Author: carnil Date: 2013-10-11 16:00:07 +0000 (Fri, 11 Oct 2013) New Revision: 23970
Modified: data/CVE/list Log: Process NFUs Modified: data/CVE/list =================================================================== --- data/CVE/list 2013-10-11 15:59:51 UTC (rev 23969) +++ data/CVE/list 2013-10-11 16:00:07 UTC (rev 23970) @@ -104,7 +104,7 @@ CVE-2013-6012 RESERVED CVE-2013-6011 (Citrix NetScaler Application Delivery Controller (ADC) 10.0 before ...) - TODO: check + NOT-FOR-US: Citrix NetScaler Application Delivery Controller CVE-2013-6010 (Cross-site scripting (XSS) vulnerability in the Comment Attachment ...) TODO: check CVE-2013-6009 (CRLF injection vulnerability in Open-Xchange AppSuite before 7.2.2, ...) @@ -192,7 +192,7 @@ CVE-2013-5968 RESERVED CVE-2013-5967 (Multiple SQL injection vulnerabilities in AlienVault Open Source ...) - TODO: check + NOT-FOR-US: AlienVault Open Source Security Information Management CVE-2013-5966 RESERVED CVE-2013-5965 (The Node View Permissions module 7.x-1.x before 7.x-1.2 for Drupal ...) @@ -1206,15 +1206,15 @@ CVE-2013-5528 RESERVED CVE-2013-5527 (The OSPF functionality in Cisco IOS and IOS XE allows remote attackers ...) - TODO: check + NOT-FOR-US: Cisco CVE-2013-5526 (Cisco 9900 fourth-generation IP phones do not properly perform SDP ...) - TODO: check + NOT-FOR-US: Cisco CVE-2013-5525 (SQL injection vulnerability in the web framework in Cisco Identity ...) - TODO: check + NOT-FOR-US: Cisco CVE-2013-5524 (Cross-site scripting (XSS) vulnerability in the troubleshooting page ...) - TODO: check + NOT-FOR-US: Cisco CVE-2013-5523 (The Sponsor Portal in Cisco Identity Services Engine (ISE) 1.2 and ...) - TODO: check + NOT-FOR-US: Cisco CVE-2013-5522 RESERVED CVE-2013-5521 @@ -1262,7 +1262,7 @@ CVE-2013-5500 (Multiple cross-site scripting (XSS) vulnerabilities in the oraadmin ...) NOT-FOR-US: Cisco MediaSense CVE-2013-5499 (The remember feature in the DHCP server in Cisco IOS allows remote ...) - TODO: check + NOT-FOR-US: Cisco CVE-2013-5498 (The PPTP-ALG component in CRS Carrier Grade Services Engine (CGSE) and ...) NOT-FOR-US: Cisco IOS XR CVE-2013-5497 (The authentication manager process in the web framework in Cisco ...) @@ -1422,7 +1422,7 @@ CVE-2013-5420 RESERVED CVE-2013-5419 (Multiple buffer overflows in (1) mkque and (2) mkquedev in ...) - TODO: check + NOT-FOR-US: IBM AIX CVE-2013-5418 RESERVED CVE-2013-5417 @@ -1606,11 +1606,11 @@ CVE-2013-5328 RESERVED CVE-2013-5327 (MDBMS.dll in Adobe RoboHelp 10 allows attackers to execute arbitrary ...) - TODO: check + NOT-FOR-US: Adobe RoboHelp CVE-2013-5326 RESERVED CVE-2013-5325 (Adobe Reader and Acrobat 11.x before 11.0.05 on Windows allow remote ...) - TODO: check + NOT-FOR-US: Adobe CVE-2013-5324 (Adobe Flash Player before 11.7.700.242 and 11.8.x before 11.8.800.168 ...) NOT-FOR-US: Adobe Flash CVE-2013-5323 (Cross-site scripting (XSS) vulnerability in the Static Info Tables ...) @@ -2091,7 +2091,7 @@ CVE-2013-5092 RESERVED CVE-2013-5091 (SQL injection vulnerability in CalendarCommon.php in vTiger CRM 5.4.0 ...) - TODO: check + NOT-FOR-US: vTiger CRM CVE-2013-5090 RESERVED CVE-2013-5089 @@ -2263,7 +2263,7 @@ CVE-2013-5009 RESERVED CVE-2013-5008 (The agent and task-agent components in Symantec Management Platform ...) - TODO: check + NOT-FOR-US: Symantec CVE-2013-5007 RESERVED CVE-2013-5006 (main_internet.php on the Western Digital My Net N600 and N750 with ...) @@ -5122,43 +5122,43 @@ CVE-2013-3898 RESERVED CVE-2013-3897 (Use-after-free vulnerability in the CDisplayPointer class in ...) - TODO: check + NOT-FOR-US: Microsoft Internet Explorer CVE-2013-3896 (Microsoft Silverlight 5 before 5.1.20913.0 does not properly validate ...) - TODO: check + NOT-FOR-US: Microsoft Silverlight CVE-2013-3895 (Microsoft SharePoint Server 2007 SP3 and 2010 SP1 and SP2 allows ...) - TODO: check + NOT-FOR-US: Microsoft SharePoint Server CVE-2013-3894 (The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows ...) - TODO: check + NOT-FOR-US: Microsoft Windows CVE-2013-3893 (Use-after-free vulnerability in the SetMouseCapture implementation in ...) NOT-FOR-US: Microsoft Internet Explorer CVE-2013-3892 (Microsoft Word 2007 SP3 and Office Compatibility Pack SP3 allow remote ...) - TODO: check + NOT-FOR-US: Microsoft Word CVE-2013-3891 (Microsoft Word 2003 SP3 allows remote attackers to execute arbitrary ...) - TODO: check + NOT-FOR-US: Microsoft Word CVE-2013-3890 (Microsoft Excel 2007 SP3, Excel Viewer, and Office Compatibility Pack ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2013-3889 (Microsoft Excel 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2013-3888 (dxgkrnl.sys in the kernel-mode drivers in Microsoft Windows Vista SP2, ...) - TODO: check + NOT-FOR-US: Microsoft Windows CVE-2013-3887 RESERVED CVE-2013-3886 (Microsoft Internet Explorer 9 and 10 allows remote attackers to ...) - TODO: check + NOT-FOR-US: Microsoft Internet Explorer CVE-2013-3885 (Microsoft Internet Explorer 10 allows remote attackers to execute ...) - TODO: check + NOT-FOR-US: Microsoft Internet Explorer CVE-2013-3884 RESERVED CVE-2013-3883 RESERVED CVE-2013-3882 (Microsoft Internet Explorer 10 allows remote attackers to execute ...) - TODO: check + NOT-FOR-US: Microsoft Internet Explorer CVE-2013-3881 (win32k.sys in the kernel-mode drivers in Microsoft Windows 7 SP1 and ...) - TODO: check + NOT-FOR-US: Microsoft Windows CVE-2013-3880 (The App Container feature in the kernel-mode drivers in Microsoft ...) - TODO: check + NOT-FOR-US: Microsoft Windows CVE-2013-3879 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers ...) - TODO: check + NOT-FOR-US: Microsoft Windows CVE-2013-3878 RESERVED CVE-2013-3877 @@ -5166,15 +5166,15 @@ CVE-2013-3876 RESERVED CVE-2013-3875 (Microsoft Internet Explorer 8 and 9 allows remote attackers to execute ...) - TODO: check + NOT-FOR-US: Microsoft Internet Explorer CVE-2013-3874 (Microsoft Internet Explorer 9 allows remote attackers to execute ...) - TODO: check + NOT-FOR-US: Microsoft Internet Explorer CVE-2013-3873 (Microsoft Internet Explorer 10 allows remote attackers to execute ...) - TODO: check + NOT-FOR-US: Microsoft Internet Explorer CVE-2013-3872 (Microsoft Internet Explorer 10 allows remote attackers to execute ...) - TODO: check + NOT-FOR-US: Microsoft Internet Explorer CVE-2013-3871 (Microsoft Internet Explorer 6 through 10 allows remote attackers to ...) - TODO: check + NOT-FOR-US: Microsoft Internet Explorer CVE-2013-3870 (Double free vulnerability in Microsoft Outlook 2007 SP3 and 2010 SP1 ...) NOT-FOR-US: Microsoft Outlook CVE-2013-3869 @@ -5194,9 +5194,9 @@ CVE-2013-3862 (Double free vulnerability in Microsoft Windows 7 and Server 2008 R2 ...) NOT-FOR-US: Microsoft CVE-2013-3861 (Microsoft .NET Framework 2.0 SP2, 3.5, 3.5 SP1, 3.5.1, 4, and 4.5 ...) - TODO: check + NOT-FOR-US: Microsoft .NET Framework CVE-2013-3860 (Microsoft .NET Framework 2.0 SP2, 3.5, 3.5 SP1, 3.5.1, 4, and 4.5 does ...) - TODO: check + NOT-FOR-US: Microsoft .NET Framework CVE-2013-3859 (Microsoft Pinyin IME 2010, when used in conjunction with Microsoft ...) NOT-FOR-US: Microsoft Pinyin IME CVE-2013-3858 (Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word ...) @@ -5599,7 +5599,7 @@ CVE-2013-3690 (Cross-site request forgery (CSRF) vulnerability in cgi-bin/users.cgi ...) NOT-FOR-US: Brickcom CVE-2013-3689 (Brickcom