[Secure-testing-commits] r31766 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Jan 27 20:30:56 UTC 2015
Author: carnil
Date: 2015-01-27 20:30:56 +0000 (Tue, 27 Jan 2015)
New Revision: 31766
Modified:
data/CVE/list
Log:
Process NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-01-27 20:08:12 UTC (rev 31765)
+++ data/CVE/list 2015-01-27 20:30:56 UTC (rev 31766)
@@ -7,7 +7,7 @@
CVE-2015-1348
RESERVED
CVE-2015-1347 (Cross-site scripting (XSS) vulnerability in client.inc.php in osTicket ...)
- TODO: check
+ NOT-FOR-US: osTicket
CVE-2015-1344
RESERVED
CVE-2015-1343
@@ -73,13 +73,13 @@
CVE-2015-1313
RESERVED
CVE-2015-1312 (The Dealer Portal in SAP ERP does not properly restrict access, which ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2015-1311 (The Extended Application Services (XS) in SAP HANA allows remote ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2015-1310 (SQL injection vulnerability in SAP Adaptive Server Enterprise (Sybase ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2015-1309 (XML external entity vulnerability in the Extended Computer Aided Test ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2015-1305
RESERVED
CVE-2014-9643
@@ -383,7 +383,7 @@
CVE-2015-1177
RESERVED
CVE-2015-1176 (Cross-site scripting (XSS) vulnerability in upload/scp/tickets.php in ...)
- TODO: check
+ NOT-FOR-US: osTicket
CVE-2015-1174
RESERVED
CVE-2015-1173
@@ -825,7 +825,7 @@
NOTE: https://github.com/python-pillow/Pillow/commit/b3e09122e527ae554eb590741bbd7611d5710e40
NOTE: http://pillow.readthedocs.org/releasenotes/2.7.0.html#png-text-chunk-size-limits
CVE-2014-9600 (Untrusted search path vulnerability in Macroplant iExplorer 3.6.3.0 ...)
- TODO: check
+ NOT-FOR-US: Macroplant iExplorer
CVE-2014-9599 (Cross-site scripting (XSS) vulnerability in the filemanager in ...)
TODO: check
CVE-2014-9598 (The picture_Release function in misc/picture.c in VideoLAN VLC media ...)
@@ -921,7 +921,7 @@
NOTE: https://nodesecurity.io/advisories/serve-static-open-redirect
NOTE: https://github.com/expressjs/serve-static/issues/26
CVE-2015-1048 (Open redirect vulnerability in the integrated web server on Siemens ...)
- TODO: check
+ NOT-FOR-US: Simens
CVE-2015-1047
RESERVED
CVE-2015-1046
@@ -956,7 +956,7 @@
- puppet-module-puppetlabs-stdlib <unfixed> (bug #775535)
NOTE: http://puppetlabs.com/security/cve/cve-2015-1029
CVE-2015-1028 (Multiple cross-site scripting (XSS) vulnerabilities in D-Link ...)
- TODO: check
+ NOT-FOR-US: D-Link router
CVE-2015-1027
RESERVED
CVE-2015-1026
@@ -1160,9 +1160,9 @@
CVE-2015-0926
RESERVED
CVE-2015-0925 (The client in iPass Open Mobile before 2.4.5 on Windows allows remote ...)
- TODO: check
+ NOT-FOR-US: iPass Open Mobile
CVE-2015-0924 (Ceragon FiberAir IP-10 bridges have a default password for the root ...)
- TODO: check
+ NOT-FOR-US: Ceragon FiberAir IP-10 bridges
CVE-2015-0923
RESERVED
CVE-2014-999999
@@ -1541,7 +1541,7 @@
CVE-2015-0868
RESERVED
CVE-2015-0867 (Directory traversal vulnerability in SYNCK GRAPHICA Download Log CGI ...)
- TODO: check
+ NOT-FOR-US: SYNCK GRAPHICA Download Log CGI
CVE-2015-0866
RESERVED
CVE-2015-0865
@@ -2386,9 +2386,9 @@
CVE-2015-0555
RESERVED
CVE-2015-0554 (The ADB (formerly Pirelli Broadband Solutions) P.DGA4001N router with ...)
- TODO: check
+ NOT-FOR-US: ADB router
CVE-2015-0553 (Cross-site scripting (XSS) vulnerability in admin/pages/modify.php in ...)
