[Secure-testing-commits] r23773 - data/CVE

Nico Golde nion at alioth.debian.org
Tue Sep 24 23:21:16 UTC 2013 

Author: nion
Date: 2013-09-24 23:21:16 +0000 (Tue, 24 Sep 2013)
New Revision: 23773

Modified:
   data/CVE/list
Log:
- NFUs
- bug filed for vino
- CVE-2013-5903 fixed in graphite-web 0.9.12+debian-1


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-09-24 21:15:11 UTC (rev 23772)
+++ data/CVE/list	2013-09-24 23:21:16 UTC (rev 23773)
@@ -1,9 +1,9 @@
 CVE-2013-5932 (Unspecified vulnerability in WebAdmin in Sophos UTM (aka Astaro ...)
-	TODO: check
+	NOT-FOR-US: Sophos UTM
 CVE-2013-5931 (SQL injection vulnerability in property_listings_detail.php in Real ...)
-	TODO: check
+	NOT-FOR-US: Real Estate PHP Script
 CVE-2013-5930 (Cross-site scripting (XSS) vulnerability in search_residential.php in ...)
-	TODO: check
+	NOT-FOR-US: Real Estate PHP Script
 CVE-2013-5929
 	RESERVED
 CVE-2013-5928
@@ -27,9 +27,9 @@
 CVE-2013-5919
 	RESERVED
 CVE-2013-5918 (Cross-site scripting (XSS) vulnerability in platinum_seo_pack.php in ...)
-	TODO: check
+	NOT-FOR-US: Platinum SEO plugin for WordPress
 CVE-2013-5917 (SQL injection vulnerability in wp-comments-post.php in the NOSpam PTI ...)
-	TODO: check
+	NOT-FOR-US: NOSpam PTIa plugin for Wordpress
 CVE-2013-5916
 	RESERVED
 CVE-2013-5915
@@ -41,7 +41,7 @@
 CVE-2013-5912
 	RESERVED
 CVE-2013-5911 (Cross-site scripting (XSS) vulnerability in devform.php in Tenable ...)
-	TODO: check
+	NOT-FOR-US: Tenable SecurityCenter
 CVE-2013-5910
 	RESERVED
 CVE-2013-5909
@@ -57,7 +57,7 @@
 CVE-2013-5904
 	RESERVED
 CVE-2013-5903 (Cross-site scripting (XSS) vulnerability in Graphite before 0.9.11 ...)
-	TODO: check
+	- graphite-web 0.9.12+debian-1 (low)
 CVE-2013-5902
 	RESERVED
 CVE-2013-5901
@@ -355,7 +355,7 @@
 CVE-2013-5755
 	RESERVED
 CVE-2013-5754 (The authorization implementation on Dahua DVR appliances accepts a ...)
-	TODO: check
+	NOT-FOR-US: Dahua DVR
 CVE-2013-5753
 	RESERVED
 CVE-2013-5752
@@ -384,7 +384,7 @@
 	- poppler 0.16.3-1 (bug #722705)
 CVE-2013-5745 [Persistent DoS Vulnerability in Vino VNC Server]
 	RESERVED
-	- vino <unfixed>
+	- vino <unfixed> (low; bug #724545)
 	NOTE: http://seclists.org/fulldisclosure/2013/Sep/105
 	TODO: check
 CVE-2013-5740 (Unspecified vulnerability in the Intel Trusted Execution Technology ...)
@@ -628,7 +628,7 @@
 CVE-2013-5652
 	RESERVED
 CVE-2013-5650 (Junos Pulse Secure Access Service (IVE) 7.1 before 7.1r5, 7.2 before ...)
-	TODO: check
+	NOT-FOR-US: Junos Pulse Secure Access Service
 CVE-2013-5649 (Multiple cross-site scripting (XSS) vulnerabilities in Juniper Junos ...)
 	NOT-FOR-US: Juniper
 CVE-2013-5655
@@ -981,7 +981,7 @@
 CVE-2013-5503
 	RESERVED
 CVE-2013-5502 (The web interface in Cisco MediaSense does not properly protect the ...)
-	TODO: check
+	NOT-FOR-US: Cisco MediaSense
 CVE-2013-5501 (Cross-site scripting (XSS) vulnerability in the oraservice page in ...)
 	NOT-FOR-US: Cisco MediaSense
 CVE-2013-5500 (Multiple cross-site scripting (XSS) vulnerabilities in the oraadmin ...)
@@ -1005,15 +1005,15 @@
 CVE-2013-5491
 	RESERVED
 CVE-2013-5490 (Cisco Prime Data Center Network Manager (DCNM) before 6.2(1) allows ...)
-	TODO: check
+	NOT-FOR-US: Cisco Prime Data Center Network Manager
 CVE-2013-5489 (The gadget implementation in Cisco SocialMiner does not properly ...)
 	NOT-FOR-US: Cisco
 CVE-2013-5488 (Cisco Common Services, as used in Cisco Prime LAN Management Solution ...)
 	NOT-FOR-US: Cisco
 CVE-2013-5487 (DCNM-SAN Server in Cisco Prime Data Center Network Manager (DCNM) ...)
-	TODO: check
+	NOT-FOR-US: Cisco Prime Data Center Network Manager
 CVE-2013-5486 (DCNM-SAN Server in Cisco Prime Data Center Network Manager (DCNM) ...)
-	TODO: check
+	NOT-FOR-US: Cisco Prime Data Center Network Manager
 CVE-2013-5485
 	RESERVED
 CVE-2013-5484
@@ -1545,7 +1545,7 @@
 CVE-2013-5222
 	RESERVED
 CVE-2013-5221 (The mobile-upload feature in Esri ArcGIS for Server 10.1 through 10.2 ...)
-	TODO: check
+	NOT-FOR-US: Esri ArcGIS
 CVE-2013-5220
 	RESERVED
 CVE-2013-5219
@@ -2426,7 +2426,7 @@
 CVE-2013-4822
 	RESERVED
 CVE-2013-4821 (Unspecified vulnerability in HP System Management Homepage (SMH) ...)
-	TODO: check
+	NOT-FOR-US: HP System Management Homepage
 CVE-2013-4820 (Unspecified vulnerability in HP IceWall SSO 8.0 through 10.0, IceWall ...)
 	NOT-FOR-US: HP
 CVE-2013-4819 (Unspecified vulnerability in HP IceWall SSO Agent Option 8.0 through ...)

More information about the Secure-testing-commits mailing list