[Secure-testing-commits] r21403 - data/CVE
Thijs Kinkhorst
thijs at alioth.debian.org
Sat Feb 23 16:39:31 UTC 2013
Author: thijs
Date: 2013-02-23 16:39:31 +0000 (Sat, 23 Feb 2013)
New Revision: 21403
Modified:
data/CVE/list
Log:
zendframework fixed in sid/wheezy, nfu's
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-02-23 16:29:46 UTC (rev 21402)
+++ data/CVE/list 2013-02-23 16:39:31 UTC (rev 21403)
@@ -1221,9 +1221,9 @@
- cinder <unfixed>
NOTE: cinder is in the NEW queue
CVE-2012-6532 ((1) Zend_Dom, (2) Zend_Feed, (3) Zend_Soap, and (4) Zend_XmlRpc in ...)
- TODO: check
+ - zendframework 1.11.13-1
CVE-2012-6531 ((1) Zend_Dom, (2) Zend_Feed, and (3) Zend_Soap in Zend Framework 1.x ...)
- TODO: check
+ - zendframework 1.11.13-1
CVE-2013-1663
RESERVED
CVE-2013-1662
@@ -2472,7 +2472,7 @@
CVE-2013-1130
RESERVED
CVE-2013-1129 (Memory leak in Cisco Unity Connection 9.x allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2013-1128 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
NOT-FOR-US: Cisco Unified MeetingPlace
CVE-2013-1127
@@ -2480,7 +2480,7 @@
CVE-2013-1126
RESERVED
CVE-2013-1125 (The command-line interface in Cisco Identity Services Engine Software, ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2013-1124
RESERVED
CVE-2013-1123 (Multiple cross-site scripting (XSS) vulnerabilities in the server in ...)
@@ -3404,7 +3404,7 @@
CVE-2013-0731
RESERVED
CVE-2013-0730 (Multiple cross-site scripting (XSS) vulnerabilities in Newscoop 4.x ...)
- TODO: check
+ NOT-FOR-US: Newscoop
CVE-2013-0729
RESERVED
CVE-2013-0728
@@ -3505,7 +3505,7 @@
CVE-2013-0707
RESERVED
CVE-2013-0706 (NEC Universal RAID Utility 1.40 Rev 680 and earlier, 2.31 Rev 1492 and ...)
- TODO: check
+ NOT-FOR-US: NEC Universal RAID Utility
CVE-2013-0705 (Directory traversal vulnerability in LSI 3ware Disk Manager (3DM) ...)
NOT-FOR-US: LSI 3ware Disk Manager
CVE-2013-0704 (Directory traversal vulnerability in the GREE application before 1.3.3 ...)
@@ -4060,9 +4060,9 @@
CVE-2013-0479
RESERVED
CVE-2013-0478 (Cross-site scripting (XSS) vulnerability in IBM InfoSphere Master Data ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2013-0477 (Multiple cross-site scripting (XSS) vulnerabilities in IBM InfoSphere ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2013-0476
RESERVED
CVE-2013-0475
@@ -4072,9 +4072,9 @@
CVE-2013-0473
RESERVED
CVE-2013-0472 (The Web GUI in the client in IBM Tivoli Storage Manager (TSM) 6.3 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2013-0471 (The traditional scheduler in the client in IBM Tivoli Storage Manager ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2013-0470
RESERVED
CVE-2013-0469
@@ -4082,9 +4082,9 @@
CVE-2013-0468
RESERVED
CVE-2013-0467 (IBM Eclipse Help System (IEHS), as used in IBM Data Studio 3.1 and ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2013-0466 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Message ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2013-0465
RESERVED
CVE-2013-0464
@@ -4102,7 +4102,7 @@
CVE-2013-0458 (Cross-site scripting (XSS) vulnerability in the Administrative console ...)
NOT-FOR-US: IBM WebSphere Application Server
CVE-2013-0457 (Cross-site scripting (XSS) vulnerability in IBM Maximo Asset ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2013-0456
RESERVED
CVE-2013-0455
@@ -4252,13 +4252,13 @@
CVE-2012-6358
RESERVED
CVE-2012-6357 (IBM Maximo Asset Management 7.5, Maximo Asset Management Essentials ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2012-6356 (IBM Maximo Asset Management 7.5, Maximo Asset Management Essentials ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2012-6355 (IBM Maximo Asset Management 6.2 through 7.5, Maximo Asset Management ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2012-6354 (The management GUI on the IBM SAN Volume Controller and Storwize V7000 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2012-6353
RESERVED
CVE-2012-6352 (The Session Manager in IBM Sterling Connect:Direct through 4.1.0.3 on ...)
@@ -4632,7 +4632,6 @@
- ruby-activesupport-2.3 2.3.14-6 (bug #699249)
NOTE: Starting with 2.3.14.1 rails is a transition package
NOTE: https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/1h2DR63ViGo
- TODO: check
CVE-2013-0332 [local file inclusion]
RESERVED
- zoneminder 1.25.0-1 (bug #700912)
@@ -6519,9 +6518,9 @@
CVE-2012-5954 (Unspecified vulnerability in IBM Tivoli Storage Manager for Space ...)
NOT-FOR-US: IBM Tivoli Storage Manager
CVE-2012-5953 (IBM WebSphere Message Broker 6.1 before 6.1.0.12, 7.0 before 7.0.0.6, ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2012-5952 (IBM WebSphere Message Broker 6.1 before 6.1.0.12, 7.0 before 7.0.0.6, ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2012-5951 (Unspecified vulnerability in IBM Tivoli NetView 1.4, 5.1 through 5.4, ...)
NOT-FOR-US: IBM Tivoli NetView
CVE-2012-5950
@@ -6543,9 +6542,9 @@
CVE-2012-5942
RESERVED
CVE-2012-5941 (Cross-site scripting (XSS) vulnerability in the WebAdmin application ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2012-5940 (The WebAdmin application 6.0.5, 6.0.8, and 7.0 before P2 in IBM ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2012-5939
RESERVED
CVE-2012-5938
@@ -6989,13 +6988,13 @@
CVE-2012-5764
RESERVED
CVE-2012-5763 (Cross-site request forgery (CSRF) vulnerability in the WebAdmin ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2012-5762 (Cross-site scripting (XSS) vulnerability in the WebAdmin application ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2012-5761 (Cross-site scripting (XSS) vulnerability in the WebAdmin application ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2012-5760 (SQL injection vulnerability in the WebAdmin application 6.0.5, 6.0.8, ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2012-5759 (The IBM WebSphere DataPower XC10 Appliance 2.0.0.0 through 2.0.0.3 and ...)
NOT-FOR-US: Websphere
CVE-2012-5758 (The IBM WebSphere DataPower XC10 Appliance 2.0.0.0 through 2.0.0.3 and ...)
@@ -10938,9 +10937,9 @@
CVE-2012-4353 (Stack-based buffer overflow in RunTime.exe in Sielco Sistemi Winlog ...)
NOT-FOR-US: Sielco Sistemi Winlog SCADA
CVE-2012-4352 (Multiple cross-site scripting (XSS) vulnerabilities in Stoneware ...)
- TODO: check
+ NOT-FOR-US: Stoneware webNetwork
CVE-2012-4351 (Integer overflow in pgpwded.sys in Symantec PGP Desktop 10.x and ...)
- TODO: check
+ NOT-FOR-US: Symantec
CVE-2012-4350 (Multiple unquoted Windows search path vulnerabilities in the (1) ...)
NOT-FOR-US: Symantec Enterprise Security Manager
CVE-2012-4349 (Unquoted Windows search path vulnerability in Symantec Network Access ...)
@@ -13596,9 +13595,9 @@
CVE-2012-3329 (IBM Advanced Settings Utility (ASU) through 3.62 and 3.70 through 9.21 ...)
NOT-FOR-US: IBM Advanced Settings Utility, Bootable Media Creator
CVE-2012-3328 (Cross-site scripting (XSS) vulnerability in IBM Maximo Asset ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2012-3327 (Cross-site scripting (XSS) vulnerability in IBM Maximo Asset ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2012-3326 (Cross-site scripting (XSS) vulnerability in IBM Maximo Asset ...)
NOT-FOR-US: IBM Maximo Asset Management
CVE-2012-3325 (IBM WebSphere Application Server (WAS) 6.1.x before 6.1.0.45, 7.0.x ...)
@@ -13608,9 +13607,9 @@
CVE-2012-3323
RESERVED
CVE-2012-3322 (Cross-site scripting (XSS) vulnerability in IBM Maximo Asset ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2012-3321 (IBM SmartCloud Control Desk 7.5 allows remote authenticated users to ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2012-3320
RESERVED
CVE-2012-3319 (IBM Rational Business Developer 8.x before 8.0.1.4 allows remote ...)
@@ -13620,7 +13619,7 @@
CVE-2012-3317 (IBM WebSphere Message Broker 6.1 before 6.1.0.11, 7.0 before 7.0.0.5, ...)
NOT-FOR-US: IBM WebSphere
CVE-2012-3316 (Cross-site scripting (XSS) vulnerability in the Tivoli Process ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2012-3315 (The Java servlets in the management console in IBM Tivoli Federated ...)
NOT-FOR-US: IBM Tivoli
CVE-2012-3314 (IBM Tivoli Federated Identity Manager (TFIM) and Tivoli Federated ...)
@@ -13682,7 +13681,7 @@
CVE-2012-3287 (Poul-Henning Kamp md5crypt has insufficient algorithmic complexity and ...)
NOT-FOR-US: md5crypt
CVE-2012-3286 (Unspecified vulnerability in HP ArcSight Connector Appliance 6.3 and ...)
- TODO: check
+ NOT-FOR-US: HP ArcSight appliance
CVE-2012-3285 (Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance ...)
NOT-FOR-US: HP LeftHand Virtual SAN Appliance
CVE-2012-3284 (Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance ...)
More information about the Secure-testing-commits
mailing list