[Secure-testing-commits] r24321 - data/CVE

Salvatore Bonaccorso carnil at alioth.debian.org
Thu Nov 7 15:14:38 UTC 2013 

Author: carnil
Date: 2013-11-07 15:14:38 +0000 (Thu, 07 Nov 2013)
New Revision: 24321

Modified:
   data/CVE/list
Log:
Add NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-11-07 11:02:39 UTC (rev 24320)
+++ data/CVE/list	2013-11-07 15:14:38 UTC (rev 24321)
@@ -527,18 +527,18 @@
 CVE-2013-6350
 	RESERVED
 CVE-2013-6349 (McAfee Email Gateway (MEG) 7.0 before 7.0.4 and 7.5 before 7.5.1 ...)
-	TODO: check
+	NOT-FOR-US: McAfee Email Gateway
 CVE-2013-6348 (Multiple cross-site scripting (XSS) vulnerabilities in Apache Struts ...)
 	- libstruts1.2-java <not-affected> (Affects Struts 2.0.0 - Struts 2.3.15.3)
 	NOTE: https://issues.apache.org/jira/browse/WW-4213
 CVE-2013-6347 (Session fixation vulnerability in Novell ZENworks Configuration ...)
-	TODO: check
+	NOT-FOR-US: Novell ZENworks Configuration Management
 CVE-2013-6346 (Cross-site request forgery (CSRF) vulnerability in the ZCC page in ...)
-	TODO: check
+	NOT-FOR-US: Novell ZENworks Configuration Management
 CVE-2013-6345 (Unspecified vulnerability in the ZCC page in Novell ZENworks ...)
-	TODO: check
+	NOT-FOR-US: Novell ZENworks Configuration Management
 CVE-2013-6344 (The ZCC page in Novell ZENworks Configuration Management (ZCM) before ...)
-	TODO: check
+	NOT-FOR-US: Novell ZENworks Configuration Management
 CVE-2013-6343
 	RESERVED
 CVE-2013-6342
@@ -754,7 +754,7 @@
 CVE-2013-6247
 	RESERVED
 CVE-2013-6246 (The Dell Quest One Password Manager, possibly 5.0, allows remote ...)
-	TODO: check
+	NOT-FOR-US: Dell Quest One Password Manager
 CVE-2013-6245 (Unspecified vulnerability in SAP Sybase Adaptive Server Enterprise ...)
 	NOT-FOR-US: SAP Sybase Adaptive Server Enterprise
 CVE-2013-6244 (The Live Update webdynpro application ...)
@@ -1034,7 +1034,7 @@
 CVE-2013-6115
 	RESERVED
 CVE-2013-6114 (Integer overflow in the OZDocument::parseElement function in Apple ...)
-	TODO: check
+	NOT-FOR-US: Apple Motion
 CVE-2013-6113
 	RESERVED
 CVE-2013-6112
@@ -1241,7 +1241,7 @@
 CVE-2013-6024
 	RESERVED
 CVE-2013-6023 (Directory traversal vulnerability in the TVT TD-2308SS-B DVR with ...)
-	TODO: check
+	NOT-FOR-US: TVT TD-2308SS-B DVR
 CVE-2013-6022
 	RESERVED
 CVE-2013-6021 (Buffer overflow in WGagent in WatchGuard WSM and Fireware before 11.8 ...)
@@ -1335,7 +1335,7 @@
 CVE-2013-5978
 	RESERVED
 CVE-2013-5977 (Cross-site request forgery (CSRF) vulnerability in Cart66Product.php ...)
-	TODO: check
+	NOT-FOR-US: Cart66 Lite plugin for WordPress
 CVE-2013-5976 (Cross-site scripting (XSS) vulnerability in the access policy logout ...)
 	NOT-FOR-US: F5 BIG-IP APM
 CVE-2013-5975 (The access policy logon page (logon.inc) in F5 BIG-IP APM 11.1.0 ...)
@@ -2443,7 +2443,7 @@
 CVE-2013-5562
 	RESERVED
 CVE-2013-5561 (The Safe Search enforcement feature in Cisco Adaptive Security ...)
