[Secure-testing-commits] r20967 - data/CVE

Joey Hess joeyh at alioth.debian.org
Fri Jan 18 21:14:23 UTC 2013 

Author: joeyh
Date: 2013-01-18 21:14:23 +0000 (Fri, 18 Jan 2013)
New Revision: 20967

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-01-18 21:04:34 UTC (rev 20966)
+++ data/CVE/list	2013-01-18 21:14:23 UTC (rev 20967)
@@ -1,3 +1,7 @@
+CVE-2013-1399
+	RESERVED
+CVE-2013-1398
+	RESERVED
 CVE-2013-1397
 	RESERVED
 CVE-2013-1396
@@ -592,8 +596,8 @@
 	RESERVED
 CVE-2013-1110
 	RESERVED
-CVE-2013-1109
-	RESERVED
+CVE-2013-1109 (Cross-site request forgery (CSRF) vulnerability in ...)
+	TODO: check
 CVE-2013-1108
 	RESERVED
 CVE-2013-1107
@@ -2190,8 +2194,8 @@
 	RESERVED
 CVE-2012-6398
 	RESERVED
-CVE-2012-6397
-	RESERVED
+CVE-2012-6397 (Cross-site scripting (XSS) vulnerability in Cisco WebEx Social ...)
+	TODO: check
 CVE-2012-6396
 	RESERVED
 CVE-2012-6395
@@ -2200,8 +2204,8 @@
 	RESERVED
 CVE-2012-6393
 	RESERVED
-CVE-2012-6392
-	RESERVED
+CVE-2012-6392 (Cisco Prime LAN Management Solution (LMS) 4.1 through 4.2.2 on Linux ...)
+	TODO: check
 CVE-2012-6391
 	RESERVED
 CVE-2012-6390
@@ -2935,8 +2939,7 @@
 	RESERVED
 CVE-2013-0173
 	RESERVED
-CVE-2013-0172
-	RESERVED
+CVE-2013-0172 (Samba 4.0.x before 4.0.1, in certain Active Directory ...)
 	- samba4 <unfixed> (high)
 	- samba <not-affected> (Only affects Active Directory functionality)
 	NOTE: https://lists.samba.org/archive/samba-technical/2013-January/089911.html
@@ -3626,8 +3629,7 @@
 	[squeeze] - swi-prolog <no-dsa> (Minor issue)
 	NOTE: https://lists.iai.uni-bonn.de/pipermail/swi-prolog/2012/009428.html
 	NOTE: http://www.swi-prolog.org/git/pl.git/commitdiff/a9a6fc8a2a9cf3b9154b490a4b1ffaa8be4d723c
-CVE-2012-6088 [Signature checking function returned success on (possibly malicious) rpm packages]
-	RESERVED
+CVE-2012-6088 (The rpmpkgRead function in lib/package.c in RPM 4.10.x before 4.10.2 ...)
 	- rpm 4.10.1-2.1 (bug #697375)
 	[squeeze] - rpm <not-affected> (Introduced in rpm 4.10.0)
 	[wheezy] - rpm 4.10.0-5+deb7u1
@@ -4182,8 +4184,8 @@
 	RESERVED
 CVE-2012-5973 (CA XCOM Data Transport r11.0 and r11.5 on UNIX and Linux allows remote ...)
 	NOT-FOR-US: CA XCOM Data Transport
-CVE-2012-5972
-	RESERVED
+CVE-2012-5972 (Directory traversal vulnerability in the web server in SpecView 2.5 ...)
+	TODO: check
 CVE-2012-5971
 	RESERVED
 CVE-2012-5970 (The Huawei E585 device allows remote attackers to cause a denial of ...)
@@ -4394,8 +4396,8 @@
 	RESERVED
 CVE-2012-5876
 	RESERVED
-CVE-2012-5875
-	RESERVED
+CVE-2012-5875 (Firefly Media Server 1.0.0.1359 allows remote attackers to cause a ...)
+	TODO: check
 CVE-2012-5874 (Multiple SQL injection vulnerabilities in the (1) ...)
 	NOT-FOR-US: Elite Bulletin Board
 CVE-2012-5873
@@ -4978,8 +4980,7 @@
 	NOTE: http://framework.zend.com/security/advisory/ZF2012-05
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=889037
 	NOTE: http://secunia.com/advisories/51583
-CVE-2012-5656 [XXE via SVG rasterization]
-	RESERVED
+CVE-2012-5656 (The rasterization process in Inkscape before 0.48.4 allows local users ...)
 	- inkscape 0.48.3.1-1.2 (bug #696485)
 CVE-2012-5655 (The Context module 6.x-3.x before 6.x-3.1 and 7.x-3.x before ...)
 	NOT-FOR-US: Context module for Drupal
@@ -5333,8 +5334,7 @@
 	- linux <unfixed> (unimportant)
 	- linux-2.6 <not-affected> (userspace daemon not yet present)
 	NOTE: hyperv tools are not build in sid
-CVE-2012-5531
-	RESERVED
+CVE-2012-5531 (Multiple cross-site scripting (XSS) vulnerabilities in the GateIn ...)
 	NOT-FOR-US: GateIn Portal
 CVE-2012-5530 (The (1) pcmd and (2) pmlogger init scripts in Performance Co-Pilot ...)
 	- pcp <unfixed>
@@ -5582,8 +5582,8 @@
 	RESERVED
 CVE-2012-5445 (The kernel in Cisco Native Unix (CNU) on Cisco Unified IP Phone 7900 ...)
 	NOT-FOR-US: Cisco Native Unix
-CVE-2012-5444
-	RESERVED
+CVE-2012-5444 (Cisco TelePresence Video Communication Server (VCS) X7.0.3 does not ...)
+	TODO: check
 CVE-2012-5443
 	RESERVED
 CVE-2012-5442
@@ -5612,8 +5612,8 @@
 	RESERVED
 CVE-2012-5430
 	RESERVED
-CVE-2012-5429
-	RESERVED
+CVE-2012-5429 (The VPN driver in Cisco VPN Client on Windows does not properly ...)
+	TODO: check
 CVE-2012-5428
 	RESERVED
 CVE-2012-5427
@@ -5632,8 +5632,8 @@
 	RESERVED
 CVE-2012-5420
 	RESERVED
-CVE-2012-5419
-	RESERVED
+CVE-2012-5419 (Cisco Adaptive Security Appliance (ASA) software 8.7.1 and 8.7.1.1 for ...)
+	TODO: check
 CVE-2012-5418
 	RESERVED
 CVE-2012-5417 (Cisco Prime Data Center Network Manager (DCNM) before 6.1(1) does not ...)
@@ -7523,8 +7523,8 @@
 	NOT-FOR-US: Siemens Automation License Manager
 CVE-2012-4690 (Rockwell Automation Allen-Bradley MicroLogix controller 1100, 1200, ...)
 	NOT-FOR-US: Rockwell
-CVE-2012-4689
-	RESERVED
+CVE-2012-4689 (Integer overflow in CimWebServer.exe in GE Intelligent Platforms ...)
+	TODO: check
 CVE-2012-4688 (The Central application in i-GEN opLYNX before 2.01.9 allows remote ...)
 	NOT-FOR-US: Central application in i-GEN opLYNX
 CVE-2012-4687 (Post Oak AWAM Bluetooth Reader Traffic System does not use a ...)
@@ -7708,8 +7708,8 @@
 	NOT-FOR-US: EMC RSA NetWitness Informer
 CVE-2012-4608 (Cross-site request forgery (CSRF) vulnerability in the web interface ...)
 	NOT-FOR-US: EMC RSA NetWitness Informer
-CVE-2012-4607
-	RESERVED
+CVE-2012-4607 (Buffer overflow in nsrindexd in EMC NetWorker 7.5.x and 7.6.x before ...)
+	TODO: check
 CVE-2011-5127 (Directory traversal vulnerability in Blue Coat Reporter 9.x before ...)
 	NOT-FOR-US: Blue Coat
 CVE-2011-5126 (Blue Coat ProxySG 6.1 before SGOS 6.1.5.1 and 6.2 before SGOS 6.2.2.1 ...)
@@ -11306,8 +11306,8 @@
 	NOT-FOR-US: IBM InfoSphere Guardium
 CVE-2012-3311 (IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.45, 7.0 before ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2012-3310
-	RESERVED
+CVE-2012-3310 (IBM Tivoli Federated Identity Manager (TFIM) before 6.1.1.14, 6.2.0 ...)
+	TODO: check
 CVE-2012-3309 (Cross-site request forgery (CSRF) vulnerability in the ...)
 	NOT-FOR-US: IBM InfoSphere Guardium
 CVE-2012-3308 (Cross-site scripting (XSS) vulnerability in IBM Sametime 8.0.2 through ...)
@@ -14225,8 +14225,7 @@
 CVE-2012-2125
 	RESERVED
 	- rubygems 1.8.24-1 (bug #670228)
-CVE-2012-2124
-	RESERVED
+CVE-2012-2124 (functions/imap_general.php in SquirrelMail, as used in Red Hat ...)
 	- squirrelmail <not-affected> (Incorrect RedHat security update)
 CVE-2012-2123 (The cap_bprm_set_creds function in security/commoncap.c in the Linux ...)
 	{DSA-2469-1}

More information about the Secure-testing-commits mailing list