Normalize NFUs for Cisco products

The previous attempt at separating things was rather inconsistent,
which is no surprise given Cisco's product portfolio.  Some of the CVE
split decisions do not obey product boundaries, either
(e.g. CVE-2004-1775).


git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@5783 e39458fd-73e7-0310-bf30-c45bca0a0e42

7 files changed, 75 insertions, 75 deletions

diff --git a/data/CVE/1999.list b/data/CVE/1999.list
index a304721e70..227faa235b 100644
--- a/data/CVE/1999.list
+++ b/data/CVE/1999.list
@@ -18,7 +18,7 @@ CVE-1999-1584 (Unknown vulnerability in (1) loadmodule, and (2) modload if modlo
 CVE-1999-1583 (Buffer overflow in nslookup for AIX 4.3 allows local users to execute ...)
 	NOT-FOR-US: AIX
 CVE-1999-1582 (By design, the "established" command on the Cisco PIX firewall allows ...)
-	NOT-FOR-US: Cisco PIX
+	NOT-FOR-US: Cisco
 CVE-1999-1581 (Memory leak in Simple Network Management Protocol (SNMP) agent ...)
 	NOT-FOR-US: Windows
 CVE-1999-1580 (SunOS sendmail 5.59 through 5.65 uses popen to process a forwarding ...)
diff --git a/data/CVE/2002.list b/data/CVE/2002.list
index f58c7da50c..bebb45a494 100644
--- a/data/CVE/2002.list
+++ b/data/CVE/2002.list
@@ -1848,7 +1848,7 @@ CVE-2002-1192 (Multiple buffer overflows in rogue on NetBSD 1.6 and earlier, Fre
 CVE-2002-1191 (The Sabserv client component in Sabre Desktop Reservation Software 4.2 ...)
 	NOT-FOR-US: Sabre Desktop
 CVE-2002-1190 (Cisco Unity 2.x and 3.x uses well-known default user accounts, which ...)
-	NOT-FOR-US: Cisco IOS
+	NOT-FOR-US: Cisco
 CVE-2002-1181 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
 	NOT-FOR-US: Microsoft IIS
 CVE-2002-1177 (Multiple buffer overflows in Winamp 3.0, when displaying an MP3 in the ...)
@@ -2563,7 +2563,7 @@ CVE-2002-1494 (Cross-site scripting (XSS) vulnerabilities in Aestiva HTML/OS all
 CVE-2002-1493 (Cross-site scripting (XSS) vulnerability in Lycos HTMLGear guestbook ...)
 	NOT-FOR-US: Lycos
 CVE-2002-1491 (The Cisco VPN 5000 Client for MacOS before 5.2.2 records the most ...)
-	NOT-FOR-US: Cisco VPN 5000 Client for MacOS
+	NOT-FOR-US: Cisco
 CVE-2002-1490 (NetBSD 1.4 through 1.6 beta allows local users to cause a denial of ...)
 	NOT-FOR-US: NetBSD
 CVE-2002-1479 (Cacti before 0.6.8 stores a MySQL username and password in plaintext ...)
@@ -2591,7 +2591,7 @@ CVE-2002-1463 (Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2
 CVE-2002-1448 (An undocumented SNMP read/write community string ('NoGaH$@!') in Avaya ...)
 	NOT-FOR-US: Avaya P330, P130, and M770-ATM Cajun products
 CVE-2002-1447 (Buffer overflow in the vpnclient program for UNIX VPN Client before ...)
-	NOT-FOR-US: Cisco vpn client for UNIX
+	NOT-FOR-US: Cisco
 CVE-2002-1446 (The error checking routine used for the C_Verify call on a symmetric ...)
 	NOT-FOR-US: nCipher PKCS#11 library
 CVE-2002-1443 (The Google toolbar 1.1.58 and earlier allows remote web sites to ...)
diff --git a/data/CVE/2003.list b/data/CVE/2003.list
index 52c20d6e5c..6839cadb42 100644
--- a/data/CVE/2003.list
+++ b/data/CVE/2003.list
@@ -701,7 +701,7 @@ CVE-2003-0984 (Real time clock (RTC) routines in Linux kernel 2.4.23 and earlier
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.2)
 	- kernel-source-2.4.27 <not-affected> (Fixed before upload into archive; 2.4.24-rc1)
 CVE-2003-0983 (Cisco Unity on IBM servers is shipped with default settings that ...)
-	NOT-FOR-US: Cisco Unity on IBM servers
+	NOT-FOR-US: Cisco
 CVE-2003-0982 (Buffer overflow in the authentication module for Cisco ACNS 4.x before ...)
 	NOT-FOR-US: Cisco
 CVE-2003-0981 (FreeScripts VisitorBook LE (visitorbook.pl) logs the reverse DNS name ...)
@@ -1749,7 +1749,7 @@ CVE-2003-0513 (Microsoft Internet Explorer allows remote attackers to bypass int
 CVE-2003-0512 (Cisco IOS 12.2 and earlier generates a &quot;% Login invalid&quot; message ...)
 	NOT-FOR-US: Cisco
 CVE-2003-0511 (The web server for Cisco Aironet AP1x00 Series Wireless devices ...)
-	NOT-FOR-US: Cisco Aironet AP1x00 Series Wireless devices
+	NOT-FOR-US: Cisco
 CVE-2003-0510 (Format string vulnerability in ezbounce 1.0 through 1.50 allows remote ...)
