[Secure-testing-commits] r21282 - data/CVE

Helmut Grohne helmut-guest at alioth.debian.org
Fri Feb 15 11:33:04 UTC 2013 

Author: helmut-guest
Date: 2013-02-15 11:33:03 +0000 (Fri, 15 Feb 2013)
New Revision: 21282

Modified:
   data/CVE/list
Log:
NFUs and 1 itp

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-02-15 07:09:36 UTC (rev 21281)
+++ data/CVE/list	2013-02-15 11:33:03 UTC (rev 21282)
@@ -193,15 +193,15 @@
 CVE-2011-5261 (Cross-site scripting (XSS) vulnerability in serverreport.cgi in Axis ...)
 	TODO: check
 CVE-2011-5260 (Cross-site scripting (XSS) vulnerability in SAP/BW/DOC/METADATA in SAP ...)
-	TODO: check
+	NOT-FOR-US: NetWeaver
 CVE-2011-5259 (SQL injection vulnerability in lib/controllers/CentralController.php ...)
-	TODO: check
+	NOT-FOR-US: OrangehRM
 CVE-2011-5258 (Multiple cross-site scripting (XSS) vulnerabilities in OrangeHRM ...)
-	TODO: check
+	NOT-FOR-US: OrangehRM
 CVE-2011-5257 (Multiple cross-site scripting (XSS) vulnerabilities in the Classipress ...)
-	TODO: check
+	NOT-FOR-US: WordPress theme
 CVE-2011-5256 (Cross-site scripting (XSS) vulnerability in the tooltips in LimeSurvey ...)
-	TODO: check
+	- limesurvey <itp> (bug #472802)
 CVE-2013-1656
 	RESERVED
 CVE-2013-1655
@@ -660,11 +660,11 @@
 CVE-2013-1466
 	RESERVED
 CVE-2013-1465 (The Cubecart::_basket method in classes/cubecart.class.php in CubeCart ...)
-	TODO: check
+	NOT-FOR-US: CubeCart
 CVE-2013-1464 (Cross-site scripting (XSS) vulnerability in ssets/player.swf in the ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2013-1463 (Cross-site scripting (XSS) vulnerability in ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2013-1462 (Integer signedness error in the ExecuteSoapAction function in the ...)
 	- miniupnpd <undetermined>
 CVE-2013-1461 (The ExecuteSoapAction function in the SOAPAction handler in the HTTP ...)
@@ -821,7 +821,7 @@
 CVE-2013-1407
 	RESERVED
 CVE-2013-1406 (The Virtual Machine Communication Interface (VMCI) implementation in ...)
-	TODO: check
+	NOT-FOR-US: VMware Workstation, Fusion, View, ESXi, ESX
 CVE-2013-1405
 	RESERVED
 CVE-2013-1404
@@ -1423,7 +1423,7 @@
 CVE-2013-1121
 	RESERVED
 CVE-2013-1120 (Multiple cross-site request forgery (CSRF) vulnerabilities on the ...)
-	TODO: check
+	NOT-FOR-US: Cisco Unity Express
 CVE-2013-1119
 	RESERVED
 CVE-2013-1118
@@ -7287,7 +7287,7 @@
 CVE-2012-5188 (Untrusted search path vulnerability in mora Downloader before 1.0.0.1 ...)
 	TODO: check
 CVE-2012-5187 (The Weathernews Touch application 2.3.2 and earlier for Android allows ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2012-5186 (Cross-site scripting (XSS) vulnerability in FLUGELz netmania myu-s and ...)
 	NOT-FOR-US: FLUGELz netmania myu-s, PHP WeblogSystem
 CVE-2012-5185 (Directory traversal vulnerability in the Olive Toast Documents Pro ...)
@@ -31459,11 +31459,11 @@
 CVE-2011-1353 (Unspecified vulnerability in Adobe Reader 10.x before 10.1.1 on ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
 CVE-2011-1352 (The PowerVR SGX driver in Android before 2.3.6 allows attackers to ...)
-	TODO: check
+	NOT-FOR-US: Anroid
 CVE-2011-1351
 	RESERVED
 CVE-2011-1350 (The PowerVR SGX driver in Android before 2.3.6 allows attackers to ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2011-1349
 	RESERVED
 CVE-2011-1348

More information about the Secure-testing-commits mailing list