[Secure-testing-commits] r26633 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sun Apr 20 20:33:49 UTC 2014
Author: carnil
Date: 2014-04-20 20:33:49 +0000 (Sun, 20 Apr 2014)
New Revision: 26633
Modified:
data/CVE/list
Log:
Add round of NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-04-20 20:03:25 UTC (rev 26632)
+++ data/CVE/list 2014-04-20 20:33:49 UTC (rev 26633)
@@ -87,11 +87,11 @@
{DSA-2899-1}
- openafs 1.6.7-1
CVE-2014-2850 (The network interface configuration page (netinterface) in Sophos Web ...)
- TODO: check
+ NOT-FOR-US: Sophos Web Appliance
CVE-2014-2849 (The Change Password dialog box (change_password) in Sophos Web ...)
- TODO: check
+ NOT-FOR-US: Sophos Web Appliance
CVE-2014-2848 (A race condition in the wmi_malware_scan.nbin plugin before ...)
- TODO: check
+ NOT-FOR-US: Nessus
CVE-2014-2847 (SQL injection vulnerability in default.asp in CIS Manager CMS allows ...)
TODO: check
CVE-2014-2846
@@ -103,7 +103,7 @@
CVE-2014-2843
RESERVED
CVE-2014-2842 (Juniper ScreenOS 6.3 and earlier allows remote attackers to cause a ...)
- TODO: check
+ NOT-FOR-US: Juniper ScreenOS
CVE-2014-2841
RESERVED
CVE-2014-2840
@@ -127,7 +127,7 @@
CVE-2014-2831
RESERVED
CVE-2014-2829 (Erlang Solutions MongooseIM through 1.3.1 rev. 2 does not properly ...)
- TODO: check
+ NOT-FOR-US: MongooseIM
CVE-2014-2827
RESERVED
CVE-2014-2826
@@ -871,15 +871,15 @@
CVE-2014-2545
RESERVED
CVE-2014-2544 (Unspecified vulnerability in Spotfire Web Player Engine, Spotfire ...)
- TODO: check
+ NOT-FOR-US: Spotfire
CVE-2014-2543 (Buffer overflow in the Rendezvous Daemon (rvd), Rendezvous Routing ...)
- TODO: check
+ NOT-FOR-US: TIBCO
CVE-2014-2542 (Cross-site scripting (XSS) vulnerability in the Rendezvous Daemon ...)
- TODO: check
+ NOT-FOR-US: TIBCO
CVE-2014-2541 (The Rendezvous Daemon (rvd), Rendezvous Routing Daemon (rvrd), ...)
- TODO: check
+ NOT-FOR-US: TIBCO
CVE-2014-2540 (SQL injection vulnerability in OrbitScripts Orbit Open Ad Server ...)
- TODO: check
+ NOT-FOR-US: Orbit Open Ad Server
CVE-2014-2539
RESERVED
CVE-2014-2537 (Memory leak in the TCP stack in the kernel in Sophos UTM before 9.109 ...)
@@ -1123,45 +1123,45 @@
CVE-2014-2472
RESERVED
CVE-2014-2471 (Unspecified vulnerability in the Oracle iLearning component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle iLearning
CVE-2014-2470 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
- TODO: check
+ NOT-FOR-US: Oracle Fusion Middleware
CVE-2014-2469
RESERVED
CVE-2014-2468 (Unspecified vulnerability in the Siebel UI Framework component in ...)
- TODO: check
+ NOT-FOR-US: Oracle Siebel CRM
CVE-2014-2467 (Unspecified vulnerability in the Oracle Agile PLM Framework component ...)
- TODO: check
+ NOT-FOR-US: Oracle Supply Chain Products Suite
CVE-2014-2466 (Unspecified vulnerability in the Oracle Agile PLM Framework component ...)
- TODO: check
+ NOT-FOR-US: Oracle Supply Chain Products Suite
CVE-2014-2465 (Unspecified vulnerability in the Oracle Agile PLM Framework component ...)
- TODO: check
+ NOT-FOR-US: Oracle Supply Chain Products Suite
CVE-2014-2464 (Unspecified vulnerability in the Oracle Agile PLM Framework component ...)
- TODO: check
+ NOT-FOR-US: Oracle Supply Chain Products Suite
CVE-2014-2463 (Unspecified vulnerability in the Oracle Secure Global Desktop (SGD) ...)
NOT-FOR-US: Oracle Secure Global Desktop (SGD)
CVE-2014-2462
RESERVED
CVE-2014-2461 (Unspecified vulnerability in the Oracle Transportation Management ...)
