO: check
+ NOT-FOR-US: Cisco IOS
CVE-2012-3894
RESERVED
CVE-2012-3893 (The FlexVPN implementation in Cisco IOS 15.2 and 15.3 allows remote ...)
- TODO: check
+ NOT-FOR-US: Cisco IOS
CVE-2012-3892
RESERVED
CVE-2012-3891
@@ -4365,7 +4365,7 @@
CVE-2012-3234 (RealNetworks RealPlayer before 15.0.6.14, RealPlayer SP 1.0 through ...)
NOT-FOR-US: RealNetworks RealPlayer
CVE-2012-3233 (Cross-site scripting (XSS) vulnerability in ...)
- TODO: check
+ NOT-FOR-US: Kayako Fusion 4.40.1148
CVE-2012-3232 (Cross-site scripting (XSS) vulnerability in search.php in web at all 2.0, ...)
NOT-FOR-US: web at all
CVE-2012-3231 (Multiple cross-site request forgery (CSRF) vulnerabilities in web at all ...)
@@ -4644,11 +4644,11 @@
CVE-2012-3097
RESERVED
CVE-2012-3096 (Cisco Unity Connection (UC) 7.1, 8.0, and 8.5 allows remote ...)
- TODO: check
+ NOT-FOR-US: Cisco Unity Connection
CVE-2012-3095
RESERVED
CVE-2012-3094 (The VPN downloader in the download_install component in Cisco ...)
- TODO: check
+ NOT-FOR-US: Cisco AnyConnect Secure Mobility Client
CVE-2012-3093
RESERVED
CVE-2012-3092
@@ -4660,7 +4660,7 @@
CVE-2012-3089
RESERVED
CVE-2012-3088 (Cisco AnyConnect Secure Mobility Client 3.1.x before 3.1.00495, and ...)
- TODO: check
+ NOT-FOR-US: Cisco AnyConnect Secure Mobility Client
CVE-2012-3087
RESERVED
CVE-2012-3086
@@ -4678,7 +4678,7 @@
CVE-2012-3080
RESERVED
CVE-2012-3079 (Cisco IOS 12.2 allows remote attackers to cause a denial of service ...)
- TODO: check
+ NOT-FOR-US: Cisco IOS
CVE-2012-3078
RESERVED
CVE-2012-3077
@@ -4716,7 +4716,7 @@
CVE-2012-3061
RESERVED
CVE-2012-3060 (Cisco Unity Connection (UC) 8.6, 9.0, and 9.5 allows remote attackers ...)
- TODO: check
+ NOT-FOR-US: Cisco Unity Connection
CVE-2012-3059
RESERVED
CVE-2012-3058 (Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ...)
@@ -4732,9 +4732,9 @@
CVE-2012-3053 (Buffer overflow in the Cisco WebEx Advanced Recording Format (ARF) ...)
NOT-FOR-US: Cisco WebEx Player
CVE-2012-3052 (Untrusted search path vulnerability in Cisco VPN Client 5.0 allows ...)
- TODO: check
+ NOT-FOR-US: Cisco VPN Client
CVE-2012-3051 (Cisco NX-OS 5.2 and 6.1 on Nexus 7000 series switches allows remote ...)
- TODO: check
+ NOT-FOR-US: Cisco NX-OS
CVE-2012-3050
RESERVED
CVE-2012-3049
More information about the Secure-testing-commits
mailing list