[Secure-testing-commits] r28926 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Sep 20 08:39:41 UTC 2014
Author: carnil
Date: 2014-09-20 08:39:41 +0000 (Sat, 20 Sep 2014)
New Revision: 28926
Modified:
data/CVE/list
Log:
Process couple of NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-09-20 08:05:10 UTC (rev 28925)
+++ data/CVE/list 2014-09-20 08:39:41 UTC (rev 28926)
@@ -392,7 +392,7 @@
CVE-2014-6393
RESERVED
CVE-2014-6392 (Cross-site scripting (XSS) vulnerability in the Facebook app 14.0 and ...)
- TODO: check
+ NOT-FOR-US: Facebook app and Facebook Messenger app for iOS
CVE-2014-6391
RESERVED
CVE-2014-6390
@@ -1413,155 +1413,155 @@
CVE-2014-5958
RESERVED
CVE-2014-5957 (The Alien War Survivors (aka com.ly.a13.gp) application 1.3.1 for ...)
- TODO: check
+ NOT-FOR-US: Alien War Survivors (aka com.ly.a13.gp) application for Android
CVE-2014-5956 (The VPlayer Video Player (aka me.abitno.vplayer.t) application 3.2.6 ...)
- TODO: check
+ NOT-FOR-US: VPlayer Video Player (aka me.abitno.vplayer.t) application for Android
CVE-2014-5955 (The Atomic Fusion (aka com.bytesized.fusion) application 1.7 for ...)
- TODO: check
+ NOT-FOR-US: Atomic Fusion (aka com.bytesized.fusion) application for Android
CVE-2014-5954 (The State Bank Anywhere (aka com.sbi.SBIFreedomPlus) application 2.0.1 ...)
- TODO: check
+ NOT-FOR-US: State Bank Anywhere (aka com.sbi.SBIFreedomPlus) application for Android
CVE-2014-5953 (The KASKUS (aka com.kaskus.android) application 2.13.0 for Android ...)
- TODO: check
+ NOT-FOR-US: KASKUS (aka com.kaskus.android) application for Android
CVE-2014-5952 (The E-Dziennik (aka com.librus.dziennik) application 0.5.2 for Android ...)
- TODO: check
+ NOT-FOR-US: E-Dziennik (aka com.librus.dziennik) application for Android
CVE-2014-5951 (The SinoPac (aka com.sionpac.app.SinoPac) application 2.4.2 for ...)
- TODO: check
+ NOT-FOR-US: SinoPac (aka com.sionpac.app.SinoPac) application for Android
CVE-2014-5950 (The NOW (aka com.smtown.smtownnow.androidapp) application 0.9.8 for ...)
- TODO: check
+ NOT-FOR-US: NOW (aka com.smtown.smtownnow.androidapp) application for Android
CVE-2014-5949 (The TICKET APP - Concerts & Sports (aka com.xcr.android.ticketapp) ...)
- TODO: check
+ NOT-FOR-US: TICKET APP - Concerts & Sports (aka com.xcr.android.ticketapp) application for Android
CVE-2014-5948 (The Obama for America (aka com.barackobama.ofa) application 1.02 for ...)
- TODO: check
+ NOT-FOR-US: Obama for America (aka com.barackobama.ofa) application for Android
CVE-2014-5947 (The psicofxp (aka com.tapatalk.psicofxpcom) application 2.4.12.15 for ...)
- TODO: check
+ NOT-FOR-US: psicofxp (aka com.tapatalk.psicofxpcom) application for Android
CVE-2014-5946 (The forumhawaaworldcom (aka com.tapatalk.forumhawaaworldcom) ...)
- TODO: check
+ NOT-FOR-US: forumhawaaworldcom (aka com.tapatalk.forumhawaaworldcom) application for Android
CVE-2014-5945 (The Edline Mobile (aka com.wEdlineFree) application 0.63.13369.34294 ...)