- TODO: check
+ NOT-FOR-US: Oracle Supply Chain Products Suite
CVE-2014-2460 (Unspecified vulnerability in the Oracle Transportation Management ...)
- TODO: check
+ NOT-FOR-US: Oracle Supply Chain Products Suite
CVE-2014-2459 (Unspecified vulnerability in the Oracle Transportation Management ...)
- TODO: check
+ NOT-FOR-US: Oracle Supply Chain Products Suite
CVE-2014-2458 (Unspecified vulnerability in the Oracle Agile Product Lifecycle ...)
- TODO: check
+ NOT-FOR-US: Oracle Supply Chain Products Suite
CVE-2014-2457 (Unspecified vulnerability in the Oracle Agile Product Lifecycle ...)
- TODO: check
+ NOT-FOR-US: Oracle Supply Chain Products Suite
CVE-2014-2456
RESERVED
CVE-2014-2455 (Unspecified vulnerability in the Hyperion Common Admin component in ...)
- TODO: check
+ NOT-FOR-US: Oracle Hyperion
CVE-2014-2454 (Unspecified vulnerability in the Hyperion Common Admin component in ...)
- TODO: check
+ NOT-FOR-US: Oracle Hyperion
CVE-2014-2453 (Unspecified vulnerability in the Hyperion Common Admin component in ...)
- TODO: check
+ NOT-FOR-US: Oracle Hyperion
CVE-2014-2452 (Unspecified vulnerability in the Oracle Access Manager component in ...)
- TODO: check
+ NOT-FOR-US: Oracle Fusion Middleware
CVE-2014-2451 (Unspecified vulnerability in Oracle MySQL Server 5.6.15 and earlier ...)
- mysql-5.5 <not-affected> (Only affects Mysql 5.6)
- mysql-5.1 <not-affected> (Only affects Mysql 5.6)
@@ -1169,20 +1169,20 @@
- mysql-5.5 <not-affected> (Only affects Mysql 5.6)
- mysql-5.1 <not-affected> (Only affects Mysql 5.6)
CVE-2014-2449 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS Talent ...)
- TODO: check
+ NOT-FOR-US: Oracle PeopleSoft Products
CVE-2014-2448 (Unspecified vulnerability in the PeopleSoft Enterprise PT PeopleTools ...)
- TODO: check
+ NOT-FOR-US: Oracle PeopleSoft Products
CVE-2014-2447 (Unspecified vulnerability in the PeopleSoft Enterprise PT PeopleTools ...)
- TODO: check
+ NOT-FOR-US: Oracle PeopleSoft Products
CVE-2014-2446 (Unspecified vulnerability in the PeopleSoft Enterprise PT PeopleTools ...)
- TODO: check
+ NOT-FOR-US: Oracle PeopleSoft Products
CVE-2014-2445 (Unspecified vulnerability in the Oracle Agile PLM Framework component ...)
- TODO: check
+ NOT-FOR-US: Oracle Supply Chain Products Suite
CVE-2014-2444 (Unspecified vulnerability in Oracle MySQL Server 5.6.15 and earlier ...)
- mysql-5.5 <not-affected> (Only affects Mysql 5.6)
- mysql-5.1 <not-affected> (Only affects Mysql 5.6)
CVE-2014-2443 (Unspecified vulnerability in the PeopleSoft Enterprise PT PeopleTools ...)
- TODO: check
+ NOT-FOR-US: Oracle PeopleSoft Products
CVE-2014-2442 (Unspecified vulnerability in Oracle MySQL Server 5.6.15 and earlier ...)
- mysql-5.5 <not-affected> (Only affects Mysql 5.6)
- mysql-5.1 <not-affected> (Only affects Mysql 5.6)
@@ -1202,7 +1202,7 @@
- mariadb-5.5 <unfixed> (bug #745330)
- mysql-5.1 <not-affected> (Only affects Mysql 5.5/5.6)
CVE-2014-2437 (Unspecified vulnerability in the PeopleSoft Enterprise PT PeopleTools ...)
- TODO: check
+ NOT-FOR-US: Oracle PeopleSoft Products
CVE-2014-2436 (Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier ...)
- mysql-5.5 <unfixed> (bug #744910)
- mariadb-5.5 <unfixed> (bug #745330)
@@ -1214,7 +1214,7 @@
- mysql-5.5 <not-affected> (Only affects Mysql 5.6)
- mysql-5.1 <not-affected> (Only affects Mysql 5.6)
CVE-2014-2433 (Unspecified vulnerability in the PeopleSoft Enterprise PT PeopleTools ...)
- TODO: check
+ NOT-FOR-US: Oracle PeopleSoft Products
CVE-2014-2432 (Unspecified vulnerability Oracle the MySQL Server component 5.5.35 and ...)
