thr3ads.net - Secure testing commits - [Secure-testing-commits] r20027

If this information is useful, please help other people find it:
Share via:
Raphael Geissert
2012-Aug-25 19:06 UTC
[Secure-testing-commits] r20027 - data/CVE

Author: geissert
Date: 2012-08-25 19:06:35 +0000 (Sat, 25 Aug 2012)
New Revision: 20027

Modified:
   data/CVE/list
Log:
smarty3 issue, NFUs


Modified: data/CVE/list
==================================================================---
data/CVE/list	2012-08-25 16:29:49 UTC (rev 20026)
+++ data/CVE/list	2012-08-25 19:06:35 UTC (rev 20027)
@@ -35,9 +35,9 @@
 CVE-2011-5103 (SQL injection vulnerability in Alurian Prismotube PHP Video
Script ...)
 	TODO: check
 CVE-2012-4605 (The default configuration of the SMTP component in Websense
Email ...)
-	TODO: check
+	NOT-FOR-US: Websense Email Security
 CVE-2012-4604 (The TRITON management console in Websense Web Security before
7.6 ...)
-	TODO: check
+	NOT-FOR-US: Websense Web Security
 CVE-2012-4603
 	RESERVED
 CVE-2012-4602
@@ -71,52 +71,52 @@
 CVE-2008-7312 (The Filtering Service in Websense Enterprise 5.2 through 6.3
does not ...)
 	TODO: check
 CVE-2012-4599 (McAfee SmartFilter Administration, and SmartFilter
Administration Bess ...)
-	TODO: check
+	NOT-FOR-US: McAfee SmartFilter Administration
 CVE-2012-4598 (An unspecified ActiveX control in McAfee Virtual Technician
(MVT) ...)
-	TODO: check
+	NOT-FOR-US: McAfee Virtual Technician
 CVE-2012-4597 (Cross-site scripting (XSS) vulnerability in McAfee Email and Web
...)
-	TODO: check
+	NOT-FOR-US: McAfee Email and Web Security
 CVE-2012-4596 (Directory traversal vulnerability in McAfee Email Gateway (MEG)
7.0.0 ...)
-	TODO: check
+	NOT-FOR-US: McAfee Email Gateway
 CVE-2012-4595 (McAfee Email and Web Security (EWS) 5.5 through Patch 6 and 5.6
...)
-	TODO: check
+	NOT-FOR-US: McAfee Email and Web Security
 CVE-2012-4594 (McAfee ePolicy Orchestrator (ePO) 4.6.1 and earlier allows
remote ...)
-	TODO: check
+	NOT-FOR-US: McAfee ePolicy Orchestrator
 CVE-2012-4593 (McAfee Application Control and Change Control 5.1.x and 6.0.0 do
not ...)
-	TODO: check
+	NOT-FOR-US: McAfee Application Control and Change Control
 CVE-2012-4592 (The Portal in McAfee Enterprise Mobility Manager (EMM) before
10.0 ...)
-	TODO: check
+	NOT-FOR-US: McAfee Enterprise Mobility Manager
 CVE-2012-4591 (About.aspx in the Portal in McAfee Enterprise Mobility Manager
(EMM) ...)
-	TODO: check
+	NOT-FOR-US: McAfee Enterprise Mobility Manager
 CVE-2012-4590 (Multiple cross-site scripting (XSS) vulnerabilities in
About.aspx in ...)
-	TODO: check
+	NOT-FOR-US: McAfee Enterprise Mobility Manager
 CVE-2012-4589 (Login.aspx in the Portal in McAfee Enterprise Mobility Manager
(EMM) ...)
-	TODO: check
+	NOT-FOR-US: McAfee Enterprise Mobility Manager
 CVE-2012-4588 (McAfee Enterprise Mobility Manager (EMM) Agent before 4.8 and
Server ...)
-	TODO: check
+	NOT-FOR-US: McAfee Enterprise Mobility Manager
 CVE-2012-4587 (McAfee Enterprise Mobility Manager (EMM) Agent before 4.8 and
Server ...)
-	TODO: check
+	NOT-FOR-US: McAfee Enterprise Mobility Manager
 CVE-2012-4586 (McAfee Email and Web Security (EWS) 5.x before 5.5 Patch 6 and
5.6 ...)
-	TODO: check
+	NOT-FOR-US: McAfee Email and Web Security
 CVE-2012-4585 (McAfee Email and Web Security (EWS) 5.x before 5.5 Patch 6 and
5.6 ...)
-	TODO: check
+	NOT-FOR-US: McAfee Email and Web Security
 CVE-2012-4584 (McAfee Email and Web Security (EWS) 5.x before 5.5 Patch 6 and
5.6 ...)
-	TODO: check
+	NOT-FOR-US: McAfee Email and Web Security
 CVE-2012-4583 (McAfee Email and Web Security (EWS) 5.x before 5.5 Patch 6 and
