[Secure-testing-commits] r25006 - data/CVE

Thu Jan 2 07:10:19 UTC 2014

Author: carnil
Date: 2014-01-02 07:10:19 +0000 (Thu, 02 Jan 2014)
New Revision: 25006

Modified:
   data/CVE/list
Log:
Add NFUs

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2014-01-02 07:10:12 UTC (rev 25005)
+++ data/CVE/list	2014-01-02 07:10:19 UTC (rev 25006)
@@ -62,9 +62,9 @@
 CVE-2013-7218
 	RESERVED
 CVE-2013-7217 (Unspecified vulnerability in Zimbra Collaboration Server 7.2.5 and ...)
-	TODO: check
+	NOT-FOR-US: Zimbra
 CVE-2013-7216 (Multiple SQL injection vulnerabilities in Classifieds Creator 2.0 ...)
-	TODO: check
+	NOT-FOR-US: Classifieds Creator
 CVE-2013-7215
 	RESERVED
 CVE-2013-7214
@@ -660,7 +660,7 @@
 CVE-2013-7241
 	NOT-FOR-US: Zenphoto
 CVE-2013-7240
-	TODO: check
+	NOT-FOR-US: Dewplayer
 CVE-2013-7239 [SASL authentication allows wrong credentials to access memcache]
 	{DSA-2832-1}
 	- memcached <unfixed> (bug #733643)
@@ -2311,7 +2311,7 @@
 CVE-2013-6813
 	RESERVED
 CVE-2013-6812 (The ONEDC app before 1.7 for iOS does not properly verify X.509 ...)
-	TODO: check
+	NOT-FOR-US: ONEDC app
 CVE-2013-6811
 	RESERVED
 CVE-2013-6810 (The server in EMC Connectrix Manager Converged Network Edition (CMCNE) ...)
@@ -2319,7 +2319,7 @@
 CVE-2013-6809 (Format string vulnerability in the client in Tftpd32 before 4.50 ...)
 	NOT-FOR-US: Tftpd32
 CVE-2013-6808 (Cross-site scripting (XSS) vulnerability in lib/NSSDropoff.php in ...)
-	TODO: check
+	NOT-FOR-US: ZendTo
 CVE-2012-6607 (The transform_save function in transform_save in Augeas before 1.0.0 ...)
 	- augeas 1.0.0-1 (low)
 	[squeeze] - augeas <no-dsa> (Minor issue)
@@ -6179,11 +6179,11 @@
 CVE-2013-5221 (The mobile-upload feature in Esri ArcGIS for Server 10.1 through 10.2 ...)
 	NOT-FOR-US: Esri ArcGIS
 CVE-2013-5220 (goform/login on the HOT HOTBOX router with software 2.1.11 allows ...)
-	TODO: check
+	NOT-FOR-US: HOT HOTBOX router
 CVE-2013-5219 (Directory traversal vulnerability on the HOT HOTBOX router with ...)
-	TODO: check
+	NOT-FOR-US: HOT HOTBOX router
 CVE-2013-5218 (Cross-site scripting (XSS) vulnerability on the HOT HOTBOX router with ...)
-	TODO: check
+	NOT-FOR-US: HOT HOTBOX router
 CVE-2013-5216 (Directory traversal vulnerability in logreader/uploadreader.jsp in ...)
 	NOT-FOR-US: Performance Guard
 CVE-2013-5215 (Cross-site scripting (XSS) vulnerability in the web interface "WiFi ...)
@@ -6558,11 +6558,11 @@
 CVE-2013-5040
 	RESERVED
 CVE-2013-5039 (Cross-site request forgery (CSRF) vulnerability in ...)
-	TODO: check
+	NOT-FOR-US: HOT HOTBOX router
 CVE-2013-5038 (The HOT HOTBOX router with software 2.1.11 allows remote attackers to ...)
-	TODO: check
+	NOT-FOR-US: HOT HOTBOX router
 CVE-2013-5037 (The HOT HOTBOX router with software 2.1.11 has a default WPS PIN of ...)
-	TODO: check
+	NOT-FOR-US: HOT HOTBOX router
 CVE-2013-5036
 	RESERVED
 CVE-2013-5035 (Multiple race conditions in HtmlCleaner before 2.6, as used in ...)


