[Secure-testing-commits] r22918 - data/CVE

Joey Hess joeyh at alioth.debian.org
Thu Jul 11 21:14:25 UTC 2013 

Author: joeyh
Date: 2013-07-11 21:14:25 +0000 (Thu, 11 Jul 2013)
New Revision: 22918

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-07-11 20:46:01 UTC (rev 22917)
+++ data/CVE/list	2013-07-11 21:14:25 UTC (rev 22918)
@@ -1,3 +1,7 @@
+CVE-2013-4789
+	RESERVED
+CVE-2013-4788
+	RESERVED
 CVE-2013-4787 (Android 1.6 Donut through 4.2 Jelly Bean does not properly check ...)
 	TODO: check
 CVE-2013-4786 (The IPMI 2.0 specification supports RMCP+ Authenticated Key-Exchange ...)
@@ -2595,8 +2599,8 @@
 	NOT-FOR-US: Choice Wireless Green Packet WIXFMR-111 4G WiMax modem
 CVE-2013-3580
 	RESERVED
-CVE-2013-3579
-	RESERVED
+CVE-2013-3579 (The Lookout Mobile Security application before 8.17-8a39d3f for ...)
+	TODO: check
 CVE-2013-3578
 	RESERVED
 CVE-2013-3577
@@ -2954,8 +2958,8 @@
 	RESERVED
 CVE-2013-3417
 	RESERVED
-CVE-2013-3416
-	RESERVED
+CVE-2013-3416 (Cross-site scripting (XSS) vulnerability in the web framework in the ...)
+	TODO: check
 CVE-2013-3415
 	RESERVED
 CVE-2013-3414
@@ -2970,14 +2974,14 @@
 	RESERVED
 CVE-2013-3409
 	RESERVED
-CVE-2013-3408
-	RESERVED
+CVE-2013-3408 (The firmware on Cisco Virtualization Experience Client 6000 devices ...)
+	TODO: check
 CVE-2013-3407
 	RESERVED
 CVE-2013-3406
 	RESERVED
-CVE-2013-3405
-	RESERVED
+CVE-2013-3405 (The web portal in TC software on Cisco TelePresence endpoints does not ...)
+	TODO: check
 CVE-2013-3404
 	RESERVED
 CVE-2013-3403
@@ -2986,8 +2990,8 @@
 	RESERVED
 CVE-2013-3401 (The SIP implementation in Cisco TelePresence TC Software allows remote ...)
 	NOT-FOR-US: Cisco
-CVE-2013-3400
-	RESERVED
+CVE-2013-3400 (The license-installation module in Cisco NX-OS on Nexus 1000V devices ...)
+	TODO: check
 CVE-2013-3399 (Buffer overflow in an unspecified Android API on the Cisco Desktop ...)
 	NOT-FOR-US: Cisco
 CVE-2013-3398 (The web framework in Cisco Prime Central for Hosted Collaboration ...)
@@ -3340,8 +3344,7 @@
 	- ffmpeg <removed>
 	NOTE: ffmpeg commit: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=e70c5b034c4787377e82cab2d5565486baec0c2a
 	NOTE: libav commit: http://git.libav.org/?p=libav.git;a=commit;h=e70c5b034c4787377e82cab2d5565486baec0c2a
-CVE-2013-3245
-	RESERVED
+CVE-2013-3245 (** DISPUTED ** plugins/demux/libmkv_plugin.dll in VideoLAN VLC Media ...)
 	- vlc <unfixed> (unimportant)
 	NOTE: Harmless crasher
 	NOTE: http://git.videolan.org/?p=vlc.git;a=commit;h=59c9e8309d5b435a2d85c2c9eaae979ba56ccdd9
@@ -4358,12 +4361,12 @@
 	RESERVED
 CVE-2013-2787
 	RESERVED
-CVE-2013-2786
-	RESERVED
