[Secure-testing-commits] r26282 - data/CVE

Thijs Kinkhorst thijs at moszumanska.debian.org
Thu Mar 27 12:20:46 UTC 2014


Author: thijs
Date: 2014-03-27 12:20:46 +0000 (Thu, 27 Mar 2014)
New Revision: 26282

Modified:
   data/CVE/list
Log:
nfu's


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-03-27 11:15:05 UTC (rev 26281)
+++ data/CVE/list	2014-03-27 12:20:46 UTC (rev 26282)
@@ -1610,15 +1610,15 @@
 CVE-2014-1980
 	RESERVED
 CVE-2014-1979 (The NTT DOCOMO sp mode mail application 5900 through 6300 for Android ...)
-	TODO: check
+	NOT-FOR-US: NTT DOCOMO mail app
 CVE-2014-1978 (The application link interface in the NTT DOCOMO sp mode mail ...)
-	TODO: check
+	NOT-FOR-US: NTT DOCOMO mail app
 CVE-2014-1977 (The NTT DOCOMO sp mode mail application 6300 and earlier for Android ...)
-	TODO: check
+	NOT-FOR-US: NTT DOCOMO mail app
 CVE-2014-1976 (The Demaecan application 2.1.0 and earlier for Android does not verify ...)
-	TODO: check
+	NOT-FOR-US: Demaecan Android app
 CVE-2014-1975 (Directory traversal vulnerability in the R-Company Unzipper ...)
-	TODO: check
+	NOT-FOR-US: Unzipper Android app
 CVE-2014-1974
 	RESERVED
 CVE-2014-1973
@@ -1626,9 +1626,9 @@
 CVE-2014-1972
 	RESERVED
 CVE-2014-1971 (Cross-site scripting (XSS) vulnerability in Silex before 2.0.0 allows ...)
-	TODO: check
+	NOT-FOR-US: Silex
 CVE-2014-1970 (Directory traversal vulnerability in the ES File Explorer File Manager ...)
-	TODO: check
+	NOT-FOR-US: ES File Explorer File Manager for Android
 CVE-2014-1969
 	RESERVED
 CVE-2014-1968 (Cross-site scripting (XSS) vulnerability in the XooNIps module 3.47 ...)
@@ -2845,7 +2845,7 @@
 CVE-2014-1516
 	RESERVED
 CVE-2014-1515 (Mozilla Firefox before 28.0.1 on Android processes a file: URL by ...)
-	TODO: check
+	NOT-FOR-US: FF on Android
 CVE-2014-1514 (vmtypedarrayobject.cpp in Mozilla Firefox before 28.0, Firefox ESR ...)
 	{DSA-2881-1}
 	- iceweasel 24.4.0esr-1
@@ -3975,7 +3975,7 @@
 CVE-2014-0896
 	RESERVED
 CVE-2014-0895 (Buffer overflow in the vsflex8l ActiveX control in IBM SPSS ...)
-	TODO: check
+	NOT-FOR-US: IBM SPSS
 CVE-2014-0894
 	RESERVED
 CVE-2014-0893
@@ -4007,7 +4007,7 @@
 CVE-2014-0880
 	RESERVED
 CVE-2014-0879 (Stack-based buffer overflow in the Taskmaster Capture ActiveX control ...)
-	TODO: check
+	NOT-FOR-US: IBM Datacap Taskmaster Capture
 CVE-2014-0878
 	RESERVED
 CVE-2014-0877
@@ -4019,7 +4019,7 @@
 CVE-2014-0874 (Cross-site scripting (XSS) vulnerability in IBM Content Navigator 2.x ...)
 	NOT-FOR-US: IBM Content Navigator
 CVE-2014-0873 (Multiple cross-site request forgery (CSRF) vulnerabilities in the (1) ...)
-	TODO: check
+	NOT-FOR-US: IBM InfoSphere
 CVE-2014-0872
 	RESERVED
 CVE-2014-0871
@@ -4065,7 +4065,7 @@
 CVE-2014-0851
 	RESERVED
 CVE-2014-0850 (Cross-site scripting (XSS) vulnerability in IBM InfoSphere Master Data ...)
-	TODO: check
+	NOT-FOR-US: IBM InfoSphere
 CVE-2014-0849
 	RESERVED
 CVE-2014-0848
@@ -4107,7 +4107,7 @@
 CVE-2014-0830 (Directory traversal vulnerability in the table-export implementation ...)
 	NOT-FOR-US: IBM Financial Transaction Manager
 CVE-2014-0829 (Multiple buffer overflows in IBM Rational ClearCase 7.x before ...)
-	TODO: check
+	NOT-FOR-US: IBM Rational ClearCase
 CVE-2014-0828
 	RESERVED
 CVE-2014-0827
@@ -4575,7 +4575,7 @@
 CVE-2014-0629 (EMC Documentum TaskSpace (TSP) 6.7SP1 before P25 and 6.7SP2 before P11 ...)
 	NOT-FOR-US: EMC
 CVE-2014-0628 (The server in EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before ...)
-	TODO: check
+	NOT-FOR-US: EMC
 CVE-2014-0627 (The SSLEngine API implementation in EMC RSA BSAFE SSL-J 5.x before ...)
 	NOT-FOR-US: EMC RSA
 CVE-2014-0626 (The (1) JSAFE and (2) JSSE APIs in EMC RSA BSAFE SSL-J 5.x before ...)
@@ -7497,7 +7497,7 @@
 CVE-2013-6730 (IBM WebSphere Portal 6.1.0.x through 6.1.0.6 CF27, 6.1.5.x through ...)
 	NOT-FOR-US: IBM WebSphere Portal
 CVE-2013-6729 (Cross-site scripting (XSS) vulnerability in IBM QuickFile 1.0.0.0 ...)
-	TODO: check
+	NOT-FOR-US: IBM QuickFile
 CVE-2013-6728 (The charting component in IBM WebSphere Dashboard Framework (WDF) ...)
 	NOT-FOR-US: IBM WebSphere Dashboard Framework
 CVE-2013-6727 (The Connect client in IBM Sametime 8.5.2 through 8.5.2.1 and 9.0 ...)
@@ -8947,7 +8947,7 @@
 CVE-2013-6209 (Unspecified vulnerability in rpc.lockd in the NFS subsystem in HP ...)
 	NOT-FOR-US: NFS subsystem in HP HP-UX
 CVE-2013-6208 (Unspecified vulnerability in HP Smart Update Manager 5.3.5 before ...)
-	TODO: check
+	NOT-FOR-US: HP Smart Update Manager
 CVE-2013-6207 (Unspecified vulnerability in the loadFileContents function in the SOAP ...)
 	NOT-FOR-US: HP SiteScope
 CVE-2013-6206 (Unspecified vulnerability in HP Rapid Deployment Pack (RDP) and ...)
@@ -9493,7 +9493,7 @@
 CVE-2013-5956
 	RESERVED
 CVE-2013-5955 (Cross-site scripting (XSS) vulnerability in manage.php in the ...)
-	TODO: check
+	NOT-FOR-US: Joomla plugin
 CVE-2013-5954
 	RESERVED
 	NOT-FOR-US: OpenX
@@ -10983,7 +10983,7 @@
 CVE-2013-5402 (Cross-site scripting (XSS) vulnerability in IBM Maximo Asset ...)
 	NOT-FOR-US: IBM
 CVE-2013-5401 (The command-port listener in IBM WebSphere MQ Internet Pass-Thru ...)
-	TODO: check
+	NOT-FOR-US: IBM WebSphere MQ
 CVE-2013-5400 (An unspecified servlet in IBM Platform Symphony Developer Edition (DE) ...)
 	NOT-FOR-US: IBM Platform Symphony Developer Edition
 CVE-2013-5399
@@ -14641,11 +14641,11 @@
 CVE-2013-4060
 	RESERVED
 CVE-2013-4059 (Multiple cross-site scripting (XSS) vulnerabilities in IBM InfoSphere ...)
-	TODO: check
+	NOT-FOR-US: IBM InfoSphere
 CVE-2013-4058 (Multiple SQL injection vulnerabilities in IBM InfoSphere Information ...)
