Author: federico-guest
Date: 2011-04-16 17:57:50 +0000 (Sat, 16 Apr 2011)
New Revision: 16532
Modified:
data/CVE/list
Log:
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2011-04-15 21:15:15 UTC (rev 16531)
+++ data/CVE/list 2011-04-16 17:57:50 UTC (rev 16532)
@@ -56,7 +56,7 @@
CVE-2011-1666 (Metaways Tine 2.0 allows remote attackers to obtain sensitive
...)
NOT-FOR-US: Metaways Tine
CVE-2011-1665 (PHPBoost 3.0 stores sensitive information under the web root
with ...)
- TODO: check
+ NOT-FOR-US: PHPBoost
CVE-2011-1664 (Cross-site request forgery (CSRF) vulnerability in Translation
...)
TODO: check
CVE-2011-1663 (SQL injection vulnerability in Translation Management module
6.x ...)
@@ -361,11 +361,11 @@
CVE-2011-1534
RESERVED
CVE-2011-1533 (Cross-site scripting (XSS) vulnerability on the HP Photosmart
D110 and ...)
- TODO: check
+ NOT-FOR-US: HP Photosmart
CVE-2011-1532 (Unspecified vulnerability in the SNMP component on the HP
Photosmart ...)
- TODO: check
+ NOT-FOR-US: HP Photosmart
CVE-2011-1531 (The webscan component in the Embedded Web Server (EWS) on the
HP ...)
- TODO: check
+ NOT-FOR-US: HP Photosmart
CVE-2011-1530
RESERVED
CVE-2011-1529
@@ -1094,47 +1094,47 @@
CVE-2011-1246
RESERVED
CVE-2011-1245 (Microsoft Internet Explorer 6 and 7 does not properly restrict
script ...)
- TODO: check
+ NOT-FOR-US: Microsoft Internet Explorer
CVE-2011-1244 (Microsoft Internet Explorer 6, 7, and 8 does not enforce
intended ...)
- TODO: check
+ NOT-FOR-US: Microsoft Internet Explorer
CVE-2011-1243 (The Windows Messenger ActiveX control in msgsc.dll in Microsoft
...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2011-1242 (Use-after-free vulnerability in win32k.sys in the kernel-mode
drivers ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2011-1241 (Use-after-free vulnerability in win32k.sys in the kernel-mode
drivers ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2011-1240 (Use-after-free vulnerability in win32k.sys in the kernel-mode
drivers ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2011-1239 (Use-after-free vulnerability in win32k.sys in the kernel-mode
drivers ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2011-1238 (Use-after-free vulnerability in win32k.sys in the kernel-mode
drivers ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2011-1237 (Use-after-free vulnerability in win32k.sys in the kernel-mode
drivers ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2011-1236 (Use-after-free vulnerability in win32k.sys in the kernel-mode
drivers ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2011-1235 (Use-after-free vulnerability in win32k.sys in the kernel-mode
drivers ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2011-1234 (Use-after-free vulnerability in win32k.sys in the kernel-mode
drivers ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2011-1233 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP
SP2 and ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2011-1232 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP
SP2 and ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2011-1231 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP
SP2 and ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2011-1230 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP
SP2 and ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2011-1229 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP
SP2 and ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2011-1228 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP
SP2 and ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2011-1227 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP
SP2 and ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2011-1226 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP
SP2 and ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2011-1225 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP
SP2 and ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2011-XXXX [dokuwiki ACL bypass]
- dokuwiki 0.0.20101107a-1 (low)
[squeeze] - dokuwiki <no-dsa> (Minor issue)
@@ -2144,7 +2144,7 @@
CVE-2011-0936
RESERVED
CVE-2011-0935 (The PKI functionality in Cisco IOS 15.0 and 15.1 does not
prevent ...)
- TODO: check
+ NOT-FOR-US: Cisco IOS
CVE-2011-0934
RESERVED
CVE-2011-0933
@@ -2222,11 +2222,11 @@
CVE-2011-0899 (The AES encryption module 7.x-1.4 for Drupal leaves certain
debugging ...)
