[Secure-testing-commits] r32646 - data/CVE

Helmut Grohne helmutg at moszumanska.debian.org
Thu Mar 5 07:43:50 UTC 2015 

Author: helmutg
Date: 2015-03-05 07:43:33 +0000 (Thu, 05 Mar 2015)
New Revision: 32646

Modified:
   data/CVE/list
Log:
misc NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-03-05 07:05:08 UTC (rev 32645)
+++ data/CVE/list	2015-03-05 07:43:33 UTC (rev 32646)
@@ -1425,13 +1425,13 @@
 CVE-2015-1579 (Directory traversal vulnerability in the Elegant Themes Divi theme for ...)
 	NOT-FOR-US: Elegant Themes Divi theme for WordPress
 CVE-2015-1578 (Multiple open redirect vulnerabilities in u5CMS before 3.9.4 allow ...)
-	TODO: check
+	NOT-FOR-US: u5CMS
 CVE-2015-1577 (Directory traversal vulnerability in u5admin/deletefile.php in u5CMS ...)
-	TODO: check
+	NOT-FOR-US: u5CMS
 CVE-2015-1576 (Multiple SQL injection vulnerabilities in u5CMS before 3.9.4 allow ...)
-	TODO: check
+	NOT-FOR-US: u5CMS
 CVE-2015-1575 (Multiple cross-site scripting (XSS) vulnerabilities in u5CMS before ...)
-	TODO: check
+	NOT-FOR-US: u5CMS
 CVE-2015-1574 (The Google Email application 4.2.2.0200 for Android allows remote ...)
 	NOT-FOR-US: Google Email application for Android
 CVE-2013-7425
@@ -1518,15 +1518,15 @@
 	{DSA-3165-1}
 	- xdg-utils 1.1.0~rc1+git20111210-7.4 (bug #777722)
 CVE-2015-1568 (Cross-site request forgery (CSRF) vulnerability in the GD Infinite ...)
-	TODO: check
+	NOT-FOR-US: Drupal module GD Infinite Scroll
 CVE-2015-1567 (Cross-site scripting (XSS) vulnerability in the admin page in the GD ...)
-	TODO: check
+	NOT-FOR-US: Drupal module GD Infinite Scroll
 CVE-2015-1566 (Cross-site scripting (XSS) vulnerability in DotNetNuke (DNN) before ...)
-	TODO: check
+	NOT-FOR-US: DotNetNuke
 CVE-2015-1565 (Cross-site scripting (XSS) vulnerability in the online help in Hitachi ...)
 	NOT-FOR-US: Hitachi
 CVE-2015-1564 (Cross-site scripting (XSS) vulnerability in style-underground/search ...)
-	TODO: check
+	NOT-FOR-US: Plain Black WebGUI
 CVE-2015-1562 (Multiple cross-site scripting (XSS) vulnerabilities in Saurus CMS ...)
 	NOT-FOR-US: Saurus CMS
 CVE-2015-1561
@@ -1933,7 +1933,7 @@
 CVE-2015-1474 (Multiple integer overflows in the GraphicBuffer::unflatten function in ...)
 	TODO: check
 CVE-2015-1471 (SQL injection vulnerability in userprofile.lib.php in Pragyan CMS 3.0 ...)
-	TODO: check
+	NOT-FOR-US: Pragyan CMS
 CVE-2015-1470
 	RESERVED
 CVE-2015-1469 (time.htm in the web interface on SerVision HVG Video Gateway devices ...)
@@ -2822,7 +2822,7 @@
 CVE-2015-1170
 	RESERVED
 CVE-2015-1169 (Apereo Central Authentication Service (CAS) Server before 3.5.3 allows ...)
-	TODO: check
+	NOT-FOR-US: Apereo Central Authentication Service
 CVE-2015-1168
 	RESERVED
 CVE-2015-1167
@@ -3993,7 +3993,7 @@
 CVE-2015-0872
 	RESERVED
 CVE-2015-0871 (Cross-site scripting (XSS) vulnerability in Mrs. Shiromuku Perl CGI ...)
-	TODO: check
+	NOT-FOR-US: Mrs. Shiromuku Perl CGI shiromuku(u1)GUESTBOOK
 CVE-2015-0870 (Cross-site scripting (XSS) vulnerability in hb.cgi in Nishishi Factory ...)
 	NOT-FOR-US: Nishishi Factory
 CVE-2015-0869 (I-O DATA DEVICE NP-BBRM routers allow remote attackers to cause a ...)
@@ -4538,7 +4538,7 @@
 CVE-2015-0620 (The XML parser in Cisco TelePresence Management Suite (TMS) 14.3(.2) ...)
 	TODO: check
 CVE-2015-0619 (Memory leak in the embedded web server in the WebVPN subsystem in ...)
-	TODO: check
+	NOT-FOR-US: Cisco Adaptive Security Appliance
 CVE-2015-0618 (Cisco IOS XR 5.0.1 and 5.2.1 on Network Convergence System (NCS) 6000 ...)
 	TODO: check
 CVE-2015-0617 (Cisco ASR 5500 System Architecture Evolution (SAE) Gateway devices ...)
@@ -4554,7 +4554,7 @@
 CVE-2015-0612
 	RESERVED
 CVE-2015-0611 (The administrative web-management portal in Cisco IX 8 (.0.1) and ...)
-	TODO: check
+	NOT-FOR-US: Cisco TelePresence
 CVE-2015-0610 (Race condition in the object-group ACL feature in Cisco IOS 15.5(2)T ...)
 	NOT-FOR-US: Cisco
 CVE-2015-0609 (Race condition in the Common Classification Engine (CCE) in the ...)
@@ -6344,7 +6344,7 @@
 CVE-2014-9204
 	RESERVED
 CVE-2014-9203 (Buffer overflow in the Field Device Tool (FDT) Frame application in ...)
-	TODO: check
+	NOT-FOR-US: HART Device Type Manager (DTM) library
 CVE-2014-9202
 	RESERVED
 CVE-2014-9201
@@ -14487,7 +14487,7 @@
 CVE-2014-6363 (vbscript.dll in Microsoft VBScript 5.6 through 5.8, as used with ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2014-6362 (Use-after-free vulnerability in Microsoft Office 2007 SP3, 2010 SP2, ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Office
 CVE-2014-6361 (Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 Gold and SP1, ...)
 	NOT-FOR-US: Microsoft Excel
 CVE-2014-6360 (Microsoft Excel 2007 SP3, Excel 2010 SP2, and Office Compatibility ...)
@@ -35702,7 +35702,7 @@
 CVE-2013-5558 (The WIL-A module in Cisco TelePresence VX Clinical Assistant 1.2 ...)
 	NOT-FOR-US: Cisco
 CVE-2013-5557 (The Proxy Bypass Content Rewriter feature in the WebVPN subsystem in ...)
-	TODO: check
+	NOT-FOR-US: Cisco Adaptive Security Appliance
 CVE-2013-5556 (The license-installation module on the Cisco Nexus 1000V switch ...)
 	NOT-FOR-US: Cisco
 CVE-2013-5555 (Cisco Unified Communications Manager (aka CUCM or Unified CM) allows ...)

More information about the Secure-testing-commits mailing list