Author: carnil
Date: 2013-12-27 07:00:05 +0000 (Fri, 27 Dec 2013)
New Revision: 24904
Modified:
data/CVE/list
Log:
Add NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-12-27 06:31:46 UTC (rev 24903)
+++ data/CVE/list 2013-12-27 07:00:05 UTC (rev 24904)
@@ -253,15 +253,15 @@
CVE-2013-7195
RESERVED
CVE-2013-7194 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
- TODO: check
+ NOT-FOR-US: eFront
CVE-2013-7193 (Multiple SQL injection vulnerabilities in C2C Forward Auction
Creator ...)
- TODO: check
+ NOT-FOR-US: C2C Forward Auction Creator
CVE-2013-7192 (Multiple SQL injection vulnerabilities in Dynamic Biz Website
Builder ...)
- TODO: check
+ NOT-FOR-US: Dynamic Biz Website Builder
CVE-2013-7190 (Multiple directory traversal vulnerabilities in iScripts
AutoHoster, ...)
- TODO: check
+ NOT-FOR-US: iScripts AutoHoster
CVE-2013-7186 (Buffer overflow in Steinberg MyMp3PRO 5.0 (Build 5.1.0.21)
allows ...)
- TODO: check
+ NOT-FOR-US: Steinberg MyMp3PRO
CVE-2013-7185
RESERVED
CVE-2013-7184
@@ -583,7 +583,7 @@
CVE-2013-7137
RESERVED
CVE-2013-7136 (The UPC Ireland Cisco EPC 2425 router (aka Horizon Box) does
not have ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2013-7135
RESERVED
- libproc-daemon-perl 0.14-2 (low; bug #732283)
@@ -1135,11 +1135,11 @@
CVE-2013-6979
RESERVED
CVE-2013-6978 (The disaster recovery system (DRS) component in Cisco Unified
...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2013-6977
RESERVED
CVE-2013-6976 (Cross-site request forgery (CSRF) vulnerability in
goform/Quick_setup ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2013-6975
RESERVED
CVE-2013-6974
@@ -2298,7 +2298,7 @@
CVE-2013-6746
RESERVED
CVE-2013-6745 (Cross-site scripting (XSS) vulnerability in the IMS server
before Ifix ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2013-6744
RESERVED
CVE-2013-6743
@@ -2318,7 +2318,7 @@
CVE-2013-6736
RESERVED
CVE-2013-6735 (IBM WebSphere Portal 6.0.0.x through 6.0.0.1, 6.0.1.x through
6.0.1.7, ...)
- TODO: check
+ NOT-FOR-US: IBM WebSphere Portal
CVE-2013-6734
RESERVED
CVE-2013-6733 (Cross-site scripting (XSS) vulnerability in the Web Application
in the ...)
@@ -2342,7 +2342,7 @@
CVE-2013-6724
RESERVED
CVE-2013-6723 (IBM WebSphere Portal 8.0.0.1 before CF09 does not properly
handle ...)
- TODO: check
+ NOT-FOR-US: IBM WebSphere Portal
CVE-2013-6722
RESERVED
CVE-2013-6721 (Cross-site scripting (XSS) vulnerability in IBM WebSphere
Service ...)
@@ -3403,7 +3403,7 @@
CVE-2013-6329 (IBM Global Security Kit (aka GSKit), as used in Content Manager
...)
NOT-FOR-US: IBM Global Security Kit
CVE-2013-6328 (Cross-site scripting (XSS) vulnerability in the Web Content
Manager ...)
- TODO: check
+ NOT-FOR-US: IBM WebSphere Portal
CVE-2013-6327 (Cross-site scripting (XSS) vulnerability in the HTTP Option in
IBM ...)
NOT-FOR-US: IBM
CVE-2013-6326
@@ -3427,7 +3427,7 @@
CVE-2013-6317
RESERVED
CVE-2013-6316 (IBM WebSphere Portal 7.0.0.x before 7.0.0.2 CF26 and 8.0.0.x
before ...)
- TODO: check
+ NOT-FOR-US: IBM WebSphere Portal
CVE-2013-6315
RESERVED
CVE-2013-6314
@@ -4030,7 +4030,7 @@
CVE-2013-6039 (Multiple cross-site scripting (XSS) vulnerabilities in NagiosQL
3.2 ...)
NOT-FOR-US: NagiosQL
CVE-2013-6038 (Stack-based buffer overflow in Trimble SketchUp Viewer
13.0.4124 ...)
- TODO: check
+ NOT-FOR-US: Trimble SketchUp Viewer
CVE-2013-6037
RESERVED
CVE-2013-6036
@@ -4096,7 +4096,7 @@
CVE-2013-6006
RESERVED
CVE-2013-6005 (Cross-site scripting (XSS) vulnerability in Cybozu Dezie before
8.1.0 ...)
- TODO: check
+ NOT-FOR-US: Cybozu Dezie
CVE-2013-6004 (Session fixation vulnerability in Cybozu Garoon before 3.7.2
allows ...)
NOT-FOR-US: Cybozu Garoon
CVE-2013-6003 (CRLF injection vulnerability in Cybozu Garoon 3.1 through 3.5
SP5, ...)
@@ -5507,7 +5507,7 @@
CVE-2013-5463 (The WinCollect agent in IBM Security QRadar SIEM before
7.1.1.569824 ...)
NOT-FOR-US: IBM Security QRadar SIEM
CVE-2013-5462 (IBM/ECMClient/configure/explodedformat/navigator/header.jsp in
IBM ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2013-5461
RESERVED
CVE-2013-5460
@@ -5579,7 +5579,7 @@
CVE-2013-5427
RESERVED
CVE-2013-5426 (Session fixation vulnerability in IBM InfoSphere Master Data
...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2013-5425 (Cross-site scripting (XSS) vulnerability in the Administration
Console ...)
NOT-FOR-US: IBM WebSphere
CVE-2013-5424 (IBM Flex System Manager (FSM) 1.3.0 allows remote attackers to
bypass ...)
@@ -5589,7 +5589,7 @@
CVE-2013-5422 (The Web Client in IBM Rational ClearQuest 7.1 through 7.1.2.12,
...)
NOT-FOR-US: IBM Rational ClearQuest
CVE-2013-5421 (Cross-site scripting (XSS) vulnerability in the IMS server
before Ifix ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2013-5420
RESERVED
CVE-2013-5419 (Multiple buffer overflows in (1) mkque and (2) mkquedev in ...)
@@ -5605,23 +5605,23 @@
CVE-2013-5414 (The migration functionality in IBM WebSphere Application Server
(WAS) ...)
NOT-FOR-US: IBM WebSphere Application Server
CVE-2013-5413 (IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2
do not ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2013-5412
RESERVED
CVE-2013-5411 (IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2
allow ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2013-5410
RESERVED
CVE-2013-5409 (Multiple SQL injection vulnerabilities in IBM Sterling B2B
Integrator ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2013-5408
RESERVED
CVE-2013-5407 (IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2
do not ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2013-5406 (Multiple cross-site scripting (XSS) vulnerabilities in IBM
Sterling ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2013-5405 (Multiple cross-site scripting (XSS) vulnerabilities in IBM
Sterling ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2013-5404 (Cross-site scripting (XSS) vulnerability in the search
implementation ...)
NOT-FOR-US: IBM Rational Quality Manager
CVE-2013-5403 (Unspecified vulnerability on the IBM WebSphere DataPower XC10
...)
@@ -5721,9 +5721,9 @@
CVE-2013-5356
RESERVED
CVE-2013-5355 (Multiple cross-site request forgery (CSRF) vulnerabilities in
...)
- TODO: check
+ NOT-FOR-US: Sharetronix
CVE-2013-5354 (Multiple SQL injection vulnerabilities in Sharetronix 3.1.1
allow ...)
- TODO: check
+ NOT-FOR-US: Sharetronix
CVE-2013-5353
RESERVED
CVE-2013-5352
@@ -9184,9 +9184,9 @@
CVE-2013-4071
RESERVED
CVE-2013-4070 (The Portal application in IBM SPSS Collaboration and Deployment
...)
- TODO: check
+ NOT-FOR-US: IBM SPSS Collaboration and Deployment Services
CVE-2013-4069 (The Portal application in IBM SPSS Collaboration and Deployment
...)