- TODO: check
+ NOT-FOR-US: Edline Mobile (aka com.wEdlineFree) application for Android
CVE-2014-5944 (The Soccer Blitz (aka soccer.blitz) application 1.06 for Android does ...)
- TODO: check
+ NOT-FOR-US: Soccer Blitz (aka soccer.blitz) application for Android
CVE-2014-5943 (The LabMSF Antivirus beta (aka com.ReSync.RNGN) 1.0.2 application Beta ...)
- TODO: check
+ NOT-FOR-US: LabMSF Antivirus beta (aka com.ReSync.RNGN) 1.0.2 application for Android
CVE-2014-5942 (The Baby Stomach Surgery (aka com.harriskerioe.stomachsurgery) ...)
- TODO: check
+ NOT-FOR-US: Baby Stomach Surgery (aka com.harriskerioe.stomachsurgery) application for Android
CVE-2014-5941 (The Armpit Spa & Girl Games (aka com.freegames.spamakeover) ...)
- TODO: check
+ NOT-FOR-US: Armpit Spa & Girl Games (aka com.freegames.spamakeover) application for Android
CVE-2014-5940 (The PocketPC.ch (aka com.tapatalk.pocketpcch) application 3.9.51 for ...)
- TODO: check
+ NOT-FOR-US: PocketPC.ch (aka com.tapatalk.pocketpcch) application for Android
CVE-2014-5939 (The travelzadcomvb (aka com.tapatalk.travelzadcomvb) application ...)
- TODO: check
+ NOT-FOR-US: travelzadcomvb (aka com.tapatalk.travelzadcomvb) application for Android
CVE-2014-5938 (The AllDealsAsia All Deals ADA app (aka com.ada.deals) application ...)
- TODO: check
+ NOT-FOR-US: AllDealsAsia All Deals ADA app (aka com.ada.deals) application for Android
CVE-2014-5937 (The Social Networking (aka com.wSocialNetworkingSites) application ...)
- TODO: check
+ NOT-FOR-US: Social Networking (aka com.wSocialNetworkingSites) application for Android
CVE-2014-5936 (The INCOgnito Private Browser (aka com.SL.InCoBrowser) application ...)
- TODO: check
+ NOT-FOR-US: INCOgnito Private Browser (aka com.SL.InCoBrowser) application for Android
CVE-2014-5935 (The Daily Free App @ Amazon (aka com.kattanweb.android.dfaa) ...)
- TODO: check
+ NOT-FOR-US: Daily Free App @ Amazon (aka com.kattanweb.android.dfaa) application for Android
CVE-2014-5934 (The Flurv Chat (aka com.flurv.android) application 4.3.3 for Android ...)
- TODO: check
+ NOT-FOR-US: Flurv Chat (aka com.flurv.android) application for Android
CVE-2014-5933 (The Coke Studio 7 (aka com.cokeshare.pakistan) application 1 for ...)
- TODO: check
+ NOT-FOR-US: Coke Studio 7 (aka com.cokeshare.pakistan) application for Android
CVE-2014-5932 (The Vodafone Mobile at Work (aka com.mobileiron.vodafone.MIClient) ...)
- TODO: check
+ NOT-FOR-US: Vodafone Mobile at Work (aka com.mobileiron.vodafone.MIClient) application for Android
CVE-2014-5931 (The Stop & Shop SCAN IT! Mobile (aka com.modivmedia.scanitss) ...)
- TODO: check
+ NOT-FOR-US: Stop & Shop SCAN IT! Mobile (aka com.modivmedia.scanitss) application for Android
CVE-2014-5930 (The Store and Share (aka sg.com.singnet.mystorage.android) application ...)
- TODO: check
+ NOT-FOR-US: Store and Share (aka sg.com.singnet.mystorage.android) application for Android
CVE-2014-5929 (The emartmall (aka kr.co.emart.emartmall) application 1.3.3 for ...)
- TODO: check
+ NOT-FOR-US: emartmall (aka kr.co.emart.emartmall) application for Android
CVE-2014-5928 (The Steganos Online Shield VPN (aka com.steganos.onlineshield) ...)
