[Secure-testing-commits] r27902 - data/CVE

Wed Jul 23 05:18:20 UTC 2014

Author: fgeek-guest
Date: 2014-07-23 05:18:20 +0000 (Wed, 23 Jul 2014)
New Revision: 27902

Modified:
   data/CVE/list
Log:
NFUs, dolibarr

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2014-07-23 05:11:50 UTC (rev 27901)
+++ data/CVE/list	2014-07-23 05:18:20 UTC (rev 27902)
@@ -1898,7 +1898,7 @@
 CVE-2014-4195 (Cross-site scripting (XSS) vulnerability in zero_view_article.php in ...)
 	NOT-FOR-US: ZeroCMS
 CVE-2014-4194 (SQL injection vulnerability in zero_transact_article.php in ZeroCMS ...)
-	TODO: check
+	NOT-FOR-US: ZeroCMS
 CVE-2014-XXXX [softhsm-keyconv creates security-sensibe file world-readable]
 	- softhsm <unfixed> (low; bug #752092)
 	[squeeze] - softhsm <no-dsa> (Minor issue)
@@ -1983,7 +1983,7 @@
 CVE-2014-4155 (Cross-site request forgery (CSRF) vulnerability in the ZTE ZXV10 W300 ...)
 	NOT-FOR-US: ZTE router
 CVE-2014-4154 (ZTE ZXV10 W300 router with firmware W300V1.0.0a_ZRD_LK stores ...)
-	TODO: check
+	NOT-FOR-US: ZTE router
 CVE-2014-4153 (The av-centerd SOAP service in AlienVault OSSIM before 4.8.0 allows ...)
 	NOT-FOR-US: AlienVault OSSIM
 CVE-2014-4152 (The av-centerd SOAP service in AlienVault OSSIM before 4.8.0 allows ...)
@@ -2216,7 +2216,7 @@
 CVE-2014-4032 (Cross-site scripting (XSS) vulnerability in ...)
 	NOT-FOR-US: Fiyo CMS
 CVE-2014-4031 (The Policy Manager in Aruba Networks ClearPass 5.x, 6.0.x, 6.1.x ...)
-	TODO: check
+	NOT-FOR-US: Aruba Networks ClearPass
 CVE-2014-4030 (Cross-site request forgery (CSRF) vulnerability in the JW Player ...)
 	NOT-FOR-US: WordPress plugin JW Player
 CVE-2014-4029
@@ -2236,7 +2236,7 @@
 CVE-2014-4019
 	RESERVED
 CVE-2014-4018 (The ZTE ZXV10 W300 router with firmware W300V1.0.0a_ZRD_LK has a ...)
-	TODO: check
+	NOT-FOR-US: ZTE router
 CVE-2010-5301 (Stack-based buffer overflow in Kolibri 2.0 allows remote attackers to ...)
 	NOT-FOR-US: Kolibri
 CVE-2010-5300 (Stack-based buffer overflow in Jzip 1.3 through 2.0.0.132900 allows ...)
@@ -2298,7 +2298,7 @@
 CVE-2014-4015
 	RESERVED
 CVE-2014-4013 (SQL injection vulnerability in the Policy Manager in Aruba Networks ...)
-	TODO: check
+	NOT-FOR-US: Aruba Networks ClearPass
 CVE-2014-4012 (SAP Open Hub Service has hardcoded credentials, which makes it easier ...)
 	NOT-FOR-US: SAP
 CVE-2014-4011 (SAP Capacity Leveling has hardcoded credentials, which makes it easier ...)
@@ -2341,7 +2341,7 @@
 CVE-2014-3992 (Multiple SQL injection vulnerabilities in Dolibarr ERP/CRM 3.5.3 allow ...)
 	- dolibarr <unfixed> (bug #755531)
 CVE-2014-3991 (Multiple cross-site scripting (XSS) vulnerabilities in Dolibarr ...)
-	TODO: check
+	- dolibarr <unfixed>
 CVE-2014-3990
 	RESERVED
 CVE-2014-3989


