Author: jamie-guest
Date: 2011-06-03 17:21:09 +0000 (Fri, 03 Jun 2011)
New Revision: 16762
Modified:
data/CVE/list
Log:
NFUs and a couple whitespace fixups
Modified: data/CVE/list
==================================================================---
data/CVE/list 2011-06-03 15:20:17 UTC (rev 16761)
+++ data/CVE/list 2011-06-03 17:21:09 UTC (rev 16762)
@@ -1,3 +1,31 @@
+CVE-2011-2331
+ NOT-FOR-US: HP Intelligent Management Center (IMC)
+CVE-2011-2330
+ NOT-FOR-US: IBM Tivoli Management Framework
+CVE-2011-2328
+ NOT-FOR-US: HP LoadRunner
+CVE-2011-2215
+ NOT-FOR-US: WalRack
+CVE-2011-2214
+ NOT-FOR-US: 7T Interactive Graphical SCADA System
+CVE-2011-2173
+ NOT-FOR-US: IBM WebSphere Portal
+CVE-2011-2172
+ NOT-FOR-US: IBM WebSphere Portal
+CVE-2011-2171
+ NOT-FOR-US: Google Chrome OS
+CVE-2011-2170
+ NOT-FOR-US: Google Chrome OS
+CVE-2011-2169
+ NOT-FOR-US: Google Chrome OS
+CVE-2011-2168
+ NOT-FOR-US: OpenBSD
+CVE-2011-2165
+ NOT-FOR-US: WatchGuard XCS
+CVE-2010-4807
+ NOT-FOR-US: IBM Web Content Manager
+CVE-2010-4806
+ NOT-FOR-US: IBM Web Content Manager
CVE-2011-2179 [nagios XSS]
- nagios <unfixed>
- icinga <unfixed>
@@ -14,7 +42,7 @@
[squeeze] - asterisk <not-affected> (Only affects 1.8)
NOTE: http://downloads.digium.com/pub/security/AST-2011-007.html
CVE-2011-XXXX [libxml2 overflows]
- - libxml2 <unfixed> (bug #628537)
+ - libxml2 <unfixed> (bug #628537)
CVE-2011-XXXX [unspecified security vulnerabilities]
- movabletype-opensource 4.3.6+dfsg-1 (bug #627936)
CVE-2011-2164 (Multiple unspecified vulnerabilities in Adobe Photoshop before
12.0.4 ...)
@@ -307,11 +335,11 @@
CVE-2011-2042
RESERVED
CVE-2011-2041
- RESERVED
+ NOT-FOR-US: Cisco
CVE-2011-2040
- RESERVED
+ NOT-FOR-US: Cisco
CVE-2011-2039
- RESERVED
+ NOT-FOR-US: Cisco
CVE-2011-2038
RESERVED
CVE-2011-2037
@@ -341,7 +369,7 @@
CVE-2011-2025
RESERVED
CVE-2011-2024
- RESERVED
+ NOT-FOR-US: Cisco
CVE-2011-2023
RESERVED
CVE-2011-2022 (The agp_generic_remove_memory function in
drivers/char/agp/generic.c ...)
