thr3ads.net - Secure testing commits - [Secure-testing-commits] r17639

If this information is useful, please help other people find it:
Share via:
Federico Ceratto
2011-Nov-19 12:52 UTC
[Secure-testing-commits] r17639 - data/CVE

Author: federico-guest
Date: 2011-11-19 12:51:59 +0000 (Sat, 19 Nov 2011)
New Revision: 17639

Modified:
   data/CVE/list
Log:
NFUs

Modified: data/CVE/list
==================================================================---
data/CVE/list	2011-11-19 11:20:23 UTC (rev 17638)
+++ data/CVE/list	2011-11-19 12:51:59 UTC (rev 17639)
@@ -33,7 +33,7 @@
 CVE-2011-4448
 	RESERVED
 CVE-2008-7303 (The nonet and nointernet sandbox profiles in Apple Mac OS X
10.5.x do ...)
-	TODO: check
+	NOT-FOR-US: Apple Mac OS X
 CVE-2011-4447
 	RESERVED
 CVE-2011-4446
@@ -883,13 +883,13 @@
 CVE-2011-4159
 	RESERVED
 CVE-2011-4158 (Unspecified vulnerability in HP Directories Support for ProLiant
...)
-	TODO: check
+	NOT-FOR-US: HP Directories Support
 CVE-2011-4157 (Stack-based buffer overflow in hydra.exe in HP SAN/iQ before 9.5
on ...)
-	TODO: check
+	NOT-FOR-US: HP SAN/iQ
 CVE-2011-4156 (Cross-site scripting (XSS) vulnerability in HP Network Node
Manager i ...)
-	TODO: check
+	NOT-FOR-US: HP Network Node Manager
 CVE-2011-4155 (Cross-site scripting (XSS) vulnerability in HP Network Node
Manager i ...)
-	TODO: check
+	NOT-FOR-US: HP Network Node Manager
 CVE-2011-4154
 	RESERVED
 CVE-2011-4153
@@ -4998,9 +4998,9 @@
 CVE-2011-2741
 	RESERVED
 CVE-2011-2740 (EMC RSA Key Manager (RKM) Appliance 2.7 SP1 before 2.7.1.6, when
...)
-	TODO: check
+	NOT-FOR-US: EMC RSA Key Manager
 CVE-2011-2739 (The file-blocking feature in EMC Documentum eRoom 7.3.x and
7.4.x ...)
-	TODO: check
+	NOT-FOR-US: EMC Documentum eRoom
 CVE-2011-2738 (Multiple unspecified vulnerabilities in Cisco Unified Service
Monitor ...)
 	NOT-FOR-US: Cisco Unified Service Monitor, CiscoWorks LAN Management Solution
 CVE-2011-2737 (RSA enVision 3.x and 4.x before 4 SP4 P3 allows remote attackers
to ...)
@@ -6830,13 +6830,13 @@
 CVE-2011-2061
 	RESERVED
 CVE-2011-2060 (The platform-sw component on Cisco Adaptive Security Appliances
(ASA) ...)
-	TODO: check
+	NOT-FOR-US: Cisco Adaptive Security Appliances
 CVE-2011-2059 (The ipv6 component in Cisco IOS before 15.1(4)M1.3 allows remote
...)
-	TODO: check
+	NOT-FOR-US: Cisco IOS
 CVE-2011-2058 (The cat6000-dot1x component in Cisco IOS 12.2 before
12.2(33)SXI7 does ...)
-	TODO: check
+	NOT-FOR-US: Cisco IOS
 CVE-2011-2057 (The cat6000-dot1x component in Cisco IOS 12.2 before
12.2(33)SXI7 does ...)
-	TODO: check
+	NOT-FOR-US: Cisco IOS
 CVE-2011-2056
 	RESERVED
 CVE-2011-2055
@@ -6866,7 +6866,7 @@
 CVE-2011-2043
 	RESERVED
 CVE-2011-2042 (The Sybase SQL Anywhere database component in Cisco CiscoWorks
Common ...)
-	TODO: check
+	NOT-FOR-US: Cisco CiscoWorks
 CVE-2011-2041 (The Start Before Logon (SBL) functionality in Cisco AnyConnect
Secure ...)
 	NOT-FOR-US: Cisco
 CVE-2011-2040 (The helper application in Cisco AnyConnect Secure Mobility
Client ...)
@@ -6920,13 +6920,13 @@
 CVE-2011-2017
 	RESERVED
 CVE-2011-2016 (Untrusted search path vulnerability in Windows Mail and Windows
