[Secure-testing-commits] r21349 - data/CVE

Wed Feb 20 08:03:09 UTC 2013

Author: jmm
Date: 2013-02-20 08:03:09 +0000 (Wed, 20 Feb 2013)
New Revision: 21349

Modified:
   data/CVE/list
Log:
NFUs


Modified: data/CVE/list
===================================================================

--- data/CVE/list	2013-02-20 07:48:34 UTC (rev 21348)
+++ data/CVE/list	2013-02-20 08:03:09 UTC (rev 21349)
@@ -27,7 +27,7 @@
 CVE-2013-1748
 	RESERVED
 CVE-2012-6533 (Buffer overflow in pgpwded.sys in Symantec PGP Desktop 10.x and ...)
-	TODO: check
+	NOT-FOR-US: Symantec PGP Desktop
 CVE-2013-1747
 	RESERVED
 	- ngircd <not-affected> (Vulnerable version was only in experimental, introduced in 20.1-1~exp1 and fixed in 20.2-1~exp1)
@@ -228,9 +228,9 @@
 CVE-2013-1657
 	RESERVED
 CVE-2011-5265 (Cross-site scripting (XSS) vulnerability in cached_image.php in the ...)
-	TODO: check
+	NOT-FOR-US: Wordpress plugin
 CVE-2011-5264 (Cross-site scripting (XSS) vulnerability in lazyest-backup.php in the ...)
-	TODO: check
+	NOT-FOR-US: Wordpress plugin
 CVE-2011-5263 (Cross-site scripting (XSS) vulnerability in RetrieveMailExamples in ...)
 	NOT-FOR-US: SAP NetWeaver
 CVE-2011-5262 (SQL injection vulnerability in prodpage.cfm in SonicWALL Aventail ...)
@@ -2438,9 +2438,9 @@
 CVE-2013-0705 (Directory traversal vulnerability in LSI 3ware Disk Manager (3DM) ...)
 	NOT-FOR-US: LSI 3ware Disk Manager
 CVE-2013-0704 (Directory traversal vulnerability in the GREE application before 1.3.3 ...)
-	TODO: check
+	NOT-FOR-US: GREE Android app
 CVE-2013-0703 (Cross-site scripting (XSS) vulnerability in imgboard.com imgboard ...)
-	TODO: check
+	NOT-FOR-US: imgboard
 CVE-2013-0702 (Cross-site scripting (XSS) vulnerability in Cybozu Garoon 2.0.0 ...)
 	NOT-FOR-US: Cybozu Garoon
 CVE-2013-0701 (SQL injection vulnerability in Cybozu Garoon 2.5.0 through 3.5.3 ...)
@@ -5349,42 +5349,34 @@
 	{DSA-2615-1 DSA-2614-1}
 	- libupnp 1:1.6.17-1.2 (bug #699316)
 	- libupnp4 1.8.0~svn20100507-1.2 (bug #699459)
-	TODO: check
 CVE-2012-5964 (Stack-based buffer overflow in the unique_service_name function in ...)
 	{DSA-2615-1 DSA-2614-1}
 	- libupnp 1:1.6.17-1.2 (bug #699316)
 	- libupnp4 1.8.0~svn20100507-1.2 (bug #699459)
-	TODO: check
 CVE-2012-5963 (Stack-based buffer overflow in the unique_service_name function in ...)
 	{DSA-2615-1 DSA-2614-1}
 	- libupnp 1:1.6.17-1.2 (bug #699316)
 	- libupnp4 1.8.0~svn20100507-1.2 (bug #699459)
-	TODO: check
 CVE-2012-5962 (Stack-based buffer overflow in the unique_service_name function in ...)
 	{DSA-2615-1 DSA-2614-1}
 	- libupnp 1:1.6.17-1.2 (bug #699316)
 	- libupnp4 1.8.0~svn20100507-1.2 (bug #699459)
-	TODO: check
 CVE-2012-5961 (Stack-based buffer overflow in the unique_service_name function in ...)
 	{DSA-2615-1 DSA-2614-1}
 	- libupnp 1:1.6.17-1.2 (bug #699316)
 	- libupnp4 1.8.0~svn20100507-1.2 (bug #699459)
-	TODO: check
 CVE-2012-5960 (Stack-based buffer overflow in the unique_service_name function in ...)
 	{DSA-2615-1 DSA-2614-1}
 	- libupnp 1:1.6.17-1.2 (bug #699316)
 	- libupnp4 1.8.0~svn20100507-1.2 (bug #699459)
-	TODO: check
 CVE-2012-5959 (Stack-based buffer overflow in the unique_service_name function in ...)
 	{DSA-2615-1 DSA-2614-1}
 	- libupnp 1:1.6.17-1.2 (bug #699316)
 	- libupnp4 1.8.0~svn20100507-1.2 (bug #699459)
-	TODO: check
 CVE-2012-5958 (Stack-based buffer overflow in the unique_service_name function in ...)
 	{DSA-2615-1 DSA-2614-1}
 	- libupnp 1:1.6.17-1.2 (bug #699316)
 	- libupnp4 1.8.0~svn20100507-1.2 (bug #699459)
-	TODO: check
 CVE-2012-5957
 	RESERVED
 CVE-2012-5956 (Multiple cross-site scripting (XSS) vulnerabilities in ManageEngine ...)
@@ -7325,9 +7317,9 @@
 CVE-2012-5200
 	RESERVED
 CVE-2012-5199 (Unspecified vulnerability in HP ArcSight Connector Appliance 6.3 and ...)
-	TODO: check
+	NOT-FOR-US: HP ArcSight Connector Appliance
 CVE-2012-5198 (Unspecified vulnerability in HP ArcSight Connector Appliance before ...)
-	TODO: check
+	NOT-FOR-US: HP ArcSight Connector Appliance
 CVE-2011-5202 (BazisVirtualCDBus.sys in WinCDEmu 3.6 allows local users to cause a ...)
 	NOT-FOR-US: WinCDEmu
 CVE-2012-5197 (Multiple unspecified vulnerabilities in Condor 7.6.x before 7.6.10 and ...)


