[Secure-testing-commits] r31496 - data/CVE

Helmut Grohne helmutg at moszumanska.debian.org
Sun Jan 18 11:34:10 UTC 2015 

Author: helmutg
Date: 2015-01-18 11:34:08 +0000 (Sun, 18 Jan 2015)
New Revision: 31496

Modified:
   data/CVE/list
Log:
misc NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-01-18 11:33:02 UTC (rev 31495)
+++ data/CVE/list	2015-01-18 11:34:08 UTC (rev 31496)
@@ -199,25 +199,25 @@
 CVE-2015-1061
 	RESERVED
 CVE-2015-1060 (Open redirect vulnerability in lib/Cake/Controller/Controller.php in ...)
-	TODO: check
+	NOT-FOR-US: AdaptCMS
 CVE-2015-1059 (Unrestricted file upload vulnerability in admin/files/add in AdaptCMS ...)
-	TODO: check
+	NOT-FOR-US: AdaptCMS
 CVE-2015-1058 (Multiple cross-site scripting (XSS) vulnerabilities in AdaptCMS 3.0.3 ...)
-	TODO: check
+	NOT-FOR-US: AdaptCMS
 CVE-2015-1057 (Cross-site scripting (XSS) vulnerability in usersettings.php in e107 ...)
-	TODO: check
+	NOT-FOR-US: e107
 CVE-2015-1056 (Cross-site scripting (XSS) vulnerability in Brother MFC-J4410DW ...)
-	TODO: check
+	NOT-FOR-US: Brother printer
 CVE-2015-1055 (SQL injection vulnerability in the Photo Gallery plugin 1.2.7 for ...)
 	NOT-FOR-US: WordPress plugin Photo Gallery
 CVE-2015-1054 (Cross-site scripting (XSS) vulnerability in the Games feature in ...)
-	TODO: check
+	NOT-FOR-US: Crea8Social
 CVE-2015-1053 (Cross-site scripting (XSS) vulnerability in the administrative backend ...)
-	TODO: check
+	NOT-FOR-US: Croogo
 CVE-2015-1052 (Cross-site scripting (XSS) vulnerability in the poll archive in PHPKIT ...)
-	TODO: check
+	NOT-FOR-US: PHPKIT
 CVE-2015-1050 (Cross-site scripting (XSS) vulnerability in F5 BIG-IP Application ...)
-	TODO: check
+	NOT-FOR-US: F5 BIG-IP Application Security Manager
 CVE-2015-1049
 	RESERVED
 CVE-2014-9619
@@ -267,13 +267,13 @@
 CVE-2014-9597
 	RESERVED
 CVE-2014-9596 (Panasonic Arbitrator Back-End Server (BES) MK 2.0 VPU before 9.3.1 ...)
-	TODO: check
+	NOT-FOR-US: Panasonic Arbitrator Back-End Server
 CVE-2014-9595 (Buffer overflow in the SAP NetWeaver Dispatcher in SAP Kernel 7.00 ...)
-	TODO: check
+	NOT-FOR-US: SAP NetWeaver
 CVE-2014-9594 (Buffer overflow in the SAP NetWeaver Dispatcher in SAP Kernel 7.00 ...)
-	TODO: check
+	NOT-FOR-US: SAP NetWeaver
 CVE-2014-9593 (Apache CloudStack before 4.3.2 and 4.4.x before 4.4.2 allows remote ...)
-	TODO: check
+	NOT-FOR-US: Apache CloudStack
 CVE-2015-XXXX [vulnerability in the web interface]
 	- sympa 6.1.23~dfsg-2
 	NOTE: https://www.sympa.org/security_advisories#security_breaches_in_newsletter_posting
@@ -337,9 +337,9 @@
 CVE-2015-1043
 	RESERVED
 CVE-2015-1041 (Cross-site scripting (XSS) vulnerability in e107_admin/filemanager.php ...)
-	TODO: check
+	NOT-FOR-US: e107
 CVE-2015-1040 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