@@ -530,7 +558,7 @@
CVE-2011-1938
RESERVED
CVE-2011-1937
- RESERVED
+ NOT-FOR-US: Webmin
CVE-2011-1936
RESERVED
CVE-2011-1935 [packet truncation in libpcap]
@@ -558,13 +586,13 @@
- ffmpeg-debian <removed>
CVE-2011-1930
RESERVED
- - klibc 1.5.22-1 (low)
- [squeeze] - klibc <no-dsa> (Minor issue)
- [lenny] - klibc <no-dsa> (Minor issue)
+ - klibc 1.5.22-1 (low)
+ [squeeze] - klibc <no-dsa> (Minor issue)
+ [lenny] - klibc <no-dsa> (Minor issue)
CVE-2011-1929
RESERVED
- - dovecot 1:2.0.13-1 (bug #627443)
- [lenny] - dovecot <not-affected> (Vulnerability introduced in 1.1)
+ - dovecot 1:2.0.13-1 (bug #627443)
+ [lenny] - dovecot <not-affected> (Vulnerability introduced in 1.1)
CVE-2011-1928
RESERVED
{DSA-2237-2}
@@ -601,7 +629,6 @@
RESERVED
- subversion 1.6.17dfsg-1
CVE-2011-1920 [pmake insecure tempfile]
- RESERVED
- pmake 1.111-3 (low; bug #626673)
[squeeze] - pmake <no-dsa> (Minor issue)
[lenny] - pmake <no-dsa> (Minor issue)
@@ -1021,7 +1048,6 @@
- linux-2.6 <unfixed> (low)
CVE-2011-1775
RESERVED
- NOT-FOR-US: TigerVNC
CVE-2011-1774
RESERVED
- xmlsec1 1.2.14-1.1
@@ -1031,7 +1057,7 @@
RESERVED
NOT-FOR-US: virt-v2v
CVE-2011-1772 (Multiple cross-site scripting (XSS) vulnerabilities in XWork in
Apache ...)
- TODO: check
+ NOT-FOR-US: Apache Struts 2.x
CVE-2011-1771
RESERVED
CVE-2011-1770
@@ -1334,19 +1360,19 @@
CVE-2010-4779 (Cross-site scripting (XSS) vulnerability in
lib/includes/auth.inc.php ...)
NOT-FOR-US: WPtouch plugin for WordPress
CVE-2011-1651
- RESERVED
+ NOT-FOR-US: Cisco
CVE-2011-1650
RESERVED
CVE-2011-1649
- RESERVED
+ NOT-FOR-US: Cisco
CVE-2011-1648
RESERVED
CVE-2011-1647
- RESERVED
+ NOT-FOR-US: Cisco
CVE-2011-1646
- RESERVED
+ NOT-FOR-US: Cisco
CVE-2011-1645
- RESERVED
+ NOT-FOR-US: Cisco
CVE-2011-1644
RESERVED
CVE-2011-1643
@@ -1362,7 +1388,7 @@
CVE-2011-1638
RESERVED
CVE-2011-1637
- RESERVED
+ NOT-FOR-US: Cisco
CVE-2011-1636
RESERVED
CVE-2011-1635
@@ -1390,7 +1416,7 @@
CVE-2011-1624
RESERVED
CVE-2011-1623
- RESERVED
+ NOT-FOR-US: Cisco
CVE-2011-1622
RESERVED
CVE-2011-1621
@@ -1430,9 +1456,9 @@
CVE-2011-1604 (Memory leak in Cisco Unified Communications Manager (aka CUCM,
...)
NOT-FOR-US: Cisco Unified Communications Manager
CVE-2011-1603
- RESERVED
+ NOT-FOR-US: Cisco
CVE-2011-1602
- RESERVED
+ NOT-FOR-US: Cisco
CVE-2011-1601
RESERVED
CVE-2011-1600
@@ -1691,7 +1717,7 @@
CVE-2011-1513
RESERVED
CVE-2011-1512
- RESERVED
+ NOT-FOR-US: Autonomy KeyView
CVE-2011-1511
RESERVED
CVE-2011-1510
@@ -2054,7 +2080,7 @@
- xmlsec1 1.2.14-1.1 (bug #620560)
NOTE: http://www.aleksey.com/xmlsec/news.html
CVE-2011-1424
- RESERVED
+ NOT-FOR-US: EMC SourceOne Email Management
CVE-2011-1423 (Cross-site scripting (XSS) vulnerability in RSA Data Loss
Prevention ...)
NOT-FOR-US: RSA Data Loss Prevention Enterprise Manager
CVE-2011-1422 (Cross-site scripting (XSS) vulnerability in an unspecified
Shockwave ...)
@@ -2254,17 +2280,17 @@
CVE-2011-1330
RESERVED
CVE-2011-1329
- RESERVED
+ NOT-FOR-US: WalRack
CVE-2011-1328
- RESERVED
+ NOT-FOR-US: RADVISION iVIEW Suite
CVE-2011-1327 (The Keystroke Encryption feature in Trend Micro Internet
Security 2009 ...)
