[Secure-testing-commits] r53910 - data/CVE

[Salvatore Bonaccorso]

Author: carnil
Date: 2017-07-25 19:41:50 +0000 (Tue, 25 Jul 2017)
New Revision: 53910

Modified:
   data/CVE/list
Log:
Update status for CVE-2017-1000032

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-07-25 19:35:50 UTC (rev 53909)
+++ data/CVE/list	2017-07-25 19:41:50 UTC (rev 53910)
@@ -1306,7 +1306,11 @@
 CVE-2017-1000033 (Wordpress Plugin Vospari Forms version < 1.4 is vulnerable to a ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2017-1000032 (Cross-Site scripting (XSS) vulnerabilities in Cacti 0.8.8b allow ...)
-	NOTE: Seems like a duplicate, contacted MITRE for rejection
+	- cacti 0.8.8b+dfsg-6
+	[wheezy] - cacti 0.8.8a+dfsg-5+deb7u3
+	NOTE: MITRE will not reject the entry, but the issue is already covered by the
+	NOTE: patch as for CVE-2014-4002. See discussion in
+	NOTE: https://github.com/distributedweaknessfiling/DWF-CVE-Database/issues/27
 CVE-2017-1000031 (SQL injection vulnerability in graph_templates_inputs.php in Cacti ...)
 	- cacti <unfixed>
 	NOTE: https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2016-007/?fid=7789