Secure testing commits - Jan 2011 - r15937 - data/CVE

Author: jmm
Date: 2011-01-21 22:38:17 +0000 (Fri, 21 Jan 2011)
New Revision: 15937

Modified:
   data/CVE/list
Log:
NFUs


Modified: data/CVE/list
==================================================================---
data/CVE/list	2011-01-21 22:27:25 UTC (rev 15936)
+++ data/CVE/list	2011-01-21 22:38:17 UTC (rev 15937)
@@ -290,13 +290,13 @@
 CVE-2011-0494 (Directory traversal vulnerability in WebSEAL in IBM Tivoli
Access ...)
 	NOT-FOR-US: IBM Tivoli Access Manager
 CVE-2011-0489 (The server components in Objectivity/DB 10.0 do not require ...)
-	TODO: check
+	NOT-FOR-US: Objectivity/DB
 CVE-2011-0488 (Stack-based buffer overflow in NTWebServer.exe in the test web
service ...)
-	TODO: check
+	NOT-FOR-US: NTWebServer
 CVE-2011-0487 (ICQ 7 does not verify the authenticity of updates, which allows
...)
-	TODO: check
+	NOT-FOR-US: ICQ
 CVE-2011-0486 (Cross-site scripting (XSS) vulnerability in cognos.cgi in IBM
Cognos 8 ...)
-	TODO: check
+	NOT-FOR-US: IBM Cognos
 CVE-2010-4700 (The set_magic_quotes_runtime function in PHP 5.3.2 and 5.3.3,
when the ...)
 	- php5 <unfixed>
 CVE-2010-4699 (The iconv_mime_decode_headers function in the Iconv extension in
PHP ...)
@@ -306,9 +306,9 @@
 CVE-2010-4697 (Use-after-free vulnerability in the Zend engine in PHP before
5.2.15 ...)
 	- php5 <unfixed>
 CVE-2010-4696 (Multiple SQL injection vulnerabilities in Joomla! 1.5.x before
1.5.22 ...)
-	TODO: check
+	NOT-FOR-US: Joomla
 CVE-2009-5051 (Hastymail2 before RC 8 does not set the secure flag for the
session ...)
-	TODO: check
+	NOT-FOR-US: Hastymail
 CVE-2011-0493 (Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha might
allow ...)
 	{DSA-2148-1}
 	- tor 0.2.1.29-1
@@ -907,7 +907,7 @@
 CVE-2010-4647 (Multiple cross-site scripting (XSS) vulnerabilities in the Help
...)
 	- eclipse <unfixed>
 CVE-2010-4646 (Cross-site scripting (XSS) vulnerability in Hastymail2 before
1.01 ...)
-	TODO: check
+	NOT-FOR-US: Hastymail
 CVE-2010-4644 (Multiple memory leaks in rev_hunt.c in Apache Subversion before
1.6.15 ...)
 	- subversion 1.6.12dfsg-3 (bug #608989)
 	NOTE: http://www.openwall.com/lists/oss-security/2011/01/04/8
@@ -1024,7 +1024,7 @@
 CVE-2011-0273
 	RESERVED
 CVE-2011-0272 (Unspecified vulnerability in HP LoadRunner 9.52 allows remote
...)
-	TODO: check
+	NOT-FOR-US: HP LoadRunner
 CVE-2011-0271 (The CGI scripts in HP OpenView Network Node Manager (OV NNM)
7.51 and ...)
 	NOT-FOR-US: HP OpenView
 CVE-2011-0270 (Format string vulnerability in nnmRptConfig.exe in HP OpenView
Network ...)
@@ -1973,29 +1973,29 @@
 CVE-2010-4465
 	RESERVED
 CVE-2010-4464 (Unspecified vulnerability in Oracle Sun Convergence 1.0 allows
remote ...)
-	TODO: check
+	NOT-FOR-US: Oracle Convergence
 CVE-2010-4463
 	RESERVED
 CVE-2010-4462
 	RESERVED
 CVE-2010-4461 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS
component ...)
-	TODO: check
+	NOT-FOR-US: PeopleSoft
 CVE-2010-4460 (Unspecified vulnerability in Oracle Solaris 10 allows local
users to ...)
-	TODO: check
+	NOT-FOR-US: Solaris
 CVE-2010-4459 (Unspecified vulnerability in Oracle Solaris 11 Express allows
local ...)
-	TODO: check
+	NOT-FOR-US: Solaris
 CVE-2010-4458 (Unspecified vulnerability in Oracle Solaris 11 Express allows
local ...)
-	TODO: check
+	NOT-FOR-US: Solaris
 CVE-2010-4457 (Unspecified vulnerability in Oracle Solaris 11 Express allows
remote ...)
-	TODO: check
+	NOT-FOR-US: Solaris
 CVE-2010-4456 (Unspecified vulnerability in Oracle Sun Java System
Communications ...)
 	TODO: check
 CVE-2010-4455 (Unspecified vulnerability in the Oracle HTTP Server component in
...)
-	TODO: check
+	NOT-FOR-US: Oracle Fusion
 CVE-2010-4454
 	RESERVED
 CVE-2010-4453 (Unspecified vulnerability in the Oracle WebLogic Server
component in ...)
-	TODO: check
+	NOT-FOR-US: Oracle WebLogic
 CVE-2010-4452
 	RESERVED
 CVE-2010-4451
@@ -2003,21 +2003,21 @@
 CVE-2010-4450
 	RESERVED
 CVE-2010-4449 (Unspecified vulnerability in the Audit Vault component in Oracle
Audit ...)
-	TODO: check
+	NOT-FOR-US: Oracle Audit
 CVE-2010-4448
 	RESERVED
 CVE-2010-4447
 	RESERVED
 CVE-2010-4446 (Unspecified vulnerability in Oracle Solaris 11 Express allows
local ...)
-	TODO: check
+	NOT-FOR-US: Solaris
 CVE-2010-4445 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS
component ...)
 	TODO: check
 CVE-2010-4444 (Unspecified vulnerability in Oracle Sun Java System Access
Manager and ...)
 	TODO: check
 CVE-2010-4443 (Unspecified vulnerability in Oracle Solaris 10 and 11 Express
allows ...)
-	TODO: check
+	NOT-FOR-US: Solaris
 CVE-2010-4442 (Unspecified vulnerability in Oracle Solaris 10 and 11 Express
allows ...)
-	TODO: check
+	NOT-FOR-US: Solaris
 CVE-2010-4441 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS
component ...)
 	TODO: check
 CVE-2010-4440 (Unspecified vulnerability in Oracle 10 and 11 Express allows
local ...)
@@ -2031,11 +2031,11 @@
 CVE-2010-4436 (Unspecified vulnerability in Oracle Sun Management Center
(SunMC) 4.0 ...)
 	TODO: check
 CVE-2010-4435 (Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows
remote ...)
-	TODO: check
+	NOT-FOR-US: Solaris
 CVE-2010-4434 (Unspecified vulnerability in the PeopleSoft Enterprise
PeopleTools ...)
 	TODO: check
 CVE-2010-4433 (Unspecified vulnerability in Oracle Solaris 10 allows remote
attackers ...)
-	TODO: check
+	NOT-FOR-US: Solaris
 CVE-2010-4432 (Unspecified vulnerability in the Oracle Transportation Manager
...)
 	TODO: check
 CVE-2010-4431 (Unspecified vulnerability in Oracle Sun Java System Portal
Server 7.1 ...)