[Secure-testing-commits] r21980 - data/CVE
Thijs Kinkhorst
thijs at alioth.debian.org
Thu Apr 18 07:18:30 UTC 2013
Author: thijs
Date: 2013-04-18 07:18:29 +0000 (Thu, 18 Apr 2013)
New Revision: 21980
Modified:
data/CVE/list
Log:
nfu
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-04-17 21:22:58 UTC (rev 21979)
+++ data/CVE/list 2013-04-18 07:18:29 UTC (rev 21980)
@@ -2408,8 +2408,9 @@
RESERVED
CVE-2013-1968
RESERVED
-CVE-2013-1967
+CVE-2013-1967 [mediaelement flashmediaelement XSS]
RESERVED
+ NOT-FOR-US: Mediaelement
CVE-2013-1966
RESERVED
CVE-2013-1965
@@ -3651,41 +3652,41 @@
- mysql-5.5 <unfixed>
- mysql-5.1 <removed>
CVE-2013-1510 (Unspecified vulnerability in the Siebel UI Framework component in ...)
- TODO: check
+ NOT-FOR-US: Oracle Siebel
CVE-2013-1509 (Unspecified vulnerability in the Oracle WebCenter Sites component in ...)
- TODO: check
+ NOT-FOR-US: Oracle Fusion
CVE-2013-1508 (Unspecified vulnerability in the Oracle GlassFish Server component in ...)
- TODO: check
+ - glassfish <unfixed>
CVE-2013-1507 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local ...)
- TODO: check
+ NOT-FOR-US: Solaris
CVE-2013-1506 (Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, 5.5.29 ...)
- mysql-5.5 <unfixed>
- mysql-5.1 <removed>
CVE-2013-1505 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking ...)
- TODO: check
+ NOT-FOR-US: Oracle FLEXCUBE
CVE-2013-1504 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
- TODO: check
+ NOT-FOR-US: Oracle Fusion
CVE-2013-1503 (Unspecified vulnerability in the Oracle WebCenter Content component in ...)
- TODO: check
+ NOT-FOR-US: Oracle Fusion
CVE-2013-1502 (Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.9 ...)
- mysql-5.5 <unfixed>
- mysql-5.1 <removed>
CVE-2013-1501 (Unspecified vulnerability in the Oracle iStore component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle E-Business Suite
CVE-2013-1500
RESERVED
CVE-2013-1499 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users ...)
- TODO: check
+ NOT-FOR-US: Solaris
CVE-2013-1498 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local ...)
- TODO: check
+ NOT-FOR-US: Solaris
CVE-2013-1497 (Unspecified vulnerability in the Oracle COREid Access component in ...)
- TODO: check
+ NOT-FOR-US: Oracle Fusion
CVE-2013-1496 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local ...)
- TODO: check
+ NOT-FOR-US: Solaris
CVE-2013-1495 (asr in Oracle Auto Service Request in Oracle Support Tools before ...)
NOT-FOR-US: Oracle Auto Service Request
CVE-2013-1494 (Unspecified vulnerability in Oracle Sun Solaris 10, when running on ...)
- TODO: check
+ NOT-FOR-US: Solaris
CVE-2013-1493 (The color management (CMM) functionality in the 2D component in Oracle ...)
- openjdk-6 6b27-1.12.4-1
- openjdk-7 7u3-2.1.7-1
@@ -6114,7 +6115,7 @@
CVE-2013-0502 (Cross-site scripting (XSS) vulnerability in IBM InfoSphere Information ...)
NOT-FOR-US: IBM InfoSphere Information Server
CVE-2013-0501 (The EdrawSoft EDOFFICE.EDOfficeCtrl.1 ActiveX control, as used in ...)
- TODO: check
+ NOT-FOR-US: IBM Cognos Disclosure Management
CVE-2013-0500
RESERVED
CVE-2013-0499
@@ -6534,35 +6535,35 @@
CVE-2013-0417 (Unspecified vulnerability in the Sun Storage Common Array Manager ...)
NOT-FOR-US: Sun Storage Common Array Manager
CVE-2013-0416 (Unspecified vulnerability in the Siebel Enterprise Application ...)
- TODO: check
+ NOT-FOR-US: Oracle Siebel
CVE-2013-0415 (Unspecified vulnerability in Oracle Sun Solaris 10 allows local users ...)
NOT-FOR-US: Solaris
CVE-2013-0414 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users ...)
NOT-FOR-US: Solaris
CVE-2013-0413 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local ...)
- TODO: check
+ NOT-FOR-US: Solaris
CVE-2013-0412 (Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 ...)
- TODO: check
+ NOT-FOR-US: Solaris
CVE-2013-0411 (Unspecified vulnerability in Oracle Sun Solaris 8, 9, and 10 allows ...)
- TODO: check
+ NOT-FOR-US: Solaris
CVE-2013-0410 (Unspecified vulnerability in the Agile EDM component in Oracle Supply ...)
- TODO: check
+ NOT-FOR-US: Oracle Supply Chain
CVE-2013-0409 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
- openjdk-6 <not-affected> (Specific to Oracle Java, not present in IcedTea)
- openjdk-7 <not-affected> (Specific to Oracle Java, not present in IcedTea)
NOTE: Due to the vague disclosure policy by Oracle the exact nature is unknown but since no patch landed in icedtea, we consider it not-affected
CVE-2013-0408 (Unspecified vulnerability in Oracle Sun Solaris 10 allows local users ...)
- TODO: check
+ NOT-FOR-US: Solaris
CVE-2013-0407 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local ...)
NOT-FOR-US: Solaris
CVE-2013-0406 (Unspecified vulnerability in Oracle Sun Solaris 10 allows remote ...)
- TODO: check
+ NOT-FOR-US: Solaris
CVE-2013-0405 (Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 ...)
- TODO: check
+ NOT-FOR-US: Solaris
CVE-2013-0404 (Unspecified vulnerability in Oracle Sun Solaris 10 allows local users ...)
- TODO: check
+ NOT-FOR-US: Solaris
CVE-2013-0403 (Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 ...)
- TODO: check
+ NOT-FOR-US: Solaris
CVE-2013-0402 (Heap-based buffer overflow in Oracle Java 7 Update 17, and possibly ...)
- openjdk-7 <undetermined>
NOTE: No details currently known
@@ -8629,7 +8630,7 @@
CVE-2012-5938 (The installation process in IBM InfoSphere Information Server 8.1, ...)
NOT-FOR-US: IBM InfoSphere Information Server
CVE-2012-5937 (Unspecified vulnerability in the CLA2 server in IBM Gentran ...)
- TODO: check
+ NOT-FOR-US: IBM Gentran Integration
CVE-2012-5936
RESERVED
CVE-2011-5245 (The readFrom function in providers.jaxb.JAXBXmlTypeProvider in ...)
@@ -10025,7 +10026,7 @@
CVE-2012-5416 (Buffer overflow in Cisco Unified MeetingPlace Web Conferencing before ...)
NOT-FOR-US: Cisco
CVE-2012-5415 (Race condition on Cisco Adaptive Security Appliances (ASA) devices ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2012-5414
RESERVED
CVE-2012-5413
@@ -11416,7 +11417,7 @@
CVE-2012-4830 (Unspecified vulnerability in IBM WebSphere Commerce 6.0 through ...)
NOT-FOR-US: WebSphere
CVE-2012-4829 (IBM XIV Storage System Gen3 before 11.2 relies on a default X.509 v3 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2012-4828
RESERVED
CVE-2012-4827
@@ -13131,7 +13132,7 @@
CVE-2012-4304
RESERVED
CVE-2012-4303 (Unspecified vulnerability in the Oracle WebCenter Content component in ...)
- TODO: check
+ NOT-FOR-US: Oracle Fusion
CVE-2012-4302
RESERVED
CVE-2012-4301 (Unspecified vulnerability in the JavaFX component in Oracle Java SE ...)
@@ -15029,7 +15030,7 @@
CVE-2012-3533 (The python SDK before 3.1.0.6 and CLI before 3.1.0.8 for oVirt 3.1 ...)
NOT-FOR-US: ovirt
CVE-2012-3532 (Cross-site request forgery (CSRF) vulnerability in the GateIn Portal ...)
- TODO: check
+ - jbossas5 <unfixed>
CVE-2012-3531 (Cross-site scripting (XSS) vulnerability in the Install Tool in TYPO3 ...)
{DSA-2537-1}
- typo3-src 4.5.19+dfsg1-1 (bug #685011)
@@ -16346,7 +16347,7 @@
CVE-2012-3023
RESERVED
CVE-2012-3022 (The SaveToFile method in a certain ActiveX control in TrendDisplay.dll ...)
- TODO: check
+ NOT-FOR-US: Canary Labs TrendLink
CVE-2012-3021 (rifsrvd.exe in the Remote Interface Service in GE Intelligent ...)
NOT-FOR-US: GE Intelligent Platforms Proficy Real-Time Information Portal
CVE-2012-3020 (The Siemens Synco OZW Web Server devices OZW672.*, OZW772.*, and ...)
@@ -22448,11 +22449,11 @@
CVE-2012-0571 (Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking ...)
NOT-FOR-US: Oracle Financial Services Software
CVE-2012-0570 (Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 ...)
- TODO: check
+ NOT-FOR-US: Solaris
CVE-2012-0569 (Unspecified vulnerability Oracle Sun Solaris 10 allows local users to ...)
NOT-FOR-US: Oracle Sun Solaris
CVE-2012-0568 (Unspecified vulnerability in Oracle Sun Solaris 8, 9, and 10 allows ...)
- TODO: check
+ NOT-FOR-US: Solaris
CVE-2012-0567 (Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking ...)
NOT-FOR-US: Oracle Financial Services Software
CVE-2012-0566 (Unspecified vulnerability in the Oracle Agile component in Oracle ...)
More information about the Secure-testing-commits
mailing list