Author: federico-guest
Date: 2011-10-16 19:11:45 +0000 (Sun, 16 Oct 2011)
New Revision: 17438
Modified:
data/CVE/list
Log:
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2011-10-16 19:04:00 UTC (rev 17437)
+++ data/CVE/list 2011-10-16 19:11:45 UTC (rev 17438)
@@ -2215,39 +2215,39 @@
CVE-2011-3229 (Directory traversal vulnerability in Apple Safari before 5.1.1
allows ...)
TODO: check
CVE-2011-3228 (QuickTime in Apple Mac OS X before 10.7.2 allows remote
attackers to ...)
- TODO: check
+ NOT-FOR-US: QuickTime in Apple Mac OS X
CVE-2011-3227 (libsecurity in Apple Mac OS X before 10.7.2 does not properly
handle ...)
- TODO: check
+ NOT-FOR-US: libsecurity in Apple Mac OS X
CVE-2011-3226 (Open Directory in Apple Mac OS X 10.7 before 10.7.2, when an
LDAPv3 ...)
- TODO: check
+ NOT-FOR-US: Open Directory in Apple Mac OS X
CVE-2011-3225 (The SMB File Server component in Apple Mac OS X 10.7 before
10.7.2 ...)
- TODO: check
+ NOT-FOR-US: SMB File Server component in Apple Mac OS X
CVE-2011-3224 (The User Documentation component in Apple Mac OS X through
10.6.8 uses ...)
- TODO: check
+ NOT-FOR-US: User Documentation component in Apple Mac OS X
CVE-2011-3223 (Buffer overflow in QuickTime in Apple Mac OS X before 10.7.2
allows ...)
- TODO: check
+ NOT-FOR-US: QuickTime in Apple Mac OS X
CVE-2011-3222 (Buffer overflow in QuickTime in Apple Mac OS X before 10.7.2
allows ...)
- TODO: check
+ NOT-FOR-US: QuickTime in Apple Mac OS X
CVE-2011-3221 (QuickTime in Apple Mac OS X before 10.7.2 does not properly
handle the ...)
- TODO: check
+ NOT-FOR-US: QuickTime in Apple Mac OS X
CVE-2011-3220 (QuickTime in Apple Mac OS X before 10.7.2 does not properly
process ...)
- TODO: check
+ NOT-FOR-US: QuickTime in Apple Mac OS X
CVE-2011-3219 (Buffer overflow in CoreMedia, as used in Apple iTunes before
10.5, ...)
NOT-FOR-US: Apple CoreMedia
CVE-2011-3218 (The "Save for Web" selection in QuickTime Player in
Apple Mac OS X ...)
- TODO: check
+ NOT-FOR-US: QuickTime in Apple Mac OS X
CVE-2011-3217 (MediaKit in Apple Mac OS X through 10.6.8 allows remote
attackers to ...)
TODO: check
CVE-2011-3216 (The kernel in Apple Mac OS X before 10.7.2 does not properly
implement ...)
- TODO: check
+ NOT-FOR-US: kernel in Apple Mac OS X
CVE-2011-3215 (The kernel in Apple Mac OS X before 10.7.2 does not properly
prevent ...)
- TODO: check
+ NOT-FOR-US: kernel in Apple Mac OS X
CVE-2011-3214 (IOGraphics in Apple Mac OS X through 10.6.8 does not properly
handle a ...)
- TODO: check
+ NOT-FOR-US: IOGraphics in Apple Mac OS X
CVE-2011-3213 (The File Systems component in Apple Mac OS X before 10.7.2 does
not ...)
- TODO: check
+ NOT-FOR-US: File Systems component in Apple Mac OS X
CVE-2011-3212 (CoreStorage in Apple Mac OS X 10.7 before 10.7.2 does not
ensure that ...)
- TODO: check
+ NOT-FOR-US: CoreStorage in Apple Mac OS X
CVE-2011-3211 (The server in Bcfg2 1.1.2 and earlier, and 1.2 prerelease,
allows ...)
{DSA-2302-1}
- bcfg2 1.1.2-2 (bug #640028)
@@ -2427,7 +2427,7 @@
CVE-2011-3156
RESERVED
CVE-2011-3155 (Unspecified vulnerability in HP Onboard Administrator (OA) 3.21
...)
