thr3ads.net - Secure testing commits - [Secure-testing-commits] r18296

If this information is useful, please help other people find it:
Share via:
James Strandboge
2012-Jan-25 19:31 UTC
[Secure-testing-commits] r18296 - data/CVE

Author: jamie-guest
Date: 2012-01-25 19:31:29 +0000 (Wed, 25 Jan 2012)
New Revision: 18296

Modified:
   data/CVE/list
Log:
NFUs

Modified: data/CVE/list
==================================================================---
data/CVE/list	2012-01-25 17:49:00 UTC (rev 18295)
+++ data/CVE/list	2012-01-25 19:31:29 UTC (rev 18296)
@@ -1,3 +1,19 @@
+CVE-2012-0919
+	NOT-FOR-US: Hitachi IT Operations Director
+CVE-2012-0918
+	NOT-FOR-US: Hitachi
+CVE-2012-0917
+	NOT-FOR-US: Hitachi IT Operations Analyzer
+CVE-2012-0916
+	NOT-FOR-US: RenRen Talk
+CVE-2012-0915
+	NOT-FOR-US: RenRen Talk
+CVE-2012-0914
+	NOT-FOR-US: admin view in the Panels module for Drupal
+CVE-2012-0913
+	NOT-FOR-US: ICloudCenter ICTimeAttendance
+CVE-2012-0912
+	NOT-FOR-US: Stoneware webNetwork
 CVE-2012-0911
 	RESERVED
 CVE-2012-0910
@@ -5,7 +21,7 @@
 CVE-2012-0909
 	RESERVED
 CVE-2012-0907 (Directory traversal vulnerability in the web player in NeoAxis
NeoAxis ...)
-	TODO: check
+	NOT-FOR-US: NeoAxis NeoAxis web player
 CVE-2012-0906 (SQL injection vulnerability in the Moviebase addon for
deV!L''z ...)
 	NOT-FOR-US: deV!L''z Clanportal
 CVE-2012-0905 (SQL injection vulnerability in deV!L''z Clanportal
(DZCP) Gamebase ...)
@@ -17,19 +33,19 @@
 CVE-2012-0902 (AirTies Air 4450 1.1.2.18 allows remote attackers to cause a
denial of ...)
 	NOT-FOR-US: AirTies Air
 CVE-2012-0901 (Cross-site scripting (XSS) vulnerability in yousaytoo.php in
YouSayToo ...)
-	TODO: check
+	NOT-FOR-US: YouSayToo auto-publishing plugin for WordPress
 CVE-2012-0900 (Multiple cross-site scripting (XSS) vulnerabilities in Beehive
Forum ...)
-	TODO: check
+	NOT-FOR-US: Beehive Forum
 CVE-2012-0899 (Cross-site scripting (XSS) vulnerability in ...)
-	TODO: check
+	NOT-FOR-US: Annuaire PHP
 CVE-2012-0898 (Directory traversal vulnerability in meb_download.php in the
...)
-	TODO: check
+	NOT-FOR-US: myEASYbackup plugin for WordPress
 CVE-2012-0897 (Stack-based buffer overflow in the JPEG2000 plugin in IrfanView
...)
-	TODO: check
+	NOT-FOR-US: IrfanView PlugIns
 CVE-2012-0896 (Absolute path traversal vulnerability in download.php in the
Count Per ...)
-	TODO: check
+	NOT-FOR-US: Count Per Day module for WordPress
 CVE-2012-0895 (Cross-site scripting (XSS) vulnerability in map/map.php in the
Count ...)
-	TODO: check
+	NOT-FOR-US: Count Per Day module for WordPress
 CVE-2012-0894
 	RESERVED
 CVE-2012-0893
@@ -1116,7 +1132,7 @@
 	- gnutls28 3.0.11-1
 	- gnutls26 <not-affected> (lacks DTLS support and is not affected)
 CVE-2012-0389
-	RESERVED
+	NOT-FOR-US: MailEnable Professional
 CVE-2012-0388
 	RESERVED
 CVE-2012-0387
@@ -1268,7 +1284,7 @@
 CVE-2012-0314
 	RESERVED
 CVE-2012-0313 (Cross-site scripting (XSS) vulnerability in glucose 2 before
stage 6.2 ...)