- TODO: check
+ NOT-FOR-US: Trend Micro Internet Security
CVE-2011-1326 (Unspecified vulnerability on the La Fonera+ router with firmware
...)
NOT-FOR-US: La Fonera+ router
CVE-2011-1325 (Cross-site request forgery (CSRF) vulnerability in EC-CUBE
before ...)
- TODO: check
+ NOT-FOR-US: EC-CUBE
CVE-2011-1324 (Multiple cross-site request forgery (CSRF) vulnerabilities in
the ...)
- TODO: check
+ NOT-FOR-US: Buffalo routers
CVE-2011-1323 (Yamaha RTX, RT, SRT, RTV, RTW, and RTA series routers with
firmware ...)
NOT-FOR-US: Yamaha RTX, RT, SRT, RTV, RTW, and RTA series routers
CVE-2011-1322 (The SOAP with Attachments API for Java (SAAJ) implementation in
the ...)
@@ -2509,21 +2535,21 @@
CVE-2011-1221
RESERVED
CVE-2011-1220
- RESERVED
+ NOT-FOR-US: IBM Tivoli Management Framework
CVE-2011-1219
RESERVED
CVE-2011-1218
- RESERVED
+ NOT-FOR-US: Autonomy KeyView
CVE-2011-1217
- RESERVED
+ NOT-FOR-US: Autonomy KeyView
CVE-2011-1216
- RESERVED
+ NOT-FOR-US: Autonomy KeyView
CVE-2011-1215
- RESERVED
+ NOT-FOR-US: Autonomy KeyView
CVE-2011-1214
- RESERVED
+ NOT-FOR-US: Autonomy KeyView
CVE-2011-1213
- RESERVED
+ NOT-FOR-US: Autonomy KeyView
CVE-2011-1212
RESERVED
CVE-2011-1211
@@ -3042,7 +3068,7 @@
RESERVED
- linux-2.6 2.6.38-4 (low)
CVE-2011-1077
- RESERVED
+ NOT-FOR-US: Apache Archiva
CVE-2011-1076
RESERVED
- linux-2.6 2.6.38-1
@@ -3193,7 +3219,7 @@
CVE-2011-1027 (Off-by-one error in the convert_query_hexchar function in html.c
in ...)
NOT-FOR-US: cgit
CVE-2011-1026
- RESERVED
+ NOT-FOR-US: Apache Archiva
CVE-2011-1025 (bind.cpp in back-ndb in OpenLDAP 2.4.x before 2.4.24 does not
require ...)
- openldap 2.4.25-1 (unimportant; bug #617606)
NOTE: NBD backend disabled in Debian builds
@@ -3443,7 +3469,7 @@
CVE-2011-0967
RESERVED
CVE-2011-0966 (Directory traversal vulnerability in cwhp/auditLog.do in the
Homepage ...)
- TODO: check
+ NOT-FOR-US: Cisco CiscoWorks Common Services
CVE-2011-0965
RESERVED
CVE-2011-0964
@@ -3451,13 +3477,13 @@
CVE-2011-0963 (The default configuration of the RADIUS authentication feature
on the ...)
NOT-FOR-US: Cisco Network Access Control (NAC) Guest Server
CVE-2011-0962 (Cross-site scripting (XSS) vulnerability in ...)
- TODO: check
+ NOT-FOR-US: Cisco Unified Operations Manager
CVE-2011-0961 (Cross-site scripting (XSS) vulnerability in
cwhp/device.center.do in ...)
- TODO: check
+ NOT-FOR-US: Cisco CiscoWorks Common Services
CVE-2011-0960 (Multiple SQL injection vulnerabilities in Cisco Unified
Operations ...)
- TODO: check
+ NOT-FOR-US: Cisco Unified Operations Manager
CVE-2011-0959 (Multiple cross-site scripting (XSS) vulnerabilities in Cisco
Unified ...)
