[Secure-testing-commits] r26453 - data/CVE

Henri Salo fgeek-guest at moszumanska.debian.org
Mon Apr 7 15:19:57 UTC 2014 

Author: fgeek-guest
Date: 2014-04-07 15:19:57 +0000 (Mon, 07 Apr 2014)
New Revision: 26453

Modified:
   data/CVE/list
Log:
NFU

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-04-07 11:55:31 UTC (rev 26452)
+++ data/CVE/list	2014-04-07 15:19:57 UTC (rev 26453)
@@ -74,13 +74,13 @@
 CVE-2014-2687
 	RESERVED
 CVE-2013-7352 (Cross-site request forgery (CSRF) vulnerability in blogs/admin.php in ...)
-	TODO: check
+	NOT-FOR-US: b2evolution
 CVE-2013-7350 (Multiple unspecified vulnerabilities in Check Point Security Gateway ...)
-	TODO: check
+	NOT-FOR-US: Check Point Security Gateway
 CVE-2013-7349 (Multiple SQL injection vulnerabilities in Gnew 2013.1 allow remote ...)
-	TODO: check
+	NOT-FOR-US: Gnew
 CVE-2009-5141 (Format string vulnerability in War FTP Daemon (warftpd) 1.82 RC 12 ...)
-	TODO: check
+	NOT-FOR-US: War FTP Daemon
 CVE-2014-5880
 	REJECTED
 CVE-2014-2709
@@ -367,7 +367,7 @@
 CVE-2014-2579
 	RESERVED
 CVE-2014-2578 (Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk ...)
-	TODO: check
+	NOT-FOR-US: Splunk Web
 CVE-2014-2577
 	RESERVED
 CVE-2014-2575
@@ -938,7 +938,7 @@
 CVE-2014-2341
 	RESERVED
 CVE-2014-2340 (Cross-site request forgery (CSRF) vulnerability in the XCloner plugin ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin xcloner-backup-and-restore
 CVE-2014-2339 (Multiple SQL injection vulnerabilities in bbs/ajax.autosave.php in ...)
 	NOT-FOR-US: GnuBoard
 CVE-2014-2338
@@ -1394,7 +1394,7 @@
 CVE-2014-2139
 	RESERVED
 CVE-2014-2138 (CRLF injection vulnerability in the web framework in Cisco Security ...)
-	TODO: check
+	NOT-FOR-US: Cisco Security Manager
 CVE-2014-2137 (CRLF injection vulnerability in the web framework in Cisco Web ...)
 	NOT-FOR-US: Cisco Web Security Appliance
 CVE-2014-2136
@@ -1744,7 +1744,7 @@
 CVE-2014-2035 (Cross-site scripting (XSS) vulnerability in xhr.php in InterWorx Web ...)
 	NOT-FOR-US: InterWorx Web Control Panel
 CVE-2014-2034 (Unspecified vulnerability in Sonatype Nexus OSS and Pro 2.4.0 through ...)
-	TODO: check
+	NOT-FOR-US: Sonatype Nexus OSS
 CVE-2014-2033 (The caching feature in SGOS in Blue Coat ProxySG 5.5 through 5.5.11.3, ...)
 	NOT-FOR-US: Blue Coat ProxySG
 CVE-2014-2028
@@ -1901,7 +1901,7 @@
 CVE-2014-1944 (Cross-site scripting (XSS) vulnerability in Ilch CMS 2.0 and earlier ...)
 	NOT-FOR-US: Ilch CMS
 CVE-2014-1942 (Cross-site scripting (XSS) vulnerability in aal/loginverification.aspx ...)
-	TODO: check
+	NOT-FOR-US: Pearson eSIS Enterprise Student Information System
 CVE-2014-1941
 	RESERVED
 CVE-2014-1940
@@ -4205,7 +4205,7 @@
 CVE-2014-0902
 	RESERVED
 CVE-2014-0901 (Cross-site scripting (XSS) vulnerability in the Social Rendering ...)
-	TODO: check
+	NOT-FOR-US: IBM WebSphere Portal
 CVE-2014-0900
 	RESERVED
 CVE-2014-0899 (ftpd in IBM AIX 7.1.1 before SP10 and 7.1.2 before SP5, when a ...)
@@ -4351,7 +4351,7 @@
 CVE-2014-0829 (Multiple buffer overflows in IBM Rational ClearCase 7.x before ...)
 	NOT-FOR-US: IBM Rational ClearCase
 CVE-2014-0828 (Cross-site scripting (XSS) vulnerability in the WCM (Web Content ...)
-	TODO: check
+	NOT-FOR-US: IBM WebSphere Portal
 CVE-2014-0827
 	RESERVED
 CVE-2014-0826
@@ -11345,7 +11345,7 @@
 CVE-2013-5366
 	RESERVED
