Author: kees Date: 2010-02-09 16:16:52 +0000 (Tue, 09 Feb 2010) New Revision: 14065 Modified: data/CVE/list Log: NFUs: 23 Modified: data/CVE/list ==================================================================--- data/CVE/list 2010-02-09 09:14:38 UTC (rev 14064) +++ data/CVE/list 2010-02-09 16:16:52 UTC (rev 14065) @@ -1,9 +1,9 @@ CVE-2010-0559 (The default configuration of Oracle OpenSolaris snv_91 through snv_131 ...) - TODO: check + NOT-FOR-US: Oracle OpenSolaris CVE-2010-0558 (The default configuration of Oracle OpenSolaris snv_77 through snv_131 ...) - TODO: check + NOT-FOR-US: Oracle OpenSolaris CVE-2010-0557 (IBM Cognos Express 9.0 allows attackers to obtain unspecified access ...) - TODO: check + NOT-FOR-US: IBM Cognos Express CVE-2010-0556 RESERVED CVE-2003-1587 (Cross-site scripting (XSS) vulnerability in LoganPro allows remote ...) @@ -148,7 +148,7 @@ CVE-2010-0497 RESERVED CVE-2010-0496 (FreeBit ServersMan 3.1.5 on Apple iPhone OS 3.1.2, and iPhone OS for ...) - TODO: check + NOT-FOR-US: Apple iPhone OS CVE-2010-0495 RESERVED CVE-2010-0494 @@ -196,17 +196,17 @@ CVE-2010-0473 RESERVED CVE-2010-0472 (kuddb2 in Tivoli Monitoring for DB2, as distributed in IBM DB2 9.7 FP1 ...) - TODO: check + NOT-FOR-US: IBM DB2 CVE-2010-0471 (SQL injection vulnerability in the comment submission interface ...) - TODO: check + NOT-FOR-US: Enano CMS CVE-2010-0470 (Cross-site scripting (XSS) vulnerability in scvrtsrv.cmd in Comtrend ...) - TODO: check + NOT-FOR-US: Comtrend CVE-2010-0469 (SQL injection vulnerability in Files2Links F2L 3000 appliance 4.0.0, ...) - TODO: check + NOT-FOR-US: Files2Links CVE-2010-0468 (Cross-site scripting (XSS) vulnerability in utilities/longproc.cfm in ...) - TODO: check + NOT-FOR-US: PaperThin CommonSpot Content Server CVE-2010-0467 (Directory traversal vulnerability in the ccNewsletter ...) - TODO: check + NOT-FOR-US: ccNewsletter component for Joomla! CVE-2010-XXXX [ocsinventory-server: multiple vulnerabilities] - ocsinventory-server <unfixed> (unimportant) NOTE: http://www.openwall.com/lists/oss-security/2010/02/01/4 @@ -256,7 +256,7 @@ CVE-2010-0454 (SQL injection vulnerability in cgi/cgilua.exe/sys/start.htm in ...) NOT-FOR-US: Publique! CMS CVE-2010-0453 (The ucode_ioctl function in intel/io/ucode_drv.c in Sun Solaris 10 and ...) - TODO: check + NOT-FOR-US: Sun Solaris CVE-2010-0452 RESERVED CVE-2010-0451 @@ -276,13 +276,13 @@ CVE-2010-0444 RESERVED CVE-2010-0443 (Unspecified vulnerability in Record Management Services (RMS) before ...) - TODO: check + NOT-FOR-US: HP OpenVMS CVE-2010-0441 (Asterisk Open Source 1.6.0.x before 1.6.0.22, 1.6.1.x before 1.6.1.14, ...) - asterisk 1:1.6.2.2-1 [lenny] - asterisk <not-affected> (Only affects 1.6.x) [etch] - asterisk <not-affected> (Only affects 1.6.x) CVE-2010-0440 (Cross-site scripting (XSS) vulnerability in +CSCOT+/translation in ...) - TODO: check + NOT-FOR-US: Cisco Secure Desktop CVE-2010-0439 RESERVED CVE-2010-0438 [OTRS SQL injection] @@ -910,7 +910,7 @@ CVE-2010-0256 RESERVED CVE-2010-0255 (Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, 7, and 8 does not ...) - TODO: check + NOT-FOR-US: Microsoft Internet Explorer CVE-2010-0254 RESERVED CVE-2010-0253 @@ -1082,7 +1082,7 @@ CVE-2010-0186 RESERVED CVE-2010-0185 (The default configuration of Adobe ColdFusion 9.0 does not restrict ...) - TODO: check + NOT-FOR-US: Adobe ColdFusion CVE-2010-0184 (The (1) domainutility and (2) domainutilitycmd components in TIBCO ...) NOT-FOR-US: TIBCO Domain Utility in TIBCO Runtime Agent CVE-2010-0183 @@ -1994,7 +1994,7 @@ CVE-2010-0039 RESERVED CVE-2010-0038 (Recovery Mode in Apple iPhone OS 1.0 through 3.1.2, and iPhone OS for ...) - TODO: check + NOT-FOR-US: Apple iPhone OS CVE-2010-0037 (Buffer overflow in Image RAW in Apple Mac OS X 10.5.8 and 10.6.2 ...) NOT-FOR-US: Apple Mac OS X CVE-2010-0036 (Buffer overflow in CoreAudio in Apple Mac OS X 10.5.8 and 10.6.2 ...) @@ -2458,11 +2458,11 @@ CVE-2009-4186 (Stack consumption vulnerability in Apple Safari 4.0.3 on Windows ...) NOT-FOR-US: Apple Safari CVE-2009-4185 (Cross-site scripting (XSS) vulnerability in proxy/smhui/getuiinfo in ...) - TODO: check + NOT-FOR-US: HP System Management Homepage CVE-2009-4184 (Unspecified vulnerability in HP Enterprise Cluster Master Toolkit ...) - TODO: check + NOT-FOR-US: HP Enterprise Cluster Master Toolkit CVE-2009-4183 (Unspecified vulnerability in HP OpenView Storage Data Protector 6.00 ...) - TODO: check + NOT-FOR-US: HP OpenView Storage Data Protector CVE-2009-4182 (Multiple unspecified vulnerabilities in HP Web Jetadmin 10.2, when a ...) NOT-FOR-US: HP Web Jetadmin CVE-2009-4181 (Stack-based buffer overflow in ovwebsnmpsrv.exe in HP OpenView Network ...) @@ -5992,7 +5992,7 @@ CVE-2009-3036 RESERVED CVE-2009-3035 (The web console in Symantec Altiris Notification Server 6.0.x before ...) - TODO: check + NOT-FOR-US: Symantec Altiris Notification Server CVE-2009-3034 RESERVED CVE-2009-3033 (Buffer overflow in the RunCmd method in the Altiris eXpress NS Console ...) @@ -7050,11 +7050,11 @@ CVE-2009-2753 RESERVED CVE-2009-2752 (IBM WebSphere Commerce 7.0 does not properly encrypt data in a ...) - TODO: check + NOT-FOR-US: IBM WebSphere Commerce CVE-2009-2751 (IBM WebSphere Commerce 7.0 uses the same cryptographic key for session ...) - TODO: check + NOT-FOR-US: IBM WebSphere Commerce CVE-2009-2750 (IBM WebSphere Service Registry and Repository (WSRR) 6.3.0 before FP2 ...) - TODO: check + NOT-FOR-US: IBM WebSphere Service Registry and Repository CVE-2009-2749 (Feature Pack for Communications Enabled Applications (CEA) before ...) NOT-FOR-US: IBM WebSphere Application Server CVE-2009-2748