[Secure-testing-commits] r32453 - data/CVE

Helmut Grohne helmutg at moszumanska.debian.org
Tue Feb 24 11:51:55 UTC 2015 

Author: helmutg
Date: 2015-02-24 11:51:55 +0000 (Tue, 24 Feb 2015)
New Revision: 32453

Modified:
   data/CVE/list
Log:
misc NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-02-24 11:51:46 UTC (rev 32452)
+++ data/CVE/list	2015-02-24 11:51:55 UTC (rev 32453)
@@ -1205,11 +1205,11 @@
 CVE-2015-1515 (The dwall.sys driver in SoftSphere DefenseWall Personal Firewall 3.24 ...)
 	TODO: check
 CVE-2015-1514 (Multiple SQL injection vulnerabilities in FancyFon FAMOC before 3.17.4 ...)
-	TODO: check
+	NOT-FOR-US: FancyFon FAMOC
 CVE-2015-1513 (SQL injection vulnerability in SIPhone Enterprise PBX allows remote ...)
-	TODO: check
+	NOT-FOR-US: SIPhone Enterprise PBX
 CVE-2015-1512 (Multiple cross-site scripting (XSS) vulnerabilities in FancyFon FAMOC ...)
-	TODO: check
+	NOT-FOR-US: FancyFon FAMOC
 CVE-2015-1511
 	RESERVED
 CVE-2015-1510
@@ -1503,9 +1503,9 @@
 CVE-2015-1479 (SQL injection vulnerability in reports/CreateReportTable.jsp in ZOHO ...)
 	NOT-FOR-US: ZOHO ManageEngine ServiceDesk Plus
 CVE-2015-1478 (Cross-site scripting (XSS) vulnerability in the CMSJunkie ...)
-	TODO: check
+	NOT-FOR-US: Joomla! plugin CMSJunkie J-ClassifiedsManager
 CVE-2015-1477 (SQL injection vulnerability in the CMSJunkie J-ClassifiedsManager ...)
-	TODO: check
+	NOT-FOR-US: Joomla! plugin CMSJunkie J-ClassifiedsManager
 CVE-2015-1476 (Multiple SQL injection vulnerabilities in xlinkerz ecommerceMajor ...)
 	NOT-FOR-US: xlinkerz ecommerceMajor
 CVE-2015-1475 (Multiple cross-site scripting (XSS) vulnerabilities in my little forum ...)
@@ -1521,7 +1521,7 @@
 CVE-2015-1468
 	RESERVED
 CVE-2015-1467 (Multiple SQL injection vulnerabilities in Translations in Fork CMS ...)
-	TODO: check
+	NOT-FOR-US: Fork CMS
 CVE-2015-1466
 	RESERVED
 CVE-2015-1464
@@ -1569,11 +1569,11 @@
 CVE-2015-1445
 	RESERVED
 CVE-2015-1444 (Multiple cross-site scripting (XSS) vulnerabilities in the web ...)
-	TODO: check
+	NOT-FOR-US: fli4l
 CVE-2015-1443
 	RESERVED
 CVE-2015-1442 (SQL injection vulnerability in views/zero_transact_user.php in the ...)
-	TODO: check
+	NOT-FOR-US: ZeroCMS
 CVE-2015-1440
 	RESERVED
 CVE-2015-1439
@@ -1995,17 +1995,17 @@
 CVE-2015-1309 (XML external entity vulnerability in the Extended Computer Aided Test ...)
 	NOT-FOR-US: SAP
 CVE-2015-1305 (McAfee Data Loss Prevention Endpoint (DLPe) before 9.3.400 allows ...)
-	TODO: check
+	NOT-FOR-US: McAfee Data Loss Prevention Endpoint
 CVE-2014-9643 (K7Sentry.sys in K7 Computing Ultimate Security, Anti-Virus Plus, and ...)
-	TODO: check
+	NOT-FOR-US: K7 components for Windows
 CVE-2014-9642 (bdagent.sys in BullGuard Antivirus, Internet Security, Premium ...)
-	TODO: check
+	NOT-FOR-US: BullGuard components
 CVE-2014-9641 (The tmeext.sys driver before 2.0.0.1015 in Trend Micro Antivirus Plus, ...)
-	TODO: check
+	NOT-FOR-US: Trend Micro
 CVE-2014-9633 (The bdisk.sys driver in COMODO Backup before 4.4.1.23 allows remote ...)
 	NOT-FOR-US: COMODO Backup
 CVE-2014-9632 (The TDI driver (avgtdix.sys) in AVG Internet Security before 2013.3495 ...)
-	TODO: check
+	NOT-FOR-US: AVG
 CVE-2015-1386 [directory traversal]
 	RESERVED
 	- unshield <unfixed> (low; bug #776193)
@@ -4163,7 +4163,7 @@
 CVE-2014-9569 (Multiple cross-site scripting (XSS) vulnerabilities in SAP NetWeaver ...)
 	NOT-FOR-US: SAP NetWeaver Business Client
 CVE-2014-9568 (puppetlabs-rabbitmq 3.0 through 4.1 stores the RabbitMQ Erlang cookie ...)
-	TODO: check
+	NOT-FOR-US: Puppet module rabbitmq
 CVE-2014-9567 (Unrestricted file upload vulnerability in process-upload.php in ...)
 	NOT-FOR-US: ProjectSend
 CVE-2014-9566
@@ -5489,7 +5489,7 @@
 CVE-2014-9354 (NetApp OnCommand Balance before 4.2P3 allows local users to obtain ...)
 	TODO: check
 CVE-2014-9353 (NetApp OnCommand Balance before 4.2P2 contains a "default privileged ...)
-	TODO: check
+	NOT-FOR-US: NetApp OnCommand Balance
 CVE-2014-9352 (Cross-site scripting (XSS) vulnerability in the mail administration ...)
 	NOT-FOR-US: Scalix Web Access
 CVE-2014-9350 (TP-Link TL-WR740N 4 with firmware 3.17.0 Build 140520, 3.16.6 Build ...)
@@ -28714,9 +28714,9 @@
 CVE-2014-0606
 	REJECTED
 CVE-2014-0605 (Directory traversal vulnerability in the rftpcom.dll ActiveX control ...)
-	TODO: check
+	NOT-FOR-US: Attachmate Reflection FTP Client
 CVE-2014-0604 (Directory traversal vulnerability in the rftpcom.dll ActiveX control ...)
-	TODO: check
+	NOT-FOR-US: Attachmate Reflection FTP Client
 CVE-2014-0603 (The rftpcom.dll ActiveX control in Attachmate Reflection FTP Client ...)
 	TODO: check
 CVE-2014-0602 (Directory traversal vulnerability in the DumpToFile method in the ...)

More information about the Secure-testing-commits mailing list