Author: federico-guest Date: 2010-12-18 23:22:58 +0000 (Sat, 18 Dec 2010) New Revision: 15717 Modified: data/CVE/list Log: NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2010-12-18 11:39:03 UTC (rev 15716) +++ data/CVE/list 2010-12-18 23:22:58 UTC (rev 15717) @@ -5,35 +5,35 @@ CVE-2010-4554 RESERVED CVE-2010-4553 (An unspecified Domino API in IBM Lotus Notes Traveler before 8.5.1.1 ...) - TODO: check + NOT-FOR-US: IBM Lotus Notes Traveler CVE-2010-4552 (Memory leak in IBM Lotus Notes Traveler before 8.5.1.1 allows remote ...) - TODO: check + NOT-FOR-US: IBM Lotus Notes Traveler CVE-2010-4551 (IBM Lotus Notes Traveler before 8.5.1.2 allows remote authenticated ...) - TODO: check + NOT-FOR-US: IBM Lotus Notes Traveler CVE-2010-4550 (IBM Lotus Notes Traveler before 8.5.1.3 allows remote attackers to ...) - TODO: check + NOT-FOR-US: IBM Lotus Notes Traveler CVE-2010-4549 (IBM Lotus Notes Traveler before 8.5.1.3 on the Nokia s60 device ...) - TODO: check + NOT-FOR-US: IBM Lotus Notes Traveler CVE-2010-4548 (IBM Lotus Notes Traveler before 8.5.1.2 allows remote authenticated ...) - TODO: check + NOT-FOR-US: IBM Lotus Notes Traveler CVE-2010-4547 (IBM Lotus Notes Traveler before 8.5.1.3, when a multidomain ...) - TODO: check + NOT-FOR-US: IBM Lotus Notes Traveler CVE-2010-4546 (IBM Lotus Notes Traveler before 8.5.1.2 does not reject an attachment ...) - TODO: check + NOT-FOR-US: IBM Lotus Notes Traveler CVE-2010-4545 (IBM Lotus Notes Traveler before 8.5.1.2 allows remote authenticated ...) - TODO: check + NOT-FOR-US: IBM Lotus Notes Traveler CVE-2010-4544 (Cross-site scripting (XSS) vulnerability in the servlet in IBM Lotus ...) - TODO: check + NOT-FOR-US: IBM Lotus Notes Traveler CVE-2009-5036 (traveler.exe in IBM Lotus Notes Traveler before 8.0.1.3 CF1 allows ...) - TODO: check + NOT-FOR-US: IBM Lotus Notes Traveler CVE-2009-5035 (The Nokia client in IBM Lotus Notes Traveler before 8.5.0.2 does not ...) - TODO: check + NOT-FOR-US: IBM Lotus Notes Traveler CVE-2009-5034 (IBM Lotus Notes Traveler before 8.5.0.2 allows remote authenticated ...) - TODO: check + NOT-FOR-US: IBM Lotus Notes Traveler CVE-2009-5033 (IBM Lotus Notes Traveler before 8.5.0.2 does not properly handle a "* ...) - TODO: check + NOT-FOR-US: IBM Lotus Notes Traveler CVE-2009-5032 (The encrypted e-mail feature in IBM Lotus Notes Traveler before ...) - TODO: check + NOT-FOR-US: IBM Lotus Notes Traveler CVE-2010-XXXX [TYPO3-SA-2010-022] - typo3-src 4.3.9+dfsg1-1 CVE-2011-0045 @@ -140,7 +140,7 @@ CVE-2010-4516 (Multiple cross-site scripting (XSS) vulnerabilities in the JXtended ...) TODO: check CVE-2010-4515 (Cross-site scripting (XSS) vulnerability in Citrix Web Interface 5.0, ...) - TODO: check + NOT-FOR-US: Citrix Web Interface CVE-2010-4514 (Cross-site scripting (XSS) vulnerability in Install/InstallWizard.aspx ...) TODO: check CVE-2010-4513 (Multiple cross-site scripting (XSS) vulnerabilities in Zimplit CMS ...) @@ -525,23 +525,23 @@ CVE-2010-4384 (Array index error in RealNetworks RealPlayer 11.0 through 11.1, ...) TODO: check CVE-2010-4383 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...) - TODO: check + NOT-FOR-US: RealPlayer CVE-2010-4382 (Multiple heap-based buffer overflows in RealNetworks RealPlayer 11.0 ...) - TODO: check + NOT-FOR-US: RealPlayer CVE-2010-4381 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...) - TODO: check + NOT-FOR-US: RealPlayer CVE-2010-4380 