[Secure-testing-commits] r49788 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Sun Mar 19 12:19:53 UTC 2017 

Author: jmm
Date: 2017-03-19 12:19:52 +0000 (Sun, 19 Mar 2017)
New Revision: 49788

Modified:
   data/CVE/list
Log:
NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-03-19 12:11:35 UTC (rev 49787)
+++ data/CVE/list	2017-03-19 12:19:52 UTC (rev 49788)
@@ -557,15 +557,15 @@
 CVE-2017-6910
 	RESERVED
 CVE-2017-6909 (An issue was discovered in Shimmie <= 2.5.1. The vulnerability exists ...)
-	TODO: check
+	NOT-FOR-US: Shimmie 
 CVE-2017-6908 (An issue was discovered in concrete5 <= 5.6.3.4. The vulnerability ...)
-	TODO: check
+	NOT-FOR-US: concrete5
 CVE-2017-6907 (An issue was discovered in Open.GL before 2017-03-13. The vulnerability ...)
-	TODO: check
+	NOT-FOR-US: Open.GL 
 CVE-2017-6906 (An issue was discovered in SiberianCMS before 4.10.0. The vulnerability ...)
-	TODO: check
+	NOT-FOR-US: SiberianCMS
 CVE-2017-6905 (An issue was discovered in concrete5 <= 5.6.3.4. The vulnerability ...)
-	TODO: check
+	NOT-FOR-US: concrete5
 CVE-2017-6904
 	RESERVED
 CVE-2017-6902
@@ -613,7 +613,7 @@
 CVE-2017-6884
 	RESERVED
 CVE-2017-6883 (The ConvertToPDF plugin in Foxit Reader before 8.2.1 and PhantomPDF ...)
-	TODO: check
+	NOT-FOR-US: Foxit
 CVE-2017-6882
 	RESERVED
 CVE-2017-6881
@@ -625,7 +625,7 @@
 CVE-2017-6878
 	RESERVED
 CVE-2017-6877 (Cross-site scripting (XSS) vulnerability in SVG file handling in Lutim ...)
-	TODO: check
+	NOT-FOR-US: Lutim
 CVE-2017-6876
 	RESERVED
 CVE-2017-6875
@@ -1435,7 +1435,7 @@
 CVE-2017-6511 (andrzuk/FineCMS before 2017-03-06 is vulnerable to a reflected XSS in ...)
 	NOT-FOR-US: FineCMS
 CVE-2017-6510 (Easy File Sharing FTP Server version 3.6 is vulnerable to a directory ...)
-	TODO: check
+	NOT-FOR-US: Easy File Sharing FTP Server
 CVE-2017-6509 (Smith0r/burgundy-cms before 2017-03-06 is vulnerable to a reflected XSS ...)
 	NOT-FOR-US: burgundy-cms
 CVE-2017-6507
@@ -4264,9 +4264,9 @@
 CVE-2017-5585 (OpenText Documentum Content Server (formerly EMC Documentum Content ...)
 	NOT-FOR-US: OpenText Documentum Content Server
 CVE-2017-5584 (Cross-site scripting (XSS) vulnerability in the Management Web ...)
-	TODO: check
+	NOT-FOR-US: Palo Alto Networks
 CVE-2017-5583 (The Management Web Interface in Palo Alto Networks PAN-OS before ...)
-	TODO: check
+	NOT-FOR-US: Palo Alto Networks
 CVE-2017-5582
 	RESERVED
 CVE-2017-6852 (Heap-based buffer overflow in the jpc_dec_decodepkt function in ...)
@@ -4655,7 +4655,7 @@
 CVE-2017-5497
 	RESERVED
 CVE-2017-5496 (Sawmill Enterprise 8.7.9 allows remote attackers to gain login access ...)
-	TODO: check
+	NOT-FOR-US: Sawmill Enterprise
 CVE-2017-5495 (All versions of Quagga, 0.93 through 1.1.0, are vulnerable to an ...)
 	- quagga 1.1.1-1 (bug #852454)
 	[jessie] - quagga <no-dsa> (Minor issue)
@@ -5139,9 +5139,9 @@
 CVE-2017-5360
 	RESERVED
 CVE-2017-5359 (EasyCom SQL iPlug allows remote attackers to cause a denial of service ...)
-	TODO: check
+	NOT-FOR-US: EasyCom
 CVE-2017-5358 (Stack-based buffer overflows in php_Easycom5_3_0.dll in EasyCom for ...)
-	TODO: check
+	NOT-FOR-US: EasyCom
 CVE-2016-10147 (crypto/mcryptd.c in the Linux kernel before 4.8.15 allows local users ...)
 	- linux 4.8.15-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
