Author: jmm
Date: 2012-05-04 11:59:42 +0000 (Fri, 04 May 2012)
New Revision: 19134
Modified:
data/CVE/list
Log:
phpldapadmin fixed a long time ago
gdk-pixbuf issue doesn''t apply to stable and beyond
NFUs
Modified: data/CVE/list
==================================================================---
data/CVE/list 2012-05-04 06:49:42 UTC (rev 19133)
+++ data/CVE/list 2012-05-04 11:59:42 UTC (rev 19134)
@@ -22,11 +22,11 @@
CVE-2012-2442
RESERVED
CVE-2012-2441 (RuggedCom Rugged Operating System (ROS) before 3.3 has a factory
...)
- TODO: check
+ NOT-FOR-US: RuggedCom Rugged Operating System
CVE-2012-2440 (The default configuration of the TP-Link 8840T router enables
...)
- TODO: check
+ NOT-FOR-US: TP-Link router
CVE-2012-2439 (The default configuration of the NETGEAR ProSafe FVS318N
firewall ...)
- TODO: check
+ NOT-FOR-US: NETGEAR appliance
CVE-2012-2438
RESERVED
CVE-2012-2437
@@ -54,21 +54,21 @@
CVE-2012-2426
RESERVED
CVE-2012-2425 (The intu-help-qb (aka Intuit Help System Async Pluggable
Protocol) ...)
- TODO: check
+ NOT-FOR-US: Intuit
CVE-2012-2424 (The intu-help-qb (aka Intuit Help System Async Pluggable
Protocol) ...)
- TODO: check
+ NOT-FOR-US: Intuit
CVE-2012-2423 (The intu-help-qb (aka Intuit Help System Async Pluggable
Protocol) ...)
- TODO: check
+ NOT-FOR-US: Intuit
CVE-2012-2422 (Intuit QuickBooks 2009 through 2012 might allow remote attackers
to ...)
- TODO: check
+ NOT-FOR-US: Intuit
CVE-2012-2421 (Absolute path traversal vulnerability in the intu-help-qb (aka
Intuit ...)
- TODO: check
+ NOT-FOR-US: Intuit
CVE-2012-2420 (The intu-help-qb (aka Intuit Help System Async Pluggable
Protocol) ...)
- TODO: check
+ NOT-FOR-US: Intuit
CVE-2012-2419 (Memory leak in the intu-help-qb (aka Intuit Help System Async
...)
- TODO: check
+ NOT-FOR-US: Intuit
CVE-2012-2418 (Heap-based buffer overflow in the intu-help-qb (aka Intuit Help
System ...)
- TODO: check
+ NOT-FOR-US: Intuit
CVE-2012-2417
RESERVED
CVE-2012-2413
@@ -583,7 +583,7 @@
CVE-2012-2218
RESERVED
CVE-2012-2217 (The HTC IQRD service for Android on the HTC EVO 4G before
4.67.651.3, ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2012-2216
RESERVED
CVE-2012-2095 [wicd command execution with root privileges]
@@ -597,7 +597,7 @@
CVE-2012-2213 (** DISPUTED ** Squid 3.1.9 allows remote attackers to bypass the
...)
TODO: check
CVE-2012-2212 (** DISPUTED ** McAfee Web Gateway 7.0 allows remote attackers to
...)
- TODO: check
+ NOT-FOR-US: McAfee Web Gateway
CVE-2012-2211
RESERVED
CVE-2012-XXXX [libpng electric fence crash]
@@ -703,7 +703,7 @@
CVE-2012-2163
RESERVED
CVE-2012-2162 (The Web Server Plug-in in IBM WebSphere Application Server (WAS)
8.0 ...)
- TODO: check
+ NOT-FOR-US: WebSphere
CVE-2012-2161
RESERVED
CVE-2012-2160
@@ -1124,19 +1124,19 @@
CVE-2012-2007
RESERVED
CVE-2012-2006 (Unspecified vulnerability in HP Insight Management Agents before
...)
