[Secure-testing-commits] r20214 - data/CVE
Federico Ceratto
federico-guest at alioth.debian.org
Sat Sep 22 12:21:06 UTC 2012
Author: federico-guest
Date: 2012-09-22 12:21:06 +0000 (Sat, 22 Sep 2012)
New Revision: 20214
Modified:
data/CVE/list
Log:
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-09-22 11:51:38 UTC (rev 20213)
+++ data/CVE/list 2012-09-22 12:21:06 UTC (rev 20214)
@@ -1,35 +1,35 @@
CVE-2012-5007 (The Fill PDF module 7.x-1.x before 7.x-1.2 for Drupal allows remote ...)
TODO: check
CVE-2012-5006 (Heap-based buffer overflow in npdjvu.dll in Caminova DjVu Browser ...)
- TODO: check
+ NOT-FOR-US: Caminova DjVu Browser
CVE-2012-5005 (Cross-site request forgery (CSRF) vulnerability in ...)
- TODO: check
+ NOT-FOR-US: VR GPub
CVE-2012-5004 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
- TODO: check
+ NOT-FOR-US: Parallels H-Sphere
CVE-2012-5003 (nxapplet.jar in No Machine NX Web Companion 3.x and earlier does not ...)
TODO: check
CVE-2012-5002 (Stack-based buffer overflow in SR10 FTP server (SR10.exe) 1.1.0.6 in ...)
TODO: check
CVE-2012-5001 (Multiple unspecified vulnerabilities in Hitachi JP1/Cm2/Network Node ...)
- TODO: check
+ NOT-FOR-US: Hitachi JP1/Cm2/Network Node Manager
CVE-2012-5000 (SQL injection vulnerability in jokes/index.php in the Witze addon 0.9 ...)
- TODO: check
+ NOT-FOR-US: deV!L'z Clanportal
CVE-2012-4999 (Mercury MR804 Router 8.0 3.8.1 Build 101220 Rel.53006nB allows remote ...)
- TODO: check
+ NOT-FOR-US: Mercury MR804 Router
CVE-2012-4998 (Cross-site scripting (XSS) vulnerability in index.php in starCMS ...)
- TODO: check
+ NOT-FOR-US: starCMS
CVE-2012-4997 (Directory traversal vulnerability in acp/index.php in AneCMS allows ...)
- TODO: check
+ NOT-FOR-US: AneCMS
CVE-2012-4996 (Multiple SQL injection vulnerabilities in RivetTracker 1.03 and ...)
- TODO: check
+ NOT-FOR-US: RivetTracker
CVE-2012-4995 (Cross-site scripting (XSS) vulnerability in ...)
- TODO: check
+ NOT-FOR-US: LimeSurvey
CVE-2012-4994 (SQL injection vulnerability in admin/admin.php in LimeSurvey before ...)
- TODO: check
+ NOT-FOR-US: LimeSurvey
CVE-2012-4993 (torrent_functions.php in RivetTracker 1.03 and earlier does not ...)
- TODO: check
+ NOT-FOR-US: RivetTracker
CVE-2012-4992 (Multiple buffer overflows in FlashFXP.exe in FlashFXP 4.2 allow remote ...)
- TODO: check
+ NOT-FOR-US: FlashFXP
CVE-2012-4991
RESERVED
CVE-2012-4990
@@ -75,7 +75,7 @@
CVE-2012-4970
RESERVED
CVE-2011-5190 (Multiple cross-site scripting (XSS) vulnerabilities in Social Book ...)
- TODO: check
+ NOT-FOR-US: Social Book Facebook Clone 2010
CVE-2011-5189 (Cross-site scripting (XSS) vulnerability in the Webform Validation ...)
TODO: check
CVE-2011-5187 (Cross-site scripting (XSS) vulnerability in the Support Ticketing ...)
@@ -83,9 +83,9 @@
CVE-2011-5186 (Cross-site scripting (XSS) vulnerability in jbshop.php in the jbShop ...)
TODO: check
CVE-2011-5185 (Cross-site scripting (XSS) vulnerability in video_comments.php in ...)
