[Secure-testing-commits] r21323 - data/CVE

Federico Ceratto federico-guest at alioth.debian.org
Mon Feb 18 10:52:58 UTC 2013 

Author: federico-guest
Date: 2013-02-18 10:52:58 +0000 (Mon, 18 Feb 2013)
New Revision: 21323

Modified:
   data/CVE/list
Log:
NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-02-17 22:14:20 UTC (rev 21322)
+++ data/CVE/list	2013-02-18 10:52:58 UTC (rev 21323)
@@ -187,11 +187,11 @@
 CVE-2011-5264 (Cross-site scripting (XSS) vulnerability in lazyest-backup.php in the ...)
 	TODO: check
 CVE-2011-5263 (Cross-site scripting (XSS) vulnerability in RetrieveMailExamples in ...)
-	TODO: check
+	NOT-FOR-US: SAP NetWeaver
 CVE-2011-5262 (SQL injection vulnerability in prodpage.cfm in SonicWALL Aventail ...)
-	TODO: check
+	NOT-FOR-US: SonicWALL Aventail
 CVE-2011-5261 (Cross-site scripting (XSS) vulnerability in serverreport.cgi in Axis ...)
-	TODO: check
+	NOT-FOR-US: Axis M10 Series Network Cameras
 CVE-2011-5260 (Cross-site scripting (XSS) vulnerability in SAP/BW/DOC/METADATA in SAP ...)
 	NOT-FOR-US: NetWeaver
 CVE-2011-5259 (SQL injection vulnerability in lib/controllers/CentralController.php ...)
@@ -828,13 +828,13 @@
 CVE-2013-1406 (The Virtual Machine Communication Interface (VMCI) implementation in ...)
 	NOT-FOR-US: VMware Workstation, Fusion, View, ESXi, ESX
 CVE-2013-1405 (VMware vCenter Server 4.0 before Update 4b and 4.1 before Update 3a, ...)
-	TODO: check
+	NOT-FOR-US: VMware
 CVE-2013-1404
 	RESERVED
 CVE-2013-1403
 	RESERVED
 CVE-2013-1402 (DigiLIBE 3.4 and possibly other versions sends a redirect but does not ...)
-	TODO: check
+	NOT-FOR-US: DigiLIBE
 CVE-2013-1401
 	RESERVED
 CVE-2013-1400
@@ -1028,7 +1028,7 @@
 CVE-2013-1314
 	RESERVED
 CVE-2013-1313 (Object Linking and Embedding (OLE) Automation in Microsoft Windows XP ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Windows XP
 CVE-2013-1312
 	RESERVED
 CVE-2013-1311
@@ -1412,7 +1412,7 @@
 CVE-2013-1129
 	RESERVED
 CVE-2013-1128 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
-	TODO: check
+	NOT-FOR-US: Cisco Unified MeetingPlace
 CVE-2013-1127
 	RESERVED
 CVE-2013-1126
@@ -1422,9 +1422,9 @@
 CVE-2013-1124
 	RESERVED
 CVE-2013-1123 (Multiple cross-site scripting (XSS) vulnerabilities in the server in ...)
-	TODO: check
+	NOT-FOR-US: Cisco Unified MeetingPlace
 CVE-2013-1122 (Cisco NX-OS on the Nexus 7000, when a certain Overlay Transport ...)
-	TODO: check
+	NOT-FOR-US: Cisco NX-OS
 CVE-2013-1121
 	RESERVED
 CVE-2013-1120 (Multiple cross-site request forgery (CSRF) vulnerabilities on the ...)
@@ -1440,13 +1440,13 @@
 CVE-2013-1115
 	RESERVED
 CVE-2013-1114 (Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unity ...)
-	TODO: check
+	NOT-FOR-US: Cisco Unity Express
 CVE-2013-1113 (Cross-site scripting (XSS) vulnerability in Cisco Unified ...)
 	NOT-FOR-US: Cisco Unified Communications Domain Manager
 CVE-2013-1112 (Cisco Carrier Routing System (CRS) allows remote attackers to cause a ...)
 	NOT-FOR-US: Cisco Carrier Routing System
 CVE-2013-1111 (The Cisco ATA 187 Analog Telephone Adaptor with firmware 9.2.1.0 and ...)
-	TODO: check
+	NOT-FOR-US: Cisco ATA 187 Analog Telephone Adaptor
 CVE-2013-1110 (Cisco WebEx Training Center allow remote authenticated users to bypass ...)
 	NOT-FOR-US: Cisco WebEx Training Center
 CVE-2013-1109 (Cross-site request forgery (CSRF) vulnerability in ...)
@@ -1468,7 +1468,7 @@
 CVE-2013-1101
 	RESERVED
 CVE-2013-1100 (The HTTP server in Cisco IOS on Catalyst switches does not properly ...)
-	TODO: check
+	NOT-FOR-US: Cisco IOS
 CVE-2013-1099
 	RESERVED
 CVE-2013-1098
@@ -2389,15 +2389,15 @@
 CVE-2013-0706
 	RESERVED
 CVE-2013-0705 (Directory traversal vulnerability in LSI 3ware Disk Manager (3DM) ...)
-	TODO: check
