Secure testing commits - Oct 2011 - r17438 - data/CVE

Author: federico-guest
Date: 2011-10-16 19:11:45 +0000 (Sun, 16 Oct 2011)
New Revision: 17438

Modified:
   data/CVE/list
Log:
NFUs

Modified: data/CVE/list
==================================================================---
data/CVE/list	2011-10-16 19:04:00 UTC (rev 17437)
+++ data/CVE/list	2011-10-16 19:11:45 UTC (rev 17438)
@@ -2215,39 +2215,39 @@
 CVE-2011-3229 (Directory traversal vulnerability in Apple Safari before 5.1.1
allows ...)
 	TODO: check
 CVE-2011-3228 (QuickTime in Apple Mac OS X before 10.7.2 allows remote
attackers to ...)
-	TODO: check
+	NOT-FOR-US: QuickTime in Apple Mac OS X
 CVE-2011-3227 (libsecurity in Apple Mac OS X before 10.7.2 does not properly
handle ...)
-	TODO: check
+	NOT-FOR-US: libsecurity in Apple Mac OS X
 CVE-2011-3226 (Open Directory in Apple Mac OS X 10.7 before 10.7.2, when an
LDAPv3 ...)
-	TODO: check
+	NOT-FOR-US: Open Directory in Apple Mac OS X
 CVE-2011-3225 (The SMB File Server component in Apple Mac OS X 10.7 before
10.7.2 ...)
-	TODO: check
+	NOT-FOR-US: SMB File Server component in Apple Mac OS X
 CVE-2011-3224 (The User Documentation component in Apple Mac OS X through
10.6.8 uses ...)
-	TODO: check
+	NOT-FOR-US: User Documentation component in Apple Mac OS X
 CVE-2011-3223 (Buffer overflow in QuickTime in Apple Mac OS X before 10.7.2
allows ...)
-	TODO: check
+	NOT-FOR-US: QuickTime in Apple Mac OS X
 CVE-2011-3222 (Buffer overflow in QuickTime in Apple Mac OS X before 10.7.2
allows ...)
-	TODO: check
+	NOT-FOR-US: QuickTime in Apple Mac OS X
 CVE-2011-3221 (QuickTime in Apple Mac OS X before 10.7.2 does not properly
handle the ...)
-	TODO: check
+	NOT-FOR-US: QuickTime in Apple Mac OS X
 CVE-2011-3220 (QuickTime in Apple Mac OS X before 10.7.2 does not properly
process ...)
-	TODO: check
+	NOT-FOR-US: QuickTime in Apple Mac OS X
 CVE-2011-3219 (Buffer overflow in CoreMedia, as used in Apple iTunes before
10.5, ...)
 	NOT-FOR-US: Apple CoreMedia
 CVE-2011-3218 (The "Save for Web" selection in QuickTime
Player in Apple Mac OS X ...)
-	TODO: check
+	NOT-FOR-US: QuickTime in Apple Mac OS X
 CVE-2011-3217 (MediaKit in Apple Mac OS X through 10.6.8 allows remote
attackers to ...)
 	TODO: check
 CVE-2011-3216 (The kernel in Apple Mac OS X before 10.7.2 does not properly
implement ...)
-	TODO: check
+	NOT-FOR-US: kernel in Apple Mac OS X
 CVE-2011-3215 (The kernel in Apple Mac OS X before 10.7.2 does not properly
prevent ...)
-	TODO: check
+	NOT-FOR-US: kernel in Apple Mac OS X
 CVE-2011-3214 (IOGraphics in Apple Mac OS X through 10.6.8 does not properly
handle a ...)
-	TODO: check
+	NOT-FOR-US: IOGraphics in Apple Mac OS X
 CVE-2011-3213 (The File Systems component in Apple Mac OS X before 10.7.2 does
not ...)
-	TODO: check
+	NOT-FOR-US: File Systems component in Apple Mac OS X
 CVE-2011-3212 (CoreStorage in Apple Mac OS X 10.7 before 10.7.2 does not ensure
that ...)
-	TODO: check
+	NOT-FOR-US: CoreStorage in Apple Mac OS X
 CVE-2011-3211 (The server in Bcfg2 1.1.2 and earlier, and 1.2 prerelease,
allows ...)
