Author: carnil Date: 2013-10-07 14:52:40 +0000 (Mon, 07 Oct 2013) New Revision: 23904
Modified: data/CVE/list Log: Process NFUs Modified: data/CVE/list =================================================================== --- data/CVE/list 2013-10-07 14:26:15 UTC (rev 23903) +++ data/CVE/list 2013-10-07 14:52:40 UTC (rev 23904) @@ -15,15 +15,15 @@ CVE-2013-5980 RESERVED CVE-2013-5979 (Directory traversal vulnerability in Spring Signage Xibo 1.2.x before ...) - TODO: check + NOT-FOR-US: Xibo CVE-2013-5978 RESERVED CVE-2013-5977 RESERVED CVE-2013-5976 (Cross-site scripting (XSS) vulnerability in the access policy logout ...) - TODO: check + NOT-FOR-US: F5 BIG-IP APM CVE-2013-5975 (The access policy logon page (logon.inc) in F5 BIG-IP APM 11.1.0 ...) - TODO: check + NOT-FOR-US: F5 BIG-IP APM CVE-2013-5974 RESERVED CVE-2013-5973 @@ -49,7 +49,7 @@ CVE-2013-5963 (Unrestricted file upload vulnerability in multi.php in Simple Dropbox ...) TODO: check CVE-2013-5962 (Unrestricted file upload vulnerability in frames/upload-images.php in ...) - TODO: check + NOT-FOR-US: Complete Gallery Manager plugin for Wordpress CVE-2013-5961 (Unrestricted file upload vulnerability in lazyseo.php in the Lazy SEO ...) TODO: check CVE-2013-5960 (The authenticated-encryption feature in the symmetric-encryption ...) @@ -83,7 +83,7 @@ CVE-2013-5945 RESERVED CVE-2013-5944 (The integrated web server on Siemens SCALANCE X-200 switches with ...) - TODO: check + NOT-FOR-US: web server on Siemens switches CVE-2013-5959 (Blue Coat ProxySG before 6.2.14.1, 6.3.x, 6.4.x, and 6.5 before 6.5.2 ...) NOT-FOR-US: Blue Coat ProxySG CVE-2013-5943 (Multiple cross-site scripting (XSS) vulnerabilities in Graphite before ...) @@ -1070,13 +1070,13 @@ CVE-2013-5520 RESERVED CVE-2013-5519 (Cross-site scripting (XSS) vulnerability in the management interface ...) - TODO: check + NOT-FOR-US: Cisco CVE-2013-5518 RESERVED CVE-2013-5517 (SQL injection vulnerability in the web framework in Cisco Unified ...) - TODO: check + NOT-FOR-US: Cisco CVE-2013-5516 (The Media Snapshot implementation on Cisco TelePresence Multipoint ...) - TODO: check + NOT-FOR-US: Cisco CVE-2013-5515 RESERVED CVE-2013-5514 @@ -1098,11 +1098,11 @@ CVE-2013-5506 RESERVED CVE-2013-5505 (Cross-site scripting (XSS) vulnerability in an administration page in ...) - TODO: check + NOT-FOR-US: Cisco CVE-2013-5504 (Cross-site scripting (XSS) vulnerability in the Mobile Device ...) - TODO: check + NOT-FOR-US: Cisco CVE-2013-5503 (The UDP process in Cisco IOS XR 4.3.1 does not free packet memory upon ...) - TODO: check + NOT-FOR-US: Cisco CVE-2013-5502 (The web interface in Cisco MediaSense does not properly protect the ...) NOT-FOR-US: Cisco MediaSense CVE-2013-5501 (Cross-site scripting (XSS) vulnerability in the oraservice page in ...) @@ -1318,7 +1318,7 @@ CVE-2013-5396 RESERVED CVE-2013-5395 (IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 before 7.1.1.12, ...) - TODO: check + NOT-FOR-US: IBM Maximo Asset Management CVE-2013-5394 RESERVED CVE-2013-5393 @@ -1368,7 +1368,7 @@ CVE-2013-5371 RESERVED CVE-2013-5370 (Unspecified vulnerability in IBM SPSS Collaboration and Deployment ...) - TODO: check + NOT-FOR-US: IBM SPSS Collaboration and Deployment Services CVE-2013-5369 (IBM SPSS Analytical Decision Management 6.1 before IF1, 6.2 before ...) NOT-FOR-US: IBM SPSS Analytical Decision Management CVE-2013-5368 @@ -2831,7 +2831,7 @@ CVE-2013-4709 (Buffer overflow in the PPP Access Concentrator (PPPAC) on the SEIL/x86 ...) NOT-FOR-US: PPP Access Concentrator CVE-2013-4708 (The PPP Access Concentrator (PPPAC) in Internet Initiative Japan Inc. ...) - TODO: check + NOT-FOR-US: Internet Initiative Japan Inc CVE-2013-4707 (The SSH implementation on D-Link Japan DES-3810 devices with firmware ...) NOT-FOR-US: D-Link CVE-2013-4706 (The SSH implementation on the D-Link Japan DWL-2100AP with firmware ...) @@ -4609,9 +4609,9 @@ CVE-2013-4068 (Buffer overflow in iNotes in IBM Domino 8.5.3 before FP5 IF1 and 9.0 ...) NOT-FOR-US: IBM CVE-2013-4067 (IBM InfoSphere Information Server 8.0, 8.1, 8.5 through FP3, 8.7, and ...) - TODO: check + NOT-FOR-US: IBM InfoSphere Information Server CVE-2013-4066 (IBM InfoSphere Information Server 8.0, 8.1, 8.5 through FP3, 8.7, and ...) - TODO: check + NOT-FOR-US: IBM InfoSphere Information Server CVE-2013-4065 RESERVED CVE-2013-4064 @@ -4659,7 +4659,7 @@ CVE-2013-4043 RESERVED CVE-2013-4042 (Unspecified vulnerability in IBM SPSS Collaboration and Deployment ...) - TODO: check + NOT-FOR-US: IBM SPSS Collaboration and Deployment Services CVE-2013-4041 RESERVED CVE-2013-4040 @@ -4679,7 +4679,7 @@ CVE-2013-4033 (IBM DB2 and DB2 Connect 9.7 through FP8, 9.8 through FP5, 10.1 through ...) NOT-FOR-US: IBM DB2 CVE-2013-4032 (The Fast Communications Manager (FCM) in IBM DB2 Enterprise Server ...) - TODO: check + NOT-FOR-US: IBM CVE-2013-4031 (The Intelligent Platform Management Interface (IPMI) implementation in ...) NOT-FOR-US: IBM BladeCenter CVE-2013-4030 @@ -4689,7 +4689,7 @@ CVE-2013-4028 RESERVED CVE-2013-4027 (IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 through 7.1.1.12, ...) - TODO: check + NOT-FOR-US: IBM Maximo Asset Management CVE-2013-4026 RESERVED CVE-2013-4025 (IBM Data Studio Web Console 3.x before 3.2, Optim Performance Manager ...) @@ -4701,23 +4701,23 @@ CVE-2013-4022 (IBM Data Studio Web Console 3.x before 3.2, Optim Performance Manager ...) NOT-FOR-US: IBM CVE-2013-4021 (IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 before 7.1.1.12, ...) - TODO: check + NOT-FOR-US: IBM Maximo Asset Management CVE-2013-4020 (IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 through 7.1.1.12, ...) - TODO: check + NOT-FOR-US: IBM Maximo Asset Management CVE-2013-4019 (Cross-site scripting (XSS) vulnerability in IBM Maximo Asset ...) - TODO: check + NOT-FOR-US: IBM Maximo Asset Management CVE-2013-4018 (IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 before 7.1.1.12, ...) - TODO: check + NOT-FOR-US: IBM Maximo Asset Management CVE-2013-4017 (SQL injection vulnerability in IBM Maximo Asset Management 7.1 before ...) - TODO: check + NOT-FOR-US: IBM Maximo Asset Management CVE-2013-4016 RESERVED CVE-2013-4015 (Microsoft Internet Explorer 6 through 10 allows local users to bypass ...) NOT-FOR-US: MS IE CVE-2013-4014 (Cross-site scripting (XSS) vulnerability in IBM Maximo Asset ...) - TODO: check + NOT-FOR-US: IBM Maximo Asset Management CVE-2013-4013 (IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 through 7.1.1.12, ...) - TODO: check + NOT-FOR-US: IBM Maximo Asset Management CVE-2013-4012 RESERVED CVE-2013-4011 (Multiple unspecified vulnerabilities in the InfiniBand subsystem in ...) @@ -4797,11 +4797,11 @@ CVE-2013-3974 RESERVED CVE-2013-3973 (SQL injection vulnerability in IBM Maximo Asset Management 7.1 before ...) - TODO: check + NOT-FOR-US: IBM Maximo Asset Management CVE-2013-3972 (IBM Maximo Asset Management 7.1 before 7.1.1.12 and 7.5 before 7.5.0.5 ...) - TODO: check + NOT-FOR-US: IBM Maximo Asset Management CVE-2013-3971 (IBM Maximo Asset Management 7.1 through 7.1.1.12 and 7.5 before ...) - TODO: check + NOT-FOR-US: IBM Maximo Asset Management CVE-2013-3970 (Juniper Junos Pulse Secure Access Service (aka SSL VPN) with IVE OS ...) NOT-FOR-US: Juniper Junos Pulse Secure Access Service CVE-2013-3969 (The find prototype in scripting/engine_v8.h in MongoDB 2.4.0 through ...) @@ -4818,11 +4818,11 @@ CVE-2013-3965 RESERVED CVE-2013-3964 (Cross-site scripting (XSS) vulnerability in Samsung SHR-5162, ...) - TODO: check + NOT-FOR-US: Samsung CVE-2013-3963 (Cross-site request forgery (CSRF) vulnerability in goform/usermanage ...) - TODO: check + NOT-FOR-US: Grandstream CVE-2013-3962 (Cross-site scripting (XSS) vulnerability in Grandstream GXV3501, ...) - TODO: check + NOT-FOR-US: Grandstream CVE-2013-3961 RESERVED CVE-2013-3960 @@ -5425,11 +5425,11 @@ CVE-2013-3691 RESERVED CVE-2013-3690 (Cross-site request forgery (CSRF) vulnerability in cgi-bin/users.cgi ...) - TODO: check + NOT-FOR-US: Brickcom CVE-2013-3689 RESERVED CVE-2013-3688 (The TP-Link IP Cameras TL-SC3171, TL-SC3130, TL-SC3130G, TL-SC3171G, ...) - TODO: check + NOT-FOR-US: TP-Link CVE-2013-3687 RESERVED CVE-2013-3686 @@ -5584,9 +5584,9 @@ CVE-2013-3626 RESERVED CVE-2013-3625 (An unspecified DLL file in Baramundi Management Suite 7.5 through 8.9 ...) - TODO: check + NOT-FOR-US: Baramundi Management Suite CVE-2013-3624 (The OS deployment feature in Baramundi Management Suite 7.5 through ...) - TODO: check + NOT-FOR-US: Baramundi Management Suite CVE-2013-3623 RESERVED CVE-2013-3622 @@ -5648,7 +5648,7 @@ CVE-2013-3594 RESERVED CVE-2013-3593 (Baramundi Management Suite 7.5 through 8.9 uses cleartext for (1) ...) - TODO: check + NOT-FOR-US: Baramundi Management Suite CVE-2013-3592 RESERVED CVE-2013-3591 @@ -5789,7 +5789,7 @@ CVE-2013-3540 RESERVED CVE-2013-3539 (Cross-site request forgery (CSRF) vulnerability in the ...) - TODO: check + NOT-FOR-US: Sony CVE-2013-3538 (Multiple cross-site scripting (XSS) vulnerabilities in todooforum.php ...) NOT-FOR-US: Todoo Forum CVE-2013-3537 (Multiple SQL injection vulnerabilities in todooforum.php in Todoo ...) @@ -6037,7 +6037,7 @@ CVE-2013-3418 (Cisco Unified Communications Domain Manager does not properly allocate ...) NOT-FOR-US: Cisco CVE-2013-3417 (The administrative web interface in Cisco Video Surveillance ...) - TODO: check + NOT-FOR-US: Cisco CVE-2013-3416 (Cross-site scripting (XSS) vulnerability in the web framework in the ...) NOT-FOR-US: Cisco CVE-2013-3415 @@ -6859,11 +6859,11 @@ CVE-2013-3050 (SQL injection vulnerability in ZAPms 1.41 and earlier allows remote ...) NOT-FOR-US: ZAPms CVE-2013-3049 (IBM Maximo Asset Management 7.1 through 7.1.1.12 and 7.5 before ...) - TODO: check + NOT-FOR-US: IBM Maximo Asset Management CVE-2013-3048 (Cross-site scripting (XSS) vulnerability in IBM Maximo Asset ...) - TODO: check + NOT-FOR-US: IBM Maximo Asset Management CVE-2013-3047 (IBM Maximo Asset Management 7.1 before 7.1.1.12 and 7.5 before 7.5.0.5 ...) - TODO: check + NOT-FOR-US: IBM Maximo Asset Management CVE-2013-3046 RESERVED CVE-2013-3045 @@ -6875,7 +6875,7 @@ CVE-2013-3042 RESERVED CVE-2013-3041 (The Web Client in IBM Rational ClearQuest 7.1 before 7.1.2.12, 8.0 ...) - TODO: check + NOT-FOR-US: IBM CVE-2013-3040 (IBM InfoSphere Information Server through 8.5 FP3, 8.7 through FP2, ...) NOT-FOR-US: IBM InfoSphere Information Server CVE-2013-3039 (IBM Rational Requirements Composer before 4.0.4 does not properly ...) @@ -8874,7 +8874,7 @@ CVE-2013-2270 RESERVED CVE-2013-2269 (The Sponsorship Confirmation functionality in Aruba Networks ClearPass ...) - TODO: check + NOT-FOR-US: Aruba Networks ClearPass CVE-2013-2268 (Unspecified vulnerability in the MathML implementation in WebKit in ...) - chromium-browser 25.0.1364.97-1 [squeeze] - chromium-browser <not-affected> (Vulnerable code not present) @@ -13885,17 +13885,17 @@ CVE-2013-0695 RESERVED CVE-2013-0694 (The Emerson Process Management ROC800 RTU with software 3.50 and ...) - TODO: check + NOT-FOR-US: Emerson Process Management CVE-2013-0693 (The kernel in ENEA OSE on the Emerson Process Management ROC800 RTU ...) - TODO: check + NOT-FOR-US: Emerson Process Management CVE-2013-0692 (The kernel in ENEA OSE on the Emerson Process Management ROC800 RTU ...) - TODO: check + NOT-FOR-US: Emerson Process Management CVE-2013-0691 RESERVED CVE-2013-0690 RESERVED CVE-2013-0689 (The TFTP server on the Emerson Process Management ROC800 RTU with ...) - TODO: check + NOT-FOR-US: Emerson Process Management CVE-2013-0688 (Cross-site scripting (XSS) vulnerability in Invensys Wonderware ...) NOT-FOR-US: Invensys Wonderware Information Server CVE-2013-0687 (The installer routine in Schneider Electric MiCOM S1 Studio uses ...) @@ -14389,7 +14389,7 @@ CVE-2013-0452 (Cross-site request forgery (CSRF) vulnerability in the Software Use ...) NOT-FOR-US: IBM Tivoli Endpoint Manager CVE-2013-0451 (SQL injection vulnerability in IBM Maximo Asset Management 6.2 through ...) - TODO: check + NOT-FOR-US: IBM Maximo Asset Management CVE-2012-6425 RESERVED CVE-2012-6424 @@ -21939,7 +21939,7 @@ CVE-2012-4137 RESERVED CVE-2012-4136 (The high-availability service in the Fabric Interconnect component in ...) - TODO: check + NOT-FOR-US: Cisco CVE-2012-4135 RESERVED CVE-2012-4134 @@ -21989,11 +21989,11 @@ CVE-2012-4112 RESERVED CVE-2012-4111 (The create certreq command in the fabric-interconnect component in ...) - TODO: check + NOT-FOR-US: Cisco CVE-2012-4110 (run-script in the fabric-interconnect component in Cisco Unified ...) - TODO: check + NOT-FOR-US: Cisco CVE-2012-4109 (The clear sshkey command in the fabric-interconnect component in Cisco ...) - TODO: check + NOT-FOR-US: Cisco CVE-2012-4108 RESERVED CVE-2012-4107 @@ -22003,11 +22003,11 @@ CVE-2012-4105 RESERVED CVE-2012-4104 (Absolute path traversal vulnerability in the image-download process in ...) - TODO: check + NOT-FOR-US: Cisco CVE-2012-4103 (ethanalyzer in the fabric-interconnect component in Cisco Unified ...) - TODO: check + NOT-FOR-US: Cisco CVE-2012-4102 (The activate firmware command in the fabric-interconnect component in ...) - TODO: check + NOT-FOR-US: Cisco CVE-2012-4101 RESERVED CVE-2012-4100 @@ -22021,7 +22021,7 @@ CVE-2012-4096 (The local file editor in the Baseboard Management Controller (BMC) in ...) TODO: check CVE-2012-4095 (The local file editor in the fabric-interconnect component in Cisco ...) - TODO: check + NOT-FOR-US: Cisco CVE-2012-4094 (Buffer overflow in the Smart Call Home feature in the fabric ...) NOT-FOR-US: Cisco Unified Computing System CVE-2012-4093 (The Manager component in Cisco Unified Computing System (UCS) allows ...) @@ -24031,7 +24031,7 @@ CVE-2012-3324 (Directory traversal vulnerability in the UTL_FILE module in IBM DB2 ...) NOT-FOR-US: IBM DB2 CVE-2012-3323 (IBM Maximo Asset Management 6.2 before 6.2.8, 7.1 before 7.1.1.12, and ...) - TODO: check + NOT-FOR-US: IBM Maximo Asset Management CVE-2012-3322 (Cross-site scripting (XSS) vulnerability in IBM Maximo Asset ...) NOT-FOR-US: IBM CVE-2012-3321 (IBM SmartCloud Control Desk 7.5 allows remote authenticated users to ...) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits