Author: pabs
Date: 2014-10-22 08:32:03 +0000 (Wed, 22 Oct 2014)
New Revision: 29565

Modified:
   data/CVE/list
Log:
CVE-2014-4860 and CVE-2014-4859 are issues in the reference UEFI firmware, 
which is in Debian

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2014-10-22 08:22:57 UTC (rev 29564)
+++ data/CVE/list       2014-10-22 08:32:03 UTC (rev 29565)
@@ -7831,12 +7831,16 @@
        NOT-FOR-US: Netmaster CBW700N cable modem
 CVE-2014-4861
        RESERVED
-CVE-2014-4860
+CVE-2014-4860 (integer overflows leading to code execution)
        RESERVED
-       NOT-FOR-US: HP PCs with UEFI Firmware
-CVE-2014-4859
+       - edk2 <unfixed>
+       NOTE: check
+       NOTE: 
https://www.mitre.org/sites/default/files/publications/14-2221-extreme-escalation-presentation.pdf
+CVE-2014-4859 (integer overflows leading to code execution)
        RESERVED
-       NOT-FOR-US: HP PCs with UEFI Firmware
+       - edk2 <unfixed>
+       NOTE: check
+       NOTE: 
https://www.mitre.org/sites/default/files/publications/14-2221-extreme-escalation-presentation.pdf
 CVE-2014-4858 (Multiple SQL injection vulnerabilities in CWPLogin.aspx in 
Sabre ...)
        NOT-FOR-US: Sabre AirCenter Crew
 CVE-2014-4857 (Cross-site scripting (XSS) vulnerability in Gurock TestRail 
before ...)


_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to