- TODO: check
+ NOT-FOR-US: Steganos Online Shield VPN (aka com.steganos.onlineshield) application for Android
CVE-2014-5927 (The FastCustomer -- Fast Customer (aka www.fastcustomer.com) ...)
- TODO: check
+ NOT-FOR-US: FastCustomer -- Fast Customer (aka www.fastcustomer.com) application for Android
CVE-2014-5926 (The DCU Mobile Banking (aka com.Vertifi.Mobile.P211391825) application ...)
- TODO: check
+ NOT-FOR-US: DCU Mobile Banking (aka com.Vertifi.Mobile.P211391825) application for Android
CVE-2014-5925 (The 10000 Kindle Books Downloads (aka ...)
- TODO: check
+ NOT-FOR-US: 10000 Kindle Books Downloads (aka com.ww10000KindleBooksLatestnBestSellers) application for Android
CVE-2014-5924 (The Monster Makeup (aka com.bearhugmedia.android_monster) application ...)
- TODO: check
+ NOT-FOR-US: Monster Makeup (aka com.bearhugmedia.android_monster) application for Android
CVE-2014-5923 (The Facebook Status Via (aka com.StatusViaAdvanced) application 3.5 ...)
- TODO: check
+ NOT-FOR-US: Facebook Status Via (aka com.StatusViaAdvanced) application for Android
CVE-2014-5922 (The ga6748 (aka com.g.ga6748) application 1 for Android does not ...)
- TODO: check
+ NOT-FOR-US: ga6748 (aka com.g.ga6748) application for Android
CVE-2014-5921 (The Need for Speed Network (aka com.ea.nfsautolog.bv) application ...)
- TODO: check
+ NOT-FOR-US: Need for Speed Network (aka com.ea.nfsautolog.bv) application for Android
CVE-2014-5920 (The VK Amberfog (aka com.amberfog.vkfree) application 3.5.6 for ...)
- TODO: check
+ NOT-FOR-US: VK Amberfog (aka com.amberfog.vkfree) application for Android
CVE-2014-5919 (The SurDoc - 100GB+ FREE storage (aka com.jd.surdoc) application ...)
- TODO: check
+ NOT-FOR-US: SurDoc - 100GB+ FREE storage (aka com.jd.surdoc) application for Android
CVE-2014-5918 (The Secret Circle - talk freely (aka com.easyxapp.secret) application ...)
- TODO: check
+ NOT-FOR-US: Secret Circle - talk freely (aka com.easyxapp.secret) application for Android
CVE-2014-5917 (The Slideshow 365 (aka com.Slideshow) application 3.6 for Android does ...)
- TODO: check
+ NOT-FOR-US: Slideshow 365 (aka com.Slideshow) application for Android
CVE-2014-5916 (The Minha Oi (aka br.com.mobicare.minhaoi) application 1.15.0 for ...)
- TODO: check
+ NOT-FOR-US: Minha Oi (aka br.com.mobicare.minhaoi) application for Android
CVE-2014-5915 (The Tigo Copa Mundial FIFA 2014 (aka com.fwc2014.millicom.and) ...)
- TODO: check
+ NOT-FOR-US: Tigo Copa Mundial FIFA 2014 (aka com.fwc2014.millicom.and) application for Android
CVE-2014-5914 (The Finansbank Cep Subesi (aka com.finansbank.mobile.cepsube) ...)
- TODO: check
+ NOT-FOR-US: Finansbank Cep Subesi (aka com.finansbank.mobile.cepsube) application for Android
CVE-2014-5913 (The Allies in War (aka com.gamelion.aiw) application 1.3.2 for Android ...)
- TODO: check
+ NOT-FOR-US: Allies in War (aka com.gamelion.aiw) application for Android
CVE-2014-5912 (The InNote (aka com.intsig.notes) application 1.0.3.20131119 for ...)