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...) - TODO: check + NOT-FOR-US: RealPlayer CVE-2010-4379 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...) - TODO: check + NOT-FOR-US: RealPlayer CVE-2010-4378 (The drv2.dll (aka RV20 decompression) module in RealNetworks ...) - TODO: check + NOT-FOR-US: RealPlayer CVE-2010-4377 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...) - TODO: check + NOT-FOR-US: RealPlayer CVE-2010-4376 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...) - TODO: check + NOT-FOR-US: RealPlayer CVE-2010-4375 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...) - TODO: check + NOT-FOR-US: RealPlayer CVE-2010-4374 (The in_mkv plugin in Winamp before 5.6 allows remote attackers to ...) NOT-FOR-US: Winamp CVE-2010-4373 (The in_mp4 plugin in Winamp before 5.6 allows remote attackers to ...) @@ -1214,9 +1214,9 @@ CVE-2010-4110 RESERVED CVE-2010-4109 (Cross-site scripting (XSS) vulnerability in the Contacts Application ...) - TODO: check + NOT-FOR-US: HP Palm webOS CVE-2010-4108 (HP HP-UX B.11.11, B.11.23, and B.11.31 does not properly support ...) - TODO: check + NOT-FOR-US: HP-UX CVE-2010-4107 (The default configuration of the PJL Access value in the File System ...) NOT-FOR-US: HP LaserJet CVE-2010-4106 (Cross-site request forgery (CSRF) vulnerability in HP Insight Control ...) @@ -1565,67 +1565,67 @@ CVE-2010-3968 RESERVED CVE-2010-3967 (Untrusted search path vulnerability in Microsoft Windows Movie Maker ...) - TODO: check + NOT-FOR-US: Microsoft Windows CVE-2010-3966 (Untrusted search path vulnerability in Microsoft Windows Server 2008 ...) - TODO: check + NOT-FOR-US: Microsoft Windows CVE-2010-3965 (Untrusted search path vulnerability in Windows Media Encoder 9 on ...) - TODO: check + NOT-FOR-US: Microsoft Windows CVE-2010-3964 (Unrestricted file upload vulnerability in the Document Conversions ...) - TODO: check + NOT-FOR-US: Microsoft Office SharePoint Server CVE-2010-3963 (Buffer overflow in the Routing and Remote Access NDProxy component in ...) - TODO: check + NOT-FOR-US: Microsoft Windows CVE-2010-3962 (Use-after-free vulnerability in Microsoft Internet Explorer 6, 7, and ...) NOT-FOR-US: Microsoft Internet Explorer CVE-2010-3961 (The Consent User Interface (UI) in Microsoft Windows Vista SP1 and ...) - TODO: check + NOT-FOR-US: Microsoft Windows CVE-2010-3960 (Hyper-V in Microsoft Windows Server 2008 Gold, SP2, and R2 allows ...) - TODO: check + NOT-FOR-US: Microsoft Windows CVE-2010-3959 (The OpenType Font (OTF) driver in Microsoft Windows XP SP2 and SP3, ...) - TODO: check + NOT-FOR-US: Microsoft Windows CVE-2010-3958 RESERVED CVE-2010-3957 (Double free vulnerability in the OpenType Font (OTF) driver in ...) - TODO: check + NOT-FOR-US: Microsoft Windows CVE-2010-3956 (The OpenType Font (OTF) driver in Microsoft Windows XP SP2 and SP3, ...) - TODO: check + NOT-FOR-US: Microsoft Windows CVE-2010-3955 (pubconv.dll (aka the Publisher Converter DLL) in Microsoft Publisher ...) - TODO: check + NOT-FOR-US: Microsoft Publisher CVE-2010-3954 (Microsoft Publisher 2002 SP3, 2003 SP3, and 2010 allows remote ...) - TODO: check + NOT-FOR-US: Microsoft Publisher CVE-2010-3953 RESERVED CVE-2010-3952 (The FlashPix image converter in the graphics filters in Microsoft ...) - TODO: check + NOT-FOR-US: Microsoft Office CVE-2010-3951 (Buffer overflow in the FlashPix image converter in the graphics ...) - TODO: check + NOT-FOR-US: Microsoft Office CVE-2010-3950 (The TIFF image