[Secure-testing-commits] r49493 - data/CVE

Tue Mar 7 21:51:29 UTC 2017

Author: jmm
Date: 2017-03-07 21:51:29 +0000 (Tue, 07 Mar 2017)
New Revision: 49493

Modified:
   data/CVE/list
Log:
NFUs


Modified: data/CVE/list
===================================================================

--- data/CVE/list	2017-03-07 21:47:09 UTC (rev 49492)
+++ data/CVE/list	2017-03-07 21:51:29 UTC (rev 49493)
@@ -1,9 +1,9 @@
 CVE-2017-6511 (andrzuk/FineCMS before 2017-03-06 is vulnerable to a reflected XSS in ...)
-	TODO: check
+	NOT-FOR-US: FineCMS
 CVE-2017-6510
 	RESERVED
 CVE-2017-6509 (Smith0r/burgundy-cms before 2017-03-06 is vulnerable to a reflected XSS ...)
-	TODO: check
+	NOT-FOR-US: burgundy-cms
 CVE-2017-6507
 	RESERVED
 CVE-2017-XXXX [Cross-site scripting (XSS) via media file metadata]
@@ -1507,7 +1507,7 @@
 	NOTE: http://seclists.org/fulldisclosure/2017/Feb/27
 	NOTE: http://trac.kodi.tv/ticket/17314
 CVE-2017-5681 (The RSA-CRT implementation in the Intel QuickAssist Technology (QAT) ...)
-	TODO: check
+	NOT-FOR-US: Intel QuickAssist Technology (QAT) Engine
 CVE-2017-6056 (It was discovered that a programming error in the processing of HTTPS ...)
 	{DSA-3788-1 DSA-3787-1 DLA-823-1}
 	- tomcat8 8.0.21-2 (bug #851304)
@@ -13913,7 +13913,7 @@
 CVE-2017-1134
 	RESERVED
 CVE-2017-1133 (IBM QRadar 7.2 is vulnerable to cross-site scripting. This ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2017-1132
 	RESERVED
 CVE-2017-1131
@@ -13931,7 +13931,7 @@
 CVE-2017-1125
 	RESERVED
 CVE-2017-1124 (IBM Maximo Asset Management 7.1, 7.5, and 7.6 could allow a local ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2017-1123
 	RESERVED
 CVE-2017-1122
@@ -14452,7 +14452,7 @@
 CVE-2016-9741
 	RESERVED
 CVE-2016-9740 (IBM QRadar 7.2 could allow a remote attacker to consume all resources ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2016-9739 (IBM Security Identity Manager Virtual Appliance stores user ...)
 	NOT-FOR-US: IBM
 CVE-2016-9738
@@ -14472,27 +14472,27 @@
 CVE-2016-9731 (IBM Business Process Manager is vulnerable to cross-site scripting. ...)
 	NOT-FOR-US: IBM
 CVE-2016-9730 (IBM QRadar Incident Forensics 7.2 is vulnerable to cross-site request ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2016-9729 (IBM QRadar 7.2 does not perform an authentication check for a critical ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2016-9728 (IBM Qradar 7.2 is vulnerable to SQL injection. A remote attacker could ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2016-9727 (IBM QRadar 7.2 could allow a remote authenticated attacker to execute ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2016-9726 (IBM QRadar Incident Forensics 7.2 could allow a remote authenticated ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2016-9725 (IBM QRadar Incident Forensics 7.2 allows for Cross-Origin Resource ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2016-9724 (IBM QRadar 7.2 is vulnerable to a denial of service, caused by an XML ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2016-9723 (IBM QRadar 7.2 is vulnerable to cross-site scripting. This ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2016-9722
 	RESERVED
 CVE-2016-9721
 	RESERVED
 CVE-2016-9720 (IBM QRadar 7.2 discloses sensitive information to unauthorized users. ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2016-9719
 	RESERVED
 CVE-2016-9718
@@ -14546,7 +14546,7 @@
 CVE-2016-9694
 	RESERVED
 CVE-2016-9693 (IBM Business Process Manager 7.5, 8.0, and 8.5 has a file download ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2016-9692
 	RESERVED
 CVE-2016-9691
@@ -17787,7 +17787,7 @@
 CVE-2016-9165
 	RESERVED
 CVE-2016-9164 (Directory traversal vulnerability in diag.jsp file in CA Unified ...)
-	TODO: check
+	NOT-FOR-US: CA Unified Infrastructure Management
 CVE-2016-9163
 	RESERVED
 CVE-2016-9162
@@ -17821,7 +17821,7 @@
 CVE-2016-9149 (The Addresses Object parser in Palo Alto Networks PAN-OS before ...)
 	NOT-FOR-US: PAN-OS
 CVE-2016-9148 (Cross-site scripting (XSS) vulnerability in CA Service Desk Manager ...)
-	TODO: check
+	NOT-FOR-US: CA Service Desk Manager
 CVE-2016-9147 (named in ISC BIND 9.9.9-P4, 9.9.9-S6, 9.10.4-P4, and 9.11.0-P1 allows ...)
 	{DSA-3758-1 DLA-805-1}
 	[experimental] - bind9 1:9.10.4-P5-1
@@ -18407,7 +18407,7 @@
 CVE-2016-8972 (IBM AIX 6.1, 7.1, and 7.2 could allow a local user to gain root ...)
 	NOT-FOR-US: IBM
 CVE-2016-8971 (IBM WebSphere MQ 8.0 could allow an authenticated user with queue ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2016-8970
 	RESERVED
 CVE-2016-8969
@@ -18469,7 +18469,7 @@
 CVE-2016-8941 (IBM Tivoli Storage Productivity Center is vulnerable to cross-site ...)
 	NOT-FOR-US: IBM
 CVE-2016-8940 (IBM Tivoli Storage Manager (IBM Spectrum Protect) 6.1, 6.2, 6.3, and ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2016-8939
 	RESERVED
 CVE-2016-8938 (IBM UrbanCode Deploy could allow a user to execute code using a ...)


