[Secure-testing-commits] r23970 - data/CVE

Salvatore Bonaccorso carnil at alioth.debian.org
Fri Oct 11 16:00:07 UTC 2013


Author: carnil
Date: 2013-10-11 16:00:07 +0000 (Fri, 11 Oct 2013)
New Revision: 23970

Modified:
   data/CVE/list
Log:
Process NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-10-11 15:59:51 UTC (rev 23969)
+++ data/CVE/list	2013-10-11 16:00:07 UTC (rev 23970)
@@ -104,7 +104,7 @@
 CVE-2013-6012
 	RESERVED
 CVE-2013-6011 (Citrix NetScaler Application Delivery Controller (ADC) 10.0 before ...)
-	TODO: check
+	NOT-FOR-US: Citrix NetScaler Application Delivery Controller
 CVE-2013-6010 (Cross-site scripting (XSS) vulnerability in the Comment Attachment ...)
 	TODO: check
 CVE-2013-6009 (CRLF injection vulnerability in Open-Xchange AppSuite before 7.2.2, ...)
@@ -192,7 +192,7 @@
 CVE-2013-5968
 	RESERVED
 CVE-2013-5967 (Multiple SQL injection vulnerabilities in AlienVault Open Source ...)
-	TODO: check
+	NOT-FOR-US: AlienVault Open Source Security Information Management
 CVE-2013-5966
 	RESERVED
 CVE-2013-5965 (The Node View Permissions module 7.x-1.x before 7.x-1.2 for Drupal ...)
@@ -1206,15 +1206,15 @@
 CVE-2013-5528
 	RESERVED
 CVE-2013-5527 (The OSPF functionality in Cisco IOS and IOS XE allows remote attackers ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2013-5526 (Cisco 9900 fourth-generation IP phones do not properly perform SDP ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2013-5525 (SQL injection vulnerability in the web framework in Cisco Identity ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2013-5524 (Cross-site scripting (XSS) vulnerability in the troubleshooting page ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2013-5523 (The Sponsor Portal in Cisco Identity Services Engine (ISE) 1.2 and ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2013-5522
 	RESERVED
 CVE-2013-5521
@@ -1262,7 +1262,7 @@
 CVE-2013-5500 (Multiple cross-site scripting (XSS) vulnerabilities in the oraadmin ...)
 	NOT-FOR-US: Cisco MediaSense
 CVE-2013-5499 (The remember feature in the DHCP server in Cisco IOS allows remote ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2013-5498 (The PPTP-ALG component in CRS Carrier Grade Services Engine (CGSE) and ...)
 	NOT-FOR-US: Cisco IOS XR
 CVE-2013-5497 (The authentication manager process in the web framework in Cisco ...)
@@ -1422,7 +1422,7 @@
 CVE-2013-5420
 	RESERVED
 CVE-2013-5419 (Multiple buffer overflows in (1) mkque and (2) mkquedev in ...)
-	TODO: check
+	NOT-FOR-US: IBM AIX
 CVE-2013-5418
 	RESERVED
 CVE-2013-5417
@@ -1606,11 +1606,11 @@
 CVE-2013-5328
 	RESERVED
 CVE-2013-5327 (MDBMS.dll in Adobe RoboHelp 10 allows attackers to execute arbitrary ...)
-	TODO: check
+	NOT-FOR-US: Adobe RoboHelp
 CVE-2013-5326
 	RESERVED
 CVE-2013-5325 (Adobe Reader and Acrobat 11.x before 11.0.05 on Windows allow remote ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2013-5324 (Adobe Flash Player before 11.7.700.242 and 11.8.x before 11.8.800.168 ...)
 	NOT-FOR-US: Adobe Flash
 CVE-2013-5323 (Cross-site scripting (XSS) vulnerability in the Static Info Tables ...)
@@ -2091,7 +2091,7 @@
 CVE-2013-5092
 	RESERVED
 CVE-2013-5091 (SQL injection vulnerability in CalendarCommon.php in vTiger CRM 5.4.0 ...)
-	TODO: check
+	NOT-FOR-US: vTiger CRM
 CVE-2013-5090
 	RESERVED
 CVE-2013-5089
@@ -2263,7 +2263,7 @@
 CVE-2013-5009
 	RESERVED
 CVE-2013-5008 (The agent and task-agent components in Symantec Management Platform ...)
