[Secure-testing-commits] r24233 - data/CVE

Salvatore Bonaccorso carnil at alioth.debian.org
Wed Oct 30 20:46:48 UTC 2013 

Author: carnil
Date: 2013-10-30 20:46:48 +0000 (Wed, 30 Oct 2013)
New Revision: 24233

Modified:
   data/CVE/list
Log:
Add NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-10-30 20:32:31 UTC (rev 24232)
+++ data/CVE/list	2013-10-30 20:46:48 UTC (rev 24233)
@@ -3,7 +3,7 @@
 CVE-2013-6286
 	RESERVED
 CVE-2013-6284 (Unspecified vulnerability in the Statutory Reporting for Insurance ...)
-	TODO: check
+	NOT-FOR-US: Financial Services module for SAP ERP Central Component
 CVE-2013-6283 (VideoLAN VLC Media Player 2.0.8 and earlier allows remote attackers to ...)
 	- vlc <unfixed>
 	TODO: check
@@ -80,9 +80,9 @@
 CVE-2013-6246 (The Dell Quest One Password Manager, possibly 5.0, allows remote ...)
 	TODO: check
 CVE-2013-6245 (Unspecified vulnerability in SAP Sybase Adaptive Server Enterprise ...)
-	TODO: check
+	NOT-FOR-US: SAP Sybase Adaptive Server Enterprise
 CVE-2013-6244 (The Live Update webdynpro application ...)
-	TODO: check
+	NOT-FOR-US: SAP NetWeaver
 CVE-2013-6289 (Cross-site scripting (XSS) vulnerability in the Apache Solr for TYPO3 ...)
 	NOT-FOR-US: TYPO3 extension Apache Solr
 CVE-2013-6288 (Unspecified vulnerability in the Apache Solr for TYPO3 (solr) ...)
@@ -323,9 +323,9 @@
 CVE-2013-6130
 	RESERVED
 CVE-2013-6128 (The KCHARTXYLib.KChartXY ActiveX control in KChartXY.ocx before ...)
-	TODO: check
+	NOT-FOR-US: WellinTech KingView
 CVE-2013-6127 (The SUPERGRIDLib.SuperGrid ActiveX control in SuperGrid.ocx before ...)
-	TODO: check
+	NOT-FOR-US: WellinTech KingView
 CVE-2013-6126
 	RESERVED
 CVE-2013-6125
@@ -567,7 +567,7 @@
 CVE-2013-6017
 	RESERVED
 CVE-2013-6016 (The Traffic Management Microkernel (TMM) in F5 BIG-IP LTM, APM, ASM, ...)
-	TODO: check
+	NOT-FOR-US: F5
 CVE-2013-6015 (Juniper Junos before 10.4S14, 11.4 before 11.4R5-S2, 12.1R before ...)
 	NOT-FOR-US: Juniper Junos
 CVE-2013-6014 (Juniper Junos 10.4 before 10.4S15, 11.4 before 11.4R9, 11.4X27 before ...)
@@ -1787,9 +1787,9 @@
 CVE-2013-5538 (The Sponsor Portal in Cisco Identity Services Engine (ISE) uses weak ...)
 	NOT-FOR-US: Cisco Identity Services Engine
 CVE-2013-5537 (The web framework on Cisco Web Security Appliance (WSA), Email ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2013-5536 (Cisco Secure Access Control System (ACS) does not properly implement ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2013-5535 (The analytics page on Cisco Video Surveillance 4000 IP cameras has ...)
 	NOT-FOR-US: Cisco Video Surveillance 4000 IP cameras
 CVE-2013-5534 (Directory traversal vulnerability in the attachment service in the ...)
@@ -1799,7 +1799,7 @@
 CVE-2013-5532 (Buffer overflow in the web-application interface on Cisco 9900 IP ...)
 	NOT-FOR-US: Cisco
 CVE-2013-5531 (Cisco Identity Services Engine (ISE) 1.x before 1.1.1 allows remote ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2013-5530 (The web framework in Cisco Identity Services Engine (ISE) 1.0 and ...)
 	NOT-FOR-US: Cisco Identity Services Engine
 CVE-2013-5529 (The deployment module in the server in Cisco WebEx Meeting Center does ...)
@@ -1817,9 +1817,9 @@
 CVE-2013-5523 (The Sponsor Portal in Cisco Identity Services Engine (ISE) 1.2 and ...)
 	NOT-FOR-US: Cisco
 CVE-2013-5522 (Cisco IOS on Catalyst 3750X switches has default Service Module ...)
-	TODO: check
+	NOT-FOR-US: Cisco IOS
 CVE-2013-5521 (Cisco Identity Services Engine does not properly restrict the creation ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2013-5520
 	RESERVED
 CVE-2013-5519 (Cross-site scripting (XSS) vulnerability in the management interface ...)
@@ -2013,7 +2013,7 @@
 CVE-2013-5425
 	RESERVED
 CVE-2013-5424 (IBM Flex System Manager (FSM) 1.3.0 allows remote attackers to bypass ...)
