[Secure-testing-commits] r55275 - data/CVE

[Moritz Muehlenhoff]

Author: jmm
Date: 2017-08-30 21:34:12 +0000 (Wed, 30 Aug 2017)
New Revision: 55275

Modified:
   data/CVE/list
Log:
NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-08-30 21:31:23 UTC (rev 55274)
+++ data/CVE/list	2017-08-30 21:34:12 UTC (rev 55275)
@@ -3541,9 +3541,9 @@
 CVE-2017-12736
 	RESERVED
 CVE-2017-12735 (A vulnerability has been identified in Siemens LOGO! devices. An ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2017-12734 (A vulnerability has been identified in Siemens LOGO! devices before ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2017-12733
 	RESERVED
 CVE-2017-12732
@@ -3577,7 +3577,7 @@
 CVE-2017-12718
 	RESERVED
 CVE-2017-12717 (An Uncontrolled Search Path Element issue was discovered in Advantech ...)
-	TODO: check
+	NOT-FOR-US: Advantech WebAccess
 CVE-2017-12716
 	RESERVED
 CVE-2017-12715
@@ -3585,29 +3585,29 @@
 CVE-2017-12714
 	RESERVED
 CVE-2017-12713 (An Incorrect Permission Assignment for Critical Resource issue was ...)
-	TODO: check
+	NOT-FOR-US: Advantech WebAccess
 CVE-2017-12712
 	RESERVED
 CVE-2017-12711 (An Incorrect Privilege Assignment issue was discovered in Advantech ...)
-	TODO: check
+	NOT-FOR-US: Advantech WebAccess
 CVE-2017-12710 (A SQL Injection issue was discovered in Advantech WebAccess versions ...)
-	TODO: check
+	NOT-FOR-US: Advantech WebAccess
 CVE-2017-12709 (A Use of Hard-Coded Credentials issue was discovered in MRD-305-DIN ...)
 	NOT-FOR-US: Westermo devices
 CVE-2017-12708 (An Improper Restriction Of Operations Within The Bounds Of A Memory ...)
-	TODO: check
+	NOT-FOR-US: Advantech WebAccess
 CVE-2017-12707 (A Stack-based Buffer Overflow issue was discovered in SpiderControl ...)
 	NOT-FOR-US: SpiderControl SCADA MicroBrowser
 CVE-2017-12706 (A stack-based buffer overflow issue was discovered in Advantech ...)
-	TODO: check
+	NOT-FOR-US: Advantech WebAccess
 CVE-2017-12705
 	RESERVED
 CVE-2017-12704 (A heap-based buffer overflow issue was discovered in Advantech ...)
-	TODO: check
+	NOT-FOR-US: Advantech WebAccess
 CVE-2017-12703 (A Cross-Site Request Forgery (CSRF) issue was discovered in Westermo ...)
 	NOT-FOR-US: Westermo
 CVE-2017-12702 (An Externally Controlled Format String issue was discovered in ...)
-	TODO: check
+	NOT-FOR-US: Advantech WebAccess
 CVE-2017-12701
 	RESERVED
 CVE-2017-12700
@@ -3615,7 +3615,7 @@
 CVE-2017-12699
 	RESERVED
 CVE-2017-12698 (An Improper Authentication issue was discovered in Advantech WebAccess ...)
-	TODO: check
+	NOT-FOR-US: Advantech WebAccess
 CVE-2017-12697
 	RESERVED
 CVE-2017-12696
@@ -7590,7 +7590,7 @@
 CVE-2017-11158
 	RESERVED
 CVE-2017-11157 (Multiple untrusted search path vulnerabilities in installer in ...)
-	TODO: check
+	NOT-FOR-US: Synology
 CVE-2017-11156 (Synology Download Station 3.8.x before 3.8.5-3475 and 3.x before ...)
 	NOT-FOR-US: Synology Download Station
 CVE-2017-11155 (An information exposure vulnerability in index.php in Synology Photo ...)
@@ -9395,7 +9395,7 @@
 CVE-2017-9946
 	RESERVED
 CVE-2017-9945 (In the Siemens 7KM PAC Switched Ethernet PROFINET expansion module (All ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2017-9944
 	RESERVED
 CVE-2017-9943
@@ -47890,7 +47890,7 @@
 	NOTE: http://svn.apache.org/r1758771 (2.6.x)
 	NOTE: http://svn.apache.org/r1758764 (2.8.x)
 CVE-2016-6800 (The default configuration of the OFBiz framework offers a blog ...)
-	TODO: check
+	NOT-FOR-US: Apache OFBiz
 CVE-2016-6799 (Product: Apache Cordova Android 5.2.2 and earlier. The application ...)
 	NOT-FOR-US: Apache Cordova
 CVE-2016-6798 (In the XSS Protection API module before 1.0.12 in Apache Sling, the ...)
@@ -56330,7 +56330,7 @@
 	- xerces-c 3.1.3+debian-2.1 (bug #828990)
 	NOTE: http://xerces.apache.org/xerces-c/secadv/CVE-2016-4463.txt
 CVE-2016-4462 (By manipulating the URL parameter externalLoginKey, a malicious, ...)
-	TODO: check
+	NOT-FOR-US: Apache OFBiz
 CVE-2016-4461
 	RESERVED
 CVE-2016-4460 (Apache Pony Mail 0.6c through 0.8b allows remote attackers to bypass ...)