Author: federico-guest Date: 2012-08-21 21:08:48 +0000 (Tue, 21 Aug 2012) New Revision: 20003 Modified: data/CVE/list Log: NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2012-08-21 15:19:42 UTC (rev 20002) +++ data/CVE/list 2012-08-21 21:08:48 UTC (rev 20003) @@ -45,7 +45,7 @@ CVE-2012-4342 (Multiple cross-site scripting (XSS) vulnerabilities in Gallery 3 ...) - gallery3 <itp> (bug #511715) CVE-2012-4341 (Multiple stack-based buffer overflows in msg_server.exe in SAP ...) - TODO: check + NOT-FOR-US: SAP NetWeaver ABAP CVE-2012-4340 (Cross-site scripting (XSS) vulnerability in Sybase EAServer before 6.1 ...) NOT-FOR-US: Sybase CVE-2012-4339 @@ -172,23 +172,23 @@ CVE-2012-4283 (Cross-site scripting (XSS) vulnerability in the Login With Ajax plugin ...) TODO: check CVE-2012-4282 (SQL injection vulnerability in photo.php in Trombinoscope 3.5 allows ...) - TODO: check + NOT-FOR-US: Trombinoscope 3.5 CVE-2012-4281 (Multiple SQL injection vulnerabilities in Travelon Express 6.2.2 allow ...) - TODO: check + NOT-FOR-US: Travelon Express 6.2.2 CVE-2012-4280 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...) - TODO: check + NOT-FOR-US: Free Realty 3.1-0.6 CVE-2012-4279 (Multiple SQL injection vulnerabilities in Free Realty 3.1-0.6 allow ...) - TODO: check + NOT-FOR-US: Free Realty 3.1-0.6 CVE-2012-4278 (Multiple cross-site scripting (XSS) vulnerabilities in Free Realty ...) - TODO: check + NOT-FOR-US: Free Realty CVE-2012-4277 (Cross-site scripting (XSS) vulnerability in the ...) TODO: check CVE-2012-4276 (Unspecified vulnerability in Hitachi IT Operations Director 02-50-01 ...) - TODO: check + NOT-FOR-US: Hitachi IT Operations Director CVE-2012-4275 (Cross-site scripting (XSS) vulnerability in Hitachi IT Operations ...) - TODO: check + NOT-FOR-US: Hitachi IT Operations Director CVE-2012-4274 (Unspecified vulnerability in Hitachi Cobol GUI Option 06-00, 06-01 ...) - TODO: check + NOT-FOR-US: Hitachi Cobol GUI Option CVE-2012-4273 (Cross-site scripting (XSS) vulnerability in libs/xing.php in the 2 ...) TODO: check CVE-2012-4272 (Multiple cross-site scripting (XSS) vulnerabilities in the 2 Click ...) @@ -196,33 +196,33 @@ CVE-2012-4271 (Multiple cross-site scripting (XSS) vulnerabilities in ...) NOT-FOR-US: Wordpress plugin CVE-2012-4270 (Cross-site scripting (XSS) vulnerability in eFront 3.6.11 allows ...) - TODO: check + NOT-FOR-US: eFront CVE-2012-4269 (Unrestricted file upload vulnerability in eFront 3.6.11 allows remote ...) - TODO: check + NOT-FOR-US: eFront CVE-2012-4268 (Cross-site scripting (XSS) vulnerability in ...) TODO: check CVE-2012-4267 (Cross-site scripting (XSS) vulnerability in user/register in Sockso ...) - TODO: check + NOT-FOR-US: Sockso CVE-2012-4266 (Cross-site scripting (XSS) vulnerability in client_details.php in ...) - TODO: check + NOT-FOR-US: Proman Xpress CVE-2012-4265 (SQL injection vulnerability in category_edit.php in Proman Xpress ...) - TODO: check + NOT-FOR-US: Proman Xpress CVE-2012-4264 (Multiple cross-site scripting (XSS) vulnerabilities in the Better WP ...) TODO: check CVE-2012-4263 (Cross-site scripting (XSS) vulnerability in inc/admin/content.php in ...) TODO: check CVE-2012-4262 (Multiple cross-site scripting (XSS) vulnerabilities in myCare2x allow ...) - TODO: check + NOT-FOR-US: myCare2x CVE-2012-4261 (SQL injection vulnerability in modules/patient/mycare2x_pat_info.php ...) - TODO: check + NOT-FOR-US: myCare2x CVE-2012-4260 (Multiple SQL injection vulnerabilities in myCare2x allow remote ...) - TODO: check + NOT-FOR-US: myCare2x CVE-2012-4259 (Cross-site scripting (XSS) vulnerability in the contacts in (1) XPhone ...) - TODO: check + NOT-FOR-US: XPhone Virtual Directory CVE-2012-4258 (Multiple SQL injection vulnerabilities in MYRE Real Estate Software ...) - TODO: check + NOT-FOR-US: MYRE Real Estate Software CVE-2012-4257 (Yaqas (Yet Another Question & Answer System) 1.0 Alpha 1 allows remote ...) - TODO: check + NOT-FOR-US: Yaqas CVE-2012-4256 (The jNews (com_jnews) component 7.5.1 for Joomla! allows remote ...) TODO: check CVE-2012-4255 (MySQLDumper 1.24.4 allows remote attackers to obtain sensitive ...) @@ -236,7 +236,7 @@ CVE-2012-4251 (Multiple cross-site scripting (XSS) vulnerabilities in MySQLDumper ...) TODO: check CVE-2012-4250 (Stack-based buffer overflow in the RequestScreenOptimization function ...) - TODO: check + NOT-FOR-US: Samsung NET-i viewer CVE-2012-XXXX - libapache2-mod-rpaf 