@@ -6468,7 +6468,7 @@
 CVE-2017-4961
 	RESERVED
 CVE-2017-4960 (An issue was discovered in Cloud Foundry release v247 through v252, UAA ...)
-	TODO: check
+	NOT-FOR-US: Cloud Foundry
 CVE-2017-4959
 	RESERVED
 CVE-2017-4958
@@ -8641,7 +8641,7 @@
 CVE-2017-3900
 	RESERVED
 CVE-2017-3899 (SQL injection vulnerability in Intel Security Advanced Threat Defense ...)
-	TODO: check
+	NOT-FOR-US: Intel antivirus
 CVE-2017-3898
 	RESERVED
 CVE-2017-3897
@@ -8810,7 +8810,7 @@
 CVE-2017-3855
 	RESERVED
 CVE-2017-3854 (A vulnerability in the mesh code of Cisco Wireless LAN Controller (WLC) ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-3853
 	RESERVED
 CVE-2017-3852
@@ -8826,7 +8826,7 @@
 CVE-2017-3847 (A vulnerability in the web framework of Cisco Firepower Management ...)
 	NOT-FOR-US: Cisco
 CVE-2017-3846 (A vulnerability in the Client Manager Server of Cisco Workload ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-3845 (A vulnerability in the web-based management interface of Cisco Prime ...)
 	NOT-FOR-US: Cisco
 CVE-2017-3844 (A vulnerability in exporting functions of the user interface for Cisco ...)
@@ -8856,7 +8856,7 @@
 CVE-2017-3832
 	RESERVED
 CVE-2017-3831 (A vulnerability in the web-based GUI of Cisco Mobility Express 1800 ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2017-3830 (A vulnerability in an internal API of the Cisco Meeting Server (CMS) ...)
 	NOT-FOR-US: Cisco
 CVE-2017-3829 (A vulnerability in the web-based management interface of Cisco Unified ...)
@@ -23407,21 +23407,21 @@
 CVE-2016-8013
 	RESERVED
 CVE-2016-8012 (Access control vulnerability in Intel Security Data Loss Prevention ...)
-	TODO: check
+	NOT-FOR-US: Intel antivirus
 CVE-2016-8011 (Cross-site scripting vulnerability in Intel Security McAfee Endpoint ...)
-	TODO: check
+	NOT-FOR-US: Intel antivirus
 CVE-2016-8010 (Application protections bypass vulnerability in Intel Security McAfee ...)
-	TODO: check
+	NOT-FOR-US: Intel antivirus
 CVE-2016-8009 (Privilege escalation vulnerability in Intel Security McAfee ...)
-	TODO: check
+	NOT-FOR-US: Intel antivirus
 CVE-2016-8008 (Privilege escalation vulnerability in Windows 7 and Windows 10 in ...)
-	TODO: check
+	NOT-FOR-US: Intel antivirus
 CVE-2016-8007 (Authentication bypass vulnerability in McAfee Host Intrusion ...)
-	TODO: check
+	NOT-FOR-US: Intel antivirus
 CVE-2016-8006 (Authentication bypass vulnerability in Enterprise Security Manager ...)
 	NOT-FOR-US: Intel Security McAfee Security Information and Event Management
 CVE-2016-8005 (File extension filtering vulnerability in Intel Security McAfee Email ...)
-	TODO: check
+	NOT-FOR-US: Intel antivirus
 CVE-2016-8004
 	RESERVED
 CVE-2016-8003
@@ -52987,9 +52987,9 @@
 CVE-2015-7495
 	RESERVED
 CVE-2015-7494 (A vulnerability has been identified in IBM Cloud Orchestrator ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2015-7493 (IBM InfoSphere Information Server could allow a local user under ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2015-7492 (Cross-site scripting (XSS) vulnerability in Reference Data Management ...)
 	NOT-FOR-US: IBM
 CVE-2015-7491 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.0.x ...)

More information about the Secure-testing-commits mailing list