[Secure-testing-commits] r24883 - data/CVE
Joey Hess
joeyh at moszumanska.debian.org
Mon Dec 23 21:14:11 UTC 2013
Author: joeyh
Date: 2013-12-23 21:14:11 +0000 (Mon, 23 Dec 2013)
New Revision: 24883
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-12-23 20:48:00 UTC (rev 24882)
+++ data/CVE/list 2013-12-23 21:14:11 UTC (rev 24883)
@@ -1,3 +1,339 @@
+CVE-2014-0590
+ RESERVED
+CVE-2014-0589
+ RESERVED
+CVE-2014-0588
+ RESERVED
+CVE-2014-0587
+ RESERVED
+CVE-2014-0586
+ RESERVED
+CVE-2014-0585
+ RESERVED
+CVE-2014-0584
+ RESERVED
+CVE-2014-0583
+ RESERVED
+CVE-2014-0582
+ RESERVED
+CVE-2014-0581
+ RESERVED
+CVE-2014-0580
+ RESERVED
+CVE-2014-0579
+ RESERVED
+CVE-2014-0578
+ RESERVED
+CVE-2014-0577
+ RESERVED
+CVE-2014-0576
+ RESERVED
+CVE-2014-0575
+ RESERVED
+CVE-2014-0574
+ RESERVED
+CVE-2014-0573
+ RESERVED
+CVE-2014-0572
+ RESERVED
+CVE-2014-0571
+ RESERVED
+CVE-2014-0570
+ RESERVED
+CVE-2014-0569
+ RESERVED
+CVE-2014-0568
+ RESERVED
+CVE-2014-0567
+ RESERVED
+CVE-2014-0566
+ RESERVED
+CVE-2014-0565
+ RESERVED
+CVE-2014-0564
+ RESERVED
+CVE-2014-0563
+ RESERVED
+CVE-2014-0562
+ RESERVED
+CVE-2014-0561
+ RESERVED
+CVE-2014-0560
+ RESERVED
+CVE-2014-0559
+ RESERVED
+CVE-2014-0558
+ RESERVED
+CVE-2014-0557
+ RESERVED
+CVE-2014-0556
+ RESERVED
+CVE-2014-0555
+ RESERVED
+CVE-2014-0554
+ RESERVED
+CVE-2014-0553
+ RESERVED
+CVE-2014-0552
+ RESERVED
+CVE-2014-0551
+ RESERVED
+CVE-2014-0550
+ RESERVED
+CVE-2014-0549
+ RESERVED
+CVE-2014-0548
+ RESERVED
+CVE-2014-0547
+ RESERVED
+CVE-2014-0546
+ RESERVED
+CVE-2014-0545
+ RESERVED
+CVE-2014-0544
+ RESERVED
+CVE-2014-0543
+ RESERVED
+CVE-2014-0542
+ RESERVED
+CVE-2014-0541
+ RESERVED
+CVE-2014-0540
+ RESERVED
+CVE-2014-0539
+ RESERVED
+CVE-2014-0538
+ RESERVED
+CVE-2014-0537
+ RESERVED
+CVE-2014-0536
+ RESERVED
+CVE-2014-0535
+ RESERVED
+CVE-2014-0534
+ RESERVED
+CVE-2014-0533
+ RESERVED
+CVE-2014-0532
+ RESERVED
+CVE-2014-0531
+ RESERVED
+CVE-2014-0530
+ RESERVED
+CVE-2014-0529
+ RESERVED
+CVE-2014-0528
+ RESERVED
+CVE-2014-0527
+ RESERVED
+CVE-2014-0526
+ RESERVED
+CVE-2014-0525
+ RESERVED
+CVE-2014-0524
+ RESERVED
+CVE-2014-0523
+ RESERVED
+CVE-2014-0522
+ RESERVED
+CVE-2014-0521
+ RESERVED
+CVE-2014-0520
+ RESERVED
+CVE-2014-0519
+ RESERVED
+CVE-2014-0518
+ RESERVED
+CVE-2014-0517
+ RESERVED
+CVE-2014-0516
+ RESERVED
+CVE-2014-0515
+ RESERVED
+CVE-2014-0514
+ RESERVED
+CVE-2014-0513
+ RESERVED
+CVE-2014-0512
+ RESERVED
+CVE-2014-0511
+ RESERVED
+CVE-2014-0510
+ RESERVED
+CVE-2014-0509
+ RESERVED
+CVE-2014-0508
+ RESERVED
+CVE-2014-0507
+ RESERVED
+CVE-2014-0506
+ RESERVED
+CVE-2014-0505
+ RESERVED
+CVE-2014-0504
+ RESERVED
+CVE-2014-0503
+ RESERVED
