[Secure-testing-commits] r21323 - data/CVE
Federico Ceratto
federico-guest at alioth.debian.org
Mon Feb 18 10:52:58 UTC 2013
Author: federico-guest
Date: 2013-02-18 10:52:58 +0000 (Mon, 18 Feb 2013)
New Revision: 21323
Modified:
data/CVE/list
Log:
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-02-17 22:14:20 UTC (rev 21322)
+++ data/CVE/list 2013-02-18 10:52:58 UTC (rev 21323)
@@ -187,11 +187,11 @@
CVE-2011-5264 (Cross-site scripting (XSS) vulnerability in lazyest-backup.php in the ...)
TODO: check
CVE-2011-5263 (Cross-site scripting (XSS) vulnerability in RetrieveMailExamples in ...)
- TODO: check
+ NOT-FOR-US: SAP NetWeaver
CVE-2011-5262 (SQL injection vulnerability in prodpage.cfm in SonicWALL Aventail ...)
- TODO: check
+ NOT-FOR-US: SonicWALL Aventail
CVE-2011-5261 (Cross-site scripting (XSS) vulnerability in serverreport.cgi in Axis ...)
- TODO: check
+ NOT-FOR-US: Axis M10 Series Network Cameras
CVE-2011-5260 (Cross-site scripting (XSS) vulnerability in SAP/BW/DOC/METADATA in SAP ...)
NOT-FOR-US: NetWeaver
CVE-2011-5259 (SQL injection vulnerability in lib/controllers/CentralController.php ...)
@@ -828,13 +828,13 @@
CVE-2013-1406 (The Virtual Machine Communication Interface (VMCI) implementation in ...)
NOT-FOR-US: VMware Workstation, Fusion, View, ESXi, ESX
CVE-2013-1405 (VMware vCenter Server 4.0 before Update 4b and 4.1 before Update 3a, ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2013-1404
RESERVED
CVE-2013-1403
RESERVED
CVE-2013-1402 (DigiLIBE 3.4 and possibly other versions sends a redirect but does not ...)
- TODO: check
+ NOT-FOR-US: DigiLIBE
CVE-2013-1401
RESERVED
CVE-2013-1400
@@ -1028,7 +1028,7 @@
CVE-2013-1314
RESERVED
CVE-2013-1313 (Object Linking and Embedding (OLE) Automation in Microsoft Windows XP ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows XP
CVE-2013-1312
RESERVED
CVE-2013-1311
@@ -1412,7 +1412,7 @@
CVE-2013-1129
RESERVED
CVE-2013-1128 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
- TODO: check
+ NOT-FOR-US: Cisco Unified MeetingPlace
CVE-2013-1127
RESERVED
CVE-2013-1126
@@ -1422,9 +1422,9 @@
CVE-2013-1124
RESERVED
CVE-2013-1123 (Multiple cross-site scripting (XSS) vulnerabilities in the server in ...)
- TODO: check
+ NOT-FOR-US: Cisco Unified MeetingPlace
CVE-2013-1122 (Cisco NX-OS on the Nexus 7000, when a certain Overlay Transport ...)
- TODO: check
+ NOT-FOR-US: Cisco NX-OS
CVE-2013-1121
RESERVED
CVE-2013-1120 (Multiple cross-site request forgery (CSRF) vulnerabilities on the ...)
@@ -1440,13 +1440,13 @@
CVE-2013-1115
RESERVED
CVE-2013-1114 (Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unity ...)
- TODO: check
+ NOT-FOR-US: Cisco Unity Express
CVE-2013-1113 (Cross-site scripting (XSS) vulnerability in Cisco Unified ...)
NOT-FOR-US: Cisco Unified Communications Domain Manager
CVE-2013-1112 (Cisco Carrier Routing System (CRS) allows remote attackers to cause a ...)
NOT-FOR-US: Cisco Carrier Routing System
CVE-2013-1111 (The Cisco ATA 187 Analog Telephone Adaptor with firmware 9.2.1.0 and ...)
- TODO: check
+ NOT-FOR-US: Cisco ATA 187 Analog Telephone Adaptor
CVE-2013-1110 (Cisco WebEx Training Center allow remote authenticated users to bypass ...)
NOT-FOR-US: Cisco WebEx Training Center
CVE-2013-1109 (Cross-site request forgery (CSRF) vulnerability in ...)
@@ -1468,7 +1468,7 @@
CVE-2013-1101
RESERVED
CVE-2013-1100 (The HTTP server in Cisco IOS on Catalyst switches does not properly ...)
- TODO: check
+ NOT-FOR-US: Cisco IOS
CVE-2013-1099
RESERVED
CVE-2013-1098
@@ -2389,15 +2389,15 @@
CVE-2013-0706
RESERVED
CVE-2013-0705 (Directory traversal vulnerability in LSI 3ware Disk Manager (3DM) ...)
