Author: jmm
Date: 2011-02-28 23:34:35 +0000 (Mon, 28 Feb 2011)
New Revision: 16268
Modified:
data/CVE/list
Log:
NFUs
another pixelpost issue
Modified: data/CVE/list
==================================================================---
data/CVE/list 2011-02-28 23:22:10 UTC (rev 16267)
+++ data/CVE/list 2011-02-28 23:34:35 UTC (rev 16268)
@@ -1,11 +1,11 @@
CVE-2011-1103 (The WebReporting module in F-Secure Policy Manager 7.x, 8.00
before ...)
- TODO: check
+ NOT-FOR-US: F-Secure Policy Manager
CVE-2011-1102 (Cross-site scripting (XSS) vulnerability in the WebReporting
module in ...)
- TODO: check
+ NOT-FOR-US: F-Secure Policy Manager
CVE-2011-1101 (Multiple unspecified vulnerabilities in a third-party component
of the ...)
- TODO: check
+ NOT-FOR-US: Citrix License Management Console
CVE-2011-1100 (Multiple SQL injection vulnerabilities in admin/index.php in
Pixelpost ...)
- TODO: check
+ - pixelpost <removed>
CVE-2011-XXXX [python2.6: distutils world-readable password]
- python2.6 <unfixed> (low; bug #615118)
[squeeze] - python2.6 <no-dsa> (minor issue)
@@ -158,7 +158,7 @@
CVE-2011-1037
RESERVED
CVE-2011-1036 (The XML Security Database Parser class in the XMLSecDB ActiveX
control ...)
- TODO: check
+ NOT-FOR-US: CA Internet Security Suite
CVE-2011-1035 (The password reset in PivotX before 2.2.4 allows remote
attackers to ...)
NOT-FOR-US: PivotX
CVE-2010-4744 (Multiple unspecified vulnerabilities in abcm2ps before 5.9.13
have ...)
@@ -506,7 +506,7 @@
CVE-2011-0927
RESERVED
CVE-2011-0926 (A certain ActiveX control in CSDWebInstaller.ocx in Cisco Secure
...)
- TODO: check
+ NOT-FOR-US: Cisco Secure Desktop
CVE-2011-0925
RESERVED
CVE-2011-0924 (The client in HP Data Protector does not verify the contents of
files ...)
@@ -1498,7 +1498,7 @@
CVE-2011-0533 (Cross-site scripting (XSS) vulnerability in Apache Continuum 1.1
...)
NOT-FOR-US: Apache Continuum
CVE-2011-0532 (The (1) backup and restore scripts, (2) main initialization
script, ...)
- TODO: check
+ NOT-FOR-US: 389 LDAP server
CVE-2011-0531 (demux/mkv/mkv.hpp in the MKV demuxer plugin in VideoLAN VLC
media ...)
{DSA-2159-1}
- vlc 1.1.7-1 (medium)
@@ -1722,7 +1722,7 @@
CVE-2011-0453 (F-Secure Internet Gatekeeper for Linux 3.x before 3.03 does not
...)
NOT-FOR-US: F-Secure Internet Gatekeeper
CVE-2011-0452 (Untrusted search path vulnerability in the script function in
...)
- TODO: check
+ NOT-FOR-US: Lunascape
CVE-2011-0451 (Multiple cross-site scripting (XSS) vulnerabilities in (1) ...)
NOT-FOR-US: EC-CUBE
CVE-2011-0450 (The downloads manager in Opera before 11.01 on Windows does not
...)