converter in the graphics filters in Microsoft Office ...) - TODO: check + NOT-FOR-US: Microsoft Office CVE-2010-3949 (Buffer overflow in the TIFF image converter in the graphics filters in ...) - TODO: check + NOT-FOR-US: Microsoft Office CVE-2010-3948 RESERVED CVE-2010-3947 (Heap-based buffer overflow in the TIFF image converter in the graphics ...) - TODO: check + NOT-FOR-US: Microsoft Office CVE-2010-3946 (Integer overflow in the PICT image converter in the graphics filters ...) - TODO: check + NOT-FOR-US: Microsoft Office CVE-2010-3945 (Buffer overflow in the CGM image converter in the graphics filters in ...) - TODO: check + NOT-FOR-US: Microsoft Office CVE-2010-3944 (win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2008 ...) - TODO: check + NOT-FOR-US: Microsoft Windows CVE-2010-3943 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...) - TODO: check + NOT-FOR-US: Microsoft Windows CVE-2010-3942 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...) - TODO: check + NOT-FOR-US: Microsoft Windows CVE-2010-3941 (Double free vulnerability in win32k.sys in the kernel-mode drivers in ...) - TODO: check + NOT-FOR-US: Microsoft Windows CVE-2010-3940 (Double free vulnerability in win32k.sys in the kernel-mode drivers in ...) - TODO: check + NOT-FOR-US: Microsoft Windows CVE-2010-3939 (Buffer overflow in win32k.sys in the kernel-mode drivers in Microsoft ...) - TODO: check + NOT-FOR-US: Microsoft Windows CVE-2010-3938 RESERVED CVE-2010-3937 (Microsoft Exchange Server 2007 SP2 on the x64 platform allows remote ...) - TODO: check + NOT-FOR-US: Microsoft Exchange Server CVE-2010-3936 (Cross-site scripting (XSS) vulnerability in Signurl.asp in Microsoft ...) NOT-FOR-US: Forefront Unified Access Gateway CVE-2010-3935 @@ -3254,27 +3254,27 @@ CVE-2010-3349 (Ardour 2.8.11 places a zero-length directory name in the ...) - ardour 1:2.8.11-2 (low; bug #598282) CVE-2010-3348 (Microsoft Internet Explorer 6, 7, and 8 does not prevent rendering of ...) - TODO: check + NOT-FOR-US: Microsoft Internet Explorer CVE-2010-3347 RESERVED CVE-2010-3346 (Microsoft Internet Explorer 6, 7, and 8 does not properly handle ...) - TODO: check + NOT-FOR-US: Microsoft Internet Explorer CVE-2010-3345 (Microsoft Internet Explorer 8 does not properly handle objects in ...) - TODO: check + NOT-FOR-US: Microsoft Internet Explorer CVE-2010-3344 RESERVED CVE-2010-3343 (Microsoft Internet Explorer 6 does not properly handle objects in ...) - TODO: check + NOT-FOR-US: Microsoft Internet Explorer CVE-2010-3342 (Microsoft Internet Explorer 6, 7, and 8 does not prevent rendering of ...) - TODO: check + NOT-FOR-US: Microsoft Internet Explorer CVE-2010-3341 RESERVED CVE-2010-3340 (Microsoft Internet Explorer 6 and 7 does not properly handle objects ...) - TODO: check + NOT-FOR-US: Microsoft Internet Explorer CVE-2010-3339 RESERVED CVE-2010-3338 (The Windows Task Scheduler in Microsoft Windows Vista SP1 and SP2, ...) - TODO: check + NOT-FOR-US: Microsoft Windows CVE-2010-3337 (Untrusted search path vulnerability in Microsoft Office 2007 SP2 and ...) NOT-FOR-US: Microsoft Office 2007 SP2 CVE-2010-3336 (Microsoft Office XP SP3, Office 2004 and 2008 for Mac, Office for Mac ...) @@ -4202,11 +4202,11 @@ CVE-2010-3000 (Multiple integer overflows in the ParseKnownType function in ...) NOT-FOR-US: RealPlayer CVE-2010-2999 (Integer overflow in RealNetworks RealPlayer 11.0 through 11.1, ...) - TODO: check + NOT-FOR-US: RealPlayer