- TODO: check
+ NOT-FOR-US: Online Subtitles Workshop
CVE-2011-5184 (Multiple cross-site scripting (XSS) vulnerabilities in HP Network Node ...)
- TODO: check
+ NOT-FOR-US: HP Network Node Manager
CVE-2011-5182 (** DISPUTED ** ...)
TODO: check
CVE-2011-5181 (Cross-site scripting (XSS) vulnerability in clickdesk.php in ClickDesk ...)
@@ -93,9 +93,9 @@
CVE-2011-5180 (Cross-site scripting (XSS) vulnerability in wp-1pluginjquery.php in ...)
TODO: check
CVE-2011-5179 (Cross-site scripting (XSS) vulnerability in skysa-official/skysa.php ...)
- TODO: check
+ NOT-FOR-US: Skysa App Bar
CVE-2011-5177 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
- TODO: check
+ NOT-FOR-US: eSyndiCat Pro
CVE-2012-4969 (Use-after-free vulnerability in the CMshtmlEd::Exec function in ...)
NOT-FOR-US: Internet Explorer
CVE-2012-4968 (Multiple cross-site scripting (XSS) vulnerabilities in SilverStripe ...)
@@ -3266,65 +3266,65 @@
CVE-2012-3746 (UIWebView in UIKit in Apple iOS before 6 does not properly use the ...)
TODO: check
CVE-2012-3745 (Off-by-one error in Telephony in Apple iOS before 6 allows remote ...)
- TODO: check
+ NOT-FOR-US: Telephony in Apple iOS
CVE-2012-3744 (Telephony in Apple iOS before 6 uses an SMS message's return address ...)
- TODO: check
+ NOT-FOR-US: Telephony in Apple iOS
CVE-2012-3743 (The System Logs implementation in Apple iOS before 6 does not restrict ...)
- TODO: check
+ NOT-FOR-US: Apple iOS
CVE-2012-3742 (Safari in Apple iOS before 6 does not properly restrict use of an ...)
TODO: check
CVE-2012-3741 (The Restrictions (aka Parental Controls) implementation in Apple iOS ...)
- TODO: check
+ NOT-FOR-US: Apple iOS
CVE-2012-3740 (The Passcode Lock implementation in Apple iOS before 6 does not ...)
- TODO: check
+ NOT-FOR-US: Apple iOS
CVE-2012-3739 (The Passcode Lock implementation in Apple iOS before 6 allows ...)
- TODO: check
+ NOT-FOR-US: Apple iOS
CVE-2012-3738 (The Emergency Dialer screen in the Passcode Lock implementation in ...)
- TODO: check
+ NOT-FOR-US: Apple iOS
CVE-2012-3737 (The Passcode Lock implementation in Apple iOS before 6 does not ...)
TODO: check
CVE-2012-3736 (The Passcode Lock implementation in Apple iOS before 6 allows ...)
- TODO: check
+ NOT-FOR-US: Apple iOS
CVE-2012-3735 (The Passcode Lock implementation in Apple iOS before 6 does not ...)
- TODO: check
+ NOT-FOR-US: Apple iOS
CVE-2012-3734 (Office Viewer in Apple iOS before 6 writes cleartext document data to ...)
- TODO: check
+ NOT-FOR-US: Apple iOS
CVE-2012-3733 (Messages in Apple iOS before 6, when multiple iMessage e-mail ...)
- TODO: check
+ NOT-FOR-US: Apple iOS
CVE-2012-3732 (Mail in Apple iOS before 6 uses an S/MIME message's From address as ...)
- TODO: check
+ NOT-FOR-US: Apple iOS
CVE-2012-3731 (Mail in Apple iOS before 6 does not properly implement the Data ...)
- TODO: check
+ NOT-FOR-US: Apple iOS
CVE-2012-3730 (Mail in Apple iOS before 6 does not properly handle reuse of ...)
- TODO: check
+ NOT-FOR-US: Apple iOS
CVE-2012-3729 (The Berkeley Packet Filter (BPF) interpreter implementation in the ...)