 	NOT-FOR-US: ezbounce
 CVE-2003-0509 (SQL injection vulnerability in Cyberstrong eShop 4.2 and earlier ...)
diff --git a/data/CVE/2004.list b/data/CVE/2004.list
index 860f22e67b..6e85ac0790 100644
--- a/data/CVE/2004.list
+++ b/data/CVE/2004.list
@@ -2820,7 +2820,7 @@ CVE-2004-1324 (The Microsoft Windows Media Player 9.0 ActiveX control may allow
 CVE-2004-1323 (Multiple syscalls in the compat subsystem for NetBSD before 2.0 allow ...)
 	NOT-FOR-US: Netbsd
 CVE-2004-1322 (Cisco Unity 2.x, 3.x, and 4.x, when integrated with Microsoft ...)
-	NOT-FOR-US: Microsoft/Cisco
+	NOT-FOR-US: Cisco
 CVE-2004-1321 (The configuration backup in Asante FM2008 running firmware 1.06 stores ...)
 	NOT-FOR-US: Asante FM2008
 CVE-2004-1320 (Asante FM2008 running firmware 1.06 is shipped with a default username ...)
@@ -5139,7 +5139,7 @@ CVE-2004-0393 (Format string vulnerability in the msg function for rlpr daemon .
 CVE-2004-0392 (racoon before 20040407b allows remote attackers to cause a denial of ...)
 	- apache 1.3.31-2
 CVE-2004-0391 (Cisco Wireless LAN Solution Engine (WLSE) 2.0 through 2.5 and Hosting ...)
-	NOT-FOR-US: Cisco Wireless LAN Solution Engine
+	NOT-FOR-US: Cisco
 CVE-2004-0390 (SCO OpenServer 5.0.5 through 5.0.7 only supports Xauthority style ...)
 	NOT-FOR-US: SCO OpenServer
 CVE-2004-0389 (RealNetworks Helix Universal Server 9.0.1 and 9.0.2 allows remote ...)
@@ -5416,7 +5416,7 @@ CVE-2004-0246 (Multiple PHP remote file inclusion vulnerabilities in (1) ...)
 CVE-2004-0245 (Web Crossing 4.x and 5.x allows remote attackers to cause a denial of ...)
 	NOT-FOR-US: Web Crossing
 CVE-2004-0244 (Cisco 6000, 6500, and 7600 series systems with Multilayer Switch ...)
-	NOT-FOR-US: Cisco Systems
+	NOT-FOR-US: Cisco
 CVE-2004-0243 (AIX 4.3.3 through AIX 5.1, when direct remote login is disabled, ...)
 	NOT-FOR-US: AIX
 CVE-2004-0242 (X-Cart 3.4.3 allows remote attackers to gain sensitive information via ...)
@@ -5763,7 +5763,7 @@ CVE-2004-0055 (The print_attr_string function in print-radius.c for tcpdump 3.8.
 	- tcpdump 3.8.3-1
 	NOTE: Upstream version 3.8.3 is fixed; may have been fixed earlier.
 CVE-2004-0054 (Multiple vulnerabilities in the H.323 protocol implementation for ...)
-	NOT-FOR-US: Cisco IOS
+	NOT-FOR-US: Cisco
 CVE-2004-0053 (Multiple content security gateway and antivirus products allow remote ...)
 	NOT-FOR-US: Multiple security gateways MIME parsing stuff
 CVE-2004-0052 (Multiple content security gateway and antivirus products allow remote ...)
diff --git a/data/CVE/2005.list b/data/CVE/2005.list
index 91fd357ba5..204ca12a29 100644
--- a/data/CVE/2005.list
+++ b/data/CVE/2005.list
@@ -1303,7 +1303,7 @@ CVE-2005-4260 (Interpretation conflict in includes/mainfile.php in PHP-Nuke 7.9
 CVE-2005-4259 (Multiple SQL injection vulnerabilities in ASPBB 0.4 allow remote ...)
 	NOT-FOR-US: ASPBB
 CVE-2005-4258 (Unspecified Cisco Catalyst Switches allow remote attackers to cause a ...)
-	NOT-FOR-US: Cisco hardware
+	NOT-FOR-US: Cisco
 CVE-2005-4257 (Linksys WRT54GS and BEFW11S4 allows remote attackers to cause a denial ...)
 	NOT-FOR-US: Linksys hardware
 CVE-2005-4256 (Cross-site scripting (XSS) vulnerability in forum.asp in ASP-DEV XM ...)
@@ -2096,7 +2096,7 @@ CVE-2005-3888 (Memory leak in Gadu-Gadu 7.20 allows remote attackers to cause a
 CVE-2005-3887 (Gadu-Gadu 7.20 does not properly handle MS-DOS device names in ...)
 	NOT-FOR-US: Gadu-Gadu
 CVE-2005-3886 (Unspecified vulnerability in Cisco Security Agent (CSA) 4.5.0 and ...)
-	NOT-FOR-US: Cisco Security Agent
+	NOT-FOR-US: Cisco
 CVE-2005-3885 (The ps2epsi extension shell script (ps2epsi.sh) in Inkscape before ...)