+CVE-2014-0502
+ RESERVED
+CVE-2014-0501
+ RESERVED
+CVE-2014-0500
+ RESERVED
+CVE-2014-0499
+ RESERVED
+CVE-2014-0498
+ RESERVED
+CVE-2014-0497
+ RESERVED
+CVE-2014-0496
+ RESERVED
+CVE-2014-0495
+ RESERVED
+CVE-2014-0494
+ RESERVED
+CVE-2014-0493
+ RESERVED
+CVE-2014-0492
+ RESERVED
+CVE-2014-0491
+ RESERVED
+CVE-2014-0490
+ RESERVED
+CVE-2014-0489
+ RESERVED
+CVE-2014-0488
+ RESERVED
+CVE-2014-0487
+ RESERVED
+CVE-2014-0486
+ RESERVED
+CVE-2014-0485
+ RESERVED
+CVE-2014-0484
+ RESERVED
+CVE-2014-0483
+ RESERVED
+CVE-2014-0482
+ RESERVED
+CVE-2014-0481
+ RESERVED
+CVE-2014-0480
+ RESERVED
+CVE-2014-0479
+ RESERVED
+CVE-2014-0478
+ RESERVED
+CVE-2014-0477
+ RESERVED
+CVE-2014-0476
+ RESERVED
+CVE-2014-0475
+ RESERVED
+CVE-2014-0474
+ RESERVED
+CVE-2014-0473
+ RESERVED
+CVE-2014-0472
+ RESERVED
+CVE-2014-0471
+ RESERVED
+CVE-2014-0470
+ RESERVED
+CVE-2014-0469
+ RESERVED
+CVE-2014-0468
+ RESERVED
+CVE-2014-0467
+ RESERVED
+CVE-2014-0466
+ RESERVED
+CVE-2013-7196
+ RESERVED
+CVE-2013-7195
+ RESERVED
+CVE-2013-7194 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+ TODO: check
+CVE-2013-7193 (Multiple SQL injection vulnerabilities in C2C Forward Auction Creator ...)
+ TODO: check
+CVE-2013-7192 (Multiple SQL injection vulnerabilities in Dynamic Biz Website Builder ...)
+ TODO: check
+CVE-2013-7190 (Multiple directory traversal vulnerabilities in iScripts AutoHoster, ...)
+ TODO: check
+CVE-2013-7186 (Buffer overflow in Steinberg MyMp3PRO 5.0 (Build 5.1.0.21) allows ...)
+ TODO: check
+CVE-2013-7185
+ RESERVED
+CVE-2013-7184
+ RESERVED
+CVE-2013-7183
+ RESERVED
+CVE-2013-7182
+ RESERVED
+CVE-2013-7181
+ RESERVED
+CVE-2013-7180
+ RESERVED
+CVE-2013-7179
+ RESERVED
+CVE-2013-7178
+ RESERVED
+CVE-2013-7177
+ RESERVED
+CVE-2013-7176
+ RESERVED
+CVE-2013-7175
+ RESERVED
+CVE-2013-7174
+ RESERVED
+CVE-2013-7173
+ RESERVED
+CVE-2013-7172
+ RESERVED
+CVE-2013-7171
+ RESERVED
+CVE-2013-7170
+ RESERVED
+CVE-2013-7169
+ RESERVED
+CVE-2013-7168
+ RESERVED
+CVE-2013-7167
+ RESERVED
+CVE-2013-7166
+ RESERVED
+CVE-2013-7165
+ RESERVED
+CVE-2013-7164
+ RESERVED
+CVE-2013-7163
+ RESERVED
+CVE-2013-7162
+ RESERVED
+CVE-2013-7161
+ RESERVED
+CVE-2013-7160
+ RESERVED
+CVE-2013-7159
+ RESERVED
+CVE-2013-7158
+ RESERVED
+CVE-2013-7157
+ RESERVED
+CVE-2013-7156
+ RESERVED
+CVE-2013-7155
+ RESERVED
+CVE-2013-7154
+ RESERVED
+CVE-2013-7153
+ RESERVED
+CVE-2013-7152
+ RESERVED
+CVE-2013-7151
+ RESERVED
+CVE-2013-7150
+ RESERVED
CVE-2014-0465
RESERVED
CVE-2014-0464
@@ -200,15 +536,16 @@
RESERVED
CVE-2013-7203
- gitolite3 <unfixed>
-CVE-2013-7191
+CVE-2013-7191 (Cross-site scripting (XSS) vulnerability in Tenmiles Helpdesk Pilot ...)