- TODO: check
+ NOT-FOR-US: InNote (aka com.intsig.notes) application for Android
CVE-2014-5911 (The Free App Icons & Icon Packs (aka com.jellytap.cooliconfinder) ...)
- TODO: check
+ NOT-FOR-US: Free App Icons & Icon Packs (aka com.jellytap.cooliconfinder) application for Android
CVE-2014-5910 (The Dog Whistle (aka com.dogwhistle.dogtrainingandroidapp) application ...)
- TODO: check
+ NOT-FOR-US: Dog Whistle (aka com.dogwhistle.dogtrainingandroidapp) application for Android
CVE-2014-5909 (The watcha (aka com.frograms.watcha) application 2.0.2 for Android ...)
- TODO: check
+ NOT-FOR-US: watcha (aka com.frograms.watcha) application for Android
CVE-2014-5908 (The Kmart (aka com.kmart.android) application @7F0C00EF for Android ...)
- TODO: check
+ NOT-FOR-US: Kmart (aka com.kmart.android) application for Android
CVE-2014-5907 (The Pet Salon (aka com.libiitech.petsalon) application 1.0.1 for ...)
- TODO: check
+ NOT-FOR-US: Pet Salon (aka com.libiitech.petsalon) application for Android
CVE-2014-5906 (The Lil Wayne Slots: FREE SLOTS (aka com.lilwayneslots.slots.android) ...)
- TODO: check
+ NOT-FOR-US: Lil Wayne Slots: FREE SLOTS (aka com.lilwayneslots.slots.android) application for Android
CVE-2014-5905 (The Grocery List - Tomatoes (aka com.meucarrinho) application 5.1.4 ...)
- TODO: check
+ NOT-FOR-US: Grocery List - Tomatoes (aka com.meucarrinho) application for Android
CVE-2014-5904 (The MiniInTheBox Online Shopping (aka com.miniinthebox.android) ...)
- TODO: check
+ NOT-FOR-US: MiniInTheBox Online Shopping (aka com.miniinthebox.android) application for Android
CVE-2014-5903 (The Mobile at Work (aka com.mobileiron) application 6.0.0.1.12R for ...)
- TODO: check
+ NOT-FOR-US: Mobile at Work (aka com.mobileiron) application for Android
CVE-2014-5902 (The UA Cinemas - Mobile ticketing (aka com.mtel.uacinemaapps) ...)
- TODO: check
+ NOT-FOR-US: UA Cinemas - Mobile ticketing (aka com.mtel.uacinemaapps) application for Android
CVE-2014-5901 (The Beauty Bible - App for Girls (aka com.my.beauty.bible) application ...)
- TODO: check
+ NOT-FOR-US: Beauty Bible - App for Girls (aka com.my.beauty.bible) application for Android
CVE-2014-5900 (The myHomework Student Planner (aka com.myhomeowork) application 3.0.2 ...)
- TODO: check
+ NOT-FOR-US: myHomework Student Planner (aka com.myhomeowork) application for Android
CVE-2014-5899 (The Nespresso (aka com.nespresso.activities) application 2.4.1 for ...)
- TODO: check
+ NOT-FOR-US: Nespresso (aka com.nespresso.activities) application for Android
CVE-2014-5898 (The Heavy Duty Truck Driver Simulator 3D (aka ...)
- TODO: check
+ NOT-FOR-US: Heavy Duty Truck Driver Simulator 3D (aka com.oas.heavy.duty.truck.driver.simulator3d) application for Android
CVE-2014-5897 (The Parallel Mafia MMORPG (aka com.perblue.pm.client) application ...)
- TODO: check
+ NOT-FOR-US: Parallel Mafia MMORPG (aka com.perblue.pm.client) application for Android
CVE-2014-5896 (The GlobalTalk- free phone calls (aka com.seawolftech.globaltalk) ...)
- TODO: check
+ NOT-FOR-US: GlobalTalk- free phone calls (aka com.seawolftech.globaltalk) application for Android
CVE-2014-5895 (The ShopYourWay (aka com.sears.shopyourway) application 1.9 for ...)