-	TODO: check
+	NOT-FOR-US: Symantec
 CVE-2013-5007
 	RESERVED
 CVE-2013-5006 (main_internet.php on the Western Digital My Net N600 and N750 with ...)
@@ -5122,43 +5122,43 @@
 CVE-2013-3898
 	RESERVED
 CVE-2013-3897 (Use-after-free vulnerability in the CDisplayPointer class in ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2013-3896 (Microsoft Silverlight 5 before 5.1.20913.0 does not properly validate ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Silverlight
 CVE-2013-3895 (Microsoft SharePoint Server 2007 SP3 and 2010 SP1 and SP2 allows ...)
-	TODO: check
+	NOT-FOR-US: Microsoft SharePoint Server
 CVE-2013-3894 (The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Windows
 CVE-2013-3893 (Use-after-free vulnerability in the SetMouseCapture implementation in ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2013-3892 (Microsoft Word 2007 SP3 and Office Compatibility Pack SP3 allow remote ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Word
 CVE-2013-3891 (Microsoft Word 2003 SP3 allows remote attackers to execute arbitrary ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Word
 CVE-2013-3890 (Microsoft Excel 2007 SP3, Excel Viewer, and Office Compatibility Pack ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2013-3889 (Microsoft Excel 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2013-3888 (dxgkrnl.sys in the kernel-mode drivers in Microsoft Windows Vista SP2, ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Windows
 CVE-2013-3887
 	RESERVED
 CVE-2013-3886 (Microsoft Internet Explorer 9 and 10 allows remote attackers to ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2013-3885 (Microsoft Internet Explorer 10 allows remote attackers to execute ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2013-3884
 	RESERVED
 CVE-2013-3883
 	RESERVED
 CVE-2013-3882 (Microsoft Internet Explorer 10 allows remote attackers to execute ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2013-3881 (win32k.sys in the kernel-mode drivers in Microsoft Windows 7 SP1 and ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Windows
 CVE-2013-3880 (The App Container feature in the kernel-mode drivers in Microsoft ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Windows
 CVE-2013-3879 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Windows
 CVE-2013-3878
 	RESERVED
 CVE-2013-3877
@@ -5166,15 +5166,15 @@
 CVE-2013-3876
 	RESERVED
 CVE-2013-3875 (Microsoft Internet Explorer 8 and 9 allows remote attackers to execute ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2013-3874 (Microsoft Internet Explorer 9 allows remote attackers to execute ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2013-3873 (Microsoft Internet Explorer 10 allows remote attackers to execute ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2013-3872 (Microsoft Internet Explorer 10 allows remote attackers to execute ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2013-3871 (Microsoft Internet Explorer 6 through 10 allows remote attackers to ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2013-3870 (Double free vulnerability in Microsoft Outlook 2007 SP3 and 2010 SP1 ...)
 	NOT-FOR-US: Microsoft Outlook
 CVE-2013-3869
@@ -5194,9 +5194,9 @@
 CVE-2013-3862 (Double free vulnerability in Microsoft Windows 7 and Server 2008 R2 ...)
 	NOT-FOR-US: Microsoft
 CVE-2013-3861 (Microsoft .NET Framework 2.0 SP2, 3.5, 3.5 SP1, 3.5.1, 4, and 4.5 ...)
-	TODO: check
+	NOT-FOR-US: Microsoft .NET Framework
 CVE-2013-3860 (Microsoft .NET Framework 2.0 SP2, 3.5, 3.5 SP1, 3.5.1, 4, and 4.5 does ...)
-	TODO: check
+	NOT-FOR-US: Microsoft .NET Framework
 CVE-2013-3859 (Microsoft Pinyin IME 2010, when used in conjunction with Microsoft ...)
 	NOT-FOR-US: Microsoft Pinyin IME
 CVE-2013-3858 (Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word ...)
@@ -5599,7 +5599,7 @@
 CVE-2013-3690 (Cross-site request forgery (CSRF) vulnerability in cgi-bin/users.cgi ...)
 	NOT-FOR-US: Brickcom
 CVE-2013-3689 (Brickcom FB-100Ap, WCB-100Ap, MD-100Ap, WFB-100Ap, OB-100Ae, OSD-040E, ...)
-	TODO: check
+	NOT-FOR-US: Brickcom
 CVE-2013-3688 (The TP-Link IP Cameras TL-SC3171, TL-SC3130, TL-SC3130G, TL-SC3171G, ...)
