thr3ads.net - Secure testing commits - [Secure-testing-commits] r15478

If this information is useful, please help other people find it:
Share via:
Federico Ceratto
2010-Oct-16 17:06 UTC
[Secure-testing-commits] r15478 - data/CVE

Author: federico-guest
Date: 2010-10-16 17:06:24 +0000 (Sat, 16 Oct 2010)
New Revision: 15478

Modified:
   data/CVE/list
Log:
NFUs


Modified: data/CVE/list
==================================================================---
data/CVE/list	2010-10-15 21:14:33 UTC (rev 15477)
+++ data/CVE/list	2010-10-16 17:06:24 UTC (rev 15478)
@@ -83,7 +83,7 @@
 CVE-2010-3935
 	RESERVED
 CVE-2010-3934 (The browser in Research In Motion (RIM) BlackBerry Device
Software ...)
-	TODO: check
+	NOT-FOR-US: BlackBerry Device Software
 CVE-2010-3933
 	RESERVED
 CVE-2010-3932
@@ -174,21 +174,21 @@
 CVE-2010-3890
 	RESERVED
 CVE-2010-3889 (Unspecified vulnerability in Microsoft Windows on 32-bit
platforms ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Windows
 CVE-2010-3888 (Unspecified vulnerability in Microsoft Windows on 32-bit
platforms ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Windows
 CVE-2010-3887 (The Limit Mail feature in the Parental Controls functionality in
Mail ...)
-	TODO: check
+	NOT-FOR-US: Apple Mac OS X
 CVE-2010-3886 (The CTimeoutEventList::InsertIntoTimeoutList function in
Microsoft ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Windows
 CVE-2010-3885 (Stack-based buffer overflow in the UpdateFrameTitleForDocument
method ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Windows
 CVE-2010-3884 (Cross-site request forgery (CSRF) vulnerability in CMS Made
Simple ...)
-	TODO: check
+	NOT-FOR-US: CMS Made Simple
 CVE-2010-3883 (Cross-site request forgery (CSRF) vulnerability in the Change
Group ...)
-	TODO: check
+	NOT-FOR-US: CMS Made Simple
 CVE-2010-3882 (Multiple cross-site scripting (XSS) vulnerabilities in CMS Made
Simple ...)
-	TODO: check
+	NOT-FOR-US: CMS Made Simple
 CVE-2010-3881
 	RESERVED
 CVE-2010-3880
@@ -508,7 +508,7 @@
 CVE-2010-3744
 	RESERVED
 CVE-2010-3743 (Directory traversal vulnerability in Visual Synapse HTTP Server
1.0 ...)
-	TODO: check
+	NOT-FOR-US: Visual Synapse HTTP Server
 CVE-2010-3742 (Multiple PHP remote file inclusion vulnerabilities in ...)
 	NOT-FOR-US: Free Simple CMS 1.0
 CVE-2010-3741 (The offline backup mechanism in Research In Motion (RIM)
BlackBerry ...)
@@ -620,7 +620,7 @@
 	- poppler <unfixed> (bug #599165)
 	NOTE:
http://cgit.freedesktop.org/poppler/poppler/commit/?id=e853106b58d6b4b0467dbd6436c9bb1cfbd372cf
 CVE-2010-3701 (lib/MessageStoreImpl.cpp in Red Hat Enterprise MRG before 1.2.2
allows ...)
-	TODO: check
+	NOT-FOR-US: Red Hat Enterprise MRG
 CVE-2010-3700
 	RESERVED
 CVE-2010-3699
@@ -975,27 +975,27 @@
 CVE-2010-3586
 	RESERVED
 CVE-2010-3585 (Unspecified vulnerability in the OracleVM component in Oracle VM
2.2.1 ...)
-	TODO: check
+	NOT-FOR-US: OracleVM
 CVE-2010-3584 (Unspecified vulnerability in the Oracle VM component in Oracle
VM ...)
-	TODO: check
+	NOT-FOR-US: OracleVM
 CVE-2010-3583 (Unspecified vulnerability in the OracleVM component in Oracle VM
2.2.1 ...)
-	TODO: check
+	NOT-FOR-US: OracleVM
 CVE-2010-3582 (Unspecified vulnerability in the OracleVM component in Oracle VM
2.2.1 ...)
-	TODO: check
+	NOT-FOR-US: OracleVM
 CVE-2010-3581 (Unspecified vulnerability in the BPEL Console component in
Oracle ...)
-	TODO: check
+	NOT-FOR-US: Oracle Fusion Middleware
 CVE-2010-3580 (Unspecified vulnerability in Oracle OpenSolaris allows local
users to ...)
-	TODO: check
+	NOT-FOR-US: Oracle OpenSolaris
 CVE-2010-3579 (Unspecified vulnerability in the (1) Sun Convergence 1 and (2)
Sun ...)
-	TODO: check
+	NOT-FOR-US: Java Communications Suite
 CVE-2010-3578 (Unspecified vulnerability in Oracle OpenSolaris allows remote
...)
-	TODO: check
+	NOT-FOR-US: Oracle OpenSolaris
 CVE-2010-3577 (Unspecified vulnerability in Oracle OpenSolaris allows remote
...)
-	TODO: check
+	NOT-FOR-US: Oracle OpenSolaris
 CVE-2010-3576 (Unspecified vulnerability in Oracle Solaris 8, 9, and 10, and
...)
-	TODO: check
+	NOT-FOR-US: Oracle OpenSolaris
 CVE-2010-3575 (Unspecified vulnerability in the Oracle Communications Messaging
...)
-	TODO: check
+	NOT-FOR-US: Oracle Sun Products Suite
 CVE-2010-3574
 	RESERVED
 	- openjdk-6 6b18-1.8.2-1
@@ -1118,104 +1118,104 @@
 	- sun-java6 6.22-1
 	[lenny] - sun-java6 <no-dsa> (Non-free not supported)
 CVE-2010-3547 (Unspecified vulnerability in the PeopleSoft FMS ESA - EX
component in ...)
-	TODO: check
+	NOT-FOR-US: Oracle PeopleSoft
 CVE-2010-3546 (Unspecified vulnerability in the Sun Java System Identity
Manager ...)
-	TODO: check
+	NOT-FOR-US: Oracle Sun Products Suite
 CVE-2010-3545 (Unspecified vulnerability in the Oracle iPlanet Web Server (Sun
Java ...)
-	TODO: check
+	NOT-FOR-US: Oracle iPlanet Web Server
 CVE-2010-3544 (Unspecified vulnerability in the Oracle iPlanet Web Server (Sun
Java ...)
-	TODO: check
+	NOT-FOR-US: Oracle iPlanet Web Server
 CVE-2010-3543
 	RESERVED
 CVE-2010-3542 (Unspecified vulnerability in Oracle Solaris 8, 9, and 10, and
...)
-	TODO: check
+	NOT-FOR-US: Oracle Solaris
 CVE-2010-3541
 	RESERVED
 	- openjdk-6 6b18-1.8.2-1
 	- sun-java6 6.22-1
 	[lenny] - sun-java6 <no-dsa> (Non-free not supported)
 CVE-2010-3540 (Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris
allows ...)
-	TODO: check
+	NOT-FOR-US: Oracle Solaris
 CVE-2010-3539 (Unspecified vulnerability in the PeopleSoft Enterprise FMS - GL
...)
-	TODO: check
+	NOT-FOR-US: Oracle PeopleSoft and JDEdwards Suite
 CVE-2010-3538 (Unspecified vulnerability in the PeopleSoft Enterprise FMS - GL
...)
-	TODO: check
+	NOT-FOR-US: PeopleSoft Enterprise FMS
 CVE-2010-3537 (Unspecified vulnerability in the PeopleSoft Enterprise FMS - AM
...)
-	TODO: check
+	NOT-FOR-US: PeopleSoft Enterprise FMS
 CVE-2010-3536 (Unspecified vulnerability in the PeopleSoft Enterprise SCM
component ...)
-	TODO: check
+	NOT-FOR-US: PeopleSoft Enterprise SCM
 CVE-2010-3535 (Unspecified vulnerability in the Directory Server Enterprise
Edition ...)
-	TODO: check
+	NOT-FOR-US: Oracle Sun Products Suite
 CVE-2010-3534 (Unspecified vulnerability in the Primavera P6 Enterprise Project
...)
