[Secure-testing-commits] r21894 - data/CVE
Thijs Kinkhorst
thijs at alioth.debian.org
Mon Apr 8 13:09:11 UTC 2013
Author: thijs
Date: 2013-04-08 13:09:11 +0000 (Mon, 08 Apr 2013)
New Revision: 21894
Modified:
data/CVE/list
Log:
nfu, db4o
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-04-08 09:14:25 UTC (rev 21893)
+++ data/CVE/list 2013-04-08 13:09:11 UTC (rev 21894)
@@ -99,7 +99,8 @@
CVE-2013-2717 (Multiple unspecified vulnerabilities in the System Management (aka ...)
NOT-FOR-US: EMC
CVE-2012-6550 (Cross-site scripting (XSS) vulnerability in ZeroClipboard before 1.0.8 ...)
- TODO: check
+ - db4o <unfixed> (unimportant)
+ NOTE: in doc package only
CVE-2013-2716
RESERVED
CVE-2013-2715 (Cross-site scripting (XSS) vulnerability in the admin view in the ...)
@@ -2236,7 +2237,7 @@
[squeeze] - gambas2 <no-dsa> (Minor issue)
NOTE: https://code.google.com/p/gambas/issues/detail?id=365
CVE-2013-1808 (Cross-site scripting (XSS) vulnerability in ZeroClipboard.swf and ...)
- - db4o <unfixed>
+ - db4o <unfixed> (unimportant)
CVE-2013-1807
RESERVED
CVE-2013-1806
@@ -3792,7 +3793,7 @@
CVE-2013-1164
RESERVED
CVE-2013-1163 (Multiple SQL injection vulnerabilities in the device-management ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2013-1162 (The traffic engineering (TE) processing subsystem in Cisco IOS XR ...)
NOT-FOR-US: Cisco
CVE-2013-1161 (The XML parser in the Cisco Jabber IM application for Android allows ...)
@@ -6673,13 +6674,13 @@
CVE-2013-0129
RESERVED
CVE-2013-0128 (The Contact Customer Support feature in the TigerText Free Private ...)
- TODO: check
+ NOT-FOR-US: TigerText
CVE-2013-0127
RESERVED
CVE-2013-0126 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
NOT-FOR-US: Verizon router
CVE-2013-0125 (Cross-site scripting (XSS) vulnerability in fileview.asp in C2 ...)
- TODO: check
+ NOT-FOR-US: C2 WebResource
CVE-2013-0124 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
NOT-FOR-US: ASKIA
CVE-2013-0123 (Multiple SQL injection vulnerabilities in the administration interface ...)
@@ -10649,7 +10650,7 @@
CVE-2012-4862 (The Host Connect emulator in IBM Rational Developer for System z 7.1 ...)
NOT-FOR-US: IBM Rational
CVE-2012-4861 (The web server in InfoSphere Data Replication Dashboard in IBM ...)
- TODO: check
+ NOT-FOR-US: IBM InfoSphere
CVE-2012-4860
RESERVED
CVE-2012-4859 (Unspecified vulnerability in IBM Tivoli Storage Manager for Space ...)
@@ -11176,7 +11177,7 @@
CVE-2012-4711 (Buffer overflow in kingMess.exe 65.20.2003.10300 in WellinTech ...)
NOT-FOR-US: WellinTech KingView
CVE-2012-4710 (Invensys Wonderware Win-XML Exporter 1522.148.0.0 allows remote ...)
- TODO: check
+ NOT-FOR-US: Invensys Wonderware Win-XML Exporter
CVE-2012-4709
RESERVED
CVE-2012-4708 (Stack-based buffer overflow in 3S CODESYS Gateway-Server before ...)
@@ -20605,7 +20606,7 @@
CVE-2012-1039 (Multiple cross-site scripting (XSS) vulnerabilities in Dotclear before ...)
- dotclear 2.4.2+dfsg-1
CVE-2012-1038 (Cross-site scripting (XSS) vulnerability in the WebAAA login ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2012-1037 (PHP remote file inclusion vulnerability in front/popup.php in GLPI ...)
- glpi 0.80.7-1 (bug #659383; unimportant)
[squeeze] - glpi <not-affected> (Introduced in 0.78)
More information about the Secure-testing-commits
mailing list