[Secure-testing-commits] r27454 - data/CVE

Helmut Grohne helmutg at moszumanska.debian.org
Thu Jun 26 05:47:07 UTC 2014 

Author: helmutg
Date: 2014-06-26 05:47:07 +0000 (Thu, 26 Jun 2014)
New Revision: 27454

Modified:
   data/CVE/list
Log:
NFUs and boinc?

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-06-26 05:09:52 UTC (rev 27453)
+++ data/CVE/list	2014-06-26 05:47:07 UTC (rev 27454)
@@ -1499,6 +1499,7 @@
 CVE-2013-7387 (Session fixation vulnerability in DataLife Engine (DLE) 9.7 and ...)
 	NOT-FOR-US: DataLife Engine
 CVE-2011-5280 (Multiple stack-based buffer overflows in BOINC 6.13.x allow remote ...)
+	- boinc <undetermined>
 	TODO: check
 CVE-2014-3969 (Xen 4.4.x, when running on an ARM system, does not properly check ...)
 	- xen <not-affected> (Only ARM systems are affected from Xen 4.4 onwards)
@@ -5408,9 +5409,9 @@
 CVE-2014-2347 (Amtelco miSecureMessages (aka MSM) 6.2 does not properly manage ...)
 	NOT-FOR-US: Amtelco miSecureMessages
 CVE-2014-2346 (COPA-DATA zenon DNP3 NG driver (DNP3 master) 7.10 and 7.11 through ...)
-	TODO: check
+	NOT-FOR-US: COPA-DATA
 CVE-2014-2345 (COPA-DATA zenon DNP3 NG driver (DNP3 master) 7.10 and 7.11 through ...)
-	TODO: check
+	NOT-FOR-US: COPA-DATA
 CVE-2014-2344
 	RESERVED
 CVE-2014-2343 (Triangle MicroWorks SCADA Data Gateway before 3.00.0635 allows ...)
@@ -6279,7 +6280,7 @@
 CVE-2014-1998 (Cross-site scripting (XSS) vulnerability in Nippon Institute of ...)
 	NOT-FOR-US: SOY CMS
 CVE-2014-1997 (The ATEN CN8000 remote-access unit with firmware 1.6.154 and earlier ...)
-	TODO: check
+	NOT-FOR-US: ATEN IP KVM Switch
 CVE-2014-1996
 	RESERVED
 CVE-2014-1995
@@ -15214,7 +15215,7 @@
 CVE-2013-5761 (Unspecified vulnerability in the Siebel Core - Server BizLogic Script ...)
 	NOT-FOR-US: Oracle Siebel
 CVE-2013-5760 (QNAP Photo Station before firmware 4.0.3 build0912 allows remote ...)
-	TODO: check
+	NOT-FOR-US: QNAP firmware
 CVE-2013-5759
 	RESERVED
 CVE-2013-5758
@@ -22075,7 +22076,7 @@
 CVE-2013-3083
 	RESERVED
 CVE-2013-3082 (Cross-site scripting (XSS) vulnerability in ...)
-	TODO: check
+	NOT-FOR-US: Jojo CMS
 CVE-2013-3081 (SQL injection vulnerability in the checkEmailFormat function in ...)
 	NOT-FOR-US: Jojo CMS
 CVE-2013-3080 (VMware vCenter Server Appliance (vCSA) 5.1 before Update 1 allows ...)
@@ -23283,7 +23284,7 @@
 CVE-2013-2603
 	RESERVED
 CVE-2013-2602 (Multiple array index errors in the MyHeritage SEQueryObject ActiveX ...)
-	TODO: check
+	NOT-FOR-US: MyHeritage SEQueryObject ActiveX control
 CVE-2013-2601 (The NDVM in Citrix XenClient XT before 2.1.3 and 3.x before 3.1.4 ...)
 	NOT-FOR-US: Citrix XenClient XT
 CVE-2013-2600 [MiniUPnPd information disclosure]
@@ -27270,7 +27271,7 @@
 CVE-2013-1413 (Multiple cross-site scripting (XSS) vulnerabilities in synetics i-doit ...)
 	NOT-FOR-US: synetics i-doit
 CVE-2013-1412 (DataLife Engine (DLE) 9.7 allows remote attackers to execute arbitrary ...)
-	TODO: check
+	NOT-FOR-US: DataLife Engine
 CVE-2013-1411
 	RESERVED
 CVE-2013-1410
@@ -35532,7 +35533,7 @@
 CVE-2012-4729 (Wing FTP Server before 4.1.1 allows remote authenticated users to ...)
 	NOT-FOR-US: Wing FTP Server
 CVE-2012-4728 (The (1) QProGetNotebookWindowHandle and (2) Ordinal132 functions in ...)
-	TODO: check
+	NOT-FOR-US: Corel Quattro Pro
 CVE-2012-4727
 	RESERVED
 CVE-2012-4726

More information about the Secure-testing-commits mailing list