[Secure-testing-commits] r26646 - data/CVE
Helmut Grohne
helmutg at moszumanska.debian.org
Mon Apr 21 18:07:05 UTC 2014
Author: helmutg
Date: 2014-04-21 18:07:04 +0000 (Mon, 21 Apr 2014)
New Revision: 26646
Modified:
data/CVE/list
Log:
NFUs and not-affected
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-04-21 15:24:51 UTC (rev 26645)
+++ data/CVE/list 2014-04-21 18:07:04 UTC (rev 26646)
@@ -342,17 +342,17 @@
CVE-2013-7355 (SQL injection vulnerability in SAP BI Universal Data Integration ...)
NOT-FOR-US: SAP
CVE-2012-6645 (Cross-site scripting (XSS) vulnerability in the autocomplete ...)
- TODO: check
+ NOT-FOR-US: Drupal module Finder
CVE-2012-6644 (Multiple cross-site scripting (XSS) vulnerabilities in ClipBucket 2.6 ...)
- TODO: check
+ NOT-FOR-US: Drupal module ClipBucket
CVE-2012-6643 (Multiple SQL injection vulnerabilities in the update_counter function ...)
- TODO: check
+ NOT-FOR-US: Drupal module ClipBucket
CVE-2012-6642 (Cross-site scripting (XSS) vulnerability in ClipBucket 2.6 allows ...)
- TODO: check
+ NOT-FOR-US: Drupal module ClipBucket
CVE-2011-5278 (SQL injection vulnerability in signature.php in Advanced Forum ...)
- TODO: check
+ NOT-FOR-US: MyBB plugin Advanced Forum Signatures
CVE-2011-5277 (Multiple SQL injection vulnerabilities in signature.php in the ...)
- TODO: check
+ NOT-FOR-US: MyBB plugin Advanced Forum Signatures
CVE-2014-2889 [arch: x86: net: bpf_jit: an off-by-one bug in x86_64 cond jump target]
- linux 3.2.20-1
- linux-2.6 3.2.1-1
@@ -15829,7 +15829,7 @@
CVE-2013-3931
RESERVED
CVE-2013-3930 (Stack-based buffer overflow in Core FTP before 2.2 build 1785 allows ...)
- TODO: check
+ NOT-FOR-US: Core FTP (client)
CVE-2013-3929 (Cross-site scripting (XSS) vulnerability in admin/editevent.php in CMS ...)
NOT-FOR-US: CMS Made Simple
CVE-2013-3928 (Stack-based buffer overflow in the ReadFile function in flt_BMP.dll in ...)
@@ -19848,7 +19848,7 @@
CVE-2013-2288
RESERVED
CVE-2013-2287 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin Uploader
CVE-2013-2286
RESERVED
CVE-2013-2285
@@ -28962,7 +28962,7 @@
CVE-2012-5566 (Multiple cross-site scripting (XSS) vulnerabilities in Horde Kronolith ...)
- kronolith2 <not-affected> (Vulnerable code not present in 2.x codebase and later versions not yet packaged in sid)
CVE-2012-5565 (Cross-site scripting (XSS) vulnerability in js/compose-dimp.js in ...)
- NOT-FOR-US: This doesn't seem to be packaged in sid's Horde and the imp3 and dimp1 packages from stable do not include the affected code
+ - php-horde-imp <not-affected> (This doesn't seem to be packaged in sid's Horde and the imp3 and dimp1 packages from stable do not include the affected code)
CVE-2012-5564 (android-tools 4.1.1 in Android Debug Bridge (ADB) allows local users ...)
- android-tools <unfixed> (bug #688280)
CVE-2012-5563 (OpenStack Keystone, as used in OpenStack Folsom 2012.2, does not ...)
@@ -30562,7 +30562,7 @@
CVE-2012-4921 (Multiple cross-site request forgery (CSRF) vulnerabilities in the DVS ...)
TODO: check
CVE-2012-4920 (Directory traversal vulnerability in the zing_forum_output function in ...)
- TODO: check
+ NOT-FOR-US: Wordpress plugin Zingiri Forum
CVE-2012-4919
RESERVED
CVE-2012-4918 (Call of Duty Elite for iOS 2.0.1 does not properly validate the server ...)
@@ -38913,7 +38913,7 @@
CVE-2012-1835 (Multiple cross-site scripting (XSS) vulnerabilities in the All-in-One ...)
NOT-FOR-US: All-in-One Event Calendar plugin for WordPress
CVE-2012-1834 (Cross-site scripting (XSS) vulnerability in the cms_tpv_admin_head ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin CMS Tree Page View
CVE-2012-1833 (VMware SpringSource Grails before 1.3.8, and 2.x before 2.0.2, does ...)
NOT-FOR-US: Grails
CVE-2012-1832 (WellinTech KingView 6.53 allows remote attackers to execute arbitrary ...)
More information about the Secure-testing-commits
mailing list