 CVE-2013-5365 (Heap-based buffer overflow in Autodesk SketchBook for Enterprise 2014, ...)
-	TODO: check
+	NOT-FOR-US: Autodesk SketchBook
 CVE-2013-5364 (Secunia CSI Agent 6.0.0.15017 and earlier, 6.0.1.1007 and earlier, and ...)
 	NOT-FOR-US: Secunia CSI Agent
 CVE-2013-5363
@@ -15135,7 +15135,7 @@
 CVE-2013-3977
 	RESERVED
 CVE-2013-3976 (The (1) Data Protection for Exchange component 6.1 before 6.1.3.4 and ...)
-	TODO: check
+	NOT-FOR-US: IBM Tivoli
 CVE-2013-3975
 	RESERVED
 CVE-2013-3974
@@ -16015,7 +16015,7 @@
 CVE-2013-3589 (Cross-site scripting (XSS) vulnerability in the login page in the ...)
 	NOT-FOR-US: Dell iDRAC6
 CVE-2013-3588 (The web management interface on Zyxel P660 devices allows remote ...)
-	TODO: check
+	NOT-FOR-US: Zyxel
 CVE-2013-3587 [BREACH attack against HTTP compression]
 	RESERVED
 	TODO: check
@@ -16260,7 +16260,7 @@
 CVE-2013-3485 (Multiple untrusted search path vulnerabilities in Soda PDF ...)
 	NOT-FOR-US: Soda PDF
 CVE-2013-3484 (Multiple cross-site scripting (XSS) vulnerabilities in dotCMS before ...)
-	TODO: check
+	NOT-FOR-US: dotCMS
 CVE-2013-3483 (Stack-based buffer overflow in ermapper_u.dll in Intergraph ERDAS ER ...)
 	NOT-FOR-US: ERADAS ER Viewer
 CVE-2013-3482 (Stack-based buffer overflow in the rf_report_error function in ...)
@@ -16871,7 +16871,7 @@
 CVE-2013-3214
 	RESERVED
 CVE-2013-3213 (Multiple SQL injection vulnerabilities in vTiger CRM 5.0.0 through ...)
-	TODO: check
+	NOT-FOR-US: vTiger CRM
 CVE-2013-3212
 	RESERVED
 CVE-2012-6551 (The default configuration of Apache ActiveMQ before 5.8.0 enables a ...)
@@ -17415,7 +17415,7 @@
 CVE-2013-2946
 	RESERVED
 CVE-2013-2945 (SQL injection vulnerability in blogs/admin.php in b2evolution before ...)
-	TODO: check
+	NOT-FOR-US: b2evolution
 CVE-2013-2944 (strongSwan 4.3.5 through 5.0.3, when using the OpenSSL plugin for ...)
 	{DSA-2665-1}
 	- strongswan 4.6.4-7
@@ -19261,7 +19261,7 @@
 CVE-2013-2279 (CA SiteMinder Federation (FSS) 12.5, 12.0, and r6; Federation ...)
 	NOT-FOR-US: CA SiteMinder
 CVE-2013-2278 (Unspecified vulnerability in War FTP Daemon (warftpd) 1.82, when ...)
-	TODO: check
+	NOT-FOR-US: War FTP Daemon
 CVE-2013-2277 (The ff_h264_decode_seq_parameter_set function in h264_ps.c in ...)
 	- ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav 6:0.8.6-1 (bug #703200)
@@ -24133,7 +24133,7 @@
 CVE-2013-0736 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
 	NOT-FOR-US: mingle forum plugin for wp
 CVE-2013-0735 (Multiple SQL injection vulnerabilities in wpf.class.php in the Mingle ...)
-	TODO: check
+	NOT-FOR-US: Mingle Forum Wordpress plugin
 CVE-2013-0734 (Multiple cross-site scripting (XSS) vulnerabilities in the Mingle ...)
 	NOT-FOR-US: Mingle Forum Wordpress plugin
 CVE-2013-0733
@@ -24145,7 +24145,7 @@
 CVE-2013-0730 (Multiple cross-site scripting (XSS) vulnerabilities in Newscoop 4.x ...)
 	NOT-FOR-US: Newscoop
 CVE-2013-0729 (Heap-based buffer overflow in Tracker Software PDF-XChange before ...)
-	TODO: check
+	NOT-FOR-US: Tracker Software PDF-XChange
 CVE-2013-0728 (Multiple stack-based buffer overflows in NCSAddOn.dll in the ERDAS ...)
 	NOT-FOR-US: ERDAS ECWP Browser Plugin
 CVE-2013-0727 (Multiple untrusted search path vulnerabilities in Global Mapper 14.1.0 ...)

More information about the Secure-testing-commits mailing list