Author: federico-guest Date: 2011-02-17 22:50:28 +0000 (Thu, 17 Feb 2011) New Revision: 16191 Modified: data/CVE/list Log: NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2011-02-17 22:27:15 UTC (rev 16190) +++ data/CVE/list 2011-02-17 22:50:28 UTC (rev 16191) @@ -1,7 +1,7 @@ CVE-2011-1034 (Cross-site scripting (XSS) vulnerability in the UI in IBM Rational ...) - TODO: check + NOT-FOR-US: IBM Rational Build Forge CVE-2010-4740 (Stack-based buffer overflow in WTclient.dll in SCADA Engine BACnet OPC ...) - TODO: check + NOT-FOR-US: SCADA Engine BACnet CVE-2010-4739 (SQL injection vulnerability in the Maian Media Silver (com_maianmedia) ...) TODO: check CVE-2010-4738 (Multiple SQL injection vulnerabilities in Rae Media INC Real Estate ...) @@ -9,15 +9,15 @@ CVE-2010-4737 (SQL injection vulnerability in resorts.asp in HotWebScripts HotWeb ...) TODO: check CVE-2010-4736 (SQL injection vulnerability in ECO.asp in GateSoft DocuSafe 4.1.0 and ...) - TODO: check + NOT-FOR-US: GateSoft DocuSafe CVE-2010-4735 (SQL injection vulnerability in shoppingcart.asp in Ecommercemax ...) TODO: check CVE-2010-4734 (Multiple cross-site scripting (XSS) vulnerabilities in the comment ...) - TODO: check + NOT-FOR-US: Skeletonz CMS CVE-2011-1033 (Stack-based buffer overflow in oninit in IBM Informix Dynamic Server ...) - TODO: check + NOT-FOR-US: IBM CVE-2011-1032 (IBM Lotus Connections 3.0, when IBM WebSphere Application Server ...) - TODO: check + NOT-FOR-US: IBM CVE-2011-1031 (The feh_unique_filename function in utils.c in feh 1.11.2 and earlier ...) - feh <unfixed> (low) [lenny] - feh <no-dsa> (Minor issue) @@ -25,9 +25,9 @@ NOTE: in 1.11.2-1 --no-clobber was added to the wget call in order NOTE: to prevent overwriting files. can still be create thoug. questionable fix CVE-2011-1030 (Cross-site scripting (XSS) vulnerability in the Wikis component in IBM ...) - TODO: check + NOT-FOR-US: IBM CVE-2011-1029 (Cross-site scripting (XSS) vulnerability in IBM Rational Team Concert ...) - TODO: check + NOT-FOR-US: IBM CVE-2011-1028 RESERVED CVE-2011-1027 @@ -113,15 +113,15 @@ CVE-2011-0988 RESERVED CVE-2010-4733 (WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway ...) - TODO: check + NOT-FOR-US: WebSCADA CVE-2010-4732 (cgi-bin/read.cgi in WebSCADA WS100 and WS200, Easy Connect EC150, ...) - TODO: check + NOT-FOR-US: WebSCADA CVE-2010-4731 (Absolute path traversal vulnerability in cgi-bin/read.cgi in WebSCADA ...) - TODO: check + NOT-FOR-US: WebSCADA CVE-2010-4730 (Directory traversal vulnerability in cgi-bin/read.cgi in WebSCADA ...) - TODO: check + NOT-FOR-US: WebSCADA CVE-2008-7274 (IBM WebSphere Application Server (WAS) 6.1.0.9, when the JAAS Login ...) - TODO: check + NOT-FOR-US: IBM WebSphere Application Server CVE-2008-XXXX [path traversal in CGIHTTPServer] - python2.5 <unfixed> - python2.4 <removed> @@ -1164,7 +1164,7 @@ CVE-2011-0581 (Multiple CRLF injection vulnerabilities in Adobe ColdFusion 8.0 ...) NOT-FOR-US: Adobe ColdFusion CVE-2011-0580 (Multiple cross-site scripting (XSS) vulnerabilities in the ...) - TODO: check + NOT-FOR-US: Adobe ColdFusion CVE-2011-0579 RESERVED CVE-2011-0578 (Adobe Flash Player before 10.2.152.26 allows attackers to execute ...) @@ -2924,7 +2924,7 @@ CVE-2010-4507 (Multiple cross-site request forgery (CSRF) vulnerabilities on the ...) NOT-FOR-US: iSpot/ClearSpot hardware devices CVE-2010-4506 (Passlogix v-GO Self-Service Password Reset (SSPR) and OEM before 7.0A ...) - TODO: check + NOT-FOR-US: Passlogix CVE-2010-4505 (Multiple SQL injection vulnerabilities in login.php in Injader 2.4.4, ...) NOT-FOR-US: Injader CVE-2010-4504 (Multiple cross-site scripting (XSS) vulnerabilities in eSyndiCat ...) @@ -3498,7 +3498,7 @@ RESERVED NOT-FOR-US: Novell iPrint LPD CVE-2010-4327 (Unspecified vulnerability in the NCP service in Novell eDirectory ...) - TODO: check + NOT-FOR-US: Novell eDirectory CVE-2010-4326 (Multiple buffer overflows in gwwww1.dll in GroupWise Internet Agent ...) NOT-FOR-US: Groupwise CVE-2010-4325 (Buffer overflow in gwwww1.dll in GroupWise Internet Agent (GWIA) in ...) @@ -7278,7 +7278,7 @@ CVE-2010-2929 (Untrusted search path vulnerability in hsolinkcontrol in hsolink ...) - hsolink <removed> CVE-2010-2928 (The vCenter Tomcat Management Application in VMware vCenter Server 4.1 ...) - TODO: check + NOT-FOR-US: VMware vCenter Server CVE-2010-2927 (The slapi_printmessage function in IBM Tivoli Directory Server (ITDS) ...) NOT-FOR-US: Tivoli CVE-2009-4976 (Cross-site scripting (XSS) vulnerability in webkitpart.cpp in ...)