- TODO: check
+ NOT-FOR-US: ShopYourWay (aka com.sears.shopyourway) application for Android
CVE-2014-5894 (The AireTalk: Text, Call, & More! (aka com.pingshow.amper) application ...)
- TODO: check
+ NOT-FOR-US: AireTalk: Text, Call, & More! (aka com.pingshow.amper) application for Android
CVE-2014-5893 (The froyo (aka com.shinsegae.mobile.froyo) application 5.1.3 for ...)
- TODO: check
+ NOT-FOR-US: froyo (aka com.shinsegae.mobile.froyo) application for Android
CVE-2014-5892 (The greenbill (aka com.show.greenbill_G) application 2.0.3 for Android ...)
- TODO: check
+ NOT-FOR-US: greenbill (aka com.show.greenbill_G) application for Android
CVE-2014-5891 (The SnipSnap Coupon App (aka com.snipsnap.snipsnapapp) application ...)
- TODO: check
+ NOT-FOR-US: SnipSnap Coupon App (aka com.snipsnap.snipsnapapp) application for Android
CVE-2014-5890 (The KBO sports2i 2014 (aka com.sports2i) application 5.1.00 for ...)
- TODO: check
+ NOT-FOR-US: KBO sports2i 2014 (aka com.sports2i) application for Android
CVE-2014-5889 (The Android Forums (aka com.tapatalk.androidforumscom) application ...)
- TODO: check
+ NOT-FOR-US: Android Forums (aka com.tapatalk.androidforumscom) application for Android
CVE-2014-5888 (The SLOTS: Bible Slots Free (aka com.topfreegames.topbibleslots) ...)
- TODO: check
+ NOT-FOR-US: SLOTS: Bible Slots Free (aka com.topfreegames.topbibleslots) application for Android
CVE-2014-5887 (The Yell Local Search (aka com.yell.launcher2) application 4.2.1.4 for ...)
- TODO: check
+ NOT-FOR-US: Yell Local Search (aka com.yell.launcher2) application for Android
CVE-2014-5886 (The iVysilani ceske televize (aka cz.motion.ivysilani) application 1.6 ...)
- TODO: check
+ NOT-FOR-US: iVysilani ceske televize (aka cz.motion.ivysilani) application for Android
CVE-2014-5885 (The Disaster Alert (aka disasterAlert.PDC) application 3.2 for Android ...)
- TODO: check
+ NOT-FOR-US: Disaster Alert (aka disasterAlert.PDC) application for Android
CVE-2014-5884 (The 1&1 Online Storage (aka de.einsundeins.smartdrive) application ...)
- TODO: check
+ NOT-FOR-US: 1&1 Online Storage (aka de.einsundeins.smartdrive) application for Android
CVE-2014-5883 (The 7-ELEVEN (aka ecowork.seven) application 2.08.000 for Android does ...)
- TODO: check
+ NOT-FOR-US: 7-ELEVEN (aka ecowork.seven) application for Android
CVE-2014-5882 (The Homoo Ijiri (aka jp.co.applica) application 3.7 for Android does ...)
NOT-FOR-US: Homoo Ijiri (aka jp.co.applica) application for Android
CVE-2014-5881 (The Yahoo! ybox (aka jp.co.yahoo.android.ybox) application 1.5.1 for ...)
@@ -2475,7 +2475,7 @@
CVE-2014-5442
RESERVED
CVE-2014-5441 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
- TODO: check
+ NOT-FOR-US: Fat Free CRM
CVE-2014-5440 (SQL injection vulnerability in Login.aspx in MPEX Business Solutions ...)
NOT-FOR-US: MX-SmartTimer
CVE-2014-5439
@@ -2531,11 +2531,11 @@
CVE-2014-5414
RESERVED
CVE-2014-5413 (Schneider Electric StruxureWare SCADA Expert ClearSCADA 2010 R3 ...)
