Author: carnil
Date: 2013-11-07 15:14:38 +0000 (Thu, 07 Nov 2013)
New Revision: 24321
Modified:
data/CVE/list
Log:
Add NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-11-07 11:02:39 UTC (rev 24320)
+++ data/CVE/list 2013-11-07 15:14:38 UTC (rev 24321)
@@ -527,18 +527,18 @@
CVE-2013-6350
RESERVED
CVE-2013-6349 (McAfee Email Gateway (MEG) 7.0 before 7.0.4 and 7.5 before
7.5.1 ...)
- TODO: check
+ NOT-FOR-US: McAfee Email Gateway
CVE-2013-6348 (Multiple cross-site scripting (XSS) vulnerabilities in Apache
Struts ...)
- libstruts1.2-java <not-affected> (Affects Struts 2.0.0 - Struts
2.3.15.3)
NOTE: https://issues.apache.org/jira/browse/WW-4213
CVE-2013-6347 (Session fixation vulnerability in Novell ZENworks Configuration
...)
- TODO: check
+ NOT-FOR-US: Novell ZENworks Configuration Management
CVE-2013-6346 (Cross-site request forgery (CSRF) vulnerability in the ZCC page
in ...)
- TODO: check
+ NOT-FOR-US: Novell ZENworks Configuration Management
CVE-2013-6345 (Unspecified vulnerability in the ZCC page in Novell ZENworks
...)
- TODO: check
+ NOT-FOR-US: Novell ZENworks Configuration Management
CVE-2013-6344 (The ZCC page in Novell ZENworks Configuration Management (ZCM)
before ...)
- TODO: check
+ NOT-FOR-US: Novell ZENworks Configuration Management
CVE-2013-6343
RESERVED
CVE-2013-6342
@@ -754,7 +754,7 @@
CVE-2013-6247
RESERVED
CVE-2013-6246 (The Dell Quest One Password Manager, possibly 5.0, allows
remote ...)
- TODO: check
+ NOT-FOR-US: Dell Quest One Password Manager
CVE-2013-6245 (Unspecified vulnerability in SAP Sybase Adaptive Server
Enterprise ...)
NOT-FOR-US: SAP Sybase Adaptive Server Enterprise
CVE-2013-6244 (The Live Update webdynpro application ...)
@@ -1034,7 +1034,7 @@
CVE-2013-6115
RESERVED
CVE-2013-6114 (Integer overflow in the OZDocument::parseElement function in
Apple ...)
- TODO: check
+ NOT-FOR-US: Apple Motion
CVE-2013-6113
RESERVED
CVE-2013-6112
@@ -1241,7 +1241,7 @@
CVE-2013-6024
RESERVED
CVE-2013-6023 (Directory traversal vulnerability in the TVT TD-2308SS-B DVR
with ...)
- TODO: check
+ NOT-FOR-US: TVT TD-2308SS-B DVR
CVE-2013-6022
RESERVED
CVE-2013-6021 (Buffer overflow in WGagent in WatchGuard WSM and Fireware
before 11.8 ...)
@@ -1335,7 +1335,7 @@
CVE-2013-5978
RESERVED
CVE-2013-5977 (Cross-site request forgery (CSRF) vulnerability in
Cart66Product.php ...)
- TODO: check
+ NOT-FOR-US: Cart66 Lite plugin for WordPress
CVE-2013-5976 (Cross-site scripting (XSS) vulnerability in the access policy
logout ...)
NOT-FOR-US: F5 BIG-IP APM
CVE-2013-5975 (The access policy logon page (logon.inc) in F5 BIG-IP APM
11.1.0 ...)
@@ -2443,7 +2443,7 @@
CVE-2013-5562
RESERVED
CVE-2013-5561 (The Safe Search enforcement feature in Cisco Adaptive Security
...)
- TODO: check
+ NOT-FOR-US: Cisco Adaptive Security Appliance
CVE-2013-5560
RESERVED
CVE-2013-5559 (Buffer overflow in the Active Template Library (ATL) framework
in the ...)
@@ -3969,15 +3969,15 @@
CVE-2013-4840
RESERVED
CVE-2013-4839 (Unspecified vulnerability in Virtual User Generator in HP
LoadRunner ...)
- TODO: check
+ NOT-FOR-US: HP LoadRunner
CVE-2013-4838 (Unspecified vulnerability in Virtual User Generator in HP
LoadRunner ...)
NOT-FOR-US: HP LoadRunner
CVE-2013-4837 (Unspecified vulnerability in Virtual User Generator in HP
LoadRunner ...)
- TODO: check
+ NOT-FOR-US: HP LoadRunner
CVE-2013-4836 (Unspecified vulnerability in the GossipService SOAP Request ...)
NOT-FOR-US: HP Application LifeCycle Management
CVE-2013-4835 (Unspecified vulnerability in the issueSiebelCmd SOAP
implementation in ...)
- TODO: check
+ NOT-FOR-US: HP SiteScope
CVE-2013-4834 (Unspecified vulnerability in the client component in HP
Application ...)
NOT-FOR-US: HP Application LifeCycle Management
CVE-2013-4833 (Cross-site scripting (XSS) vulnerability in HP Service Manager
9.30 ...)
@@ -4274,7 +4274,7 @@
CVE-2013-4714
RESERVED
CVE-2013-4713 (Cross-site scripting (XSS) vulnerability in I-O DATA DEVICE
RockDisk ...)
- TODO: check
+ NOT-FOR-US: I-O DATA DEVICE RockDisk
CVE-2013-4712 (I-O DATA DEVICE HDL-A and HDL2-A devices with firmware 1.07 and
...)
NOT-FOR-US: I-O DATA DEVICE HDL-A and HDL2-A devices
CVE-2013-4711 (Cross-site scripting (XSS) vulnerability in Accela BizSearch
3.2 on ...)
@@ -7203,7 +7203,7 @@
CVE-2013-3632
RESERVED
CVE-2013-3631 (NAS4Free 9.1.0.1.804 and earlier allows remote authenticated
users to ...)
- TODO: check
+ NOT-FOR-US: NAS4Free
CVE-2013-3630 (Moodle through 2.5.2 allows remote authenticated administrators
to ...)
- moodle <unfixed>
NOTE: https://tracker.moodle.org/browse/MDL-41449
@@ -7234,7 +7234,7 @@
CVE-2013-3618
RESERVED
CVE-2013-3617 (The XML API in Openbravo ERP 2.5, 3.0, and earlier allows
remote ...)
- TODO: check
+ NOT-FOR-US: Openbravo ERP
CVE-2013-3616 (Cross-site scripting (XSS) vulnerability in the KnowledgeView
...)
NOT-FOR-US: KnowledgeView Editorial and Management application
CVE-2013-3615 (Dahua DVR appliances use a password-hash algorithm with a short
hash ...)
@@ -14249,7 +14249,7 @@
CVE-2013-1085 (Stack-based buffer overflow in the nim: protocol handler in
Novell ...)
NOT-FOR-US: Novell Messenger
CVE-2013-1084 (Directory traversal vulnerability in the GetFle method in the
umaninv ...)
- TODO: check
+ NOT-FOR-US: Novell ZENworks Configuration Management
CVE-2013-1083 (Unspecified vulnerability in the login functionality in the
Reporting ...)
NOT-FOR-US: Novell Identity Manager
CVE-2013-1082 (Directory traversal vulnerability in DUSAP.php in Novell
ZENworks ...)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
