Author: federico-guest Date: 2011-02-13 12:35:04 +0000 (Sun, 13 Feb 2011) New Revision: 16121 Modified: data/CVE/list Log: NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2011-02-13 02:38:16 UTC (rev 16120) +++ data/CVE/list 2011-02-13 12:35:04 UTC (rev 16121) @@ -20,17 +20,17 @@ CVE-2011-0981 (Google Chrome before 9.0.597.94 does not properly perform event ...) TODO: check CVE-2011-0980 (Microsoft Office Excel 2003 does not properly parse Office Art ...) - TODO: check + NOT-FOR-US: Microsoft Office Excel 2003 CVE-2011-0979 (Microsoft Office Excel does not properly handle errors during the ...) - TODO: check + NOT-FOR-US: Microsoft Office Excel CVE-2011-0978 (Stack-based buffer overflow in Microsoft Office Excel allows remote ...) - TODO: check + NOT-FOR-US: Microsoft Office Excel CVE-2011-0977 (Use-after-free vulnerability in Microsoft Excel 2007 allows remote ...) - TODO: check + NOT-FOR-US: Microsoft Office Excel CVE-2011-0976 (Microsoft Office PowerPoint 2007 does not properly handle Office Art ...) - TODO: check + NOT-FOR-US: Microsoft Office CVE-2011-0975 (Stack-based buffer overflow in BMC PATROL Agent Service Daemon for in ...) - TODO: check + NOT-FOR-US: BMC PATROL CVE-2011-0974 RESERVED CVE-2011-0973 @@ -174,9 +174,9 @@ CVE-2011-0904 RESERVED CVE-2011-0903 (Multiple directory traversal vulnerabilities in AR Web Content Manager ...) - TODO: check + NOT-FOR-US: AR Web Content Manager CVE-2011-0902 (Multiple untrusted search path vulnerabilities in the Java Service in ...) - TODO: check + NOT-FOR-US: SunOS CVE-2011-0901 (Multiple stack-based buffer overflows in the tsc_launch_remote ...) - tsclient <unfixed> TODO: check @@ -208,11 +208,11 @@ CVE-2011-0888 RESERVED CVE-2011-0887 (The web management portal on the SMC SMCD3G-CCR (aka Comcast Business ...) - TODO: check + NOT-FOR-US: SMC SMCD3G-CCR CVE-2011-0886 (Multiple cross-site request forgery (CSRF) vulnerabilities in the web ...) - TODO: check + NOT-FOR-US: SMC SMCD3G-CCR CVE-2011-0885 (A certain Comcast Business Gateway configuration of the SMC SMCD3G-CCR ...) - TODO: check + NOT-FOR-US: SMC SMCD3G-CCR CVE-2011-0884 RESERVED CVE-2011-0883 @@ -534,7 +534,7 @@ - smarty <unfixed> TODO: check CVE-2011-0758 (The CA ETrust Secure Content Manager Common Services Transport ...) - TODO: check + NOT-FOR-US: CA ETrust CVE-2011-0757 (IBM DB2 9.1 before FP10, 9.5 before FP6a, and 9.7 before FP2 on Linux, ...) NOT-FOR-US: IBM DB2 CVE-2011-0756 @@ -798,7 +798,7 @@ CVE-2011-0648 RESERVED CVE-2011-0647 (The irccd.exe service in EMC Replication Manager Client before 5.3 and ...) - TODO: check + NOT-FOR-US: EMC CVE-2011-0646 (SQL injection vulnerability in viewfaqs.php in PHP LOW BIDS allows ...) NOT-FOR-US: PHPLOWBIDS CVE-2011-0645 (SQL injection vulnerability in data.php in PHPCMS 2008 V2 allows ...) @@ -956,7 +956,7 @@ CVE-2011-0583 (Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 8.0 ...) NOT-FOR-US: Adobe ColdFusion CVE-2011-0582 (Unspecified vulnerability in the administrator console in Adobe ...) - TODO: check + NOT-FOR-US: ColdFusion CVE-2011-0581 (Multiple CRLF injection vulnerabilities in Adobe ColdFusion 8.0 ...) NOT-FOR-US: Adobe ColdFusion CVE-2011-0580 (Multiple cross-site scripting (XSS) vulnerabilities in the ...) @@ -1287,7 +1287,7 @@ CVE-2011-0452 RESERVED CVE-2011-0451 (Multiple cross-site scripting (XSS) vulnerabilities in (1) ...) - TODO: check + NOT-FOR-US: EC-CUBE CVE-2011-0450 (The downloads manager in Opera before 11.01 on Windows does not ...) NOT-FOR-US: Opera CVE-2011-0449 @@ -1509,7 +1509,7 @@ CVE-2011-0355 RESERVED CVE-2011-0354 (The default configuration of Cisco Tandberg C Series Endpoints, and ...) - TODO: check + NOT-FOR-US: Cisco CVE-2011-0353 RESERVED CVE-2011-0352 (Buffer overflow in the web-based management interface on the Cisco ...) @@ -1567,9 +1567,9 @@ CVE-2011-0325 RESERVED CVE-2011-0324 (Multiple heap-based buffer overflows in Topaz Systems SigPlus Pro ...) - TODO: check + NOT-FOR-US: Topaz Systems SigPlus CVE-2011-0323 (Topaz Systems SigPlus Pro ActiveX Control 3.95, and possibly other ...) - TODO: check + NOT-FOR-US: Topaz Systems SigPlus CVE-2011-0322 RESERVED CVE-2011-0321 (librpc.dll in nsrexecd in EMC NetWorker before 7.5 SP4, 7.5.3.x before ...) @@ -1916,7 +1916,7 @@ CVE-2011-0278 RESERVED CVE-2011-0277 (Cross-site request forgery (CSRF) vulnerability in HP Power Manager ...) - TODO: check + NOT-FOR-US: HP Power Manager CVE-2011-0276 (HP OpenView Performance Insight Server 5.2, 5.3, 5.31, 5.4, and 5.41 ...) NOT-FOR-US: HP OpenView Performance Insight Server CVE-2011-0275 (Unspecified vulnerability in HP OpenView Storage Data Protector 6.0, ...) @@ -2308,21 +2308,21 @@ CVE-2011-0094 RESERVED CVE-2011-0093 (ELEMENTS.DLL in Microsoft Visio 2002 SP2, 2003 SP3, and 2007 SP2 does ...) - TODO: check + NOT-FOR-US: Microsoft Visio CVE-2011-0092 (ORMELEMS.DLL in Microsoft Visio 2002 SP2, 2003 SP3, and 2007 SP2 does ...) - TODO: check + NOT-FOR-US: Microsoft Visio CVE-2011-0091 (Kerberos in Microsoft Windows Server 2008 R2 and Windows 7 does not ...) - TODO: check + NOT-FOR-US: Microsoft Windows CVE-2011-0090 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...) - TODO: check + NOT-FOR-US: Microsoft Windows CVE-2011-0089 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...) - TODO: check + NOT-FOR-US: Microsoft Windows CVE-2011-0088 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...) - TODO: check + NOT-FOR-US: Microsoft Windows CVE-2011-0087 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...) - TODO: check + NOT-FOR-US: Microsoft Windows CVE-2011-0086 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...) - TODO: check + NOT-FOR-US: Microsoft Windows CVE-2011-0085 RESERVED CVE-2011-0084 @@ -2546,37 +2546,37 @@ - typo3-src 4.3.9+dfsg1-1 (bug #607286) NOTE: CVE ID requested CVE-2011-0045 (The kernel in Microsoft Windows XP SP3 performs memory allocation ...) - TODO: check + NOT-FOR-US: Microsoft Windows CVE-2011-0044 RESERVED CVE-2011-0043 (Kerberos in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 ...) - TODO: check + NOT-FOR-US: Microsoft Windows CVE-2011-0042 RESERVED CVE-2011-0041 RESERVED CVE-2011-0040 (The server in Microsoft Active Directory on Windows Server 2003 SP2 ...) - TODO: check + NOT-FOR-US: Microsoft Windows CVE-2011-0039 (The Local Security Authority Subsystem Service (LSASS) in Microsoft ...) - TODO: check + NOT-FOR-US: Microsoft Windows CVE-2011-0038 (Untrusted search path vulnerability in Microsoft Internet Explorer 8 ...) - TODO: check + NOT-FOR-US: Microsoft Internet Explorer CVE-2011-0037 RESERVED CVE-2011-0036 (Microsoft Internet Explorer 6, 7, and 8 does not properly handle ...) - TODO: check + NOT-FOR-US: Microsoft Internet Explorer CVE-2011-0035 (Microsoft Internet Explorer 6, 7, and 8 does not properly handle ...) - TODO: check + NOT-FOR-US: Microsoft Internet Explorer CVE-2011-0034 RESERVED CVE-2011-0033 (The OpenType Compact Font Format (CFF) driver in Microsoft Windows XP ...) - TODO: check + NOT-FOR-US: Microsoft Windows CVE-2011-0032 RESERVED CVE-2011-0031 (The (1) JScript 5.8 and (2) VBScript 5.8 scripting engines in ...) - TODO: check + NOT-FOR-US: Microsoft Windows CVE-2011-0030 (The Client/Server