-	TODO: check
+	NOT-FOR-US: Oracle Primavera Products Suite
 CVE-2010-3533 (Unspecified vulnerability in the PeopleSoft Enterprise SCM OM
and CRM ...)
-	TODO: check
+	NOT-FOR-US: Oracle PeopleSoft and JDEdwards Suite
 CVE-2010-3532 (Unspecified vulnerability in the PeopleSoft Enterprise CRM -
Order ...)
-	TODO: check
+	NOT-FOR-US: Oracle PeopleSoft and JDEdwards Suite
 CVE-2010-3531 (Unspecified vulnerability in the PeopleSoft Enterprise FMS ESA -
RM ...)
-	TODO: check
+	NOT-FOR-US: Oracle PeopleSoft and JDEdwards Suite
 CVE-2010-3530 (Unspecified vulnerability in the PeopleSoft Enterprise HCM - HR
...)
-	TODO: check
+	NOT-FOR-US: Oracle PeopleSoft and JDEdwards Suite
 CVE-2010-3529 (Unspecified vulnerability in the PeopleSoft Enterprise FMS -
Cash ...)
-	TODO: check
+	NOT-FOR-US: Oracle PeopleSoft and JDEdwards Suite
 CVE-2010-3528 (Unspecified vulnerability in the PeopleSoft Enterprise CRM -
Common ...)
-	TODO: check
+	NOT-FOR-US: Oracle PeopleSoft and JDEdwards Suite
 CVE-2010-3527 (Unspecified vulnerability in the PeopleSoft Enterprise FMS - AM
...)
-	TODO: check
+	NOT-FOR-US: Oracle PeopleSoft and JDEdwards Suite
 CVE-2010-3526 (Unspecified vulnerability in the PeopleSoft Enterprise SCM - PO
...)
-	TODO: check
+	NOT-FOR-US: Oracle PeopleSoft and JDEdwards Suite
 CVE-2010-3525 (Unspecified vulnerability in the (1) PeopleSoft Enterprise FMS,
(2) ...)
-	TODO: check
+	NOT-FOR-US: Oracle PeopleSoft and JDEdwards Suite
 CVE-2010-3524 (Unspecified vulnerability in the PeopleSoft Enterprise SCM -
Strategic ...)
-	TODO: check
+	NOT-FOR-US: Oracle PeopleSoft and JDEdwards Suite
 CVE-2010-3523 (Unspecified vulnerability in the PeopleSoft Enterprise
PeopleTools ...)
-	TODO: check
+	NOT-FOR-US: Oracle PeopleSoft and JDEdwards Suite
 CVE-2010-3522 (Unspecified vulnerability in the PeopleSoft Enterprise
PeopleTools ...)
-	TODO: check
+	NOT-FOR-US: Oracle PeopleSoft and JDEdwards Suite
 CVE-2010-3521 (Unspecified vulnerability in the PeopleSoft Enterprise HCM ePay
...)
-	TODO: check
+	NOT-FOR-US: Oracle PeopleSoft and JDEdwards Suite
 CVE-2010-3520 (Unspecified vulnerability in the PeopleSoft Enterprise HCM - GP
France ...)
-	TODO: check
+	NOT-FOR-US: Oracle PeopleSoft and JDEdwards Suite
 CVE-2010-3519 (Unspecified vulnerability in the PeopleSoft Enterprise
PeopleTools ...)
-	TODO: check
+	NOT-FOR-US: Oracle PeopleSoft and JDEdwards Suite
 CVE-2010-3518 (Unspecified vulnerability in the PeopleSoft Enterprise HCM GP -
Japan ...)
-	TODO: check
+	NOT-FOR-US: Oracle PeopleSoft and JDEdwards Suite
 CVE-2010-3517 (Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris
allows ...)
-	TODO: check
+	NOT-FOR-US: Oracle Solaris 10 and OpenSolaris
 CVE-2010-3516 (Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris
allows ...)
-	TODO: check
+	NOT-FOR-US: Oracle Solaris 10 and OpenSolaris
 CVE-2010-3515 (Unspecified vulnerability in the Solaris component in Oracle
Solaris 9 ...)
-	TODO: check
+	NOT-FOR-US: Oracle Solaris 10 and OpenSolaris
 CVE-2010-3514 (Unspecified vulnerability in the Oracle iPlanet Web Server (Sun
Java ...)
