[Secure-testing-commits] r24501 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Fri Nov 29 20:52:52 UTC 2013 

Author: carnil
Date: 2013-11-29 20:52:52 +0000 (Fri, 29 Nov 2013)
New Revision: 24501

Modified:
   data/CVE/list
Log:
Mark couple of NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-11-29 19:52:20 UTC (rev 24500)
+++ data/CVE/list	2013-11-29 20:52:52 UTC (rev 24501)
@@ -45,17 +45,17 @@
 CVE-2013-6876
 	RESERVED
 CVE-2013-6875 (SQL injection vulnerability in functions/prepend_adm.php in Nagios ...)
-	TODO: check
+	NOT-FOR-US: Nagios XI
 CVE-2013-6874 (Stack-based buffer overflow in Vortex Light Alloy before 4.7.4 allows ...)
-	TODO: check
+	NOT-FOR-US: Vortex Light Alloy
 CVE-2013-6873 (SQL injection vulnerability in Testa Online Test Management System ...)
-	TODO: check
+	NOT-FOR-US: Testa Online Test Management System
 CVE-2013-6872
 	RESERVED
 CVE-2013-6871
 	RESERVED
 CVE-2013-6870 (Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk ...)
-	TODO: check
+	NOT-FOR-US: Splunk Web
 CVE-2012-6611
 	RESERVED
 CVE-2012-6610
@@ -63,7 +63,7 @@
 CVE-2012-6609
 	RESERVED
 CVE-2012-6608 (Cross-site scripting (XSS) vulnerability in xmlservices/E_book.php in ...)
-	TODO: check
+	NOT-FOR-US: Elastix
 CVE-2013-XXXX [unrealircd: DoS, use after free]
 	- unrealircd <itp> (bug #515130)
 	NOTE: http://forums.unrealircd.com/viewtopic.php?f=2&t=8221
@@ -418,7 +418,7 @@
 CVE-2013-6707
 	RESERVED
 CVE-2013-6706 (The Cisco Express Forwarding processing module in Cisco IOS XE allows ...)
-	TODO: check
+	NOT-FOR-US: Cisco IOS XE
 CVE-2013-6705
 	RESERVED
 CVE-2013-6704
@@ -430,7 +430,7 @@
 CVE-2013-6701
 	RESERVED
 CVE-2013-6700 (The SNMP module in Cisco IOS XR allows remote attackers to cause a ...)
-	TODO: check
+	NOT-FOR-US: Cisco IOS XR
 CVE-2013-6699 (The Control and Provisioning of Wireless Access Points (CAPWAP) ...)
 	NOT-FOR-US: Cisco
 CVE-2013-6698 (The web interface on Cisco Wireless LAN Controller (WLC) devices does ...)
@@ -1335,7 +1335,7 @@
 CVE-2013-6323
 	RESERVED
 CVE-2013-6322 (Cross-site scripting (XSS) vulnerability in Sterling Order Management ...)
-	TODO: check
+	NOT-FOR-US: IBM Sterling Selling and Fulfillment Suite
 CVE-2013-6321
 	RESERVED
 CVE-2013-6320
@@ -2023,23 +2023,23 @@
 CVE-2013-6000
 	RESERVED
 CVE-2013-5999 (Kingsoft KDrive Personal before 1.21.0.1880 on Windows does not verify ...)
-	TODO: check
+	NOT-FOR-US: Kingsoft KDrive Personal
 CVE-2013-5998 (Unspecified vulnerability in the Web manager implementation on D-Link ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2013-5997 (Unspecified vulnerability in the SSH implementation on D-Link Japan ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2013-5996 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
-	TODO: check
+	NOT-FOR-US: LOCKON EC-CUBE
 CVE-2013-5995 (data/class/helper/SC_Helper_Address.php in the front-features ...)
-	TODO: check
+	NOT-FOR-US: LOCKON EC-CUBE
 CVE-2013-5994 (data/class/pages/mypage/LC_Page_Mypage_DeliveryAddr.php in LOCKON ...)
-	TODO: check
+	NOT-FOR-US: LOCKON EC-CUBE
 CVE-2013-5993 (Cross-site request forgery (CSRF) vulnerability in LOCKON EC-CUBE ...)
-	TODO: check
+	NOT-FOR-US: LOCKON EC-CUBE