Run-time Subsystem (CSRSS) in Microsoft Windows XP ...) - TODO: check + NOT-FOR-US: Microsoft Windows CVE-2011-0029 RESERVED CVE-2011-0028 @@ -3278,9 +3278,9 @@ CVE-2010-4308 RESERVED CVE-2010-4307 (Buffer overflow in Adobe Shockwave Player before 11.5.9.620 allows ...) - TODO: check + NOT-FOR-US: Adobe Shockwave Player CVE-2010-4306 (Adobe Shockwave Player before 11.5.9.620 allows attackers to execute ...) - TODO: check + NOT-FOR-US: Adobe Shockwave Player CVE-2010-4305 (Cisco Unified Videoconferencing (UVC) System 3545, 5110, 5115, and ...) NOT-FOR-US: Cisco Unified Videoconferencing CVE-2010-4304 (The web interface in Cisco Unified Videoconferencing (UVC) System ...) @@ -3594,25 +3594,25 @@ - chromium-browser 6.0.472.63~r59945-2 NOTE: http://trac.webkit.org/changeset/70594 CVE-2010-4196 (The Shockwave 3d Asset module in Adobe Shockwave Player before ...) - TODO: check + NOT-FOR-US: Adobe Shockwave Player CVE-2010-4195 (The TextXtra module in Adobe Shockwave Player before 11.5.9.620 does ...) - TODO: check + NOT-FOR-US: Adobe Shockwave Player CVE-2010-4194 (The dirapi.dll module in Adobe Shockwave Player before 11.5.9.620 does ...) - TODO: check + NOT-FOR-US: Adobe Shockwave Player CVE-2010-4193 (Adobe Shockwave Player before 11.5.9.620 does not properly validate ...) - TODO: check + NOT-FOR-US: Adobe Shockwave Player CVE-2010-4192 (Adobe Shockwave Player before 11.5.9.620 allows attackers to execute ...) - TODO: check + NOT-FOR-US: Adobe Shockwave Player CVE-2010-4191 (Adobe Shockwave Player before 11.5.9.620 allows attackers to execute ...) - TODO: check + NOT-FOR-US: Adobe Shockwave Player CVE-2010-4190 (Adobe Shockwave Player before 11.5.9.620 allows attackers to execute ...) - TODO: check + NOT-FOR-US: Adobe Shockwave Player CVE-2010-4189 (The IML32 module in Adobe Shockwave Player before 11.5.9.620 allows ...) - TODO: check + NOT-FOR-US: Adobe Shockwave Player CVE-2010-4188 (The dirapi.dll module in Adobe Shockwave Player before 11.5.9.620 ...) - TODO: check + NOT-FOR-US: Adobe Shockwave Player CVE-2010-4187 (Adobe Shockwave Player before 11.5.9.620 allows attackers to execute ...) - TODO: check + NOT-FOR-US: Adobe Shockwave Player CVE-2010-4186 (SQL injection vulnerability in process.asp in OnlineTechTools Online ...) NOT-FOR-US: OnlineTechTools CVE-2010-4185 (SQL injection vulnerability in index.php in Energine, possibly 2.3.8 ...) @@ -3831,7 +3831,7 @@ CVE-2010-4094 (The Tomcat server in IBM Rational Quality Manager and Rational Test ...) NOT-FOR-US: IBM Rational Quality Manager CVE-2010-4093 (Adobe Shockwave Player before 11.5.9.620 allows attackers to execute ...) - TODO: check + NOT-FOR-US: Adobe Shockwave Player CVE-2010-4092 (Use-after-free vulnerability in an unspecified compatibility component ...) NOT-FOR-US: Adobe Shockwave Player CVE-2010-4091 (The EScript.api plugin in Adobe Reader and Acrobat 10.x before 10.0.1, ...) @@ -7972,11 +7972,11 @@ CVE-2010-2590 (Heap-based buffer overflow in the ...) NOT-FOR-US: ActiveX CVE-2010-2589 (Integer overflow in the dirapi.dll module in Adobe Shockwave Player ...) - TODO: check + NOT-FOR-US: Adobe Shockwave Player CVE-2010-2588 (The dirapi.dll module in Adobe Shockwave Player before 11.5.9.620 ...) - TODO: check + NOT-FOR-US: Adobe Shockwave Player CVE-2010-2587 (The dirapi.dll module in Adobe Shockwave Player before 11.5.9.620 ...) - TODO: check + NOT-FOR-US: Adobe Shockwave Player CVE-2010-2586 (Multiple integer overflows in in_nsv.dll in the in_nsv plugin in ...) NOT-FOR-US: Winamp CVE-2010-2585 (Multiple buffer overflows in the RealPage Module Upload ActiveX ...)