Secure testing commits - May 2012 - r19226 - data/CVE

Author: fw
Date: 2012-05-12 07:54:57 +0000 (Sat, 12 May 2012)
New Revision: 19226

Modified:
   data/CVE/list
Log:
NFUs


Modified: data/CVE/list
==================================================================---
data/CVE/list	2012-05-12 07:16:46 UTC (rev 19225)
+++ data/CVE/list	2012-05-12 07:54:57 UTC (rev 19226)
@@ -1510,15 +1510,15 @@
 CVE-2012-2034
 	RESERVED
 CVE-2012-2033 (Adobe Shockwave Player before 11.6.5.635 allows attackers to
execute ...)
-	TODO: check
+	NOT-FOR-US: Adobe Shockwave Player
 CVE-2012-2032 (Adobe Shockwave Player before 11.6.5.635 allows attackers to
execute ...)
-	TODO: check
+	NOT-FOR-US: Adobe Shockwave Player
 CVE-2012-2031 (Adobe Shockwave Player before 11.6.5.635 allows attackers to
execute ...)
-	TODO: check
+	NOT-FOR-US: Adobe Shockwave Player
 CVE-2012-2030 (Adobe Shockwave Player before 11.6.5.635 allows attackers to
execute ...)
-	TODO: check
+	NOT-FOR-US: Adobe Shockwave Player
 CVE-2012-2029 (Adobe Shockwave Player before 11.6.5.635 allows attackers to
execute ...)
-	TODO: check
+	NOT-FOR-US: Adobe Shockwave Player
 CVE-2012-2028 (Buffer overflow in Adobe Photoshop before CS6 allows remote
attackers ...)
 	NOT-FOR-US: Adobe Photoshop
 CVE-2012-2027 (Use-after-free vulnerability in Adobe Photoshop before CS6
allows ...)
@@ -1636,7 +1636,7 @@
 CVE-2012-1978
 	RESERVED
 CVE-2012-1977 (WellinTech KingSCADA 3.0 uses a cleartext base64 format for
storage of ...)
-	TODO: check
+	NOT-FOR-US: WellinTech KingSCADA
 CVE-2012-1976
 	RESERVED
 CVE-2012-1975
@@ -1906,9 +1906,9 @@
 CVE-2012-1849
 	RESERVED
 CVE-2012-1848 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP
SP2 and ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Windows
 CVE-2012-1847 (Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and
SP1; ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Excel
 CVE-2012-1846 (Google Chrome 17.0.963.66 and earlier allows remote attackers to
...)
 	TODO: check
 CVE-2012-1845 (Use-after-free vulnerability in Google Chrome 17.0.963.66 and
earlier ...)
@@ -2266,17 +2266,15 @@
 CVE-2012-1680
 	RESERVED
 CVE-2012-1679 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking
...)
-	TODO: check
+	NOT-FOR-US: Oracle FLEXCUBE
 CVE-2012-1678
 	RESERVED
 CVE-2012-1677
 	RESERVED
 CVE-2012-1676 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking
...)
-	TODO: check
-CVE-2012-1675 (The TNS Listener, as used in Oracle Database 11g 11.1.0.7,
11.2.0.2, ...)
-	TODO: check
+	NOT-FOR-US: Oracle FLEXCUBE
 CVE-2012-1674 (Unspecified vulnerability in the Siebel Clinical component in
Oracle ...)
-	TODO: check
+	NOT-FOR-US: Oracle Siebel
 CVE-2012-1673 (SQL injection vulnerability in loginscript.php in e-ticketing
allows ...)
 	NOT-FOR-US: e-ticketing
 CVE-2012-1672 (SQL injection vulnerability in getcity.php in Hotel Booking
Portal 0.1 ...)
@@ -3076,15 +3074,15 @@
 CVE-2012-1329
 	RESERVED
 CVE-2012-1328 (Cisco Unified IP Phones 9900 series devices with firmware 9.1
and 9.2 ...)
-	TODO: check
+	NOT-FOR-US: Cisco IP Phone
 CVE-2012-1327 (dot11t/t_if_dot11_hal_ath.c in Cisco IOS 12.3, 12.4, 15.0, and
15.1 ...)
-	TODO: check
+	NOT-FOR-US: Cisco IOS
 CVE-2012-1326
 	RESERVED
 CVE-2012-1325
 	RESERVED
 CVE-2012-1324 (Race condition in the Zone-Based Firewall in Cisco IOS 15.1 and
15.2, ...)
-	TODO: check
+	NOT-FOR-US: Cisco IOS
 CVE-2012-1323
 	RESERVED
 CVE-2012-1322
@@ -3250,7 +3248,7 @@
 CVE-2012-1246
 	RESERVED
 CVE-2012-1245 (Cross-site scripting (XSS) vulnerability in the cleanup_urls
function ...)
-	TODO: check
+	NOT-FOR-US: OSQA
 CVE-2012-1244 (The NTT DOCOMO sp mode mail application 5400 and earlier for
Android ...)
 	NOT-FOR-US: Android app
 CVE-2012-1243 (The TwitRocker2 application before 1.0.23 for Android does not
...)