[Secure-testing-commits] r21980 - data/CVE

Thijs Kinkhorst Thu, 18 Apr 2013 00:18:40 -0700

Author: thijs
Date: 2013-04-18 07:18:29 +0000 (Thu, 18 Apr 2013)
New Revision: 21980


Modified:
   data/CVE/list
Log:
nfu


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2013-04-17 21:22:58 UTC (rev 21979)
+++ data/CVE/list       2013-04-18 07:18:29 UTC (rev 21980)
@@ -2408,8 +2408,9 @@
        RESERVED
 CVE-2013-1968
        RESERVED
-CVE-2013-1967
+CVE-2013-1967 [mediaelement flashmediaelement XSS]
        RESERVED
+       NOT-FOR-US: Mediaelement
 CVE-2013-1966
        RESERVED
 CVE-2013-1965
@@ -3651,41 +3652,41 @@
        - mysql-5.5 <unfixed>           
        - mysql-5.1 <removed>
 CVE-2013-1510 (Unspecified vulnerability in the Siebel UI Framework component 
in ...)
-       TODO: check
+       NOT-FOR-US: Oracle Siebel
 CVE-2013-1509 (Unspecified vulnerability in the Oracle WebCenter Sites 
component in ...)
-       TODO: check
+       NOT-FOR-US: Oracle Fusion
 CVE-2013-1508 (Unspecified vulnerability in the Oracle GlassFish Server 
component in ...)
-       TODO: check
+       - glassfish <unfixed>
 CVE-2013-1507 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11 
allows local ...)
-       TODO: check
+       NOT-FOR-US: Solaris
 CVE-2013-1506 (Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, 
5.5.29 ...)
        - mysql-5.5 <unfixed>           
        - mysql-5.1 <removed>
 CVE-2013-1505 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking 
...)
-       TODO: check
+       NOT-FOR-US: Oracle FLEXCUBE
 CVE-2013-1504 (Unspecified vulnerability in the Oracle WebLogic Server 
component in ...)
-       TODO: check
+       NOT-FOR-US: Oracle Fusion
 CVE-2013-1503 (Unspecified vulnerability in the Oracle WebCenter Content 
component in ...)
-       TODO: check
+       NOT-FOR-US: Oracle Fusion
 CVE-2013-1502 (Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier 
and 5.6.9 ...)
        - mysql-5.5 <unfixed>           
        - mysql-5.1 <removed>
 CVE-2013-1501 (Unspecified vulnerability in the Oracle iStore component in 
Oracle ...)
-       TODO: check
+       NOT-FOR-US: Oracle E-Business Suite
 CVE-2013-1500
        RESERVED
 CVE-2013-1499 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local 
users ...)
-       TODO: check
+       NOT-FOR-US: Solaris
 CVE-2013-1498 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11 
allows local ...)
-       TODO: check
+       NOT-FOR-US: Solaris
 CVE-2013-1497 (Unspecified vulnerability in the Oracle COREid Access component 
in ...)
-       TODO: check
+       NOT-FOR-US: Oracle Fusion
 CVE-2013-1496 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11 
allows local ...)
-       TODO: check
+       NOT-FOR-US: Solaris
 CVE-2013-1495 (asr in Oracle Auto Service Request in Oracle Support Tools 
before ...)
        NOT-FOR-US: Oracle Auto Service Request
 CVE-2013-1494 (Unspecified vulnerability in Oracle Sun Solaris 10, when 
running on ...)
-       TODO: check
+       NOT-FOR-US: Solaris
 CVE-2013-1493 (The color management (CMM) functionality in the 2D component in 
Oracle ...)
        - openjdk-6 6b27-1.12.4-1
        - openjdk-7 7u3-2.1.7-1
@@ -6114,7 +6115,7 @@
 CVE-2013-0502 (Cross-site scripting (XSS) vulnerability in IBM InfoSphere 
Information ...)
        NOT-FOR-US: IBM InfoSphere Information Server
 CVE-2013-0501 (The EdrawSoft EDOFFICE.EDOfficeCtrl.1 ActiveX control, as used 
in ...)
-       TODO: check
+       NOT-FOR-US: IBM Cognos Disclosure Management
 CVE-2013-0500
        RESERVED
 CVE-2013-0499
@@ -6534,35 +6535,35 @@
 CVE-2013-0417 (Unspecified vulnerability in the Sun Storage Common Array 
Manager ...)
        NOT-FOR-US: Sun Storage Common Array Manager
 CVE-2013-0416 (Unspecified vulnerability in the Siebel Enterprise Application 
...)
-       TODO: check
+       NOT-FOR-US: Oracle Siebel
 CVE-2013-0415 (Unspecified vulnerability in Oracle Sun Solaris 10 allows local 
users ...)
        NOT-FOR-US: Solaris
 CVE-2013-0414 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local 
users ...)
        NOT-FOR-US: Solaris
 CVE-2013-0413 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11 
allows local ...)
-       TODO: check
+       NOT-FOR-US: Solaris
 CVE-2013-0412 (Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 
11 ...)
-       TODO: check
+       NOT-FOR-US: Solaris
 CVE-2013-0411 (Unspecified vulnerability in Oracle Sun Solaris 8, 9, and 10 
allows ...)
-       TODO: check
+       NOT-FOR-US: Solaris
 CVE-2013-0410 (Unspecified vulnerability in the Agile EDM component in Oracle 
Supply ...)
-       TODO: check
