[Secure-testing-commits] r20259 - data/CVE
Yves-Alexis Perez
corsac at alioth.debian.org
Sun Sep 30 11:59:27 UTC 2012
Author: corsac
Date: 2012-09-30 11:59:27 +0000 (Sun, 30 Sep 2012)
New Revision: 20259
Modified:
data/CVE/list
Log:
add a bunch of NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-09-29 20:38:28 UTC (rev 20258)
+++ data/CVE/list 2012-09-30 11:59:27 UTC (rev 20259)
@@ -59,11 +59,11 @@
CVE-2012-5165
RESERVED
CVE-2012-5164 (Multiple cross-site scripting (XSS) vulnerabilities in Fork CMS before ...)
- TODO: check
+ NOT-FOR-US: Fork CMS
CVE-2012-5163 (Cross-site scripting (XSS) vulnerability in oc-admin/ajax/ajax.php in ...)
- TODO: check
+ NOT-FOR-US: OSClass not in Debian
CVE-2012-5162 (Multiple SQL injection vulnerabilities in oc-admin/ajax/ajax.php in ...)
- TODO: check
+ NOT-FOR-US: OSClass not in Debian
CVE-2012-5161
RESERVED
CVE-2012-5160
@@ -2960,7 +2960,7 @@
CVE-2012-4052 (Multiple cross-site scripting (XSS) vulnerabilities in Jease before ...)
NOT-FOR-US: Jease
CVE-2012-4051 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
- TODO: check
+ NOT-FOR-US: JAMF Casper suite
CVE-2007-6754 (The ipalloc function in libc/stdlib/malloc.c in jemalloc in libc for ...)
NOT-FOR-US: NetBSD/FreeBSD libc
CVE-2006-7252 (Integer overflow in the calloc function in libc/stdlib/malloc.c in ...)
@@ -3045,9 +3045,9 @@
CVE-2012-4018
RESERVED
CVE-2012-4017 (The jigbrowser+ application before 1.5.0 for Android does not properly ...)
- TODO: check
+ NOT-FOR-US: Android application
CVE-2012-4016 (The ATOK application before 1.0.4 for Android allows remote attackers ...)
- TODO: check
+ NOT-FOR-US: Android application
CVE-2012-4015 (Cross-site scripting (XSS) vulnerability in the management screen in ...)
NOT-FOR-US: My Little tool / My little admin SQL server 2000
CVE-2012-4014 (Unspecified vulnerability in McAfee Email Anti-virus (formerly ...)
@@ -8928,7 +8928,7 @@
RESERVED
- libpgjava <not-affected> (Even the version in oldstable had 8.2)
CVE-2012-1617 (Directory traversal vulnerability in combine.php in OSClass before ...)
- TODO: check
+ NOT-FOR-US: OSClass not in Debian
CVE-2012-1616 (Use-after-free vulnerability in icclib before 2.13, as used by Argyll ...)
- argyll 1.4.0-1
NOTE: Starting with 1.4.0 argyll includes icclib 2.13, but it's hard to identify the
More information about the Secure-testing-commits
mailing list