+	NOT-FOR-US: LSI 3ware Disk Manager
 CVE-2013-0704 (Directory traversal vulnerability in the GREE application before 1.3.3 ...)
 	TODO: check
 CVE-2013-0703 (Cross-site scripting (XSS) vulnerability in imgboard.com imgboard ...)
 	TODO: check
 CVE-2013-0702 (Cross-site scripting (XSS) vulnerability in Cybozu Garoon 2.0.0 ...)
-	TODO: check
+	NOT-FOR-US: Cybozu Garoon
 CVE-2013-0701 (SQL injection vulnerability in Cybozu Garoon 2.5.0 through 3.5.3 ...)
-	TODO: check
+	NOT-FOR-US: Cybozu Garoon
 CVE-2012-6472 (Opera before 12.12 on UNIX uses weak permissions for the profile ...)
 	NOT-FOR-US: Opera
 CVE-2012-6471 (Opera before 12.12 allows remote attackers to spoof the address field ...)
@@ -2565,7 +2565,7 @@
 CVE-2013-0659
 	RESERVED
 CVE-2013-0658 (Heap-based buffer overflow in RFManagerService.exe in Schneider ...)
-	TODO: check
+	NOT-FOR-US: Schneider Electric Accutech Manager
 CVE-2013-0657 (Stack-based buffer overflow in Schneider Electric Interactive ...)
 	NOT-FOR-US: Schneider Electric IGSS
 CVE-2013-0656 (Buffer overflow in a third-party ActiveX component in Siemens SIMATIC ...)
@@ -4925,15 +4925,15 @@
 CVE-2013-0078
 	RESERVED
 CVE-2013-0077 (Quartz.dll in DirectShow in Microsoft Windows XP SP2 and SP3, Server ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Windows
 CVE-2013-0076 (The Client/Server Run-time Subsystem (CSRSS) in Microsoft Windows ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Windows
 CVE-2013-0075 (The TCP/IP implementation in Microsoft Windows Vista SP2, Windows ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Windows
 CVE-2013-0074
 	RESERVED
 CVE-2013-0073 (The Windows Forms (aka WinForms) component in Microsoft .NET Framework ...)
-	TODO: check
+	NOT-FOR-US: Microsoft .NET Framework
 CVE-2013-0072
 	RESERVED
 CVE-2013-0071
@@ -7300,7 +7300,7 @@
 CVE-2012-5189
 	REJECTED
 CVE-2012-5188 (Untrusted search path vulnerability in mora Downloader before 1.0.0.1 ...)
-	TODO: check
+	NOT-FOR-US: mora Downloader
 CVE-2012-5187 (The Weathernews Touch application 2.3.2 and earlier for Android allows ...)
 	NOT-FOR-US: Android
 CVE-2012-5186 (Cross-site scripting (XSS) vulnerability in FLUGELz netmania myu-s and ...)
@@ -8610,9 +8610,9 @@
 CVE-2012-4713
 	RESERVED
 CVE-2012-4712 (Moxa EDR-G903 series routers with firmware before 2.11 have a ...)
-	TODO: check
+	NOT-FOR-US: Moxa EDR-G903
 CVE-2012-4711 (Buffer overflow in kingMess.exe 65.20.2003.10300 in WellinTech ...)
-	TODO: check
+	NOT-FOR-US: WellinTech KingView
 CVE-2012-4710
 	RESERVED
 CVE-2012-4709
@@ -8632,7 +8632,7 @@
 CVE-2012-4702
 	RESERVED
 CVE-2012-4701 (Directory traversal vulnerability in Tridium Niagara AX 3.5, 3.6, and ...)
-	TODO: check
+	NOT-FOR-US: Tridium Niagara
 CVE-2012-4700 (Multiple buffer overflows in an ActiveX control in PE3DO32A.ocx in ...)
 	NOT-FOR-US: IntegraXor SCADA Server
 CVE-2012-4699
@@ -8646,7 +8646,7 @@
 CVE-2012-4695
 	RESERVED
 CVE-2012-4694 (Moxa EDR-G903 series routers with firmware before 2.11 do not use a ...)
-	TODO: check
+	NOT-FOR-US: Moxa EDR-G903
 CVE-2012-4693 (Invensys Wonderware InTouch 2012 R2 and earlier and Siemens ...)
 	NOT-FOR-US: Invensys Wonderware InTouch
 CVE-2012-4692
@@ -12513,7 +12513,7 @@
 CVE-2012-3281 (Unspecified vulnerability in Device Manager in HP XP P9000 Command ...)
 	NOT-FOR-US: HP XP P9000 Command View
 CVE-2012-3280 (Multiple unspecified vulnerabilities on HP NonStop Servers H06.x and ...)
-	TODO: check
+	NOT-FOR-US: HP NonStop Servers
 CVE-2012-3279 (Multiple cross-site scripting (XSS) vulnerabilities in HP Network Node ...)
 	NOT-FOR-US: HP Network Node Manager i
 CVE-2012-3278 (Stack-based buffer overflow in magentservice.exe in HP Diagnostics ...)

More information about the Secure-testing-commits mailing list