- TODO: check
+ NOT-FOR-US: Apple iOS
CVE-2012-3728 (The kernel in Apple iOS before 6 dereferences invalid pointers during ...)
- TODO: check
+ NOT-FOR-US: Apple iOS
CVE-2012-3727 (Buffer overflow in the IPsec component in Apple iOS before 6 allows ...)
- TODO: check
+ NOT-FOR-US: Apple iOS
CVE-2012-3726 (Double free vulnerability in ImageIO in Apple iOS before 6 allows ...)
- TODO: check
+ NOT-FOR-US: Apple iOS
CVE-2012-3725 (The DNAv4 protocol implementation in the DHCP component in Apple iOS ...)
- TODO: check
+ NOT-FOR-US: Apple iOS
CVE-2012-3724 (CFNetwork in Apple iOS before 6 does not properly identify the host ...)
- TODO: check
+ NOT-FOR-US: Apple iOS
CVE-2012-3723 (Apple Mac OS X before 10.7.5 does not properly handle the bNbrPorts ...)
- TODO: check
+ NOT-FOR-US: Apple Mac OS X
CVE-2012-3722 (The Sorenson codec in QuickTime in Apple Mac OS X before 10.7.5, and ...)
- TODO: check
+ NOT-FOR-US: QuickTime in Apple Mac OS X
CVE-2012-3721 (Profile Manager in Apple Mac OS X before 10.7.5 does not properly ...)
- TODO: check
+ NOT-FOR-US: Apple Mac OS X
CVE-2012-3720 (Mobile Accounts in Apple Mac OS X before 10.7.5 and 10.8.x before ...)
- TODO: check
+ NOT-FOR-US: Apple Mac OS X
CVE-2012-3719 (Mail in Apple Mac OS X before 10.7.5 does not properly handle embedded ...)
- TODO: check
+ NOT-FOR-US: Apple Mac OS X
CVE-2012-3718 (Apple Mac OS X before 10.7.5 and 10.8.x before 10.8.2 allows local ...)
- TODO: check
+ NOT-FOR-US: Apple Mac OS X
CVE-2012-3717
RESERVED
CVE-2012-3716 (CoreText in Apple Mac OS X 10.7.x before 10.7.5 allows remote ...)
- TODO: check
+ NOT-FOR-US: Apple Mac OS X
CVE-2012-3715 (Apple Safari before 6.0.1 makes http requests for https URIs in ...)
TODO: check
CVE-2012-3714 (The Form Autofill feature in Apple Safari before 6.0.1 does not ...)
@@ -4521,7 +4521,7 @@
CVE-2012-3259
RESERVED
CVE-2012-3258 (Unspecified vulnerability in HP Operations Orchestration 9.0 before ...)
- TODO: check
+ NOT-FOR-US: HP Operations Orchestration
CVE-2012-3257 (HP Business Availability Center (BAC) 8.07 allows remote authenticated ...)
NOT-FOR-US: HP Business Availability Center
CVE-2012-3256 (Cross-site request forgery (CSRF) vulnerability in HP Business ...)
@@ -5061,7 +5061,7 @@
CVE-2012-2992
RESERVED
CVE-2012-2991 (The PayPal (aka MODULE_PAYMENT_PAYPAL_STANDARD) module before 1.1 in ...)
- TODO: check
+ NOT-FOR-US: PayPal module in osCommerce Online Merchant
CVE-2012-2990 (The MASetupCaller ActiveX control before 1.4.2012.508 in ...)
NOT-FOR-US: MarkAny ContentSAFER
CVE-2012-2989
@@ -6028,7 +6028,7 @@
CVE-2012-2587 (Multiple cross-site scripting (XSS) vulnerabilities in AfterLogic ...)
NOT-FOR-US: AfterLogic MailSuite Pro
CVE-2012-2586 (Multiple cross-site scripting (XSS) vulnerabilities in Mailtraq ...)
- TODO: check
+ NOT-FOR-US: Mailtraq
CVE-2012-2585 (Multiple cross-site scripting (XSS) vulnerabilities in ManageEngine ...)
NOT-FOR-US: ManageEngine ServiceDesk Plus
CVE-2012-2584 (Multiple cross-site scripting (XSS) vulnerabilities in Alt-N MDaemon ...)