- TODO: check
+ NOT-FOR-US: WebsiteBaker
CVE-2014-9526 (Multiple cross-site scripting (XSS) vulnerabilities in concrete5 ...)
NOT-FOR-US: concrete5
CVE-2014-9525 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
@@ -3063,11 +3063,11 @@
CVE-2015-0437 (Unspecified vulnerability in Oracle Java SE 8u25 allows remote ...)
- openjdk-8 8u40~b22-1
CVE-2015-0436 (Unspecified vulnerability in the Oracle iLearning component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle iLearning
CVE-2015-0435 (Unspecified vulnerability in the Oracle Transportation Management ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2015-0434 (Unspecified vulnerability in the Oracle Access Manager component in ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2015-0433
RESERVED
CVE-2015-0432 (Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier ...)
@@ -3078,45 +3078,45 @@
- percona-xtradb-cluster-5.5 <undetermined>
NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixMSQL
CVE-2015-0431 (Unspecified vulnerability in the Oracle Transportation Management ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2015-0430 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local ...)
- TODO: check
+ NOT-FOR-US: Oracle Sun Solaris
CVE-2015-0429 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local ...)
- TODO: check
+ NOT-FOR-US: Oracle Sun Solaris
CVE-2015-0428 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local ...)
- TODO: check
+ NOT-FOR-US: Oracle Sun Solaris
CVE-2015-0427 (Unspecified vulnerability in the Oracle VM VirtualBox component in ...)
- virtualbox 4.3.18-dfsg-2 (bug #775888)
[wheezy] - virtualbox <not-affected> (Introduced in 4.3)
- virtualbox-ose <not-affected> (Introduced in 4.3)
CVE-2015-0426 (Unspecified vulnerability in the Enterprise Manager Base Platform ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2015-0425 (Unspecified vulnerability in the Oracle Enterprise Asset Management ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2015-0424 (Unspecified vulnerability in the Integrated Lights Out Manager (ILOM) ...)
- TODO: check
+ NOT-FOR-US: Oracle Sun Systems Products Suite ILOM
CVE-2015-0423
RESERVED
CVE-2015-0422 (Unspecified vulnerability in the Oracle Transportation Management ...)
- TODO: check
+ NOT-FOR-US: Oracle Supply Chain Products Suite
CVE-2015-0421 (Unspecified vulnerability in Oracle Java SE 8u25 allows local users to ...)
- openjdk-8 8u40~b22-1
CVE-2015-0420 (Unspecified vulnerability in the Oracle Forms component in Oracle ...)
TODO: check
CVE-2015-0419 (Unspecified vulnerability in the Siebel UI Framework component in ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2015-0418 (Unspecified vulnerability in the Oracle VM VirtualBox component in ...)
- virtualbox 4.3.2-dfsg-1 (low; bug #775888)
- virtualbox-ose <removed> (low)
NOTE: This only affects releases < 4.3, so marking the first 4.3 upload as the fixed version
CVE-2015-0417 (Unspecified vulnerability in the Siebel UI Framework component in ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2015-0416 (Unspecified vulnerability in the Oracle Agile PLM component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2015-0415 (Unspecified vulnerability in the Oracle Application Object Library ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2015-0414 (Unspecified vulnerability in the Oracle SOA Suite component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2015-0413 (Unspecified vulnerability in Oracle Java SE 7u72 and 8u25 allows local ...)
- openjdk-7 <not-affected> (Specific to Oracle Java, not present in IcedTea)
- openjdk-8 <not-affected> (Specific to Oracle Java, not present in IcedTea)
@@ -3158,37 +3158,37 @@
CVE-2015-0405
RESERVED
CVE-2015-0404 (Unspecified vulnerability in the Oracle Applications Framework ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2015-0403 (Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 ...)
- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
- openjdk-8 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
CVE-2015-0402 (Unspecified vulnerability in the Siebel Core - Server BizLogic Script ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2015-0401 (Unspecified vulnerability in the Oracle Directory Server Enterprise ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2015-0400 (Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 ...)
- openjdk-6 <not-affected> (This only affects Java on Windows)
- openjdk-7 <not-affected> (This only affects Java on Windows)
- openjdk-8 <not-affected> (This only affects Java on Windows)
CVE-2015-0399 (Unspecified vulnerability in the Oracle Business Intelligence ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2015-0398 (Unspecified vulnerability in the Siebel Life Sciences component in ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2015-0397 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users ...)
