Author: federico-guest
Date: 2013-03-23 20:49:04 +0000 (Sat, 23 Mar 2013)
New Revision: 21724
Modified:
data/CVE/list
Log:
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-03-23 15:57:37 UTC (rev 21723)
+++ data/CVE/list 2013-03-23 20:49:04 UTC (rev 21724)
@@ -847,7 +847,7 @@
CVE-2013-2280
RESERVED
CVE-2013-2279 (CA SiteMinder Federation (FSS) 12.5, 12.0, and r6; Federation
...)
- TODO: check
+ NOT-FOR-US: CA SiteMinder
CVE-2013-2278
RESERVED
CVE-2013-2277 (The ff_h264_decode_seq_parameter_set function in h264_ps.c in
...)
@@ -4535,19 +4535,19 @@
CVE-2013-0718
RESERVED
CVE-2013-0717 (Multiple cross-site request forgery (CSRF) vulnerabilities in
the ...)
- TODO: check
+ NOT-FOR-US: NEC Aterm routers
CVE-2013-0716 (The web server in Wind River VxWorks 5.5 through 6.9 allows
remote ...)
- TODO: check
+ NOT-FOR-US: Wind River VxWorks
CVE-2013-0715 (The WebCLI component in Wind River VxWorks 5.5 through 6.9
allows ...)
- TODO: check
+ NOT-FOR-US: Wind River VxWorks
CVE-2013-0714 (IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through
6.9 ...)
- TODO: check
+ NOT-FOR-US: Wind River VxWorks
CVE-2013-0713 (IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through
6.9 ...)
- TODO: check
+ NOT-FOR-US: Wind River VxWorks
CVE-2013-0712 (IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through
6.9 ...)
- TODO: check
+ NOT-FOR-US: Wind River VxWorks
CVE-2013-0711 (IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through
6.9 ...)
- TODO: check
+ NOT-FOR-US: Wind River VxWorks
CVE-2013-0710 (Buffer overflow in Kingsoft Writer 2007 and 2010 before 2724
allows ...)
NOT-FOR-US: Kingsoft Writer
CVE-2013-0709 (Cross-site scripting (XSS) vulnerability in dopvSTAR* 0091
allows ...)
@@ -4694,35 +4694,35 @@
CVE-2013-0680
RESERVED
CVE-2013-0679 (Directory traversal vulnerability in the web server in Siemens
WinCC ...)
- TODO: check
+ NOT-FOR-US: Siemens WinCC
CVE-2013-0678 (Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0
SP1 and ...)
- TODO: check
+ NOT-FOR-US: Siemens WinCC
CVE-2013-0677 (The web server in Siemens WinCC before 7.2, as used in SIMATIC
PCS7 ...)
- TODO: check
+ NOT-FOR-US: Siemens WinCC
CVE-2013-0676 (Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0
SP1 and ...)
- TODO: check
+ NOT-FOR-US: Siemens WinCC
CVE-2013-0675 (Buffer overflow in CCEServer (aka the central communications
...)
- TODO: check
+ NOT-FOR-US: Siemens WinCC
CVE-2013-0674 (Buffer overflow in the RegReader ActiveX control in Siemens
WinCC ...)
- TODO: check
+ NOT-FOR-US: Siemens WinCC
CVE-2013-0673
RESERVED
CVE-2013-0672 (Cross-site scripting (XSS) vulnerability in the HMI web
application in ...)
- TODO: check
+ NOT-FOR-US: Siemens WinCC
CVE-2013-0671 (Directory traversal vulnerability in Siemens WinCC (TIA Portal)
11 ...)
- TODO: check
+ NOT-FOR-US: Siemens WinCC
CVE-2013-0670 (CRLF injection vulnerability in the HMI web application in
Siemens ...)
- TODO: check
+ NOT-FOR-US: Siemens WinCC
CVE-2013-0669 (The HMI web application in Siemens WinCC (TIA Portal) 11 allows
remote ...)
- TODO: check
+ NOT-FOR-US: Siemens WinCC
CVE-2013-0668 (Multiple cross-site scripting (XSS) vulnerabilities in the HMI
web ...)
- TODO: check
+ NOT-FOR-US: Siemens WinCC
CVE-2013-0667 (Cross-site scripting (XSS) vulnerability in the HMI web
application in ...)
- TODO: check
+ NOT-FOR-US: Siemens WinCC
CVE-2013-0666
RESERVED
CVE-2013-0665 (Schweitzer Engineering Laboratories (SEL) AcSELerator QuickSet
before ...)
- TODO: check
+ NOT-FOR-US: Schweitzer Engineering Laboratories AcSELerator QuickSet
CVE-2013-0664
RESERVED
CVE-2013-0663
@@ -5056,9 +5056,9 @@
CVE-2013-0507
RESERVED
CVE-2013-0506 (Cross-site scripting (XSS) vulnerability in IBM Sterling Order
...)
- TODO: check
+ NOT-FOR-US: IBM Sterling Order Management
CVE-2013-0505 (IBM Sterling Order Management 8.0 before HF127, 8.5 before
HF89, 9.0 ...)
- TODO: check
+ NOT-FOR-US: IBM Sterling Order Management
CVE-2013-0504 (Buffer overflow in the broker service in Adobe Flash Player
before ...)
NOT-FOR-US: Adobe Flash Plugin
CVE-2013-0503
@@ -5162,7 +5162,7 @@
CVE-2013-0454
RESERVED
CVE-2013-0453 (Cross-site scripting (XSS) vulnerability in Web Reports in IBM
Tivoli ...)
- TODO: check
+ NOT-FOR-US: IBM Tivoli Endpoint Manager
CVE-2013-0452
RESERVED
CVE-2013-0451
@@ -7595,7 +7595,7 @@
CVE-2012-5939 (Cross-site scripting (XSS) vulnerability in Welcome.do in the
Data ...)
NOT-FOR-US: IBM Tivoli TADDM
CVE-2012-5938 (The installation process in IBM InfoSphere Information Server
8.1, ...)
- TODO: check
+ NOT-FOR-US: IBM InfoSphere Information Server
CVE-2012-5937
RESERVED
CVE-2012-5936
@@ -8047,7 +8047,7 @@
CVE-2012-5758 (The IBM WebSphere DataPower XC10 Appliance 2.0.0.0 through
2.0.0.3 and ...)
NOT-FOR-US: Websphere
CVE-2012-5757 (Cross-site scripting (XSS) vulnerability in the Web Client in
IBM ...)
- TODO: check
+ NOT-FOR-US: IBM Rational ClearQuest
CVE-2012-5756 (The IBM WebSphere DataPower XC10 Appliance 2.0.0.0 through
2.0.0.3 and ...)
NOT-FOR-US: Websphere
CVE-2012-5755
@@ -24377,7 +24377,7 @@
- ghostscript 8.64~dfsg-2
NOTE: ghostscript using system jasper since this version
CVE-2011-4515 (Siemens WinCC (TIA Portal) 11 uses a reversible algorithm for
storing ...)
- TODO: check
+ NOT-FOR-US: Siemens WinCC
CVE-2011-4514 (The TELNET daemon in Siemens WinCC flexible 2004, 2005, 2007,
and ...)
NOT-FOR-US: Siemens WinCC
CVE-2011-4513 (Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11
(aka TIA ...)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