-	TODO: check
+	NOT-FOR-US: IBM InfoSphere
 CVE-2013-4057 (Cross-site request forgery (CSRF) vulnerability in the XML Pack in IBM ...)
-	TODO: check
+	NOT-FOR-US: IBM InfoSphere
 CVE-2013-4056 (Cross-site request forgery (CSRF) vulnerability in the Data Quality ...)
 	NOT-FOR-US: IBM
 CVE-2013-4055 (Cross-site scripting (XSS) vulnerability in webadmin.nsf in Domino Web ...)
@@ -14887,7 +14887,7 @@
 CVE-2013-3939
 	RESERVED
 CVE-2013-3938 (Integer overflow in xnview.exe in XnView 2.13 allows remote attackers ...)
-	TODO: check
+	NOT-FOR-US: XnView
 CVE-2013-3937
 	RESERVED
 CVE-2013-3936
@@ -16430,7 +16430,7 @@
 CVE-2013-3250 (Cross-site request forgery (CSRF) vulnerability in the WP Maintenance ...)
 	NOT-FOR-US: WP Maintenance Mode plugin for Wordpress
 CVE-2013-3249 (Stack-based buffer overflow in the "Add from text file" feature in the ...)
-	TODO: check
+	NOT-FOR-US: DameWare Remote Support
 CVE-2013-3248 (Untrusted search path vulnerability in Corel PDF Fusion 1.11 allows ...)
 	NOT-FOR-US: Corel PDF Fusion
 CVE-2013-3247
@@ -17855,9 +17855,9 @@
 CVE-2013-2672
 	RESERVED
 CVE-2013-2671 (Multiple cross-site scripting (XSS) vulnerabilities in the Brother ...)
-	TODO: check
+	NOT-FOR-US: Brother printer
 CVE-2013-2670 (Cross-site scripting (XSS) vulnerability in the Brother MFC-9970CDW ...)
-	TODO: check
+	NOT-FOR-US: Brother printer
 CVE-2013-2669
 	RESERVED
 CVE-2013-2668
@@ -17911,11 +17911,11 @@
 CVE-2013-2644
 	RESERVED
 CVE-2013-2643 (Multiple cross-site scripting (XSS) vulnerabilities in Sophos Web ...)
-	TODO: check
+	NOT-FOR-US: Sophos Web Appliance
 CVE-2013-2642 (Sophos Web Appliance before 3.7.8.2 allows (1) remote attackers to ...)
-	TODO: check
+	NOT-FOR-US: Sophos Web Appliance
 CVE-2013-2641 (Directory traversal vulnerability in patience.cgi in Sophos Web ...)
-	TODO: check
+	NOT-FOR-US: Sophos Web Appliance
 CVE-2013-2640 (ajax.functions.php in the MailUp plugin before 1.3.2 for WordPress ...)
 	NOT-FOR-US: MailUp plugin for Wordpress
 CVE-2013-2639 (Cross-site scripting (XSS) vulnerability in CTERA Cloud Storage OS ...)
@@ -17972,7 +17972,7 @@
 CVE-2013-2620
 	RESERVED
 CVE-2013-2619 (Directory traversal vulnerability in Aspen before 0.22 allows remote ...)
-	TODO: check
+	NOT-FOR-US: Aspen
 CVE-2013-2618
 	RESERVED
 CVE-2013-2617 (lib/curl.rb in the Curl Gem for Ruby allows remote attackers to ...)
@@ -18272,7 +18272,7 @@
 CVE-2013-2508
 	RESERVED
 CVE-2013-2507 (Multiple cross-site scripting (XSS) vulnerabilities in the Brother ...)
-	TODO: check
+	NOT-FOR-US: Brother
 CVE-2013-2506 (app/models/spree/user.rb in spree_auth_devise in Spree 1.1.x before ...)
 	NOT-FOR-US: Spree 
 CVE-2012-6535 (DjVuLibre before 3.5.25.3, as used in Evince, Sumatra PDF Reader, ...)




More information about the Secure-testing-commits mailing list