[Secure-testing-commits] r21050 - data/CVE
Federico Ceratto
federico-guest at alioth.debian.org
Fri Jan 25 21:39:14 UTC 2013
Author: federico-guest
Date: 2013-01-25 21:39:14 +0000 (Fri, 25 Jan 2013)
New Revision: 21050
Modified:
data/CVE/list
Log:
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-01-25 21:33:30 UTC (rev 21049)
+++ data/CVE/list 2013-01-25 21:39:14 UTC (rev 21050)
@@ -31,35 +31,35 @@
NOTE: Upstream forum post: http://www.zoneminder.com/forums/viewtopic.php?f=29&t=20771
NOTE: CVE requested
CVE-2012-6521 (Cross-site scripting (XSS) vulnerability in ...)
- TODO: check
+ NOT-FOR-US: Elefant CMS
CVE-2012-6520 (Multiple SQL injection vulnerabilities in the advanced search in ...)
- TODO: check
+ NOT-FOR-US: Wikidforum
CVE-2012-6519 (SQL injection vulnerability in modules/poll/index.php in DIY-CMS 1.0 ...)
- TODO: check
+ NOT-FOR-US: DIY-CMS
CVE-2012-6518 (Cross-site request forgery (CSRF) vulnerability in mod.php in DiY-CMS ...)
- TODO: check
+ NOT-FOR-US: DiY-CMS
CVE-2012-6517 (Multiple cross-site scripting (XSS) vulnerabilities in DiY-CMS 1.0 ...)
- TODO: check
+ NOT-FOR-US: DiY-CMS
CVE-2012-6516 (SQL injection vulnerability in PHP Ticket System Beta 1 allows remote ...)
- TODO: check
+ NOT-FOR-US: PHP Ticket System Beta
CVE-2012-6515 (eFront 3.6.10, 3.6.11 build 15059, and earlier allows remote attackers ...)
- TODO: check
+ NOT-FOR-US: eFront
CVE-2012-6514 (Cross-site scripting (XSS) vulnerability in the nBill (com_netinvoice) ...)
TODO: check
CVE-2012-6513 (Cross-site scripting (XSS) vulnerability in ...)
- TODO: check
+ NOT-FOR-US: gpEasy CMS
CVE-2012-6512 (The Organizer plugin 1.2.1 for WordPress allows remote attackers to ...)
TODO: check
CVE-2012-6511 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
TODO: check
CVE-2012-6510 (Multiple cross-site scripting (XSS) vulnerabilities in NetArt Media ...)
- TODO: check
+ NOT-FOR-US: NetArt Media Car Portal
CVE-2012-6509 (Unrestricted file upload vulnerability in NetArt Media Car Portal 3.0 ...)
- TODO: check
+ NOT-FOR-US: NetArt Media Car Portal
CVE-2012-6508 (Multiple cross-site request forgery (CSRF) vulnerabilities in NetArt ...)
- TODO: check
+ NOT-FOR-US: NetArt Media Car Portal
CVE-2012-6507 (Multiple SQL injection vulnerabilities in admin.php in ChurchCMS 0.0.1 ...)
- TODO: check
+ NOT-FOR-US: ChurchCMS
CVE-2012-6506 (Multiple cross-site scripting (XSS) vulnerabilities in he Zingiri Web ...)
TODO: check
CVE-2012-6505 (Cross-site scripting (XSS) vulnerability in ...)
@@ -69,7 +69,7 @@
CVE-2012-6503 (Unspecified vulnerability in the NinjaXplorer component before 1.0.7 ...)
TODO: check
CVE-2012-6502 (Microsoft Internet Explorer before 10 allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: Microsoft Internet Explorer
CVE-2013-1413
RESERVED
CVE-2013-1412
@@ -707,23 +707,23 @@
CVE-2013-1111
RESERVED
CVE-2013-1110 (Cisco WebEx Training Center allow remote authenticated users to bypass ...)
- TODO: check
+ NOT-FOR-US: Cisco WebEx Training Center
CVE-2013-1109 (Cross-site request forgery (CSRF) vulnerability in ...)
NOT-FOR-US: Cisco WebEx Training Center
CVE-2013-1108 (Cisco WebEx Training Center allows remote authenticated users to ...)
- TODO: check
+ NOT-FOR-US: Cisco WebEx Training Center
CVE-2013-1107
RESERVED
CVE-2013-1106
RESERVED
CVE-2013-1105 (Cisco Wireless LAN Controller (WLC) devices with software 7.0 before ...)