 CVE-2013-5992 (Cross-site scripting (XSS) vulnerability in the displaySystemError ...)
-	TODO: check
+	NOT-FOR-US: LOCKON EC-CUBE
 CVE-2013-5991 (The displaySystemError function in html/handle_error.php in LOCKON ...)
-	TODO: check
+	NOT-FOR-US: LOCKON EC-CUBE
 CVE-2013-5990 (Unspecified vulnerability in JustSystems Ichitaro 2006 through 2011; ...)
 	TODO: check
 CVE-2013-5989
@@ -2204,7 +2204,7 @@
 CVE-2013-5913 (Cross-site scripting (XSS) vulnerability in the getRecommSearch ...)
 	NOT-FOR-US: OXID eShop
 CVE-2013-5912 (VhttpdMgr in Thomson Reuters Velocity Analytics Vhayu Analytic Server ...)
-	TODO: check
+	NOT-FOR-US: Thomson Reuters Velocity Analytics Vhayu Analytic Server
 CVE-2013-5911 (Cross-site scripting (XSS) vulnerability in devform.php in Tenable ...)
 	NOT-FOR-US: Tenable SecurityCenter
 CVE-2013-5910
@@ -2643,7 +2643,7 @@
 CVE-2013-5731
 	RESERVED
 CVE-2013-5730 (Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2013-5729
 	RESERVED
 CVE-2013-5728
@@ -4178,7 +4178,7 @@
 CVE-2013-5066
 	RESERVED
 CVE-2013-5065 (NDProxy.sys in the kernel in Microsoft Windows XP SP2 and SP3 and ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Windows
 CVE-2013-5064
 	RESERVED
 CVE-2013-5063
@@ -4997,7 +4997,7 @@
 CVE-2012-6574 (Cross-site scripting (XSS) vulnerability in the Fonecta verify module ...)
 	NOT-FOR-US: Drupal module Fonecta verify
 CVE-2013-4716 (Cross-site scripting (XSS) vulnerability in Tattyan HP TOWN 5_9_3 and ...)
-	TODO: check
+	NOT-FOR-US: Tattyan HP TOWN
 CVE-2013-4715 (SQL injection vulnerability in Tiki Wiki CMS Groupware 6 LTS before ...)
 	NOT-FOR-US: Tiki Wiki
 CVE-2013-4714 (Cross-site scripting (XSS) vulnerability in Tiki Wiki CMS Groupware 6 ...)
@@ -7097,7 +7097,7 @@
 CVE-2013-4037 (The RAKP protocol support in the Intelligent Platform Management ...)
 	NOT-FOR-US: IBM BladeCenter
 CVE-2013-4036 (Cross-site scripting (XSS) vulnerability in IBM InfoSphere Master Data ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2013-4035
 	RESERVED
 CVE-2013-4034 (IBM Cognos Business Intelligence 8.4.1 before IF3, 10.1.0 before IF4, ...)
@@ -7327,7 +7327,7 @@
 CVE-2013-3924
 	RESERVED
 CVE-2013-3923 (Directory traversal vulnerability in SavySoda WiFi HD Free before 7.0 ...)
-	TODO: check
+	NOT-FOR-US: SavySoda WiFi HD Free
 CVE-2013-3922 (Directory traversal vulnerability in Gummy Bear Studios FTP Drive + ...)
 	TODO: check
 CVE-2013-3921
@@ -8523,7 +8523,7 @@
 CVE-2013-3395 (Cross-site request forgery (CSRF) vulnerability in the web framework ...)
 	NOT-FOR-US: Cisco IronPort Web Security Appliance
 CVE-2013-3394 (Cross-site scripting (XSS) vulnerability in the web interface in Cisco ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2013-3393 (The Precision Video Engine component in Cisco Jabber for Windows and ...)
 	NOT-FOR-US: Cisco
 CVE-2013-3392 (Multiple cross-site request forgery (CSRF) vulnerabilities in Cisco ...)
@@ -9201,7 +9201,7 @@
 CVE-2013-3096
 	RESERVED
 CVE-2013-3095 (Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link ...)
-	TODO: check
+	NOT-FOR-US:  D-Link
 CVE-2013-3094
 	RESERVED
 CVE-2013-3093

More information about the Secure-testing-commits mailing list