Author: federico-guest Date: 2011-10-16 19:58:56 +0000 (Sun, 16 Oct 2011) New Revision: 17439 Modified: data/CVE/list Log: NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2011-10-16 19:11:45 UTC (rev 17438) +++ data/CVE/list 2011-10-16 19:58:56 UTC (rev 17439) @@ -172,23 +172,23 @@ CVE-2010-4921 (SQL injection vulnerability in inc_pollingboothmanager.asp in DMXReady ...) TODO: check CVE-2010-4920 (SQL injection vulnerability in detail.asp in Micronetsoft Rental ...) - TODO: check + NOT-FOR-US: Micronetsoft CVE-2010-4919 (SQL injection vulnerability in detail.asp in Micronetsoft RV Dealer ...) - TODO: check + NOT-FOR-US: Micronetsoft CVE-2010-4918 (PHP remote file inclusion vulnerability in iJoomla Magazine ...) TODO: check CVE-2010-4917 (SQL injection vulnerability in sources/search.php in A-Blog 2.0 allows ...) TODO: check CVE-2010-4916 (Multiple SQL injection vulnerabilities in index.cfm in ColdGen ...) - TODO: check + NOT-FOR-US: ColdGen ColdUserGroup CVE-2010-4915 (SQL injection vulnerability in index.cfm in ColdGen ColdBookmarks 1.22 ...) - TODO: check + NOT-FOR-US: ColdGen ColdBookmarks CVE-2010-4914 (PHP remote file inclusion vulnerability in ...) TODO: check CVE-2010-4913 (Cross-site scripting (XSS) vulnerability in the search feature in ...) - TODO: check + NOT-FOR-US: ColdGen ColdUserGroup CVE-2010-4912 (SQL injection vulnerability in shop.php in UCenter Home 2.0 allows ...) - TODO: check + NOT-FOR-US: UCenter CVE-2010-4911 (SQL injection vulnerability in classi/detail.php in PHP Classifieds ...) TODO: check CVE-2010-4910 (SQL injection vulnerability in index.cfm in ColdGen ColdCalendar 2.06 ...) @@ -5611,21 +5611,21 @@ CVE-2011-2001 (Microsoft Internet Explorer 6 through 9 does not properly handle ...) NOT-FOR-US: Microsoft Internet Explorer CVE-2011-2000 (Microsoft Internet Explorer 6 through 9 does not properly handle ...) - TODO: check + NOT-FOR-US: Microsoft Internet Explorer CVE-2011-1999 (Microsoft Internet Explorer 8 does not properly allocate and access ...) - TODO: check + NOT-FOR-US: Microsoft Internet Explorer CVE-2011-1998 (Microsoft Internet Explorer 9 does not properly handle objects in ...) - TODO: check + NOT-FOR-US: Microsoft Internet Explorer CVE-2011-1997 (Microsoft Internet Explorer 6 does not properly handle objects in ...) - TODO: check + NOT-FOR-US: Microsoft Internet Explorer CVE-2011-1996 (Microsoft Internet Explorer 6 through 8 does not properly handle ...) - TODO: check + NOT-FOR-US: Microsoft Internet Explorer CVE-2011-1995 (Microsoft Internet Explorer 6 through 9 does not properly handle ...) - TODO: check + NOT-FOR-US: Microsoft Internet Explorer CVE-2011-1994 RESERVED CVE-2011-1993 (Microsoft Internet Explorer 6 through 9 does not properly handle ...) - TODO: check + NOT-FOR-US: Microsoft Internet Explorer CVE-2011-1992 RESERVED CVE-2011-1991 (Multiple untrusted search path vulnerabilities in Microsoft Windows XP ...) @@ -5641,7 +5641,7 @@ CVE-2011-1986 (Use-after-free vulnerability in Microsoft Excel 2003 SP3 allows remote ...) NOT-FOR-US: Microsoft Excel CVE-2011-1985 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...) - TODO: check + NOT-FOR-US: Microsoft Windows CVE-2011-1984 (WINS in Microsoft Windows Server 2003 SP2 and Server 2008 SP2, R2, and ...) NOT-FOR-US: Microsoft Windows CVE-2011-1983 @@ -5655,9 +5655,9 @@ CVE-2011-1979 (Microsoft Visio 2003 SP3 and 2007 SP2 does not properly validate ...) NOT-FOR-US: Microsoft Visio CVE-2011-1978 (Microsoft .NET Framework 2.0 SP2, 3.5.1, and 4 does not properly ...) - TODO: check + NOT-FOR-US: Microsoft .NET CVE-2011-1977 (The ASP.NET