[Secure-testing-commits] r58193 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Fri Dec 1 19:51:51 UTC 2017


Author: carnil
Date: 2017-12-01 19:51:51 +0000 (Fri, 01 Dec 2017)
New Revision: 58193

Modified:
   data/CVE/list
Log:
Process NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-12-01 18:36:19 UTC (rev 58192)
+++ data/CVE/list	2017-12-01 19:51:51 UTC (rev 58193)
@@ -5579,7 +5579,7 @@
 CVE-2017-15674
 	RESERVED
 CVE-2017-15673 (The files function in the administration section in CS-Cart 4.6.2 and ...)
-	TODO: check
+	NOT-FOR-US: CS-Cart
 CVE-2017-15672 (The read_header function in libavcodec/ffv1dec.c in FFmpeg 3.3.4 and ...)
 	{DSA-4049-1}
 	- ffmpeg 7:3.4-1
@@ -5746,7 +5746,7 @@
 CVE-2017-15608
 	RESERVED
 CVE-2017-15607 (Inedo Otter before 1.7.4 has directory traversal in filesystem-based ...)
-	TODO: check
+	NOT-FOR-US: Inedo Otter
 CVE-2017-15606
 	RESERVED
 CVE-2017-15605
@@ -9907,13 +9907,13 @@
 CVE-2017-14190
 	RESERVED
 CVE-2017-14189 (An improper access control vulnerability in Fortinet FortiWebManager ...)
-	TODO: check
+	NOT-FOR-US: Fortinet
 CVE-2017-14188
 	RESERVED
 CVE-2017-14187
 	RESERVED
 CVE-2017-14186 (A Cross-site Scripting (XSS) vulnerability in Fortinet FortiOS 5.6.0 ...)
-	TODO: check
+	NOT-FOR-US: Fortinet
 CVE-2017-14185
 	RESERVED
 CVE-2017-14184
@@ -10783,7 +10783,7 @@
 CVE-2017-13873
 	RESERVED
 CVE-2017-13872 (An issue was discovered in certain Apple products. macOS High Sierra ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2017-13871
 	RESERVED
 CVE-2017-13870
@@ -15386,95 +15386,95 @@
 CVE-2017-12373
 	RESERVED
 CVE-2017-12372 (A "Cisco WebEx Network Recording Player Remote Code Execution ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-12371 (A "Cisco WebEx Network Recording Player Remote Code Execution ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-12370 (A "Cisco WebEx Network Recording Player Remote Code Execution ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-12369 (A "Cisco WebEx Network Recording Player Out-of-Bounds Vulnerability" ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-12368 (A "Cisco WebEx Network Recording Player Remote Code Execution ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-12367 (A "Cisco WebEx Network Recording Player Denial of Service ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-12366 (A vulnerability in Cisco WebEx Meeting Center could allow an ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-12365 (A vulnerability in Cisco WebEx Event Center could allow an ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-12364 (A SQL Injection vulnerability in the web framework of Cisco Prime ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-12363 (A vulnerability in Cisco WebEx Meeting Server could allow an ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-12362 (A vulnerability in Cisco Meeting Server versions prior to 2.2.2 could ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-12361 (A vulnerability in Cisco Jabber for Windows could allow an ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-12360 (A vulnerability in Cisco WebEx Network Recording Player for WebEx ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-12359 (A Buffer Overflow vulnerability in Cisco WebEx Network Recording Player ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-12358 (A vulnerability in the web-based management interface of Cisco Jabber ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-12357 (A vulnerability in the web-based management interface of Cisco Unified ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-12356 (A vulnerability in the web-based management interface of Cisco Jabber ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-12355 (A vulnerability in the Local Packet Transport Services (LPTS) ingress ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-12354 (A vulnerability in the web-based interface of Cisco Secure Access ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-12353 (A vulnerability in the Multipurpose Internet Mail Extensions (MIME) ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-12352 (A vulnerability in certain system script files that are installed at ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-12351 (A vulnerability in the guest shell feature of Cisco NX-OS System ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-12350 (A vulnerability in Cisco Umbrella Insights Virtual Appliances 2.1.0 and ...)