-	TODO: check
+	NOT-FOR-US: Oracle Sun Products Suite
 CVE-2010-3513 (Unspecified vulnerability in Oracle Solaris 9 and 10, and
OpenSolaris, ...)
-	TODO: check
+	NOT-FOR-US: Oracle Solaris and OpenSolaris
 CVE-2010-3512 (Unspecified vulnerability in the Oracle iPlanet Web Server (Sun
Java ...)
-	TODO: check
+	NOT-FOR-US: Oracle iPlanet Web Server
 CVE-2010-3511 (Unspecified vulnerability in Oracle OpenSolaris allows local
users to ...)
-	TODO: check
+	NOT-FOR-US: Oracle OpenSolaris
 CVE-2010-3510
 	RESERVED
 CVE-2010-3509 (Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows
remote ...)
-	TODO: check
+	NOT-FOR-US: Oracle Solaris
 CVE-2010-3508 (Unspecified vulnerability in Oracle Solaris 10 allows local
users to ...)
-	TODO: check
+	NOT-FOR-US: Oracle Solaris
 CVE-2010-3507 (Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows
local ...)
-	TODO: check
+	NOT-FOR-US: Oracle Solaris
 CVE-2010-3506 (Unspecified vulnerability in the Oracle Explorer (Sun Explorer)
...)
-	TODO: check
+	NOT-FOR-US: Oracle Explorer
 CVE-2010-3505
 	RESERVED
 CVE-2010-3504 (Unspecified vulnerability in the Oracle Applications Technology
Stack ...)
-	TODO: check
+	NOT-FOR-US: Oracle E-Business Suite
 CVE-2010-3503 (Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris
allows ...)
-	TODO: check
+	NOT-FOR-US: Oracle Solaris 10 and OpenSolaris
 CVE-2010-3502 (Unspecified vulnerability in the Siebel Core component in Oracle
...)
-	TODO: check
+	NOT-FOR-US: Oracle Siebel Suite
 CVE-2010-3501 (Unspecified vulnerability in the OID component in Oracle Fusion
...)
-	TODO: check
+	NOT-FOR-US: Oracle Fusion
 CVE-2010-3500 (Unspecified vulnerability in the Siebel Core - Highly
Interactive ...)
-	TODO: check
+	NOT-FOR-US: Oracle Siebel Suite
 CVE-2010-3476 (Open Ticket Request System (OTRS) 2.3.x before 2.3.6 and 2.4.x
before ...)
 	- otrs2 2.4.8+dfsg1-1
 CVE-2010-3475 (IBM DB2 9.7 before FP3 does not properly enforce privilege ...)
@@ -1649,19 +1649,19 @@
 CVE-2010-3332 (Microsoft .NET Framework 1.1 SP1, 2.0 SP1 and SP2, 3.5, 3.5 SP1,
...)
 	NOT-FOR-US: Microsoft .NET Framework
 CVE-2010-3331 (Microsoft Internet Explorer 6 through 8 does not properly handle
...)
-	TODO: check
+	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2010-3330 (Microsoft Internet Explorer 6 through 8 does not properly
restrict ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Internet Explorer 
 CVE-2010-3329 (Microsoft Internet Explorer 7 and 8 does not properly handle
objects ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Internet Explorer 
 CVE-2010-3328 (Microsoft Internet Explorer 6 through 8 does not properly handle
...)
-	TODO: check
+	NOT-FOR-US: Microsoft Internet Explorer 
 CVE-2010-3327 (The implementation of HTML content creation in Microsoft
Internet ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Internet Explorer 
 CVE-2010-3326 (Microsoft Internet Explorer 6 does not properly handle objects
in ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Internet Explorer 
 CVE-2010-3325 (Microsoft Internet Explorer 6 through 8 does not properly handle
...)
-	TODO: check
+	NOT-FOR-US: Microsoft Internet Explorer 
 CVE-2010-3324 (The toStaticHTML function in Microsoft Internet Explorer 8, and
the ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2010-3323 (Splunk 4.0.0 through 4.1.4 allows remote attackers to conduct
session ...)
@@ -1893,65 +1893,65 @@
 CVE-2010-3306 (Directory traversal vulnerability in the modURL function in
instance.c ...)
 	- weborf 0.12.3-1 (bug #596112)
 CVE-2010-3243 (Cross-site scripting (XSS) vulnerability in the toStaticHTML
function ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Internet Explorer 
 CVE-2010-3242 (Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open
XML ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Excel
 CVE-2010-3241 (Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open
XML ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Excel
 CVE-2010-3240 (Microsoft Excel 2002 SP3 and 2007 SP2; Excel Viewer SP2; and
Office ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Excel
 CVE-2010-3239 (Microsoft Excel 2002 SP3 does not properly validate record ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Excel
 CVE-2010-3238 (Microsoft Excel 2002 SP3 and 2003 SP3, and Office 2004 for Mac,
does ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Excel
 CVE-2010-3237 (Microsoft Excel 2002 SP3 and Office 2004 for Mac do not properly
...)
-	TODO: check
+	NOT-FOR-US: Microsoft Excel
 CVE-2010-3236 (Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for
Mac, ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Excel
 CVE-2010-3235 (Microsoft Excel 2002 SP3 does not properly validate formula ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Excel
 CVE-2010-3234 (Microsoft Excel 2002 SP3 does not properly validate formula ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Excel
 CVE-2010-3233 (Microsoft Excel 2002 SP3 and 2003 SP3 does not properly validate
...)
-	TODO: check
+	NOT-FOR-US: Microsoft Excel
 CVE-2010-3232 (Microsoft Excel 2003 SP3 and 2007 SP2; Office 2004 and 2008 for
Mac; ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Excel
 CVE-2010-3231 (Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open
XML ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Excel
 CVE-2010-3230 (Integer overflow in Microsoft Excel 2002 SP3 allows remote
attackers ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Excel
 CVE-2010-3229 (The Secure Channel (aka SChannel) security package in Microsoft
...)
-	TODO: check
+	NOT-FOR-US: Microsoft OSes
 CVE-2010-3228 (The JIT compiler in Microsoft .NET Framework 4.0 on 64-bit
platforms ...)
-	TODO: check
+	NOT-FOR-US: Microsoft .NET Framework
 CVE-2010-3227
 	RESERVED
 CVE-2010-3226
 	RESERVED
 CVE-2010-3225 (Use-after-free vulnerability in the Media Player Network Sharing
...)
-	TODO: check
+	NOT-FOR-US: Microsoft Windows Vista
 CVE-2010-3224
 	RESERVED
 CVE-2010-3223 (The user interface in Microsoft Cluster Service (MSCS) in
Microsoft ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Windows
 CVE-2010-3222 (Stack-based buffer overflow in the Remote Procedure Call
Subsystem ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Windows
 CVE-2010-3221 (Microsoft Word 2002 SP3 and 2003 SP3, Office 2004 for Mac, and
Word ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Word
 CVE-2010-3220 (Unspecified vulnerability in Microsoft Word 2002 SP3 and Office
2004 ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Word
 CVE-2010-3219 (Microsoft Word 2002 SP3 does not properly handle indexes during
...)
-	TODO: check
+	NOT-FOR-US: Microsoft Word
 CVE-2010-3218 (Heap-based buffer overflow in Microsoft Word 2002 SP3 allows
remote ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Word
 CVE-2010-3217 (Microsoft Word 2002 SP3 does not properly handle pointers during
...)
-	TODO: check
+	NOT-FOR-US: Microsoft Word
 CVE-2010-3216 (Microsoft Word 2002 SP3 and Office 2004 for Mac do not properly
handle ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Word
 CVE-2010-3215 (Microsoft Word 2002 SP3 and Office 2004 for Mac do not properly
handle ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Word
 CVE-2010-3214 (Stack-based buffer overflow in Microsoft Word 2002 SP3, 2003
SP3, 2007 ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Word
 CVE-2010-3213 (Cross-site request forgery (CSRF) vulnerability in Microsoft
Outlook ...)
 	NOT-FOR-US: Microsoft Outlook Web Access
 CVE-2010-3212 (SQL injection vulnerability in index.php in Seagull 0.6.7 and
earlier ...)
@@ -3019,7 +3019,7 @@
 	{DSA-2094-1}
 	- linux-2.6 2.6.32-20
 CVE-2010-2797 (Directory traversal vulnerability in
lib/translation.functions.php in ...)