-	TODO: check
+	NOT-FOR-US: IBM Flex System Manager
 CVE-2013-5423
 	RESERVED
 CVE-2013-5422
@@ -2482,67 +2482,67 @@
 CVE-2013-5193
 	RESERVED
 CVE-2013-5192 (The USB hub controller in Apple Mac OS X before 10.9 allows local ...)
-	TODO: check
+	NOT-FOR-US: Apple Mac OS X
 CVE-2013-5191 (The syslog implementation in Apple Mac OS X before 10.9 allows local ...)
-	TODO: check
+	NOT-FOR-US: Apple Mac OS X
 CVE-2013-5190 (Smart Card Services in Apple Mac OS X before 10.9 does not properly ...)
-	TODO: check
+	NOT-FOR-US: Apple Mac OS X
 CVE-2013-5189 (Apple Mac OS X before 10.9 does not preserve a certain administrative ...)
-	TODO: check
+	NOT-FOR-US: Apple Mac OS X
 CVE-2013-5188 (The Screen Lock implementation in Apple Mac OS X before 10.9, when ...)
-	TODO: check
+	NOT-FOR-US: Apple Mac OS X
 CVE-2013-5187 (The Screen Lock implementation in Apple Mac OS X before 10.9 does not ...)
-	TODO: check
+	NOT-FOR-US: Apple Mac OS X
 CVE-2013-5186 (Power Management in Apple Mac OS X before 10.9 does not properly ...)
-	TODO: check
+	NOT-FOR-US: Apple Mac OS X
 CVE-2013-5185 (The ldapsearch command-line program in OpenLDAP in Apple Mac OS X ...)
 	TODO: check
 CVE-2013-5184 (The kernel in Apple Mac OS X before 10.9 does not properly check for ...)
-	TODO: check
+	NOT-FOR-US: Apple Mac OS X
 CVE-2013-5183 (Mail in Apple Mac OS X before 10.9, when Kerberos authentication is ...)
-	TODO: check
+	NOT-FOR-US: Apple Mac OS X
 CVE-2013-5182 (Mail in Apple Mac OS X before 10.9 allows remote attackers to spoof ...)
-	TODO: check
+	NOT-FOR-US: Apple Mac OS X
 CVE-2013-5181 (The auto-configuration feature in Mail in Apple Mac OS X before 10.9 ...)
-	TODO: check
+	NOT-FOR-US: Apple Mac OS X
 CVE-2013-5180 (The srandomdev function in Libc in Apple Mac OS X before 10.9, when ...)
-	TODO: check
+	NOT-FOR-US: Apple Mac OS X
 CVE-2013-5179 (App Sandbox in Apple Mac OS X before 10.9 allows attackers to bypass ...)
-	TODO: check
+	NOT-FOR-US: Apple Mac OS X
 CVE-2013-5178 (LaunchServices in Apple Mac OS X before 10.9 does not properly ...)
-	TODO: check
+	NOT-FOR-US: Apple Mac OS X
 CVE-2013-5177 (The kernel in Apple Mac OS X before 10.9 allows local users to cause a ...)
-	TODO: check
+	NOT-FOR-US: Apple Mac OS X
 CVE-2013-5176 (The kernel in Apple Mac OS X before 10.9 does not properly handle ...)
-	TODO: check
+	NOT-FOR-US: Apple Mac OS X
 CVE-2013-5175 (The kernel in Apple Mac OS X before 10.9 allows local users to obtain ...)
-	TODO: check
+	NOT-FOR-US: Apple Mac OS X
 CVE-2013-5174 (Integer signedness error in the kernel in Apple Mac OS X before 10.9 ...)
-	TODO: check
+	NOT-FOR-US: Apple Mac OS X
 CVE-2013-5173 (The random-number generator in the kernel in Apple Mac OS X before ...)
-	TODO: check
+	NOT-FOR-US: Apple Mac OS X
 CVE-2013-5172 (The kernel in Apple Mac OS X before 10.9 does not properly determine ...)
-	TODO: check
+	NOT-FOR-US: Apple Mac OS X
 CVE-2013-5171 (CoreGraphics in Apple Mac OS X before 10.9 allows local users to ...)
-	TODO: check
+	NOT-FOR-US: Apple Mac OS X
 CVE-2013-5170 (Buffer underflow in CoreGraphics in Apple Mac OS X before 10.9 allows ...)
-	TODO: check
+	NOT-FOR-US: Apple Mac OS X
 CVE-2013-5169 (CoreGraphics in Apple Mac OS X before 10.9, when display-sleep mode is ...)
-	TODO: check
+	NOT-FOR-US: Apple Mac OS X
 CVE-2013-5168 (Console in Apple Mac OS X before 10.9 allows user-assisted remote ...)
-	TODO: check
+	NOT-FOR-US: Apple Mac OS X
 CVE-2013-5167 (CFNetwork in Apple Mac OS X before 10.9 does not properly support ...)