- TODO: check
+ NOT-FOR-US: Cisco Unified Operations Manager
CVE-2011-0958
RESERVED
CVE-2011-0957
@@ -3477,7 +3503,7 @@
CVE-2011-0950
RESERVED
CVE-2011-0949
- RESERVED
+ NOT-FOR-US: Cisco
CVE-2011-0948
RESERVED
CVE-2011-0947
@@ -3489,7 +3515,7 @@
CVE-2011-0944
RESERVED
CVE-2011-0943
- RESERVED
+ NOT-FOR-US: Cisco
CVE-2011-0942
RESERVED
CVE-2011-0941
@@ -4379,13 +4405,13 @@
CVE-2011-0616
RESERVED
CVE-2011-0615 (Multiple buffer overflows in Adobe Audition 3.0.1 and earlier
allow ...)
- TODO: check
+ NOT-FOR-US: Adobe Audition
CVE-2011-0614 (Buffer overflow in Adobe Audition 3.0.1 and earlier allows
remote ...)
- TODO: check
+ NOT-FOR-US: Adobe Audition
CVE-2011-0613 (Multiple cross-site scripting (XSS) vulnerabilities in RoboHelp
7 and ...)
- TODO: check
+ NOT-FOR-US: RoboHelp
CVE-2011-0612 (Adobe Flash Media Server (FMS) before 3.5.6, and 4.x before
4.0.2, ...)
- TODO: check
+ NOT-FOR-US: Adobe Flash Media Server
CVE-2011-0611 (Adobe Flash Player before 10.2.154.27 on Windows, Mac OS X,
Linux, and ...)
NOT-FOR-US: Adobe Flash Player / Acrobat Reader
CVE-2011-0610 (The CoolType library in Adobe Reader 9.x before 9.4.4 and 10.x
through ...)
@@ -4517,7 +4543,7 @@
CVE-2011-0547
RESERVED
CVE-2011-0546
- RESERVED
+ NOT-FOR-US: Symantec Backup Exec
CVE-2011-0545 (Cross-site request forgery (CSRF) vulnerability in adduser.do in
...)
NOT-FOR-US: Symantec LiveUpdate Administrator
CVE-2011-0544
@@ -5076,9 +5102,9 @@
CVE-2011-0342
RESERVED
CVE-2011-0341 (Stack-based buffer overflow in the pdfmoz_onmouse function in
...)
- TODO: check
+ NOT-FOR-US: MuPDF plug-in for Firefox
CVE-2011-0340 (Multiple buffer overflows in the ISSymbol ActiveX control in
...)
- TODO: check
+ NOT-FOR-US: ISSymbol.ocx
CVE-2011-0339
RESERVED
CVE-2011-0338
@@ -7210,7 +7236,7 @@
CVE-2010-4285
RESERVED
CVE-2010-4284 (SQL injection vulnerability in the authentication form in the
...)
- TODO: check
+ NOT-FOR-US: Samsung Integrated Management System
CVE-2010-4283 (PHP remote file inclusion vulnerability in
extras/pandora_diag.php in ...)
NOT-FOR-US: Pandora FMS
CVE-2010-4282 (Multiple directory traversal vulnerabilities in Pandora FMS
before ...)
@@ -18924,9 +18950,9 @@
NOTE: http://ftp.isc.org/isc/bind9/9.7.2-P2/RELEASE-NOTES-BIND-9.7.2-P2.html
NOTE: ACL bypass claimed to only affect >=9.7.2:
https://lists.isc.org/pipermail/bind-announce/2010-September/000655.html
CVE-2010-0217 (Zeacom Chat Server before 5.1 uses too short a random string for
the ...)
- TODO: check
+ NOT-FOR-US: Zeacom Chat Server
CVE-2010-0216 (authenticate_ad_setup_finished.cfm in MediaCAST 8 and earlier
allows ...)
- TODO: check
+ NOT-FOR-US: MediaCAST
CVE-2010-0215 (ActiveCollab before 2.3.2 allows remote authenticated users to
bypass ...)
NOT-FOR-US: ActiveCollab
CVE-2010-0214 (The administrative interface on the PolyVision RoomWizard with
...)