+       NOT-FOR-US: Oracle Supply Chain
 CVE-2013-0409 (Unspecified vulnerability in the Java Runtime Environment (JRE) 
...)
        - openjdk-6 <not-affected> (Specific to Oracle Java, not present in 
IcedTea)
        - openjdk-7 <not-affected> (Specific to Oracle Java, not present in 
IcedTea)
        NOTE: Due to the vague disclosure policy by Oracle the exact nature is 
unknown but since no patch landed in icedtea, we consider it not-affected
 CVE-2013-0408 (Unspecified vulnerability in Oracle Sun Solaris 10 allows local 
users ...)
-       TODO: check
+       NOT-FOR-US: Solaris
 CVE-2013-0407 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11 
allows local ...)
        NOT-FOR-US: Solaris
 CVE-2013-0406 (Unspecified vulnerability in Oracle Sun Solaris 10 allows 
remote ...)
-       TODO: check
+       NOT-FOR-US: Solaris
 CVE-2013-0405 (Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 
11 ...)
-       TODO: check
+       NOT-FOR-US: Solaris
 CVE-2013-0404 (Unspecified vulnerability in Oracle Sun Solaris 10 allows local 
users ...)
-       TODO: check
+       NOT-FOR-US: Solaris
 CVE-2013-0403 (Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 
11 ...)
-       TODO: check
+       NOT-FOR-US: Solaris
 CVE-2013-0402 (Heap-based buffer overflow in Oracle Java 7 Update 17, and 
possibly ...)
        - openjdk-7 <undetermined>
        NOTE: No details currently known
@@ -8629,7 +8630,7 @@
 CVE-2012-5938 (The installation process in IBM InfoSphere Information Server 
8.1, ...)
        NOT-FOR-US: IBM InfoSphere Information Server
 CVE-2012-5937 (Unspecified vulnerability in the CLA2 server in IBM Gentran ...)
-       TODO: check
+       NOT-FOR-US: IBM Gentran Integration
 CVE-2012-5936
        RESERVED
 CVE-2011-5245 (The readFrom function in providers.jaxb.JAXBXmlTypeProvider in 
...)
@@ -10025,7 +10026,7 @@
 CVE-2012-5416 (Buffer overflow in Cisco Unified MeetingPlace Web Conferencing 
before ...)
        NOT-FOR-US: Cisco
 CVE-2012-5415 (Race condition on Cisco Adaptive Security Appliances (ASA) 
devices ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2012-5414
        RESERVED
 CVE-2012-5413
@@ -11416,7 +11417,7 @@
 CVE-2012-4830 (Unspecified vulnerability in IBM WebSphere Commerce 6.0 through 
...)
        NOT-FOR-US: WebSphere
 CVE-2012-4829 (IBM XIV Storage System Gen3 before 11.2 relies on a default 
X.509 v3 ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2012-4828
        RESERVED
 CVE-2012-4827
@@ -13131,7 +13132,7 @@
 CVE-2012-4304
        RESERVED
 CVE-2012-4303 (Unspecified vulnerability in the Oracle WebCenter Content 
component in ...)
-       TODO: check
+       NOT-FOR-US: Oracle Fusion
 CVE-2012-4302
        RESERVED
 CVE-2012-4301 (Unspecified vulnerability in the JavaFX component in Oracle 
Java SE ...)
@@ -15029,7 +15030,7 @@
 CVE-2012-3533 (The python SDK before 3.1.0.6 and CLI before 3.1.0.8 for oVirt 
3.1 ...)
        NOT-FOR-US: ovirt
 CVE-2012-3532 (Cross-site request forgery (CSRF) vulnerability in the GateIn 
Portal ...)
-       TODO: check
+       - jbossas5 <unfixed>
 CVE-2012-3531 (Cross-site scripting (XSS) vulnerability in the Install Tool in 
TYPO3 ...)
        {DSA-2537-1}
        - typo3-src 4.5.19+dfsg1-1 (bug #685011)
@@ -16346,7 +16347,7 @@
 CVE-2012-3023
        RESERVED
 CVE-2012-3022 (The SaveToFile method in a certain ActiveX control in 
TrendDisplay.dll ...)
-       TODO: check
+       NOT-FOR-US: Canary Labs TrendLink
 CVE-2012-3021 (rifsrvd.exe in the Remote Interface Service in GE Intelligent 
...)
        NOT-FOR-US: GE Intelligent Platforms Proficy Real-Time Information 
Portal
 CVE-2012-3020 (The Siemens Synco OZW Web Server devices OZW672.*, OZW772.*, 
and ...)
@@ -22448,11 +22449,11 @@
 CVE-2012-0571 (Unspecified vulnerability in the Oracle FLEXCUBE Universal 
Banking ...)
        NOT-FOR-US: Oracle Financial Services Software
 CVE-2012-0570 (Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 
11 ...)
-       TODO: check
+       NOT-FOR-US: Solaris
 CVE-2012-0569 (Unspecified vulnerability Oracle Sun Solaris 10 allows local 
users to ...)
        NOT-FOR-US: Oracle Sun Solaris
 CVE-2012-0568 (Unspecified vulnerability in Oracle Sun Solaris 8, 9, and 10 
allows ...)
-       TODO: check
+       NOT-FOR-US: Solaris
 CVE-2012-0567 (Unspecified vulnerability in the Oracle FLEXCUBE Universal 
Banking ...)
        NOT-FOR-US: Oracle Financial Services Software
 CVE-2012-0566 (Unspecified vulnerability in the Oracle Agile component in 
Oracle ...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r21980 - data/CVE

Reply via email to