- TODO: check
+ NOT-FOR-US: Schneider Electric
CVE-2014-5412 (Schneider Electric StruxureWare SCADA Expert ClearSCADA 2010 R3 ...)
- TODO: check
+ NOT-FOR-US: Schneider Electric
CVE-2014-5411 (Multiple cross-site scripting (XSS) vulnerabilities in Schneider ...)
- TODO: check
+ NOT-FOR-US: Schneider Electric
CVE-2014-5410
RESERVED
CVE-2014-5409
@@ -2543,7 +2543,7 @@
CVE-2014-5408
RESERVED
CVE-2014-5407 (Multiple stack-based buffer overflows in Schneider Electric VAMPSET ...)
- TODO: check
+ NOT-FOR-US: Schneider Electric
CVE-2014-5406
RESERVED
CVE-2014-5405
@@ -4055,11 +4055,11 @@
CVE-2014-4827
RESERVED
CVE-2014-4826 (IBM Security QRadar SIEM 7.2 before 7.2.3 Patch 1 does not properly ...)
- TODO: check
+ NOT-FOR-US: IBM Security QRadar
CVE-2014-4825
RESERVED
CVE-2014-4824 (SQL injection vulnerability in IBM Security QRadar SIEM 7.2 before ...)
- TODO: check
+ NOT-FOR-US: IBM Security QRadar
CVE-2014-4823
RESERVED
CVE-2014-4822
@@ -4067,9 +4067,9 @@
CVE-2014-4821
RESERVED
CVE-2014-4820 (Cross-site scripting (XSS) vulnerability in IBM Integration Bus ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2014-4819 (The web user interface in IBM WebSphere Message Broker 8.0 before ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2014-4818
RESERVED
CVE-2014-4817
@@ -4181,7 +4181,7 @@
CVE-2014-4764 (IBM WebSphere Application Server (WAS) 8.0.x before 8.0.0.10 and 8.5.x ...)
NOT-FOR-US: IBM WebSphere Application Server
CVE-2014-4763 (Cross-site scripting (XSS) vulnerability in Content Navigator in ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2014-4762 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.0.0 ...)
NOT-FOR-US: IBM
CVE-2014-4761
@@ -5032,45 +5032,45 @@
CVE-2014-4424
RESERVED
CVE-2014-4423 (The Accounts subsystem in Apple iOS before 8 allows attackers to ...)
- TODO: check
+ NOT-FOR-US: Accounts subsystem in Apple iOS
CVE-2014-4422 (The kernel in Apple iOS before 8 and Apple TV before 7 uses a ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2014-4421 (The network-statistics interface in the kernel in Apple iOS before 8 ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2014-4420 (The network-statistics interface in the kernel in Apple iOS before 8 ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2014-4419 (The network-statistics interface in the kernel in Apple iOS before 8 ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2014-4418 (IOKit in Apple iOS before 8 and Apple TV before 7 does not properly ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2014-4417
RESERVED
CVE-2014-4416
RESERVED
CVE-2014-4415 (WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows ...)
- TODO: check
+ NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
CVE-2014-4414 (WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows ...)
- TODO: check
+ NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
CVE-2014-4413 (WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows ...)
- TODO: check
+ NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
CVE-2014-4412 (WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows ...)
- TODO: check
+ NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
CVE-2014-4411 (WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows ...)
- TODO: check
+ NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
CVE-2014-4410 (WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows ...)
- TODO: check
+ NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
CVE-2014-4409 (WebKit in Apple iOS before 8 makes it easier for remote attackers to ...)
- TODO: check
+ NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
CVE-2014-4408 (The rt_setgate function in the kernel in Apple iOS before 8 and Apple ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2014-4407 (IOKit in Apple iOS before 8 and Apple TV before 7 does not properly ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2014-4406
RESERVED
CVE-2014-4405 (IOHIDFamily in Apple iOS before 8 and Apple TV before 7 allows ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2014-4404 (Heap-based buffer overflow in IOHIDFamily in Apple iOS before 8 and ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2014-4403
RESERVED
CVE-2014-4402
@@ -5100,63 +5100,63 @@
CVE-2014-4390
RESERVED
CVE-2014-4389 (Integer overflow in IOKit in Apple iOS before 8 and Apple TV before 7 ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2014-4388 (IOKit in Apple iOS before 8 and Apple TV before 7 does not properly ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2014-4387
RESERVED
CVE-2014-4386 (Race condition in the App Installation feature in Apple iOS before 8 ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2014-4385
RESERVED
CVE-2014-4384 (Directory traversal vulnerability in the App Installation feature in ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2014-4383 (The Assets subsystem in Apple iOS before 8 and Apple TV before 7 ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2014-4382
RESERVED
CVE-2014-4381 (Libnotify in Apple iOS before 8 and Apple TV before 7 lacks proper ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2014-4380 (The IOHIDFamily kernel extension in Apple iOS before 8 and Apple TV ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2014-4379 (An unspecified IOHIDFamily function in Apple iOS before 8 and Apple TV ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2014-4378 (CoreGraphics in Apple iOS before 8 and Apple TV before 7 allows remote ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2014-4377 (Integer overflow in CoreGraphics in Apple iOS before 8 and Apple TV ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2014-4376
RESERVED
CVE-2014-4375 (Double free vulnerability in Apple iOS before 8 and Apple TV before 7 ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2014-4374 (NSXMLParser in Foundation in Apple iOS before 8 allows attackers to ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2014-4373 (The IntelAccelerator driver in the IOAcceleratorFamily subsystem in ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2014-4372 (syslogd in the syslog subsystem in Apple iOS before 8 and Apple TV ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2014-4371 (The network-statistics interface in the kernel in Apple iOS before 8 ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2014-4370
RESERVED
CVE-2014-4369 (The IOAcceleratorFamily API implementation in Apple iOS before 8 and ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2014-4368 (The Accessibility subsystem in Apple iOS before 8 allows attackers to ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2014-4367 (Apple iOS before 8 enables Voice Dial during all upgrade actions, ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2014-4366 (Mail in Apple iOS before 8 does not prevent sending a LOGIN command to ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2014-4365
RESERVED
CVE-2014-4364 (The 802.1X subsystem in Apple iOS before 8 and Apple TV before 7 does ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2014-4363 (Safari in Apple iOS before 8 does not properly restrict the ...)
- TODO: check
+ NOT-FOR-US: Safari in Apple iOS
CVE-2014-4362 (The Sandbox Profiles implementation in Apple iOS before 8 does not ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2014-4361 (The Home & Lock Screen subsystem in Apple iOS before 8 does not ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2014-4360
RESERVED
CVE-2014-4359
@@ -5164,17 +5164,17 @@
CVE-2014-4358
RESERVED
CVE-2014-4357 (Accounts Framework in Apple iOS before 8 and Apple TV before 7 allows ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2014-4356 (Apple iOS before 8 does not follow the intended configuration setting ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2014-4355
RESERVED
CVE-2014-4354 (Apple iOS before 8 enables Bluetooth during all upgrade actions, which ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2014-4353 (Race condition in iMessage in Apple iOS before 8 allows attackers to ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2014-4352 (Address Book in Apple iOS before 8 relies on the hardware UID for its ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2014-4351
RESERVED
CVE-2014-4350
@@ -5825,19 +5825,19 @@
CVE-2014-4075
RESERVED
CVE-2014-4074 (The Task Scheduler in Microsoft Windows 8, Windows 8.1, Windows Server ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2014-4073
RESERVED
CVE-2014-4072 (Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4, ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2014-4071 (The Server in Microsoft Lync Server 2013 allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: Microsoft Lync Server
CVE-2014-4070 (Cross-site scripting (XSS) vulnerability in the Web Components Server ...)
- TODO: check
+ NOT-FOR-US: Microsoft Lync Server
CVE-2014-4069
RESERVED
CVE-2014-4068 (The Response Group Service in Microsoft Lync Server 2010 and 2013 and ...)
- TODO: check
+ NOT-FOR-US: Microsoft Lync Server
CVE-2014-4067 (Microsoft Internet Explorer 10 and 11 allows remote attackers to ...)
NOT-FOR-US: Microsoft Internet Explorer
CVE-2014-4066
@@ -7729,9 +7729,9 @@
CVE-2014-3364
RESERVED
CVE-2014-3363 (Cross-site scripting (XSS) vulnerability in the web framework in Cisco ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2014-3362 (Memory leak in Cisco TelePresence System Edge MXP Series Software ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2014-3361
RESERVED
CVE-2014-3360
@@ -7769,9 +7769,9 @@
CVE-2014-3344 (Multiple cross-site scripting (XSS) vulnerabilities in the web ...)
NOT-FOR-US: Cisco
CVE-2014-3343 (Cisco IOS XR 5.1 allows remote attackers to cause a denial of service ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2014-3342 (The CLI in Cisco IOS XR allows remote authenticated users to obtain ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2014-3341 (The SNMP module in Cisco NX-OS 7.0(3)N1(1) and earlier on Nexus 5000 ...)
NOT-FOR-US: Cisco NX-OS
CVE-2014-3340 (Directory traversal vulnerability in an unspecified PHP script in the ...)
@@ -8449,7 +8449,7 @@
CVE-2014-3093 (IBM PowerVC 1.2.0 before FP3 and 1.2.1 before FP2 uses cleartext ...)
NOT-FOR-US: IBM
CVE-2014-3092 (IBM Jazz Team Server, as used in Rational Collaborative Lifecycle ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2014-3091
RESERVED
CVE-2014-3090
@@ -8475,11 +8475,11 @@
CVE-2014-3080 (Multiple cross-site scripting (XSS) vulnerabilities on IBM GCM16 and ...)
NOT-FOR-US: IBM
CVE-2014-3079 (The Administration and Reporting Tool in IBM Rational License Key ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2014-3078
RESERVED
CVE-2014-3077 (IBM SONAS and System Storage Storwize V7000 Unified (aka V7000U) 1.3.x ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2014-3076 (IBM Business Process Manager (BPM) 8.5 through 8.5.5 allows remote ...)
NOT-FOR-US: IBM
CVE-2014-3075 (Cross-site scripting (XSS) vulnerability in IBM Business Process ...)
@@ -8559,7 +8559,7 @@
CVE-2014-3038 (IBM SPSS Modeler 16.0 before 16.0.0.1 on UNIX does not properly drop ...)
NOT-FOR-US: IBM SPSS Modeler
CVE-2014-3037 (Cross-site request forgery (CSRF) vulnerability in IBM Configuration ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2014-3036 (Unspecified vulnerability in IBM API Management 3.0.0.0, when basic ...)
NOT-FOR-US: IBM API Management
CVE-2014-3035 (Cross-site scripting (XSS) vulnerability in IBM Emptoris Spend ...)
@@ -14059,7 +14059,7 @@
CVE-2014-0910 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal ...)
NOT-FOR-US: IBM WebSphere Portal
CVE-2014-0909 (The Administration and Reporting Tool in IBM Rational License Key ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2014-0908 (The User Attribute implementation in IBM Business Process Manager ...)
NOT-FOR-US: IBM Business Process Manager
CVE-2014-0907 (Multiple untrusted search path vulnerabilities in unspecified (1) ...)
@@ -16056,7 +16056,7 @@
CVE-2014-0352
REJECTED
CVE-2014-0351 (The FortiManager protocol service in Fortinet FortiOS before 4.3.16 ...)
- TODO: check
+ NOT-FOR-US: Fortinet FortiOS
CVE-2014-0350 (The Poco::Net::X509Certificate::verify method in the NetSSL library in ...)
- poco <unfixed> (low; bug #746637)
[squeeze] - poco <no-dsa> (Minor issue)
More information about the Secure-testing-commits
mailing list