[Secure-testing-commits] r27084 - data/CVE

Helmut Grohne helmutg at moszumanska.debian.org
Sun Jun 1 14:46:03 UTC 2014 

Author: helmutg
Date: 2014-06-01 14:46:03 +0000 (Sun, 01 Jun 2014)
New Revision: 27084

Modified:
   data/CVE/list
Log:
NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-06-01 11:07:23 UTC (rev 27083)
+++ data/CVE/list	2014-06-01 14:46:03 UTC (rev 27084)
@@ -133,25 +133,25 @@
 CVE-2014-3850
 	RESERVED
 CVE-2014-3849 (The iMember360 plugin 3.8.012 through 3.9.001 for WordPress does not ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin iMember360
 CVE-2014-3848 (The iMember360 plugin before 3.9.001 for WordPress does not properly ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin iMember360
 CVE-2014-3847
 	RESERVED
 CVE-2014-3845 (Cross-site request forgery (CSRF) vulnerability in the TinyMCE Color ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin TinyMCE Color Picker
 CVE-2014-3844 (The TinyMCE Color Picker plugin before 1.2 for WordPress does not ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin TinyMCE Color Picker
 CVE-2014-3843 (Cross-site request forgery (CSRF) vulnerability in the Search ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin Search Everything
 CVE-2014-3842 (Multiple cross-site scripting (XSS) vulnerabilities in the iMember360 ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin iMember360
 CVE-2014-3841 (Cross-site scripting (XSS) vulnerability in the Contact Bank plugin ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin Contact Bank
 CVE-2012-6648 (gdm/guest-session-cleanup.sh in gdm-guest-session 0.24 and earlier, as ...)
-	TODO: check
+	NOT-FOR-US: gdm-guest-session (Ubuntu-specific)
 CVE-2010-5299 (Stack-based buffer overflow in MicroP 0.1.1.1600 allows remote ...)
-	TODO: check
+	NOT-FOR-US: MicroP
 CVE-2014-XXXX [TYPO3-CORE-SA-2014-001]
 	- typo3-src 4.5.34+dfsg1-1 (bug #749215)
 	[squeeze] - typo3-src <end-of-life> (Unsupported in squeeze-lts)
@@ -270,9 +270,9 @@
 CVE-2014-3790
 	RESERVED
 CVE-2014-3789 (GetPermissions.asp in Cogent Real-Time Systems Cogent DataHub before ...)
-	TODO: check
+	NOT-FOR-US: Cogent DataHub
 CVE-2014-3788 (Heap-based buffer overflow in the Web Server in Cogent Real-Time ...)
-	TODO: check
+	NOT-FOR-US: Cogent DataHub
 CVE-2014-3787 (SAP NetWeaver 7.20 and earlier allows remote attackers to read ...)
 	NOT-FOR-US: SAP NetWeaver
 CVE-2013-7385 (LiveZilla 5.1.2.1 and earlier includes the MD5 hash of the operator ...)
@@ -1052,7 +1052,7 @@
 CVE-2014-3443 (JetMPAd.ax in JetAudio 8.1.1 and earlier allows remote attackers to ...)
 	NOT-FOR-US: JetAudio
 CVE-2014-3442 (Winamp 5.666 and earlier allows remote attackers to cause a denial of ...)
-	TODO: check
+	NOT-FOR-US: Winamp
 CVE-2014-3441 (codec\libpng_plugin.dll in VideoLAN VLC Media Player 2.1.3 allows ...)
 	- vlc <not-affected> (VLC in Debian uses the system version of libpng which handles the malformed file correctly as invalid)
 	NOTE: http://packetstormsecurity.com/files/126564/VLC-Player-2.1.3-Memory-Corruption.html
@@ -1565,7 +1565,7 @@
 CVE-2014-3211
 	RESERVED
 CVE-2014-3210 (SQL injection vulnerability in dopbs-backend-forms.php in the Booking ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin Booking System
 CVE-2014-3208
 	RESERVED
 CVE-2014-3206
@@ -2144,9 +2144,9 @@
 CVE-2014-2949
 	RESERVED
 CVE-2014-2948 (SQL injection vulnerability in workflowenginesoa.asmx in Bizagi BPM ...)
-	TODO: check
+	NOT-FOR-US: Bizagi BPM
 CVE-2014-2947 (Cross-site scripting (XSS) vulnerability in Login.aspx in Bizagi BPM ...)
-	TODO: check
+	NOT-FOR-US: Bizagi BPM
 CVE-2014-2946
 	RESERVED
 CVE-2014-2945
@@ -2164,7 +2164,7 @@
 CVE-2014-2939
 	RESERVED
 CVE-2014-2938 (Hanvon FaceID before 1.007.110 does not require authentication, which ...)
-	TODO: check
+	NOT-FOR-US: Hanvon FaceID
 CVE-2014-2937
 	RESERVED
 CVE-2014-2936 (The directory manager in Caldera 9.20 allows remote attackers to ...)
@@ -3739,9 +3739,9 @@
 CVE-2014-2351 (SQL injection vulnerability in the LiveData service in CSWorks before ...)
 	NOT-FOR-US: CSWorks
 CVE-2014-2350 (Emerson DeltaV 10.3.1, 11.3, 11.3.1, and 12.3 uses hardcoded ...)
-	TODO: check
+	NOT-FOR-US: Emerson DeltaV
 CVE-2014-2349 (Emerson DeltaV 10.3.1, 11.3, 11.3.1, and 12.3 allows local users to ...)
-	TODO: check
+	NOT-FOR-US: Emerson DeltaV
 CVE-2014-2348
 	RESERVED
 CVE-2014-2347 (Amtelco miSecureMessages (aka MSM) 6.2 does not properly manage ...)
@@ -21162,7 +21162,7 @@
 CVE-2013-2758 (Apache CloudStack 4.0.0 before 4.0.2 and Citrix CloudPlatform ...)
 	NOT-FOR-US: CloudStack
 CVE-2013-2757 (Citrix CloudPlatform (formerly Citrix CloudStack) 3.0.x before 3.0.6 ...)
-	TODO: check
+	NOT-FOR-US: Citrix
 CVE-2013-2756 (Apache CloudStack 4.0.0 before 4.0.2 and Citrix CloudPlatform ...)
 	NOT-FOR-US: CloudStack
 CVE-2013-2755
@@ -21264,9 +21264,9 @@
 CVE-2013-2714
 	RESERVED
 CVE-2013-2713 (Cross-site request forgery (CSRF) vulnerability in users_maint.html in ...)
-	TODO: check
+	NOT-FOR-US: KrisonAV
 CVE-2013-2712 (Cross-site scripting (XSS) vulnerability in services/get_article.php ...)
-	TODO: check
+	NOT-FOR-US: KrisonAV
 CVE-2013-2711
 	RESERVED
 CVE-2013-2710

More information about the Secure-testing-commits mailing list