 	{DSA-916-1}
 	- inkscape 0.42-1 (bug #321501; low)
@@ -2258,9 +2258,9 @@ CVE-2005-3806 (The IPv6 flow label handling code (ip6_flowlabel.c) in Linux kern
 CVE-2005-3805 (A locking problem in POSIX timer cleanup handling on exit in Linux ...)
 	- linux-2.6 2.6.14-1 (medium)
 CVE-2005-3804 (Cisco IP Phone (VoIP) 7920 1.0(8) listens to UDP port 17185 to support ...)
-	NOT-FOR-US: Cisco hardware
+	NOT-FOR-US: Cisco
 CVE-2005-3803 (Cisco IP Phone (VoIP) 7920 1.0(8) contains certain hard-coded ...)
-	NOT-FOR-US: Cisco hardware
+	NOT-FOR-US: Cisco
 CVE-2005-3802 (Belkin F5D7232-4 and F5D7230-4 wireless routers with firmware 4.03.03 ...)
 	NOT-FOR-US: Belkin hardware
 CVE-2005-3801 (CounterPane PasswordSafe 1.x and 2.x allows local users to test ...)
@@ -2292,7 +2292,7 @@ CVE-2005-3790 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
 CVE-2005-3789 (Multiple directory traversal vulnerabilities in phpwcms 1.2.5 allow ...)
 	NOT-FOR-US: phpwcms
 CVE-2005-3788 (Race condition in Cisco Adaptive Security Appliance (ASA) 7.0(0), ...)
-	NOT-FOR-US: Cisco appliance
+	NOT-FOR-US: Cisco
 CVE-2005-3787 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin ...)
 	{DSA-880-1}
 	- phpmyadmin 4:2.6.4-pl4-1 (bug #360726)
@@ -2332,7 +2332,7 @@ CVE-2005-3776 (Multiple cross-site scripting (XSS) vulnerabilities in MyBulletin
 CVE-2005-3775 (PHP remote file inclusion vulnerability in pollvote.php in PollVote ...)
 	NOT-FOR-US: PollVote
 CVE-2005-3774 (Cisco PIX 6.3 and 7.0 allows remote attackers to cause a denial of ...)
-	NOT-FOR-US: Cisco hardware
+	NOT-FOR-US: Cisco
 CVE-2005-3773 (Unspecified vulnerability in Joomla! before 1.0.4 has unknown impact ...)
 	NOT-FOR-US: Joomla
 CVE-2005-3772 (Multiple SQL injection vulnerabilities in Joomla! before 1.0.4 allow ...)
@@ -2530,7 +2530,7 @@ CVE-2005-3671 (The Internet Key Exchange version 1 (IKEv1) implementation in Ope
 CVE-2005-3670 (Multiple unspecified vulnerabilities in the Internet Key Exchange ...)
 	NOT-FOR-US: HP-UX's IKE implementation
 CVE-2005-3669 (Multiple unspecified vulnerabilities in the Internet Key Exchange ...)
-	NOT-FOR-US: Cisco's IKE implementation
+	NOT-FOR-US: Cisco
 CVE-2005-3668 (Multiple buffer overflows in multiple unspecified implementations of ...)
 	NOT-FOR-US: Just a "meta CVE" for all the IKE issues, will possibly be rejected
 CVE-2005-3667 (Multiple unspecified vulnerabilities in multiple unspecified ...)
@@ -3049,7 +3049,7 @@ CVE-2005-3501 (The cabd_find function in cabd.c of the the libmspack library (ms
 	{DSA-887-1 DTSA-21-1}
 	- clamav 0.87.1-1 (medium)
 CVE-2005-3482 (Cisco 1200, 1131, and 1240 series Access Points, when operating in ...)
-	NOT-FOR-US: Cisco hardware
+	NOT-FOR-US: Cisco
 CVE-2005-3481 (Cisco IOS 12.0 to 12.4 might allow remote attackers to execute ...)
 	NOT-FOR-US: IOS
 CVE-2005-3480 (login.asp in Ringtail CaseBook 6.1.0 displays different error messages ...)
@@ -3161,7 +3161,7 @@ CVE-2005-3428 (Cross-site scripting (XSS) vulnerability in Rockliffe MailSite Ex
 CVE-2005-3427 (The Cisco Management Center (MC) for IPS Sensors (IPS MC) 2.1 can omit ...)
 	NOT-FOR-US: IPS Sensors
 CVE-2005-3426 (Cisco CSS 11500 Content Services Switch (CSS) with SSL termination ...)
-	NOT-FOR-US: Cisco hardware
+	NOT-FOR-US: Cisco
 CVE-2005-3425 (Cross-site scripting (XSS) vulnerability in GNUMP3D before 2.9.6 ...)
 	{DSA-877-1}
 	- gnump3d 2.9.6-1
@@ -6205,13 +6205,13 @@ CVE-2005-2246 (Multiple PHP remote file inclusion vulnerabilities in iPhotoAlbum
 CVE-2005-2245 (Unknown vulnerability in F5 BIG-IP 9.0.2 through 9.1 allows attackers ...)
 	NOT-FOR-US: BIG-IP
 CVE-2005-2244 (The aupair service (aupair.exe) in Cisco CallManager (CCM) 3.2 and ...)
-	NOT-FOR-US: Cisco CallManager
+	NOT-FOR-US: Cisco
 CVE-2005-2243 (Memory leak in inetinfo.exe in Cisco CallManager (CCM) 3.2 and ...)
