[Secure-testing-commits] r49717 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Thu Mar 16 09:23:05 UTC 2017 

Author: carnil
Date: 2017-03-16 09:23:04 +0000 (Thu, 16 Mar 2017)
New Revision: 49717

Modified:
   data/CVE/list
Log:
Process some NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-03-16 09:19:43 UTC (rev 49716)
+++ data/CVE/list	2017-03-16 09:23:04 UTC (rev 49717)
@@ -1,13 +1,13 @@
 CVE-2017-6918 (CSRF exists in BigTree CMS 4.2.16 with the value[#][*] parameter to the ...)
-	TODO: check
+	NOT-FOR-US: BigTree CMS
 CVE-2017-6917 (CSRF exists in BigTree CMS 4.2.16 with the value parameter to the ...)
-	TODO: check
+	NOT-FOR-US: BigTree CMS
 CVE-2017-6916 (CSRF exists in BigTree CMS 4.1.18 with the nav-social[#] parameter to ...)
-	TODO: check
+	NOT-FOR-US: BigTree CMS
 CVE-2017-6915 (CSRF exists in BigTree CMS 4.1.18 with the colophon parameter to the ...)
-	TODO: check
+	NOT-FOR-US: BigTree CMS
 CVE-2017-6914 (CSRF exists in BigTree CMS 4.1.18 and 4.2.16 with the id parameter to ...)
-	TODO: check
+	NOT-FOR-US: BigTree CMS
 CVE-2017-6913
 	RESERVED
 CVE-2017-6912
@@ -1125,7 +1125,7 @@
 CVE-2017-6444 (The MikroTik Router hAP Lite 6.25 has no protection mechanism for ...)
 	NOT-FOR-US: MikroTik Router hAP Lite
 CVE-2017-6443 (Cross-site scripting (XSS) vulnerability in EPSON TMNet WebConfig 1.00 ...)
-	TODO: check
+	NOT-FOR-US: EPSON TMNet WebConfig
 CVE-2002-2447
 	RESERVED
 CVE-2017-XXXX [dns: out of bound memory read]
@@ -1366,7 +1366,7 @@
 CVE-2017-6399 (An issue was discovered in Veritas NetBackup Before 7.7.2 and NetBackup ...)
 	NOT-FOR-US: Veritas NetBackup
 CVE-2017-6398 (An issue was discovered in Trend Micro InterScan Messaging Security ...)
-	TODO: check
+	NOT-FOR-US: Trend Micro
 CVE-2017-6397 (An issue was discovered in FlightAirMap v1.0-beta.10. The vulnerability ...)
 	NOT-FOR-US: FlightAirMap
 CVE-2017-6396 (An issue was discovered in WPO-Foundation WebPageTest 3.0. The ...)
@@ -1438,7 +1438,7 @@
 CVE-2017-6367 (In Cerberus FTP Server 8.0.10.1, a crafted HTTP request causes the ...)
 	TODO: check
 CVE-2017-6366 (Cross-site request forgery (CSRF) vulnerability in NETGEAR DGN2200 ...)
-	TODO: check
+	NOT-FOR-US: Netgear
 CVE-2017-6365
 	RESERVED
 CVE-2017-6364
@@ -1920,7 +1920,7 @@
 CVE-2017-6190
 	RESERVED
 CVE-2017-6189 (Untrusted search path vulnerability in Amazon Kindle for PC before ...)
-	TODO: check
+	NOT-FOR-US: Amazon Kindle
 CVE-2017-6187 (Buffer overflow in the built-in web server in DiskSavvy Enterprise ...)
 	NOT-FOR-US: DiskSavvy Enterprise
 CVE-2017-6186
@@ -2193,7 +2193,7 @@
 CVE-2016-10226
 	RESERVED
 CVE-2017-6061 (Cross-site scripting (XSS) vulnerability in the help component of SAP ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2017-6060 (Stack-based buffer overflow in jstest_main.c in mujstest in Artifex ...)
 	- mupdf <unfixed> (unimportant)
 	NOTE: Although jstest_main.c compiled during build and mujstest is created
@@ -2274,7 +2274,7 @@
 CVE-2017-6024
 	RESERVED
 CVE-2017-6023 (An issue was discovered in Fatek Automation PLC Ethernet Module. The ...)
-	TODO: check
+	NOT-FOR-US: Fatek
 CVE-2017-6022
 	RESERVED
 CVE-2017-6021

More information about the Secure-testing-commits mailing list