 	NOT-FOR-US: TP-Link
 CVE-2013-3687
@@ -5752,7 +5752,7 @@
 CVE-2013-3628
 	RESERVED
 CVE-2013-3627 (FrameworkService.exe in McAfee Framework Service in McAfee Managed ...)
-	TODO: check
+	NOT-FOR-US: McAfee
 CVE-2013-3626
 	RESERVED
 CVE-2013-3625 (An unspecified DLL file in Baramundi Management Suite 7.5 through 8.9 ...)
@@ -5787,7 +5787,7 @@
 	REJECTED
 	NOT-FOR-US: NETELLER Direct Payment API
 CVE-2013-3610 (qis/QIS_finish.htm on the ASUS RT-N10E router with firmware before ...)
-	TODO: check
+	NOT-FOR-US: ASUS router
 CVE-2013-3609 (The web interface in the Intelligent Platform Management Interface ...)
 	NOT-FOR-US: Intelligent Platform Management Interface
 CVE-2013-3608 (The web interface in the Intelligent Platform Management Interface ...)
@@ -5954,13 +5954,13 @@
 CVE-2013-3544
 	REJECTED
 CVE-2013-3543 (The AXIS Media Control (AMC) ActiveX control (AxisMediaControlEmb.dll) ...)
-	TODO: check
+	NOT-FOR-US: AXIS Media Control
 CVE-2013-3542
 	RESERVED
 CVE-2013-3541 (Directory traversal vulnerability in cgi-bin/admin/fileread in AirLive ...)
-	TODO: check
+	NOT-FOR-US: AirLive
 CVE-2013-3540 (Cross-site request forgery (CSRF) vulnerability in ...)
-	TODO: check
+	NOT-FOR-US: AirLive
 CVE-2013-3539 (Cross-site request forgery (CSRF) vulnerability in the ...)
 	NOT-FOR-US: Sony
 CVE-2013-3538 (Multiple cross-site scripting (XSS) vulnerabilities in todooforum.php ...)
@@ -6226,7 +6226,7 @@
 CVE-2013-3410 (Cisco Intrusion Prevention System (IPS) Software on IPS NME devices ...)
 	NOT-FOR-US: Cisco
 CVE-2013-3409 (The portal in Cisco Prime Central for Hosted Collaboration Solution ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2013-3408 (The firmware on Cisco Virtualization Experience Client 6000 devices ...)
 	NOT-FOR-US: Cisco
 CVE-2013-3407
@@ -6581,7 +6581,7 @@
 CVE-2013-3249
 	RESERVED
 CVE-2013-3248 (Untrusted search path vulnerability in Corel PDF Fusion 1.11 allows ...)
-	TODO: check
+	NOT-FOR-US: Corel PDF Fusion
 CVE-2013-3247
 	RESERVED
 CVE-2013-3246
@@ -6725,7 +6725,7 @@
 CVE-2013-3201 (Microsoft Internet Explorer 9 and 10 allows remote attackers to ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2013-3200 (The USB drivers in the kernel-mode drivers in Microsoft Windows XP SP2 ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Windows
 CVE-2013-3199 (Microsoft Internet Explorer 6 through 10 allows remote attackers to ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2013-3198 (The NT Virtual DOS Machine (NTVDM) subsystem in the kernel in ...)
@@ -6735,7 +6735,7 @@
 CVE-2013-3196 (The NT Virtual DOS Machine (NTVDM) subsystem in the kernel in ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2013-3195 (The DSA_InsertItem function in Comctl32.dll in the Windows common ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Windows
 CVE-2013-3194 (Microsoft Internet Explorer 9 allows remote attackers to execute ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2013-3193 (Microsoft Internet Explorer 9 and 10 allows remote attackers to ...)
@@ -6869,7 +6869,7 @@
 CVE-2013-3129 (Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, and 4.5; Silverlight ...)
 	NOT-FOR-US: Microsoft
 CVE-2013-3128 (The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Windows
 CVE-2013-3127 (The Microsoft WMV video codec in wmv9vcm.dll, wmvdmod.dll in Windows ...)
 	NOT-FOR-US: Microsoft
 CVE-2013-3126 (Microsoft Internet Explorer 9 and 10, when script debugging is ...)
@@ -7202,7 +7202,7 @@
 CVE-2013-2965
 	RESERVED
 CVE-2013-2964 (Buffer overflow in dsmtca in IBM Tivoli Storage Manager (TSM) through ...)