NOT-FOR-US: Tenmiles Helpdesk Pilot
-CVE-2013-7189
+CVE-2013-7189 (Multiple SQL injection vulnerabilities in iScripts AutoHoster, ...)
NOT-FOR-US: iScripts AutoHoster
-CVE-2013-7188
+CVE-2013-7188 (Cross-site scripting (XSS) vulnerability in KBKP Software HostBill ...)
NOT-FOR-US: HostBill
-CVE-2013-7187
+CVE-2013-7187 (SQL injection vulnerability in form.php in the FormCraft plugin 1.3.7 ...)
NOT-FOR-US: WordPress plugin FormCraft
CVE-2013-7149
+ RESERVED
NOT-FOR-US: Revive Adserver
CVE-2013-7148
RESERVED
@@ -234,8 +571,8 @@
RESERVED
CVE-2013-7137
RESERVED
-CVE-2013-7136
- RESERVED
+CVE-2013-7136 (The UPC Ireland Cisco EPC 2425 router (aka Horizon Box) does not have ...)
+ TODO: check
CVE-2013-7135
RESERVED
- libproc-daemon-perl 0.14-2 (low; bug #732283)
@@ -295,8 +632,7 @@
RESERVED
CVE-2013-7101
RESERVED
-CVE-2013-7100
- RESERVED
+CVE-2013-7100 (Buffer overflow in the unpacksms16 function in apps/app_sms.c in ...)
NOTE: http://downloads.asterisk.org/pub/security/AST-2013-006.html
- asterisk 1:11.7.0~dfsg-1 (bug #732355)
CVE-2013-7099
@@ -321,20 +657,17 @@
RESERVED
CVE-2013-7084
RESERVED
-CVE-2013-7114
- RESERVED
+CVE-2013-7114 (Multiple buffer overflows in the create_ntlmssp_v2_key function in ...)
{DSA-2825-1}
- wireshark 1.10.4-1
[squeeze] - wireshark <not-affected> (Vulnerable code not present)
NOTE: https://www.wireshark.org/security/wnpa-sec-2013-68.html
-CVE-2013-7113
- RESERVED
+CVE-2013-7113 (epan/dissectors/packet-bssgp.c in the BSSGP dissector in Wireshark ...)
{DSA-2825-1}
- wireshark 1.10.4-1
NOTE: https://www.wireshark.org/security/wnpa-sec-2013-67.html
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9488
-CVE-2013-7112
- RESERVED
+CVE-2013-7112 (The dissect_sip_common function in epan/dissectors/packet-sip.c in the ...)
- wireshark 1.10.4-1 (unimportant)
NOTE: https://www.wireshark.org/security/wnpa-sec-2013-66.html
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9388
@@ -461,8 +794,7 @@
- devscripts <unfixed> (bug #732006)
[wheezy] - devscripts <not-affected> (does not contain the vulnerable code; introduced in 2.13.5)
[squeeze] - devscripts <not-affected> (does not contain the vulnerable code; introduced in 2.13.5)
-CVE-2013-7082
- RESERVED
+CVE-2013-7082 (Cross-site scripting (XSS) vulnerability in the errorAction method in ...)
- typo3-src 4.5.32+dfsg1-1 (bug #731999)
CVE-2013-7081
RESERVED
@@ -476,17 +808,14 @@
CVE-2013-7078
RESERVED
- typo3-src 4.5.32+dfsg1-1 (bug #731999)
-CVE-2013-7077
- RESERVED
+CVE-2013-7077 (Cross-site scripting (XSS) vulnerability in the Backend User ...)
- typo3-src 4.5.32+dfsg1-1 (bug #731999)
-CVE-2013-7076
- RESERVED
+CVE-2013-7076 (Cross-site scripting (XSS) vulnerability in Extension Manager in TYPO3 ...)
