[Secure-testing-commits] r21288 - data/CVE

Fri Feb 15 21:14:27 UTC 2013

Author: joeyh
Date: 2013-02-15 21:14:27 +0000 (Fri, 15 Feb 2013)
New Revision: 21288

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2013-02-15 19:50:37 UTC (rev 21287)
+++ data/CVE/list	2013-02-15 21:14:27 UTC (rev 21288)
@@ -822,14 +822,14 @@
 	RESERVED
 CVE-2013-1406 (The Virtual Machine Communication Interface (VMCI) implementation in ...)
 	NOT-FOR-US: VMware Workstation, Fusion, View, ESXi, ESX
-CVE-2013-1405
-	RESERVED
+CVE-2013-1405 (VMware vCenter Server 4.0 before Update 4b and 4.1 before Update 3a, ...)
+	TODO: check
 CVE-2013-1404
 	RESERVED
 CVE-2013-1403
 	RESERVED
-CVE-2013-1402
-	RESERVED
+CVE-2013-1402 (DigiLIBE 3.4 and possibly other versions sends a redirect but does not ...)
+	TODO: check
 CVE-2013-1401
 	RESERVED
 CVE-2013-1400
@@ -1406,8 +1406,8 @@
 	RESERVED
 CVE-2013-1129
 	RESERVED
-CVE-2013-1128
-	RESERVED
+CVE-2013-1128 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+	TODO: check
 CVE-2013-1127
 	RESERVED
 CVE-2013-1126
@@ -1416,8 +1416,8 @@
 	RESERVED
 CVE-2013-1124
 	RESERVED
-CVE-2013-1123
-	RESERVED
+CVE-2013-1123 (Multiple cross-site scripting (XSS) vulnerabilities in the server in ...)
+	TODO: check
 CVE-2013-1122 (Cisco NX-OS on the Nexus 7000, when a certain Overlay Transport ...)
 	TODO: check
 CVE-2013-1121
@@ -2380,12 +2380,12 @@
 	RESERVED
 CVE-2013-0706
 	RESERVED
-CVE-2013-0705
-	RESERVED
-CVE-2013-0704
-	RESERVED
-CVE-2013-0703
-	RESERVED
+CVE-2013-0705 (Directory traversal vulnerability in LSI 3ware Disk Manager (3DM) ...)
+	TODO: check
+CVE-2013-0704 (Directory traversal vulnerability in the GREE application before 1.3.3 ...)
+	TODO: check
+CVE-2013-0703 (Cross-site scripting (XSS) vulnerability in imgboard.com imgboard ...)
+	TODO: check
 CVE-2013-0702 (Cross-site scripting (XSS) vulnerability in Cybozu Garoon 2.0.0 ...)
 	TODO: check
 CVE-2013-0701 (SQL injection vulnerability in Cybozu Garoon 2.5.0 through 3.5.3 ...)
@@ -2556,8 +2556,8 @@
 	RESERVED
 CVE-2013-0659
 	RESERVED
-CVE-2013-0658
-	RESERVED
+CVE-2013-0658 (Heap-based buffer overflow in RFManagerService.exe in Schneider ...)
+	TODO: check
 CVE-2013-0657 (Stack-based buffer overflow in Schneider Electric Interactive ...)
 	NOT-FOR-US: Schneider Electric IGSS
 CVE-2013-0656 (Buffer overflow in a third-party ActiveX component in Siemens SIMATIC ...)
@@ -4054,8 +4054,7 @@
 	NOTE: http://www.openwall.com/lists/oss-security/2013/01/08/13
 CVE-2013-0154 (The get_page_type function in xen/arch/x86/mm.c in Xen 4.2, when ...)
 	- xen <not-affected> (Only applies to Xen 4.2, which is only available in experimental)
-CVE-2013-0153
-	RESERVED
+CVE-2013-0153 (The AMD IOMMU support in Xen 4.2.x, 4.1.x, 3.3, and other versions, ...)
 	- xen 4.1.4-2
 CVE-2013-0152 (Memory leak in Xen 4.2 and unstable allows local HVM guests to cause a ...)
 	- xen <not-affected> (Only applies to Xen 4.2, which is only available in experimental)
@@ -4564,7 +4563,7 @@
 	- openconnect <unfixed>
 	NOTE: http://git.infradead.org/users/dwmw2/openconnect.git/commitdiff/26f752c3dbf69227679fc6bebb4ae071aecec491
 CVE-2012-6127
-	RESERVED
+	REJECTED
 CVE-2012-6126
 	REJECTED
 	NOTE: To be rejected
@@ -6159,8 +6158,7 @@
 	RESERVED
 CVE-2012-5635
 	RESERVED
-CVE-2012-5634
-	RESERVED
+CVE-2012-5634 (Xen 4.2.x, 4.1.x, and 4.0, when using Intel VT-d for PCI passthrough, ...)
 	- xen 4.1.3-8 (low)
 CVE-2012-5633
 	RESERVED
@@ -6372,8 +6370,7 @@
 CVE-2012-5565
 	RESERVED
 	NOT-FOR-US: This doesn't seem to be packaged in sid's Horde and the imp3 and dimp1 packages from stable do not include the affected code
-CVE-2012-5564
-	RESERVED
+CVE-2012-5564 (android-tools 4.1.1 in Android Debug Bridge (ADB) allows local users ...)
 	- android-tools <unfixed> (bug #688280)
 CVE-2012-5563 (OpenStack Keystone, as used in OpenStack Folsom 2012.2, does not ...)
 	- keystone <not-affected> (Folsom branch not packaged yet)
@@ -8599,10 +8596,10 @@
 	RESERVED
 CVE-2012-4713
 	RESERVED
-CVE-2012-4712
-	RESERVED
-CVE-2012-4711
-	RESERVED
+CVE-2012-4712 (Moxa EDR-G903 series routers with firmware before 2.11 have a ...)
+	TODO: check
+CVE-2012-4711 (Buffer overflow in kingMess.exe 65.20.2003.10300 in WellinTech ...)
+	TODO: check
 CVE-2012-4710
 	RESERVED
 CVE-2012-4709
@@ -8621,8 +8618,8 @@
 	RESERVED
 CVE-2012-4702
 	RESERVED
-CVE-2012-4701
-	RESERVED
+CVE-2012-4701 (Directory traversal vulnerability in Tridium Niagara AX 3.5, 3.6, and ...)
+	TODO: check
 CVE-2012-4700 (Multiple buffer overflows in an ActiveX control in PE3DO32A.ocx in ...)
 	NOT-FOR-US: IntegraXor SCADA Server
 CVE-2012-4699
@@ -8635,8 +8632,8 @@
 	NOT-FOR-US: Beijer
 CVE-2012-4695
 	RESERVED
-CVE-2012-4694
-	RESERVED
+CVE-2012-4694 (Moxa EDR-G903 series routers with firmware before 2.11 do not use a ...)
+	TODO: check
 CVE-2012-4693 (Invensys Wonderware InTouch 2012 R2 and earlier and Siemens ...)
 	NOT-FOR-US: Invensys Wonderware InTouch
 CVE-2012-4692


