thr3ads.net - Secure testing commits - [Secure-testing-commits] r19020

If this information is useful, please help other people find it:
Share via:
Federico Ceratto
2012-Apr-20 13:44 UTC
[Secure-testing-commits] r19020 - data/CVE

Author: federico-guest
Date: 2012-04-20 13:44:26 +0000 (Fri, 20 Apr 2012)
New Revision: 19020

Modified:
   data/CVE/list
Log:
NFUs

Modified: data/CVE/list
==================================================================---
data/CVE/list	2012-04-20 06:45:26 UTC (rev 19019)
+++ data/CVE/list	2012-04-20 13:44:26 UTC (rev 19020)
@@ -17,13 +17,13 @@
 CVE-2012-2269
 	RESERVED
 CVE-2011-5089 (Buffer overflow in the Security Login ActiveX controls in
ICONICS ...)
-	TODO: check
+	NOT-FOR-US: ICONICS, BizViz
 CVE-2011-5088 (The GENESIS32 IcoSetServer ActiveX control in ICONICS GENESIS32
9.21 ...)
-	TODO: check
+	NOT-FOR-US: ICONICS GENESIS32, BizViz
 CVE-2011-5087 (Unspecified vulnerability in AdAstrA TRACE MODE Data Center
allows ...)
-	TODO: check
+	NOT-FOR-US: AdAstrA TRACE MODE Data Center
 CVE-2011-5086 (https50.ocx in IP*Works! SSL in the server in Unitronics UniOPC
before ...)
-	TODO: check
+	NOT-FOR-US: Unitronics UniOPC
 CVE-2012-2268 (master.exe in the SNMP Master Agent in RealNetworks Helix Server
and ...)
 	NOT-FOR-US: RealNetworks Helix
 CVE-2012-2267 (master.exe in the SNMP Master Agent in RealNetworks Helix Server
and ...)
@@ -660,7 +660,7 @@
 CVE-2012-1994
 	RESERVED
 CVE-2012-1993 (Unspecified vulnerability in HP System Management Homepage (SMH)
...)
-	TODO: check
+	NOT-FOR-US: HP System Management Homepage
 CVE-2012-1992 (Cross-site scripting (XSS) vulnerability in admin/edituser.php
in CMS ...)
 	NOT-FOR-US: CMD Made Simple
 CVE-2012-1991
@@ -702,7 +702,7 @@
 CVE-2012-1980
 	RESERVED
 CVE-2012-1979 (Cross-site scripting (XSS) vulnerability in starnet/index.php in
...)
-	TODO: check
+	NOT-FOR-US: SyndeoCMS
 CVE-2012-1978
 	RESERVED
 CVE-2012-1977
@@ -1071,13 +1071,13 @@
 CVE-2012-1803
 	RESERVED
 CVE-2012-1802 (Buffer overflow in the embedded web server on the Siemens
Scalance X ...)
-	TODO: check
+	NOT-FOR-US: Siemens Scalance X
 CVE-2012-1801 (Multiple stack-based buffer overflows in (1) COM and (2) ActiveX
...)
-	TODO: check
+	NOT-FOR-US: ABB WebWare
 CVE-2012-1800 (Stack-based buffer overflow in the Profinet DCP protocol ...)
-	TODO: check
+	NOT-FOR-US: Siemens Scalance S
 CVE-2012-1799 (The web server on the Siemens Scalance S Security Module
firewall S602 ...)
-	TODO: check
+	NOT-FOR-US: Siemens Scalance S
 CVE-2012-1798
 	RESERVED
 	- imagemagick 8:6.7.4.0-4 (bug #667635)
@@ -1750,7 +1750,7 @@
 CVE-2012-1519
 	RESERVED
 CVE-2012-1518 (VMware Workstation 8.x before 8.0.2, VMware Player 4.x before
4.0.2, ...)
-	TODO: check
+	NOT-FOR-US: VMware
 CVE-2012-1517
 	RESERVED
 CVE-2012-1516
@@ -2327,7 +2327,7 @@
 CVE-2012-1242
 	RESERVED
 CVE-2012-1241 (GRScript18.dll before 1.2.2.0 in ActiveScriptRuby (ASR) before
1.8.7 ...)
-	TODO: check
+	NOT-FOR-US: ActiveScriptRuby
 CVE-2012-1240 (Cross-site scripting (XSS) vulnerability in the RECRUIT Dokodemo
...)
 	NOT-FOR-US: RECRUIT Dokodemo
 CVE-2012-1239 (The TopAccess web-based management interface on TOSHIBA TEC
e-Studio ...)
@@ -3687,7 +3687,7 @@
 CVE-2012-0743
 	RESERVED
 CVE-2012-0742 (IBM Tivoli Event Pump 4.2.2, when the LOG_REQUESTS and ...)
-	TODO: check
+	NOT-FOR-US: IBM Tivoli Event Pump
 CVE-2012-0741
 	RESERVED
 CVE-2012-0740
@@ -4889,7 +4889,7 @@
 CVE-2012-0279
 	RESERVED
 CVE-2012-0278 (Heap-based buffer overflow in the FlashPix PlugIn before 4.3.4.0
for ...)
-	TODO: check
+	NOT-FOR-US: IrfanView
 CVE-2012-0277
 	RESERVED
 CVE-2012-0276
@@ -5343,7 +5343,7 @@
 CVE-2012-0254
 	RESERVED
 CVE-2012-0253 (Multiple cross-site scripting (XSS) vulnerabilities in Demand
Media ...)
-	TODO: check
+	NOT-FOR-US: Demand Media Pluck SiteLife
 CVE-2012-0252
 	RESERVED
 CVE-2012-0251
@@ -5461,7 +5461,7 @@
 CVE-2011-4875 (Stack-based buffer overflow in HmiLoad in the runtime loader in
