[Secure-testing-commits] r26850 - data/CVE

Henri Salo fgeek-guest at moszumanska.debian.org
Wed May 7 07:14:41 UTC 2014 

Author: fgeek-guest
Date: 2014-05-07 07:14:41 +0000 (Wed, 07 May 2014)
New Revision: 26850

Modified:
   data/CVE/list
Log:
NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-05-07 07:08:50 UTC (rev 26849)
+++ data/CVE/list	2014-05-07 07:14:41 UTC (rev 26850)
@@ -167,25 +167,25 @@
 CVE-2014-3140
 	RESERVED
 CVE-2014-3139 (recoveryconsole/bpl/snmpd.php in Unitrends Enterprise Backup 7.3.0 ...)
-	TODO: check
+	NOT-FOR-US: Unitrends Enterprise Backup
 CVE-2014-3138 (SQL injection vulnerability in Xerox DocuShare before 6.53 Patch 6 ...)
-	TODO: check
+	NOT-FOR-US: Xerox DocuShare
 CVE-2014-3136
 	RESERVED
 CVE-2014-3135 (Multiple cross-site scripting (XSS) vulnerabilities in vBulletin 5.1.1 ...)
-	TODO: check
+	NOT-FOR-US: vBulletin
 CVE-2014-3134 (Cross-site scripting (XSS) vulnerability in the InfoView application ...)
-	TODO: check
+	NOT-FOR-US: SAP BusinessObjects
 CVE-2014-3133 (SAP Netweaver Java Application Server does not properly restrict ...)
-	TODO: check
+	NOT-FOR-US: SAP NetWeaver
 CVE-2014-3132 (SAP Background Processing does not properly restrict access, which ...)
-	TODO: check
+	NOT-FOR-US: SAP Background Processing
 CVE-2014-3131 (SAP Profile Maintenance does not properly restrict access, which ...)
-	TODO: check
+	NOT-FOR-US: SAP Solution Manager
 CVE-2014-3130 (The ABAP Help documentation and translation tools (BC-DOC-HLP) in ...)
-	TODO: check
+	NOT-FOR-US: SAP NetWeaver
 CVE-2014-3129 (The Java Server Pages in the Software Lifecycle Manager (SLM) in SAP ...)
-	TODO: check
+	NOT-FOR-US: SAP NetWeaver
 CVE-2014-3209 [ldnsutils: ldns-keygen creates private key world readable]
 	RESERVED
 	- ldns <unfixed> (low; bug #746758)
@@ -459,7 +459,7 @@
 	- python-imaging <removed>
 	NOTE: details what is covered exactly by this CVE relating to CVE-2014-1932 and CVE-2014-1933 is missing
 CVE-2014-3006 (Sitepark Information Enterprise Server (IES) 2.9 before 2.9.6, when ...)
-	TODO: check
+	NOT-FOR-US: Sitepark Information Enterprise Server
 CVE-2014-3005
 	RESERVED
 CVE-2014-3004
@@ -1343,9 +1343,9 @@
 	NOT-FOR-US: Papercut MF/NG
 	NOTE: This is not the papercut NNTP server.
 CVE-2014-2658 (Unspecified vulnerability in Papercut MF and NG before 14.1 (Build ...)
-	TODO: check
+	NOT-FOR-US: PaperCut MF
 CVE-2014-2657 (Unspecified vulnerability in the print release functionality in ...)
-	TODO: check
+	NOT-FOR-US: PaperCut MF
 CVE-2014-2654 (Multiple SQL injection vulnerabilities in MobFox mAdserve 2.0 and ...)
 	NOT-FOR-US: MobFox mAdserve
 CVE-2013-7346 (Cross-site request forgery (CSRF) vulnerability in Symphony CMS before ...)
@@ -1587,7 +1587,7 @@
 CVE-2014-2566
 	RESERVED
 CVE-2014-2565 (The commandline interface in Blue Coat Content Analysis System (CAS) ...)
-	TODO: check
+	NOT-FOR-US: Blue Coat Content Analysis System
 CVE-2014-2564
 	RESERVED
 CVE-2014-2563
@@ -5583,7 +5583,7 @@
 CVE-2014-0897
 	RESERVED
 CVE-2014-0896 (IBM WebSphere Application Server (WAS) Liberty Profile 8.5.x before ...)
-	TODO: check
+	NOT-FOR-US: IBM WebSphere Application Server
 CVE-2014-0895 (Buffer overflow in the vsflex8l ActiveX control in IBM SPSS ...)
 	NOT-FOR-US: IBM SPSS
 CVE-2014-0894
@@ -5657,11 +5657,11 @@
 CVE-2014-0860
 	RESERVED
 CVE-2014-0859 (The web-server plugin in IBM WebSphere Application Server (WAS) 7.x ...)
-	TODO: check
+	NOT-FOR-US: IBM WebSphere Application Server
 CVE-2014-0858 (IBM Content Navigator 2.x before 2.0.2.2-ICN-FP002 allows remote ...)
 	NOT-FOR-US: IBM Content Navigator
 CVE-2014-0857 (The Administrative Console in IBM WebSphere Application Server (WAS) ...)
-	TODO: check
+	NOT-FOR-US: IBM WebSphere Application Server
 CVE-2014-0856
 	RESERVED
 CVE-2014-0855 (Multiple cross-site scripting (XSS) vulnerabilities in IBM Connections ...)
@@ -5729,7 +5729,7 @@
 CVE-2014-0824
 	RESERVED
 CVE-2014-0823 (IBM WebSphere Application Server (WAS) 8.x before 8.0.0.9 and 8.5.x ...)
-	TODO: check
+	NOT-FOR-US: IBM WebSphere Application Server
 CVE-2014-0822 (The IMAP server in IBM Domino 8.5.x before 8.5.3 FP6 IF1 and 9.0.x ...)
 	NOT-FOR-US: IBM Domino
 CVE-2014-0821 (SQL injection vulnerability in the download feature in Cybozu Garoon ...)
@@ -5872,7 +5872,7 @@
 CVE-2014-0787 (Stack-based buffer overflow in WellinTech KingSCADA before 3.1.2.13 ...)
 	NOT-FOR-US: WellinTech KingSCADA
 CVE-2014-0786 (Ecava IntegraXor before 4.1.4393 allows remote attackers to read ...)
-	TODO: check
+	NOT-FOR-US: Ecava IntegraXor
 CVE-2014-0785
 	RESERVED
 CVE-2014-0784 (Stack-based buffer overflow in BKBCopyD.exe in Yokogawa CENTUM CS 3000 ...)
@@ -6153,7 +6153,7 @@
 CVE-2014-0647 (The Starbucks 2.6.1 application for iOS stores sensitive information ...)
 	NOT-FOR-US: Starbucks iOS application
 CVE-2014-0646 (The runtime WS component in the server in EMC RSA Access Manager 6.1.3 ...)
-	TODO: check
+	NOT-FOR-US: EMC
 CVE-2014-0645 (EMC Cloud Tiering Appliance (CTA) 9.x through 10 SP1 and File ...)
 	NOT-FOR-US: EMC
 CVE-2014-0644 (EMC Cloud Tiering Appliance (CTA) 10 through SP1 allows remote ...)

More information about the Secure-testing-commits mailing list