- typo3-src 4.5.32+dfsg1-1 (bug #731999)
CVE-2013-7075
RESERVED
- typo3-src 4.5.32+dfsg1-1 (bug #731999)
-CVE-2013-7074
- RESERVED
+CVE-2013-7074 (Multiple cross-site scripting (XSS) vulnerabilities in Content Editing ...)
- typo3-src 4.5.32+dfsg1-1 (bug #731999)
CVE-2013-7073
RESERVED
@@ -748,8 +1077,7 @@
- libav <unfixed>
NOTE: https://github.com/FFmpeg/FFmpeg/commit/29ffeef5e73b8f41ff3a3f2242d356759c66f91f
NOTE: https://trac.ffmpeg.org/ticket/2927
-CVE-2013-7002
- RESERVED
+CVE-2013-7002 (Cross-site scripting (XSS) vulnerability in ...)
NOT-FOR-US: LiveZilla
CVE-2013-7001 (The Multimedia Messaging Centre (MMSC) in NowSMS Now SMS & MMS Gateway ...)
NOT-FOR-US: NowSMS
@@ -764,7 +1092,7 @@
CVE-2013-6996
RESERVED
CVE-2013-6995
- RESERVED
+ REJECTED
CVE-2013-6994
RESERVED
CVE-2013-6993
@@ -795,12 +1123,12 @@
RESERVED
CVE-2013-6979
RESERVED
-CVE-2013-6978
- RESERVED
+CVE-2013-6978 (The disaster recovery system (DRS) component in Cisco Unified ...)
+ TODO: check
CVE-2013-6977
RESERVED
-CVE-2013-6976
- RESERVED
+CVE-2013-6976 (Cross-site request forgery (CSRF) vulnerability in goform/Quick_setup ...)
+ TODO: check
CVE-2013-6975
RESERVED
CVE-2013-6974
@@ -1660,8 +1988,7 @@
CVE-2013-6878
RESERVED
NOT-FOR-US: MijoSearch
-CVE-2013-6877
- RESERVED
+CVE-2013-6877 (Heap-based buffer overflow in RealNetworks RealPlayer 16.0.2.32 and ...)
NOT-FOR-US: RealPlayer
CVE-2013-6876
RESERVED
@@ -1917,8 +2244,7 @@
RESERVED
CVE-2013-6768
RESERVED
-CVE-2013-6767
- RESERVED
+CVE-2013-6767 (Stack-based buffer overflow in pepoly.dll in Quick Heal AntiVirus Pro ...)
NOT-FOR-US: QuickHeal AntiVirus
CVE-2013-6764
RESERVED
@@ -1959,8 +2285,8 @@
RESERVED
CVE-2013-6746
RESERVED
-CVE-2013-6745
- RESERVED
+CVE-2013-6745 (Cross-site scripting (XSS) vulnerability in the IMS server before Ifix ...)
+ TODO: check
CVE-2013-6744
RESERVED
CVE-2013-6743
@@ -1979,8 +2305,8 @@
RESERVED
CVE-2013-6736
RESERVED
-CVE-2013-6735
- RESERVED
+CVE-2013-6735 (IBM WebSphere Portal 6.0.0.x through 6.0.0.1, 6.0.1.x through 6.0.1.7, ...)
+ TODO: check
CVE-2013-6734
RESERVED
CVE-2013-6733 (Cross-site scripting (XSS) vulnerability in the Web Application in the ...)
@@ -2003,8 +2329,8 @@
RESERVED
CVE-2013-6724
RESERVED
-CVE-2013-6723
- RESERVED
+CVE-2013-6723 (IBM WebSphere Portal 8.0.0.1 before CF09 does not properly handle ...)
+ TODO: check
CVE-2013-6722
RESERVED
CVE-2013-6721 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Service ...)
@@ -2015,8 +2341,8 @@
RESERVED
CVE-2013-6718 (The Advanced Management Module (AMM) with firmware 3.64B, 3.64C, and ...)
NOT-FOR-US: IBM firmware
-CVE-2013-6717
- RESERVED
+CVE-2013-6717 (The OLAP query engine in IBM DB2 and DB2 Connect 9.7 through FP9, 9.8 ...)