 	{DSA-2302-1}
 	- bcfg2 1.1.2-2 (bug #640028)
@@ -2427,7 +2427,7 @@
 CVE-2011-3156
 	RESERVED
 CVE-2011-3155 (Unspecified vulnerability in HP Onboard Administrator (OA) 3.21
...)
-	TODO: check
+	NOT-FOR-US: HP Onboard Administrator
 CVE-2011-3154
 	RESERVED
 CVE-2011-3153
@@ -3850,13 +3850,13 @@
 CVE-2011-2676
 	RESERVED
 CVE-2011-2675 (Cross-site scripting (XSS) vulnerability in Enkai-kun before
110916 ...)
-	TODO: check
+	NOT-FOR-US: Enkai-kun
 CVE-2011-2674 (BaserCMS before 1.6.12 does not properly restrict additions to
the ...)
-	TODO: check
+	NOT-FOR-US: BaserCMS
 CVE-2011-2673 (Cross-site scripting (XSS) vulnerability in BaserCMS before
1.6.13.2 ...)
-	TODO: check
+	NOT-FOR-US: BaserCMS
 CVE-2011-2672 (Cross-site scripting (XSS) vulnerability in SemanticScuttle
before ...)
-	TODO: check
+	NOT-FOR-US: SemanticScuttle
 CVE-2011-2671 (Unspecified vulnerability in Megalith 12th edition through 27th
...)
 	NOT-FOR-US: Megalith
 CVE-2011-2670
@@ -3876,11 +3876,11 @@
 CVE-2011-2664 (Unspecified vulnerability in Check Point Multi-Domain Management
/ ...)
 	NOT-FOR-US: Check Point Multi-Domain Management
 CVE-2011-2663 (Array index error in GroupWise Internet Agent (GWIA) in Novell
...)
-	TODO: check
+	NOT-FOR-US: Novell GroupWise
 CVE-2011-2662 (Integer signedness error in GroupWise Internet Agent (GWIA) in
Novell ...)
-	TODO: check
+	NOT-FOR-US: Novell GroupWise
 CVE-2011-2661 (Multiple cross-site scripting (XSS) vulnerabilities in WebAccess
in ...)
-	TODO: check
+	NOT-FOR-US: Novell GroupWise
 CVE-2011-2660 (The modify_resolvconf_suse script in the vpnc package before
...)
 	- vpnc <not-affected>
 	NOTE: This only affects the SUSE packaging.
@@ -4149,9 +4149,9 @@
 CVE-2011-2545
 	RESERVED
 CVE-2011-2544 (Cross-site scripting (XSS) vulnerability in the web interface in
Cisco ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2011-2543 (Buffer overflow in the cuil component in Cisco Telepresence
System ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2011-2542
 	RESERVED
 	- libsoup2.4 <undetermined>
@@ -4425,9 +4425,9 @@
 CVE-2011-2445
 	RESERVED
 CVE-2011-2444 (Cross-site scripting (XSS) vulnerability in Adobe Flash Player
before ...)
-	TODO: check
+	NOT-FOR-US: Adobe Flash Player
 CVE-2011-2443 (Multiple buffer overflows in Adobe Photoshop Elements 8.0 and
earlier ...)
-	TODO: check
+	NOT-FOR-US: Adobe Photoshop Elements
 CVE-2011-2442 (Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and
10.x ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
 CVE-2011-2441 (Multiple stack-based buffer overflows in CoolType.dll in Adobe
Reader ...)
@@ -4453,15 +4453,15 @@
 CVE-2011-2431 (Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and
10.x ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
 CVE-2011-2430 (Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X,
Linux, and ...)
-	TODO: check
+	NOT-FOR-US: Adobe Flash Player
 CVE-2011-2429 (Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X,
Linux, and ...)
-	TODO: check
+	NOT-FOR-US: Adobe Flash Player
 CVE-2011-2428 (Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X,
Linux, and ...)
-	TODO: check
+	NOT-FOR-US: Adobe Flash Player
 CVE-2011-2427 (Stack-based buffer overflow in the ActionScript Virtual Machine
(AVM) ...)
-	TODO: check
+	NOT-FOR-US: Adobe Flash Player
 CVE-2011-2426 (Stack-based buffer overflow in the ActionScript Virtual Machine
(AVM) ...)
-	TODO: check
+	NOT-FOR-US: Adobe Flash Player
 CVE-2011-2425 (Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X,
Linux, and ...)
 	NOT-FOR-US: Adobe Flash Player
 CVE-2011-2424 (Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X,
Linux, and ...)
@@ -4489,9 +4489,9 @@
 CVE-2011-2413
 	RESERVED
 CVE-2011-2412 (Unspecified vulnerability in HP Business Service Automation
(BSA) ...)
-	TODO: check
+	NOT-FOR-US: HP Business Service Automation
 CVE-2011-2411 (Unspecified vulnerability on HP NonStop Servers with software
H06.x ...)
-	TODO: check
+	NOT-FOR-US: HP NonStop Servers
 CVE-2011-2410 (Cross-site scripting (XSS) vulnerability in HP OpenView
Performance ...)
 	NOT-FOR-US: HP OpenView
 CVE-2011-2409 (Cross-site scripting (XSS) vulnerability in the Calendar
application ...)
@@ -4956,7 +4956,7 @@
 CVE-2011-2228
 	RESERVED
 CVE-2011-2227 (Cross-site scripting (XSS) vulnerability in Novell Identity
Manager ...)
-	TODO: check
+	NOT-FOR-US: Novell Identity Manager
 CVE-2011-2226 (Cross-site scripting (XSS) vulnerability in Kiwi before 3.74.2,
as ...)
 	NOT-FOR-US: Kiwi, SUSE Studio
 CVE-2011-2225 (Unspecified vulnerability in Kiwi before 3.74.2, as used in SUSE
...)
@@ -4972,9 +4972,9 @@
 CVE-2011-2220 (Stack-based buffer overflow in NFREngine.exe in Novell File
Reporter ...)
 	NOT-FOR-US: Novell File Reporter
 CVE-2011-2219 (Unspecified vulnerability in GroupWise Internet Agent (GWIA) in
Novell ...)
-	TODO: check
+	NOT-FOR-US: Novell GroupWise
 CVE-2011-2218 (Unspecified vulnerability in GroupWise Internet Agent (GWIA) in
Novell ...)
-	TODO: check
+	NOT-FOR-US: Novell GroupWise
 CVE-2011-2217 (Certain ActiveX controls in (1) tsgetxu71ex552.dll and (2) ...)
 	NOT-FOR-US: VMware
 CVE-2011-2213 (The inet_diag_bc_audit function in net/ipv4/inet_diag.c in the
Linux ...)
@@ -5465,7 +5465,7 @@
 CVE-2011-2073
 	RESERVED
 CVE-2011-2072 (Memory leak in Cisco IOS 12.4, 15.0, and 15.1, Cisco IOS XE
2.5.x ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2011-2071
 	RESERVED
 CVE-2011-2070
@@ -5587,29 +5587,29 @@
 CVE-2011-2013
 	RESERVED
 CVE-2011-2012 (Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold,
Update 1, ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Forefront
 CVE-2011-2011 (Use-after-free vulnerability in win32k.sys in the kernel-mode
drivers ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Windows
 CVE-2011-2010
 	RESERVED
 CVE-2011-2009 (Untrusted search path vulnerability in Windows Media Center in
...)
-	TODO: check
+	NOT-FOR-US: Microsoft Windows
 CVE-2011-2008 (Microsoft Host Integration Server (HIS) 2004 SP1, 2006 SP1,
2009, and ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Host Integration Server
 CVE-2011-2007 (Microsoft Host Integration Server (HIS) 2004 SP1, 2006 SP1,
2009, and ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Host Integration Server
 CVE-2011-2006
 	RESERVED
 CVE-2011-2005 (afd.sys in the Ancillary Function Driver in Microsoft Windows XP
SP2 ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Windows
 CVE-2011-2004
 	RESERVED
 CVE-2011-2003 (Buffer overflow in win32k.sys in the kernel-mode drivers in
Microsoft ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Windows
 CVE-2011-2002 (win32k.sys in the kernel-mode drivers in Microsoft Windows Vista
SP2, ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Windows
 CVE-2011-2001 (Microsoft Internet Explorer 6 through 9 does not properly handle
...)
-	TODO: check
+	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2011-2000 (Microsoft Internet Explorer 6 through 9 does not properly handle
...)
 	TODO: check
 CVE-2011-1999 (Microsoft Internet Explorer 8 does not properly allocate and
access ...)