Author: helmut-guest Date: 2011-07-22 22:22:25 +0000 (Fri, 22 Jul 2011) New Revision: 16969 Modified: data/CVE/list Log: NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2011-07-22 21:14:51 UTC (rev 16968) +++ data/CVE/list 2011-07-22 22:22:25 UTC (rev 16969) @@ -205,7 +205,7 @@ CVE-2011-2781 RESERVED CVE-2011-2780 (Directory traversal vulnerability in includes/lib/gz.php in Chyrp 2.0 ...) - TODO: check + NOT-FOR-US: Chyrp CVE-2011-2779 (Windows Event Log SmartConnector in HP ArcSight Connector Appliance ...) TODO: check CVE-2011-2778 @@ -277,9 +277,9 @@ CVE-2011-2745 RESERVED CVE-2011-2744 (Directory traversal vulnerability in Chyrp 2.1 and earlier allows ...) - TODO: check + NOT-FOR-US: Chyrp CVE-2011-2743 (Multiple cross-site scripting (XSS) vulnerabilities in Chyrp 2.1 and ...) - TODO: check + NOT-FOR-US: Chyrp CVE-2011-2742 RESERVED CVE-2011-2741 @@ -1361,61 +1361,61 @@ CVE-2011-2300 (Unspecified vulnerability in Oracle VM VirtualBox 4.0 allows local ...) TODO: check CVE-2011-2299 (Unspecified vulnerability in Oracle SPARC Enterprise M3000, M4000, ...) - TODO: check + NOT-FOR-US: Oracle SPARC Enterprise CVE-2011-2298 (Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows ...) - TODO: check + NOT-FOR-US: Oracle Solaris CVE-2011-2297 (Unspecified vulnerability in Oracle Solaris Cluster 3.3 allows local ...) - TODO: check + NOT-FOR-US: Oracle Solaris Cluster CVE-2011-2296 (Unspecified vulnerability in Oracle Solaris 11 Express allows local ...) - TODO: check + NOT-FOR-US: Oracle Solaris CVE-2011-2295 (Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express ...) - TODO: check + NOT-FOR-US: Oracle Solaris CVE-2011-2294 (Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows ...) - TODO: check + NOT-FOR-US: Oracle Solaris CVE-2011-2293 (Unspecified vulnerability in Oracle Solaris 11 Express allows local ...) - TODO: check + NOT-FOR-US: Oracle Solaris CVE-2011-2292 RESERVED CVE-2011-2291 (Unspecified vulnerability in Oracle Solaris 10 allows local users to ...) - TODO: check + NOT-FOR-US: Oracle Solaris CVE-2011-2290 (Unspecified vulnerability in Oracle Solaris 10, and 11 Express allows ...) - TODO: check + NOT-FOR-US: Oracle Solaris CVE-2011-2289 (Unspecified vulnerability in Oracle Solaris 10 allows local users to ...) - TODO: check + NOT-FOR-US: Oracle Solaris CVE-2011-2288 (Unspecified vulnerability in Sun Integrated Lights Out Manager (ILOM) ...) - TODO: check + NOT-FOR-US: Oracle SysFW CVE-2011-2287 (Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express ...) - TODO: check + NOT-FOR-US: Oracle Solaris CVE-2011-2286 RESERVED CVE-2011-2285 (Unspecified vulnerability in Oracle Solaris 10 allows local users to ...) - TODO: check + NOT-FOR-US: Oracle Solaris CVE-2011-2284 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component ...) - TODO: check + NOT-FOR-US: Oracle PeopleSoft Products CVE-2011-2283 (Unspecified vulnerability in the PeopleSoft Enterprise FMS component ...) - TODO: check + NOT-FOR-US: Oracle PeopleSoft Products CVE-2011-2282 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...) - TODO: check + NOT-FOR-US: Oracle PeopleSoft Products CVE-2011-2281 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component ...) - TODO: check + NOT-FOR-US: Oracle PeopleSoft Products CVE-2011-2280 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...) - TODO: check + NOT-FOR-US: Oracle PeopleSoft Products CVE-2011-2279 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component ...) - TODO: check + NOT-FOR-US: Oracle PeopleSoft Products CVE-2011-2278 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component ...) - TODO: check + NOT-FOR-US: Oracle PeopleSoft Products CVE-2011-2277 (Unspecified vulnerability in the PeopleSoft Enterprise SCM component ...) - TODO: check + NOT-FOR-US: Oracle PeopleSoft Products CVE-2011-2276 RESERVED CVE-2011-2275 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...) - TODO: check + NOT-FOR-US: Oracle PeopleSoft Products CVE-2011-2274 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...) - TODO: check + NOT-FOR-US: Oracle PeopleSoft Products CVE-2011-2273 (Unspecified vulnerability in the Agile Core Technology component in ...) - TODO: check + NOT-FOR-US: Oracle Supply Chain Products Suite CVE-2011-2272 (Unspecified vulnerability in the PeopleSoft Enterprise FSCM component ...) - TODO: check + NOT-FOR-US: Oracle PeopleSoft Products CVE-2011-2271 RESERVED CVE-2011-2270 @@ -1425,27 +1425,27 @@ CVE-2011-2268 RESERVED CVE-2011-2267 (Unspecified vulnerability in the Oracle Outside In Technology ...) - TODO: check + NOT-FOR-US: Oracle Fusion Middleware CVE-2011-2266 RESERVED CVE-2011-2265 RESERVED CVE-2011-2264 (Unspecified vulnerability in the Oracle Outside In Technology ...) - TODO: check + NOT-FOR-US: Oracle Fusion Middleware CVE-2011-2263 (Unspecified vulnerability in Sun Integrated Lights Out Manager in ...) - TODO: check + NOT-FOR-US: Oracle SysFW CVE-2011-2262 RESERVED CVE-2011-2261 (Unspecified vulnerability in the Oracle Secure Backup component in ...) - TODO: check + NOT-FOR-US: Oracle Secure Backup CVE-2011-2260 (Unspecified vulnerability in the Oracle GlassFish Server component in ...) - TODO: check + NOT-FOR-US: Oracle Sun Products Suite CVE-2011-2259 (Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express ...) - TODO: check + NOT-FOR-US: Oracle Solaris CVE-2011-2258 (Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express ...) - TODO: check + NOT-FOR-US: Oracle Solaris CVE-2011-2257 (Unspecified vulnerability in the Database Target Type Menus component ...) - TODO: check + NOT-FOR-US: Oracle Database Server and Enterprise Manager Grid Control CVE-2011-2256 RESERVED CVE-2011-2255 @@ -1453,37 +1453,37 @@ CVE-2011-2254 RESERVED CVE-2011-2253 (Unspecified vulnerability in the Core RDBMS component in Oracle ...) - TODO: check + NOT-FOR-US: Oracle Database Server CVE-2011-2252 (Unspecified vulnerability in the Oracle Secure Backup component in ...) - TODO: check + NOT-FOR-US: Oracle Secure Backup CVE-2011-2251 (Unspecified vulnerability in the Oracle Secure Backup component in ...) - TODO: check + NOT-FOR-US: Oracle Secure Backup CVE-2011-2250 (Unspecified vulnerability in the PeopleSoft Enterprise FIN component ...) - TODO: check + NOT-FOR-US: Oracle PeopleSoft Products CVE-2011-2249 (Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows remote ...) - TODO: check + NOT-FOR-US: Oracle Solaris CVE-2011-2248 (Unspecified vulnerability in the SQL Performance Advisories/UIs ...) - TODO: check + NOT-FOR-US: Oracle Database Server and Enterprise Manager Grid Control CVE-2011-2247 RESERVED CVE-2011-2246 (Unspecified vulnerability in the Business Intelligence component in ...) - TODO: check + NOT-FOR-US: Oracle E-Business Suite CVE-2011-2245 (Unspecified vulnerability in the Solaris component in Oracle Sun ...) - TODO: check + NOT-FOR-US: Oracle Sun Products Suite CVE-2011-2244 (Unspecified vulnerability in the Security Framework component in ...) - TODO: check + NOT-FOR-US: Oracle Database Server and Enterprise Manager Grid Control CVE-2011-2243 (Unspecified vulnerability in the Core RDBMS component in Oracle ...) - TODO: check + NOT-FOR-US: Oracle Database Server CVE-2011-2242 (Unspecified vulnerability in the Core RDBMS component in Oracle ...) - TODO: check + NOT-FOR-US: Oracle Database Server CVE-2011-2241 (Unspecified vulnerability in the Oracle Business Intelligence ...) - TODO: check + NOT-FOR-US: Oracle Fusion Middleware CVE-2011-2240 (Unspecified vulnerability in the Oracle Universal Installer component ...) - TODO: check + NOT-FOR-US: Oracle Database Server CVE-2011-2239 (Unspecified vulnerability in the Core RDBMS component in Oracle ...) - TODO: check + NOT-FOR-US: Oracle Database Server CVE-2011-2238 (Unspecified vulnerability in the Database Vault component in Oracle ...) - TODO: check + NOT-FOR-US: Oracle Database Server CVE-2011-2237 RESERVED CVE-2011-2236 @@ -1495,11 +1495,11 @@ CVE-2011-2233 RESERVED CVE-2011-2232 (Unspecified vulnerability in the XML Developer Kit component in Oracle ...) - TODO: check + NOT-FOR-US: Oracle Database Server CVE-2011-2231 (Unspecified vulnerability in the XML Developer Kit component in Oracle ...) - TODO: check + NOT-FOR-US: Oracle Database Server CVE-2011-2230 (Unspecified vulnerability in the Core RDBMS component in Oracle ...) - TODO: check + NOT-FOR-US: Oracle Database Server CVE-2011-2229 RESERVED CVE-2011-2228 @@ -2914,7 +2914,7 @@ CVE-2011-1742 RESERVED CVE-2011-1741 (Stack-based buffer overflow in ftserver.exe in the OpenText ...) - TODO: check + NOT-FOR-US: OpenText Hummingbird Client Connector CVE-2011-1740 RESERVED CVE-2011-1739 (The makemask function in mountd.c in mountd in FreeBSD 7.4 through 8.2 ...) @@ -3498,7 +3498,7 @@ CVE-2011-1512 (Heap-based buffer overflow in xlssr.dll in Autonomy KeyView, as used ...) NOT-FOR-US: Autonomy KeyView CVE-2011-1511 (Unspecified vulnerability in the Oracle GlassFish Server component in ...) - TODO: check + NOT-FOR-US: Oracle Sun Products Suite CVE-2011-1510 RESERVED CVE-2011-1509 @@ -4022,9 +4022,9 @@ CVE-2011-1357 RESERVED CVE-2011-1356 (IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.39 and 7.0 ...) - TODO: check + NOT-FOR-US: IBM WebSphere Application Server CVE-2011-1355 (Open redirect vulnerability in IBM WebSphere Application Server (WAS) ...) - TODO: check + NOT-FOR-US: IBM WebSphere Application Server CVE-2011-1354 RESERVED CVE-2011-1353 @@ -4073,7 +4073,7 @@ CVE-2011-1332 (Cross-site scripting (XSS) vulnerability in Cybozu Garoon 2.0.0 ...) NOT-FOR-US: Cybozu Garoon CVE-2011-1331 (JustSystems Ichitaro 2005 through 2011, Ichitaro Government 6, ...) - TODO: check + NOT-FOR-US: JustSystems Ichitaro Products CVE-2011-1330 (Cross-site scripting (XSS) vulnerability in WeblyGo 5.0 Pro/LE, 5.02 ...) NOT-FOR-US: WeblyGo CVE-2011-1329 (WalRack 1.x before 1.1.9 and 2.x before 2.0.7 does not properly ...) @@ -5460,25 +5460,25 @@ CVE-2011-0885 (A certain Comcast Business Gateway configuration of the SMC SMCD3G-CCR ...) NOT-FOR-US: SMC SMCD3G-CCR CVE-2011-0884 (Unspecified vulnerability in the Oracle BPEL Process Manager component ...) - TODO: check + NOT-FOR-US: Oracle Fusion Middleware CVE-2011-0883 (Unspecified vulnerability in the Oracle Containers for J2EE component ...) - TODO: check + NOT-FOR-US: Oracle Fusion Middleware CVE-2011-0882 (Unspecified vulnerability in the Content Management component in ...) - TODO: check + NOT-FOR-US: Oracle Database Server CVE-2011-0881 (Unspecified vulnerability in the EMCTL component in Oracle Database ...) - TODO: check + NOT-FOR-US: Oracle Database Server CVE-2011-0880 (Unspecified vulnerability in the Core RDBMS component in Oracle ...) - TODO: check + NOT-FOR-US: Oracle Database Server CVE-2011-0879 (Unspecified