[Secure-testing-commits] r21724 - data/CVE

Federico Ceratto federico-guest at alioth.debian.org
Sat Mar 23 20:49:04 UTC 2013 

Author: federico-guest
Date: 2013-03-23 20:49:04 +0000 (Sat, 23 Mar 2013)
New Revision: 21724

Modified:
   data/CVE/list
Log:
NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-03-23 15:57:37 UTC (rev 21723)
+++ data/CVE/list	2013-03-23 20:49:04 UTC (rev 21724)
@@ -847,7 +847,7 @@
 CVE-2013-2280
 	RESERVED
 CVE-2013-2279 (CA SiteMinder Federation (FSS) 12.5, 12.0, and r6; Federation ...)
-	TODO: check
+	NOT-FOR-US: CA SiteMinder
 CVE-2013-2278
 	RESERVED
 CVE-2013-2277 (The ff_h264_decode_seq_parameter_set function in h264_ps.c in ...)
@@ -4535,19 +4535,19 @@
 CVE-2013-0718
 	RESERVED
 CVE-2013-0717 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
-	TODO: check
+	NOT-FOR-US: NEC Aterm routers
 CVE-2013-0716 (The web server in Wind River VxWorks 5.5 through 6.9 allows remote ...)
-	TODO: check
+	NOT-FOR-US: Wind River VxWorks
 CVE-2013-0715 (The WebCLI component in Wind River VxWorks 5.5 through 6.9 allows ...)
-	TODO: check
+	NOT-FOR-US: Wind River VxWorks
 CVE-2013-0714 (IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9 ...)
-	TODO: check
+	NOT-FOR-US: Wind River VxWorks
 CVE-2013-0713 (IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9 ...)
-	TODO: check
+	NOT-FOR-US: Wind River VxWorks
 CVE-2013-0712 (IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9 ...)
-	TODO: check
+	NOT-FOR-US: Wind River VxWorks
 CVE-2013-0711 (IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9 ...)
-	TODO: check
+	NOT-FOR-US: Wind River VxWorks
 CVE-2013-0710 (Buffer overflow in Kingsoft Writer 2007 and 2010 before 2724 allows ...)
 	NOT-FOR-US: Kingsoft Writer
 CVE-2013-0709 (Cross-site scripting (XSS) vulnerability in dopvSTAR* 0091 allows ...)
@@ -4694,35 +4694,35 @@
 CVE-2013-0680
 	RESERVED
 CVE-2013-0679 (Directory traversal vulnerability in the web server in Siemens WinCC ...)
-	TODO: check
+	NOT-FOR-US: Siemens WinCC
 CVE-2013-0678 (Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and ...)
-	TODO: check
+	NOT-FOR-US: Siemens WinCC
 CVE-2013-0677 (The web server in Siemens WinCC before 7.2, as used in SIMATIC PCS7 ...)
-	TODO: check
+	NOT-FOR-US: Siemens WinCC
 CVE-2013-0676 (Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and ...)
-	TODO: check
+	NOT-FOR-US: Siemens WinCC
 CVE-2013-0675 (Buffer overflow in CCEServer (aka the central communications ...)
-	TODO: check
+	NOT-FOR-US: Siemens WinCC
 CVE-2013-0674 (Buffer overflow in the RegReader ActiveX control in Siemens WinCC ...)
-	TODO: check
+	NOT-FOR-US: Siemens WinCC
 CVE-2013-0673
 	RESERVED
 CVE-2013-0672 (Cross-site scripting (XSS) vulnerability in the HMI web application in ...)
-	TODO: check
+	NOT-FOR-US: Siemens WinCC
 CVE-2013-0671 (Directory traversal vulnerability in Siemens WinCC (TIA Portal) 11 ...)
-	TODO: check
+	NOT-FOR-US: Siemens WinCC
 CVE-2013-0670 (CRLF injection vulnerability in the HMI web application in Siemens ...)
-	TODO: check
+	NOT-FOR-US: Siemens WinCC
 CVE-2013-0669 (The HMI web application in Siemens WinCC (TIA Portal) 11 allows remote ...)
-	TODO: check
+	NOT-FOR-US: Siemens WinCC
 CVE-2013-0668 (Multiple cross-site scripting (XSS) vulnerabilities in the HMI web ...)
-	TODO: check
+	NOT-FOR-US: Siemens WinCC
 CVE-2013-0667 (Cross-site scripting (XSS) vulnerability in the HMI web application in ...)
-	TODO: check
+	NOT-FOR-US: Siemens WinCC
 CVE-2013-0666
 	RESERVED
 CVE-2013-0665 (Schweitzer Engineering Laboratories (SEL) AcSELerator QuickSet before ...)
-	TODO: check
+	NOT-FOR-US: Schweitzer Engineering Laboratories AcSELerator QuickSet
 CVE-2013-0664
 	RESERVED
 CVE-2013-0663
@@ -5056,9 +5056,9 @@
 CVE-2013-0507
 	RESERVED
 CVE-2013-0506 (Cross-site scripting (XSS) vulnerability in IBM Sterling Order ...)
-	TODO: check
+	NOT-FOR-US: IBM Sterling Order Management
 CVE-2013-0505 (IBM Sterling Order Management 8.0 before HF127, 8.5 before HF89, 9.0 ...)
-	TODO: check
+	NOT-FOR-US: IBM Sterling Order Management
 CVE-2013-0504 (Buffer overflow in the broker service in Adobe Flash Player before ...)
 	NOT-FOR-US: Adobe Flash Plugin
 CVE-2013-0503
@@ -5162,7 +5162,7 @@
 CVE-2013-0454
 	RESERVED
 CVE-2013-0453 (Cross-site scripting (XSS) vulnerability in Web Reports in IBM Tivoli ...)
-	TODO: check
+	NOT-FOR-US: IBM Tivoli Endpoint Manager
 CVE-2013-0452
 	RESERVED
 CVE-2013-0451
@@ -7595,7 +7595,7 @@
 CVE-2012-5939 (Cross-site scripting (XSS) vulnerability in Welcome.do in the Data ...)
 	NOT-FOR-US: IBM Tivoli TADDM
 CVE-2012-5938 (The installation process in IBM InfoSphere Information Server 8.1, ...)
-	TODO: check
+	NOT-FOR-US: IBM InfoSphere Information Server
 CVE-2012-5937
 	RESERVED
 CVE-2012-5936
@@ -8047,7 +8047,7 @@
 CVE-2012-5758 (The IBM WebSphere DataPower XC10 Appliance 2.0.0.0 through 2.0.0.3 and ...)
 	NOT-FOR-US: Websphere
 CVE-2012-5757 (Cross-site scripting (XSS) vulnerability in the Web Client in IBM ...)
-	TODO: check
+	NOT-FOR-US: IBM Rational ClearQuest
 CVE-2012-5756 (The IBM WebSphere DataPower XC10 Appliance 2.0.0.0 through 2.0.0.3 and ...)
 	NOT-FOR-US: Websphere
 CVE-2012-5755
@@ -24377,7 +24377,7 @@
 	- ghostscript 8.64~dfsg-2
 	NOTE: ghostscript using system jasper since this version
 CVE-2011-4515 (Siemens WinCC (TIA Portal) 11 uses a reversible algorithm for storing ...)
-	TODO: check
+	NOT-FOR-US: Siemens WinCC
 CVE-2011-4514 (The TELNET daemon in Siemens WinCC flexible 2004, 2005, 2007, and ...)
 	NOT-FOR-US: Siemens WinCC
 CVE-2011-4513 (Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA ...)

More information about the Secure-testing-commits mailing list