Author: federico-guest Date: 2011-05-17 10:10:17 +0000 (Tue, 17 May 2011) New Revision: 16682 Modified: data/CVE/list Log: NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2011-05-17 09:25:48 UTC (rev 16681) +++ data/CVE/list 2011-05-17 10:10:17 UTC (rev 16682) @@ -107,7 +107,7 @@ CVE-2011-2090 RESERVED CVE-2011-2089 (Stack-based buffer overflow in the SetActiveXGUID method in the ...) - TODO: check + NOT-FOR-US: ICONICS BizViz, GENESIS32 CVE-2011-2088 (XWork 2.2.1 in Apache Struts 2.2.1, and OpenSymphony XWork in ...) TODO: check CVE-2011-2087 (Multiple cross-site scripting (XSS) vulnerabilities in component ...) @@ -602,21 +602,21 @@ CVE-2011-1856 RESERVED CVE-2011-1855 (Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x ...) - TODO: check + NOT-FOR-US: HP Network Node Manager CVE-2011-1854 (Use-after-free vulnerability in HP Intelligent Management Center (IMC) ...) - TODO: check + NOT-FOR-US: HP Intelligent Management Center CVE-2011-1853 (tftpserver.exe in HP Intelligent Management Center (IMC) 5.0 before ...) - TODO: check + NOT-FOR-US: HP Intelligent Management Center CVE-2011-1852 (Multiple stack-based buffer overflows in tftpserver.exe in HP ...) - TODO: check + NOT-FOR-US: HP Intelligent Management Center CVE-2011-1851 (Stack-based buffer overflow in tftpserver.exe in HP Intelligent ...) - TODO: check + NOT-FOR-US: HP Intelligent Management Center CVE-2011-1850 (Stack-based buffer overflow in the logging functionality in dbman.exe ...) - TODO: check + NOT-FOR-US: HP Intelligent Management Center CVE-2011-1849 (tftpserver.exe in HP Intelligent Management Center (IMC) 5.0 before ...) - TODO: check + NOT-FOR-US: HP Intelligent Management Center CVE-2011-1848 (Stack-based buffer overflow in img.exe in HP Intelligent Management ...) - TODO: check + NOT-FOR-US: HP Intelligent Management Center CVE-2011-1847 (IBM DB2 9.5 before FP7 and 9.7 before FP4 on Linux, UNIX, and Windows ...) NOT-FOR-US: IBM DB2 9.5 CVE-2011-1846 (IBM DB2 9.5 before FP7 and 9.7 before FP4 on Linux, UNIX, and Windows ...) @@ -632,7 +632,7 @@ CVE-2011-1841 (Cross-site scripting (XSS) vulnerability in the link_to helper in ...) - libmojolicious-perl 1.12-1 CVE-2011-1840 (The MartiniCreations PassmanLite Password Manager application before ...) - TODO: check + NOT-FOR-US: MartiniCreations PassmanLite Password Manager for Android CVE-2011-1839 (IBM Rational Build Forge 7.1.0 uses the HTTP GET method during ...) NOT-FOR-US: IBM Rational Build Forge 7.1.0 CVE-2011-1838 @@ -923,29 +923,29 @@ CVE-2011-1739 (The makemask function in mountd.c in mountd in FreeBSD 7.4 through 8.2 ...) TODO: check CVE-2011-1738 (HP Palm webOS 1.4.5 and 1.4.5.1 does not properly restrict Plug-in ...) - TODO: check + NOT-FOR-US: HP Palm webOS CVE-2011-1737 (Multiple cross-site scripting (XSS) vulnerabilities in the Email ...) - TODO: check + NOT-FOR-US: HP Palm webOS CVE-2011-1736 (Directory traversal vulnerability in OmniInet.exe in the Backup Client ...) - TODO: check + NOT-FOR-US: HP OpenView Storage Data Protector CVE-2011-1735 (Stack-based buffer overflow in OmniInet.exe in the Backup Client ...) - TODO: check + NOT-FOR-US: HP OpenView Storage Data Protector CVE-2011-1734 (Stack-based buffer overflow in OmniInet.exe in the Backup Client ...) - TODO: check + NOT-FOR-US: HP OpenView Storage Data