- TODO: check
+ NOT-FOR-US: Cisco Wireless LAN Controller
CVE-2013-1104 (The HTTP Profiling functionality on Cisco Wireless LAN Controller ...)
- TODO: check
+ NOT-FOR-US: Cisco Wireless LAN Controller
CVE-2013-1103 (Cisco Wireless LAN Controller (WLC) devices with software 7.0 before ...)
- TODO: check
+ NOT-FOR-US: Cisco Wireless LAN Controller
CVE-2013-1102 (The Wireless Intrusion Prevention System (wIPS) component on Cisco ...)
- TODO: check
+ NOT-FOR-US: Cisco Wireless LAN Controller
CVE-2013-1101
RESERVED
CVE-2013-1100
@@ -1069,9 +1069,9 @@
CVE-2013-0930
RESERVED
CVE-2013-0929 (Format string vulnerability in the _vsnsprintf function in rrobotd.exe ...)
- TODO: check
+ NOT-FOR-US: EMC AlphaStor
CVE-2013-0928 (The NetWorker command processor in rrobotd.exe in the Device Manager ...)
- TODO: check
+ NOT-FOR-US: EMC AlphaStor
CVE-2013-0927
RESERVED
CVE-2013-0926
@@ -1715,21 +1715,21 @@
{DSA-2596-1}
- mediawiki-extensions 2.11 (bug #696179)
CVE-2012-6442 (Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation EtherNet/IP
CVE-2012-6441 (Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation EtherNet/IP
CVE-2012-6440 (The web-server password-authentication functionality in Rockwell ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation EtherNet/IP
CVE-2012-6439 (Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation EtherNet/IP
CVE-2012-6438 (Buffer overflow in Rockwell Automation EtherNet/IP products; ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation EtherNet/IP
CVE-2012-6437 (Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation EtherNet/IP
CVE-2012-6436 (Buffer overflow in Rockwell Automation EtherNet/IP products; ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation EtherNet/IP
CVE-2012-6435 (Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation EtherNet/IP
CVE-2012-6434 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
NOT-FOR-US: e107
CVE-2012-6433 (Cross-site request forgery (CSRF) vulnerability in ...)
@@ -1821,11 +1821,11 @@
CVE-2013-0658
RESERVED
CVE-2013-0657 (Stack-based buffer overflow in Schneider Electric Interactive ...)
- TODO: check
+ NOT-FOR-US: Schneider Electric IGSS
CVE-2013-0656 (Buffer overflow in a third-party ActiveX component in Siemens SIMATIC ...)
- TODO: check
+ NOT-FOR-US: Siemens SIMATIC
CVE-2013-0655 (The client in Schneider Electric Software Update (SESU) Utility 1.0.x ...)
- TODO: check
+ NOT-FOR-US: Schneider Electric SESU
CVE-2013-0654
RESERVED
CVE-2013-0653
@@ -2309,9 +2309,9 @@
CVE-2012-6397 (Cross-site scripting (XSS) vulnerability in Cisco WebEx Social ...)
NOT-FOR-US: Cisco WebEx Social
CVE-2012-6396 (Cisco NX-OS on Nexus 7000 series switches does not properly handle ...)
- TODO: check
+ NOT-FOR-US: Cisco NX-OS
CVE-2012-6395 (Cisco Adaptive Security Appliances (ASA) devices with firmware 8.4 do ...)
- TODO: check
+ NOT-FOR-US: Cisco Adaptive Security Appliances
CVE-2012-6394
RESERVED
CVE-2012-6393
@@ -2381,9 +2381,9 @@
CVE-2012-6361
RESERVED
CVE-2012-6360 (Cross-site scripting (XSS) vulnerability in IBM Intelligent Operations ...)
- TODO: check
+ NOT-FOR-US: IBM Intelligent Operations Center
CVE-2012-6359 (IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.11, ...)
- TODO: check
+ NOT-FOR-US: IBM Tivoli
CVE-2012-6358
RESERVED
CVE-2012-6357
@@ -3370,7 +3370,7 @@
CVE-2012-6273
RESERVED
CVE-2012-6272 (Multiple cross-site scripting (XSS) vulnerabilities in Dell OpenManage ...)
- TODO: check
+ NOT-FOR-US: Dell OpenManage Server Administrator
CVE-2012-6271 (Adobe Shockwave Player through 11.6.8.638 allows remote attackers to ...)
NOT-FOR-US: Adobe Shockwave
CVE-2012-6270 (Adobe Shockwave Player through 11.6.8.638 allows remote attackers to ...)
@@ -3903,9 +3903,9 @@
CVE-2009-5133
RESERVED
CVE-2012-6069 (Directory traversal vulnerability in the Runtime Toolkit in CODESYS ...)