- mysql-5.5 <unfixed> (bug #744910)
- mariadb-5.5 <unfixed> (bug #745330)
@@ -1228,7 +1228,7 @@
- mariadb-5.5 <unfixed> (bug #745330)
- mysql-5.1 <not-affected> (Only affects Mysql 5.5/5.6)
CVE-2014-2429 (Unspecified vulnerability in the PeopleSoft Enterprise CS Campus Self ...)
- TODO: check
+ NOT-FOR-US: Oracle PeopleSoft Products
CVE-2014-2428 (Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and ...)
- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
@@ -1236,11 +1236,11 @@
- openjdk-7 7u55-2.4.7-1
- openjdk-6 6b31-1.13.3-1
CVE-2014-2426 (Unspecified vulnerability in the Oracle OpenSSO component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle Fusion Middleware
CVE-2014-2425 (Unspecified vulnerability in the Oracle OpenSSO component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle Fusion Middleware
CVE-2014-2424 (Unspecified vulnerability in the Oracle Event Processing component in ...)
- TODO: check
+ NOT-FOR-US: Oracle Fusion Middleware
CVE-2014-2423 (Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and ...)
- openjdk-7 7u55-2.4.7-1
- openjdk-6 6b31-1.13.3-1
@@ -1258,13 +1258,13 @@
- mariadb-5.5 <unfixed> (bug #745330)
- mysql-5.1 <not-affected> (Only affects Mysql 5.5/5.6)
CVE-2014-2418 (Unspecified vulnerability in the Oracle Data Integrator component in ...)
- TODO: check
+ NOT-FOR-US: Oracle Fusion Middleware
CVE-2014-2417 (Unspecified vulnerability in the Oracle Data Integrator component in ...)
- TODO: check
+ NOT-FOR-US: Oracle Fusion Middleware
CVE-2014-2416 (Unspecified vulnerability in the Oracle Data Integrator component in ...)
- TODO: check
+ NOT-FOR-US: Oracle Fusion Middleware
CVE-2014-2415 (Unspecified vulnerability in the Oracle Data Integrator component in ...)
- TODO: check
+ NOT-FOR-US: Oracle Fusion Middleware
CVE-2014-2414 (Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and ...)
- openjdk-7 7u55-2.4.7-1
- openjdk-6 6b31-1.13.3-1
@@ -1275,7 +1275,7 @@
- openjdk-7 7u55-2.4.7-1
- openjdk-6 6b31-1.13.3-1
CVE-2014-2411 (Unspecified vulnerability in the Oracle Identity Analytics component ...)
- TODO: check
+ NOT-FOR-US: Oracle Fusion Middleware
CVE-2014-2410 (Unspecified vulnerability in Oracle Java SE 8 allows remote attackers ...)
- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
@@ -1283,15 +1283,15 @@
- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
CVE-2014-2408 (Unspecified vulnerability in the Core RDBMS component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle Database Server
CVE-2014-2407 (Unspecified vulnerability in the Oracle Data Integrator component in ...)
- TODO: check
+ NOT-FOR-US: Oracle Fusion Middleware
CVE-2014-2406 (Unspecified vulnerability in the Core RDBMS component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle Database Server
CVE-2014-2405
RESERVED
CVE-2014-2404 (Unspecified vulnerability in the Oracle Access Manager component in ...)
- TODO: check
+ NOT-FOR-US: Oracle Fusion Middleware
CVE-2014-2403 (Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and ...)
- openjdk-7 7u55-2.4.7-1
- openjdk-6 6b31-1.13.3-1
@@ -1301,9 +1301,9 @@
CVE-2014-2401 (Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; ...)
TODO: Not fixed in IcedTea, likely specific to Oracle Java
CVE-2014-2400 (Unspecified vulnerability in the Oracle Endeca Server component in ...)
- TODO: check
+ NOT-FOR-US: Oracle Fusion Middleware
CVE-2014-2399 (Unspecified vulnerability in the Oracle Endeca Server component in ...)
- TODO: check
+ NOT-FOR-US: Oracle Fusion Middleware
CVE-2014-2398 (Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; ...)
- openjdk-7 7u55-2.4.7-1
- openjdk-6 6b31-1.13.3-1
@@ -2312,7 +2312,7 @@
CVE-2014-1987
RESERVED
CVE-2014-1986 (The Content Provider in the KOKUYO CamiApp application 1.21.1 and ...)
- TODO: check
+ NOT-FOR-US: KOKUYO CamiApp application
CVE-2014-1984
RESERVED
CVE-2014-1983
More information about the Secure-testing-commits
mailing list