[Secure-testing-commits] r30448 - data/CVE

Helmut Grohne helmutg at moszumanska.debian.org
Sat Nov 29 20:38:20 UTC 2014 

Author: helmutg
Date: 2014-11-29 20:38:20 +0000 (Sat, 29 Nov 2014)
New Revision: 30448

Modified:
   data/CVE/list
Log:
misc NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-11-29 18:59:27 UTC (rev 30447)
+++ data/CVE/list	2014-11-29 20:38:20 UTC (rev 30448)
@@ -1250,7 +1250,7 @@
 CVE-2014-8771
 	RESERVED
 CVE-2014-8770 (Unrestricted file upload vulnerability in magmi/web/magmi.php in the ...)
-	TODO: check
+	NOT-FOR-US: Magento
 CVE-2012-6665 (Directory traversal vulnerability in index.php in phpMoneyBooks 1.0.4 ...)
 	TODO: check
 CVE-2012-6664
@@ -1315,11 +1315,11 @@
 CVE-2014-8739
 	RESERVED
 CVE-2014-8736 (The Open Atrium Core module for Drupal before 7.x-2.22 allows remote ...)
-	TODO: check
+	NOT-FOR-US: Drupal module Open Atrium Core
 CVE-2014-8735 (The Bad Behavior module 6.x-2.x before 6.x-2.2216 and 7.x-2.x before ...)
-	TODO: check
+	NOT-FOR-US: Drupal module Bad Behavior
 CVE-2014-8734 (The Organic Groups Menu (aka OG Menu) module before 7.x-2.2 for Drupal ...)
-	TODO: check
+	NOT-FOR-US: Drupal module Organic Groups Menu
 CVE-2014-8733
 	RESERVED
 CVE-2014-8730
@@ -1427,9 +1427,9 @@
 CVE-2014-8673
 	RESERVED
 CVE-2014-8672 (Cross-site scripting (XSS) vulnerability in the RewardingYourself ...)
-	TODO: check
+	NOT-FOR-US: RewardingYourself application for Android and BlackBerry
 CVE-2014-8671 (Cross-site scripting (XSS) vulnerability in the GWT Mobile PhoneGap ...)
-	TODO: check
+	NOT-FOR-US: GWT Mobile PhoneGap Showcase application for Android
 CVE-2014-8670 (Open redirect vulnerability in go.php in vBulletin 4.2.1 allows remote ...)
 	NOT-FOR-US: vBulletin
 CVE-2014-8669 (The SAP Promotion Guidelines (CRM-MKT-MPL-TPM-PPG) module for SAP CRM ...)
@@ -1467,7 +1467,7 @@
 CVE-2014-8653 (Cross-site scripting (XSS) vulnerability in Compal Broadband Networks ...)
 	NOT-FOR-US: Compal Gateways
 CVE-2014-8652 (Elipse E3 3.x and earlier allows remote attackers to cause a denial of ...)
-	TODO: check
+	NOT-FOR-US: Elipse E3
 CVE-2014-8649
 	RESERVED
 CVE-2014-8648
@@ -1715,7 +1715,7 @@
 CVE-2014-8581
 	RESERVED
 CVE-2014-8580 (Citrix NetScaler Application Delivery Controller and NetScaler Gateway ...)
-	TODO: check
+	NOT-FOR-US: Citrix Netscaler
 CVE-2014-8579
 	RESERVED
 CVE-2014-8578 (Cross-site scripting (XSS) vulnerability in the Groups panel in ...)
@@ -1762,7 +1762,7 @@
 CVE-2014-8556
 	RESERVED
 CVE-2014-8555 (Directory traversal vulnerability in report/reportViewAction.jsp in ...)
-	TODO: check
+	NOT-FOR-US: Progress Software OpenEdge
 CVE-2014-8553
 	RESERVED
 CVE-2014-8552
@@ -4867,7 +4867,8 @@
 CVE-2014-7247
 	RESERVED
 CVE-2014-7246 (The Core Server in OpenAM 9.5.3 through 9.5.5, 10.0.0 through 10.0.2, ...)
-	TODO: check
+	NOT-FOR-US: OpenAM (SSO Server)
+	NOTE: This is not the openam answering machine.
 CVE-2014-7245
 	RESERVED
 CVE-2014-7244
@@ -6232,13 +6233,13 @@
 CVE-2014-6624 (The Insight module in Aruba Networks ClearPass before 6.3.6 and 6.4.x ...)
 	TODO: check
 CVE-2014-6623 (Cross-site request forgery (CSRF) vulnerability in the Insight module ...)
-	TODO: check
+	NOT-FOR-US: Aruba Networks ClearPass
 CVE-2014-6622 (Aruba Networks ClearPass before 6.3.6 and 6.4.x before 6.4.1 allows ...)
 	TODO: check
 CVE-2014-6621 (Aruba Networks ClearPass before 6.3.6 and 6.4.x before 6.4.1 does not ...)
 	TODO: check
 CVE-2014-6620 (Cross-site scripting (XSS) vulnerability in Aruba Networks ClearPass ...)
-	TODO: check
+	NOT-FOR-US: Aruba Networks ClearPass
 CVE-2014-6619 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
 	NOT-FOR-US: PizzaInn_Project Restaurant Script
 CVE-2014-6618 (Cross-site scripting (XSS) vulnerability in Your Online Shop allows ...)
@@ -7030,7 +7031,7 @@
 CVE-2014-6336
 	RESERVED
 CVE-2014-6335 (Microsoft Word 2007 SP3, Word Viewer, and Office Compatibility Pack ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Office
 CVE-2014-6334 (Microsoft Word 2007 SP3, Word Viewer, and Office Compatibility Pack ...)
 	NOT-FOR-US: Microsoft
 CVE-2014-6333 (Microsoft Word 2007 SP3, Word Viewer, and Office Compatibility Pack ...)
@@ -19260,7 +19261,7 @@
 CVE-2014-1636 (Multiple SQL injection vulnerabilities in Command School Student ...)
 	NOT-FOR-US: Command School Student Management System
 CVE-2014-1635 (Buffer overflow in login.cgi in MiniHttpd in Belkin N750 Router with ...)
-	TODO: check
+	NOT-FOR-US: Belkin router
 CVE-2014-1634
 	RESERVED
 CVE-2014-1633

More information about the Secure-testing-commits mailing list