...)
 	NOT-FOR-US: Siemens WinCC
 CVE-2011-4874 (Use-after-free vulnerability in MICROSYS PROMOTIC before 8.1.7
allows ...)
-	TODO: check
+	NOT-FOR-US: MICROSYS PROMOTIC
 CVE-2011-4873 (Unspecified vulnerability in the server in Certec EDV atvise
before ...)
 	NOT-FOR-US: Certec EDV atvise
 CVE-2011-4872 (Multiple HTC Android devices including Desire HD FRG83D and
GRI40, ...)
@@ -5771,7 +5771,7 @@
 CVE-2012-0178
 	RESERVED
 CVE-2012-0177 (Heap-based buffer overflow in the Office Works File Converter in
...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2012-0176
 	RESERVED
 CVE-2012-0175
@@ -5781,15 +5781,15 @@
 CVE-2012-0173
 	RESERVED
 CVE-2012-0172 (Microsoft Internet Explorer 6 through 8 does not properly handle
...)
-	TODO: check
+	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2012-0171 (Microsoft Internet Explorer 6 through 9 does not properly handle
...)
-	TODO: check
+	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2012-0170 (Microsoft Internet Explorer 6 and 7 does not properly handle
objects ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2012-0169 (Microsoft Internet Explorer 9 does not properly handle objects
in ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2012-0168 (Microsoft Internet Explorer 6 through 9 allows user-assisted
remote ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2012-0167
 	RESERVED
 CVE-2012-0166
@@ -5799,7 +5799,7 @@
 CVE-2012-0164
 	RESERVED
 CVE-2012-0163 (Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5, 3.5.1,
4, and ...)
-	TODO: check
+	NOT-FOR-US: Microsoft .NET Framework
 CVE-2012-0162
 	RESERVED
 CVE-2012-0161
@@ -5809,7 +5809,7 @@
 CVE-2012-0159
 	RESERVED
 CVE-2012-0158 (The (1) ListView, (2) ListView2, (3) TreeView, and (4) TreeView2
...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2012-0157 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP
SP2 and ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2012-0156 (DirectWrite in Microsoft Windows Vista SP2, Windows Server 2008
SP2, ...)
@@ -5861,7 +5861,7 @@
 CVE-2012-0136 (Microsoft Visio Viewer 2010 Gold and SP1 does not properly
handle ...)
 	NOT-FOR-US: Microsoft
 CVE-2012-0135 (Unspecified vulnerability in HP System Management Homepage (SMH)
...)
-	TODO: check
+	NOT-FOR-US: HP System Management Homepage
 CVE-2012-0134
 	RESERVED
 CVE-2012-0133 (HP ProCurve 5400 zl switches with certain serial numbers include
a ...)
@@ -8001,7 +8001,7 @@
 CVE-2011-4189 (The client in Novell GroupWise 8.0x through 8.02HP3 allows
remote ...)
 	NOT-FOR-US: Novell GroupWise
 CVE-2011-4188 (Buffer overflow in the Create Attribute function in jclient in
Novell ...)
-	TODO: check
+	NOT-FOR-US: Novell iManager
 CVE-2011-4187 (Buffer overflow in the GetDriverSettings function in nipplib.dll
in ...)
 	NOT-FOR-US: Novell iPrint Client
 CVE-2011-4186 (Heap-based buffer overflow in nipplib.dll in Novell iPrint
Client ...)
@@ -9227,7 +9227,7 @@
 CVE-2011-3847
 	RESERVED
 CVE-2011-3846 (Cross-site request forgery (CSRF) vulnerability in HP System
...)
-	TODO: check
+	NOT-FOR-US: HP System Management Homepage
 CVE-2011-3845 (Use-after-free vulnerability in Apple Safari 5.1.2, when a
plug-in ...)
 	NOT-FOR-US: Apple Safari
 CVE-2011-3844 (Apple Safari 5.0.5 does not properly implement the setInterval
...)
@@ -11124,9 +11124,9 @@
 CVE-2011-3177
 	RESERVED
 CVE-2011-3176 (Stack-based buffer overflow in the Preboot Service in Novell
ZENworks ...)
-	TODO: check
+	NOT-FOR-US: Novell ZENworks Configuration Management
 CVE-2011-3175 (Stack-based buffer overflow in the Preboot Service in Novell
ZENworks ...)
-	TODO: check
+	NOT-FOR-US: Novell ZENworks Configuration Management
 CVE-2011-3174
 	RESERVED
 CVE-2011-3173 (Stack-based buffer overflow in the GetDriverSettings function in
...)
Secure testing commits - Apr 2012 - r19020 - data/CVE

[Secure-testing-commits] r19020 - data/CVE
