[Secure-testing-commits] r27017 - data/CVE

Helmut Grohne helmutg at moszumanska.debian.org
Fri May 23 05:02:33 UTC 2014 

Author: helmutg
Date: 2014-05-23 05:02:19 +0000 (Fri, 23 May 2014)
New Revision: 27017

Modified:
   data/CVE/list
Log:
NFUs, maybe vlc issue

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-05-22 21:14:10 UTC (rev 27016)
+++ data/CVE/list	2014-05-23 05:02:19 UTC (rev 27017)
@@ -870,7 +870,8 @@
 CVE-2014-3442
 	RESERVED
 CVE-2014-3441 (codec\libpng_plugin.dll in VideoLAN VLC Media Player 2.1.3 allows ...)
-	TODO: check
+	- vlc <undetermined>
+	NOTE: http://packetstormsecurity.com/files/126564/VLC-Player-2.1.3-Memory-Corruption.html
 CVE-2014-3440
 	RESERVED
 CVE-2014-3439
@@ -21002,7 +21003,7 @@
 CVE-2013-2693 (Cross-site request forgery (CSRF) vulnerability in the Options in the ...)
 	NOT-FOR-US: WordPress plugin WP-Print
 CVE-2013-2692 (Cross-site request forgery (CSRF) vulnerability in the Admin web ...)
-	TODO: check
+	NOT-FOR-US: OpenVPN Access Server
 CVE-2013-2691 (Stack-based buffer overflow in the JetMPG.ax module in jetAudio 8.0.17 ...)
 	NOT-FOR-US: jetAudio
 CVE-2013-2690 (SQL injection vulnerability in index.php in Synchroweb Technology ...)
@@ -25205,7 +25206,7 @@
 CVE-2013-1408 (Multiple SQL injection vulnerabilities in the Wysija Newsletters ...)
 	NOT-FOR-US: WordPress plugin wysija-newsletters
 CVE-2013-1407 (Multiple cross-site scripting (XSS) vulnerabilities in the Events ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin Events Master Pro
 CVE-2013-1406 (The Virtual Machine Communication Interface (VMCI) implementation in ...)
 	NOT-FOR-US: VMware Workstation, Fusion, View, ESXi, ESX
 CVE-2013-1405 (VMware vCenter Server 4.0 before Update 4b and 4.1 before Update 3a, ...)
@@ -50852,7 +50853,7 @@
 CVE-2011-3340 (SQL injection vulnerability in ATCOM Netvolution 2.5.8 ASP allows ...)
 	NOT-FOR-US: ATCOM Netvolution
 CVE-2010-4832 (Android OS before 2.2 does not display the correct SSL certificate in ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2010-4831 (Untrusted search path vulnerability in gdk/win32/gdkinput-win32.c in ...)
 	- gtk+2.0 <not-affected> (Win32-specific)
 CVE-2009-5086 (Cross-site scripting (XSS) vulnerability in Appliance Configuration ...)

More information about the Secure-testing-commits mailing list