- TODO: check
+ NOT-FOR-US: CODESYS Runtime System
CVE-2012-6068 (The Runtime Toolkit in CODESYS Runtime System 2.3.x and 2.4.x does not ...)
- TODO: check
+ NOT-FOR-US: CODESYS Runtime System
CVE-2012-6067 (freeFTPd.exe in freeFTPd through 1.0.11 allows remote attackers to ...)
NOT-FOR-US: freeFTPd
CVE-2012-6066 (freeSSHd.exe in freeSSHd through 1.2.6 allows remote attackers to ...)
@@ -4956,7 +4956,7 @@
CVE-2012-5718
RESERVED
CVE-2012-5717 (Cisco Adaptive Security Appliances (ASA) devices with firmware 8.x ...)
- TODO: check
+ NOT-FOR-US: Cisco Adaptive Security Appliances
CVE-2012-5716
RESERVED
CVE-2012-5715
@@ -6351,9 +6351,9 @@
CVE-2012-5186
RESERVED
CVE-2012-5185 (Directory traversal vulnerability in the Olive Toast Documents Pro ...)
- TODO: check
+ NOT-FOR-US: Olive Toast Documents Pro File Viewer
CVE-2012-5184 (Cross-site scripting (XSS) vulnerability in the Olive Toast Documents ...)
- TODO: check
+ NOT-FOR-US: Olive Toast Documents Pro File Viewer
CVE-2012-5183 (The Loctouch application 3.4.6 and earlier for Android allows ...)
NOT-FOR-US: Loctouch application for Android
CVE-2012-5182 (The Loctouch application 3.4.6 and earlier for Android does not ...)
@@ -6968,7 +6968,7 @@
CVE-2012-4919
RESERVED
CVE-2012-4918 (Call of Duty Elite for iOS 2.0.1 does not properly validate the server ...)
- TODO: check
+ NOT-FOR-US: Call of Duty Elite for iOS
CVE-2012-4917
RESERVED
CVE-2012-4916
@@ -13990,7 +13990,7 @@
CVE-2012-2292
RESERVED
CVE-2012-2291 (EMC Avamar Client 4.x, 5.x, and 6.x on HP-UX and Mac OS X, and the EMC ...)
- TODO: check
+ NOT-FOR-US: EMC Avamar
CVE-2012-2290 (The client in EMC NetWorker Module for Microsoft Applications (NMM) ...)
NOT-FOR-US: EMC NetWorker Module for Microsoft Applications
CVE-2012-2289 (EMC ApplicationXtender Desktop before 6.5 SP2 and ApplicationXtender ...)
@@ -14487,7 +14487,7 @@
NOTE: incomplete fix of CVE-2009-4307, introducing another issue:
NOTE: https://lkml.org/lkml/2012/2/20/422
CVE-2012-2099 (Multiple cross-site scripting (XSS) vulnerabilities in Wikidforum 2.10 ...)
- TODO: check
+ NOT-FOR-US: Wikidforum
CVE-2012-2098 (Algorithmic complexity vulnerability in the sorting algorithms in ...)
- libcommons-compress-java 1.4.1-1 (low; bug #674448)
[squeeze] - libcommons-compress-java <no-dsa> (Minor issue)
@@ -14981,7 +14981,7 @@
CVE-2012-1923 (RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x ...)
NOT-FOR-US: RealNetworks Helix
CVE-2012-1922 (Multiple cross-site request forgery (CSRF) vulnerabilities in Sitecom ...)
- TODO: check
+ NOT-FOR-US: Sitecom WLM-2501
CVE-2012-1921 (Cross-site request forgery (CSRF) vulnerability in ...)
NOT-FOR-US: Sitecom
CVE-2012-1920 (@Mail WebMail Client in AtMail Open-Source 1.04 and earlier allows ...)
@@ -44723,7 +44723,7 @@
CVE-2010-1004 (SQL injection vulnerability in the Yet another TYPO3 search engine ...)
NOT-FOR-US: yatse extension for typo3
CVE-2009-4738 (Unspecified vulnerability in JustSystems Corporation ATOK 2006 through ...)
- TODO: check
+ NOT-FOR-US: JustSystems Corporation
CVE-2009-4737 (Stack-based buffer overflow in JustSystems Corporation Ichitaro 13, ...)
NOT-FOR-US: JustSystems Corporation Ichitaro
CVE-2009-4736 (Cross-site scripting (XSS) vulnerability in search.php in CommonSense ...)
More information about the Secure-testing-commits
mailing list