0.6-1 (bug #683984) CVE-2012-4249 (The Amazon Lab126 com.lab126.system sendEvent implementation on the ...) @@ -1055,7 +1055,7 @@ CVE-2012-3870 RESERVED CVE-2012-3869 (Cross-site scripting (XSS) vulnerability in ...) - TODO: check + NOT-FOR-US: REDAXO CVE-2012-3868 (Race condition in the ns_client structure management in ISC BIND 9.9.x ...) NOTE: https://kb.isc.org/article/AA-00730 - bind9 <not-affected> (Vulnerable code not present, only affects 9.9.x) @@ -2450,11 +2450,11 @@ CVE-2012-3297 RESERVED CVE-2012-3296 (Cross-site scripting (XSS) vulnerability in the Help link in the login ...) - TODO: check + NOT-FOR-US: IBM Power Hardware Management Console CVE-2012-3295 RESERVED CVE-2012-3294 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Web ...) - TODO: check + NOT-FOR-US: IBM WebSphere CVE-2012-3293 RESERVED CVE-2012-3292 (The GridFTP in Globus Toolkit (GT) before 5.2.2, when certain autoconf ...) @@ -3999,7 +3999,7 @@ CVE-2012-2602 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...) NOT-FOR-US: SolarWinds Orion Network Performance Monitor CVE-2012-2601 (SQL injection vulnerability in WrVMwareHostList.asp in Ipswitch ...) - TODO: check + NOT-FOR-US: Ipswitch WhatsUp Gold CVE-2012-2600 RESERVED CVE-2012-2599 @@ -4061,7 +4061,7 @@ CVE-2012-2571 (Multiple cross-site scripting (XSS) vulnerabilities in WinWebMail ...) NOT-FOR-US: WinWebMail CVE-2012-2570 (Cross-site scripting (XSS) vulnerability in products_map.php in X-Cart ...) - TODO: check + NOT-FOR-US: X-Cart Gold CVE-2012-2569 RESERVED CVE-2012-2568 (d41d8cd98f00b204e9800998ecf8427e.php in the management web server on ...) @@ -4633,7 +4633,7 @@ - pidgin-otr 3.2.1-1 (medium; bug #673154) NOTE: libotr not affected CVE-2012-2368 (Bytemark Symbiosis before Revision 1322 does not properly validate ...) - TODO: check + NOT-FOR-US: Bytemark Symbiosis CVE-2012-2367 (Moodle 1.9.x before 1.9.18, 2.0.x before 2.0.9, 2.1.x before 2.1.6, ...) - moodle 2.2.3.dfsg-1 (low; bug #674163) CVE-2012-2366 (mod/data/preset.php in Moodle 2.1.x before 2.1.6 and 2.2.x before ...) @@ -4867,7 +4867,7 @@ CVE-2012-2284 RESERVED CVE-2012-2283 (The Iomega Home Media Network Hard Drive with EMC Lifeline firmware ...) - TODO: check + NOT-FOR-US: Iomega Home Media Network Hard Drive CVE-2012-2282 (EMC Celerra Network Server 6.x before 6.0.61.0, VNX 7.x before ...) NOT-FOR-US: EMC Celerra/VNX/VNXe CVE-2012-2281 (EMC RSA Access Manager Server 6.x before 6.1 SP4 and RSA Access ...) @@ -4886,7 +4886,7 @@ CVE-2012-2275 RESERVED CVE-2012-2274 (Cross-site scripting (XSS) vulnerability in pivotx/ajaxhelper.php in ...) - TODO: check + NOT-FOR-US: PivotX CVE-2012-2273 (Comodo Internet Security before 5.10.228257.2253 on Windows 7 x64 ...) NOT-FOR-US: Comodo Internet Security CVE-2012-2272 @@ -5116,7 +5116,7 @@ CVE-2012-2170 (The Application Snoop Servlet in IBM WebSphere Application Server 7.0 ...) NOT-FOR-US: WebSphere CVE-2012-2169 (Cross-site scripting (XSS) vulnerability in the file-upload ...) - TODO: check + NOT-FOR-US: IBM Rational ClearQuest CVE-2012-2168 (IBM Rational ClearQuest 7.1.x before 7.1.2.7 and 8.x before 8.0.0.3 ...) NOT-FOR-US: IBM Rational ClearQuest CVE-2012-2167 @@ -5927,19 +5927,19 @@ CVE-2012-1857 (Cross-site scripting (XSS) vulnerability in the Enterprise Portal ...) NOT-FOR-US: Microsoft Dynamics AX CVE-2012-1856 (The TabStrip ActiveX control in the Common Controls in MSCOMCTL.OCX in ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2012-1855 (Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not ...) NOT-FOR-US: Microsoft .NET Framework CVE-2012-1854 (Untrusted search path vulnerability in VBE6.dll in Microsoft Office ...) NOT-FOR-US: Microsoft Office CVE-2012-1853 (Stack-based buffer overflow in the Remote Administration Protocol ...) - TODO: check + NOT-FOR-US: Microsoft Windows XP CVE-2012-1852 (Heap-based buffer overflow in the Remote Administration Protocol (RAP) ...) - TODO: check + NOT-FOR-US: Microsoft Windows XP CVE-2012-1851 (Format string vulnerability in the Print Spooler service in Microsoft ...) - TODO: check + NOT-FOR-US: Microsoft Windows CVE-2012-1850 (The Remote Administration Protocol (RAP) implementation in the ...) - TODO: check + NOT-FOR-US: Microsoft Windows CVE-2012-1849 (Untrusted search path vulnerability in Microsoft Lync 2010, 2010 ...) NOT-FOR-US: Microsoft Lync, Attendee,, Attendant CVE-2012-1848 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)