...)
-	TODO: check
+	NOT-FOR-US: Microsoft Windows
 CVE-2011-2015
 	RESERVED
 CVE-2011-2014 (The LDAP over SSL (aka LDAPS) implementation in Active
Directory, ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Windows
 CVE-2011-2013 (Integer overflow in the TCP/IP implementation in Microsoft
Windows ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Windows
 CVE-2011-2012 (Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold,
Update 1, ...)
 	NOT-FOR-US: Microsoft Forefront
 CVE-2011-2011 (Use-after-free vulnerability in win32k.sys in the kernel-mode
drivers ...)
@@ -6944,7 +6944,7 @@
 CVE-2011-2005 (afd.sys in the Ancillary Function Driver in Microsoft Windows XP
SP2 ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2011-2004 (Array index error in win32k.sys in the kernel-mode drivers in
...)
-	TODO: check
+	NOT-FOR-US: Microsoft Windows
 CVE-2011-2003 (Buffer overflow in win32k.sys in the kernel-mode drivers in
Microsoft ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2011-2002 (win32k.sys in the kernel-mode drivers in Microsoft Windows Vista
SP2, ...)
@@ -7174,9 +7174,9 @@
 	[squeeze] - pmake 1.111-2+squeeze1
 	[lenny] - pmake 1.111-1+lenny1
 CVE-2011-1919 (Multiple stack-based buffer overflows in GE Intelligent
Platforms ...)
-	TODO: check
+	NOT-FOR-US: GE Intelligent Platforms
 CVE-2011-1918 (Stack-based buffer overflow in the Data Archiver service in GE
...)
-	TODO: check
+	NOT-FOR-US: GE Intelligent Platforms
 CVE-2011-1917
 	RESERVED
 CVE-2011-1916
@@ -7979,7 +7979,7 @@
 CVE-2011-1641
 	RESERVED
 CVE-2011-1640 (The ethernet-lldp component in Cisco IOS 12.2 before
12.2(33)SXJ1 does ...)
-	TODO: check
+	NOT-FOR-US: Cisco IOS
 CVE-2011-1639
 	RESERVED
 CVE-2011-1638
@@ -8339,9 +8339,9 @@
 CVE-2011-1511 (Unspecified vulnerability in the Oracle GlassFish Server
component in ...)
 	NOT-FOR-US: Oracle Sun Products Suite
 CVE-2011-1510 (Cross-site scripting (XSS) vulnerability in SolutionSearch.do in
...)
-	TODO: check
+	NOT-FOR-US: ManageEngine ServiceDesk Plus
 CVE-2011-1509 (The encryptPassword function in Login.js in ManageEngine
ServiceDesk ...)
-	TODO: check
+	NOT-FOR-US: ManageEngine ServiceDesk Plus
 CVE-2011-1508
 	RESERVED
 CVE-2011-1507 (Asterisk Open Source 1.4.x before 1.4.40.1, 1.6.1.x before
1.6.1.25, ...)
@@ -8829,25 +8829,25 @@
 CVE-2011-1376
 	RESERVED
 CVE-2011-1375 (IBM AIX 6.1 and 7.1 does not restrict the wpar_limits_config and
...)
-	TODO: check
+	NOT-FOR-US: IBM AIX
 CVE-2011-1374
 	RESERVED
 CVE-2011-1373 (Unspecified vulnerability in IBM DB2 9.7 before FP5 on UNIX,
when the ...)
-	TODO: check
+	NOT-FOR-US: IBM DB2
 CVE-2011-1372
 	RESERVED
 CVE-2011-1371 (Cross-site scripting (XSS) vulnerability in content/error.jsp in
IBM ...)
-	TODO: check
+	NOT-FOR-US: IBM WebSphere
 CVE-2011-1370 (The default configuration of the Sametime configuration servlet
(SCS) ...)
-	TODO: check
+	NOT-FOR-US: IBM Lotus Sametime
 CVE-2011-1369
 	RESERVED
 CVE-2011-1368 (The JavaServer Faces (JSF) application functionality in IBM
WebSphere ...)
-	TODO: check
+	NOT-FOR-US: IBM WebSphere
 CVE-2011-1367 (Unspecified vulnerability in the File Load feature in IBM
Rational ...)
-	TODO: check
+	NOT-FOR-US: IBM Rational AppScan
 CVE-2011-1366 (Unspecified vulnerability in the Import feature in IBM Rational
...)
-	TODO: check
+	NOT-FOR-US: IBM Rational AppScan
 CVE-2011-1365
 	RESERVED
 CVE-2011-1364 (Cross-site request forgery (CSRF) vulnerability in ...)
@@ -8859,7 +8859,7 @@
 CVE-2011-1361
 	RESERVED
 CVE-2011-1360 (Multiple cross-site scripting (XSS) vulnerabilities in IBM HTTP
Server ...)
-	TODO: check
+	NOT-FOR-US: IBM HTTP Server
 CVE-2011-1359 (Directory traversal vulnerability in the administration console
in IBM ...)
 	NOT-FOR-US: IBM WebSphere
 CVE-2011-1358
@@ -10190,7 +10190,7 @@
 CVE-2011-0942
 	RESERVED
 CVE-2011-0941 (Memory leak in Cisco Unified Communications Manager (CUCM) 6.x
before ...)
-	TODO: check
+	NOT-FOR-US: Cisco Unified Communications Manager
 CVE-2011-0940
 	RESERVED
 CVE-2011-0939 (Unspecified vulnerability in Cisco IOS 12.4, 15.0, and 15.1, and
IOS ...)
@@ -24038,7 +24038,7 @@
 CVE-2010-0781 (Unspecified vulnerability in the administrative console in IBM
...)
 	NOT-FOR-US: IBM WebSphere Application Server
 CVE-2010-0780 (IBM WebSphere MQ 7.x before 7.0.1.4 allows remote attackers to
cause a ...)
-	TODO: check
+	NOT-FOR-US: IBM WebSphere
 CVE-2010-0779 (Cross-site scripting (XSS) vulnerability in the Administration
Console ...)
 	NOT-FOR-US: IBM WebSphere
 CVE-2010-0778 (Cross-site scripting (XSS) vulnerability in the Administration
Console ...)
@@ -32143,9 +32143,9 @@
 CVE-2009-2749 (Feature Pack for Communications Enabled Applications (CEA)
before ...)
 	NOT-FOR-US: IBM WebSphere Application Server
 CVE-2009-2748 (Cross-site scripting (XSS) vulnerability in the Administration
Console ...)
-	TODO: check
+	NOT-FOR-US: IBM WebSphere
 CVE-2009-2747 (The Java Naming and Directory Interface (JNDI) implementation in
IBM ...)
-	TODO: check
+	NOT-FOR-US: IBM WebSphere
 CVE-2009-2746 (Cross-site request forgery (CSRF) vulnerability in the
administrative ...)
 	NOT-FOR-US: IBM WebSphere Application Server
 CVE-2009-2745
@@ -38243,7 +38243,7 @@
 CVE-2009-0906 (The Service Component Architecture (SCA) feature pack for IBM
...)
 	NOT-FOR-US: IBM WebSphere 
 CVE-2009-0905 (IBM WebSphere MQ 6.0 before 6.0.2.8 and 7.0 before 7.0.1.0 does
not ...)
-	TODO: check
+	NOT-FOR-US: IBM WebSphere
 CVE-2009-0904 (The IBM Stax XMLStreamWriter in the Web Services component in
IBM ...)
 	NOT-FOR-US: IBM WebSphere Application Server
 CVE-2009-0903 (IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.3, and
the ...)
@@ -38253,7 +38253,7 @@
 CVE-2009-0901 (The Active Template Library (ATL) in Microsoft Visual Studio
.NET 2003 ...)
 	NOT-FOR-US: Microsoft Visual Studio .NET
 CVE-2009-0900 (Heap-based buffer overflow in the client in IBM WebSphere MQ 6.0
...)
-	TODO: check
+	NOT-FOR-US: IBM WebSphere
 CVE-2009-0899 (IBM WebSphere Application Server (WAS) 6.1 through 6.1.0.24 and
7.0 ...)
 	NOT-FOR-US: IBM WebSphere
 CVE-2009-0898 (Stack-based buffer overflow in HP OpenView Network Node Manager
(OV ...)
Secure testing commits - Nov 2011 - r17639 - data/CVE

[Secure-testing-commits] r17639 - data/CVE
