[Secure-testing-commits] r34556 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Wed May 27 19:47:51 UTC 2015


Author: carnil
Date: 2015-05-27 19:47:51 +0000 (Wed, 27 May 2015)
New Revision: 34556

Modified:
   data/CVE/list
Log:
Update NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-05-27 19:25:24 UTC (rev 34555)
+++ data/CVE/list	2015-05-27 19:47:51 UTC (rev 34556)
@@ -2949,7 +2949,7 @@
 CVE-2015-2946 (Stack-based buffer overflow in the Open CAD Format Council SXF common ...)
 	TODO: check
 CVE-2015-2945 (mt-phpincgi.php in Hajime Fujimoto mt-phpincgi before 2015-05-15 does ...)
-	TODO: check
+	NOT-FOR-US: Hajime Fujimoto mt-phpincgi
 CVE-2015-2944
 	RESERVED
 CVE-2015-2943
@@ -5323,7 +5323,7 @@
 CVE-2015-2124
 	RESERVED
 CVE-2015-2123 (Unspecified vulnerability in HP NonStop Safeguard Security Software ...)
-	TODO: check
+	NOT-FOR-US: HP NonStop Safeguard Security Software
 CVE-2015-2122 (The REST layer on HP SDN VAN Controller devices 2.5 and earlier allows ...)
 	NOT-FOR-US: HP
 CVE-2015-2121 (HP Network Virtualization for LoadRunner and Performance Center 8.61 ...)
@@ -5829,7 +5829,7 @@
 CVE-2015-1922
 	RESERVED
 CVE-2015-1921 (Open redirect vulnerability in IBM WebSphere Portal 8.0.0 before ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2015-1920 (IBM WebSphere Application Server (WAS) 6.1 through 6.1.0.47, 7.0 ...)
 	NOT-FOR-US: IBM
 CVE-2015-1919
@@ -5851,11 +5851,11 @@
 CVE-2015-1912
 	RESERVED
 CVE-2015-1911 (Cross-site scripting (XSS) vulnerability in Sterling Order Management ...)
-	TODO: check
+	NOT-FOR-US: Sterling Order Management
 CVE-2015-1910 (Cross-site scripting (XSS) vulnerability in the Reference Data ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2015-1909 (The XML parser in the Reference Data Management component in the ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2015-1908 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 6.1.0 ...)
 	NOT-FOR-US: IBM WebSphere Portal
 CVE-2015-1907 (The Administration and Reporting Tool in IBM Rational License Key ...)
@@ -5875,17 +5875,17 @@
 CVE-2015-1900
 	RESERVED
 CVE-2015-1899 (IBM WebSphere Portal 8.5 through CF05 allows remote attackers to cause ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2015-1898 (Stack-based buffer overflow in the FastBackMount process in IBM Tivoli ...)
 	NOT-FOR-US: IBM
 CVE-2015-1897 (Stack-based buffer overflow in the FastBackMount process in IBM Tivoli ...)
 	NOT-FOR-US: IBM
 CVE-2015-1896 (Stack-based buffer overflow in the FastBackMount process in IBM Tivoli ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2015-1895 (IBM InfoSphere Optim Workload Replay 2.x before 2.1.0.3 relies on ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2015-1894 (Cross-site request forgery (CSRF) vulnerability in IBM InfoSphere ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2015-1893 (The IBM WebSphere DataPower XC10 appliance 2.1 before 2.1.0.3 allows ...)
 	NOT-FOR-US: IBM WebSphere
 CVE-2015-1892 (The Multicast DNS (mDNS) responder in IBM Security Access Manager for ...)
@@ -8927,7 +8927,7 @@
 CVE-2015-1009
 	RESERVED
 CVE-2015-1008 (SQL injection vulnerability in Emerson AMS Device Manager before 13 ...)
-	TODO: check
+	NOT-FOR-US: Emerson AMS Device Manager
 CVE-2015-1007
 	RESERVED
 CVE-2015-1006
@@ -9022,9 +9022,9 @@
 CVE-2015-0963
 	RESERVED
 CVE-2015-0962 (Barracuda Web Filter 7.x and 8.x before 8.1.0.005, when SSL Inspection ...)