vulnerability in the Instance Management component in ...) - TODO: check + NOT-FOR-US: Oracle Database Server CVE-2011-0878 RESERVED CVE-2011-0877 (Unspecified vulnerability in the Instance Management component in ...) - TODO: check + NOT-FOR-US: Oracle Database Server CVE-2011-0876 (Unspecified vulnerability in the Enterprise Manager Console component ...) - TODO: check + NOT-FOR-US: Oracle Database Server CVE-2011-0875 (Unspecified vulnerability in the EMCTL component in Oracle Database ...) - TODO: check + NOT-FOR-US: Oracle Database Server CVE-2011-0874 RESERVED CVE-2011-0873 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...) @@ -5497,7 +5497,7 @@ - sun-java6 6.26-1 (bug #629852) - openjdk-6 <undetermined> (bug #629852) CVE-2011-0870 (Unspecified vulnerability in the Schema Management component in Oracle ...) - TODO: check + NOT-FOR-US: Oracle Database Server CVE-2011-0869 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...) [lenny] - sun-java6 <no-dsa> (non-free not supported) [squeeze] - sun-java6 6.26-0squeeze1 @@ -5558,7 +5558,7 @@ CVE-2011-0853 (Unspecified vulnerability in Oracle PeopleSoft Enterprise HRMS 9.0 ...) NOT-FOR-US: Oracle PeopleSoft Enterprise CVE-2011-0852 (Unspecified vulnerability in the Security Management component in ...) - TODO: check + NOT-FOR-US: Oracle Database Server CVE-2011-0851 (Unspecified vulnerability in Oracle PeopleSoft Enterprise ELS 9.0 ...) NOT-FOR-US: Oracle PeopleSoft Enterprise CVE-2011-0850 (Unspecified vulnerability in Oracle PeopleSoft Enterprise CRM 8.9 ...) @@ -5566,13 +5566,13 @@ CVE-2011-0849 (Unspecified vulnerability in Oracle Java Dynamic Management Kit 5.1 ...) NOT-FOR-US: Oracle Java Dynamic Management Kit CVE-2011-0848 (Unspecified vulnerability in the Security Framework component in ...) - TODO: check + NOT-FOR-US: Oracle Database Server CVE-2011-0847 (Unspecified vulnerability in the OpenSSO Enterprise and Sun Java ...) NOT-FOR-US: Oracle Sun Products Suite CVE-2011-0846 (Unspecified vulnerability in the Oracle Sun Java System Access Manager ...) NOT-FOR-US: Oracle Sun Java System Access Manager Policy Agent CVE-2011-0845 (Unspecified vulnerability in the Database Control component in Oracle ...) - TODO: check + NOT-FOR-US: Oracle Enterprise Manager Grid Control CVE-2011-0844 (Unspecified vulnerability in the OpenSSO Enterprise and Sun Java ...) NOT-FOR-US: Oracle Sun Products Suite CVE-2011-0843 (Unspecified vulnerability in the Siebel CRM Core component in Oracle ...) @@ -5586,23 +5586,23 @@ CVE-2011-0839 (Unspecified vulnerability in Oracle Solaris 9, 10, and 11 Express ...) NOT-FOR-US: Oracle Solaris CVE-2011-0838 (Unspecified vulnerability in the Core RDBMS component in Oracle ...) - TODO: check + NOT-FOR-US: Oracle Database Server CVE-2011-0837 (Unspecified vulnerability in the Agile Technology Platform component ...) NOT-FOR-US: Oracle Supply Chain Products Suite CVE-2011-0836 (Unspecified vulnerability in Oracle JD Edwards EnterpriseOne Tools 8.9 ...) NOT-FOR-US: Oracle JD Edwards EnterpriseOne CVE-2011-0835 (Unspecified vulnerability in the Core RDBMS component in Oracle ...) - TODO: check + NOT-FOR-US: Oracle Database Server CVE-2011-0834 (Unspecified vulnerability in the Siebel CRM Core component in Oracle ...) NOT-FOR-US: Oracle Siebel CRM CVE-2011-0833 (Unspecified vulnerability in the Siebel CRM Core component in Oracle ...) NOT-FOR-US: Oracle Siebel CRM CVE-2011-0832 (Unspecified vulnerability in the Core RDBMS component in Oracle ...) - TODO: check + NOT-FOR-US: Oracle Database Server CVE-2011-0831 (Unspecified vulnerability in