+ TODO: check
CVE-2013-6716
RESERVED
CVE-2013-6715
@@ -3049,8 +3375,8 @@
RESERVED
CVE-2013-6329 (IBM Global Security Kit (aka GSKit), as used in Content Manager ...)
NOT-FOR-US: IBM Global Security Kit
-CVE-2013-6328
- RESERVED
+CVE-2013-6328 (Cross-site scripting (XSS) vulnerability in the Web Content Manager ...)
+ TODO: check
CVE-2013-6327 (Cross-site scripting (XSS) vulnerability in the HTTP Option in IBM ...)
NOT-FOR-US: IBM
CVE-2013-6326
@@ -3073,8 +3399,8 @@
RESERVED
CVE-2013-6317
RESERVED
-CVE-2013-6316
- RESERVED
+CVE-2013-6316 (IBM WebSphere Portal 7.0.0.x before 7.0.0.2 CF26 and 8.0.0.x before ...)
+ TODO: check
CVE-2013-6315
RESERVED
CVE-2013-6314
@@ -3323,8 +3649,8 @@
RESERVED
CVE-2013-6197
RESERVED
-CVE-2013-6196
- RESERVED
+CVE-2013-6196 (Cross-site scripting (XSS) vulnerability in HP Autonomy Ultraseek 5 ...)
+ TODO: check
CVE-2013-6195
RESERVED
CVE-2013-6194
@@ -3359,8 +3685,7 @@
NOT-FOR-US: RSA Security Analytics
CVE-2013-6179
RESERVED
-CVE-2013-6178
- RESERVED
+CVE-2013-6178 (Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Archer ...)
NOT-FOR-US: EMC RSA Archer GRC
CVE-2013-6177 (Directory traversal vulnerability in EMC Document Sciences xPression ...)
NOT-FOR-US: EMC
@@ -3393,8 +3718,7 @@
NOT-FOR-US: Project'Or RIA
CVE-2013-6163 (Multiple cross-site scripting (XSS) vulnerabilities in ProjeQtOr ...)
NOT-FOR-US: Project'Or RIA
-CVE-2013-6162
- RESERVED
+CVE-2013-6162 (Cross-site scripting (XSS) vulnerability in Code-Crafters Ability Mail ...)
NOT-FOR-US: Code-Crafters Ability Mail Server
CVE-2013-6161
RESERVED
@@ -5153,8 +5477,8 @@
RESERVED
CVE-2013-5463 (The WinCollect agent in IBM Security QRadar SIEM before 7.1.1.569824 ...)
NOT-FOR-US: IBM Security QRadar SIEM
-CVE-2013-5462
- RESERVED
+CVE-2013-5462 (IBM/ECMClient/configure/explodedformat/navigator/header.jsp in IBM ...)
+ TODO: check
CVE-2013-5461
RESERVED
CVE-2013-5460
@@ -5173,8 +5497,7 @@
NOT-FOR-US: IBM WebSphere
CVE-2013-5453 (IBM Security AppScan Enterprise 5.6 through 8.7.0.1 allows remote ...)
NOT-FOR-US: IBM
-CVE-2013-5452
- RESERVED
+CVE-2013-5452 (IBM FileNet Business Process Framework 4.1.0 allows remote ...)
NOT-FOR-US: IBM FileNet Business Process Framework
CVE-2013-5451
RESERVED
@@ -5226,19 +5549,18 @@
NOT-FOR-US: IBM WebSphere DataPower XC10 appliances
CVE-2013-5427
RESERVED
-CVE-2013-5426
- RESERVED
+CVE-2013-5426 (Session fixation vulnerability in IBM InfoSphere Master Data ...)
+ TODO: check
CVE-2013-5425 (Cross-site scripting (XSS) vulnerability in the Administration Console ...)
NOT-FOR-US: IBM WebSphere
CVE-2013-5424 (IBM Flex System Manager (FSM) 1.3.0 allows remote attackers to bypass ...)
NOT-FOR-US: IBM Flex System Manager
CVE-2013-5423
RESERVED
-CVE-2013-5422
- RESERVED
+CVE-2013-5422 (The Web Client in IBM Rational ClearQuest 7.1 through 7.1.2.12, ...)
NOT-FOR-US: IBM Rational ClearQuest
-CVE-2013-5421
- RESERVED
+CVE-2013-5421 (Cross-site scripting (XSS) vulnerability in the IMS server before Ifix ...)