- TODO: check
+ NOT-FOR-US: Oracle Sun Solaris
CVE-2015-0396 (Unspecified vulnerability in the Oracle GlassFish Server component in ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2015-0395 (Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and ...)
- openjdk-6 6b34-1.13.6-1
- openjdk-7 7u75-2.5.4-1
- openjdk-8 8u40~b22-1
CVE-2015-0394 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2015-0393 (Unspecified vulnerability in the Oracle Applications DBA component in ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2015-0392 (Unspecified vulnerability in the Siebel Core - Server BizLogic Script ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2015-0391 (Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, ...)
- mysql-5.5 5.5.39-1
[wheezy] - mysql-5.5 5.5.40-0+wheezy1
@@ -3197,15 +3197,15 @@
- percona-xtradb-cluster-5.5 <undetermined>
NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixMSQL
CVE-2015-0390 (Unspecified vulnerability in the MICROS Retail component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2015-0389 (Unspecified vulnerability in the Oracle OpenSSO component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2015-0388 (Unspecified vulnerability in the Siebel UI Framework component in ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2015-0387 (Unspecified vulnerability in the Siebel Core - Server OM Services ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2015-0386 (Unspecified vulnerability in the Oracle HTTP Server component in ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2015-0385 (Unspecified vulnerability in Oracle MySQL Server 5.6.21 and earlier ...)
- mysql-5.5 <not-affected> (Only MySQL 5.6)
- mariadb-5.5 <not-affected> (Only MySQL 5.6)
@@ -3214,7 +3214,7 @@
NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixMSQL
NOTE: For mariadb-10.0 not clear if affected
CVE-2015-0384 (Unspecified vulnerability in the Siebel Public Sector component in ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2015-0383 (Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and ...)
- openjdk-6 6b34-1.13.6-1
- openjdk-7 7u75-2.5.4-1
@@ -3234,20 +3234,20 @@
- percona-xtradb-cluster-5.5 <undetermined>
NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixMSQL
CVE-2015-0380 (Unspecified vulnerability in the Oracle Telecommunications Billing ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2015-0379 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2015-0378 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users ...)
- TODO: check
+ NOT-FOR-US: Oracle Sun Solaris
CVE-2015-0377 (Unspecified vulnerability in the Oracle VM VirtualBox component in ...)
- virtualbox 4.3.2-dfsg-1
- virtualbox-ose <removed>
NOTE: According to http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html the 4.3
NOTE: series is not affected, so marking the first 4.3 upload as fixed
CVE-2015-0376 (Unspecified vulnerability in the Oracle WebCenter Content component in ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2015-0375 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows ...)
- TODO: check
+ NOT-FOR-US: Oracle Sun Solaris
CVE-2015-0374 (Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier ...)
{DSA-3135-1}
- mysql-5.5 <unfixed> (bug #775881)
@@ -3256,29 +3256,29 @@
- percona-xtradb-cluster-5.5 <undetermined>
NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixMSQL
CVE-2015-0373 (Unspecified vulnerability in the OJVM component in Oracle Database ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2015-0372 (Unspecified vulnerability in the Oracle Containers for J2EE component ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2015-0371 (Unspecified vulnerability in the Core RDBMS component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2015-0370 (Unspecified vulnerability in the Core RDBMS component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2015-0369 (Unspecified vulnerability in the Siebel UI Framework component in ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2015-0368 (Unspecified vulnerability in the Oracle Transportation Management ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2015-0367 (Unspecified vulnerability in the Oracle Access Manager component in ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2015-0366 (Unspecified vulnerability in the Siebel Core - EAI component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2015-0365 (Unspecified vulnerability in the Siebel Core - Server Infrastructure ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2015-0364 (Unspecified vulnerability in the Siebel Core - EAI component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2015-0363 (Unspecified vulnerability in the Siebel Core EAI component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2015-0362 (Unspecified vulnerability in the BI Publisher (formerly XML Publisher) ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2015-0361 (Use-after-free vulnerability in Xen 4.2.x, 4.3.x, and 4.4.x allows ...)
- xen <unfixed> (bug #776319)
[wheezy] - xen <not-affected> (Only affects 4.2 and later)
@@ -3846,9 +3846,9 @@
CVE-2014-9196
RESERVED
CVE-2014-9195 (Phoenix Contact ProConOs and MultiProg do not require authentication, ...)
