[Secure-testing-commits] r55224 - data/CVE

Wed Aug 30 09:16:52 UTC 2017

Author: jmm
Date: 2017-08-30 09:16:52 +0000 (Wed, 30 Aug 2017)
New Revision: 55224

Modified:
   data/CVE/list
Log:
NFUs


Modified: data/CVE/list
===================================================================

--- data/CVE/list	2017-08-30 09:10:14 UTC (rev 55223)
+++ data/CVE/list	2017-08-30 09:16:52 UTC (rev 55224)
@@ -35003,7 +35003,7 @@
 CVE-2017-1536
 	RESERVED
 CVE-2017-1535 (IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2017-1534
 	RESERVED
 CVE-2017-1533
@@ -35103,7 +35103,7 @@
 CVE-2017-1486
 	RESERVED
 CVE-2017-1485 (IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2017-1484
 	RESERVED
 CVE-2017-1483
@@ -35217,9 +35217,9 @@
 CVE-2017-1429
 	RESERVED
 CVE-2017-1428 (IBM Cognos Analytics 11.0 could allow a remote attacker to hijack the ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2017-1427 (IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2017-1426
 	RESERVED
 CVE-2017-1425
@@ -35683,7 +35683,7 @@
 CVE-2017-1196 (IBM BigFix Compliance (TEMA SUAv1 SCA SCM) 1.9.70 does not require ...)
 	NOT-FOR-US: IBM
 CVE-2017-1195 (IBM Curam Social Program Management 6.0, 6.1, 6.2, and 7.0 could allow ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2017-1194 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable ...)
 	NOT-FOR-US: IBM
 CVE-2017-1193 (IBM Sterling B2B Integrator Standard Edition 5.2 could allow user to ...)
@@ -59722,19 +59722,19 @@
 CVE-2016-2981 (An undisclosed vulnerability in the CLM applications in IBM Jazz Team ...)
 	NOT-FOR-US: IBM
 CVE-2016-2980 (The Sametime WebPlayer 8.5.2 and 9.0 is vulnerable to a script ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2016-2979 (IBM Sametime Meeting Server 8.5.2 and 9.0 is vulnerable to cross-site ...)
 	NOT-FOR-US: IBM
 CVE-2016-2978 (IBM Sametime 8.5.2 and 9.0 could store potentially sensitive ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2016-2977 (IBM Sametime Meeting Server 8.5.2 and 9.0 could allow a malicious user ...)
 	NOT-FOR-US: IBM
 CVE-2016-2976 (IBM Sametime Meeting Server 8.5.2 and 9.0 could allow a meeting ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2016-2975 (IBM Sametime 8.5.2 and 9.0 is vulnerable to cross-site scripting. This ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2016-2974 (IBM Sametime Connect 8.5.2 and 9.0, after uninstalling the Sametime ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2016-2973 (IBM Sametime Media Services 8.5.2 and 9.0 is vulnerable to cross-site ...)
 	NOT-FOR-US: IBM
 CVE-2016-2972 (IBM Sametime Meeting Server 8.5.2 and 9.0 could store credentials of ...)
@@ -59748,13 +59748,13 @@
 CVE-2016-2968 (IBM Security QRadar Incident Forensics 7.2.x before 7.2.7 allows ...)
 	NOT-FOR-US: IBM
 CVE-2016-2967 (IBM Sametime 8.5.2 and 9.0 is vulnerable to cross-site scripting. This ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2016-2966 (IBM Sametime 8.5.1 and 9.0 could allow an authenticated user to ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2016-2965 (IBM Sametime Meeting Server 8.5.2 and 9.0 is vulnerable to cross-site ...)
 	NOT-FOR-US: IBM
 CVE-2016-2964 (IBM Sametime 8.5.2 and 9.0 under certain conditions provides an error ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2016-2963 (Cross-site request forgery (CSRF) vulnerability in IBM BigFix Remote ...)
 	NOT-FOR-US: IBM
 CVE-2016-2962
@@ -69192,7 +69192,7 @@
 CVE-2016-0359 (CRLF injection vulnerability in IBM WebSphere Application Server (WAS) ...)
 	NOT-FOR-US: IBM
 CVE-2016-0358 (IBM Sametime 8.5.2 and 9.0 could allow an unauthorized authenticated ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2016-0357 (IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through ...)
 	NOT-FOR-US: IBM
 CVE-2016-0356 (IBM Sametime Enterprise Meeting Server 8.5.2 and 9.0 could allow an ...)
@@ -74541,7 +74541,7 @@
 CVE-2015-6943 (SQL injection vulnerability in the serendipity_checkCommentToken ...)
 	- serendipity <removed>
 CVE-2015-6942 (Cross-site scripting (XSS) vulnerability in Coremail XT3.0 allows ...)
-	TODO: check
+	NOT-FOR-US: Coremail
 CVE-2015-6941 (win_useradd, salt-cloud and the Linode driver in salt 2015.5.x before ...)
 	- salt 2015.8.1+ds-1
 	[jessie] - salt <no-dsa> (Minor issue)
@@ -94057,7 +94057,7 @@
 CVE-2014-9470
 	RESERVED
 CVE-2014-9469 (Cross-site scripting (XSS) vulnerability in vBulletin 3.5.4, 3.6.0, ...)
-	TODO: check
+	NOT-FOR-US: vBulletin
 CVE-2014-9468 (Multiple cross-site scripting (XSS) vulnerabilities in InstantASP ...)
 	NOT-FOR-US: InstantASP InstantForum.NET
 CVE-2014-9467
@@ -98565,11 +98565,11 @@
 CVE-2014-8429 (Cross-site request forgery (CSRF) vulnerability in Xavoc Technocrats ...)
 	NOT-FOR-US: xEpan CMS
 CVE-2014-8428 (Privilege escalation vulnerability in Barracuda Load Balancer ...)
-	TODO: check
+	NOT-FOR-US: Barracuda
 CVE-2014-8427
 	RESERVED
 CVE-2014-8426 (Hard coded weak credentials in Barracuda Load Balancer 5.0.0.015. ...)
-	TODO: check
+	NOT-FOR-US: Barracuda
 CVE-2014-8425 (The management portal in ARRIS VAP2500 before FW08.41 allows remote ...)
 	NOT-FOR-US: Management portal in ARRIS VAP2500
 CVE-2014-8424 (ARRIS VAP2500 before FW08.41 does not properly validate passwords, ...)