-	TODO: check
+	NOT-FOR-US: CMS Made Simple
 CVE-2010-2796 (Cross-site scripting (XSS) vulnerability in phpCAS before 1.1.2,
when ...)
 	- libphp-cas <itp> (bug #495542)
 	- glpi <unfixed> (unimportant)
@@ -3259,27 +3259,27 @@
 	- iceape 2.0.6-1
 	[lenny] - iceape <not-affected> (Only a stub package)
 CVE-2010-2750 (Microsoft Word 2002 SP3 and Office 2004 for Mac do not properly
handle ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Word
 CVE-2010-2749
 	RESERVED
 CVE-2010-2748 (Microsoft Word 2002 SP3 and Office 2004 for Mac do not properly
check ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Word
 CVE-2010-2747 (Microsoft Word 2002 SP3 and Office 2004 for Mac do not properly
handle ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Word
 CVE-2010-2746 (Heap-based buffer overflow in Comctl32.dll (aka the common
control ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Windows
 CVE-2010-2745 (Microsoft Windows Media Player (WMP) 9 through 12 does not
properly ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Windows Media Player
 CVE-2010-2744 (The kernel-mode drivers in Microsoft Windows XP SP2 and SP3,
Windows ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Windows
 CVE-2010-2743
 	RESERVED
 CVE-2010-2742
 	RESERVED
 CVE-2010-2741 (The OpenType Font (OTF) format driver in Microsoft Windows XP
SP2 and ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Windows
 CVE-2010-2740 (The OpenType Font (OTF) format driver in Microsoft Windows XP
SP2 and ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Windows
 CVE-2010-2739 (Buffer overflow in the CreateDIBPalette function in win32k.sys
in ...)
 	NOT-FOR-US: Windows
 CVE-2010-2738 (The Uniscribe (aka new Unicode Script Processor) implementation
in ...)
@@ -3626,7 +3626,7 @@
 CVE-2010-2602
 	RESERVED
 CVE-2010-2601 (Multiple buffer overflows in the PDF distiller in the Attachment
...)
-	TODO: check
+	NOT-FOR-US: BlackBerry Enterprise Server
 CVE-2010-2600 (Untrusted search path vulnerability in BlackBerry Desktop
Software ...)
 	NOT-FOR-US: BlackBerry Desktop Software
 CVE-2010-2599
@@ -4074,37 +4074,37 @@
 	- knowledgeroot 0.9.9.5-5
 	[lenny] - knowledgeroot <no-dsa> (low)
 CVE-2010-2419 (Unspecified vulnerability in the Java Virtual Machine component
in ...)
-	TODO: check
+	NOT-FOR-US: Oracle Database Server
 CVE-2010-2418 (Unspecified vulnerability in the Oracle Territory Management
component ...)
-	TODO: check
+	NOT-FOR-US: Oracle E-Business Suite
 CVE-2010-2417 (Unspecified vulnerability in the Agile PLM component in Oracle
Supply ...)
-	TODO: check
+	NOT-FOR-US: Oracle Supply Chain Products Suite
 CVE-2010-2416 (Unspecified vulnerability in the Oracle E-Business Intelligence
...)
-	TODO: check
+	NOT-FOR-US: Oracle E-Business Intelligence
 CVE-2010-2415 (Unspecified vulnerability in the Change Data Capture component
in ...)
-	TODO: check
+	NOT-FOR-US: Oracle Database Server
 CVE-2010-2414 (Unspecified vulnerability in the (1) Sun Convergence 1 and (2)
Sun ...)
-	TODO: check
+	NOT-FOR-US: Oracle Sun Products Suite
 CVE-2010-2413 (Unspecified vulnerability in the BI Publisher component in
Oracle ...)
-	TODO: check
+	NOT-FOR-US: Oracle Fusion Middleware
 CVE-2010-2412 (Unspecified vulnerability in the OLAP component in Oracle
Database ...)
-	TODO: check
+	NOT-FOR-US: Oracle Database Server
 CVE-2010-2411 (Unspecified vulnerability in the Job Queue component in Oracle
...)
-	TODO: check
+	NOT-FOR-US: Oracle Database Server
 CVE-2010-2410 (Unspecified vulnerability in the Cabo/UIX component in Oracle
Fusion ...)
-	TODO: check
+	NOT-FOR-US: Oracle Fusion Middleware
 CVE-2010-2409 (Unspecified vulnerability in the Cabo/UIX component in Oracle
Fusion ...)
