[Secure-testing-commits] r32613 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Tue Mar 3 17:17:43 UTC 2015


Author: carnil
Date: 2015-03-03 17:17:43 +0000 (Tue, 03 Mar 2015)
New Revision: 32613

Modified:
   data/CVE/list
Log:
Process couple of NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-03-03 17:15:13 UTC (rev 32612)
+++ data/CVE/list	2015-03-03 17:17:43 UTC (rev 32613)
@@ -203,9 +203,9 @@
 CVE-2015-2092
 	RESERVED
 CVE-2015-2090 (SQL injection vulnerability in the ajax_survey function in ...)
-	TODO: check
+	NOT-FOR-US: ajax_survey function in settings.php in the WordPress Survey and Poll plugin for WordPress
 CVE-2015-2089 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
-	TODO: check
+	NOT-FOR-US: CrossSlide jQuery (crossslide-jquery-plugin-for-wordpress) plugin for WordPress
 CVE-2015-2088 (Cross-site scripting (XSS) vulnerability in unspecified administration ...)
 	TODO: check
 CVE-2015-2087 (Unrestricted file upload vulnerability in the Avatar Uploader module ...)
@@ -234,7 +234,7 @@
 CVE-2015-2085
 	RESERVED
 CVE-2015-2084 (Cross-site request forgery (CSRF) vulnerability in the Easy Social ...)
-	TODO: check
+	NOT-FOR-US: Easy Social Icons plugin for WordPress
 CVE-2015-2083 (Cross-site request forgery (CSRF) vulnerability in Ilch CMS allows ...)
 	TODO: check
 CVE-2015-2082 (Cross-site scripting (XSS) vulnerability in Login.aspx in UNIT4 ...)
@@ -278,7 +278,7 @@
 CVE-2015-2070 (SQL injection vulnerability in eTouch SamePage Enterprise Edition ...)
 	TODO: check
 CVE-2015-2069 (Cross-site scripting (XSS) vulnerability in the WooCommerce plugin ...)
-	TODO: check
+	NOT-FOR-US: WooCommerce plugin for WordPress
 CVE-2015-2068 (Multiple cross-site scripting (XSS) vulnerabilities in the MAGMI (aka ...)
 	TODO: check
 CVE-2015-2067 (Directory traversal vulnerability in web/ajax_pluginconf.php in the ...)
@@ -286,7 +286,7 @@
 CVE-2015-2066 (SQL injection vulnerability in DLGuard 4.5 allows remote attackers to ...)
 	TODO: check
 CVE-2015-2065 (SQL injection vulnerability in videogalleryrss.php in the Apptha ...)
-	TODO: check
+	NOT-FOR-US: Apptha WordPress Video Gallery (contus-video-gallery) plugin for WordPress
 CVE-2015-2064 (Multiple cross-site scripting (XSS) vulnerabilities in DLGuard 5, 4.6, ...)
 	TODO: check
 CVE-2015-2080 [Jetty remote unauthenticated credential exposure]
@@ -327,9 +327,9 @@
 CVE-2015-2043 (Multiple cross-site scripting (XSS) vulnerabilities in Visualware ...)
 	TODO: check
 CVE-2015-2040 (Cross-site scripting (XSS) vulnerability in the Contact Form DB (aka ...)
-	TODO: check
+	NOT-FOR-US: Contact Form DB (aka CFDB and contact-form-7-to-database-extension) plugin for WordPress
 CVE-2015-2039 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
-	TODO: check
+	NOT-FOR-US: Acobot Live Chat & Contact Form plugin for WordPress
 CVE-2015-XXXX [_IO_wstr_overflow integer overflow]
 	- eglibc <removed>
 	- glibc <unfixed> (bug #779587)
@@ -664,7 +664,7 @@
 CVE-2015-1880
 	RESERVED
 CVE-2015-1879 (Cross-site scripting (XSS) vulnerability in the Google Doc Embedder ...)
-	TODO: check
+	NOT-FOR-US: Google Doc Embedder plugin for WordPress
 CVE-2015-2042 [incorrect data type in rds_sysctl_rds_table]
 	RESERVED
 	- linux <unfixed>




More information about the Secure-testing-commits mailing list