- TODO: check
+ NOT-FOR-US: LSI 3ware Disk Manager
CVE-2013-0704 (Directory traversal vulnerability in the GREE application before 1.3.3 ...)
TODO: check
CVE-2013-0703 (Cross-site scripting (XSS) vulnerability in imgboard.com imgboard ...)
TODO: check
CVE-2013-0702 (Cross-site scripting (XSS) vulnerability in Cybozu Garoon 2.0.0 ...)
- TODO: check
+ NOT-FOR-US: Cybozu Garoon
CVE-2013-0701 (SQL injection vulnerability in Cybozu Garoon 2.5.0 through 3.5.3 ...)
- TODO: check
+ NOT-FOR-US: Cybozu Garoon
CVE-2012-6472 (Opera before 12.12 on UNIX uses weak permissions for the profile ...)
NOT-FOR-US: Opera
CVE-2012-6471 (Opera before 12.12 allows remote attackers to spoof the address field ...)
@@ -2565,7 +2565,7 @@
CVE-2013-0659
RESERVED
CVE-2013-0658 (Heap-based buffer overflow in RFManagerService.exe in Schneider ...)
- TODO: check
+ NOT-FOR-US: Schneider Electric Accutech Manager
CVE-2013-0657 (Stack-based buffer overflow in Schneider Electric Interactive ...)
NOT-FOR-US: Schneider Electric IGSS
CVE-2013-0656 (Buffer overflow in a third-party ActiveX component in Siemens SIMATIC ...)
@@ -4925,15 +4925,15 @@
CVE-2013-0078
RESERVED
CVE-2013-0077 (Quartz.dll in DirectShow in Microsoft Windows XP SP2 and SP3, Server ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2013-0076 (The Client/Server Run-time Subsystem (CSRSS) in Microsoft Windows ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2013-0075 (The TCP/IP implementation in Microsoft Windows Vista SP2, Windows ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2013-0074
RESERVED
CVE-2013-0073 (The Windows Forms (aka WinForms) component in Microsoft .NET Framework ...)
- TODO: check
+ NOT-FOR-US: Microsoft .NET Framework
CVE-2013-0072
RESERVED
CVE-2013-0071
@@ -7300,7 +7300,7 @@
CVE-2012-5189
REJECTED
CVE-2012-5188 (Untrusted search path vulnerability in mora Downloader before 1.0.0.1 ...)
- TODO: check
+ NOT-FOR-US: mora Downloader
CVE-2012-5187 (The Weathernews Touch application 2.3.2 and earlier for Android allows ...)
NOT-FOR-US: Android
CVE-2012-5186 (Cross-site scripting (XSS) vulnerability in FLUGELz netmania myu-s and ...)
@@ -8610,9 +8610,9 @@
CVE-2012-4713
RESERVED
CVE-2012-4712 (Moxa EDR-G903 series routers with firmware before 2.11 have a ...)
- TODO: check
+ NOT-FOR-US: Moxa EDR-G903
CVE-2012-4711 (Buffer overflow in kingMess.exe 65.20.2003.10300 in WellinTech ...)
- TODO: check
+ NOT-FOR-US: WellinTech KingView
CVE-2012-4710
RESERVED
CVE-2012-4709
@@ -8632,7 +8632,7 @@
CVE-2012-4702
RESERVED
CVE-2012-4701 (Directory traversal vulnerability in Tridium Niagara AX 3.5, 3.6, and ...)
- TODO: check
+ NOT-FOR-US: Tridium Niagara
CVE-2012-4700 (Multiple buffer overflows in an ActiveX control in PE3DO32A.ocx in ...)
NOT-FOR-US: IntegraXor SCADA Server
CVE-2012-4699
@@ -8646,7 +8646,7 @@
CVE-2012-4695
RESERVED
CVE-2012-4694 (Moxa EDR-G903 series routers with firmware before 2.11 do not use a ...)
- TODO: check
+ NOT-FOR-US: Moxa EDR-G903
CVE-2012-4693 (Invensys Wonderware InTouch 2012 R2 and earlier and Siemens ...)
NOT-FOR-US: Invensys Wonderware InTouch
CVE-2012-4692
@@ -12513,7 +12513,7 @@
CVE-2012-3281 (Unspecified vulnerability in Device Manager in HP XP P9000 Command ...)
NOT-FOR-US: HP XP P9000 Command View
CVE-2012-3280 (Multiple unspecified vulnerabilities on HP NonStop Servers H06.x and ...)
- TODO: check
+ NOT-FOR-US: HP NonStop Servers
CVE-2012-3279 (Multiple cross-site scripting (XSS) vulnerabilities in HP Network Node ...)
NOT-FOR-US: HP Network Node Manager i
CVE-2012-3278 (Stack-based buffer overflow in magentservice.exe in HP Diagnostics ...)
More information about the Secure-testing-commits
mailing list