-	TODO: check
+	NOT-FOR-US: BEdita
 CVE-2015-1039 (Cross-site scripting (XSS) vulnerability in user/login.phtml in ...)
 	NOT-FOR-US: zfcUser
 CVE-2015-1037
@@ -1492,13 +1492,13 @@
 CVE-2015-0592
 	RESERVED
 CVE-2015-0591 (Cisco Unified Communications Domain Manager (UCDM) 10 allows remote ...)
-	TODO: check
+	NOT-FOR-US: Cisco Unified Communications Domain Manager
 CVE-2015-0590 (Cisco WebEx Meeting Center allows remote attackers to activate ...)
 	TODO: check
 CVE-2015-0589
 	RESERVED
 CVE-2015-0588 (Cross-site request forgery (CSRF) vulnerability in Cisco Unified ...)
-	TODO: check
+	NOT-FOR-US: Cisco Unified Communications Domain Manager
 CVE-2015-0587
 	RESERVED
 CVE-2015-0586
@@ -1610,9 +1610,9 @@
 CVE-2014-9562
 	RESERVED
 CVE-2014-9561 (Cross-site scripting (XSS) vulnerability in redir_last_post_list.php ...)
-	TODO: check
+	NOT-FOR-US: SoftBB
 CVE-2014-9560 (SQL injection vulnerability in redir_last_post_list.php in SoftBB ...)
-	TODO: check
+	NOT-FOR-US: SoftBB
 CVE-2014-9559
 	RESERVED
 CVE-2014-9558
@@ -4784,7 +4784,7 @@
 CVE-2014-8905
 	RESERVED
 CVE-2014-8904 (lquerylv in cmdlvm in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x allows ...)
-	TODO: check
+	NOT-FOR-US: IBM AIX, VIOS
 CVE-2014-8903
 	RESERVED
 CVE-2014-8902 (Cross-site scripting (XSS) vulnerability in the Blog Portlet in IBM ...)
@@ -4850,9 +4850,9 @@
 CVE-2014-8871
 	RESERVED
 CVE-2014-8870 (Open redirect vulnerability in mobiquo/smartbanner/welcome.php in the ...)
-	TODO: check
+	NOT-FOR-US: Woltlab Burning Board plugin Tapatalk
 CVE-2014-8869 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
-	TODO: check
+	NOT-FOR-US: Woltlab Burning Board plugin Tapatalk
 CVE-2014-8868 (EntryPass N5200 Active Network Control Panel does not properly ...)
 	NOT-FOR-US: EntryPass N5200
 CVE-2014-8867 (The acceleration support for the "REP MOVS" instruction in Xen 4.4.x, ...)
@@ -7074,7 +7074,7 @@
 CVE-2014-8035 (The web framework in Cisco WebEx Meetings Server produces different ...)
 	NOT-FOR-US: Cisco
 CVE-2014-8034 (Cisco WebEx Meetings Server 1.5 presents the same CAPTCHA challenge ...)
-	TODO: check
+	NOT-FOR-US: Cisco WebEx Meetings Server
 CVE-2014-8033 (The play/modules component in Cisco WebEx Meetings Server allows ...)
 	NOT-FOR-US: Cisco
 CVE-2014-8032 (The OutlookAction LI in Cisco WebEx Meetings Server allows remote ...)
@@ -7098,7 +7098,7 @@
 CVE-2014-8023
 	RESERVED
 CVE-2014-8022 (Multiple cross-site scripting (XSS) vulnerabilities in Cisco Identity ...)
-	TODO: check
+	NOT-FOR-US: Cisco Identity Services Engine
 CVE-2014-8021
 	RESERVED
 CVE-2014-8020 (Cisco Unified Communication Domain Manager Platform Software allows ...)

More information about the Secure-testing-commits mailing list