- TODO: check
+ NOT-FOR-US: Phoenix Contact ProConOs and MultiProg
CVE-2014-9194 (Arbiter 1094B GPS Substation Clock allows remote attackers to cause a ...)
- TODO: check
+ NOT-FOR-US: Arbiter 1094B GPS Substation Clock
CVE-2014-9193 (Innominate mGuard with firmware before 7.6.6 and 8.x before 8.1.4 ...)
NOT-FOR-US: Innominate mGuard
CVE-2014-9192 (Integer overflow in Trihedral Engineering VTScada (formerly VTS) 6.5 ...)
@@ -5491,9 +5491,9 @@
CVE-2014-8915
RESERVED
CVE-2014-8914 (Cross-site scripting (XSS) vulnerability in the Process Portal in IBM ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2014-8913 (Cross-site scripting (XSS) vulnerability in the Process Portal in IBM ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2014-8912
RESERVED
CVE-2014-8911
@@ -6595,9 +6595,9 @@
CVE-2014-8482
RESERVED
CVE-2014-8479 (The FTP server on Siemens SCALANCE X-300 switches with firmware before ...)
- TODO: check
+ NOT-FOR-US: FTP server on Siemens SCALANCE X-300 switches
CVE-2014-8478 (The web server on Siemens SCALANCE X-300 switches with firmware before ...)
- TODO: check
+ NOT-FOR-US: web server on Siemens SCALANCE X-300 switches
CVE-2014-8477
RESERVED
CVE-2014-8476 (The setlogin function in FreeBSD 8.4 through 10.1-RC4 does not ...)
@@ -7902,7 +7902,7 @@
CVE-2014-8009 (The Management subsystem in Cisco Unified Computing System 2.1(3f) and ...)
NOT-FOR-US: Cisco Unified Computing System
CVE-2014-8008 (Absolute path traversal vulnerability in the Real-Time Monitoring Tool ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2014-8007 (Cisco Prime Infrastructure allows remote authenticated users to read ...)
NOT-FOR-US: Cisco
CVE-2014-8006 (The Disaster Recovery (DRA) feature on the Cisco ISB8320-E ...)
@@ -11062,27 +11062,27 @@
- openjdk-7 7u75-2.5.4-1
- openjdk-8 8u40~b22-1
CVE-2014-6600 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users ...)
- TODO: check
+ NOT-FOR-US: Oracle Sun Solaris
CVE-2014-6599 (Unspecified vulnerability in the Siebel Core - Common Components ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2014-6598 (Unspecified vulnerability in the Oracle Communications Diameter ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2014-6597 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2014-6596 (Unspecified vulnerability in the Siebel UI Framework component in ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2014-6595 (Unspecified vulnerability in the Oracle VM VirtualBox component in ...)
- virtualbox 4.3.18-dfsg-2 (bug #775888)
[wheezy] - virtualbox <not-affected> (Introduced in 4.3)
- virtualbox-ose <not-affected> (Introduced in 4.3)
CVE-2014-6594 (Unspecified vulnerability in the Oracle iLearning component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle iLearning
CVE-2014-6593 (Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and ...)
- openjdk-6 6b34-1.13.6-1
- openjdk-7 7u75-2.5.4-1
- openjdk-8 8u40~b22-1
CVE-2014-6592 (Unspecified vulnerability in the Oracle OpenSSO component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2014-6591 (Unspecified vulnerability in the Java SE component in Oracle Java SE ...)
- openjdk-6 6b34-1.13.6-1
- openjdk-7 7u75-2.5.4-1
@@ -11105,44 +11105,44 @@
- openjdk-7 7u75-2.5.4-1
- openjdk-8 8u40~b22-1
CVE-2014-6586 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2014-6585 (Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and ...)
- openjdk-6 6b34-1.13.6-1
- openjdk-7 7u75-2.5.4-1
- openjdk-8 8u40~b22-1
- icu <unfixed> (bug #776264)
CVE-2014-6584 (Unspecified vulnerability in the Integrated Lights Out Manager (ILOM) ...)
- TODO: check
+ NOT-FOR-US: Oracle Sun Systems Products Suite ILOM
CVE-2014-6583 (Unspecified vulnerability in the Oracle Marketing component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2014-6582 (Unspecified vulnerability in the Oracle HCM Configuration Workbench ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2014-6581 (Unspecified vulnerability in the Oracle Customer Intelligence ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2014-6580 (Unspecified vulnerability in the Oracle Reports Developer component in ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2014-6579 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2014-6578 (Unspecified vulnerability in the Workspace Manager component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2014-6577 (Unspecified vulnerability in the XML Developer's Kit for C component ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2014-6576 (Unspecified vulnerability in the Oracle Adaptive Access Manager ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2014-6575 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows ...)