Chart controls in Microsoft .NET Framework 4, and Chart ...) - TODO: check + NOT-FOR-US: Microsoft .NET CVE-2011-1976 (Cross-site scripting (XSS) vulnerability in the Report Viewer Control ...) NOT-FOR-US: Microsoft Visual Studio CVE-2011-1975 (Untrusted search path vulnerability in the Data Access Tracing ...) @@ -5673,7 +5673,7 @@ CVE-2011-1970 (The DNS server in Microsoft Windows Server 2003 SP2 and Windows Server ...) NOT-FOR-US: Microsoft Windows CVE-2011-1969 (Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, Update 1, ...) - TODO: check + NOT-FOR-US: Microsoft Forefront CVE-2011-1968 (The Remote Desktop Protocol (RDP) implementation in Microsoft Windows ...) NOT-FOR-US: Microsoft Windows CVE-2011-1967 (Winsrv.dll in the Client/Server Run-time Subsystem (aka CSRSS) in the ...) @@ -5845,7 +5845,7 @@ CVE-2011-1914 RESERVED CVE-2011-1913 (SQL injection vulnerability in the login form in the web interface in ...) - TODO: check + NOT-FOR-US: Mercator SENTINEL CVE-2011-1912 RESERVED CVE-2011-1911 (JasperServer in JasperReports Server Community Project 3.7.0 and 3.7.1 ...) @@ -5877,11 +5877,11 @@ CVE-2011-1898 (Xen 4.1 before 4.1.1 and 4.0 before 4.0.2, when using PCI passthrough ...) TODO: check CVE-2011-1897 (Cross-site scripting (XSS) vulnerability in Microsoft Forefront ...) - TODO: check + NOT-FOR-US: Microsoft Forefront CVE-2011-1896 (Cross-site scripting (XSS) vulnerability in Microsoft Forefront ...) - TODO: check + NOT-FOR-US: Microsoft Forefront CVE-2011-1895 (CRLF injection vulnerability in Microsoft Forefront Unified Access ...) - TODO: check + NOT-FOR-US: Microsoft Forefront CVE-2011-1894 (The MHTML protocol handler in Microsoft Windows XP SP2 and SP3, ...) NOT-FOR-US: Microsoft Windows CVE-2011-1893 (Cross-site scripting (XSS) vulnerability in Microsoft Office ...) @@ -6058,7 +6058,7 @@ - spip <unfixed> [squeeze] - spip 2.1.1-3squeeze1 CVE-2011-1827 (Multiple unspecified vulnerabilities in Check Point SSL Network ...) - TODO: check + NOT-FOR-US: Check Point CVE-2010-4801 (Directory traversal vulnerability in admin/updatelist.php in BaconMap ...) NOT-FOR-US: BaconMap CVE-2010-4800 (SQL injection vulnerability in doadd.php in BaconMap 1.0 allows remote ...) @@ -6391,7 +6391,7 @@ CVE-2011-1741 (Stack-based buffer overflow in ftserver.exe in the OpenText ...) NOT-FOR-US: OpenText Hummingbird Client Connector CVE-2011-1740 (EMC Avamar 4.x, 5.0.x, and 6.0.x before 6.0.0-592 allows remote ...) - TODO: check + NOT-FOR-US: EMC Avamar CVE-2011-1739 (The makemask function in mountd.c in mountd in FreeBSD 7.4 through 8.2 ...) NOT-FOR-US: FreeBSD mountd CVE-2011-1738 (HP Palm webOS 1.4.5 and 1.4.5.1 does not properly restrict Plug-in ...) @@ -6484,7 +6484,7 @@ CVE-2011-1697 RESERVED CVE-2011-1696 (Cross-site scripting (XSS) vulnerability in Novell Identity Manager ...) - TODO: check + NOT-FOR-US: Novell Identity Manager CVE-2011-1695 RESERVED CVE-2011-1694 @@ -7762,7 +7762,7 @@ CVE-2011-1254 (Microsoft Internet Explorer 6 through 8 does not properly handle ...) NOT-FOR-US: Microsoft Internet Explorer CVE-2011-1253 (Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5.1, and 4, and ...) - TODO: check + NOT-FOR-US: Microsoft .NET Framework, Silverlight CVE-2011-1252 (Cross-site scripting (XSS) vulnerability in the SafeHTML function in ...) NOT-FOR-US: Microsoft Internet Explorer CVE-2011-1251 (Microsoft Internet Explorer 8 does not properly handle objects in ...) @@ -7774,7 +7774,7 @@ CVE-2011-1248 (WINS in Microsoft Windows Server 2003 SP2 and Server 2008 Gold, SP2, ...) NOT-FOR-US: Microsoft Windows CVE-2011-1247 (Untrusted