[Secure-testing-commits] r56052 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Sat Sep 23 14:08:36 UTC 2017 

Author: carnil
Date: 2017-09-23 14:08:36 +0000 (Sat, 23 Sep 2017)
New Revision: 56052

Modified:
   data/CVE/list
Log:
Process NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-09-23 13:47:17 UTC (rev 56051)
+++ data/CVE/list	2017-09-23 14:08:36 UTC (rev 56052)
@@ -97,7 +97,7 @@
 	- p3scan <unfixed>
 	NOTE: https://sourceforge.net/p/p3scan/bugs/33/
 CVE-2017-14680 (ZKTeco ZKTime Web 2.0.1.12280 allows remote attackers to obtain ...)
-	TODO: check
+	NOT-FOR-US: ZKTeco ZKTime Web
 CVE-2017-14679
 	RESERVED
 CVE-2017-14678
@@ -151,7 +151,7 @@
 CVE-2017-14654
 	RESERVED
 CVE-2017-14653 (member/Orderinfo.asp in ASP4CMS AspCMS 2.7.2 allows remote ...)
-	TODO: check
+	NOT-FOR-US: ASP4CMS AspCMS
 CVE-2017-14652 (SQL Injection vulnerability in mobiquo/lib/classTTForum.php in the ...)
 	NOT-FOR-US: Tapatalk plugin for MyBB
 CVE-2017-14651 (WSO2 Data Analytics Server 3.1.0 has XSS in ...)
@@ -243,7 +243,7 @@
 CVE-2017-14622
 	RESERVED
 CVE-2017-14621 (Portus 2.2.0 has XSS via the Team field, related to typeahead. ...)
-	TODO: check
+	NOT-FOR-US: Portus
 CVE-2017-14620
 	RESERVED
 CVE-2017-14619 (Cross-site scripting (XSS) vulnerability in phpMyFAQ through 2.9.8 ...)
@@ -1014,9 +1014,9 @@
 CVE-2017-14322
 	RESERVED
 CVE-2017-14321 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
-	TODO: check
+	NOT-FOR-US: Mirasvit Helpdesk MX
 CVE-2017-14320 (Mirasvit Helpdesk MX before 1.5.3 might allow remote attackers to ...)
-	TODO: check
+	NOT-FOR-US: Mirasvit Helpdesk MX
 CVE-2017-14319 (A grant unmapping issue was discovered in Xen through 4.9.x. When ...)
 	- xen <unfixed>
 	NOTE: https://xenbits.xen.org/xsa/advisory-234.html
@@ -1724,13 +1724,13 @@
 CVE-2017-14082
 	RESERVED
 CVE-2017-14081 (Proxy command injection vulnerabilities in Trend Micro Mobile Security ...)
-	TODO: check
+	NOT-FOR-US: Trend Micro Mobile Security
 CVE-2017-14080 (Authentication bypass vulnerability in Trend Micro Mobile Security ...)
-	TODO: check
+	NOT-FOR-US: Trend Micro Mobile Security
 CVE-2017-14079 (Unrestricted file uploads in Trend Micro Mobile Security (Enterprise) ...)
-	TODO: check
+	NOT-FOR-US: Trend Micro Mobile Security
 CVE-2017-14078 (SQL Injection vulnerabilities in Trend Micro Mobile Security ...)
-	TODO: check
+	NOT-FOR-US: Trend Micro Mobile Security
 CVE-2017-14098 (In the pjsip channel driver (res_pjsip) in Asterisk 13.x before 13.17.1 ...)
 	- asterisk 1:13.17.1~dfsg-1 (bug #873909)
 	[stretch] - asterisk <not-affected> (Vulnerable code not present; issue introduced in 13.15)
@@ -4590,11 +4590,11 @@
 CVE-2017-12931
 	RESERVED
 CVE-2017-12930 (SQL Injection in the admin interface in TecnoVISION DLX Spot Player4 ...)
-	TODO: check
+	NOT-FOR-US: TecnoVISION DLX Spot Player4
 CVE-2017-12929 (Arbitrary File Upload in resource.php of TecnoVISION DLX Spot Player4 ...)
-	TODO: check
+	NOT-FOR-US: TecnoVISION DLX Spot Player4
 CVE-2017-12928 (A hard-coded password of tecn0visi0n for the dlxuser account in ...)
-	TODO: check
+	NOT-FOR-US: TecnoVISION DLX Spot Player4
 CVE-2017-12926
 	RESERVED
 CVE-2017-12918
@@ -9180,9 +9180,9 @@
 CVE-2017-11397
 	RESERVED
 CVE-2017-11396 (Vulnerability issues with the web service inspection of input ...)
-	TODO: check
+	NOT-FOR-US: Trend Micro Web Security Virtual Appliance
 CVE-2017-11395 (Command injection vulnerability in Trend Micro Smart Protection Server ...)
-	TODO: check
+	NOT-FOR-US: Trend Micro Smart Protection Server
 CVE-2017-11394 (Proxy command injection vulnerability in Trend Micro OfficeScan 11 and ...)
 	NOT-FOR-US: Trend Micro
 CVE-2017-11393 (Proxy command injection vulnerability in Trend Micro OfficeScan 11 and ...)
@@ -18117,7 +18117,7 @@
 CVE-2017-8278 (In all Qualcomm products with Android releases from CAF using the ...)
 	NOT-FOR-US: Qualcomm driver for Android
 CVE-2017-8277 (In all Qualcomm products with Android releases from CAF using the ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm driver for Android
 CVE-2017-8276
 	RESERVED
 CVE-2017-8275
@@ -31917,7 +31917,7 @@
 CVE-2017-3771
 	RESERVED
 CVE-2017-3770 (Privilege escalation vulnerability in LXCA versions earlier than 1.3.2 ...)
-	TODO: check
+	NOT-FOR-US: Lenovo LXCA
 CVE-2017-3769
 	RESERVED
 CVE-2017-3768
@@ -31931,7 +31931,7 @@
 CVE-2017-3764
 	RESERVED
 CVE-2017-3763 (An attacker who obtains access to the location where the LXCA file ...)
-	TODO: check
+	NOT-FOR-US: Lenovo LXCA
 CVE-2017-3762
 	RESERVED
 CVE-2017-3761

More information about the Secure-testing-commits mailing list