Protector CVE-2011-1733 (Stack-based buffer overflow in OmniInet.exe in the Backup Client ...) - TODO: check + NOT-FOR-US: HP OpenView Storage Data Protector CVE-2011-1732 (Stack-based buffer overflow in OmniInet.exe in the Backup Client ...) - TODO: check + NOT-FOR-US: HP OpenView Storage Data Protector CVE-2011-1731 (Stack-based buffer overflow in OmniInet.exe in the Backup Client ...) - TODO: check + NOT-FOR-US: HP OpenView Storage Data Protector CVE-2011-1730 (Stack-based buffer overflow in OmniInet.exe in the Backup Client ...) - TODO: check + NOT-FOR-US: HP OpenView Storage Data Protector CVE-2011-1729 (Stack-based buffer overflow in OmniInet.exe in the Backup Client ...) - TODO: check + NOT-FOR-US: HP OpenView Storage Data Protector CVE-2011-1728 (Stack-based buffer overflow in OmniInet.exe in the Backup Client ...) - TODO: check + NOT-FOR-US: HP OpenView Storage Data Protector CVE-2011-1727 (Cross-site scripting (XSS) vulnerability in HP SiteScope 9.54, 10.13, ...) - TODO: check + NOT-FOR-US: HP SiteScope CVE-2011-1726 (Cross-site scripting (XSS) vulnerability in HP SiteScope 9.54, 10.13, ...) NOT-FOR-US: HP SiteScope CVE-2011-1725 (Unspecified vulnerability in HP Network Automation 7.2x, 7.5x, 7.6x, ...) @@ -1215,7 +1215,7 @@ CVE-2011-1611 RESERVED CVE-2011-1610 (Multiple SQL injection vulnerabilities in xmldirectorylist.jsp in the ...) - TODO: check + NOT-FOR-US: Cisco Unified Communications Manager CVE-2011-1609 (SQL injection vulnerability in Cisco Unified Communications Manager ...) NOT-FOR-US: Cisco Unified Communications Manager CVE-2011-1608 @@ -1386,7 +1386,7 @@ - glibc <removed> (unimportant) NOTE: Obscure attack CVE-2011-1547 (Multiple stack consumption vulnerabilities in the kernel in NetBSD ...) - TODO: check + NOT-FOR-US: NetBSD CVE-2011-1546 (Multiple SQL injection vulnerabilities in Andy''s PHP Knowledgebase ...) NOT-FOR-US: Aphpkb CVE-2011-1545 (Cross-site request forgery (CSRF) vulnerability in HP Insight Control ...) @@ -1812,7 +1812,7 @@ CVE-2011-1424 RESERVED CVE-2011-1423 (Cross-site scripting (XSS) vulnerability in RSA Data Loss Prevention ...) - TODO: check + NOT-FOR-US: RSA Data Loss Prevention Enterprise Manager CVE-2011-1422 (Cross-site scripting (XSS) vulnerability in an unspecified Shockwave ...) NOT-FOR-US: EMC RSA Adaptive Authentication On-Premise CVE-2011-1421 (EMC NetWorker 7.5.x before 7.5.4.3 and 7.6.x before 7.6.1.5, when the ...) @@ -2017,13 +2017,13 @@ CVE-2011-1327 RESERVED CVE-2011-1326 (Unspecified vulnerability on the La Fonera+ router with firmware ...) - TODO: check + NOT-FOR-US: La Fonera+ router CVE-2011-1325 (Cross-site request forgery (CSRF) vulnerability in EC-CUBE before ...) TODO: check CVE-2011-1324 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...) TODO: check CVE-2011-1323 (Yamaha RTX, RT, SRT, RTV, RTW, and RTA series routers with firmware ...) - TODO: check + NOT-FOR-US: Yamaha RTX, RT, SRT, RTV, RTW, and RTA series routers CVE-2011-1322 (The SOAP with Attachments API for Java (SAAJ) implementation in the ...) NOT-FOR-US: WebSphere CVE-2011-1321 (The AuthCache purge implementation in the Security component in IBM ...) @@ -2154,11 +2154,11 @@ CVE-2011-1272 RESERVED CVE-2011-1271 (The JIT compiler in Microsoft .NET Framework before 4 beta 2, when ...) - TODO: check + NOT-FOR-US: Microsoft .NET Framework CVE-2011-1270 (Buffer overflow in Microsoft PowerPoint 2002 SP3 and 2003 SP3 allows ...) - TODO: check + NOT-FOR-US: Microsoft PowerPoint 2002 SP3 and 2003 SP3 CVE-2011-1269 (Microsoft PowerPoint 2002 SP3, 2003 SP3, and 2007 SP2; Office 2004 and ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2011-1268 RESERVED CVE-2011-1267 @@ -2200,7 +2200,7 @@ CVE-2011-1249 RESERVED CVE-2011-1248 (WINS in Microsoft Windows Server 2003 SP2 and Server 2008 Gold, SP2, ...) - TODO: check + NOT-FOR-US: Microsoft Windows CVE-2011-1247 RESERVED CVE-2011-1246 @@ -2282,9 +2282,9 @@ CVE-2011-1210 RESERVED CVE-2011-1209 (IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.39 and 7.0 ...) - TODO: check + NOT-FOR-US: IBM WebSphere Application Server CVE-2011-1208 (IBM solidDB 4.5.x before 4.5.182, 6.0.x before 6.0.1069, 6.1.x and ...) - TODO: check + NOT-FOR-US: IBM solidDB CVE-2011-1207 (The ActiveBar1 ActiveX control in the Data Dynamics ActiveBar ActiveX ...) TODO: check CVE-2011-1206 (Stack-based buffer overflow in the server process in ibmslapd.exe in ...) @@ -3732,7 +3732,7 @@ CVE-2011-0757 (IBM DB2 9.1 before FP10, 9.5 before FP6a, and 9.7 before FP2 on Linux, ...) NOT-FOR-US: IBM DB2 CVE-2011-0756 (The application server in Trustwave WebDefend Enterprise before 5.0 ...) - TODO: check + NOT-FOR-US: Trustwave WebDefend Enterprise CVE-2011-0755 (Integer overflow in the mt_rand function in PHP before 5.3.4 might ...) - php5 5.3.5-1 (unimportant) NOTE: Only exploitable with malicious script @@ -4114,25 +4114,25 @@ CVE-2011-0628 RESERVED CVE-2011-0627 (Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and ...) - TODO: check + NOT-FOR-US: Adobe Flash Player CVE-2011-0626 (Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and ...) - TODO: check + NOT-FOR-US: Adobe Flash Player CVE-2011-0625 (Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and ...) - TODO: check + NOT-FOR-US: Adobe Flash Player CVE-2011-0624 (Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and ...) - TODO: check + NOT-FOR-US: Adobe Flash Player CVE-2011-0623 (Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and ...) - TODO: check + NOT-FOR-US: Adobe Flash Player CVE-2011-0622 (Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and ...) - TODO: check + NOT-FOR-US: Adobe Flash Player CVE-2011-0621 (Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and ...) - TODO: check + NOT-FOR-US: Adobe Flash Player CVE-2011-0620 (Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and ...) - TODO: check + NOT-FOR-US: Adobe Flash Player CVE-2011-0619 (Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and ...) - TODO: check + NOT-FOR-US: Adobe Flash Player CVE-2011-0618 (Integer overflow in Adobe Flash Player before 10.3.181.14 on Windows, ...) - TODO: check + NOT-FOR-US: Adobe Flash Player CVE-2011-0617 RESERVED CVE-2011-0616 @@ -4210,7 +4210,7 @@ CVE-2011-0580 (Multiple cross-site scripting (XSS) vulnerabilities in the ...) NOT-FOR-US: Adobe ColdFusion CVE-2011-0579 (Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and ...) - TODO: check + NOT-FOR-US: Adobe Flash Player CVE-2011-0578 (Adobe Flash Player before 10.2.152.26 allows attackers to execute ...) NOT-FOR-US: Adobe Flash Player CVE-2011-0577 (Unspecified vulnerability in Adobe Flash Player before 10.2.152.26 ...)