[Secure-testing-commits] r32027 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Fri Feb 6 15:55:01 UTC 2015 

Author: carnil
Date: 2015-02-06 15:55:01 +0000 (Fri, 06 Feb 2015)
New Revision: 32027

Modified:
   data/CVE/list
Log:
Further NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-02-06 15:51:29 UTC (rev 32026)
+++ data/CVE/list	2015-02-06 15:55:01 UTC (rev 32027)
@@ -27,7 +27,7 @@
 CVE-2015-1476 (Multiple SQL injection vulnerabilities in xlinkerz ecommerceMajor ...)
 	TODO: check
 CVE-2015-1475 (Multiple cross-site scripting (XSS) vulnerabilities in my little forum ...)
-	TODO: check
+	NOT-FOR-US: My Little Forum
 CVE-2015-1474
 	RESERVED
 CVE-2015-1471
@@ -74,7 +74,7 @@
 CVE-2015-1451 (Multiple cross-site scripting (XSS) vulnerabilities in Fortinet ...)
 	NOT-FOR-US: Fortinet FortiOS
 CVE-2015-1450 (SQL injection vulnerability in Restaurant Biller allows remote ...)
-	TODO: check
+	NOT-FOR-US: Restaurant Biller
 CVE-2015-1449 (Buffer overflow in the integrated web server on Siemens Ruggedcom ...)
 	NOT-FOR-US: Siemens Ruggedcom
 CVE-2015-1448 (The integrated management service on Siemens Ruggedcom WIN51xx devices ...)
@@ -108,7 +108,7 @@
 CVE-2015-1429
 	RESERVED
 CVE-2015-1428 (Multiple SQL injection vulnerabilities in Sefrengo before 1.6.2 allow ...)
-	TODO: check
+	NOT-FOR-US: Sefrengo
 CVE-2015-1427
 	RESERVED
 CVE-2015-1426
@@ -203,11 +203,11 @@
 CVE-2015-1425
 	RESERVED
 CVE-2015-1424 (Cross-site request forgery (CSRF) vulnerability in Gecko CMS 2.2 and ...)
-	TODO: check
+	NOT-FOR-US: Gecko CMS
 CVE-2015-1423 (Multiple SQL injection vulnerabilities in Gecko CMS 2.2 and 2.3 allow ...)
-	TODO: check
+	NOT-FOR-US: Gecko CMS
 CVE-2015-1422 (Multiple cross-site scripting (XSS) vulnerabilities in Gecko CMS 2.2 ...)
-	TODO: check
+	NOT-FOR-US: Gecko CMS
 CVE-2015-XXXX [symlink directory traversal]
 	- unrar-nonfree (bug #774171)
 	[wheezy] - unrar-nonfree <no-dsa> (Non-free not supported)
@@ -297,7 +297,7 @@
 CVE-2015-1371 (Unrestricted file upload vulnerability in ferretCMS 1.0.4-alpha allows ...)
 	NOT-FOR-US: ferretCMS
 CVE-2015-1368 (Multiple cross-site scripting (XSS) vulnerabilities in Ansible Tower ...)
-	TODO: check
+	NOT-FOR-US: Ansible Tower
 CVE-2015-1367 (SQL injection vulnerability in index.php in CatBot 0.4.2 allows remote ...)
 	TODO: check
 CVE-2015-1366 (Cross-site scripting (XSS) vulnerability in pixabay-images.php in the ...)
@@ -480,7 +480,7 @@
 CVE-2014-9641
 	RESERVED
 CVE-2014-9633 (The bdisk.sys driver in COMODO Backup before 4.4.1.23 allows remote ...)
-	TODO: check
+	NOT-FOR-US: COMODO Backup
 CVE-2014-9632
 	RESERVED
 CVE-2015-1386 [directory traversal]
@@ -798,7 +798,7 @@
 CVE-2015-1179 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
 	TODO: check
 CVE-2015-1178 (Multiple cross-site scripting (XSS) vulnerabilities in cart.php in ...)
-	TODO: check
+	NOT-FOR-US: X-Cart
 CVE-2015-1177
 	RESERVED
 	NOT-FOR-US: Exponent CMS
@@ -1266,7 +1266,7 @@
 CVE-2014-9600 (Untrusted search path vulnerability in Macroplant iExplorer 3.6.3.0 ...)
 	NOT-FOR-US: Macroplant iExplorer
 CVE-2014-9599 (Cross-site scripting (XSS) vulnerability in the filemanager in ...)
-	TODO: check
+	NOT-FOR-US: b2evolution
 CVE-2014-9598 (The picture_Release function in misc/picture.c in VideoLAN VLC media ...)
 	- ffmpeg <not-affected> (Not reproducible with any ffmpeg release series)
 	[squeeze] - ffmpeg <end-of-life>
@@ -1367,9 +1367,9 @@
 CVE-2015-1045
 	RESERVED
 CVE-2015-1044 (vmware-authd (aka the Authorization process) in VMware Workstation ...)
-	TODO: check
+	NOT-FOR-US: VMware
 CVE-2015-1043 (The Host Guest File System (HGFS) in VMware Workstation 10.x before ...)
-	TODO: check
+	NOT-FOR-US: VMware
 CVE-2015-1041 (Cross-site scripting (XSS) vulnerability in e107_admin/filemanager.php ...)
 	NOT-FOR-US: e107
 CVE-2015-1040 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
@@ -1977,13 +1977,13 @@
 CVE-2015-0870 (Cross-site scripting (XSS) vulnerability in hb.cgi in Nishishi Factory ...)
 	NOT-FOR-US: Nishishi Factory
 CVE-2015-0869 (I-O DATA DEVICE NP-BBRM routers allow remote attackers to cause a ...)
-	TODO: check
+	NOT-FOR-US: I-O DATA DEVICE NP-BBRM routers
 CVE-2015-0868 (Unrestricted file upload vulnerability in Mrs. Shiromuku Perl CGI ...)
 	TODO: check
 CVE-2015-0867 (Directory traversal vulnerability in SYNCK GRAPHICA Download Log CGI ...)
 	NOT-FOR-US: SYNCK GRAPHICA Download Log CGI
 CVE-2015-0866 (Multiple cross-site scripting (XSS) vulnerabilities in Zoho ...)
-	TODO: check
+	NOT-FOR-US: ZOHO ManageEngine SupportCenter Plus
 CVE-2015-0865
 	RESERVED
 CVE-2015-0864
@@ -2519,15 +2519,15 @@
 CVE-2015-0600
 	RESERVED
 CVE-2015-0599 (The web interface in Cisco Integrated Management Controller in Cisco ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2015-0598
 	RESERVED
 CVE-2015-0597 (The Forgot Password feature in Cisco WebEx Meetings Server 1.5(.1.131) ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2015-0596 (Cross-site request forgery (CSRF) vulnerability in Cisco WebEx ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2015-0595 (The XMLAPI in Cisco WebEx Meetings Server 1.5(.1.131) and earlier ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2015-0594
 	RESERVED
 CVE-2015-0593
@@ -2545,7 +2545,7 @@
 CVE-2015-0587
 	RESERVED
 CVE-2015-0586 (The Network-Based Application Recognition (NBAR) protocol ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2015-0585
 	RESERVED
 CVE-2015-0584
@@ -2555,7 +2555,7 @@
 CVE-2015-0582 (The High Availability (HA) subsystem in Cisco NX-OS on MDS 9000 ...)
 	NOT-FOR-US: Cisco NX-OS
 CVE-2015-0581 (The XML parser in Cisco Prime Service Catalog before 10.1 allows ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2015-0580
 	RESERVED
 CVE-2015-0579 (Cisco TelePresence Video Communication Server (VCS) and Cisco ...)
@@ -3351,15 +3351,15 @@
 	RESERVED
 	NOT-FOR-US: EMC Documentum D2
 CVE-2015-0516 (Directory traversal vulnerability in EMC M&R (aka Watch4Net) before ...)
-	TODO: check
+	NOT-FOR-US: EMC
 CVE-2015-0515 (Unrestricted file upload vulnerability in EMC M&R (aka Watch4Net) ...)
-	TODO: check
+	NOT-FOR-US: EMC
 CVE-2015-0514 (EMC M&R (aka Watch4Net) before 6.5u1 and ViPR SRM before 3.6.1 might ...)
-	TODO: check
+	NOT-FOR-US: EMC
 CVE-2015-0513 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
-	TODO: check
+	NOT-FOR-US: EMC
 CVE-2015-0512 (Open redirect vulnerability in EMC Unisphere Central before 4.0 allows ...)
-	TODO: check
+	NOT-FOR-US: EMC
 CVE-2015-0511
 	RESERVED
 CVE-2015-0510
@@ -3549,7 +3549,7 @@
 CVE-2015-0421 (Unspecified vulnerability in Oracle Java SE 8u25 allows local users to ...)
 	- openjdk-8 8u40~b22-1
 CVE-2015-0420 (Unspecified vulnerability in the Oracle Forms component in Oracle ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2015-0419 (Unspecified vulnerability in the Siebel UI Framework component in ...)
 	NOT-FOR-US: Oracle
 CVE-2015-0418 (Unspecified vulnerability in the Oracle VM VirtualBox component in ...)

More information about the Secure-testing-commits mailing list