-	NOT-FOR-US: Cisco CallManager
+	NOT-FOR-US: Cisco
 CVE-2005-2242 (Cisco CallManager (CCM) 3.2 and earlier, 3.3 before 3.3(5), 4.0 before ...)
-	NOT-FOR-US: Cisco CallManager
+	NOT-FOR-US: Cisco
 CVE-2005-2241 (Cisco CallManager (CCM) 3.2 and earlier, 3.3 before 3.3(5), 4.0 before ...)
-	NOT-FOR-US: Cisco CallManager
+	NOT-FOR-US: Cisco
 CVE-2005-2240 (xpvm.tcl in xpvm 1.2.5 allows local users to overwrite arbitrary files ...)
 	{DSA-1003-1}
 	- xpvm 1.2.5-8 (bug #318285; medium)
@@ -6932,7 +6932,7 @@ CVE-2005-1944 (xmysqladmin 1.0 and earlier allows local users to delete arbitrar
 CVE-2005-1943 (Multiple SQL injection vulnerabilities in Loki download manager 2.0 ...)
 	NOT-FOR-US: Loki download manager
 CVE-2005-1942 (Cisco switches that support 802.1x security allow remote attackers to ...)
-	NOT-FOR-US: Cisco hardware issue
+	NOT-FOR-US: Cisco
 CVE-2005-1941 (SilverCity before 0.9.5-r1 installs (1) cgi-styler-form.py, (2) ...)
 	NOT-FOR-US: SilverCity
 CVE-2005-1940
@@ -9209,7 +9209,7 @@ CVE-2005-0945 (Cross-site scripting (XSS) vulnerability in ACS Blog 1.1.1 allows
 CVE-2005-0944 (Unknown vulnerability in Microsoft Jet DB engine (msjet40.dll) ...)
 	NOT-FOR-US: Microsoft
 CVE-2005-0943 (Cisco VPN 3000 series Concentrator running firmware 4.1.7.A and ...)
-	NOT-FOR-US: Cisco Hardware issue
+	NOT-FOR-US: Cisco
 CVE-2005-0942 (The XP Server process (xp_server) in Sybase Adaptive Server Enterprise ...)
 	NOT-FOR-US: Sybase ASE
 CVE-2005-0941 (The StgCompObjStream::Load function in OpenOffice.org OpenOffice 1.1.4 ...)
@@ -10918,7 +10918,7 @@ CVE-2005-0188 (Format string vulnerability in the SetBaseURL function in AtHoc .
 CVE-2005-0187 (Stack-based buffer overflow in the SetSkin function in AtHoc toolbar ...)
 	NOT-FOR-US: AtHoc toolbar
 CVE-2005-0186 (Cisco IOS 12.1YD, 12.2T, 12.3 and 12.3T, when configured for the IOS ...)
-	NOT-FOR-US: CIsco
+	NOT-FOR-US: Cisco
 CVE-2005-0185 (Stack-based buffer overflow in NodeManager Professional 2.00 allows ...)
 	NOT-FOR-US: NodeManager Professional
 CVE-2005-0184 (Directory traversal vulnerability in ftpfile in the Vacation plugin ...)
diff --git a/data/CVE/2006.list b/data/CVE/2006.list
index cd2a22108b..2cd50394d7 100644
--- a/data/CVE/2006.list
+++ b/data/CVE/2006.list
@@ -3574,7 +3574,7 @@ CVE-2006-5555 (PHP remote file inclusion vulnerability in constantes.inc.php in
 CVE-2006-5554 (Directory traversal vulnerability in index.php in Imageview 5 allows ...)
 	NOT-FOR-US: Imageview
 CVE-2006-5553 (Cisco Security Agent (CSA) for Linux 4.5 before 4.5.1.657 and 5.0 ...)
-	NOT-FOR-US: Cisco Security Agent
+	NOT-FOR-US: Cisco
 CVE-2006-5552 (Multiple heap-based buffer overflows in RevilloC MailServer 1.21 and ...)
 	NOT-FOR-US: RevilloC MailServer
 CVE-2006-5551 (Stack-based buffer overflow in QK SMTP 3.01 and earlier might allow ...)
@@ -7693,11 +7693,11 @@ CVE-2006-3736 (PHP remote file inclusion vulnerability in core/videodb.class.xml
 CVE-2006-3735 (Multiple PHP remote file inclusion vulnerabilities in Mail2Forum ...)
 	NOT-FOR-US: Mail2Forum
 CVE-2006-3734 (Multiple unspecified vulnerabilities in the Command Line Interface ...)
-	NOT-FOR-US: CS-MARS
+	NOT-FOR-US: Cisco
 CVE-2006-3733 (jmx-console/HtmlAdaptor in the jmx-console in the JBoss web ...)
-	NOT-FOR-US: Cisco / JBoss
+	NOT-FOR-US: Cisco
 CVE-2006-3732 (Cisco Security Monitoring, Analysis and Response System (CS-MARS) ...)
-	NOT-FOR-US: CS-MARS
+	NOT-FOR-US: Cisco
 CVE-2006-3731 (Mozilla Firefox 1.5.0.4 and earlier allows remote user-assisted ...)
 	- firefox 1.5.dfsg+1.5.0.6-1 (bug #379050; low)
 	[sarge] - mozilla-firefox <not-affected> (Unreproducible on Sarge)
@@ -8794,7 +8794,7 @@ CVE-2006-3228 (Buffer overflow in in_midi.dll for WinAmp 2.90 up to 5.23, includ
 CVE-2006-3227 (Interpretation conflict between Internet Explorer and other web ...)
 	NOT-FOR-US: Internet Explorer
 CVE-2006-3226 (Cisco Secure Access Control Server (ACS) 4.x for Windows uses the ...)
-	NOT-FOR-US: Cisco Secure Access Control Server
+	NOT-FOR-US: Cisco
 CVE-2006-3225 (Cross-site scripting (XSS) vulnerability in Sun ONE Application Server ...)
 	NOT-FOR-US: Sun ONE Application Server
 CVE-2006-3224 (Apple Safari 2.0.3 (417.9.3) on Mac OS X 10.4.6 allows remote ...)
@@ -9047,7 +9047,7 @@ CVE-2006-3111 (Multiple SQL injection vulnerabilities in main.php in Chipmailer
 CVE-2006-3110 (Cross-site scripting (XSS) vulnerability in main.php in Chipmailer ...)
 	NOT-FOR-US: Chipmailer
 CVE-2006-3109 (Cross-site scripting (XSS) vulnerability in Cisco CallManager 3.3 ...)
-	NOT-FOR-US: Cisco CallManager
+	NOT-FOR-US: Cisco
 CVE-2006-3108 (Cross-site scripting (XSS) vulnerability in EmailArchitect Email ...)
 	NOT-FOR-US: EmailArchitect
 CVE-2006-3107 (Multiple PHP remote file inclusion vulnerabilities in Docebo 3.0.3 and ...)
@@ -9063,7 +9063,7 @@ CVE-2006-3103 (Cross-site scripting (XSS) vulnerability in Bitweaver 1.3 allows
 CVE-2006-3102 (Race condition in articles/BitArticle.php in Bitweaver 1.3, when run ...)
 	NOT-FOR-US: Bitweaver
 CVE-2006-3101 (Cross-site scripting (XSS) vulnerability in LogonProxy.cgi in Cisco ...)
-	NOT-FOR-US: Cisco Secure ACS
+	NOT-FOR-US: Cisco
 CVE-2006-3099
 	RESERVED
 CVE-2006-3098
@@ -9127,7 +9127,7 @@ CVE-2006-3075 (Multiple PHP remote file inclusion vulnerabilities in PictureDis
 CVE-2006-3074 (klif.sys in Kaspersky Anti-Virus 6.0.0.300 and earlier, Internet ...)
 	NOT-FOR-US: Several Kaspersky products
 CVE-2006-3073 (Multiple cross-site scripting (XSS) vulnerabilities in the WebVPN ...)
-	NOT-FOR-US: Cisco VPN products
+	NOT-FOR-US: Cisco
 CVE-2006-3072 (M4 Macro Library in Symantec Security Information Manager before ...)
 	NOT-FOR-US: Symantec Security Information Manager
 CVE-2006-3071 (Cross-site scripting (XSS) vulnerability in index.php in MP3 ...)
@@ -10038,7 +10038,7 @@ CVE-2006-2681 (PHP remote file inclusion vulnerability in SocketMail Lite and Pr
 CVE-2006-2680 (Cross-site scripting (XSS) vulnerability in index.php in AZ Photo ...)
 	NOT-FOR-US: AZ Photo Album
 CVE-2006-2679 (Unspecified vulnerability in the VPN Client for Windows Graphical User ...)
-	NOT-FOR-US: Cisco VPN Client
+	NOT-FOR-US: Cisco
 CVE-2006-2678 (Multiple cross-site scripting (XSS) vulnerabilities in Pre News ...)
 	NOT-FOR-US: Pre News Manager
 CVE-2006-2677 (SiteScape Forum 7.2 and possibly earlier stores the avf.rc ...)
@@ -12392,11 +12392,11 @@ CVE-2006-1674 (Cross-site scripting (XSS) vulnerability in search.php in ...)
 CVE-2006-1673 (Cross-site scripting (XSS) vulnerability in vbugs.php in Dark_Wizard ...)
 	NOT-FOR-US: Dark_Wizard vBug Tracker
 CVE-2006-1672 (The installation of Cisco Transport Controller (CTC) for Cisco Optical ...)
-	NOT-FOR-US: Cisco Optical Networking
+	NOT-FOR-US: Cisco
 CVE-2006-1671 (Control cards for Cisco Optical Networking System (ONS) 15000 series ...)
-	NOT-FOR-US: Cisco Optical Networking
+	NOT-FOR-US: Cisco
 CVE-2006-1670 (Control cards for Cisco Optical Networking System (ONS) 15000 series ...)
-	NOT-FOR-US: Cisco Optical Networking
+	NOT-FOR-US: Cisco
 CVE-2006-1669 (SQL injection vulnerability in chat/messagesL.php3 in phpHeaven Team ...)
 	NOT-FOR-US: PHPMyChat
 CVE-2006-1668 (newimage.php in Eric Gerdes Crafty Syntax Image Gallery (CSIG) (aka ...)
@@ -15077,7 +15077,7 @@ CVE-2006-0485 (The TCL shell in Cisco IOS 12.2(14)S before 12.2(14)S16, 12.2(18)
 CVE-2006-0484 (Directory traversal vulnerability in Vis.pl, as part of the FACE ...)
 	NOT-FOR-US: FACE CONTROL product
 CVE-2006-0483 (Cisco VPN 3000 series concentrators running software 4.7.0 through ...)
-	NOT-FOR-US: Cisco VPN 3000
+	NOT-FOR-US: Cisco
 CVE-2006-0482 (Linux kernel 2.6.15.1 and earlier, when running on SPARC ...)
 	{DSA-1017-1}
 	- linux-2.6 2.6.15-4
@@ -15336,9 +15336,9 @@ CVE-2006-0369 (** DISPUTED ** ...)
 	- mysql-dfsg-4.1 <unfixed> (unimportant)
 	NOTE: This isn't a security hole, it's expected behaviour
 CVE-2006-0368 (Cisco CallManager 3.2 and earlier, 3.3 before 3.3(5)SR1, 4.0 before ...)
-	NOT-FOR-US: Cisco CallManager
+	NOT-FOR-US: Cisco
 CVE-2006-0367 (Unspecified vulnerability in Cisco CallManager 3.2 and earlier, 3.3 ...)
-	NOT-FOR-US: Cisco CallManager
+	NOT-FOR-US: Cisco
 CVE-2006-0366 (Cross-site scripting (XSS) vulnerability in Phpclanwebsite (aka PCW) ...)
 	NOT-FOR-US: Phpclanwebsite
 CVE-2006-0365 (Cross-site scripting (XSS) vulnerability in XMB (aka extreme message ...)
@@ -15364,7 +15364,7 @@ CVE-2006-0356 (Ari Pikivirta Home Ftp Server 1.0.7 allows remote attackers to ca
 CVE-2006-0355 (Helmsman Research (aka CoolUtils) HomeFtp 1.1 allows remote attackers ...)
 	NOT-FOR-US: Helmsman Research (aka CoolUtils) HomeFtp
 CVE-2006-0354 (Cisco IOS before 12.3-7-JA2 on Aironet Wireless Access Points (WAP) ...)
-	NOT-FOR-US: Cisco IOS
+	NOT-FOR-US: Cisco
 CVE-2006-0352 (The default configuration of Fluffington FLog 1.01 installs ...)
 	NOT-FOR-US: Fluffington FLog
 CVE-2006-0351 (Unspecified &quot;critical denial-of-service vulnerability&quot; in MyDNS before ...)
@@ -15394,7 +15394,7 @@ CVE-2006-0342 (RockLiffe MailSite HTTP Mail management agent (httpma) 7.0.3.1 al
 CVE-2006-0341 (Cross-site scripting (XSS) vulnerability in WCONSOLE.DLL in Rockliffe ...)
 	NOT-FOR-US: RockLiffe MailSite
 CVE-2006-0340 (Unspecified vulnerability in Stack Group Bidding Protocol (SGBP) ...)
-	NOT-FOR-US: Cisco IOS
+	NOT-FOR-US: Cisco
 CVE-2006-0339 (Buffer overflow in BitComet Client 0.60 allows remote attackers to ...)
 	NOT-FOR-US: BitComet
 CVE-2006-0338 (Multiple F-Secure Anti-Virus products and versions for Windows and ...)
@@ -15790,11 +15790,11 @@ CVE-2006-0183 (Direct static code injection vulnerability in edit.php in ACal ..
 CVE-2006-0182 (login.php in ACal Calendar Project 2.2.5 allows remote attackers to ...)
 	NOT-FOR-US: ACal Calendar Project
 CVE-2006-0181 (Cisco Security Monitoring, Analysis and Response System (CS-MARS) ...)
-	NOT-FOR-US: Cisco CS-MARS
+	NOT-FOR-US: Cisco
 CVE-2006-0180 (Cross-site scripting (XSS) vulnerability in CaLogic Calendars 1.2.2 ...)
 	NOT-FOR-US: CaLogic Calendars
 CVE-2006-0179 (The Cisco IP Phone 7940 allows remote attackers to cause a denial of ...)
-	NOT-FOR-US: Cisco IP Phone
+	NOT-FOR-US: Cisco
 CVE-2006-0178 (Format string vulnerability in /bin/ftp in UNICOS 9.0.2.2 allows local ...)
 	NOT-FOR-US: Cray UNICOS
 CVE-2006-0177 (Multiple buffer overflows in Cray UNICOS 9.0.2.2 might allow local ...)
diff --git a/data/CVE/2007.list b/data/CVE/2007.list
index 5616bb9efc..0ff11c22e5 100644
--- a/data/CVE/2007.list
+++ b/data/CVE/2007.list
@@ -32,11 +32,11 @@ CVE-2007-2466 (Unspecified vulnerability in the LDAP Software Development Kit (S
 CVE-2007-2465 (Unspecified vulnerability in Sun Solaris 9, when Solaris Auditing ...)
 	NOT-FOR-US: Sun Solaris
 CVE-2007-2464 (Race condition in Cisco Adaptive Security Appliance (ASA) and PIX 7.1 ...)
-	NOT-FOR-US: CIsco
+	NOT-FOR-US: Cisco
 CVE-2007-2463 (Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) ...)
-	NOT-FOR-US: CIsco
+	NOT-FOR-US: Cisco
 CVE-2007-2462 (Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) ...)
-	NOT-FOR-US: CIsco
+	NOT-FOR-US: Cisco
 CVE-2007-2461 (The DHCP relay agent in Cisco Adaptive Security Appliance (ASA) and ...)