+ TODO: check
CVE-2013-5420
RESERVED
CVE-2013-5419 (Multiple buffer overflows in (1) mkque and (2) mkquedev in ...)
@@ -5253,24 +5575,24 @@
NOT-FOR-US: IBM Rational ClearCase
CVE-2013-5414 (The migration functionality in IBM WebSphere Application Server (WAS) ...)
NOT-FOR-US: IBM WebSphere Application Server
-CVE-2013-5413
- RESERVED
+CVE-2013-5413 (IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 do not ...)
+ TODO: check
CVE-2013-5412
RESERVED
-CVE-2013-5411
- RESERVED
+CVE-2013-5411 (IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 allow ...)
+ TODO: check
CVE-2013-5410
RESERVED
-CVE-2013-5409
- RESERVED
+CVE-2013-5409 (Multiple SQL injection vulnerabilities in IBM Sterling B2B Integrator ...)
+ TODO: check
CVE-2013-5408
RESERVED
-CVE-2013-5407
- RESERVED
-CVE-2013-5406
- RESERVED
-CVE-2013-5405
- RESERVED
+CVE-2013-5407 (IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 do not ...)
+ TODO: check
+CVE-2013-5406 (Multiple cross-site scripting (XSS) vulnerabilities in IBM Sterling ...)
+ TODO: check
+CVE-2013-5405 (Multiple cross-site scripting (XSS) vulnerabilities in IBM Sterling ...)
+ TODO: check
CVE-2013-5404 (Cross-site scripting (XSS) vulnerability in the search implementation ...)
NOT-FOR-US: IBM Rational Quality Manager
CVE-2013-5403 (Unspecified vulnerability on the IBM WebSphere DataPower XC10 ...)
@@ -7116,8 +7438,7 @@
RESERVED
- grub2 2.00-20 (unimportant; bug #632598)
NOTE: Additional hardening for rare setups, not a vulnerability
-CVE-2013-4576 [RSA Key Extraction via Low-Bandwidth Acoustic Cryptanalysis attack]
- RESERVED
+CVE-2013-4576 (GnuPG 1.x before 1.4.16 generates RSA keys using sequences of ...)
{DSA-2821-1}
- gnupg 1.4.15-3
CVE-2013-4575 (Heap-based buffer overflow in the utility program in the Linux agent ...)
@@ -7637,7 +7958,7 @@
- libguestfs 1:1.22.7-1
[wheezy] - libguestfs 1:1.18.1-1+deb7u3
CVE-2013-4418
- RESERVED
+ REJECTED
NOTE: security hardening, got rejected
CVE-2013-4417
REJECTED
@@ -7688,7 +8009,7 @@
RESERVED
NOT-FOR-US: Cumin
CVE-2013-4403
- RESERVED
+ REJECTED
NOTE: rejected
CVE-2013-4402 (GnuPG 1.4.x before 1.4.15 and 2.0.x before 2.0.22 allows remote ...)
{DSA-2774-1 DSA-2773-1}
@@ -8832,22 +9153,22 @@
RESERVED
CVE-2013-4071
RESERVED
-CVE-2013-4070
- RESERVED
-CVE-2013-4069
- RESERVED
+CVE-2013-4070 (The Portal application in IBM SPSS Collaboration and Deployment ...)
+ TODO: check
+CVE-2013-4069 (The Portal application in IBM SPSS Collaboration and Deployment ...)
+ TODO: check
CVE-2013-4068 (Buffer overflow in iNotes in IBM Domino 8.5.3 before FP5 IF1 and 9.0 ...)
NOT-FOR-US: IBM
CVE-2013-4067 (IBM InfoSphere Information Server 8.0, 8.1, 8.5 through FP3, 8.7, and ...)
NOT-FOR-US: IBM InfoSphere Information Server
CVE-2013-4066 (IBM InfoSphere Information Server 8.0, 8.1, 8.5 through FP3, 8.7, and ...)
NOT-FOR-US: IBM InfoSphere Information Server
-CVE-2013-4065
- RESERVED
-CVE-2013-4064
- RESERVED
-CVE-2013-4063
- RESERVED
+CVE-2013-4065 (Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.x ...)
+ TODO: check
+CVE-2013-4064 (Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.x ...)
+ TODO: check
+CVE-2013-4063 (Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.x ...)
+ TODO: check
CVE-2013-4062 (IBM Rational Policy Tester 8.5 before 8.5.0.5 does not verify X.509 ...)
NOT-FOR-US: IBM
CVE-2013-4061 (IBM Rational Policy Tester 8.5 before 8.5.0.5 does not properly check ...)
@@ -8880,12 +9201,12 @@
NOT-FOR-US: IBM SPSS
CVE-2013-4047 (Cross-site scripting (XSS) vulnerability in IBM SPSS Analytical ...)
NOT-FOR-US: IBM SPSS
-CVE-2013-4046
- RESERVED
-CVE-2013-4045
- RESERVED
-CVE-2013-4044
- RESERVED
+CVE-2013-4046 (Open redirect vulnerability in IBM SPSS Collaboration and Deployment ...)
+ TODO: check
+CVE-2013-4045 (Cross-site scripting (XSS) vulnerability in the Portal application in ...)
+ TODO: check
+CVE-2013-4044 (IBM SPSS Collaboration and Deployment Services 4.2.1 before 4.2.1.3 ...)
+ TODO: check
CVE-2013-4043
RESERVED
CVE-2013-4042 (Unspecified vulnerability in IBM SPSS Collaboration and Deployment ...)
@@ -8948,8 +9269,8 @@
NOT-FOR-US: IBM Maximo Asset Management
CVE-2013-4013 (IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 through 7.1.1.12, ...)
NOT-FOR-US: IBM Maximo Asset Management
-CVE-2013-4012
- RESERVED
+CVE-2013-4012 (IBM WebSphere Portal 8.0.0.x before 8.0.0.1 CF09, when Content ...)
+ TODO: check
CVE-2013-4011 (Multiple unspecified vulnerabilities in the InfiniBand subsystem in ...)
NOT-FOR-US: IBM AIX
CVE-2013-4010
@@ -9634,8 +9955,8 @@
NOT-FOR-US: Novell Open Enterprise Server 2
CVE-2013-3706
RESERVED
-CVE-2013-3705
- RESERVED
+CVE-2013-3705 (The VBA32 AntiRootKit component for Novell Client 2 SP3 before IR5 on ...)
+ TODO: check
CVE-2013-3704 (The RPM GPG key import and handling feature in libzypp 12.15.0 and ...)
NOT-FOR-US: libzypp
CVE-2013-3703
@@ -11747,10 +12068,10 @@
RESERVED
CVE-2013-2823 (The (1) Catapult DNP3 I/O driver before 7.2.0.60 and the (2) GE ...)
NOT-FOR-US: Catapult DNP3 I/O driver
-CVE-2013-2822
- RESERVED
-CVE-2013-2821
- RESERVED
+CVE-2013-2822 (NovaTech Orion Substation Automation Platform OrionLX DNP Master ...)
+ TODO: check
+CVE-2013-2821 (NovaTech Orion Substation Automation Platform OrionLX DNP Master ...)
+ TODO: check
CVE-2013-2820
RESERVED
CVE-2013-2819
@@ -12171,11 +12492,9 @@
CVE-2013-2629
RESERVED
NOT-FOR-US: Leed
-CVE-2013-2628
- RESERVED
+CVE-2013-2628 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
NOT-FOR-US: Leed
-CVE-2013-2627
- RESERVED
+CVE-2013-2627 (SQL injection vulnerability in action.php in Leed (Light Feed), ...)
NOT-FOR-US: Leed
CVE-2013-2626
RESERVED
@@ -26326,16 +26645,16 @@
RESERVED
CVE-2012-4136 (The high-availability service in the Fabric Interconnect component in ...)
NOT-FOR-US: Cisco
-CVE-2012-4135
- RESERVED
+CVE-2012-4135 (Directory traversal vulnerability in filesys in Cisco NX-OS 6.1(2) and ...)
+ TODO: check
CVE-2012-4134
RESERVED
CVE-2012-4133
RESERVED
CVE-2012-4132
RESERVED
-CVE-2012-4131
- RESERVED
+CVE-2012-4131 (Directory traversal vulnerability in tar in Cisco NX-OS allows local ...)
+ TODO: check
CVE-2012-4130
RESERVED
CVE-2012-4129
More information about the Secure-testing-commits
mailing list