-	TODO: check
+	NOT-FOR-US: Barracuda Web Filter
 CVE-2015-0961 (Barracuda Web Filter before 8.1.0.005, when SSL Inspection is enabled, ...)
-	TODO: check
+	NOT-FOR-US: Barracuda Web Filter
 CVE-2015-0960
 	RESERVED
 CVE-2015-0959
@@ -9076,7 +9076,7 @@
 CVE-2015-0936
 	RESERVED
 CVE-2015-0935 (Bomgar Remote Support before 15.1.1 allows remote attackers to execute ...)
-	TODO: check
+	NOT-FOR-US: Bomgar Remote Support
 CVE-2015-0934 (Common LaTeX Service Interface (CLSI) before 0.1.3, as used in ...)
 	NOT-FOR-US: ShareLaTeX
 CVE-2015-0933 (Absolute path traversal vulnerability in ShareLaTeX 0.1.3 and earlier, ...)
@@ -9853,7 +9853,7 @@
 CVE-2015-0751
 	RESERVED
 CVE-2015-0750 (The administrative web interface in Cisco Hosted Collaboration ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2015-0749
 	RESERVED
 CVE-2015-0748
@@ -9909,7 +9909,7 @@
 CVE-2015-0723 (The wireless web-authentication subsystem on Cisco Wireless LAN ...)
 	NOT-FOR-US: Cisco
 CVE-2015-0722 (The network drivers in Cisco TelePresence T, Cisco TelePresence TE, ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2015-0721
 	RESERVED
 CVE-2015-0720
@@ -9927,7 +9927,7 @@
 CVE-2015-0714 (Multiple cross-site scripting (XSS) vulnerabilities in Cisco Finesse ...)
 	NOT-FOR-US: Cisco Finesse
 CVE-2015-0713 (The web framework in Cisco TelePresence Advanced Media Gateway Series ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2015-0712 (The session-manager service in Cisco StarOS 12.0, 12.2(300), 14.0, and ...)
 	NOT-FOR-US: Cisco StarOS
 CVE-2015-0711 (The hamgr service in the IPv6 Proxy Mobile (PM) implementation in ...)
@@ -10927,7 +10927,7 @@
 CVE-2015-0541
 	RESERVED
 CVE-2015-0540 (SQL injection vulnerability in the xAdmin interface in EMC Document ...)
-	TODO: check
+	NOT-FOR-US: EMC Document Sciences xPression
 CVE-2015-0539
 	RESERVED
 CVE-2015-0538 (ftagent.exe in EMC AutoStart 5.4.x and 5.5.x before 5.5.0.508 HF4 ...)
@@ -13269,7 +13269,7 @@
 CVE-2015-0181
 	RESERVED
 CVE-2015-0180 (The Connector Migration Tool in IBM InfoSphere Information Server 8.1 ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2015-0179 (Notes System Diagnostic (NSD) in IBM Domino 8.5.x before 8.5.3 FP6 IF6 ...)
 	NOT-FOR-US: IBM Domino
 CVE-2015-0178 (The Java overlay feature in IBM Bluemix Liberty before ...)
@@ -13287,13 +13287,13 @@
 CVE-2015-0172
 	RESERVED
 CVE-2015-0171 (Directory traversal vulnerability in IBM Security SiteProtector System ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2015-0170 (IBM Security SiteProtector System 3.0 before 3.0.0.7, 3.1 before ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2015-0169 (IBM Security SiteProtector System 3.0 before 3.0.0.7, 3.1 before ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2015-0168 (Cross-site scripting (XSS) vulnerability in IBM Security SiteProtector ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2015-0167 (Cross-site scripting (XSS) vulnerability in textAngular-sanitize.js in ...)
 	NOT-FOR-US: textAngular
 CVE-2015-0166
@@ -13307,9 +13307,9 @@
 CVE-2015-0162
 	RESERVED
 CVE-2015-0161 (SQL injection vulnerability in IBM Security SiteProtector System 3.0 ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2015-0160 (IBM Security SiteProtector System 3.0 before 3.0.0.7, 3.1 before ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2015-0159
 	REJECTED
 CVE-2015-0158 (Cross-site scripting (XSS) vulnerability in the Coach NG framework in ...)