@@ -1873,55 +1873,55 @@
CVE-2011-0397
RESERVED
CVE-2011-0396 (Cisco Adaptive Security Appliances (ASA) 5500 series devices
with ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2011-0395 (Cisco Adaptive Security Appliances (ASA) 5500 series devices
with ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2011-0394 (Cisco Adaptive Security Appliances (ASA) 5500 series devices
with ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2011-0393 (Cisco Adaptive Security Appliances (ASA) 5500 series devices
with ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2011-0392 (Cisco TelePresence Recording Server devices with software 1.6.x
do not ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2011-0391 (Cisco TelePresence Recording Server devices with software 1.6.x
allow ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2011-0390 (The XML-RPC implementation on Cisco TelePresence Multipoint
Switch ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2011-0389 (Cisco TelePresence Multipoint Switch (CTMS) devices with
software ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2011-0388 (Cisco TelePresence Recording Server devices with software 1.6.x
and ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2011-0387 (The administrative web interface on Cisco TelePresence
Multipoint ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2011-0386 (The XML-RPC implementation on Cisco TelePresence Recording
Server ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2011-0385 (The administrative web interface on Cisco TelePresence Recording
...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2011-0384 (The Java Servlet framework on Cisco TelePresence Multipoint
Switch ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2011-0383 (The Java Servlet framework on Cisco TelePresence Recording
Server ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2011-0382 (The CGI subsystem on Cisco TelePresence Recording Server devices
with ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2011-0381 (Cisco TelePresence Manager 1.2.x through 1.6.x allows remote
attackers ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2011-0380 (Cisco TelePresence Manager 1.2.x through 1.6.x allows remote
attackers ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2011-0379 (Buffer overflow on Cisco Adaptive Security Appliances (ASA) 5500
...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2011-0378 (The XML-RPC implementation on Cisco TelePresence endpoint
devices with ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2011-0377 (Cisco TelePresence endpoint devices with software 1.2.x through
1.6.x ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2011-0376 (The TFTP implementation on Cisco TelePresence endpoint devices
with ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2011-0375 (The CGI implementation on Cisco TelePresence endpoint devices
with ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2011-0374 (The CGI implementation on Cisco TelePresence endpoint devices
with ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2011-0373 (The CGI implementation on Cisco TelePresence endpoint devices
with ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2011-0372 (The CGI implementation on Cisco TelePresence endpoint devices
with ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2011-0371
RESERVED
CVE-2011-0370
@@ -1955,7 +1955,7 @@
CVE-2011-0356
RESERVED
CVE-2011-0355 (Cisco Nexus 1000V Virtual Ethernet Module (VEM) 4.0(4) SV1(1)
through ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2011-0354 (The default configuration of Cisco Tandberg C Series Endpoints,
and ...)
NOT-FOR-US: Cisco
CVE-2011-0353
@@ -1999,13 +1999,13 @@
CVE-2011-0333
RESERVED
CVE-2011-0332 (Integer overflow in Foxit Reader before 4.3.1.0218 and Foxit
Phantom ...)
- TODO: check
+ NOT-FOR-US: Foxit Reader
CVE-2011-0331
RESERVED
CVE-2011-0330 (The Dell DellSystemLite.Scanner ActiveX control in
DellSystemLite.ocx ...)
- TODO: check
+ NOT-FOR-US: Dell System Lite
CVE-2011-0329 (Directory traversal vulnerability in the GetData method in the
Dell ...)
- TODO: check
+ NOT-FOR-US: Dell System Lite
CVE-2011-0328
RESERVED
CVE-2011-0327
@@ -3018,7 +3018,7 @@
CVE-2011-0038 (Untrusted search path vulnerability in Microsoft Internet
Explorer 8 ...)
NOT-FOR-US: Microsoft Internet Explorer
CVE-2011-0037 (Microsoft Malware Protection Engine before 1.1.6603.0, as used
in ...)
- TODO: check
+ NOT-FOR-US: Microsoft Malware Protection Engine
CVE-2011-0036 (Microsoft Internet Explorer 6, 7, and 8 does not properly handle
...)
NOT-FOR-US: Microsoft Internet Explorer
CVE-2011-0035 (Microsoft Internet Explorer 6, 7, and 8 does not properly handle
...)
@@ -3186,7 +3186,7 @@
CVE-2011-0023
RESERVED
CVE-2011-0022 (The setup scripts in 389 Directory Server 1.2.x (aka Red Hat
Directory ...)
- TODO: check
+ NOT-FOR-US: 389 LDAP server
CVE-2011-0522 (The StripTags function in (1) the USF decoder ...)
- vlc 1.1.3-1squeeze2
CVE-2011-0021 (Multiple heap-based buffer overflows in cdg.c in the CDG decoder
in ...)
@@ -3195,7 +3195,7 @@
CVE-2011-0020 (Heap-based buffer overflow in the
pango_ft2_font_render_box_glyph ...)
- pango1.0 1.28.3-1+squeeze1 (bug #610792)
CVE-2011-0019 (slapd (aka ns-slapd) in 389 Directory Server 1.2.7.5 (aka Red
Hat ...)
- TODO: check
+ NOT-FOR-US: 389 LDAP server
CVE-2011-0018 (The email function in manage_sql.c in OpenVAS Manager 1.0.x
through ...)
NOT-FOR-US: OpenVAS Manager
CVE-2011-0017 (The open_log function in log.c in Exim 4.72 and earlier does not
check ...)