NOT-FOR-US: AES module for Drupal
CVE-2011-0898 (Cross-site scripting (XSS) vulnerability in HP Network Node
Manager i ...)
- TODO: check
+ NOT-FOR-US: HP Network Node Manager
CVE-2011-0897 (Unspecified vulnerability in HP Network Node Manager i (NNMi)
9.00 ...)
- TODO: check
+ NOT-FOR-US: HP Network Node Manager
CVE-2011-0896 (Unspecified vulnerability in HP NFS/ONCplus B.11.31.10 and
earlier on ...)
- TODO: check
+ NOT-FOR-US: HP-UX
CVE-2011-0895 (Unspecified vulnerability in HP Network Node Manager i (NNMi)
9.0x ...)
NOT-FOR-US: HP Network Node Manager
CVE-2011-0894 (Unspecified vulnerability in HP Operations 9.10 on UNIX
platforms ...)
@@ -2623,7 +2623,7 @@
CVE-2011-0747
RESERVED
CVE-2011-0746 (Cross-site request forgery (CSRF) vulnerability in ...)
- TODO: check
+ NOT-FOR-US: ZyXEL O2 DSL Router
CVE-2011-0745 (SugarCRM before 6.1.3 does not properly handle reloads and
direct ...)
TODO: check
CVE-2011-0744
@@ -2839,51 +2839,51 @@
CVE-2011-0678 (Unrestricted file upload vulnerability in the EasyEdit module
in ...)
NOT-FOR-US: Lomtec ActiveWeb Professional
CVE-2011-0677 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP
SP2 and ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2011-0676 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP
SP2 and ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2011-0675 (Use-after-free vulnerability in win32k.sys in the kernel-mode
drivers ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2011-0674 (Use-after-free vulnerability in win32k.sys in the kernel-mode
drivers ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2011-0673 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP
SP3 ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2011-0672 (Use-after-free vulnerability in win32k.sys in the kernel-mode
drivers ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2011-0671 (Use-after-free vulnerability in win32k.sys in the kernel-mode
drivers ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2011-0670 (Use-after-free vulnerability in win32k.sys in the kernel-mode
drivers ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2011-0669
RESERVED
CVE-2011-0668
RESERVED
CVE-2011-0667 (Use-after-free vulnerability in win32k.sys in the kernel-mode
drivers ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2011-0666 (Use-after-free vulnerability in win32k.sys in the kernel-mode
drivers ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2011-0665 (Use-after-free vulnerability in win32k.sys in the kernel-mode
drivers ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2011-0664
RESERVED
CVE-2011-0663 (Multiple integer overflows in the Microsoft (1) JScript 5.6
through ...)
TODO: check
CVE-2011-0662 (Use-after-free vulnerability in win32k.sys in the kernel-mode
drivers ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2011-0661 (The SMB Server service in Microsoft Windows XP SP2 and SP3,
Windows ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2011-0660 (The SMB client in Microsoft Windows XP SP2 and SP3, Windows
Server ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2011-0659
RESERVED
CVE-2011-0658
RESERVED
CVE-2011-0657 (DNSAPI.dll in the DNS client in Microsoft Windows XP SP2 and
SP3, ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2011-0656 (Microsoft PowerPoint 2002 SP3, 2003 SP3, 2007 SP2, and 2010;
Office ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2011-0655 (Microsoft PowerPoint 2007 SP2 and 2010; Office 2004, 2008, and
2011 ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2011-0654 (Integer underflow in the BowserWriteErrorLogEntry function in
the ...)
NOT-FOR-US: Windows 2003
CVE-2011-0653
@@ -4502,33 +4502,33 @@
CVE-2011-0108
RESERVED
CVE-2011-0107 (Untrusted search path vulnerability in Microsoft Office XP SP3,
Office ...)
- TODO: check
+ NOT-FOR-US: Microsoft Office
CVE-2011-0106
RESERVED
CVE-2011-0105 (Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and
Open XML ...)