- TODO: check
+ NOT-FOR-US: HP Onboard Administrator
CVE-2011-3154
RESERVED
CVE-2011-3153
@@ -3850,13 +3850,13 @@
CVE-2011-2676
RESERVED
CVE-2011-2675 (Cross-site scripting (XSS) vulnerability in Enkai-kun before
110916 ...)
- TODO: check
+ NOT-FOR-US: Enkai-kun
CVE-2011-2674 (BaserCMS before 1.6.12 does not properly restrict additions to
the ...)
- TODO: check
+ NOT-FOR-US: BaserCMS
CVE-2011-2673 (Cross-site scripting (XSS) vulnerability in BaserCMS before
1.6.13.2 ...)
- TODO: check
+ NOT-FOR-US: BaserCMS
CVE-2011-2672 (Cross-site scripting (XSS) vulnerability in SemanticScuttle
before ...)
- TODO: check
+ NOT-FOR-US: SemanticScuttle
CVE-2011-2671 (Unspecified vulnerability in Megalith 12th edition through 27th
...)
NOT-FOR-US: Megalith
CVE-2011-2670
@@ -3876,11 +3876,11 @@
CVE-2011-2664 (Unspecified vulnerability in Check Point Multi-Domain
Management / ...)
NOT-FOR-US: Check Point Multi-Domain Management
CVE-2011-2663 (Array index error in GroupWise Internet Agent (GWIA) in Novell
...)
- TODO: check
+ NOT-FOR-US: Novell GroupWise
CVE-2011-2662 (Integer signedness error in GroupWise Internet Agent (GWIA) in
Novell ...)
- TODO: check
+ NOT-FOR-US: Novell GroupWise
CVE-2011-2661 (Multiple cross-site scripting (XSS) vulnerabilities in
WebAccess in ...)
- TODO: check
+ NOT-FOR-US: Novell GroupWise
CVE-2011-2660 (The modify_resolvconf_suse script in the vpnc package before
...)
- vpnc <not-affected>
NOTE: This only affects the SUSE packaging.
@@ -4149,9 +4149,9 @@
CVE-2011-2545
RESERVED
CVE-2011-2544 (Cross-site scripting (XSS) vulnerability in the web interface
in Cisco ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2011-2543 (Buffer overflow in the cuil component in Cisco Telepresence
System ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2011-2542
RESERVED
- libsoup2.4 <undetermined>
@@ -4425,9 +4425,9 @@
CVE-2011-2445
RESERVED
CVE-2011-2444 (Cross-site scripting (XSS) vulnerability in Adobe Flash Player
before ...)
- TODO: check
+ NOT-FOR-US: Adobe Flash Player
CVE-2011-2443 (Multiple buffer overflows in Adobe Photoshop Elements 8.0 and
earlier ...)
- TODO: check
+ NOT-FOR-US: Adobe Photoshop Elements
CVE-2011-2442 (Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6,
and 10.x ...)
NOT-FOR-US: Adobe Reader and Acrobat
CVE-2011-2441 (Multiple stack-based buffer overflows in CoolType.dll in Adobe
Reader ...)
@@ -4453,15 +4453,15 @@
CVE-2011-2431 (Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6,
and 10.x ...)
NOT-FOR-US: Adobe Reader and Acrobat
CVE-2011-2430 (Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X,
Linux, and ...)
- TODO: check
+ NOT-FOR-US: Adobe Flash Player
CVE-2011-2429 (Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X,
Linux, and ...)
- TODO: check
+ NOT-FOR-US: Adobe Flash Player
CVE-2011-2428 (Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X,
Linux, and ...)
- TODO: check
+ NOT-FOR-US: Adobe Flash Player
CVE-2011-2427 (Stack-based buffer overflow in the ActionScript Virtual Machine
(AVM) ...)
- TODO: check
+ NOT-FOR-US: Adobe Flash Player
CVE-2011-2426 (Stack-based buffer overflow in the ActionScript Virtual Machine
(AVM) ...)
- TODO: check
+ NOT-FOR-US: Adobe Flash Player
CVE-2011-2425 (Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X,
Linux, and ...)
NOT-FOR-US: Adobe Flash Player
CVE-2011-2424 (Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X,
Linux, and ...)
@@ -4489,9 +4489,9 @@
CVE-2011-2413
RESERVED
CVE-2011-2412 (Unspecified vulnerability in HP Business Service Automation
(BSA) ...)
- TODO: check
+ NOT-FOR-US: HP Business Service Automation
CVE-2011-2411 (Unspecified vulnerability on HP NonStop Servers with software
H06.x ...)
- TODO: check
+ NOT-FOR-US: HP NonStop Servers
CVE-2011-2410 (Cross-site scripting (XSS) vulnerability in HP OpenView
Performance ...)
NOT-FOR-US: HP OpenView
CVE-2011-2409 (Cross-site scripting (XSS) vulnerability in the Calendar
application ...)
@@ -4956,7 +4956,7 @@
CVE-2011-2228
RESERVED
CVE-2011-2227 (Cross-site scripting (XSS) vulnerability in Novell Identity
Manager ...)
- TODO: check
+ NOT-FOR-US: Novell Identity Manager
CVE-2011-2226 (Cross-site scripting (XSS) vulnerability in Kiwi before 3.74.2,
as ...)
NOT-FOR-US: Kiwi, SUSE Studio
CVE-2011-2225 (Unspecified vulnerability in Kiwi before 3.74.2, as used in
SUSE ...)
@@ -4972,9 +4972,9 @@
CVE-2011-2220 (Stack-based buffer overflow in NFREngine.exe in Novell File
Reporter ...)
NOT-FOR-US: Novell File Reporter
CVE-2011-2219 (Unspecified vulnerability in GroupWise Internet Agent (GWIA) in
Novell ...)
- TODO: check
+ NOT-FOR-US: Novell GroupWise
CVE-2011-2218 (Unspecified vulnerability in GroupWise Internet Agent (GWIA) in
Novell ...)
- TODO: check
+ NOT-FOR-US: Novell GroupWise
CVE-2011-2217 (Certain ActiveX controls in (1) tsgetxu71ex552.dll and (2) ...)
NOT-FOR-US: VMware
CVE-2011-2213 (The inet_diag_bc_audit function in net/ipv4/inet_diag.c in the
Linux ...)
@@ -5465,7 +5465,7 @@
CVE-2011-2073
RESERVED
CVE-2011-2072 (Memory leak in Cisco IOS 12.4, 15.0, and 15.1, Cisco IOS XE
2.5.x ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2011-2071
RESERVED
CVE-2011-2070
@@ -5587,29 +5587,29 @@
CVE-2011-2013
RESERVED
CVE-2011-2012 (Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold,
Update 1, ...)
- TODO: check
+ NOT-FOR-US: Microsoft Forefront
CVE-2011-2011 (Use-after-free vulnerability in win32k.sys in the kernel-mode
drivers ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2011-2010
RESERVED
CVE-2011-2009 (Untrusted search path vulnerability in Windows Media Center in
...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2011-2008 (Microsoft Host Integration Server (HIS) 2004 SP1, 2006 SP1,
2009, and ...)
- TODO: check
+ NOT-FOR-US: Microsoft Host Integration Server
CVE-2011-2007 (Microsoft Host Integration Server (HIS) 2004 SP1, 2006 SP1,
2009, and ...)
- TODO: check
+ NOT-FOR-US: Microsoft Host Integration Server
CVE-2011-2006
RESERVED
CVE-2011-2005 (afd.sys in the Ancillary Function Driver in Microsoft Windows
XP SP2 ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2011-2004
RESERVED
CVE-2011-2003 (Buffer overflow in win32k.sys in the kernel-mode drivers in
Microsoft ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2011-2002 (win32k.sys in the kernel-mode drivers in Microsoft Windows
Vista SP2, ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2011-2001 (Microsoft Internet Explorer 6 through 9 does not properly
handle ...)
- TODO: check
+ NOT-FOR-US: Microsoft Internet Explorer
CVE-2011-2000 (Microsoft Internet Explorer 6 through 9 does not properly
handle ...)
TODO: check
CVE-2011-1999 (Microsoft Internet Explorer 8 does not properly allocate and
access ...)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