- TODO: check
+ NOT-FOR-US: IBM SPSS Collaboration and Deployment Services
CVE-2013-4068 (Buffer overflow in iNotes in IBM Domino 8.5.3 before FP5 IF1
and 9.0 ...)
NOT-FOR-US: IBM
CVE-2013-4067 (IBM InfoSphere Information Server 8.0, 8.1, 8.5 through FP3,
8.7, and ...)
@@ -9194,11 +9194,11 @@
CVE-2013-4066 (IBM InfoSphere Information Server 8.0, 8.1, 8.5 through FP3,
8.7, and ...)
NOT-FOR-US: IBM InfoSphere Information Server
CVE-2013-4065 (Cross-site scripting (XSS) vulnerability in iNotes in IBM
Domino 8.5.x ...)
- TODO: check
+ NOT-FOR-US: iNotes in IBM Domino
CVE-2013-4064 (Cross-site scripting (XSS) vulnerability in iNotes in IBM
Domino 8.5.x ...)
- TODO: check
+ NOT-FOR-US: iNotes in IBM Domino
CVE-2013-4063 (Cross-site scripting (XSS) vulnerability in iNotes in IBM
Domino 8.5.x ...)
- TODO: check
+ NOT-FOR-US: iNotes in IBM Domino
CVE-2013-4062 (IBM Rational Policy Tester 8.5 before 8.5.0.5 does not verify
X.509 ...)
NOT-FOR-US: IBM
CVE-2013-4061 (IBM Rational Policy Tester 8.5 before 8.5.0.5 does not properly
check ...)
@@ -9232,11 +9232,11 @@
CVE-2013-4047 (Cross-site scripting (XSS) vulnerability in IBM SPSS Analytical
...)
NOT-FOR-US: IBM SPSS
CVE-2013-4046 (Open redirect vulnerability in IBM SPSS Collaboration and
Deployment ...)
- TODO: check
+ NOT-FOR-US: IBM SPSS Collaboration and Deployment Services
CVE-2013-4045 (Cross-site scripting (XSS) vulnerability in the Portal
application in ...)
- TODO: check
+ NOT-FOR-US: IBM SPSS Collaboration and Deployment Services
CVE-2013-4044 (IBM SPSS Collaboration and Deployment Services 4.2.1 before
4.2.1.3 ...)
- TODO: check
+ NOT-FOR-US: IBM SPSS Collaboration and Deployment Services
CVE-2013-4043
RESERVED
CVE-2013-4042 (Unspecified vulnerability in IBM SPSS Collaboration and
Deployment ...)
@@ -9300,7 +9300,7 @@
CVE-2013-4013 (IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 through
7.1.1.12, ...)
NOT-FOR-US: IBM Maximo Asset Management
CVE-2013-4012 (IBM WebSphere Portal 8.0.0.x before 8.0.0.1 CF09, when Content
...)
- TODO: check
+ NOT-FOR-US: IBM WebSphere Portal
CVE-2013-4011 (Multiple unspecified vulnerabilities in the InfiniBand
subsystem in ...)
NOT-FOR-US: IBM AIX
CVE-2013-4010
@@ -9986,7 +9986,7 @@
CVE-2013-3706
RESERVED
CVE-2013-3705 (The VBA32 AntiRootKit component for Novell Client 2 SP3 before
IR5 on ...)
- TODO: check
+ NOT-FOR-US: Novell Client
CVE-2013-3704 (The RPM GPG key import and handling feature in libzypp 12.15.0
and ...)
NOT-FOR-US: libzypp
CVE-2013-3703
@@ -12099,9 +12099,9 @@
CVE-2013-2823 (The (1) Catapult DNP3 I/O driver before 7.2.0.60 and the (2) GE
...)
NOT-FOR-US: Catapult DNP3 I/O driver
CVE-2013-2822 (NovaTech Orion Substation Automation Platform OrionLX DNP
Master ...)
- TODO: check
+ NOT-FOR-US: NovaTech
CVE-2013-2821 (NovaTech Orion Substation Automation Platform OrionLX DNP
Master ...)
- TODO: check
+ NOT-FOR-US: NovaTech
CVE-2013-2820
RESERVED
CVE-2013-2819
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
