[Secure-testing-commits] r23527 - data/CVE

Henri Salo fgeek-guest at alioth.debian.org
Tue Sep 3 07:25:24 UTC 2013 

Author: fgeek-guest
Date: 2013-09-03 07:25:23 +0000 (Tue, 03 Sep 2013)
New Revision: 23527

Modified:
   data/CVE/list
Log:
NFU

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-09-03 07:17:40 UTC (rev 23526)
+++ data/CVE/list	2013-09-03 07:25:23 UTC (rev 23527)
@@ -733,17 +733,17 @@
 CVE-2013-5318 (SQL injection vulnerability in Ginkgo CMS 5.0 allows remote attackers ...)
 	TODO: check
 CVE-2013-5317 (Cross-site scripting (XSS) vulnerability in RiteCMS 1.0.0 allows ...)
-	TODO: check
+	NOT-FOR-US: RiteCMS
 CVE-2013-5316 (Cross-site request forgery (CSRF) vulnerability in RiteCMS 1.0.0 ...)
-	TODO: check
+	NOT-FOR-US: RiteCMS
 CVE-2012-6582 (Cross-site scripting (XSS) vulnerability in the Spambot module 6.x-3.x ...)
 	TODO: check
 CVE-2013-5313 (Cross-site request forgery (CSRF) vulnerability in ...)
-	TODO: check
+	NOT-FOR-US: BigTree CMS
 CVE-2013-5312 (Multiple cross-site scripting (XSS) vulnerabilities in Vastal I-Tech ...)
-	TODO: check
+	NOT-FOR-US: Vastal I-Tech phpVID
 CVE-2013-5311 (Multiple SQL injection vulnerabilities in Vastal I-Tech phpVID 1.2.3 ...)
-	TODO: check
+	NOT-FOR-US: Vastal I-Tech phpVID
 CVE-2013-5315 (Cross-site scripting (XSS) vulnerability in the Resource Manager in ...)
 	NOT-FOR-US: Drupal module
 CVE-2013-5314 (Cross-site scripting (XSS) vulnerability in ...)
@@ -4763,9 +4763,10 @@
 	RESERVED
 CVE-2013-3588
 	RESERVED
-CVE-2013-3587
+CVE-2013-3587 [BREACH attack against HTTP compression]
 	RESERVED
 	TODO: check
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=995168
 CVE-2013-3586 (Samsung Web Viewer for Samsung DVR devices allows remote attackers to ...)
 	NOT-FOR-US: Samsung DVR devices
 CVE-2013-3585 (Samsung Web Viewer for Samsung DVR devices stores credentials in ...)
@@ -5038,7 +5039,7 @@
 CVE-2013-3468 (The Cisco Unified IP Phone 8945 with software 9.3(2) allows remote ...)
 	NOT-FOR-US: Cisco
 CVE-2013-3467 (Memory leak in the CLI component on Cisco Unified Computing System ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2013-3466 (The EAP-FAST authentication module in Cisco Secure Access Control ...)
 	NOT-FOR-US: Cisco
 CVE-2013-3465
@@ -5046,7 +5047,7 @@
 CVE-2013-3464 (Cisco IOS XR allows local users to cause a denial of service (Silicon ...)
 	NOT-FOR-US: Cisco IOS XR
 CVE-2013-3463 (The protocol-inspection feature on Cisco Adaptive Security Appliances ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2013-3462 (Buffer overflow in Cisco Unified Communications Manager (Unified CM) ...)
 	NOT-FOR-US: Cisco
 CVE-2013-3461 (Cisco Unified Communications Manager (Unified CM) 8.5(x) and 8.6(x) ...)
@@ -6082,7 +6083,7 @@
 CVE-2013-2989 (The file-copying functionality in IBM Sterling Connect:Direct 3.8.00, ...)
 	NOT-FOR-US: IBM
 CVE-2013-2988 (Absolute path traversal vulnerability in the server in IBM Cognos ...)
-	TODO: check
+	NOT-FOR-US: IBM Cognos
 CVE-2013-2987 (IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 ...)
 	NOT-FOR-US: IBM
 CVE-2013-2986
@@ -6102,7 +6103,7 @@
 CVE-2013-2979 (Directory traversal vulnerability in IBM Optim Performance Manager ...)
 	NOT-FOR-US: IBM
 CVE-2013-2978 (Absolute path traversal vulnerability in the server in IBM Cognos ...)
-	TODO: check
+	NOT-FOR-US: IBM Cognos
 CVE-2013-2977 (Integer overflow in IBM Notes 8.5.x before 8.5.3 FP4 Interim Fix 1 and ...)
 	NOT-FOR-US: IBM Notes
 CVE-2013-2976 (The Administrative console in IBM WebSphere Application Server (WAS) ...)
@@ -13100,11 +13101,11 @@
 CVE-2013-0598
 	RESERVED
 CVE-2013-0597 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Application ...)
-	TODO: check
+	NOT-FOR-US: IBM WebSphere Application Server
 CVE-2013-0596
 	RESERVED
 CVE-2013-0595 (Multiple cross-site scripting (XSS) vulnerabilities in iNotes 8.5.x in ...)
-	TODO: check
+	NOT-FOR-US: IBM Lotus Domino
 CVE-2013-0594
 	RESERVED
 CVE-2013-0593 (Unspecified vulnerability in the olch2x32 ActiveX control in IBM SPSS ...)
@@ -13112,9 +13113,9 @@
 CVE-2013-0592
 	RESERVED
 CVE-2013-0591 (Cross-site scripting (XSS) vulnerability in iNotes 8.5.x in IBM Lotus ...)
-	TODO: check
+	NOT-FOR-US: IBM Lotus Domino
 CVE-2013-0590 (Cross-site scripting (XSS) vulnerability in iNotes 8.5.x in IBM Lotus ...)
-	TODO: check
+	NOT-FOR-US: IBM Lotus Domino
 CVE-2013-0589
 	RESERVED
 CVE-2013-0588
@@ -13122,7 +13123,7 @@
 CVE-2013-0587 (Multiple cross-site scripting (XSS) vulnerabilities in IBM WebSphere ...)
 	NOT-FOR-US: IBM InfoSphere
 CVE-2013-0586 (Cross-site scripting (XSS) vulnerability in the server in IBM Cognos ...)
-	TODO: check
+	NOT-FOR-US: IBM Cognos
 CVE-2013-0585 (Multiple cross-site scripting (XSS) vulnerabilities in IBM InfoSphere ...)
 	NOT-FOR-US: IBM InfoSphere
 CVE-2013-0584 (The Data Replication Dashboard component in IBM InfoSphere Replication ...)

More information about the Secure-testing-commits mailing list