- TODO: check
+ NOT-FOR-US: Proprietary HP monitoring tools
CVE-2012-2005 (Cross-site scripting (XSS) vulnerability in HP Insight
Management ...)
- TODO: check
+ NOT-FOR-US: Proprietary HP monitoring tools
CVE-2012-2004 (Open redirect vulnerability in HP Insight Management Agents
before ...)
- TODO: check
+ NOT-FOR-US: Proprietary HP monitoring tools
CVE-2012-2003 (Cross-site request forgery (CSRF) vulnerability in HP Insight
...)
- TODO: check
+ NOT-FOR-US: Proprietary HP monitoring tools
CVE-2012-2002 (Open redirect vulnerability in HP SNMP Agents for Linux before
9.0.0 ...)
- TODO: check
+ NOT-FOR-US: Proprietary HP monitoring tools
CVE-2012-2001 (Cross-site scripting (XSS) vulnerability in HP SNMP Agents for
Linux ...)
- TODO: check
+ NOT-FOR-US: Proprietary HP monitoring tools
CVE-2012-2000 (Multiple unspecified vulnerabilities in HP System Health
Application ...)
- TODO: check
+ NOT-FOR-US: Proprietary HP monitoring tools
CVE-2012-1999
RESERVED
CVE-2012-1998
@@ -1529,7 +1529,7 @@
CVE-2012-1820
RESERVED
CVE-2012-1819 (Untrusted search path vulnerability in WellinTech KingView 6.53
allows ...)
- TODO: check
+ NOT-FOR-US: WellinTech KingView
CVE-2012-1818
RESERVED
CVE-2012-1817
@@ -1561,7 +1561,7 @@
CVE-2012-1804
RESERVED
CVE-2012-1803 (RuggedCom Rugged Operating System (ROS) 3.10.x and earlier has a
...)
- TODO: check
+ NOT-FOR-US: RuggedCom Rugged Operating System
CVE-2012-1802 (Buffer overflow in the embedded web server on the Siemens
Scalance X ...)
NOT-FOR-US: Siemens Scalance X
CVE-2012-1801 (Multiple stack-based buffer overflows in (1) COM and (2) ActiveX
...)
@@ -2826,9 +2826,9 @@
CVE-2012-1245 (Cross-site scripting (XSS) vulnerability in the cleanup_urls
function ...)
TODO: check
CVE-2012-1244 (The NTT DOCOMO sp mode mail application 5400 and earlier for
Android ...)
- TODO: check
+ NOT-FOR-US: Android app
CVE-2012-1243 (The TwitRocker2 application before 1.0.23 for Android does not
...)
- TODO: check
+ NOT-FOR-US: Android app
CVE-2012-1242 (Untrusted search path vulnerability in JustSystems Ichitaro 2011
Sou, ...)
TODO: check
CVE-2012-1241 (GRScript18.dll before 1.2.2.0 in ActiveScriptRuby (ASR) before
1.8.7 ...)
@@ -8875,8 +8875,7 @@
NOT-FOR-US: RedHat sos
CVE-2011-4082
RESERVED
- - phpldapadmin <unfixed>
- TODO: check
+ - phpldapadmin 0.9.8-1
CVE-2011-4081 [CRYPTO_GHASH issue]
RESERVED
- linux-2.6 3.0.0-6
@@ -12585,9 +12584,7 @@
[lenny] - linux-2.6 <not-affected> (introduced in 2.6.27)
CVE-2011-2897
RESERVED
- - gdk-pixbuf <unfixed>
- TODO: check
- TODO: check for other copies of the same codebase
+ - gdk-pixbuf <not-affected> (This only applies to the old standalone
copy shipped until Lenny)
CVE-2011-2896 (The LZW decompressor in the LWZReadByte function in giftoppm.c
in the ...)
{DSA-2426-1 DSA-2354-1}
- cups 1.5.0-8