[Secure-testing-commits] r32617 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Tue Mar 3 17:41:14 UTC 2015 

Author: carnil
Date: 2015-03-03 17:41:14 +0000 (Tue, 03 Mar 2015)
New Revision: 32617

Modified:
   data/CVE/list
Log:
Process NFU list

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-03-03 17:41:06 UTC (rev 32616)
+++ data/CVE/list	2015-03-03 17:41:14 UTC (rev 32617)
@@ -235,7 +235,7 @@
 CVE-2015-2084 (Cross-site request forgery (CSRF) vulnerability in the Easy Social ...)
 	NOT-FOR-US: Easy Social Icons plugin for WordPress
 CVE-2015-2083 (Cross-site request forgery (CSRF) vulnerability in Ilch CMS allows ...)
-	TODO: check
+	NOT-FOR-US: Ilch CMS
 CVE-2015-2082 (Cross-site scripting (XSS) vulnerability in Login.aspx in UNIT4 ...)
 	TODO: check
 CVE-2015-2081
@@ -259,23 +259,23 @@
 CVE-2015-2079
 	RESERVED
 CVE-2015-2078 (The SDK for Komodia Redirector with SSL Digestor, as used in Lavasoft ...)
-	TODO: check
+	NOT-FOR-US: Lavasoft Ad-Aware Web Companion
 CVE-2015-2077 (The SDK for Komodia Redirector with SSL Digestor, as used in Lavasoft ...)
-	TODO: check
+	NOT-FOR-US: Lavasoft Ad-Aware Web Companion
 CVE-2015-2076 (The Auditing service in SAP BussinessObjects Edge 4.0 allows remote ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2015-2075 (SAP BussinessObjects Edge 4.0 allows remote attackers to delete audit ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2015-2074
 	RESERVED
 CVE-2015-2073
 	RESERVED
 CVE-2015-2072 (Multiple cross-site scripting (XSS) vulnerabilities in SAP HANA 73 ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2015-2071 (Directory traversal vulnerability in cm/newui/blog/export.jsp in ...)
-	TODO: check
+	NOT-FOR-US: eTouch SamePage Enterprise Edition
 CVE-2015-2070 (SQL injection vulnerability in eTouch SamePage Enterprise Edition ...)
-	TODO: check
+	NOT-FOR-US: eTouch SamePage Enterprise Edition
 CVE-2015-2069 (Cross-site scripting (XSS) vulnerability in the WooCommerce plugin ...)
 	NOT-FOR-US: WooCommerce plugin for WordPress
 CVE-2015-2068 (Multiple cross-site scripting (XSS) vulnerabilities in the MAGMI (aka ...)
@@ -283,11 +283,11 @@
 CVE-2015-2067 (Directory traversal vulnerability in web/ajax_pluginconf.php in the ...)
 	TODO: check
 CVE-2015-2066 (SQL injection vulnerability in DLGuard 4.5 allows remote attackers to ...)
-	TODO: check
+	NOT-FOR-US: DLGuard
 CVE-2015-2065 (SQL injection vulnerability in videogalleryrss.php in the Apptha ...)
 	NOT-FOR-US: Apptha WordPress Video Gallery (contus-video-gallery) plugin for WordPress
 CVE-2015-2064 (Multiple cross-site scripting (XSS) vulnerabilities in DLGuard 5, 4.6, ...)
-	TODO: check
+	NOT-FOR-US: DLGuard
 CVE-2015-2080 [Jetty remote unauthenticated credential exposure]
 	RESERVED
 	- jetty <not-affected> (Only affects 9.2.3.v20140905 through 9.2.8.v20150217)
@@ -304,21 +304,21 @@
 CVE-2015-2056
 	RESERVED
 CVE-2015-2055 (Zhone GPON 2520 with firmware R4.0.2.566b allows remote attackers to ...)
-	TODO: check
+	NOT-FOR-US: Zhone GPON 2520
 CVE-2015-2054 (CRLF injection vulnerability in export.cfg in the web-based ...)
-	TODO: check
+	NOT-FOR-US: Sierra Wireless AirCard
 CVE-2015-2053 (The log viewer in McAfee Agent (MA) before 4.8.0 Patch 3 and 5.0.0, ...)
-	TODO: check
+	NOT-FOR-US: McAfee
 CVE-2015-2052 (Stack-based buffer overflow in the DIR-645 Wired/Wireless Router Rev. ...)
-	TODO: check
+	NOT-FOR-US: DIR-645 Wired/Wireless Router Rev. Ax
 CVE-2015-2051 (The D-Link DIR-645 Wired/Wireless Router Rev. Ax with firmware 1.04b12 ...)
-	TODO: check
+	NOT-FOR-US: D-Link DIR-645 Wired/Wireless Router Rev. Ax
 CVE-2015-2050 (D-Link DAP-1320 Rev Ax with firmware before 1.21b05 allows attackers ...)
-	TODO: check
+	NOT-FOR-US: D-Link DAP-1320 Rev Ax
 CVE-2015-2049 (Unrestricted file upload vulnerability in D-Link DCS-931L with ...)
-	TODO: check
+	NOT-FOR-US: D-Link DCS-931L
 CVE-2015-2048 (Cross-site request forgery (CSRF) vulnerability in D-Link DCS-931L ...)
-	TODO: check
+	NOT-FOR-US: D-Link DCS-931L
 CVE-2015-2045
 	RESERVED
 CVE-2015-2044
@@ -1223,7 +1223,7 @@
 CVE-2015-1608 (Topline Opportunity Form (aka XLS Opp form) before 2015-02-15 does not ...)
 	NOT-FOR-US: Topline Opportunity Form
 CVE-2015-1605 (Multiple SQL injection vulnerabilities in Dell ScriptLogic Asset ...)
-	TODO: check
+	NOT-FOR-US: Dell ScriptLogic Asset Manager
 CVE-2015-1602
 	RESERVED
 CVE-2015-1601

More information about the Secure-testing-commits mailing list