-	TODO: check
+	NOT-FOR-US: Oracle Fusion Middleware
 CVE-2010-2408 (Unspecified vulnerability in the Oracle iRecruitment component
in ...)
-	TODO: check
+	NOT-FOR-US: Oracle E-Business Suite
 CVE-2010-2407 (Unspecified vulnerability in the XDK component in Oracle
Database ...)
-	TODO: check
+	NOT-FOR-US: Oracle Database Server
 CVE-2010-2406 (Unspecified vulnerability in the Siebel Core - Highly
Interactive ...)
-	TODO: check
+	NOT-FOR-US: Oracle Siebel Suite
 CVE-2010-2405 (Unspecified vulnerability in the Siebel Core - Highly
Interactive ...)
-	TODO: check
+	NOT-FOR-US: Oracle Siebel Suite
 CVE-2010-2404 (Unspecified vulnerability in the Oracle iRecruitment component
in ...)
-	TODO: check
+	NOT-FOR-US: Oracle E-Business Suite
 CVE-2010-2403 (Unspecified vulnerability in the PeopleSoft Enterprise Campus
...)
 	NOT-FOR-US: PeopleSoft
 CVE-2010-2402 (Unspecified vulnerability in the PeopleSoft Enterprise
PeopleTools ...)
@@ -4120,9 +4120,9 @@
 CVE-2010-2397 (Unspecified vulnerability in Oracle Sun Java System Application
Server ...)
 	NOT-FOR-US: Oracle Sun Java System Application Serve
 CVE-2010-2396 (Unspecified vulnerability in the Forms component in Oracle
Fusion ...)
-	TODO: check
+	NOT-FOR-US: Oracle Fusion Middleware
 CVE-2010-2395 (Unspecified vulnerability in the Cabo/UIX component in Oracle
Fusion ...)
-	TODO: check
+	NOT-FOR-US: Oracle Fusion Middleware
 CVE-2010-2394 (Unspecified vulnerability in Oracle Solaris 10 allows local
users to ...)
 	NOT-FOR-US: Solaris
 CVE-2010-2393 (Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris
allows ...)
@@ -4130,13 +4130,13 @@
 CVE-2010-2392 (Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris
allows ...)
 	NOT-FOR-US: Solaris
 CVE-2010-2391 (Unspecified vulnerability in the Core RDBMS component in Oracle
...)
-	TODO: check
+	NOT-FOR-US: Oracle Database Server
 CVE-2010-2390 (Unspecified vulnerability in the Database Control component in
EM ...)
-	TODO: check
+	NOT-FOR-US: Oracle Database Server
 CVE-2010-2389 (Unspecified vulnerability in the Perl component in Oracle
Database ...)
-	TODO: check
+	NOT-FOR-US: Oracle Database Server
 CVE-2010-2388 (Unspecified vulnerability in the Oracle Applications Manager
component ...)
-	TODO: check
+	NOT-FOR-US: Oracle E-Business Suite
 CVE-2010-2387
 	RESERVED
 CVE-2010-2386 (Unspecified vulnerability in Oracle Solaris 8, 9, and 10, and
...)
@@ -5391,7 +5391,7 @@
 CVE-2010-1884
 	RESERVED
 CVE-2010-1883 (Integer overflow in the Embedded OpenType (EOT) Font Engine in
...)
-	TODO: check
+	NOT-FOR-US: Microsoft Windows
 CVE-2010-1882 (Multiple buffer overflows in the MPEG Layer-3 Audio Codec for
...)
 	NOT-FOR-US: MPEG Layer-3 Audio Codec for
 CVE-2010-1881 (The FieldList ActiveX control in the Microsoft Access Wizard
Controls ...)
@@ -8799,7 +8799,7 @@
 CVE-2010-0809
 	RESERVED
 CVE-2010-0808 (Microsoft Internet Explorer 6 and 7 on Windows XP and Vista does
not ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2010-0807 (Microsoft Internet Explorer 7 does not properly handle objects
in ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2010-0806 (Use-after-free vulnerability in the Peer Objects component (aka
...)
Secure testing commits - Oct 2010 - r15478 - data/CVE

[Secure-testing-commits] r15478 - data/CVE