 	NOT-FOR-US: Cisco
 CVE-2017-12349 (Multiple vulnerabilities in the web-based management interface of Cisco ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-12348 (Multiple vulnerabilities in the web-based management interface of Cisco ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-12347 (Multiple vulnerabilities in Cisco Data Center Network Manager (DCNM) ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-12346 (Multiple vulnerabilities in Cisco Data Center Network Manager (DCNM) ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-12345 (Multiple vulnerabilities in Cisco Data Center Network Manager (DCNM) ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-12344 (Multiple vulnerabilities in Cisco Data Center Network Manager (DCNM) ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-12343 (Multiple vulnerabilities in Cisco Data Center Network Manager (DCNM) ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-12342 (A vulnerability in the Open Agent Container (OAC) feature of Cisco ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-12341 (A vulnerability in the CLI of Cisco NX-OS System Software could allow ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-12340 (A vulnerability in Cisco NX-OS System Software running on Cisco MDS ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-12339 (A vulnerability in the CLI of Cisco NX-OS System Software could allow ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-12338 (A vulnerability in the CLI of Cisco NX-OS System Software could allow ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-12337 (A vulnerability in the upgrade mechanism of Cisco collaboration ...)
 	NOT-FOR-US: Cisco
 CVE-2017-12336 (A vulnerability in the TCL scripting subsystem of Cisco NX-OS System ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-12335 (A vulnerability in the CLI of Cisco NX-OS System Software could allow ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-12334 (A vulnerability in the CLI of Cisco NX-OS System Software could allow ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-12333 (A vulnerability in Cisco NX-OS System Software could allow an ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-12332 (A vulnerability in Cisco NX-OS System Software patch installation could ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-12331 (A vulnerability in Cisco NX-OS System Software could allow an ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-12330 (A vulnerability in the CLI of Cisco NX-OS System Software could allow ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-12329 (A vulnerability in the CLI of Cisco Firepower Extensible Operating ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-12328 (A vulnerability in Session Initiation Protocol (SIP) call handling in ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-12327
 	RESERVED
 CVE-2017-12326
@@ -15536,7 +15536,7 @@
 CVE-2017-12298 (A vulnerability in Cisco WebEx Meeting Center could allow an ...)
 	NOT-FOR-US: Cisco
 CVE-2017-12297 (A vulnerability in Cisco WebEx Meeting Center could allow an ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-12296 (A vulnerability in Cisco WebEx Meetings Server could allow an ...)
 	NOT-FOR-US: Cisco
 CVE-2017-12295 (A vulnerability in Cisco WebEx Meetings Server could allow an ...)
@@ -41399,7 +41399,7 @@
 CVE-2017-3765
 	RESERVED
 CVE-2017-3764 (A vulnerability was identified in Lenovo XClarity Administrator (LXCA) ...)
-	TODO: check
+	NOT-FOR-US: Lenovo XClarity Administrator
 CVE-2017-3763 (An attacker who obtains access to the location where the LXCA file ...)
 	NOT-FOR-US: Lenovo LXCA
 CVE-2017-3762
@@ -43734,9 +43734,9 @@
 CVE-2017-3106 (Adobe Flash Player versions 26.0.0.137 and earlier have an exploitable ...)
 	NOT-FOR-US: Adobe Flash Player
 CVE-2017-3105 (Adobe RoboHelp has an Open Redirect vulnerability. This affects ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2017-3104 (Adobe RoboHelp has a cross-site scripting (XSS) vulnerability. This ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2017-3103 (Adobe Connect versions 9.6.1 and earlier have a stored cross-site ...)
 	NOT-FOR-US: Adobe Connect
 CVE-2017-3102 (Adobe Connect versions 9.6.1 and earlier have a reflected cross-site ...)




More information about the Secure-testing-commits mailing list