@@ -6045,13 +6045,13 @@
CVE-2012-2579
RESERVED
CVE-2012-2578 (Multiple cross-site scripting (XSS) vulnerabilities in SmarterMail 9.2 ...)
- TODO: check
+ NOT-FOR-US: SmarterMail
CVE-2012-2577 (Multiple cross-site scripting (XSS) vulnerabilities in SolarWinds ...)
NOT-FOR-US: SolarWinds Orion Network Performance Monitor
CVE-2012-2576
RESERVED
CVE-2012-2575 (Cross-site scripting (XSS) vulnerability in NetWin SurgeMail 6.0a4 ...)
- TODO: check
+ NOT-FOR-US: NetWin SurgeMail
CVE-2012-2574 (SQL injection vulnerability in the management console in Symantec Web ...)
NOT-FOR-US: Symantec Web Gateway
CVE-2012-2573 (Multiple cross-site scripting (XSS) vulnerabilities in T-dah WebMail ...)
@@ -6872,7 +6872,7 @@
CVE-2012-2276 (The IRM Server in EMC Documentum Information Rights Management 4.x ...)
NOT-FOR-US: EMC Documentum Information Rights Management
CVE-2012-2275 (Multiple cross-site request forgery (CSRF) vulnerabilities in TestLink ...)
- TODO: check
+ NOT-FOR-US: TestLink
CVE-2012-2274 (Cross-site scripting (XSS) vulnerability in pivotx/ajaxhelper.php in ...)
NOT-FOR-US: PivotX
CVE-2012-2273 (Comodo Internet Security before 5.10.228257.2253 on Windows 7 x64 ...)
@@ -7818,7 +7818,7 @@
CVE-2012-1900
RESERVED
CVE-2012-1899 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
- TODO: check
+ NOT-FOR-US: Webfolio CMS
CVE-2012-1898
RESERVED
CVE-2012-1897
@@ -9934,7 +9934,7 @@
CVE-2012-0989
RESERVED
CVE-2012-0988 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
- TODO: check
+ NOT-FOR-US: KnowledgeTree
CVE-2012-0987
RESERVED
CVE-2012-0986
@@ -10779,7 +10779,7 @@
CVE-2012-0651 (The directory server in Directory Service in Apple Mac OS X 10.6.8 ...)
NOT-FOR-US: Apple Mac OS X
CVE-2012-0650 (Buffer overflow in the DirectoryService Proxy in DirectoryService in ...)
- TODO: check
+ NOT-FOR-US: Apple Mac OS X
CVE-2012-0649 (Race condition in the initialization routine in blued in Bluetooth in ...)
NOT-FOR-US: Apple Mac OS X
CVE-2012-0648 (WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle ...)
@@ -11868,9 +11868,9 @@
CVE-2012-0273
RESERVED
CVE-2012-0272 (Cross-site scripting (XSS) vulnerability in the WebAccess component in ...)
- TODO: check
+ NOT-FOR-US: Novell GroupWise
CVE-2012-0271 (Integer overflow in the WebConsole component in gwia.exe in GroupWise ...)
- TODO: check
+ NOT-FOR-US: Novell GroupWise
CVE-2012-0270 [csound buffer overflows]
RESERVED
- csound 1:5.16.6~dfsg-1 (low; bug #661197)
@@ -16180,7 +16180,7 @@
CVE-2011-3828 (DVRemoteAx.ax 2.1.0.39 in the DVR Remote ActiveX control allows remote ...)
NOT-FOR-US: DVR Remote
CVE-2011-3827 (The iCalendar component in gwwww1.dll in GroupWise Internet Agent ...)
- TODO: check
+ NOT-FOR-US: Novell GroupWise
CVE-2010-4852 (Cross-site scripting (XSS) vulnerability in login.php in Eclime 1.1.2b ...)
NOT-FOR-US: Eclime
CVE-2010-4851 (Multiple SQL injection vulnerabilities in Eclime 1.1.2b allow remote ...)
More information about the Secure-testing-commits
mailing list