the Enterprise Config Management ...) - TODO: check + NOT-FOR-US: Oracle Database Server CVE-2011-0830 (Unspecified vulnerability in the Event Management component in Oracle ...) - TODO: check + NOT-FOR-US: Oracle Database Server CVE-2011-0829 (Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows ...) NOT-FOR-US: Oracle Solaris CVE-2011-0828 (Unspecified vulnerability in Oracle PeopleSoft Enterprise 8.8 Bundle ...) @@ -5618,7 +5618,7 @@ CVE-2011-0823 (Unspecified vulnerability in Oracle JD Edwards EnterpriseOne Tools 8.9 ...) NOT-FOR-US: Oracle JD Edwards EnterpriseOne CVE-2011-0822 (Unspecified vulnerability in the Streams, AQ & Replication Mgmt ...) - TODO: check + NOT-FOR-US: Oracle Database Serve CVE-2011-0821 (Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows local ...) NOT-FOR-US: Oracle Solaris CVE-2011-0820 (Unspecified vulnerability in Oracle Solaris 10, and 11 Express allows ...) @@ -5633,7 +5633,7 @@ - sun-java6 6.26-1 (bug #629852) - openjdk-6 <undetermined> (bug #629852) CVE-2011-0816 (Unspecified vulnerability in the CMDB Metadata & Instance APIs ...) - TODO: check + NOT-FOR-US: Oracle Database Server CVE-2011-0815 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...) [lenny] - sun-java6 <no-dsa> (non-free not supported) [squeeze] - sun-java6 6.26-0squeeze1 @@ -5649,7 +5649,7 @@ CVE-2011-0812 (Unspecified vulnerability in the Solaris component in Oracle Solaris ...) NOT-FOR-US: Oracle Solaris CVE-2011-0811 (Unspecified vulnerability in the Enterprise Config Management ...) - TODO: check + NOT-FOR-US: Oracle Database Server CVE-2011-0810 (Unspecified vulnerability Oracle JD Edwards EnterpriseOne Tools 8.9 GA ...) NOT-FOR-US: Oracle JD Edwards EnterpriseOne CVE-2011-0809 (Unspecified vulnerability in the Web ADI component in Oracle ...) @@ -5794,7 +5794,7 @@ CVE-2011-0771 (Janrain Engage (formerly RPX) module 6.x-1.3 for Drupal does not ...) NOT-FOR-US: Janrain Engage Drupal module CVE-2011-0770 (Cross-site scripting (XSS) vulnerability in Windows Event Log ...) - TODO: check + NOT-FOR-US: Windows Event Log SmartConnector CVE-2011-0769 RESERVED CVE-2011-0768 @@ -6403,7 +6403,7 @@ CVE-2011-0549 (SQL injection vulnerability in forget.php in the management GUI in ...) NOT-FOR-US: Symantec Web Gateway CVE-2011-0548 (Buffer overflow in the Lotus Freelance Graphics PRZ file viewer in ...) - TODO: check + NOT-FOR-US: Lotus Freelance Graphics CVE-2011-0547 RESERVED CVE-2011-0546 (Symantec Backup Exec 11.0, 12.0, 12.5, 13.0, and 13.0 R2 does not ...) @@ -11852,7 +11852,7 @@ CVE-2010-3272 (accounts/ValidateAnswers in the security-questions implementation in ...) NOT-FOR-US: ZOHO ManageEngine CVE-2010-3271 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...) - TODO: check + NOT-FOR-US: IBM WebSphere Application Server CVE-2010-3270 (Stack-based buffer overflow in Cisco WebEx Meeting Center T27LB before ...) NOT-FOR-US: Cisco WebEx Meeting Center CVE-2010-3269 (Multiple stack-based buffer overflows in the Cisco WebEx Recording ...) @@ -17295,7 +17295,7 @@ NOTE: This is based on various misconceptions surrounding "phishing" The only supported browser security model NOTE: surrounding URLs is the accurate post-link-click indication of the final target URL in the URL bar. CVE-2010-1383 (CFNetwork in Apple Safari before 5.0.6 on Windows allows remote web ...) - TODO: check + NOT-FOR-US: Apple Safari CVE-2010-1382 (Cross-site scripting (XSS) vulnerability in Wiki Server in Apple Mac ...) NOT-FOR-US: Apple Mac OS X CVE-2010-1381 (The default configuration of SMB File Server in Apple Mac OS X 10.5.8, ...)