 	NOT-FOR-US: Cisco
 CVE-2007-2460 (PHP remote file inclusion vulnerability in ...)
@@ -1368,9 +1368,9 @@ CVE-2007-1835 (PHP 4 before 4.4.5 and PHP 5 before 5.2.1, when using an empty se
 	- php5 <unfixed> (unimportant)
 	NOTE: open_basedir bypasses not supported
 CVE-2007-1834 (Cisco Unified CallManager (CUCM) 5.0 before 5.0(4a)SU1 and Cisco ...)
-	NOT-FOR-US: Cisco Unified Presence Server
+	NOT-FOR-US: Cisco
 CVE-2007-1833 (The Skinny Call Control Protocol (SCCP) implementation in Cisco ...)
-	NOT-FOR-US: Cisco Unified CallManager
+	NOT-FOR-US: Cisco
 CVE-2007-1832 (web-app.org WebAPP before 0.9.9.6 allows remote authenticated users to ...)
 	NOT-FOR-US: WebAPP
 CVE-2007-1831 (web-app.org WebAPP before 0.9.9.6 allows remote authenticated users to ...)
@@ -1384,7 +1384,7 @@ CVE-2007-1828 (Multiple cross-site scripting (XSS) vulnerabilities in web-app.or
 CVE-2007-1827 (Multiple unspecified vulnerabilities in form input validation in ...)
 	NOT-FOR-US: WebAPP
 CVE-2007-1826 (Unspecified vulnerability in the IPSec Manager Service for Cisco ...)
-	NOT-FOR-US: Cisco Unified CallManager
+	NOT-FOR-US: Cisco
 CVE-2007-1825 (Buffer overflow in the imap_mail_compose function in PHP 5 before ...)
 	NOTE: Dupe of CVE-2007-0906; Fixed in DSA-1264, php5 5.2.0-9, php4 6:4.4.4-9
 CVE-2007-1824 (Buffer overflow in the php_stream_filter_create function in PHP 5 ...)
@@ -1437,7 +1437,7 @@ CVE-2007-1802 (Cross-site scripting (XSS) vulnerability in MailDwarf 3.01 and ea
 CVE-2007-1801 (Directory traversal vulnerability in inc/lang.php in sBLOG 0.7.3 Beta ...)
 	NOT-FOR-US: sBLOG
 CVE-2007-1800 (Cisco Secure ACS does not require authentication when Cisco Trust ...)
-	NOT-FOR-US: Cisco Secure ACS
+	NOT-FOR-US: Cisco
 CVE-2007-1799 (Directory traversal vulnerability in torrent.cpp in KTorrent before ...)
 	- ktorrent <unfixed> (medium)
 CVE-2007-1798 (Buffer overflow in the drmgr command in IBM AIX 5.2 and 5.3 allows ...)
@@ -2177,7 +2177,7 @@ CVE-2007-1469 (SQL injection vulnerability in gallery.asp in Absolute Image Gall
 CVE-2007-1468 (Cross-site scripting (XSS) vulnerability in IBM Rational ClearQuest ...)
 	NOT-FOR-US: IBM Rational ClearQuest
 CVE-2007-1467 (Multiple cross-site scripting (XSS) vulnerabilities in (1) ...)
-	NOT-FOR-US: Cisco Secure Access Control Server
+	NOT-FOR-US: Cisco
 CVE-2007-1466 (Integer overflow in the the WP6GeneralTextPacket::_readContents ...)
 	- libwpd 0.8.9-1 (medium)
 	[etch] - libwpd 0.8.7-6
@@ -2656,9 +2656,9 @@ CVE-2007-1260 (Stack-based buffer overflow in the connectHandle function in ...)
 CVE-2007-1259 (Multiple unspecified vulnerabilities in WebAPP before 0.9.9.6 have ...)
 	NOT-FOR-US: WebAPP
 CVE-2007-1258 (Unspecified vulnerability in Cisco IOS 12.2SXA, SXB, SXD, and SXF; and ...)
-	NOT-FOR-US: Cisco IOS
+	NOT-FOR-US: Cisco
 CVE-2007-1257 (The Network Analysis Module (NAM) in Cisco Catalyst Series 6000, 6500, ...)
-	NOT-FOR-US: Cisco Catalyst
+	NOT-FOR-US: Cisco
 CVE-2007-1256 (Mozilla Firefox 2.0.0.2 allows remote attackers to spoof the address ...)
 	- iceweasel <unfixed> (medium)
 CVE-2007-1255 (Unrestricted file upload vulnerability in admin.bbcode.php in ...)
@@ -3058,25 +3058,25 @@ CVE-2007-1074 (Multiple buffer overflows in NewsBin Pro 5.33 and NewsBin Pro 4.x
 CVE-2007-1073 (Static code injection vulnerability in install.php in mcRefer allows ...)
 	NOT-FOR-US: mcRefer
 CVE-2007-1072 (The command line interface (CLI) in Cisco Unified IP Phone 7906G, ...)
-	NOT-FOR-US: Cisco Unified IP Phone
+	NOT-FOR-US: Cisco
 CVE-2007-1071 (Integer overflow in the gifGetBandProc function in ImageIO in Apple ...)