-	TODO: check
+	NOT-FOR-US: IBM Tivoli Storage Manager
 CVE-2013-2963
 	RESERVED
 CVE-2013-2962
@@ -7649,7 +7649,7 @@
 CVE-2013-2809
 	RESERVED
 CVE-2013-2808 (Heap-based buffer overflow in Xper in Philips Xper Information ...)
-	TODO: check
+	NOT-FOR-US: Xper
 CVE-2013-2807
 	RESERVED
 CVE-2013-2806
@@ -13821,7 +13821,7 @@
 	NOTE: http://googleonlinesecurity.blogspot.in/2013/01/enhancing-digital-certificate-security.html
 	NOTE: https://blog.mozilla.org/security/2013/01/03/revoking-trust-in-two-turktrust-certficates/
 CVE-2013-0742 (Stack-based buffer overflow in Corel PDF Fusion 1.11 allows remote ...)
-	TODO: check
+	NOT-FOR-US: Corel PDF Fusion
 CVE-2013-0741
 	RESERVED
 CVE-2013-0740
@@ -14297,13 +14297,13 @@
 CVE-2013-0581 (Multiple cross-site scripting (XSS) vulnerabilities in IBM Business ...)
 	NOT-FOR-US: IBM
 CVE-2013-0580 (Cross-site request forgery (CSRF) vulnerability in the Optim ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2013-0579 (The Optim E-Business Console in IBM Data Growth Solution for Oracle ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2013-0578 (The Sterling Order Management APIs in IBM Sterling Multi-Channel ...)
 	NOT-FOR-US: IBM
 CVE-2013-0577 (The Optim E-Business Console in IBM Data Growth Solution for Oracle ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2013-0576 (Cross-site scripting (XSS) vulnerability in the Tivoli Enterprise ...)
 	NOT-FOR-US: IBM Tivoli Monitoring
 CVE-2013-0575
@@ -22095,7 +22095,7 @@
 	- munin 2.0.5-1 (bug #682869)
 	[squeeze] - munin <no-dsa> (Minor issue)
 CVE-2012-4141 (Directory traversal vulnerability in the CLI parser in Cisco NX-OS ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2012-4140
 	RESERVED
 CVE-2012-4139
@@ -22133,7 +22133,7 @@
 CVE-2012-4123
 	RESERVED
 CVE-2012-4122 (The CLI parser in Cisco NX-OS allows local users to bypass intended ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2012-4121
 	RESERVED
 CVE-2012-4120
@@ -22181,7 +22181,7 @@
 CVE-2012-4099
 	RESERVED
 CVE-2012-4098 (The BGP implementation in Cisco NX-OS does not properly filter AS ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2012-4097
 	RESERVED
 CVE-2012-4096 (The local file editor in the Baseboard Management Controller (BMC) in ...)
@@ -22195,9 +22195,9 @@
 CVE-2012-4092 (The management interface in the Central Software component in Cisco ...)
 	NOT-FOR-US: Cisco Unified Computing System
 CVE-2012-4091 (The RIP service engine in Cisco NX-OS allows remote attackers to cause ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2012-4090 (The management interface in Cisco NX-OS on Nexus 7000 devices allows ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2012-4089 (MCTOOLS in the fabric interconnect in Cisco Unified Computing System ...)
 	NOT-FOR-US: Cisco Unified Computing System
 CVE-2012-4088 (The FTP server in Cisco Unified Computing System (UCS) has a hardcoded ...)
@@ -22209,7 +22209,7 @@
 CVE-2012-4085 (The Intelligent Platform Management Interface (IPMI) implementation in ...)
 	NOT-FOR-US: Cisco Unified Computing System
 CVE-2012-4084 (Cross-site request forgery (CSRF) vulnerability in the web-management ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2012-4083 (Multiple buffer overflows in the administrative web interface in Cisco ...)
 	NOT-FOR-US: Cisco Unified Computing System
 CVE-2012-4082 (MCTools in the Cisco Management Controller in Cisco Unified Computing ...)
@@ -22227,7 +22227,7 @@
 CVE-2012-4076
 	RESERVED
 CVE-2012-4075 (Cisco NX-OS allows local users to gain privileges and execute ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2012-4074 (The Board Management Controller (BMC) in the Serial over LAN (SoL) ...)
 	NOT-FOR-US: Cisco Unified Computing System
 CVE-2012-4073 (The KVM subsystem in the client in Cisco Unified Computing System ...)




More information about the Secure-testing-commits mailing list