- TODO: check
+ NOT-FOR-US: Oracle Sun Solaris
CVE-2014-6574 (Unspecified vulnerability in the Oracle Agile PLM for Process ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2014-6573 (Unspecified vulnerability in the Enterprise Manager Ops Center ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2014-6572 (Unspecified vulnerability in the Oracle Customer Interaction History ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2014-6571 (Unspecified vulnerability in the Oracle HTTP Server component in ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2014-6570 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users ...)
- TODO: check
+ NOT-FOR-US: Oracle Sun Solaris
CVE-2014-6569 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2014-6568 (Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier, ...)
{DSA-3135-1}
- mysql-5.5 <unfixed> (bug #775881)
@@ -11151,11 +11151,11 @@
- percona-xtradb-cluster-5.5 <undetermined>
NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixMSQL
CVE-2014-6567 (Unspecified vulnerability in the Core RDBMS component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2014-6566 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2014-6565 (Unspecified vulnerability in the JD Edwards EnterpriseOne Tools ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2014-6564 (Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier ...)
- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
- mysql-5.1 <not-affected> (Only affects MySQL 5.6)
@@ -11182,7 +11182,7 @@
CVE-2014-6557 (Unspecified vulnerability in the Application Performance Management ...)
NOT-FOR-US: Oracle Enterprise Manager Grid Control
CVE-2014-6556 (Unspecified vulnerability in the Oracle Applications DBA component in ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2014-6555 (Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier ...)
{DSA-3054-1}
- mysql-5.5 5.5.40-1
@@ -11206,7 +11206,7 @@
CVE-2014-6549 (Unspecified vulnerability in Oracle Java SE 8u25 allows remote ...)
- openjdk-8 8u40~b22-1
CVE-2014-6548 (Unspecified vulnerability in the Oracle SOA Suite component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2014-6547 (Unspecified vulnerability in the JPublisher component in Oracle ...)
NOT-FOR-US: Oracle Database Server
CVE-2014-6546 (Unspecified vulnerability in the JPublisher component in Oracle ...)
@@ -11220,7 +11220,7 @@
CVE-2014-6542 (Unspecified vulnerability in the SQLJ component in Oracle Database ...)
NOT-FOR-US: Oracle Database Server
CVE-2014-6541 (Unspecified vulnerability in the Recovery component in Oracle Database ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2014-6540 (Unspecified vulnerability in the Oracle VM VirtualBox component in ...)
- virtualbox-guest-additions <removed>
- virtualbox-guest-additions-iso 4.3.14-1
@@ -11259,22 +11259,22 @@
CVE-2014-6529 (Unspecified vulnerability in Oracle Sun Solaris 11 allows remote ...)
NOT-FOR-US: Oracle Sun Solaris 11
CVE-2014-6528 (Unspecified vulnerability in the Siebel Core - System Management ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2014-6527 (Unspecified vulnerability in Oracle Java SE 7u67 and 8u20 allows ...)
- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
- openjdk-8 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
CVE-2014-6526 (Unspecified vulnerability in the Oracle Directory Server Enterprise ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2014-6525 (Unspecified vulnerability in the Oracle Web Applications Desktop ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2014-6524 (Unspecified vulnerability in Oracle Solaris 10 allows local users to ...)
- TODO: check
+ NOT-FOR-US: Oracle Solaris
CVE-2014-6523 (Unspecified vulnerability in the Oracle Applications Framework ...)
NOT-FOR-US: Oracle E-Business Suite
CVE-2014-6522 (Unspecified vulnerability in the Oracle JDeveloper component in Oracle ...)
NOT-FOR-US: Oracle Fusion Middleware
CVE-2014-6521 (Unspecified vulnerability in Oracle Solaris 10 allows local users to ...)
- TODO: check
+ NOT-FOR-US: Oracle Solaris
CVE-2014-6520 (Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier ...)
{DSA-3054-1}
- mysql-5.5 5.5.39-1
@@ -11288,7 +11288,7 @@
- openjdk-7 7u71-2.5.3-1
- openjdk-8 8u40~b09-1
CVE-2014-6518 (Unspecified vulnerability in Oracle Solaris 10 and 11 allows local ...)