-	TODO: check
+	NOT-FOR-US: glucose
 CVE-2012-0312
 	RESERVED
 CVE-2012-0311
@@ -1400,9 +1416,9 @@
 	[squeeze] - wordpress <not-affected> (only 3.3.x vulnerable) 
 	[lenny] - wordpress <not-affected> (only 3.3.x vulnerable) 
 CVE-2012-0286
-	RESERVED
+	NOT-FOR-US: Stoneware webNetwork
 CVE-2012-0285
-	RESERVED
+	NOT-FOR-US: Stoneware webNetwork
 CVE-2012-0284
 	RESERVED
 CVE-2012-0283
@@ -1436,11 +1452,11 @@
 CVE-2012-0269
 	RESERVED
 CVE-2012-0268 (Integer overflow in the CYImage::LoadJPG method in YImage.dll in
...)
-	TODO: check
+	NOT-FOR-US: Yahoo! Messenger
 CVE-2012-0267 (The StopModule method in the NTR ActiveX control before 2.0.4.8
allows ...)
-	TODO: check
+	NOT-FOR-US: NTR ActiveX control
 CVE-2012-0266 (Multiple stack-based buffer overflows in the NTR ActiveX control
...)
-	TODO: check
+	NOT-FOR-US: NTR ActiveX control
 CVE-2012-0265
 	RESERVED
 CVE-2011-5046 (win32k.sys in the kernel-mode drivers in Microsoft Windows 7
...)
@@ -1947,7 +1963,7 @@
 CVE-2011-4874
 	RESERVED
 CVE-2011-4873 (Unspecified vulnerability in the server in Certec EDV atvise
before ...)
-	TODO: check
+	NOT-FOR-US: Certec EDV atvise
 CVE-2011-4872
 	RESERVED
 CVE-2011-4871
@@ -1961,15 +1977,15 @@
 	- isc-dhcp <unfixed> (low; bug #655746)
 	[squeeze] - isc-dhcp <not-affected> (vulnerable code not present)
 CVE-2011-4867
-	RESERVED
+	NOT-FOR-US: Tencent QQPhoto (com.tencent.qqphoto) application
 CVE-2011-4866
-	RESERVED
+	NOT-FOR-US: Kaixin001 (com.kaixin001.activity) application
 CVE-2011-4865
-	RESERVED
+	NOT-FOR-US: Tencent WBlog
 CVE-2011-4864
-	RESERVED
+	NOT-FOR-US: Tencent MobileQQ (com.tencent.mobileqq) application
 CVE-2011-4863
-	RESERVED
+	NOT-FOR-US: Tencent QQPimSecure (com.tencent.qqpimsecure) application
 CVE-2011-4862 (Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3
...)
 	{DSA-2375-1 DSA-2373-1 DSA-2372-1}
 	- heimdal <unfixed> (high)
@@ -2038,7 +2054,7 @@
 CVE-2006-7248
 	RESERVED
 CVE-2006-7247
-	RESERVED
+	NOT-FOR-US: Joomla
 CVE-2005-4894
 	RESERVED
 CVE-2005-4893
@@ -2147,15 +2163,15 @@
 CVE-2012-0193 (IBM WebSphere Application Server (WAS) 6.0 through 6.0.2.43, 6.1
...)
 	TODO: check
 CVE-2012-0192 (Multiple integer overflows in vclmi.dll in the visual class
library ...)
-	TODO: check
+	NOT-FOR-US: IBM Lotus Symphony
 CVE-2012-0191
 	RESERVED
 CVE-2012-0190 (Unspecified vulnerability in the Render method in the
ExportHTML.ocx ...)
-	TODO: check
+	NOT-FOR-US: IBM SPSS Dimensions
 CVE-2012-0189 (Multiple unspecified vulnerabilities in the (1) PrintFile and
(2) ...)
-	TODO: check
+	NOT-FOR-US: IBM SPSS SamplePower
 CVE-2012-0188 (Unspecified vulnerability in the SetLicenseInfoEx method in an
ActiveX ...)
-	TODO: check
+	NOT-FOR-US: IBM SPSS Dimensions
 CVE-2012-0187
 	RESERVED
 CVE-2012-0186
@@ -2450,9 +2466,9 @@
 CVE-2012-0111 (Unspecified vulnerability in the Oracle VM VirtualBox component
in ...)
 	TODO: check
 CVE-2012-0110 (Unspecified vulnerability in the Oracle Outside In Technology
...)
-	TODO: check
+	NOT-FOR-US: Oracle Fusion Middleware
 CVE-2012-0109 (Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11
Express ...)
-	TODO: check
+	NOT-FOR-US: Oracle Solaris
 CVE-2012-0108
 	RESERVED
 CVE-2012-0107
@@ -2464,7 +2480,7 @@
 CVE-2012-0104 (Unspecified vulnerability in Oracle GlassFish Enterprise Server
3.0.1 ...)
 	TODO: check
 CVE-2012-0103 (Unspecified vulnerability in Oracle Solaris 11 Express allows
local ...)
-	TODO: check
+	NOT-FOR-US: Oracle Solaris Kernel
 CVE-2012-0102 (Unspecified vulnerability in the MySQL Server component in
Oracle ...)
 	TODO: check
 CVE-2012-0101 (Unspecified vulnerability in the MySQL Server component in
Oracle ...)
@@ -2474,71 +2490,71 @@
 CVE-2012-0099 (Unspecified vulnerability in Oracle Solaris 9, 10, and 11
Express ...)
 	TODO: check
 CVE-2012-0098 (Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11
Express ...)
-	TODO: check
+	NOT-FOR-US: Oracle Solaris
 CVE-2012-0097 (Unspecified vulnerability in Oracle Solaris 11 Express allows
local ...)
 	TODO: check
 CVE-2012-0096 (Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11
Express ...)
-	TODO: check
+	NOT-FOR-US: Oracle Solaris
 CVE-2012-0095
 	RESERVED
 CVE-2012-0094 (Unspecified vulnerability in Oracle Solaris 9, 10, and 11
Express ...)
-	TODO: check
+	NOT-FOR-US: Oracle Solaris
 CVE-2012-0093
 	RESERVED
 CVE-2012-0092
 	RESERVED
 CVE-2012-0091 (Unspecified vulnerability in the PeopleSoft Enterprise
PeopleTools ...)
-	TODO: check
+	NOT-FOR-US: Oracle PeopleSoft Products
 CVE-2012-0090
 	RESERVED
 CVE-2012-0089 (Unspecified vulnerability in the PeopleSoft Enterprise HCM
component ...)
-	TODO: check
+	NOT-FOR-US: Oracle PeopleSoft Products
 CVE-2012-0088 (Unspecified vulnerability in the PeopleSoft Enterprise HCM
component ...)
-	TODO: check
+	NOT-FOR-US: Oracle PeopleSoft Products
 CVE-2012-0087 (Unspecified vulnerability in the MySQL Server component in
Oracle ...)
 	TODO: check
 CVE-2012-0086
 	RESERVED
 CVE-2012-0085 (Unspecified vulnerability in the Oracle WebCenter Content
component in ...)
-	TODO: check
+	NOT-FOR-US: Oracle Fusion Middleware
 CVE-2012-0084 (Unspecified vulnerability in the Oracle WebCenter Content
component in ...)
-	TODO: check
+	NOT-FOR-US: Oracle Fusion Middleware
 CVE-2012-0083 (Unspecified vulnerability in the Oracle WebCenter Content
component in ...)
-	TODO: check
+	NOT-FOR-US: Oracle Fusion Middleware
 CVE-2012-0082 (Unspecified vulnerability in the Core RDBMS component in Oracle
...)
-	TODO: check
+	NOT-FOR-US: Oracle Database Server
 CVE-2012-0081 (Unspecified vulnerability in Oracle GlassFish Enterprise Server
3.1.1 ...)
 	TODO: check
 CVE-2012-0080 (Unspecified vulnerability in the PeopleSoft Enterprise HCM
component ...)
-	TODO: check
+	NOT-FOR-US: Oracle PeopleSoft Products
 CVE-2012-0079 (Unspecified vulnerability in Oracle OpenSSO 7.1 and 8.0 allows
remote ...)
-	TODO: check
+	NOT-FOR-US: Oracle OpenSSO
 CVE-2012-0078 (Unspecified vulnerability in the Oracle Application Object
Library ...)
-	TODO: check
+	NOT-FOR-US: Oracle E-Business Suite
 CVE-2012-0077 (Unspecified vulnerability in the Oracle WebLogic Server
component in ...)
-	TODO: check
+	NOT-FOR-US: Oracle WebLogic Server
 CVE-2012-0076 (Unspecified vulnerability in the PeopleSoft Enterprise HCM
component ...)
-	TODO: check
+	NOT-FOR-US: Oracle PeopleSoft Products
 CVE-2012-0075 (Unspecified vulnerability in the MySQL Server component in
Oracle ...)
 	TODO: check
 CVE-2012-0074 (Unspecified vulnerability in the PeopleSoft Enterprise CRM
component ...)
-	TODO: check
+	NOT-FOR-US: Oracle PeopleSoft Products
 CVE-2012-0073 (Unspecified vulnerability in the Oracle Forms component in
Oracle ...)
-	TODO: check
+	NOT-FOR-US: Oracle E-Business Suite
 CVE-2012-0072 (Unspecified vulnerability in the Listener component in Oracle
Database ...)
-	TODO: check
+	NOT-FOR-US: Oracle Database Server
 CVE-2012-0071
 	RESERVED
 CVE-2011-4773
-	RESERVED
+	NOT-FOR-US: AnGuanJia (com.anguanjia.safe) application
 CVE-2011-4772
-	RESERVED
+	NOT-FOR-US: 360 KouXin (com.qihoo360.kouxin) application
 CVE-2011-4771
-	RESERVED
+	NOT-FOR-US: Scan to PDF Free (com.scan.to.pdf.trial) application
 CVE-2011-4770
-	RESERVED
+	NOT-FOR-US: QIWI Wallet (ru.mw) application
 CVE-2011-4769
-	RESERVED
+	NOT-FOR-US: 360 MobileSafe (com.qihoo360.mobilesafe) application
 CVE-2011-4768 (The Site Editor (aka SiteBuilder) feature in Parallels Plesk
Small ...)
 	NOT-FOR-US: Plesk
 CVE-2011-4767 (The Site Editor (aka SiteBuilder) feature in Parallels Plesk
Small ...)
@@ -2668,23 +2684,23 @@
 CVE-2011-4706
 	RESERVED
 CVE-2011-4705
-	RESERVED
+	NOT-FOR-US: Ming Blacklist Free (vc.software.blacklist) application
 CVE-2011-4704
-	RESERVED
+	NOT-FOR-US: Voxofon (com.voxofon) application
 CVE-2011-4703
-	RESERVED
+	NOT-FOR-US: Limit My Call (com.limited.call.view) application
 CVE-2011-4702
-	RESERVED
+	NOT-FOR-US: Nimbuzz (com.nimbuzz) application
 CVE-2011-4701
-	RESERVED
+	NOT-FOR-US: CallConfirm (jp.gr.java_conf.ofnhwx.callconfirm) application
 CVE-2011-4700
-	RESERVED
+	NOT-FOR-US: UberMedia UberSocial (com.twidroid) application
 CVE-2011-4699
-	RESERVED
+	NOT-FOR-US: Ubermedia Twidroyd Legacy (com.twidroydlegacy) application
 CVE-2011-4698
-	RESERVED
+	NOT-FOR-US: AndroidAppTools Easy Filter (com.phoneblocker.android)
 CVE-2011-4697
-	RESERVED
+	NOT-FOR-US: Xiaomi MiTalk Messenger (com.xiaomi.channel) application
 CVE-2011-4696
 	RESERVED
 CVE-2010-5075
@@ -2698,7 +2714,6 @@
 	RESERVED
 	NOT-FOR-US: spamdyke not in Debian
 CVE-2012-0069
-	RESERVED
 	NOT-FOR-US: batavi not in Debian
 CVE-2012-0068 [heap-buffer underflow when parsing LANalyzer packet]
 	RESERVED
@@ -2962,7 +2977,7 @@
 CVE-2011-4660
 	RESERVED
 CVE-2011-4659 (Cisco TelePresence Software before TE 4.1.1 on the Cisco IP
Video ...)
-	TODO: check
+	NOT-FOR-US: Cisco TelePresence Software
 CVE-2011-4658
 	RESERVED
 CVE-2011-4657
@@ -4476,7 +4491,7 @@
 CVE-2011-4143
 	RESERVED
 CVE-2011-4142 (The Web Search feature in EMC SourceOne Email Management 6.5
before ...)
-	TODO: check
+	NOT-FOR-US: EMC SourceOne Email Management
 CVE-2011-4141 (Untrusted search path vulnerability in EMC RSA SecurID Software
Token ...)
 	NOT-FOR-US: RSA SecurID
 CVE-2011-4140 (The CSRF protection mechanism in Django through 1.2.7 and 1.3.x
...)
@@ -4495,9 +4510,9 @@
 	{DSA-2332-1}
 	- python-django 1.3.1-1 (bug #641405)
 CVE-2011-4135 (Multiple directory traversal vulnerabilities in lmgrd in Flexera
...)
-	TODO: check
+	NOT-FOR-US: Flexera FlexNet Publisher
 CVE-2011-4134 (Heap-based buffer overflow in lmadmin in Flexera FlexNet
Publisher ...)
-	TODO: check
+	NOT-FOR-US: Flexera FlexNet Publisher
 CVE-2011-4133 [MSA-11-0002]
 	RESERVED
 	{DSA-2262-1}
@@ -4539,7 +4554,6 @@
 	RESERVED
 	- ruby1.9.1 <not-affected> (Only affected trunk versions)
 CVE-2011-4120 [authentication bypass by pressing ctrl-d]
-	RESERVED
 	- libpam-yubico 2.10-1
 CVE-2011-4119
 	RESERVED
@@ -4699,7 +4713,7 @@
 	{DSA-2374-1}
 	- openswan 1:2.6.37-1 (low; bug #650674)
 CVE-2007-6744 (Flexera Macrovision InstallShield before 2008 sends a ...)
-	TODO: check
+	NOT-FOR-US: Flexera Macrovision InstallShield
 CVE-2006-7246
 	RESERVED
 CVE-2011-4072
@@ -4744,7 +4758,6 @@
 	- phpmyadmin 4:3.4.6-1 (unimportant)
 CVE-2011-4057 (Wibu-Systems AG CodeMeter Runtime 4.30c, 4.10b, and possibly
other ...)
 	NOT-FOR-US: Wibu-Systems AG CodeMeter Runtime
-	TODO: check
 CVE-2011-4056 (An unspecified ActiveX control in ActBar.ocx in Siemens
Tecnomatix ...)
 	NOT-FOR-US: Siemens Tecnomatix
 CVE-2011-4055 (Buffer overflow in the WebClient ActiveX control in Siemens
Tecnomatix ...)
@@ -4752,7 +4765,7 @@
 CVE-2011-4054 (Cross-site scripting (XSS) vulnerability in login.fcc in CA
SiteMinder ...)
 	NOT-FOR-US: CA SiteMinder
 CVE-2011-4053 (Untrusted search path vulnerability in 7-Technologies (7T)
Interactive ...)
-	TODO: check
+	NOT-FOR-US: 7-Technologies (7T) Interactive Graphical SCADA System
 CVE-2011-4052 (Stack-based buffer overflow in CEServer.exe in the CEServer
component ...)
 	NOT-FOR-US: InduSoft Web Studio
 CVE-2011-4051 (CEServer.exe in the CEServer component in the Remote Agent
module in ...)
@@ -6288,25 +6301,25 @@
 CVE-2011-3575 (Stack-based buffer overflow in the NSFComputeEvaluateExt
function in ...)
 	NOT-FOR-US: IBM Lotus Domino
 CVE-2011-3574 (Unspecified vulnerability in Oracle Communications Unified 7.0
allows ...)
-	TODO: check
+	NOT-FOR-US: Oracle Communications Unified
 CVE-2011-3573 (Unspecified vulnerability in Oracle Communications Unified 7.0
allows ...)
-	TODO: check
+	NOT-FOR-US: Oracle Communications Unified
 CVE-2011-3572
 	RESERVED
 CVE-2011-3571 (Unspecified vulnerability in the Virtual Desktop Infrastructure
(VDI) ...)
 	TODO: check
 CVE-2011-3570 (Unspecified vulnerability in Oracle Communications Unified 7.0
allows ...)
-	TODO: check
+	NOT-FOR-US: Oracle Communications Unified
 CVE-2011-3569 (Unspecified vulnerability in the Oracle Web Services Manager
component ...)
-	TODO: check
+	NOT-FOR-US: Oracle Fusion Middleware
 CVE-2011-3568 (Unspecified vulnerability in the Oracle Web Services Manager
component ...)
-	TODO: check
+	NOT-FOR-US: Oracle Fusion Middleware
 CVE-2011-3567
 	RESERVED
 CVE-2011-3566 (Unspecified vulnerability in the Oracle WebLogic Server
component in ...)
-	TODO: check
+	NOT-FOR-US: Oracle Fusion Middleware
 CVE-2011-3565 (Unspecified vulnerability in Oracle Communications Unified 7.0
allows ...)
-	TODO: check
+	NOT-FOR-US: Oracle Communications Unified
 CVE-2011-3564 (Unspecified vulnerability in Oracle GlassFish Enterprise Server
2.1.1 ...)
 	TODO: check
 CVE-2011-3563
@@ -6442,7 +6455,7 @@
 CVE-2011-3532 (Unspecified vulnerability in the Oracle Agile Product Supplier
...)
 	NOT-FOR-US: Oracle Supply Chain
 CVE-2011-3531 (Unspecified vulnerability in the Oracle Web Services Manager
component ...)
-	TODO: check
+	NOT-FOR-US: Oracle Fusion Middleware
 CVE-2011-3530 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS
component ...)
 	NOT-FOR-US: Oracle PeopleSoft
 CVE-2011-3529 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS
component ...)
@@ -6456,7 +6469,7 @@
 CVE-2011-3525 (Unspecified vulnerability in the Application Express component
in ...)
 	NOT-FOR-US: Oracle Database Server
 CVE-2011-3524 (Unspecified vulnerability in the JD Edwards EnterpriseOne Tools
...)
-	TODO: check
+	NOT-FOR-US: Oracle JD Edwards Products
 CVE-2011-3523 (Unspecified vulnerability in the Oracle Web Services Manager
component ...)
 	NOT-FOR-US: Oracle Fusion
 CVE-2011-3522 (Unspecified vulnerability in SysFW 8.0 on certain SPARC T3,
Netra ...)
@@ -6482,7 +6495,7 @@
 CVE-2011-3515 (Unspecified vulnerability in the Oracle Solaris 10 and 11
Express ...)
 	NOT-FOR-US: Oracle Solaris
 CVE-2011-3514 (Unspecified vulnerability in the JD Edwards EnterpriseOne Tools
...)
-	TODO: check
+	NOT-FOR-US: Oracle JD Edwards Products
 CVE-2011-3513 (Unspecified vulnerability in the Oracle Application Object
Library ...)
 	NOT-FOR-US: Oracle E-Business Suite
 CVE-2011-3512 (Unspecified vulnerability in the Core RDBMS component in Oracle
...)
@@ -6492,7 +6505,7 @@
 CVE-2011-3510 (Unspecified vulnerability in the Oracle Business Intelligence
...)
 	NOT-FOR-US: Oracle Fusion Middleware
 CVE-2011-3509 (Unspecified vulnerability in the JD Edwards EnterpriseOne Tools
...)
-	TODO: check
+	NOT-FOR-US: Oracle JD Edwards Products
 CVE-2011-3508 (Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11
Express ...)
 	NOT-FOR-US: Oracle Solaris
 CVE-2011-3507 (Unspecified vulnerability in the Oracle Communications Unified
...)
@@ -6552,9 +6565,9 @@
 CVE-2011-3480
 	RESERVED
 CVE-2011-3479
-	RESERVED
+	NOT-FOR-US: Symantec pcAnywhere
 CVE-2011-3478
-	RESERVED
+	NOT-FOR-US: Symantec pcAnywhere
 CVE-2011-3477
 	RESERVED
 CVE-2011-3476
@@ -6954,7 +6967,7 @@
 CVE-2011-3345 (ulp/sdp/sdp_proc.c in the ib_sdp module (aka ib_sdp.ko) in the
...)