search path vulnerability in the Microsoft Active ...) - TODO: check + NOT-FOR-US: Microsoft Windows CVE-2011-1246 (Microsoft Internet Explorer 8 does not properly handle content ...) NOT-FOR-US: Microsoft Internet Explorer CVE-2011-1245 (Microsoft Internet Explorer 6 and 7 does not properly restrict script ...) @@ -7830,7 +7830,7 @@ CVE-2011-1222 (Buffer overflow in the Journal Based Backup (JBB) feature in the ...) NOT-FOR-US: IBM Tivoli Storage Manager CVE-2011-1221 (Cross-zone scripting vulnerability in the RealPlayer ActiveX control ...) - TODO: check + NOT-FOR-US: RealNetworks RealPlayer CVE-2011-1220 (Stack-based buffer overflow in lcfd.exe in Tivoli Endpoint in IBM ...) NOT-FOR-US: IBM Tivoli Management Framework CVE-2011-1219 @@ -8827,11 +8827,11 @@ CVE-2011-0947 RESERVED CVE-2011-0946 (The NAT implementation in Cisco IOS 12.1 through 12.4 and 15.0 through ...) - TODO: check + NOT-FOR-US: Cisco IOS CVE-2011-0945 (Memory leak in the Data-link switching (aka DLSw) feature in Cisco IOS ...) - TODO: check + NOT-FOR-US: Cisco IOS CVE-2011-0944 (Cisco IOS 12.4, 15.0, and 15.1 allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: Cisco IOS CVE-2011-0943 (Cisco IOS XR 3.8.3, 3.8.4, and 3.9.1 allows remote attackers to cause ...) NOT-FOR-US: Cisco CVE-2011-0942 @@ -8841,7 +8841,7 @@ CVE-2011-0940 RESERVED CVE-2011-0939 (Unspecified vulnerability in Cisco IOS 12.4, 15.0, and 15.1, and IOS ...) - TODO: check + NOT-FOR-US: Cisco IOS CVE-2011-0938 RESERVED CVE-2011-0937 @@ -10896,9 +10896,9 @@ CVE-2011-0261 (Unspecified vulnerability in jovgraph.exe in jovgraph in HP OpenView ...) NOT-FOR-US: HP OpenView CVE-2011-0260 (The CoreProcesses component in Apple Mac OS X 10.7 before 10.7.2 does ...) - TODO: check + NOT-FOR-US: Apple Mac OS CVE-2011-0259 (CoreFoundation, as used in Apple iTunes before 10.5, does not properly ...) - TODO: check + NOT-FOR-US: Apple iTunes CVE-2011-0258 (Apple QuickTime before 7.7 on Windows allows remote attackers to ...) NOT-FOR-US: Apple QuickTime CVE-2011-0257 (Integer signedness error in Apple QuickTime before 7.7 allows remote ...) @@ -10966,11 +10966,11 @@ - chromium-browser <undetermined> - webkit <undetermined> CVE-2011-0231 (CFNetwork in Apple Mac OS X before 10.7.2 does not properly follow an ...) - TODO: check + NOT-FOR-US: Apple Mac OS X CVE-2011-0230 (Buffer overflow in the ATSFontDeactivate API in Apple Type Services ...) - TODO: check + NOT-FOR-US: Apple Mac OS X CVE-2011-0229 (Apple Type Services (ATS) in Apple Mac OS X through 10.6.8 does not ...) - TODO: check + NOT-FOR-US: Apple Mac OS X CVE-2011-0228 (The Data Security component in Apple iOS before 4.2.10 and 4.3.x ...) NOT-FOR-US: Apple iOS CVE-2011-0227 (The queueing primitives in IOMobileFrameBuffer in Apple iOS before ...) @@ -10982,7 +10982,7 @@ - chromium-browser <undetermined> - webkit <undetermined> CVE-2011-0224 (CoreMedia in Apple Mac OS X through 10.6.8 allows remote attackers to ...) - TODO: check + NOT-FOR-US: Apple Mac OS X CVE-2011-0223 (WebKit, as used in Apple Safari before 5.0.6, allows remote attackers ...) - chromium-browser <undetermined> - webkit <undetermined> @@ -11074,7 +11074,7 @@ CVE-2011-0186 (QuickTime in Apple Mac OS X before 10.6.7 allows remote attackers to ...) NOT-FOR-US: Apple Mac OS CVE-2011-0185 (Format string vulnerability in the debug-logging feature in ...) - TODO: check + NOT-FOR-US: Apple Mac OS X CVE-2011-0184 (QuickLook in Apple Mac OS X 10.6 before 10.6.7 allows remote attackers ...) NOT-FOR-US: Apple Mac OS CVE-2011-0183 (Libinfo in Apple Mac OS X before 10.6.7 does not properly handle an ...)