-	TODO: check
+	NOT-FOR-US: Cisco Adaptive Security Appliance
 CVE-2013-5560
 	RESERVED
 CVE-2013-5559 (Buffer overflow in the Active Template Library (ATL) framework in the ...)
@@ -3969,15 +3969,15 @@
 CVE-2013-4840
 	RESERVED
 CVE-2013-4839 (Unspecified vulnerability in Virtual User Generator in HP LoadRunner ...)
-	TODO: check
+	NOT-FOR-US: HP LoadRunner
 CVE-2013-4838 (Unspecified vulnerability in Virtual User Generator in HP LoadRunner ...)
 	NOT-FOR-US: HP LoadRunner
 CVE-2013-4837 (Unspecified vulnerability in Virtual User Generator in HP LoadRunner ...)
-	TODO: check
+	NOT-FOR-US: HP LoadRunner
 CVE-2013-4836 (Unspecified vulnerability in the GossipService SOAP Request ...)
 	NOT-FOR-US: HP Application LifeCycle Management
 CVE-2013-4835 (Unspecified vulnerability in the issueSiebelCmd SOAP implementation in ...)
-	TODO: check
+	NOT-FOR-US: HP SiteScope
 CVE-2013-4834 (Unspecified vulnerability in the client component in HP Application ...)
 	NOT-FOR-US: HP Application LifeCycle Management
 CVE-2013-4833 (Cross-site scripting (XSS) vulnerability in HP Service Manager 9.30 ...)
@@ -4274,7 +4274,7 @@
 CVE-2013-4714
 	RESERVED
 CVE-2013-4713 (Cross-site scripting (XSS) vulnerability in I-O DATA DEVICE RockDisk ...)
-	TODO: check
+	NOT-FOR-US: I-O DATA DEVICE RockDisk
 CVE-2013-4712 (I-O DATA DEVICE HDL-A and HDL2-A devices with firmware 1.07 and ...)
 	NOT-FOR-US: I-O DATA DEVICE HDL-A and HDL2-A devices
 CVE-2013-4711 (Cross-site scripting (XSS) vulnerability in Accela BizSearch 3.2 on ...)
@@ -7203,7 +7203,7 @@
 CVE-2013-3632
 	RESERVED
 CVE-2013-3631 (NAS4Free 9.1.0.1.804 and earlier allows remote authenticated users to ...)
-	TODO: check
+	NOT-FOR-US: NAS4Free
 CVE-2013-3630 (Moodle through 2.5.2 allows remote authenticated administrators to ...)
 	- moodle <unfixed>
 	NOTE: https://tracker.moodle.org/browse/MDL-41449
@@ -7234,7 +7234,7 @@
 CVE-2013-3618
 	RESERVED
 CVE-2013-3617 (The XML API in Openbravo ERP 2.5, 3.0, and earlier allows remote ...)
-	TODO: check
+	NOT-FOR-US: Openbravo ERP
 CVE-2013-3616 (Cross-site scripting (XSS) vulnerability in the KnowledgeView ...)
 	NOT-FOR-US: KnowledgeView Editorial and Management application
 CVE-2013-3615 (Dahua DVR appliances use a password-hash algorithm with a short hash ...)
@@ -14249,7 +14249,7 @@
 CVE-2013-1085 (Stack-based buffer overflow in the nim: protocol handler in Novell ...)
 	NOT-FOR-US: Novell Messenger
 CVE-2013-1084 (Directory traversal vulnerability in the GetFle method in the umaninv ...)
-	TODO: check
+	NOT-FOR-US: Novell ZENworks Configuration Management
 CVE-2013-1083 (Unspecified vulnerability in the login functionality in the Reporting ...)
 	NOT-FOR-US: Novell Identity Manager
 CVE-2013-1082 (Directory traversal vulnerability in DUSAP.php in Novell ZENworks ...)

More information about the Secure-testing-commits mailing list