FB-100Ap, WCB-100Ap, MD-100Ap, WFB-100Ap, OB-100Ae, OSD-040E, ...) - TODO: check + NOT-FOR-US: Brickcom CVE-2013-3688 (The TP-Link IP Cameras TL-SC3171, TL-SC3130, TL-SC3130G, TL-SC3171G, ...) NOT-FOR-US: TP-Link CVE-2013-3687 @@ -5752,7 +5752,7 @@ CVE-2013-3628 RESERVED CVE-2013-3627 (FrameworkService.exe in McAfee Framework Service in McAfee Managed ...) - TODO: check + NOT-FOR-US: McAfee CVE-2013-3626 RESERVED CVE-2013-3625 (An unspecified DLL file in Baramundi Management Suite 7.5 through 8.9 ...) @@ -5787,7 +5787,7 @@ REJECTED NOT-FOR-US: NETELLER Direct Payment API CVE-2013-3610 (qis/QIS_finish.htm on the ASUS RT-N10E router with firmware before ...) - TODO: check + NOT-FOR-US: ASUS router CVE-2013-3609 (The web interface in the Intelligent Platform Management Interface ...) NOT-FOR-US: Intelligent Platform Management Interface CVE-2013-3608 (The web interface in the Intelligent Platform Management Interface ...) @@ -5954,13 +5954,13 @@ CVE-2013-3544 REJECTED CVE-2013-3543 (The AXIS Media Control (AMC) ActiveX control (AxisMediaControlEmb.dll) ...) - TODO: check + NOT-FOR-US: AXIS Media Control CVE-2013-3542 RESERVED CVE-2013-3541 (Directory traversal vulnerability in cgi-bin/admin/fileread in AirLive ...) - TODO: check + NOT-FOR-US: AirLive CVE-2013-3540 (Cross-site request forgery (CSRF) vulnerability in ...) - TODO: check + NOT-FOR-US: AirLive CVE-2013-3539 (Cross-site request forgery (CSRF) vulnerability in the ...) NOT-FOR-US: Sony CVE-2013-3538 (Multiple cross-site scripting (XSS) vulnerabilities in todooforum.php ...) @@ -6226,7 +6226,7 @@ CVE-2013-3410 (Cisco Intrusion Prevention System (IPS) Software on IPS NME devices ...) NOT-FOR-US: Cisco CVE-2013-3409 (The portal in Cisco Prime Central for Hosted Collaboration Solution ...) - TODO: check + NOT-FOR-US: Cisco CVE-2013-3408 (The firmware on Cisco Virtualization Experience Client 6000 devices ...) NOT-FOR-US: Cisco CVE-2013-3407 @@ -6581,7 +6581,7 @@ CVE-2013-3249 RESERVED CVE-2013-3248 (Untrusted search path vulnerability in Corel PDF Fusion 1.11 allows ...) - TODO: check + NOT-FOR-US: Corel PDF Fusion CVE-2013-3247 RESERVED CVE-2013-3246 @@ -6725,7 +6725,7 @@ CVE-2013-3201 (Microsoft Internet Explorer 9 and 10 allows remote attackers to ...) NOT-FOR-US: Microsoft Internet Explorer CVE-2013-3200 (The USB drivers in the kernel-mode drivers in Microsoft Windows XP SP2 ...) - TODO: check + NOT-FOR-US: Microsoft Windows CVE-2013-3199 (Microsoft Internet Explorer 6 through 10 allows remote attackers to ...) NOT-FOR-US: Microsoft Internet Explorer CVE-2013-3198 (The NT Virtual DOS Machine (NTVDM) subsystem in the kernel in ...) @@ -6735,7 +6735,7 @@ CVE-2013-3196 (The NT Virtual DOS Machine (NTVDM) subsystem in the kernel in ...) NOT-FOR-US: Microsoft Windows CVE-2013-3195 (The DSA_InsertItem function in Comctl32.dll in the Windows common ...) - TODO: check + NOT-FOR-US: Microsoft Windows CVE-2013-3194 (Microsoft Internet Explorer 9 allows remote attackers to execute ...) NOT-FOR-US: Microsoft Internet Explorer CVE-2013-3193 (Microsoft Internet Explorer 9 and 10 allows remote attackers to ...) @@ -6869,7 +6869,7 @@ CVE-2013-3129 (Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, and 4.5; Silverlight ...) NOT-FOR-US: Microsoft CVE-2013-3128 (The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows ...) - TODO: check + NOT-FOR-US: Microsoft Windows CVE-2013-3127 (The Microsoft WMV video codec in wmv9vcm.dll, wmvdmod.dll in Windows ...) NOT-FOR-US: Microsoft CVE-2013-3126 (Microsoft Internet Explorer 9 and 10, when script debugging is ...) @@ -7202,7 +7202,7 @@ CVE-2013-2965 RESERVED CVE-2013-2964 (Buffer overflow in dsmtca in IBM Tivoli Storage Manager (TSM) through ...) - TODO: check + NOT-FOR-US: IBM Tivoli Storage Manager CVE-2013-2963 RESERVED CVE-2013-2962 @@ -7649,7 +7649,7 @@ CVE-2013-2809 RESERVED CVE-2013-2808 (Heap-based buffer overflow in Xper in Philips Xper Information ...) - TODO: check + NOT-FOR-US: Xper CVE-2013-2807 RESERVED CVE-2013-2806 @@ -13821,7 +13821,7 @@ NOTE: http://googleonlinesecurity.blogspot.in/2013/01/enhancing-digital-certificate-security.html NOTE: https://blog.mozilla.org/security/2013/01/03/revoking-trust-in-two-turktrust-certficates/ CVE-2013-0742 (Stack-based buffer overflow in Corel PDF Fusion 1.11 allows remote ...) - TODO: check + NOT-FOR-US: Corel PDF Fusion CVE-2013-0741 RESERVED CVE-2013-0740 @@ -14297,13 +14297,13 @@ CVE-2013-0581 (Multiple cross-site scripting (XSS) vulnerabilities in IBM Business ...) NOT-FOR-US: IBM CVE-2013-0580 (Cross-site request forgery (CSRF) vulnerability in the Optim ...) - TODO: check + NOT-FOR-US: IBM CVE-2013-0579 (The Optim E-Business Console in IBM Data Growth Solution for Oracle ...) - TODO: check + NOT-FOR-US: IBM CVE-2013-0578 (The Sterling Order Management APIs in IBM Sterling Multi-Channel ...) NOT-FOR-US: IBM CVE-2013-0577 (The Optim E-Business Console in IBM Data Growth Solution for Oracle ...) - TODO: check + NOT-FOR-US: IBM CVE-2013-0576 (Cross-site scripting (XSS) vulnerability in the Tivoli Enterprise ...) NOT-FOR-US: IBM Tivoli Monitoring CVE-2013-0575 @@ -22095,7 +22095,7 @@ - munin 2.0.5-1 (bug #682869) [squeeze] - munin <no-dsa> (Minor issue) CVE-2012-4141 (Directory traversal vulnerability in the CLI parser in Cisco NX-OS ...) - TODO: check + NOT-FOR-US: Cisco CVE-2012-4140 RESERVED CVE-2012-4139 @@ -22133,7 +22133,7 @@ CVE-2012-4123 RESERVED CVE-2012-4122 (The CLI parser in Cisco NX-OS allows local users to bypass intended ...) - TODO: check + NOT-FOR-US: Cisco CVE-2012-4121 RESERVED CVE-2012-4120 @@ -22181,7 +22181,7 @@ CVE-2012-4099 RESERVED CVE-2012-4098 (The BGP implementation in Cisco NX-OS does not properly filter AS ...) - TODO: check + NOT-FOR-US: Cisco CVE-2012-4097 RESERVED CVE-2012-4096 (The local file editor in the Baseboard Management Controller (BMC) in ...) @@ -22195,9 +22195,9 @@ CVE-2012-4092 (The management interface in the Central Software component in Cisco ...) NOT-FOR-US: Cisco Unified Computing System CVE-2012-4091 (The RIP service engine in Cisco NX-OS allows remote attackers to cause ...) - TODO: check + NOT-FOR-US: Cisco CVE-2012-4090 (The management interface in Cisco NX-OS on Nexus 7000 devices allows ...) - TODO: check + NOT-FOR-US: Cisco CVE-2012-4089 (MCTOOLS in the fabric interconnect in Cisco Unified Computing System ...) NOT-FOR-US: Cisco Unified Computing System CVE-2012-4088 (The FTP server in Cisco Unified Computing System (UCS) has a hardcoded ...) @@ -22209,7 +22209,7 @@ CVE-2012-4085 (The Intelligent Platform Management Interface (IPMI) implementation in ...) NOT-FOR-US: Cisco Unified Computing System CVE-2012-4084 (Cross-site request forgery (CSRF) vulnerability in the web-management ...) - TODO: check + NOT-FOR-US: Cisco CVE-2012-4083 (Multiple buffer overflows in the administrative web interface in Cisco ...) NOT-FOR-US: Cisco Unified Computing System CVE-2012-4082 (MCTools in the Cisco Management Controller in Cisco Unified Computing ...) @@ -22227,7 +22227,7 @@ CVE-2012-4076 RESERVED CVE-2012-4075 (Cisco NX-OS allows local users to gain privileges and execute ...) - TODO: check + NOT-FOR-US: Cisco CVE-2012-4074 (The Board Management Controller (BMC) in the Serial over LAN (SoL) ...) NOT-FOR-US: Cisco Unified Computing System CVE-2012-4073 (The KVM subsystem in the client in Cisco Unified Computing System ...) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits