[Secure-testing-commits] r30456 - data/CVE

Helmut Grohne helmutg at moszumanska.debian.org
Sun Nov 30 11:21:23 UTC 2014 

Author: helmutg
Date: 2014-11-30 11:21:23 +0000 (Sun, 30 Nov 2014)
New Revision: 30456

Modified:
   data/CVE/list
Log:
misc NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-11-30 05:52:35 UTC (rev 30455)
+++ data/CVE/list	2014-11-30 11:21:23 UTC (rev 30456)
@@ -904,7 +904,7 @@
 CVE-2014-8949 (The iMember360 plugin 3.8.012 through 3.9.001 for WordPress allows ...)
 	NOT-FOR-US: WordPress plugin iMember360
 CVE-2014-8948 (Cross-site request forgery (CSRF) vulnerability in the iMember360 ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin iMember360
 CVE-2014-8947
 	RESERVED
 CVE-2014-8946
@@ -1265,7 +1265,7 @@
 CVE-2014-8770 (Unrestricted file upload vulnerability in magmi/web/magmi.php in the ...)
 	NOT-FOR-US: Magento
 CVE-2012-6665 (Directory traversal vulnerability in index.php in phpMoneyBooks 1.0.4 ...)
-	TODO: check
+	NOT-FOR-US: phpMoneyBooks
 CVE-2012-6664
 	RESERVED
 CVE-2012-6663
@@ -1584,7 +1584,7 @@
 CVE-2014-8597
 	RESERVED
 CVE-2014-8596 (Multiple SQL injection vulnerabilities in PHP-Fusion 7.02.07 allow ...)
-	TODO: check
+	NOT-FOR-US: PHP-Fusion
 CVE-2014-8595 (arch/x86/x86_emulate/x86_emulate.c in Xen 3.2.1 through 4.4.x does not ...)
 	- xen 4.4.1-4 (bug #770230)
 	[squeeze] - xen <end-of-life> (Unsupported in squeeze-lts)
@@ -4882,7 +4882,7 @@
 CVE-2014-7249
 	RESERVED
 CVE-2014-7248 (Cross-site scripting (XSS) vulnerability in IPA iLogScanner 4.0 allows ...)
-	TODO: check
+	NOT-FOR-US: IPA iLogScanner
 CVE-2014-7247
 	RESERVED
 CVE-2014-7246 (The Core Server in OpenAM 9.5.3 through 9.5.5, 10.0.0 through 10.0.2, ...)
@@ -17467,7 +17467,7 @@
 CVE-2014-2269 (modules/Users/ForgotPassword.php in vTiger 6.0 before Security Patch 2 ...)
 	NOT-FOR-US: vTiger CRM
 CVE-2014-2268 (views/Index.php in the Install module in vTiger 6.0 before Security ...)
-	TODO: check
+	NOT-FOR-US: vTiger CRM
 CVE-2014-2267
 	RESERVED
 CVE-2014-2266
@@ -32832,7 +32832,7 @@
 	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
 CVE-2013-3737 (The MobileUI (aka RT-Extension-MobileUI) extension before 1.04 in ...)
-	TODO: check
+	NOT-FOR-US: Request Tracker extension MobileUI
 CVE-2013-3736 (Cross-site scripting (XSS) vulnerability in the MobileUI (aka ...)
 	NOT-FOR-US: Request Tracker extension MobileUI
 CVE-2013-3735 (** DISPUTED ** The Zend Engine in PHP before 5.4.16 RC1, and 5.5.0 ...)
@@ -55986,7 +55986,7 @@
 CVE-2012-1670 (admin/index.php in PHP Grade Book before 1.9.5 BETA allows remote ...)
 	NOT-FOR-US: PHP Grade Book
 CVE-2012-1669 (Directory traversal vulnerability in index.php in phpMoneyBooks before ...)
-	TODO: check
+	NOT-FOR-US: phpMoneyBooks
 CVE-2012-1668
 	RESERVED
 CVE-2012-1667 (ISC BIND 9.x before 9.7.6-P1, 9.8.x before 9.8.3-P1, 9.9.x before ...)

More information about the Secure-testing-commits mailing list