Author: pabs
Date: 2014-10-22 08:32:03 +0000 (Wed, 22 Oct 2014)
New Revision: 29565
Modified:
data/CVE/list
Log:
CVE-2014-4860 and CVE-2014-4859 are issues in the reference UEFI firmware,
which is in Debian
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-10-22 08:22:57 UTC (rev 29564)
+++ data/CVE/list 2014-10-22 08:32:03 UTC (rev 29565)
@@ -7831,12 +7831,16 @@
NOT-FOR-US: Netmaster CBW700N cable modem
CVE-2014-4861
RESERVED
-CVE-2014-4860
+CVE-2014-4860 (integer overflows leading to code execution)
RESERVED
- NOT-FOR-US: HP PCs with UEFI Firmware
-CVE-2014-4859
+ - edk2 <unfixed>
+ NOTE: check
+ NOTE:
https://www.mitre.org/sites/default/files/publications/14-2221-extreme-escalation-presentation.pdf
+CVE-2014-4859 (integer overflows leading to code execution)
RESERVED
- NOT-FOR-US: HP PCs with UEFI Firmware
+ - edk2 <unfixed>
+ NOTE: check
+ NOTE:
https://www.mitre.org/sites/default/files/publications/14-2221-extreme-escalation-presentation.pdf
CVE-2014-4858 (Multiple SQL injection vulnerabilities in CWPLogin.aspx in
Sabre ...)
NOT-FOR-US: Sabre AirCenter Crew
CVE-2014-4857 (Cross-site scripting (XSS) vulnerability in Gurock TestRail
before ...)
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits