Author: helmut-guest
Date: 2011-07-22 22:22:25 +0000 (Fri, 22 Jul 2011)
New Revision: 16969
Modified:
data/CVE/list
Log:
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2011-07-22 21:14:51 UTC (rev 16968)
+++ data/CVE/list 2011-07-22 22:22:25 UTC (rev 16969)
@@ -205,7 +205,7 @@
CVE-2011-2781
RESERVED
CVE-2011-2780 (Directory traversal vulnerability in includes/lib/gz.php in
Chyrp 2.0 ...)
- TODO: check
+ NOT-FOR-US: Chyrp
CVE-2011-2779 (Windows Event Log SmartConnector in HP ArcSight Connector
Appliance ...)
TODO: check
CVE-2011-2778
@@ -277,9 +277,9 @@
CVE-2011-2745
RESERVED
CVE-2011-2744 (Directory traversal vulnerability in Chyrp 2.1 and earlier
allows ...)
- TODO: check
+ NOT-FOR-US: Chyrp
CVE-2011-2743 (Multiple cross-site scripting (XSS) vulnerabilities in Chyrp
2.1 and ...)
- TODO: check
+ NOT-FOR-US: Chyrp
CVE-2011-2742
RESERVED
CVE-2011-2741
@@ -1361,61 +1361,61 @@
CVE-2011-2300 (Unspecified vulnerability in Oracle VM VirtualBox 4.0 allows
local ...)
TODO: check
CVE-2011-2299 (Unspecified vulnerability in Oracle SPARC Enterprise M3000,
M4000, ...)
- TODO: check
+ NOT-FOR-US: Oracle SPARC Enterprise
CVE-2011-2298 (Unspecified vulnerability in Oracle Solaris 10 and 11 Express
allows ...)
- TODO: check
+ NOT-FOR-US: Oracle Solaris
CVE-2011-2297 (Unspecified vulnerability in Oracle Solaris Cluster 3.3 allows
local ...)
- TODO: check
+ NOT-FOR-US: Oracle Solaris Cluster
CVE-2011-2296 (Unspecified vulnerability in Oracle Solaris 11 Express allows
local ...)
- TODO: check
+ NOT-FOR-US: Oracle Solaris
CVE-2011-2295 (Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11
Express ...)
- TODO: check
+ NOT-FOR-US: Oracle Solaris
CVE-2011-2294 (Unspecified vulnerability in Oracle Solaris 10 and 11 Express
allows ...)
- TODO: check
+ NOT-FOR-US: Oracle Solaris
CVE-2011-2293 (Unspecified vulnerability in Oracle Solaris 11 Express allows
local ...)
- TODO: check
+ NOT-FOR-US: Oracle Solaris
CVE-2011-2292
RESERVED
CVE-2011-2291 (Unspecified vulnerability in Oracle Solaris 10 allows local
users to ...)
- TODO: check
+ NOT-FOR-US: Oracle Solaris
CVE-2011-2290 (Unspecified vulnerability in Oracle Solaris 10, and 11 Express
allows ...)
- TODO: check
+ NOT-FOR-US: Oracle Solaris
CVE-2011-2289 (Unspecified vulnerability in Oracle Solaris 10 allows local
users to ...)
- TODO: check
+ NOT-FOR-US: Oracle Solaris
CVE-2011-2288 (Unspecified vulnerability in Sun Integrated Lights Out Manager
(ILOM) ...)
- TODO: check
+ NOT-FOR-US: Oracle SysFW
CVE-2011-2287 (Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11
Express ...)
- TODO: check
+ NOT-FOR-US: Oracle Solaris
CVE-2011-2286
RESERVED
CVE-2011-2285 (Unspecified vulnerability in Oracle Solaris 10 allows local
users to ...)
- TODO: check
+ NOT-FOR-US: Oracle Solaris
CVE-2011-2284 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS
component ...)
- TODO: check
+ NOT-FOR-US: Oracle PeopleSoft Products
CVE-2011-2283 (Unspecified vulnerability in the PeopleSoft Enterprise FMS
component ...)
- TODO: check
+ NOT-FOR-US: Oracle PeopleSoft Products
CVE-2011-2282 (Unspecified vulnerability in the PeopleSoft Enterprise
PeopleTools ...)
- TODO: check
+ NOT-FOR-US: Oracle PeopleSoft Products
CVE-2011-2281 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS
component ...)
- TODO: check
+ NOT-FOR-US: Oracle PeopleSoft Products
CVE-2011-2280 (Unspecified vulnerability in the PeopleSoft Enterprise
PeopleTools ...)
- TODO: check
+ NOT-FOR-US: Oracle PeopleSoft Products
CVE-2011-2279 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS
component ...)
- TODO: check
+ NOT-FOR-US: Oracle PeopleSoft Products
CVE-2011-2278 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS
component ...)
- TODO: check
+ NOT-FOR-US: Oracle PeopleSoft Products
CVE-2011-2277 (Unspecified vulnerability in the PeopleSoft Enterprise SCM
component ...)
- TODO: check
+ NOT-FOR-US: Oracle PeopleSoft Products
CVE-2011-2276
RESERVED
CVE-2011-2275 (Unspecified vulnerability in the PeopleSoft Enterprise
PeopleTools ...)
- TODO: check
+ NOT-FOR-US: Oracle PeopleSoft Products
CVE-2011-2274 (Unspecified vulnerability in the PeopleSoft Enterprise
PeopleTools ...)
- TODO: check
+ NOT-FOR-US: Oracle PeopleSoft Products
CVE-2011-2273 (Unspecified vulnerability in the Agile Core Technology
component in ...)
- TODO: check
+ NOT-FOR-US: Oracle Supply Chain Products Suite
CVE-2011-2272 (Unspecified vulnerability in the PeopleSoft Enterprise FSCM
component ...)
- TODO: check
+ NOT-FOR-US: Oracle PeopleSoft Products
CVE-2011-2271
RESERVED
CVE-2011-2270
@@ -1425,27 +1425,27 @@
CVE-2011-2268
RESERVED
CVE-2011-2267 (Unspecified vulnerability in the Oracle Outside In Technology
...)
- TODO: check
+ NOT-FOR-US: Oracle Fusion Middleware
CVE-2011-2266
RESERVED
CVE-2011-2265
RESERVED
CVE-2011-2264 (Unspecified vulnerability in the Oracle Outside In Technology
...)
- TODO: check
+ NOT-FOR-US: Oracle Fusion Middleware
CVE-2011-2263 (Unspecified vulnerability in Sun Integrated Lights Out Manager
in ...)
- TODO: check
+ NOT-FOR-US: Oracle SysFW
CVE-2011-2262
RESERVED
CVE-2011-2261 (Unspecified vulnerability in the Oracle Secure Backup component
in ...)
- TODO: check
+ NOT-FOR-US: Oracle Secure Backup
CVE-2011-2260 (Unspecified vulnerability in the Oracle GlassFish Server
component in ...)
- TODO: check
+ NOT-FOR-US: Oracle Sun Products Suite
CVE-2011-2259 (Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11
Express ...)
- TODO: check
+ NOT-FOR-US: Oracle Solaris
CVE-2011-2258 (Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11
Express ...)
- TODO: check
+ NOT-FOR-US: Oracle Solaris
CVE-2011-2257 (Unspecified vulnerability in the Database Target Type Menus
component ...)
- TODO: check
+ NOT-FOR-US: Oracle Database Server and Enterprise Manager Grid Control
CVE-2011-2256
RESERVED
CVE-2011-2255
@@ -1453,37 +1453,37 @@
CVE-2011-2254
RESERVED
CVE-2011-2253 (Unspecified vulnerability in the Core RDBMS component in Oracle
...)
- TODO: check
+ NOT-FOR-US: Oracle Database Server
CVE-2011-2252 (Unspecified vulnerability in the Oracle Secure Backup component
in ...)
- TODO: check
+ NOT-FOR-US: Oracle Secure Backup
CVE-2011-2251 (Unspecified vulnerability in the Oracle Secure Backup component
in ...)
- TODO: check
+ NOT-FOR-US: Oracle Secure Backup
CVE-2011-2250 (Unspecified vulnerability in the PeopleSoft Enterprise FIN
component ...)
- TODO: check
+ NOT-FOR-US: Oracle PeopleSoft Products
CVE-2011-2249 (Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows
remote ...)
- TODO: check
+ NOT-FOR-US: Oracle Solaris
CVE-2011-2248 (Unspecified vulnerability in the SQL Performance Advisories/UIs
...)
- TODO: check
+ NOT-FOR-US: Oracle Database Server and Enterprise Manager Grid Control
CVE-2011-2247
RESERVED
CVE-2011-2246 (Unspecified vulnerability in the Business Intelligence
component in ...)
- TODO: check
+ NOT-FOR-US: Oracle E-Business Suite
CVE-2011-2245 (Unspecified vulnerability in the Solaris component in Oracle
Sun ...)
- TODO: check
+ NOT-FOR-US: Oracle Sun Products Suite
CVE-2011-2244 (Unspecified vulnerability in the Security Framework component
in ...)
- TODO: check
+ NOT-FOR-US: Oracle Database Server and Enterprise Manager Grid Control
CVE-2011-2243 (Unspecified vulnerability in the Core RDBMS component in Oracle
...)
- TODO: check
+ NOT-FOR-US: Oracle Database Server
CVE-2011-2242 (Unspecified vulnerability in the Core RDBMS component in Oracle
...)
- TODO: check
+ NOT-FOR-US: Oracle Database Server
CVE-2011-2241 (Unspecified vulnerability in the Oracle Business Intelligence
...)
- TODO: check
+ NOT-FOR-US: Oracle Fusion Middleware
CVE-2011-2240 (Unspecified vulnerability in the Oracle Universal Installer
component ...)
- TODO: check
+ NOT-FOR-US: Oracle Database Server
CVE-2011-2239 (Unspecified vulnerability in the Core RDBMS component in Oracle
...)
- TODO: check
+ NOT-FOR-US: Oracle Database Server
CVE-2011-2238 (Unspecified vulnerability in the Database Vault component in
Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle Database Server
CVE-2011-2237
RESERVED
CVE-2011-2236
@@ -1495,11 +1495,11 @@
CVE-2011-2233
RESERVED
CVE-2011-2232 (Unspecified vulnerability in the XML Developer Kit component in
Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle Database Server
CVE-2011-2231 (Unspecified vulnerability in the XML Developer Kit component in
Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle Database Server
CVE-2011-2230 (Unspecified vulnerability in the Core RDBMS component in Oracle
...)
- TODO: check
+ NOT-FOR-US: Oracle Database Server
CVE-2011-2229
RESERVED
CVE-2011-2228
@@ -2914,7 +2914,7 @@
CVE-2011-1742
RESERVED
CVE-2011-1741 (Stack-based buffer overflow in ftserver.exe in the OpenText ...)
- TODO: check
+ NOT-FOR-US: OpenText Hummingbird Client Connector
CVE-2011-1740
RESERVED
CVE-2011-1739 (The makemask function in mountd.c in mountd in FreeBSD 7.4
through 8.2 ...)
@@ -3498,7 +3498,7 @@
CVE-2011-1512 (Heap-based buffer overflow in xlssr.dll in Autonomy KeyView, as
used ...)
NOT-FOR-US: Autonomy KeyView
CVE-2011-1511 (Unspecified vulnerability in the Oracle GlassFish Server
component in ...)
- TODO: check
+ NOT-FOR-US: Oracle Sun Products Suite
CVE-2011-1510
RESERVED
CVE-2011-1509
@@ -4022,9 +4022,9 @@
CVE-2011-1357
RESERVED
CVE-2011-1356 (IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.39 and
7.0 ...)
- TODO: check
+ NOT-FOR-US: IBM WebSphere Application Server
CVE-2011-1355 (Open redirect vulnerability in IBM WebSphere Application Server
(WAS) ...)
- TODO: check
+ NOT-FOR-US: IBM WebSphere Application Server
CVE-2011-1354
RESERVED
CVE-2011-1353
@@ -4073,7 +4073,7 @@
CVE-2011-1332 (Cross-site scripting (XSS) vulnerability in Cybozu Garoon 2.0.0
...)
NOT-FOR-US: Cybozu Garoon
CVE-2011-1331 (JustSystems Ichitaro 2005 through 2011, Ichitaro Government 6,
...)
- TODO: check
+ NOT-FOR-US: JustSystems Ichitaro Products
CVE-2011-1330 (Cross-site scripting (XSS) vulnerability in WeblyGo 5.0 Pro/LE,
5.02 ...)
NOT-FOR-US: WeblyGo
CVE-2011-1329 (WalRack 1.x before 1.1.9 and 2.x before 2.0.7 does not properly
...)
@@ -5460,25 +5460,25 @@
CVE-2011-0885 (A certain Comcast Business Gateway configuration of the SMC
SMCD3G-CCR ...)
NOT-FOR-US: SMC SMCD3G-CCR
CVE-2011-0884 (Unspecified vulnerability in the Oracle BPEL Process Manager
component ...)
- TODO: check
+ NOT-FOR-US: Oracle Fusion Middleware
CVE-2011-0883 (Unspecified vulnerability in the Oracle Containers for J2EE
component ...)
- TODO: check
+ NOT-FOR-US: Oracle Fusion Middleware
CVE-2011-0882 (Unspecified vulnerability in the Content Management component
in ...)
- TODO: check
+ NOT-FOR-US: Oracle Database Server
CVE-2011-0881 (Unspecified vulnerability in the EMCTL component in Oracle
Database ...)
- TODO: check
+ NOT-FOR-US: Oracle Database Server
CVE-2011-0880 (Unspecified vulnerability in the Core RDBMS component in Oracle
...)
- TODO: check
+ NOT-FOR-US: Oracle Database Server
CVE-2011-0879 (Unspecified vulnerability in the Instance Management component
in ...)
- TODO: check
+ NOT-FOR-US: Oracle Database Server
CVE-2011-0878
RESERVED
CVE-2011-0877 (Unspecified vulnerability in the Instance Management component
in ...)
- TODO: check
+ NOT-FOR-US: Oracle Database Server
CVE-2011-0876 (Unspecified vulnerability in the Enterprise Manager Console
component ...)
- TODO: check
+ NOT-FOR-US: Oracle Database Server
CVE-2011-0875 (Unspecified vulnerability in the EMCTL component in Oracle
Database ...)
- TODO: check
+ NOT-FOR-US: Oracle Database Server
CVE-2011-0874
RESERVED
CVE-2011-0873 (Unspecified vulnerability in the Java Runtime Environment (JRE)
...)
@@ -5497,7 +5497,7 @@
- sun-java6 6.26-1 (bug #629852)
- openjdk-6 <undetermined> (bug #629852)
CVE-2011-0870 (Unspecified vulnerability in the Schema Management component in
Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle Database Server
CVE-2011-0869 (Unspecified vulnerability in the Java Runtime Environment (JRE)
...)
[lenny] - sun-java6 <no-dsa> (non-free not supported)
[squeeze] - sun-java6 6.26-0squeeze1
@@ -5558,7 +5558,7 @@
CVE-2011-0853 (Unspecified vulnerability in Oracle PeopleSoft Enterprise HRMS
9.0 ...)
NOT-FOR-US: Oracle PeopleSoft Enterprise
CVE-2011-0852 (Unspecified vulnerability in the Security Management component
in ...)
- TODO: check
+ NOT-FOR-US: Oracle Database Server
CVE-2011-0851 (Unspecified vulnerability in Oracle PeopleSoft Enterprise ELS
9.0 ...)
NOT-FOR-US: Oracle PeopleSoft Enterprise
CVE-2011-0850 (Unspecified vulnerability in Oracle PeopleSoft Enterprise CRM
8.9 ...)
@@ -5566,13 +5566,13 @@
CVE-2011-0849 (Unspecified vulnerability in Oracle Java Dynamic Management Kit
5.1 ...)
NOT-FOR-US: Oracle Java Dynamic Management Kit
CVE-2011-0848 (Unspecified vulnerability in the Security Framework component
in ...)
- TODO: check
+ NOT-FOR-US: Oracle Database Server
CVE-2011-0847 (Unspecified vulnerability in the OpenSSO Enterprise and Sun
Java ...)
NOT-FOR-US: Oracle Sun Products Suite
CVE-2011-0846 (Unspecified vulnerability in the Oracle Sun Java System Access
Manager ...)
NOT-FOR-US: Oracle Sun Java System Access Manager Policy Agent
CVE-2011-0845 (Unspecified vulnerability in the Database Control component in
Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle Enterprise Manager Grid Control
CVE-2011-0844 (Unspecified vulnerability in the OpenSSO Enterprise and Sun
Java ...)
NOT-FOR-US: Oracle Sun Products Suite
CVE-2011-0843 (Unspecified vulnerability in the Siebel CRM Core component in
Oracle ...)
@@ -5586,23 +5586,23 @@
CVE-2011-0839 (Unspecified vulnerability in Oracle Solaris 9, 10, and 11
Express ...)
NOT-FOR-US: Oracle Solaris
CVE-2011-0838 (Unspecified vulnerability in the Core RDBMS component in Oracle
...)
- TODO: check
+ NOT-FOR-US: Oracle Database Server
CVE-2011-0837 (Unspecified vulnerability in the Agile Technology Platform
component ...)
NOT-FOR-US: Oracle Supply Chain Products Suite
CVE-2011-0836 (Unspecified vulnerability in Oracle JD Edwards EnterpriseOne
Tools 8.9 ...)
NOT-FOR-US: Oracle JD Edwards EnterpriseOne
CVE-2011-0835 (Unspecified vulnerability in the Core RDBMS component in Oracle
...)
- TODO: check
+ NOT-FOR-US: Oracle Database Server
CVE-2011-0834 (Unspecified vulnerability in the Siebel CRM Core component in
Oracle ...)
NOT-FOR-US: Oracle Siebel CRM
CVE-2011-0833 (Unspecified vulnerability in the Siebel CRM Core component in
Oracle ...)
NOT-FOR-US: Oracle Siebel CRM
CVE-2011-0832 (Unspecified vulnerability in the Core RDBMS component in Oracle
...)
- TODO: check
+ NOT-FOR-US: Oracle Database Server
CVE-2011-0831 (Unspecified vulnerability in the Enterprise Config Management
...)
- TODO: check
+ NOT-FOR-US: Oracle Database Server
CVE-2011-0830 (Unspecified vulnerability in the Event Management component in
Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle Database Server
CVE-2011-0829 (Unspecified vulnerability in Oracle Solaris 10 and 11 Express
allows ...)
NOT-FOR-US: Oracle Solaris
CVE-2011-0828 (Unspecified vulnerability in Oracle PeopleSoft Enterprise 8.8
Bundle ...)
@@ -5618,7 +5618,7 @@
CVE-2011-0823 (Unspecified vulnerability in Oracle JD Edwards EnterpriseOne
Tools 8.9 ...)
NOT-FOR-US: Oracle JD Edwards EnterpriseOne
CVE-2011-0822 (Unspecified vulnerability in the Streams, AQ & Replication
Mgmt ...)
- TODO: check
+ NOT-FOR-US: Oracle Database Serve
CVE-2011-0821 (Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows
local ...)
NOT-FOR-US: Oracle Solaris
CVE-2011-0820 (Unspecified vulnerability in Oracle Solaris 10, and 11 Express
allows ...)
@@ -5633,7 +5633,7 @@
- sun-java6 6.26-1 (bug #629852)
- openjdk-6 <undetermined> (bug #629852)
CVE-2011-0816 (Unspecified vulnerability in the CMDB Metadata & Instance
APIs ...)
- TODO: check
+ NOT-FOR-US: Oracle Database Server
CVE-2011-0815 (Unspecified vulnerability in the Java Runtime Environment (JRE)
...)
[lenny] - sun-java6 <no-dsa> (non-free not supported)
[squeeze] - sun-java6 6.26-0squeeze1
@@ -5649,7 +5649,7 @@
CVE-2011-0812 (Unspecified vulnerability in the Solaris component in Oracle
Solaris ...)
NOT-FOR-US: Oracle Solaris
CVE-2011-0811 (Unspecified vulnerability in the Enterprise Config Management
...)
- TODO: check
+ NOT-FOR-US: Oracle Database Server
CVE-2011-0810 (Unspecified vulnerability Oracle JD Edwards EnterpriseOne Tools
8.9 GA ...)
NOT-FOR-US: Oracle JD Edwards EnterpriseOne
CVE-2011-0809 (Unspecified vulnerability in the Web ADI component in Oracle
...)
@@ -5794,7 +5794,7 @@
CVE-2011-0771 (Janrain Engage (formerly RPX) module 6.x-1.3 for Drupal does
not ...)
NOT-FOR-US: Janrain Engage Drupal module
CVE-2011-0770 (Cross-site scripting (XSS) vulnerability in Windows Event Log
...)
- TODO: check
+ NOT-FOR-US: Windows Event Log SmartConnector
CVE-2011-0769
RESERVED
CVE-2011-0768
@@ -6403,7 +6403,7 @@
CVE-2011-0549 (SQL injection vulnerability in forget.php in the management GUI
in ...)
NOT-FOR-US: Symantec Web Gateway
CVE-2011-0548 (Buffer overflow in the Lotus Freelance Graphics PRZ file viewer
in ...)
- TODO: check
+ NOT-FOR-US: Lotus Freelance Graphics
CVE-2011-0547
RESERVED
CVE-2011-0546 (Symantec Backup Exec 11.0, 12.0, 12.5, 13.0, and 13.0 R2 does
not ...)
@@ -11852,7 +11852,7 @@
CVE-2010-3272 (accounts/ValidateAnswers in the security-questions
implementation in ...)
NOT-FOR-US: ZOHO ManageEngine
CVE-2010-3271 (Multiple cross-site request forgery (CSRF) vulnerabilities in
the ...)
- TODO: check
+ NOT-FOR-US: IBM WebSphere Application Server
CVE-2010-3270 (Stack-based buffer overflow in Cisco WebEx Meeting Center T27LB
before ...)
NOT-FOR-US: Cisco WebEx Meeting Center
CVE-2010-3269 (Multiple stack-based buffer overflows in the Cisco WebEx
Recording ...)
@@ -17295,7 +17295,7 @@
NOTE: This is based on various misconceptions surrounding "phishing"
The only supported browser security model
NOTE: surrounding URLs is the accurate post-link-click indication of
the final target URL in the URL bar.
CVE-2010-1383 (CFNetwork in Apple Safari before 5.0.6 on Windows allows remote
web ...)
- TODO: check
+ NOT-FOR-US: Apple Safari
CVE-2010-1382 (Cross-site scripting (XSS) vulnerability in Wiki Server in
Apple Mac ...)
NOT-FOR-US: Apple Mac OS X
CVE-2010-1381 (The default configuration of SMB File Server in Apple Mac OS X
10.5.8, ...)
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