 	NOT-FOR-US: Apple ImageIO
 CVE-2007-1069 (The memory management in VMware Workstation before 5.5.4 allows ...)
 	TODO: check
 CVE-2007-1068 (The (1) TTLS CHAP, (2) TTLS MSCHAP, (3) TTLS MSCHAPv2, (4) TTLS PAP, ...)
-	NOT-FOR-US: Cisco Secure Services Client
+	NOT-FOR-US: Cisco
 CVE-2007-1067 (Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and 2.x, ...)
-	NOT-FOR-US: Cisco Secure Services Client
+	NOT-FOR-US: Cisco
 CVE-2007-1066 (Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and 2.x, ...)
-	NOT-FOR-US: Cisco Secure Services Client
+	NOT-FOR-US: Cisco
 CVE-2007-1065 (Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and 2.x, ...)
-	NOT-FOR-US: Cisco Secure Services Client
+	NOT-FOR-US: Cisco
 CVE-2007-1064 (Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and 2.x, ...)
-	NOT-FOR-US: Cisco Secure Services Client
+	NOT-FOR-US: Cisco
 CVE-2007-1063 (The SSH server in Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, ...)
-	NOT-FOR-US: Cisco Unified IP Phone
+	NOT-FOR-US: Cisco
 CVE-2007-1062 (The Cisco Unified IP Conference Station 7935 3.2(15) and earlier, and ...)
-	NOT-FOR-US: Cisco Unified IP Conference Station
+	NOT-FOR-US: Cisco
 CVE-2007-1061 (SQL injection vulnerability in index.php in Francisco Burzi PHP-Nuke ...)
 	NOT-FOR-US: PHP-Nuke
 CVE-2007-1060 (Multiple PHP remote file inclusion vulnerabilities in Interspire ...)
@@ -3307,25 +3307,25 @@ CVE-2007-0970 (Multiple SQL injection vulnerabilities in WebTester 5.0.20060927
 CVE-2007-0969 (Multiple cross-site scripting (XSS) vulnerabilities in WebTester ...)
 	NOT-FOR-US: WebTester
 CVE-2007-0968 (Unspecified vulnerability in Cisco Firewall Services Module (FWSM) ...)
-	NOT-FOR-US: Cisco FWSM
+	NOT-FOR-US: Cisco
 CVE-2007-0967 (Cisco Firewall Services Module (FWSM) 3.x before 3.1(3.1) allows ...)
-	NOT-FOR-US: Cisco FWSM
+	NOT-FOR-US: Cisco
 CVE-2007-0966 (Cisco Firewall Services Module (FWSM) 3.x before 3.1(3.11), when the ...)
-	NOT-FOR-US: Cisco FWSM
+	NOT-FOR-US: Cisco
 CVE-2007-0965 (Cisco FWSM 3.x before 3.1(3.2), when authentication is configured to ...)
-	NOT-FOR-US: Cisco FWSM
+	NOT-FOR-US: Cisco
 CVE-2007-0964 (Cisco FWSM 3.x before 3.1(3.18), when authentication is configured to ...)
-	NOT-FOR-US: Cisco FWSM
+	NOT-FOR-US: Cisco
 CVE-2007-0963 (Unspecified vulnerability in Cisco Firewall Services Module (FWSM) 3.x ...)
-	NOT-FOR-US: Cisco FWSM
+	NOT-FOR-US: Cisco
 CVE-2007-0962 (Cisco PIX 500 and ASA 5500 Series Security Appliances 7.0 before ...)
-	NOT-FOR-US: Cisco PIX
+	NOT-FOR-US: Cisco
 CVE-2007-0961 (Cisco PIX 500 and ASA 5500 Series Security Appliances 6.x before ...)
-	NOT-FOR-US: Cisco PIX
+	NOT-FOR-US: Cisco
 CVE-2007-0960 (Unspecified vulnerability in Cisco PIX 500 and ASA 5500 Series ...)
-	NOT-FOR-US: Cisco PIX
+	NOT-FOR-US: Cisco
 CVE-2007-0959 (Cisco PIX 500 and ASA 5500 Series Security Appliances 7.2.2, when ...)
-	NOT-FOR-US: Cisco PIX
+	NOT-FOR-US: Cisco
 CVE-2007-0958 (Linux kernel 2.6.x before 2.6.20 allows local users to read unreadable ...)
 	{DSA-1286-1}
 	- linux-2.6 2.6.20-1 (unimportant)
@@ -3410,9 +3410,9 @@ CVE-2007-0920 (SQL injection vulnerability in philboard_forum.asp in Philboard 1
 CVE-2007-0919 (Directory traversal vulnerability in Nickolas Grigoriadis Mini Web ...)
 	NOT-FOR-US: MiniWebsvr
 CVE-2007-0918 (The ATOMIC.TCP signature engine in the Intrusion Prevention System ...)
-	NOT-FOR-US: Cisco IOS
+	NOT-FOR-US: Cisco
 CVE-2007-0917 (The Intrusion Prevention System (IPS) feature for Cisco IOS 12.4XE to ...)
-	NOT-FOR-US: Cisco IOS
+	NOT-FOR-US: Cisco
 CVE-2007-0916 (Unspecified vulnerability in the Address and Routing Parameter Area ...)
 	NOT-FOR-US: HP-UX
 CVE-2007-0915 (Distributed SLS daemon (SLSd) on HP-UX B.11.11 allows remote attackers ...)