- TODO: check
+ NOT-FOR-US: Microsoft Excel
CVE-2011-0104 (Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for
Mac, ...)
- TODO: check
+ NOT-FOR-US: Microsoft Excel
CVE-2011-0103 (Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for
Mac, ...)
- TODO: check
+ NOT-FOR-US: Microsoft Excel
CVE-2011-0102
RESERVED
CVE-2011-0101 (Microsoft Excel 2002 SP3 allows remote attackers to execute
arbitrary ...)
- TODO: check
+ NOT-FOR-US: Microsoft Excel
CVE-2011-0100
RESERVED
CVE-2011-0099
RESERVED
CVE-2011-0098 (Heap-based buffer overflow in Microsoft Excel 2002 SP3, 2003
SP3, 2007 ...)
- TODO: check
+ NOT-FOR-US: Microsoft Excel
CVE-2011-0097 (Integer overflow in Microsoft Excel 2002 SP3, 2003 SP3, 2007
SP2, and ...)
- TODO: check
+ NOT-FOR-US: Microsoft Excel
CVE-2011-0096 (The MHTML protocol handler in Microsoft Windows XP SP2 and SP3,
...)
NOT-FOR-US: Microsoft mhtml
CVE-2011-0095
RESERVED
CVE-2011-0094 (Microsoft Internet Explorer 6 and 7 does not properly handle
objects ...)
- TODO: check
+ NOT-FOR-US: Microsoft Internet Explorer
CVE-2011-0093 (ELEMENTS.DLL in Microsoft Visio 2002 SP2, 2003 SP3, and 2007
SP2 does ...)
NOT-FOR-US: Microsoft Visio
CVE-2011-0092 (The LZW stream decompression functionality in ORMELEMS.DLL in
...)
@@ -4839,7 +4839,7 @@
CVE-2011-0042 (SBE.dll in the Stream Buffer Engine in Windows Media Player and
...)
NOT-FOR-US: Microsoft Windows
CVE-2011-0041 (Integer overflow in gdiplus.dll in GDI+ in Microsoft Windows XP
SP2 ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2011-0040 (The server in Microsoft Active Directory on Windows Server 2003
SP2 ...)
NOT-FOR-US: Microsoft Windows
CVE-2011-0039 (The Local Security Authority Subsystem Service (LSASS) in
Microsoft ...)
@@ -4853,7 +4853,7 @@
CVE-2011-0035 (Microsoft Internet Explorer 6, 7, and 8 does not properly
handle ...)
NOT-FOR-US: Microsoft Internet Explorer
CVE-2011-0034 (Stack-based buffer overflow in the OpenType Compact Font Format
(aka ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2011-0033 (The OpenType Compact Font Format (CFF) driver in Microsoft
Windows XP ...)
NOT-FOR-US: Microsoft Windows
CVE-2011-0032 (Untrusted search path vulnerability in DirectShow in Microsoft
Windows ...)
@@ -4865,7 +4865,7 @@
CVE-2011-0029 (Untrusted search path vulnerability in the client in Microsoft
Remote ...)
NOT-FOR-US: Microsoft
CVE-2011-0028 (WordPad in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2
does ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2011-0027 (Microsoft Data Access Components (MDAC) 2.8 SP1 and SP2, and
Windows ...)
NOT-FOR-US: Microsoft Data Access Components
CVE-2011-0026 (Integer signedness error in the SQLConnectW function in an ODBC
API ...)
@@ -6525,7 +6525,7 @@
CVE-2010-3975 (Untrusted search path vulnerability in Adobe Flash Player 9
allows ...)
NOT-FOR-US: Adobe Flash Player
CVE-2010-3974 (fxscover.exe in the Fax Cover Page Editor in Microsoft Windows
XP SP2 ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2010-3973 (The WMITools ActiveX control in WBEMSingleView.ocx 1.50.1131.0
in ...)
NOT-FOR-US: Microsoft
CVE-2010-3972 (Heap-based buffer overflow in the
TELNET_STREAM_CONTEXT::OnSendData ...)
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