CVE-2010-2998 (Array index error in RealNetworks RealPlayer 11.0 through 11.1 and ...) NOT-FOR-US: RealNetworks RealPlayer CVE-2010-2997 (Use-after-free vulnerability in RealNetworks RealPlayer 11.0 through ...) - TODO: check + NOT-FOR-US: RealPlayer CVE-2010-2996 (Array index error in RealNetworks RealPlayer 11.0 through 11.1 on ...) NOT-FOR-US: RealPlayer CVE-2010-2991 (The IICAClient interface in the ICAClient library in the ICA Client ...) @@ -4966,7 +4966,7 @@ CVE-2010-2743 RESERVED CVE-2010-2742 (The Netlogon RPC Service in Microsoft Windows Server 2003 SP2 and ...) - TODO: check + NOT-FOR-US: Microsoft Windows CVE-2010-2741 (The OpenType Font (OTF) format driver in Microsoft Windows XP SP2 and ...) NOT-FOR-US: Microsoft Windows CVE-2010-2740 (The OpenType Font (OTF) format driver in Microsoft Windows XP SP2 and ...) @@ -5353,7 +5353,7 @@ CVE-2010-2580 (The SMTP service (MESMTPC.exe) in MailEnable 3.x and 4.25 does not ...) NOT-FOR-US: MailEnable CVE-2010-2579 (The cook codec in RealNetworks RealPlayer 11.0 through 11.1, ...) - TODO: check + NOT-FOR-US: RealPlayer CVE-2010-2578 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...) NOT-FOR-US: RealNetworks RealPlayer CVE-2010-2577 (Multiple SQL injection vulnerabilities in Pligg before 1.1.1 allow ...) @@ -5382,11 +5382,11 @@ CVE-2010-2572 (Buffer overflow in Microsoft PowerPoint 2002 SP3 and 2003 SP3 allows ...) NOT-FOR-US: Microsoft PowerPoint CVE-2010-2571 (Array index error in pubconv.dll (aka the Publisher Converter DLL) in ...) - TODO: check + NOT-FOR-US: Microsoft Publisher CVE-2010-2570 (Heap-based buffer overflow in pubconv.dll (aka the Publisher Converter ...) - TODO: check + NOT-FOR-US: Microsoft Publisher CVE-2010-2569 (pubconv.dll (aka the Publisher Converter DLL) in Microsoft Publisher ...) - TODO: check + NOT-FOR-US: Microsoft Publisher CVE-2010-2568 (Windows Shell in Microsoft Windows XP SP3, Server 2003 SP2, Vista SP1 ...) NOT-FOR-US: Microsoft CVE-2010-2567 (The RPC client implementation in Microsoft Windows XP SP2 and SP3 and ...) @@ -11299,7 +11299,7 @@ CVE-2010-0531 (Apple iTunes before 9.1 allows remote attackers to cause a denial of ...) NOT-FOR-US: Apple iTunes CVE-2010-0530 (Apple QuickTime before 7.6.9 on Windows sets weak permissions for the ...) - TODO: check + NOT-FOR-US: QuickTime CVE-2010-0529 (Heap-based buffer overflow in QuickTime.qts in Apple QuickTime before ...) NOT-FOR-US: Apple QuickTime CVE-2010-0528 (Apple QuickTime before 7.6.6 on Windows allows remote attackers to ...) @@ -12565,7 +12565,7 @@ CVE-2010-0126 (Heap-based buffer overflow in an unspecified library in Autonomy ...) NOT-FOR-US: Autonomy KeyView CVE-2010-0125 (RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through ...) - TODO: check + NOT-FOR-US: RealPlayer CVE-2010-0124 (Employee Timeclock Software 0.99 places the database password on the ...) NOT-FOR-US: Employee Timeclock Software CVE-2010-0123 (The database backup implementation in Employee Timeclock Software 0.99 ...) @@ -12573,7 +12573,7 @@ CVE-2010-0122 (Multiple SQL injection vulnerabilities in Employee Timeclock Software ...) NOT-FOR-US: Employee Timeclock Software CVE-2010-0121 (The cook codec in RealNetworks RealPlayer 11.0 through 11.1, ...) - TODO: check + NOT-FOR-US: RealPlayer CVE-2010-0120 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...) NOT-FOR-US: RealPlayer CVE-2010-0119 (Bournal before 1.4.1 on FreeBSD 8.0, when the -K option is used, ...)