[Secure-testing-commits] r53619 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Tue Jul 18 16:06:16 UTC 2017


Author: jmm
Date: 2017-07-18 16:06:16 +0000 (Tue, 18 Jul 2017)
New Revision: 53619

Modified:
   data/CVE/list
Log:
NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-07-18 11:28:30 UTC (rev 53618)
+++ data/CVE/list	2017-07-18 16:06:16 UTC (rev 53619)
@@ -861,7 +861,7 @@
 	- phpmyadmin 4:4.6.6-1 (unimportant)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2017-1
 CVE-2017-1000012 (MySQL Dumper version 1.24 is vulnerable to stored XSS when displaying ...)
-	TODO: check
+	NOT-FOR-US: MySQL Dumper
 CVE-2017-1000011 (MyWebSQL version 3.6 is vulnerable to stored XSS in the database ...)
 	NOT-FOR-US: MyWebSQL
 CVE-2017-1000010 (Audacity version 2.1.2 is vulnerable to Dll HIjacking in the ...)
@@ -2407,9 +2407,9 @@
 	- tiff3 <removed>
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2704
 CVE-2017-9934 (Missing CSRF token checks and improper input validation in Joomla! CMS ...)
-	TODO: check
+	NOT-FOR-US: Joomla
 CVE-2017-9933 (Improper cache invalidation in Joomla! CMS 1.7.3 through 3.7.2 leads ...)
-	TODO: check
+	NOT-FOR-US: Joomla
 CVE-2017-9932
 	RESERVED
 CVE-2017-9931
@@ -2708,13 +2708,13 @@
 	- cairo <unfixed> (bug #868580)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=101547
 CVE-2017-9813 (In Kaspersky Anti-Virus for Linux File Server before Maintenance Pack ...)
-	TODO: check
+	NOT-FOR-US: Kaspersky Anti-Virus
 CVE-2017-9812 (The reportId parameter of the getReportStatus action method can be ...)
-	TODO: check
+	NOT-FOR-US: Kaspersky Anti-Virus
 CVE-2017-9811 (The kluser is able to interact with the kav4fs-control binary in ...)
-	TODO: check
+	NOT-FOR-US: Kaspersky Anti-Virus
 CVE-2017-9810 (There are no Anti-CSRF tokens in any forms on the web interface in ...)
-	TODO: check
+	NOT-FOR-US: Kaspersky Anti-Virus
 CVE-2017-9809
 	RESERVED
 CVE-2017-9808
@@ -4567,7 +4567,7 @@
 CVE-2017-9610
 	RESERVED
 CVE-2017-9609 (Cross-site scripting (XSS) vulnerability in Blackcat CMS 1.2 allows ...)
-	TODO: check
+	NOT-FOR-US: Blackcat CMS
 CVE-2017-9608
 	RESERVED
 CVE-2017-9607
@@ -5323,11 +5323,11 @@
 CVE-2017-9341
 	RESERVED
 CVE-2017-9340 (An attacker is logged in as a normal user and can somehow make admin ...)
-	TODO: check
+	- owncloud <removed>
 CVE-2017-9339 (A logical error in ownCloud Server before 10.0.2 caused disclosure of ...)
-	TODO: check
+	- owncloud <removed>
 CVE-2017-9338 (Inadequate escaping lead to XSS vulnerability in the search module in ...)
-	TODO: check
+	- owncloud <removed>
 CVE-2017-9337 (The Markdown on Save Improved plugin 2.5 for WordPress has a stored XSS ...)
 	NOT-FOR-US: Wordpress plugin
 CVE-2017-9336 (The WP Editor.MD plugin 1.6 for WordPress has a stored XSS ...)
@@ -6815,7 +6815,7 @@
 CVE-2017-8897 (Invision Power Services (IPS) Community Suite 4.1.19.2 and earlier has ...)
 	NOT-FOR-US: Invision Power Services
 CVE-2017-8896 (ownCloud Server before 8.2.12, 9.0.x before 9.0.10, 9.1.x before ...)
-	TODO: check
+	- owncloud <removed>
 CVE-2017-8895 (In Veritas Backup Exec 2014 before build 14.1.1187.1126, 15 before ...)
 	NOT-FOR-US: Veritas
 CVE-2017-8894 (AeroAdmin 4.1 uses an insecure protocol (HTTP) to perform software ...)
@@ -13188,23 +13188,23 @@
 CVE-2017-6745
 	RESERVED
 CVE-2017-6744 (The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-6743 (The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-6742 (The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-6741 (The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-6740 (The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-6739 (The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-6738 (The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-6737 (The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-6736 (The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-6735 (A vulnerability in the backup and restore functionality of Cisco ...)
 	NOT-FOR-US: Cisco
 CVE-2017-6734 (A vulnerability in the web-based management interface of Cisco Identity ...)




More information about the Secure-testing-commits mailing list