[Secure-testing-commits] r21445 - data/CVE

Thijs Kinkhorst thijs at alioth.debian.org
Wed Feb 27 08:14:10 UTC 2013 

Author: thijs
Date: 2013-02-27 08:14:09 +0000 (Wed, 27 Feb 2013)
New Revision: 21445

Modified:
   data/CVE/list
Log:
new mathml issue, nfu's


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-02-27 08:00:39 UTC (rev 21444)
+++ data/CVE/list	2013-02-27 08:14:09 UTC (rev 21445)
@@ -5,7 +5,11 @@
 CVE-2013-2269
 	RESERVED
 CVE-2013-2268 (Unspecified vulnerability in the MathML implementation in WebKit in ...)
-	TODO: check
+	- chromium-browser 25.0.1364.97-1
+	- webkit <unfixed>
+	[squeeze] - chromium-browser <not-affected> (Vulnerable code not present)
+	[squeeze] - webkit <not-affected> (Vulnerable code not present)
+	NOTE: MathML added in chromium 24.x, disabled again in 25.x
 CVE-2012-6534
 	RESERVED
 CVE-2013-2267
@@ -1253,7 +1257,7 @@
 CVE-2013-1660
 	RESERVED
 CVE-2013-1659 (VMware vCenter Server 4.0 before Update 4b, 5.0 before Update 2, and ...)
-	TODO: check
+	NOT-FOR-US: vCenter
 CVE-2013-1658
 	RESERVED
 CVE-2013-1657
@@ -2475,7 +2479,7 @@
 CVE-2013-1139
 	RESERVED
 CVE-2013-1138 (The NAT process on Cisco Adaptive Security Appliances (ASA) devices ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2013-1137
 	RESERVED
 CVE-2013-1136
@@ -3153,7 +3157,7 @@
 CVE-2013-0805
 	RESERVED
 CVE-2013-0804 (The client in Novell GroupWise 8.0 before 8.0.3 HP2 and 2012 before ...)
-	TODO: check
+	NOT-FOR-US: GroupWise
 CVE-2013-0803
 	RESERVED
 CVE-2012-6497 (The Authlogic gem for Ruby on Rails, when used with certain versions ...)
@@ -4086,7 +4090,7 @@
 CVE-2013-0466 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Message ...)
 	NOT-FOR-US: IBM
 CVE-2013-0465 (Unspecified vulnerability in the IBM WebSphere Cast Iron physical and ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2013-0464
 	RESERVED
 CVE-2013-0463
@@ -4319,7 +4323,7 @@
 CVE-2012-6327
 	RESERVED
 CVE-2012-6326 (VMware vCenter Server 4.1 before Update 3 and 5.0 before Update 2, and ...)
-	TODO: check
+	NOT-FOR-US: vCenter
 CVE-2012-6325 (VMware vCenter Server Appliance (vCSA) 5.0 before Update 2 does not ...)
 	NOT-FOR-US: VMware vCenter Server Appliance
 CVE-2012-6324 (Directory traversal vulnerability in VMware vCenter Server Appliance ...)
@@ -5322,11 +5326,11 @@
 CVE-2013-0121
 	RESERVED
 CVE-2013-0120 (The web interface on Dell PowerConnect 6248P switches allows remote ...)
-	TODO: check
+	NOT-FOR-US: Dell Switches
 CVE-2013-0119
 	RESERVED
 CVE-2013-0118 (CS-Cart before 3.0.6, when PayPal Standard Payments is configured, ...)
-	TODO: check
+	NOT-FOR-US: CS-Cart
 CVE-2013-0117
 	RESERVED
 CVE-2013-0116
@@ -5336,7 +5340,7 @@
 CVE-2013-0114
 	RESERVED
 CVE-2013-0113 (Nuance PDF Reader 7.0 and PDF Viewer Plus 7.1 allow remote attackers ...)
-	TODO: check
+	NOT-FOR-US: Nuance PDF Reader
 CVE-2013-0112
 	RESERVED
 CVE-2013-0111
@@ -5346,7 +5350,7 @@
 CVE-2013-0109
 	RESERVED
 CVE-2013-0108 (An ActiveX control in HscRemoteDeploy.dll in Honeywell Enterprise ...)
-	TODO: check
+	NOT-FOR-US: Honeywell
 CVE-2013-0107 (Stack-based buffer overflow in Foxit Advanced PDF Editor 3 before 3.04 ...)
 	NOT-FOR-US: Foxit Advanced PDF Editor
 CVE-2013-0106
@@ -5463,11 +5467,11 @@
 CVE-2012-6276 (Directory traversal vulnerability in the web-based management ...)
 	NOT-FOR-US: TP-LINK TL-WR841N
 CVE-2012-6275 (Multiple stack-based buffer overflows in AntDS.exe in BigAntSoft ...)
-	TODO: check
+	NOT-FOR-US: BigAnt IM Server
 CVE-2012-6274 (BigAntSoft BigAnt IM Message Server does not require authentication ...)
-	TODO: check
+	NOT-FOR-US: BigAnt IM Server
 CVE-2012-6273 (SQL injection vulnerability in BigAntSoft BigAnt IM Message Server ...)
-	TODO: check
+	NOT-FOR-US: BigAnt IM Server
 CVE-2012-6272 (Multiple cross-site scripting (XSS) vulnerabilities in Dell OpenManage ...)
 	NOT-FOR-US: Dell OpenManage Server Administrator
 CVE-2012-6271 (Adobe Shockwave Player through 11.6.8.638 allows remote attackers to ...)
@@ -8146,7 +8150,7 @@
 CVE-2012-5338
 	RESERVED
 CVE-2012-5337 (Multiple cross-site scripting (XSS) vulnerabilities in jforum.page in ...)
-	TODO: check
+	NOT-FOR-US: jForum
 CVE-2012-5336
 	RESERVED
 CVE-2012-5335 (Directory traversal vulnerability in Tiny Server 1.1.5 allows remote ...)
@@ -9799,15 +9803,15 @@
 CVE-2012-4709
 	RESERVED
 CVE-2012-4708 (Stack-based buffer overflow in 3S CODESYS Gateway-Server before ...)
-	TODO: check
+	NOT-FOR-US: 3S CODESYS Gateway-Server
 CVE-2012-4707 (3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to ...)
-	TODO: check
+	NOT-FOR-US: 3S CODESYS Gateway-Server
 CVE-2012-4706 (Integer signedness error in 3S CODESYS Gateway-Server before 2.3.9.27 ...)
-	TODO: check
+	NOT-FOR-US: 3S CODESYS Gateway-Server
 CVE-2012-4705 (Directory traversal vulnerability in 3S CODESYS Gateway-Server before ...)
-	TODO: check
+	NOT-FOR-US: 3S CODESYS Gateway-Server
 CVE-2012-4704 (Array index error in 3S CODESYS Gateway-Server before 2.3.9.27 allows ...)
-	TODO: check
+	NOT-FOR-US: 3S CODESYS Gateway-Server
 CVE-2012-4703
 	RESERVED
 CVE-2012-4702
@@ -20823,7 +20827,7 @@
 	- bugzilla4 <itp> (bug #669643)
 	[squeeze] - bugzilla <no-dsa> (Minor issue)
 CVE-2012-0439 (An ActiveX control in gwcls1.dll in the client in Novell GroupWise 8.0 ...)
-	TODO: check
+	NOT-FOR-US: GroupWise
 CVE-2012-0438
 	RESERVED
 CVE-2012-0437

More information about the Secure-testing-commits mailing list