Secure testing commits - Jan 2012 - r18150 - data/CVE

Author: fw
Date: 2012-01-14 12:56:34 +0000 (Sat, 14 Jan 2012)
New Revision: 18150

Modified:
   data/CVE/list
Log:
NFUs


Modified: data/CVE/list
==================================================================---
data/CVE/list	2012-01-14 12:39:08 UTC (rev 18149)
+++ data/CVE/list	2012-01-14 12:56:34 UTC (rev 18150)
@@ -1,7 +1,7 @@
 CVE-2012-0697 (HP StorageWorks P2000 G3 MSA array systems have a default
account, ...)
-	TODO: check
+	NOT-FOR-US: HP StorageWorks
 CVE-2012-0696 (Multiple cross-site scripting (XSS) vulnerabilities in the
Executive ...)
-	TODO: check
+	NOT-FOR-US: IBM Cognos
 CVE-2012-0695 (Multiple unspecified vulnerabilities in Google Chrome before
...)
 	TODO: check
 CVE-2012-0694
@@ -794,9 +794,9 @@
 CVE-2012-0311
 	RESERVED
 CVE-2012-0310 (CRLF injection vulnerability in Cogent DataHub 7.1.2 and
earlier, ...)
-	TODO: check
+	NOT-FOR-US: Cogent DataHub
 CVE-2012-0309 (Cross-site scripting (XSS) vulnerability in Cogent DataHub 7.1.2
and ...)
-	TODO: check
+	NOT-FOR-US: Cogent DataHub
 CVE-2012-0308
 	RESERVED
 CVE-2012-0307
@@ -1893,13 +1893,13 @@
 CVE-2011-4790
 	RESERVED
 CVE-2011-4789 (Stack-based buffer overflow in magentservice.exe in the server
in HP ...)
-	TODO: check
+	NOT-FOR-US: HP Diagnostics
 CVE-2011-4788 (Absolute path traversal vulnerability in the web interface on HP
...)
-	TODO: check
+	NOT-FOR-US: HP StorageWorks
 CVE-2011-4787 (A certain ActiveX control in HPTicketMgr.dll in HP Easy Printer
Care ...)
-	TODO: check
+	NOT-FOR-US: HP Easy Printer Care
 CVE-2011-4786 (A certain ActiveX control in HPTicketMgr.dll in HP Easy Printer
Care ...)
-	TODO: check
+	NOT-FOR-US: HP Easy Printer Care
 CVE-2011-4785 (Directory traversal vulnerability in the HP-ChaiSOE/1.0 web
server on ...)
 	NOT-FOR-US: HP-ChaiSOE/1.0 web server
 CVE-2011-4784 (The NVIDIA Stereoscopic 3D driver before 7.17.12.7565 does not
...)
@@ -11026,7 +11026,7 @@
 CVE-2011-1711 (Unspecified vulnerability in the Mobility Pack 1.1.2 and earlier
in ...)
 	NOT-FOR-US: Mobility Pack 1.1.2 and earlier in Novell Data Synchronizer
 CVE-2011-1710 (Multiple integer overflows in the HTTP server in the Novell
XTier ...)
-	TODO: check
+	NOT-FOR-US: Novell XTier
 CVE-2011-1709 (GNOME Display Manager (gdm) before 2.32.2, when glib 2.28 is
used, ...)
 	- gdm3 <not-affected> (Vulnerable code patched out in Debian package in
sid, patched in 3.0.4 experimental)
 	- gdm <not-affected> (Vulnerable code not present)