[Secure-testing-commits] r24533 - data/CVE

Nico Golde nion at moszumanska.debian.org
Mon Dec 2 23:47:46 UTC 2013 

Author: nion
Date: 2013-12-02 23:47:46 +0000 (Mon, 02 Dec 2013)
New Revision: 24533

Modified:
   data/CVE/list
Log:
NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-12-02 23:31:33 UTC (rev 24532)
+++ data/CVE/list	2013-12-02 23:47:46 UTC (rev 24533)
@@ -1272,7 +1272,7 @@
 CVE-2013-6343
 	RESERVED
 CVE-2013-6342 (Cross-site scripting (XSS) vulnerability in the Tweet Blender plugin ...)
-	TODO: check
+	NOT-FOR-US: Tweet Blender plugin for WP
 CVE-2013-6341
 	RESERVED
 	NOT-FOR-US: Dokeos
@@ -2052,7 +2052,7 @@
 CVE-2013-5991 (The displaySystemError function in html/handle_error.php in LOCKON ...)
 	NOT-FOR-US: LOCKON EC-CUBE
 CVE-2013-5990 (Unspecified vulnerability in JustSystems Ichitaro 2006 through 2011; ...)
-	TODO: check
+	NOT-FOR-US: JustSystems Ichitaro
 CVE-2013-5989
 	RESERVED
 CVE-2013-5988
@@ -2118,7 +2118,7 @@
 CVE-2013-5958
 	RESERVED
 CVE-2013-5957 (Multiple SQL injection vulnerabilities in ...)
-	TODO: check
+	NOT-FOR-US: CiviCRM
 CVE-2013-5956
 	RESERVED
 CVE-2013-5955
@@ -3249,7 +3249,7 @@
 CVE-2013-5529 (The deployment module in the server in Cisco WebEx Meeting Center does ...)
 	NOT-FOR-US: Cisco WebEx Meetings Server
 CVE-2013-5528 (Directory traversal vulnerability in the Tomcat administrative web ...)
-	TODO: check
+	NOT-FOR-US: Cisco Unified Communications Manager
 CVE-2013-5527 (The OSPF functionality in Cisco IOS and IOS XE allows remote attackers ...)
 	NOT-FOR-US: Cisco
 CVE-2013-5526 (Cisco 9900 fourth-generation IP phones do not properly perform SDP ...)
@@ -3942,6 +3942,7 @@
 	NOT-FOR-US: Apple Mac OS X
 CVE-2013-5185 (The ldapsearch command-line program in OpenLDAP in Apple Mac OS X ...)
 	TODO: check
+	NOTE: does anyone have more information on this? I don't find anything from openldap upstream related to this.
 CVE-2013-5184 (The kernel in Apple Mac OS X before 10.9 does not properly check for ...)
 	NOT-FOR-US: Apple Mac OS X
 CVE-2013-5183 (Mail in Apple Mac OS X before 10.9, when Kerberos authentication is ...)
@@ -5212,7 +5213,7 @@
 CVE-2013-4625 (Cross-site scripting (XSS) vulnerability in ...)
 	NOT-FOR-US: WordPress plugin Duplicator
 CVE-2013-4624 (Multiple cross-site scripting (XSS) vulnerabilities in Jahia xCM ...)
-	TODO: check
+	NOT-FOR-US: Jahia xCM
 CVE-2013-4623 (The x509parse_crt function in x509.h in PolarSSL 1.1.x before 1.1.7 ...)
 	{DSA-2782-1}
 	- polarssl 1.2.8-1 (low; bug #719954)
@@ -5227,7 +5228,7 @@
 CVE-2013-4618
 	RESERVED
 CVE-2013-4617 (Jahia xCM before 6.6.2 does not include the HTTPOnly flag in a ...)
-	TODO: check
+	NOT-FOR-US: Jahia xCM
 CVE-2013-4616 (The WifiPasswordController generateDefaultPassword method in ...)
 	NOT-FOR-US: Apple iOS
 CVE-2013-4615 (The Canon MG3100, MG5300, MG6100, MP495, MX340, MX870, MX890, MX920, ...)
@@ -7340,11 +7341,11 @@
 CVE-2013-3923 (Directory traversal vulnerability in SavySoda WiFi HD Free before 7.0 ...)
 	NOT-FOR-US: SavySoda WiFi HD Free
 CVE-2013-3922 (Directory traversal vulnerability in Gummy Bear Studios FTP Drive + ...)
-	TODO: check
+	NOT-FOR-US: Gummy Bear Studios FTP Drive + HTTP Server
 CVE-2013-3921
 	RESERVED
 CVE-2013-3920 (Cross-site scripting (XSS) vulnerability in Jahia xCM before 6.6.2 ...)
-	TODO: check
+	NOT-FOR-US: Jahia xCM
 CVE-2013-3918 (The InformationCardSigninHelper Class ActiveX control in icardie.dll ...)
 	NOT-FOR-US: Microsoft
 CVE-2013-3917 (Microsoft Internet Explorer 6 through 11 allows remote attackers to ...)
@@ -10221,7 +10222,7 @@
 CVE-2013-2702 (Cross-site request forgery (CSRF) vulnerability in the Easy AdSense ...)
 	NOT-FOR-US: Easy AdSense Lite plugin for WordPress
 CVE-2013-2701 (Cross-site request forgery (CSRF) vulnerability in the Social Sharing ...)
-	TODO: check
+	NOT-FOR-US: social sharing toolkit plugin for wp
 CVE-2013-2700
 	RESERVED
 CVE-2013-2699
@@ -16176,7 +16177,7 @@
 CVE-2013-0742 (Stack-based buffer overflow in Corel PDF Fusion 1.11 allows remote ...)
 	NOT-FOR-US: Corel PDF Fusion
 CVE-2013-0741 (Cross-site scripting (XSS) vulnerability in imagegen.ashx in ...)
-	TODO: check
+	NOT-FOR-US: Percipient Studios ImageGen
 CVE-2013-0740
 	RESERVED
 CVE-2013-0739
@@ -16186,7 +16187,7 @@
 CVE-2013-0737
 	RESERVED
 CVE-2013-0736 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
-	TODO: check
+	NOT-FOR-US: mingle forum plugin for wp
 CVE-2013-0735
 	RESERVED
 CVE-2013-0734

More information about the Secure-testing-commits mailing list