- TODO: check
+ NOT-FOR-US: Oracle Solaris
CVE-2014-6517 (Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20; Java ...)
{DSA-3080-1 DSA-3077-1 DLA-96-1}
- openjdk-6 6b33-1.13.5-1
@@ -11301,7 +11301,7 @@
- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
- openjdk-8 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
CVE-2014-6514 (Unspecified vulnerability in the PL/SQL component in Oracle Database ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2014-6513 (Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20, and ...)
- openjdk-6 <not-affected> (Windows-specific)
- openjdk-7 <not-affected> (Windows-specific)
@@ -11318,9 +11318,9 @@
- openjdk-7 7u71-2.5.3-1
- openjdk-8 8u40~b09-1
CVE-2014-6510 (Unspecified vulnerability in Oracle Solaris 11 allows local users to ...)
- TODO: check
+ NOT-FOR-US: Oracle Solaris
CVE-2014-6509 (Unspecified vulnerability in Oracle Solaris 10 allows local users to ...)
- TODO: check
+ NOT-FOR-US: Oracle Solaris
CVE-2014-6508 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows ...)
NOT-FOR-US: Oracle Sun Solaris 10 and 11
CVE-2014-6507 (Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, ...)
@@ -11430,9 +11430,9 @@
CVE-2014-6482 (Unspecified vulnerability in the PeopleSoft Enterprise PT PeopleTools ...)
NOT-FOR-US: Oracle PeopleSoft Products
CVE-2014-6481 (Unspecified vulnerability in Oracle Solaris 10 and 11 allows remote ...)
- TODO: check
+ NOT-FOR-US: Oracle Solaris
CVE-2014-6480 (Unspecified vulnerability in the Solaris Cluster component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2014-6479 (Unspecified vulnerability in the Oracle Applications Technology ...)
NOT-FOR-US: Oracle E-Business Suite
CVE-2014-6478 (Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, ...)
@@ -12177,7 +12177,7 @@
CVE-2014-6198
RESERVED
CVE-2014-6197 (IBM Security Network Protection 5.1.x and 5.2.x before 5.2.0.0 FP5 and ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2014-6196 (Cross-site scripting (XSS) vulnerability in IBM Web Experience Factory ...)
NOT-FOR-US: IBM WEF
CVE-2014-6195
@@ -12227,7 +12227,7 @@
CVE-2014-6173 (Cross-site scripting (XSS) vulnerability in the Process Inspector in ...)
NOT-FOR-US: IBM
CVE-2014-6172 (IBM API Management 3.0 before 3.0.4.0 IF1 allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2014-6171 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 6.1.0 ...)
NOT-FOR-US: IBM
CVE-2014-6170
@@ -16672,7 +16672,7 @@
CVE-2014-4280 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users ...)
NOT-FOR-US: Oracle Sun Solaris 11
CVE-2014-4279 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2014-4278 (Unspecified vulnerability in the Oracle Applications Technology Stack ...)
NOT-FOR-US: Oracle E-Business Suite
CVE-2014-4277 (Unspecified vulnerability in Oracle Sun Solaris 11 allows remote ...)
@@ -16730,7 +16730,7 @@
- mariadb-10.0 <not-affected> (Fixed before initial upload)
- percona-xtradb-cluster-5.5 5.5.39-25.11+dfsg-1
CVE-2014-4259 (Unspecified vulnerability in the Solaris Cluster component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2014-4258 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
{DSA-2985-1}
- mysql-5.5 5.5.39-1 (bug #754941)
@@ -19154,7 +19154,7 @@
- vlc <not-affected> (VLC in Debian uses the system version of libpng which handles the malformed file correctly as invalid)
NOTE: http://packetstormsecurity.com/files/126564/VLC-Player-2.1.3-Memory-Corruption.html
CVE-2014-3440 (The Agent Control Interface in the management server in Symantec ...)
- TODO: check
+ NOT-FOR-US: Symantec
CVE-2014-3439 (ConsoleServlet in Symantec Endpoint Protection Manager (SEPM) 12.1 ...)
NOT-FOR-US: Symantec Endpoint Protection
CVE-2014-3438 (Multiple cross-site scripting (XSS) vulnerabilities in console ...)
More information about the Secure-testing-commits
mailing list