-	TODO: check
+	NOT-FOR-US: Apple Mac OS X
 CVE-2013-5166 (The Bluetooth USB host controller in Apple Mac OS X before 10.9 ...)
-	TODO: check
+	NOT-FOR-US: Apple Mac OS X
 CVE-2013-5165 (socketfilterfw in Application Firewall in Apple Mac OS X before 10.9 ...)
-	TODO: check
+	NOT-FOR-US: Apple Mac OS X
 CVE-2013-5164 (Multiple race conditions in the Phone app in Apple iOS before 7.0.3 ...)
-	TODO: check
+	NOT-FOR-US: Apple iOS
 CVE-2013-5163 (Directory Services in Apple Mac OS X before 10.8.5 Supplemental Update ...)
 	NOT-FOR-US: Apple OS X
 CVE-2013-5162 (Passcode Lock in Apple iOS before 7.0.3 on iPhone devices allows ...)
-	TODO: check
+	NOT-FOR-US: Apple iOS
 CVE-2013-5161 (Passcode Lock in Apple iOS before 7.0.2 does not properly manage the ...)
 	NOT-FOR-US: Apple iOS
 CVE-2013-5160 (Passcode Lock in Apple iOS before 7.0.2 on iPhone devices allows ...)
@@ -2570,7 +2570,7 @@
 CVE-2013-5149 (The Push Notifications subsystem in Apple iOS before 7 provides the ...)
 	NOT-FOR-US: Apple iOS
 CVE-2013-5148 (Apple Keynote before 6.0 does not properly handle the interaction ...)
-	TODO: check
+	NOT-FOR-US: Apple Keynote
 CVE-2013-5147 (Passcode Lock in Apple iOS before 7 does not properly manage the lock ...)
 	NOT-FOR-US: Apple iOS
 CVE-2013-5146
@@ -2578,9 +2578,9 @@
 CVE-2013-5145 (kextd in Kext Management in Apple iOS before 7 does not properly ...)
 	NOT-FOR-US: Apple iOS
 CVE-2013-5144 (Passcode Lock in Apple iOS before 7.0.3 on iPhone devices allows ...)
-	TODO: check
+	NOT-FOR-US: Apple iOS
 CVE-2013-5143 (The RADIUS service in Server App in Apple OS X Server before 3.0 ...)
-	TODO: check
+	NOT-FOR-US: Apple OS X Server
 CVE-2013-5142 (The kernel in Apple iOS before 7 does not initialize unspecified ...)
 	NOT-FOR-US: Apple iOS
 CVE-2013-5141 (The kernel in Apple iOS before 7 uses an incorrect data size for a ...)
@@ -2594,9 +2594,9 @@
 CVE-2013-5137 (IOKit in Apple iOS before 7 allows attackers to send user-interface ...)
 	NOT-FOR-US: Apple iOS
 CVE-2013-5136 (Apple Remote Desktop before 3.7 does not properly use server ...)
-	TODO: check
+	NOT-FOR-US: Apple Remote Desktop
 CVE-2013-5135 (Format string vulnerability in Screen Sharing Server in Apple Mac OS X ...)
-	TODO: check
+	NOT-FOR-US: Apple Mac OS X
 CVE-2013-5134
 	REJECTED
 CVE-2013-5133
@@ -3571,7 +3571,7 @@
 CVE-2013-4713
 	RESERVED
 CVE-2013-4712 (I-O DATA DEVICE HDL-A and HDL2-A devices with firmware 1.07 and ...)
-	TODO: check
+	NOT-FOR-US: I-O DATA DEVICE HDL-A and HDL2-A devices
 CVE-2013-4711 (Cross-site scripting (XSS) vulnerability in Accela BizSearch 3.2 on ...)
 	NOT-FOR-US: Accela Bizsearch, not in Debian
 CVE-2013-4710
@@ -5639,7 +5639,7 @@
 CVE-2013-3990 (Cross-site scripting (XSS) vulnerability in the MIME e-mail ...)
 	NOT-FOR-US: IBM
 CVE-2013-3989 (IBM Security AppScan Enterprise 8.x before 8.8 sends a cleartext ...)
-	TODO: check
+	NOT-FOR-US: IBM Security AppScan Enterprise
 CVE-2013-3988
 	RESERVED
 CVE-2013-3987
@@ -7307,7 +7307,7 @@
 	NOTE: http://secunia.com/blog/372/
 	NOTE: http://www.jbkempf.com/blog/post/2013/More-lies-from-Secunia
 CVE-2013-3244 (Multiple unspecified vulnerabilities in the CJDB_FILL_MEMORY_FROM_PPB ...)
-	TODO: check
+	NOT-FOR-US: SAP ERP Central Component
 CVE-2013-3243 (Unspecified vulnerability in OpenText/IXOS ECM for SAP NetWeaver ...)
 	NOT-FOR-US: SAP NetWeaver
 CVE-2013-3242 (plugins/system/remember/remember.php in Joomla! 2.5.x before 2.5.10 ...)

More information about the Secure-testing-commits mailing list