Author: helmutg
Date: 2015-03-05 07:43:33 +0000 (Thu, 05 Mar 2015)
New Revision: 32646
Modified:
data/CVE/list
Log:
misc NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-03-05 07:05:08 UTC (rev 32645)
+++ data/CVE/list 2015-03-05 07:43:33 UTC (rev 32646)
@@ -1425,13 +1425,13 @@
CVE-2015-1579 (Directory traversal vulnerability in the Elegant Themes Divi
theme for ...)
NOT-FOR-US: Elegant Themes Divi theme for WordPress
CVE-2015-1578 (Multiple open redirect vulnerabilities in u5CMS before 3.9.4
allow ...)
- TODO: check
+ NOT-FOR-US: u5CMS
CVE-2015-1577 (Directory traversal vulnerability in u5admin/deletefile.php in
u5CMS ...)
- TODO: check
+ NOT-FOR-US: u5CMS
CVE-2015-1576 (Multiple SQL injection vulnerabilities in u5CMS before 3.9.4
allow ...)
- TODO: check
+ NOT-FOR-US: u5CMS
CVE-2015-1575 (Multiple cross-site scripting (XSS) vulnerabilities in u5CMS
before ...)
- TODO: check
+ NOT-FOR-US: u5CMS
CVE-2015-1574 (The Google Email application 4.2.2.0200 for Android allows
remote ...)
NOT-FOR-US: Google Email application for Android
CVE-2013-7425
@@ -1518,15 +1518,15 @@
{DSA-3165-1}
- xdg-utils 1.1.0~rc1+git20111210-7.4 (bug #777722)
CVE-2015-1568 (Cross-site request forgery (CSRF) vulnerability in the GD
Infinite ...)
- TODO: check
+ NOT-FOR-US: Drupal module GD Infinite Scroll
CVE-2015-1567 (Cross-site scripting (XSS) vulnerability in the admin page in
the GD ...)
- TODO: check
+ NOT-FOR-US: Drupal module GD Infinite Scroll
CVE-2015-1566 (Cross-site scripting (XSS) vulnerability in DotNetNuke (DNN)
before ...)
- TODO: check
+ NOT-FOR-US: DotNetNuke
CVE-2015-1565 (Cross-site scripting (XSS) vulnerability in the online help in
Hitachi ...)
NOT-FOR-US: Hitachi
CVE-2015-1564 (Cross-site scripting (XSS) vulnerability in
style-underground/search ...)
- TODO: check
+ NOT-FOR-US: Plain Black WebGUI
CVE-2015-1562 (Multiple cross-site scripting (XSS) vulnerabilities in Saurus
CMS ...)
NOT-FOR-US: Saurus CMS
CVE-2015-1561
@@ -1933,7 +1933,7 @@
CVE-2015-1474 (Multiple integer overflows in the GraphicBuffer::unflatten
function in ...)
TODO: check
CVE-2015-1471 (SQL injection vulnerability in userprofile.lib.php in Pragyan
CMS 3.0 ...)
- TODO: check
+ NOT-FOR-US: Pragyan CMS
CVE-2015-1470
RESERVED
CVE-2015-1469 (time.htm in the web interface on SerVision HVG Video Gateway
devices ...)
@@ -2822,7 +2822,7 @@
CVE-2015-1170
RESERVED
CVE-2015-1169 (Apereo Central Authentication Service (CAS) Server before 3.5.3
allows ...)
- TODO: check
+ NOT-FOR-US: Apereo Central Authentication Service
CVE-2015-1168
RESERVED
CVE-2015-1167
@@ -3993,7 +3993,7 @@
CVE-2015-0872
RESERVED
CVE-2015-0871 (Cross-site scripting (XSS) vulnerability in Mrs. Shiromuku Perl
CGI ...)
- TODO: check
+ NOT-FOR-US: Mrs. Shiromuku Perl CGI shiromuku(u1)GUESTBOOK
CVE-2015-0870 (Cross-site scripting (XSS) vulnerability in hb.cgi in Nishishi
Factory ...)
NOT-FOR-US: Nishishi Factory
CVE-2015-0869 (I-O DATA DEVICE NP-BBRM routers allow remote attackers to cause
a ...)
@@ -4538,7 +4538,7 @@
CVE-2015-0620 (The XML parser in Cisco TelePresence Management Suite (TMS)
14.3(.2) ...)
TODO: check
CVE-2015-0619 (Memory leak in the embedded web server in the WebVPN subsystem
in ...)
- TODO: check
+ NOT-FOR-US: Cisco Adaptive Security Appliance
CVE-2015-0618 (Cisco IOS XR 5.0.1 and 5.2.1 on Network Convergence System
(NCS) 6000 ...)
TODO: check
CVE-2015-0617 (Cisco ASR 5500 System Architecture Evolution (SAE) Gateway
devices ...)
@@ -4554,7 +4554,7 @@
CVE-2015-0612
RESERVED
CVE-2015-0611 (The administrative web-management portal in Cisco IX 8 (.0.1)
and ...)
- TODO: check
+ NOT-FOR-US: Cisco TelePresence
CVE-2015-0610 (Race condition in the object-group ACL feature in Cisco IOS
15.5(2)T ...)
NOT-FOR-US: Cisco
CVE-2015-0609 (Race condition in the Common Classification Engine (CCE) in the
...)
@@ -6344,7 +6344,7 @@
CVE-2014-9204
RESERVED
CVE-2014-9203 (Buffer overflow in the Field Device Tool (FDT) Frame
application in ...)
- TODO: check
+ NOT-FOR-US: HART Device Type Manager (DTM) library
CVE-2014-9202
RESERVED
CVE-2014-9201
@@ -14487,7 +14487,7 @@
CVE-2014-6363 (vbscript.dll in Microsoft VBScript 5.6 through 5.8, as used
with ...)
NOT-FOR-US: Microsoft Internet Explorer
CVE-2014-6362 (Use-after-free vulnerability in Microsoft Office 2007 SP3, 2010
SP2, ...)
- TODO: check
+ NOT-FOR-US: Microsoft Office
CVE-2014-6361 (Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 Gold and
SP1, ...)
NOT-FOR-US: Microsoft Excel
CVE-2014-6360 (Microsoft Excel 2007 SP3, Excel 2010 SP2, and Office
Compatibility ...)
@@ -35702,7 +35702,7 @@
CVE-2013-5558 (The WIL-A module in Cisco TelePresence VX Clinical Assistant
1.2 ...)
NOT-FOR-US: Cisco
CVE-2013-5557 (The Proxy Bypass Content Rewriter feature in the WebVPN
subsystem in ...)
- TODO: check
+ NOT-FOR-US: Cisco Adaptive Security Appliance
CVE-2013-5556 (The license-installation module on the Cisco Nexus 1000V switch
...)
NOT-FOR-US: Cisco
CVE-2013-5555 (Cisco Unified Communications Manager (aka CUCM or Unified CM)
allows ...)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
