[Secure-testing-commits] r26408 - data/CVE

Wed Apr 2 05:07:51 UTC 2014

Author: carnil
Date: 2014-04-02 05:07:50 +0000 (Wed, 02 Apr 2014)
New Revision: 26408

Modified:
   data/CVE/list
Log:
Add NFUs

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2014-04-02 05:01:43 UTC (rev 26407)
+++ data/CVE/list	2014-04-02 05:07:50 UTC (rev 26408)
@@ -3607,13 +3607,13 @@
 CVE-2014-1304
 	RESERVED
 CVE-2014-1303 (Heap-based buffer overflow in Apple Safari 7.0.2 allows remote ...)
-	TODO: check
+	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2014-1302
 	RESERVED
 CVE-2014-1301
 	RESERVED
 CVE-2014-1300 (Unspecified vulnerability in Apple Safari 7.0.2 on OS X allows remote ...)
-	TODO: check
+	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2014-1299
 	RESERVED
 CVE-2014-1298
@@ -5112,9 +5112,9 @@
 CVE-2014-0513
 	RESERVED
 CVE-2014-0512 (Adobe Reader 11.0.06 allows attackers to bypass a PDF sandbox ...)
-	TODO: check
+	NOT-FOR-US: Adobe Reader
 CVE-2014-0511 (Heap-based buffer overflow in Adobe Reader 11.0.06 allows remote ...)
-	TODO: check
+	NOT-FOR-US: Adobe Reader
 CVE-2014-0510 (Heap-based buffer overflow in Adobe Flash Player 12.0.0.77 allows ...)
 	NOT-FOR-US: Flash plugin
 CVE-2014-0509
@@ -5124,7 +5124,7 @@
 CVE-2014-0507
 	RESERVED
 CVE-2014-0506 (Use-after-free vulnerability in Adobe Flash Player 12.0.0.77 on ...)
-	TODO: check
+	NOT-FOR-US: Adobe Flash Player
 CVE-2014-0505 (Adobe Shockwave Player before 12.1.0.150 allows remote attackers to ...)
 	NOT-FOR-US: Adobe Shockwave Player
 CVE-2014-0504 (Adobe Flash Player before 11.7.700.272 and 11.8.x through 12.0.x ...)
@@ -6014,9 +6014,9 @@
 CVE-2014-0345
 	RESERVED
 CVE-2014-0344 (Properties.do in ZOHO ManageEngine OpStor before build 8500 does not ...)
-	TODO: check
+	NOT-FOR-US: ZOHO ManageEngine OpStor
 CVE-2014-0343 (The web interface on Virtual Access GW6110A routers with software 9.00 ...)
-	TODO: check
+	NOT-FOR-US: GW6110A routers
 CVE-2014-0342
 	RESERVED
 CVE-2014-0341
@@ -16134,7 +16134,7 @@
 CVE-2013-3482 (Stack-based buffer overflow in the rf_report_error function in ...)
 	NOT-FOR-US: ERADAS ER Viewer
 CVE-2013-3481 (Stack-based buffer overflow in Artweaver Plus and Free before 3.1.5 ...)
-	TODO: check
+	NOT-FOR-US: Artweaver
 CVE-2013-3480 (Integer overflow in Sagelight 4.4 and earlier allows remote attackers ...)
 	NOT-FOR-US: Sagelight
 CVE-2013-3479 (Cross-site request forgery (CSRF) vulnerability in the ShareThis ...)
@@ -21565,9 +21565,9 @@
 CVE-2013-1606 (Buffer overflow in the ubnt-streamer RTSP service on the Ubiquiti UBNT ...)
 	NOT-FOR-US: Ubiquiti UBNT AirCam
 CVE-2013-1605 (Buffer overflow in MayGion IP Cameras with firmware before 2013.04.22 ...)
-	TODO: check
+	NOT-FOR-US: MayGion IP Cameras
 CVE-2013-1604 (Directory traversal vulnerability in MayGion IP Cameras with firmware ...)
-	TODO: check
+	NOT-FOR-US: MayGion IP Cameras
 CVE-2013-1603
 	RESERVED
 CVE-2013-1602
@@ -23628,7 +23628,7 @@
 CVE-2013-0808
 	RESERVED
 CVE-2013-0807 (Cross-site scripting (XSS) vulnerability in the NewSectionPrompt ...)
-	TODO: check
+	NOT-FOR-US: gpEasy CMS
 CVE-2013-0806
 	RESERVED
 CVE-2013-0805 (Multiple cross-site scripting (XSS) vulnerabilities in the search ...)
@@ -24002,11 +24002,11 @@
 CVE-2013-0735
 	RESERVED
 CVE-2013-0734 (Multiple cross-site scripting (XSS) vulnerabilities in the Mingle ...)
-	TODO: check
+	NOT-FOR-US: Mingle Forum Wordpress plugin
 CVE-2013-0733
 	RESERVED
 CVE-2013-0732 (Heap-based buffer overflow in PDFCore8.dll in Nuance PDF Reader before ...)
-	TODO: check
+	NOT-FOR-US: Nuance PDF Reader
 CVE-2013-0731 (ajax.functions.php in the MailUp plugin before 1.3.3 for WordPress ...)
 	NOT-FOR-US: MailUp plugin for Wordpress
 CVE-2013-0730 (Multiple cross-site scripting (XSS) vulnerabilities in Newscoop 4.x ...)
@@ -24282,7 +24282,7 @@
 CVE-2013-0663 (Cross-site request forgery (CSRF) vulnerability on the Schneider ...)
 	NOT-FOR-US:  Schneider Electric Quantum modules
 CVE-2013-0662 (Multiple stack-based buffer overflows in ModbusDrv.exe in Schneider ...)
-	TODO: check
+	NOT-FOR-US: Schneider Electric
 CVE-2013-0661
 	RESERVED
 CVE-2013-0660