@@ -13317,7 +13317,7 @@
 CVE-2015-0157
 	RESERVED
 CVE-2015-0156 (Cross-site scripting (XSS) vulnerability in IBM Business Process ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2015-0155
 	RESERVED
 CVE-2015-0154
@@ -13349,7 +13349,7 @@
 CVE-2015-0141
 	RESERVED
 CVE-2015-0140 (An unspecified ActiveX control in IBM SPSS Statistics 22.0 through FP1 ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2015-0139 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.0.0 ...)
 	NOT-FOR-US: IBM WebSphere Portal
 CVE-2015-0138 (GSKit in IBM Tivoli Directory Server (ITDS) 6.0 before ...)
@@ -13389,7 +13389,7 @@
 CVE-2015-0121
 	RESERVED
 CVE-2015-0120 (Buffer overflow in the FastBackMount process in IBM Tivoli Storage ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2015-0119 (FastBack Mount in IBM Tivoli Storage Manager FastBack 6.1.x before ...)
 	NOT-FOR-US: IBM Tivoli Storage Manager FastBack
 CVE-2015-0118
@@ -13778,9 +13778,9 @@
 CVE-2014-8928
 	RESERVED
 CVE-2014-8927 (Common Inventory Technology (CIT) before 2.7.0.2050 in IBM License ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2014-8926 (Common Inventory Technology (CIT) before 2.7.0.2050 in IBM License ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2014-8925 (Cross-site request forgery (CSRF) vulnerability in ClearQuest Web in ...)
 	NOT-FOR-US: IBM
 CVE-2014-8924 (The server in IBM License Metric Tool 7.2.2 before IF15 and 7.5 before ...)
@@ -20684,11 +20684,11 @@
 CVE-2014-6193 (IBM WebSphere Portal 8.0.0 through 8.0.0.1 CF14 and 8.5.0 before CF04, ...)
 	NOT-FOR-US: IBM
 CVE-2014-6192 (Cross-site scripting (XSS) vulnerability in IBM Curam Social Program ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2014-6191
 	RESERVED
 CVE-2014-6190 (The log viewer in IBM Workload Deployer 3.1 before 3.1.0.7 allows ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2014-6189
 	RESERVED
 CVE-2014-6188 (Multiple cross-site scripting (XSS) vulnerabilities in IBM WebSphere ...)
@@ -23972,7 +23972,7 @@
 CVE-2014-4779
 	RESERVED
 CVE-2014-4778 (IBM License Metric Tool 9 before 9.1.0.2 and Endpoint Manager for ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2014-4777
 	RESERVED
 CVE-2014-4776 (IBM License Metric Tool 9 before 9.1.0.2 does not have an off ...)
@@ -23980,7 +23980,7 @@
 CVE-2014-4775 (IBM InfoSphere Master Data Management - Collaborative Edition 10.x ...)
 	NOT-FOR-US: IBM
 CVE-2014-4774 (Cross-site request forgery (CSRF) vulnerability in the login page in ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2014-4773
 	RESERVED
 CVE-2014-4772
@@ -31034,7 +31034,7 @@
 CVE-2014-2175 (Cisco TelePresence TC Software 4.x and 5.x and TE Software 4.x and 6.0 ...)
 	NOT-FOR-US: Cisco
 CVE-2014-2174 (Cisco TelePresence T, TelePresence TE, and TelePresence TC before 7.1 ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2014-2173 (Cisco TelePresence TC Software 4.x and 5.x and TE Software 4.x and 6.0 ...)
 	NOT-FOR-US: Cisco
 CVE-2014-2172 (Buffer overflow in Cisco TelePresence TC Software 4.x and 5.x and TE ...)
@@ -58287,7 +58287,7 @@
 CVE-2012-5850
 	RESERVED
 CVE-2012-5849 (Multiple SQL injection vulnerabilities in ClipBucket 2.6 Revision 738 ...)
-	TODO: check
+	NOT-FOR-US: ClipBucket
 CVE-2012-5854 (Heap-based buffer overflow in WeeChat 0.3.6 through 0.3.9 allows ...)
 	- weechat 0.3.9.1-1 (bug #693026)
 	[wheezy] - weechat 0.3.8-1+deb7u1




More information about the Secure-testing-commits mailing list