[Secure-testing-commits] r23200 - data/CVE

Mon Aug 5 21:14:36 UTC 2013

Author: joeyh
Date: 2013-08-05 21:14:36 +0000 (Mon, 05 Aug 2013)
New Revision: 23200

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2013-08-05 20:52:38 UTC (rev 23199)
+++ data/CVE/list	2013-08-05 21:14:36 UTC (rev 23200)
@@ -1,3 +1,5 @@
+CVE-2013-5035
+	RESERVED
 CVE-2013-XXXX [liblcms1 buffer overflows]
 	- lcms <unfixed> (bug #718682)
 	- lcms2 <not-affected> (Vulnerable code not present)
@@ -219,17 +221,22 @@
 	[wheezy] - wireshark <not-affected> (Only affects 1.10.x)
 	[squeeze] - wireshark <not-affected> (Only affects 1.10.x)
 CVE-2013-4935 (The dissect_per_length_determinant function in ...)
+	{DSA-2734-1}
 	- wireshark 1.10.1-1
 CVE-2013-4934 (The netmon_open function in wiretap/netmon.c in the Netmon file parser ...)
+	{DSA-2734-1}
 	- wireshark 1.10.1-1
 CVE-2013-4933 (The netmon_open function in wiretap/netmon.c in the Netmon file parser ...)
+	{DSA-2734-1}
 	- wireshark 1.10.1-1
 CVE-2013-4932 (Multiple array index errors in epan/dissectors/packet-gsm_a_common.c ...)
+	{DSA-2734-1}
 	- wireshark 1.10.1-1
 CVE-2013-4931 (epan/proto.c in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 ...)
 	- wireshark 1.10.1-1 (unimportant)
 	NOTE: Not suitable for code injection
 CVE-2013-4930 (The dissect_dvbci_tpdu_hdr function in epan/dissectors/packet-dvbci.c ...)
+	{DSA-2734-1}
 	- wireshark 1.10.1-1
 	[squeeze] - wireshark <not-affected> (Affected dissector not yet present)
 CVE-2013-4929 (The parseFields function in epan/dissectors/packet-dis-pdus.c in the ...)
@@ -505,12 +512,12 @@
 	RESERVED
 CVE-2013-4808
 	RESERVED
-CVE-2013-4807
-	RESERVED
+CVE-2013-4807 (Unspecified vulnerability on the HP LaserJet Pro P1102w, P1606dn, ...)
+	TODO: check
 CVE-2013-4806
 	RESERVED
-CVE-2013-4805
-	RESERVED
+CVE-2013-4805 (Unspecified vulnerability in HP Integrated Lights-Out 3 (aka iLO3) ...)
+	TODO: check
 CVE-2013-4804
 	RESERVED
 CVE-2013-4803
@@ -810,14 +817,14 @@
 	NOT-FOR-US: sofortueberweisung2commerce extension TYPO3
 CVE-2013-4680 (Open redirect vulnerability in Maag Form Captcha extension 2.0.0 and ...)
 	NOT-FOR-US: meta_feedit extension for TYPO3
-CVE-2013-4679
-	RESERVED
-CVE-2013-4678
-	RESERVED
-CVE-2013-4677
-	RESERVED
-CVE-2013-4676
-	RESERVED
+CVE-2013-4679 (Symantec Workspace Virtualization before 6.x before 6.4.1953.0, when a ...)
+	TODO: check
+CVE-2013-4678 (The NDMP protocol implementation in Symantec Backup Exec 2010 R3 ...)
+	TODO: check
+CVE-2013-4677 (Symantec Backup Exec 2010 R3 before 2010 R3 SP3 and 2012 before SP2 ...)
+	TODO: check
+CVE-2013-4676 (Multiple cross-site scripting (XSS) vulnerabilities in Symantec Backup ...)
+	TODO: check
 CVE-2013-4675
 	RESERVED
 CVE-2013-4674 (Cross-site scripting (XSS) vulnerability in the Web Email Protection ...)
@@ -1046,8 +1053,8 @@
 	RESERVED
 CVE-2013-4576
 	RESERVED
-CVE-2013-4575
-	RESERVED
+CVE-2013-4575 (Heap-based buffer overflow in the utility program in the Linux agent ...)
+	TODO: check
 CVE-2013-4574
 	RESERVED
 CVE-2013-4573
@@ -3615,10 +3622,10 @@
 	RESERVED
 CVE-2013-3452
 	RESERVED
-CVE-2013-3451
-	RESERVED
-CVE-2013-3450
-	RESERVED
+CVE-2013-3451 (Multiple cross-site request forgery (CSRF) vulnerabilities in Cisco ...)
+	TODO: check
+CVE-2013-3450 (Cross-site request forgery (CSRF) vulnerability in the User WebDialer ...)
+	TODO: check
 CVE-2013-3449
 	RESERVED
 CVE-2013-3448 (Cisco WebEx Meetings Server does not check whether a user account is ...)
@@ -3633,8 +3640,8 @@
 	NOT-FOR-US: Cisco
 CVE-2013-3443 (The web service framework in Cisco WAAS Software 4.x and 5.x before ...)
 	NOT-FOR-US: Cisco
-CVE-2013-3442
-	RESERVED
+CVE-2013-3442 (The web portal in Cisco Unified Communications Manager (Unified CM) ...)
+	TODO: check
 CVE-2013-3441 (Cisco Aironet 3600 access points allow remote attackers to cause a ...)
 	NOT-FOR-US: Cisco
 CVE-2013-3440 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
@@ -8742,8 +8749,8 @@
 	NOT-FOR-US: Symantec
 CVE-2013-1611 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
 	NOT-FOR-US: Symantec Brightmail Gateway
-CVE-2013-1610
-	RESERVED
+CVE-2013-1610 (Unquoted Windows search path vulnerability in RDDService in Symantec ...)
+	TODO: check
 CVE-2013-1609 (Multiple unquoted Windows search path vulnerabilities in the (1) File ...)
 	NOT-FOR-US: Symantec
 CVE-2013-1608 (Directory traversal vulnerability in the Management Console on the ...)
@@ -12989,8 +12996,7 @@
 	- xen <not-affected> (Only applies to Xen 4.2, which is only available in experimental)
 CVE-2013-0150
 	RESERVED
-CVE-2013-0149 [VU#229804 Open Shortest Path First (OSPF) Protocol does not specify unique LSA lookup identifers]
-	RESERVED
+CVE-2013-0149 (The OSPF implementation in Cisco IOS 12.0 through 12.4 and 15.0 ...)
 	- quagga <not-affected>
 	NOTE: OSPF protocol vulnerability, quagga implementation not affected
 CVE-2013-0148 (The Data Camouflage (aka FairCom Standard Encryption) algorithm in ...)