 	- ofa-kernel <itp> (bug #541849)
 CVE-2011-3344
-	RESERVED
+	NOT-FOR-US: Red Hat Network Satellite server
 CVE-2011-3343 (Multiple buffer overflows in OpenTTD before 1.1.3 allow local
users to ...)
 	{DSA-2386-1}
 	- openttd 1.1.3-1
@@ -7444,7 +7457,7 @@
 CVE-2010-4816
 	RESERVED
 CVE-2010-4815
-	RESERVED
+	NOT-FOR-US: coppermine gallery
 CVE-2011-3169 (Unspecified vulnerability in the SMTP service implementation in
HP ...)
 	NOT-FOR-US: HP OpenVMS
 CVE-2011-3168 (Unspecified vulnerability in the POP and IMAP service
implementations ...)
@@ -8143,7 +8156,7 @@
 	{DSA-2310-1 DSA-2303-1}
 	- linux-2.6 3.0.0-2
 CVE-2011-2927
-	RESERVED
+	NOT-FOR-US: Red Hat Network Satellite server
 CVE-2011-2926
 	RESERVED
 CVE-2011-2925 (Cumin in Red Hat Enterprise Messaging, Realtime, and Grid (MRG)
2.0 ...)
@@ -8159,9 +8172,9 @@
 	RESERVED
 	- ktsuss <removed>
 CVE-2011-2920
-	RESERVED
+	NOT-FOR-US: Red Hat Network Satellite server
 CVE-2011-2919
-	RESERVED
+	NOT-FOR-US: Red Hat Network Satellite server
 CVE-2011-2918
 	RESERVED
 	{DSA-2303-1}
@@ -9913,17 +9926,17 @@
 CVE-2011-2327 (Unspecified vulnerability in the Oracle Communications Unified
...)
 	NOT-FOR-US: Oracle Sun Products Suite
 CVE-2011-2326 (Unspecified vulnerability in the JD Edwards EnterpriseOne Tools
...)
-	TODO: check
+	NOT-FOR-US: Oracle JD Edwards Products
 CVE-2011-2325 (Unspecified vulnerability in the JD Edwards EnterpriseOne Tools
...)
-	TODO: check
+	NOT-FOR-US: Oracle JD Edwards Products
 CVE-2011-2324 (Unspecified vulnerability in the JD Edwards EnterpriseOne Tools
...)
-	TODO: check
+	NOT-FOR-US: Oracle JD Edwards Products
 CVE-2011-2323 (Unspecified vulnerability in the Health Sciences - Oracle
Thesaurus ...)
 	NOT-FOR-US: Oracle Thesaurus Management System
 CVE-2011-2322 (Unspecified vulnerability in the Database Vault component in
Oracle ...)
 	NOT-FOR-US: Oracle Database Server
 CVE-2011-2321 (Unspecified vulnerability in the JD Edwards EnterpriseOne Tools
...)
-	TODO: check
+	NOT-FOR-US: Oracle JD Edwards Products
 CVE-2011-2320 (Unspecified vulnerability in the Oracle WebLogic Server
component in ...)
 	NOT-FOR-US: Oracle Fusion Middleware
 CVE-2011-2319 (Unspecified vulnerability in the Oracle WebLogic Server
component in ...)
@@ -9931,7 +9944,7 @@
 CVE-2011-2318 (Unspecified vulnerability in the Oracle WebLogic Server
component in ...)
 	NOT-FOR-US: Oracle Fusion Middleware
 CVE-2011-2317 (Unspecified vulnerability in the JD Edwards EnterpriseOne Tools
...)
-	TODO: check
+	NOT-FOR-US: Oracle JD Edwards Products
 CVE-2011-2316 (Unspecified vulnerability in the Siebel Apps - Marketing
component in ...)
 	NOT-FOR-US: Oracle Siebel
 CVE-2011-2315 (Unspecified vulnerability in the PeopleSoft Enterprise
PeopleTools ...)
@@ -10025,7 +10038,7 @@
 CVE-2011-2272 (Unspecified vulnerability in the PeopleSoft Enterprise FSCM
component ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
 CVE-2011-2271 (Unspecified vulnerability in the Oracle Application Object
Library ...)
-	TODO: check
+	NOT-FOR-US: Oracle E-Business Suite
 CVE-2011-2270
 	RESERVED
 CVE-2011-2269
@@ -11427,7 +11440,6 @@
 	NOTE: CVE-2011-1774 is about webkit''s interface to xmlsec,
CVE-2011-1425 is the actual issue
 	NOTE: http://www.openwall.com/lists/oss-security/2011/05/09/4
 CVE-2011-1773
-	RESERVED
 	NOT-FOR-US: virt-v2v
 CVE-2011-1772 (Multiple cross-site scripting (XSS) vulnerabilities in XWork in
Apache ...)
 	NOT-FOR-US: Apache Struts 2.x
@@ -11874,7 +11886,7 @@
 	[squeeze] - rdesktop <no-dsa> (Minor issue)
 	[lenny] - rdesktop <no-dsa> (Minor issue)
 CVE-2011-1594
-	RESERVED
+	NOT-FOR-US: Red Hat Network Satellite server
 CVE-2011-1593 (Multiple integer overflows in the next_pidmap function in
kernel/pid.c ...)
 	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.38-4
@@ -12615,7 +12627,7 @@
 CVE-2011-1390
 	RESERVED
 CVE-2011-1389 (Multiple directory traversal vulnerabilities in the vendor
daemon in ...)
-	TODO: check
+	NOT-FOR-US: Telelogic License Server
 CVE-2011-1388 (The Blueberry FlashBack ActiveX control in BB FlashBack
Recorder.dll ...)
 	NOT-FOR-US: IBM Rational Rhapsody
 CVE-2011-1387
@@ -13763,7 +13775,7 @@
 	[wheezy] - linux-2.6 2.6.32-31
 	[squeeze] - linux-2.6 2.6.32-31
 CVE-2011-1009
-	RESERVED
+	NOT-FOR-US: Vanilla Forums
 CVE-2011-1008 (Scrips_Overlay.pm in Best Practical Solutions RT before 3.8.9
does not ...)
 	- request-tracker3.8 3.8.10-1 (bug #614576)
 	[squeeze] - request-tracker3.8 3.8.8-7+squeeze1
@@ -15116,7 +15128,7 @@
 CVE-2011-0526 (Cross-site scripting (XSS) vulnerability in index.php in Vanilla
...)
 	NOT-FOR-US: Vanilla Forums
 CVE-2011-0525
-	RESERVED
+	NOT-FOR-US: Batavi
 CVE-2011-0524
 	RESERVED
 	- gypsy <itp> (bug #491723)
@@ -15851,22 +15863,19 @@
 CVE-2010-4664
 	RESERVED
 CVE-2010-4663 (Unspecified vulnerability in the News module in CMS Made Simple
...)
-	TODO: check
+	NOT-FOR-US: CMS Made Simple
 CVE-2010-4662
-	RESERVED
+	NOT-FOR-US: pmwiki
 CVE-2010-4661 [arbitrary kernel module loading]
 	RESERVED
 	- udisks <unfixed>
 	NOTE: upstream bug https://bugs.freedesktop.org/show_bug.cgi?id=32232
 	NOTE: fixed by
http://cgit.freedesktop.org/udisks/commit/?id=c933a929f07421ec747cebb24d5e620fc2b97037
 CVE-2010-4660
-	RESERVED
 	- statusnet <itp> (bug #491723)
 CVE-2010-4659
-	RESERVED
 	- statusnet <itp> (bug #491723)
 CVE-2010-4658
-	RESERVED
 	- statusnet <itp> (bug #491723)
 CVE-2010-4657 [xmlTextWriterWriteAttribute heap disclosure]
 	RESERVED
@@ -17087,7 +17096,6 @@
 CVE-2009-5026
 	RESERVED
 CVE-2009-5025 [PyForum XSS+CSRF]
-	RESERVED
 	NOT-FOR-US: PyForum
 CVE-2009-5024 (ViewVC before 1.1.11 allows remote attackers to bypass the cvsdb
...)
 	TODO: check
Secure testing commits - Jan 2012 - r18296 - data/CVE

[Secure-testing-commits] r18296 - data/CVE