5.6 ...)
-	TODO: check
+	NOT-FOR-US: McAfee Email and Web Security
 CVE-2012-4582 (McAfee Email and Web Security (EWS) 5.x before 5.5 Patch 6 and
5.6 ...)
-	TODO: check
+	NOT-FOR-US: McAfee Email and Web Security
 CVE-2012-4581 (McAfee Email and Web Security (EWS) 5.x before 5.5 Patch 6 and
5.6 ...)
-	TODO: check
+	NOT-FOR-US: McAfee Email and Web Security
 CVE-2012-4580 (Cross-site scripting (XSS) vulnerability in McAfee Email and Web
...)
-	TODO: check
+	NOT-FOR-US: McAfee Email and Web Security
 CVE-2012-4579 (Multiple cross-site scripting (XSS) vulnerabilities in
phpMyAdmin ...)
 	- phpmyadmin 4:3.4.11.1-1
 	[squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
 CVE-2012-4578 (The geli encryption provider 7 before r239184 on FreeBSD 10 uses
a ...)
-	TODO: check
+	- freebsd-utils <not-affected> (only affects dev version of 10)
 CVE-2012-4577 (The Linux firmware image on (1) Korenix Jetport 5600 series ...)
-	TODO: check
+	NOT-FOR-US: Korenix Jetport 5600
 CVE-2012-4576
 	RESERVED
 CVE-2012-4575
@@ -558,11 +558,11 @@
 CVE-2009-5115 (McAfee Common Management Agent (CMA) 3.5.5 through 3.5.5.588 and
3.6.0 ...)
 	TODO: check
 CVE-2012-4363 (Multiple unspecified vulnerabilities in Adobe Reader through
10.1.4 ...)
-	TODO: check
+	NOT-FOR-US: Adobe Reader
 CVE-2012-4362 (hydra.exe in HP SAN/iQ before 9.5 on the HP Virtual SAN
Appliance has ...)
-	TODO: check
+	NOT-FOR-US: HP Virtual SAN Appliance
 CVE-2012-4361 (lhn/public/network/ping in HP SAN/iQ before 9.5 on the HP
Virtual SAN ...)
-	TODO: check
+	NOT-FOR-US: HP Virtual SAN Appliance
 CVE-2012-4360
 	RESERVED
 CVE-2012-4359 (Sielco Sistemi Winlog Pro SCADA before 2.07.18 and Winlog Lite
SCADA ...)
@@ -611,7 +611,7 @@
 CVE-2012-4338
 	RESERVED
 CVE-2012-4337 (Foxit Reader before 5.3 on Windows XP and Windows 7 allows
remote ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2012-4336
 	RESERVED
 CVE-2012-4335 (Samsung NET-i viewer 1.37.120316 allows remote attackers to
cause a ...)
@@ -728,7 +728,7 @@
 CVE-2011-5099 (SQL injection vulnerability in helper/popup.php in the
ccNewsletter ...)
 	TODO: check
 CVE-2012-4283 (Cross-site scripting (XSS) vulnerability in the Login With Ajax
plugin ...)
-	TODO: check
+	NOT-FOR-US: Login With Ajax plugin for Wordpress
 CVE-2012-4282 (SQL injection vulnerability in photo.php in Trombinoscope 3.5
allows ...)
 	NOT-FOR-US: Trombinoscope 3.5
 CVE-2012-4281 (Multiple SQL injection vulnerabilities in Travelon Express 6.2.2
allow ...)
@@ -740,7 +740,8 @@
 CVE-2012-4278 (Multiple cross-site scripting (XSS) vulnerabilities in Free
Realty ...)
 	NOT-FOR-US: Free Realty
 CVE-2012-4277 (Cross-site scripting (XSS) vulnerability in the ...)
-	TODO: check
+	- smarty3 <unfixed>
+	TODO: check smarty 2 and embedded copies
 CVE-2012-4276 (Unspecified vulnerability in Hitachi IT Operations Director
02-50-01 ...)
 	NOT-FOR-US: Hitachi IT Operations Director
 CVE-2012-4275 (Cross-site scripting (XSS) vulnerability in Hitachi IT
Operations ...)
@@ -748,7 +749,7 @@
 CVE-2012-4274 (Unspecified vulnerability in Hitachi Cobol GUI Option 06-00,
06-01 ...)
 	NOT-FOR-US: Hitachi Cobol GUI Option
 CVE-2012-4273 (Cross-site scripting (XSS) vulnerability in libs/xing.php in the
2 ...)
-	TODO: check
+	NOT-FOR-US: 2 Click Social Media Buttons plugin for Wordpress
 CVE-2012-4272 (Multiple cross-site scripting (XSS) vulnerabilities in the 2
Click ...)
 	TODO: check
 CVE-2012-4271 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
Secure testing commits - Aug 2012 - r20027 - data/CVE

[Secure-testing-commits] r20027 - data/CVE