+CVE-2013-2786 (Alstom Grid MiCOM S1 Agile before 1.0.3 and Alstom Grid MiCOM S1 ...)
+	TODO: check
 CVE-2013-2785
 	RESERVED
-CVE-2013-2784
-	RESERVED
+CVE-2013-2784 (Triangle Research International (aka Tri) Nano-10 PLC devices with ...)
+	TODO: check
 CVE-2013-2783 (The DNP3 driver in IOServer drivers 1.0.19.0 allows remote attackers ...)
 	NOT-FOR-US: IOServer DNP3 drivers
 CVE-2013-2782
@@ -5494,8 +5497,8 @@
 	RESERVED
 CVE-2013-2353
 	RESERVED
-CVE-2013-2352
-	RESERVED
+CVE-2013-2352 (LeftHand OS (aka SAN iQ) 10.5 and earlier on HP StoreVirtual Storage ...)
+	TODO: check
 CVE-2013-2351
 	RESERVED
 CVE-2013-2350
@@ -6194,8 +6197,7 @@
 	{DSA-2697-1}
 	- gnutls26 2.12.23-5 (bug #709301)
 	[squeeze] - gnutls26 <not-affected> (vulnerable code not backported)
-CVE-2013-2115 [incomplete fix for CVE-2013-1966]
-	RESERVED
+CVE-2013-2115 (Apache Struts 2 before 2.3.14.2 allows remote attackers to execute ...)
 	- libstruts1.2-java <not-affected> (Only affects Struts 2)
 CVE-2013-2114 [mediawiki chunked uploads allow arbitrary data to be dropped on the server]
 	RESERVED
@@ -6740,11 +6742,9 @@
 	RESERVED
 	- owncloud <not-affected> (Vulnerable code not present)
 	NOTE: oC >= 4.5 only
-CVE-2013-1966
-	RESERVED
+CVE-2013-1966 (Apache Struts 2 before 2.3.14.1 allows remote attackers to execute ...)
 	- libstruts1.2-java <not-affected> (Only affects Struts 2)
-CVE-2013-1965
-	RESERVED
+CVE-2013-1965 (Apache Struts Showcase App 2.0.0 through 2.3.13, as used in Struts 2 ...)
 	- libstruts1.2-java <not-affected> (Only affects Struts 2)
 CVE-2013-1964 (Xen 4.0.x and 4.1.x incorrectly releases a grant reference when ...)
 	{DSA-2666-1}
@@ -6779,8 +6779,7 @@
 CVE-2013-1955
 	RESERVED
 	NOT-FOR-US: Easy PHP Calendar
-CVE-2013-1954 [Buffer Overflow in ASF Demuxer]
-	RESERVED
+CVE-2013-1954 (The ASF Demuxer (modules/demux/asf/asf.c) in VideoLAN VLC media player ...)
 	- vlc 2.0.6-1 (bug #705136)
 	NOTE: http://www.videolan.org/security/sa1302.html
 CVE-2013-1953 [stack-based buffer overflow in bmp parser]
@@ -6988,8 +6987,7 @@
 	- 389-ds-base <unfixed> (bug #704421)
 	NOTE: http://git.fedorahosted.org/cgit/389/ds.git/commit/?h=389-ds-base-1.2.11&id=5a18c828533a670e7143327893f8171a19062286
 	NOTE: https://fedorahosted.org/389/ticket/47308
-CVE-2013-1896 [mod_dav DoS]
-	RESERVED
+CVE-2013-1896 (mod_dav.c in the Apache HTTP Server before 2.2.25 does not properly ...)
 	- apache2 <unfixed>
 	NOTE: http://www.gossamer-threads.com/lists/apache/announce/427633
 CVE-2013-1895 [concurrency issue leading to auth bypass]
@@ -7081,8 +7079,7 @@
 	RESERVED
 CVE-2013-1869
 	RESERVED
-CVE-2013-1868 [VLC Buffer overflows]
-	RESERVED
+CVE-2013-1868 (Multiple buffer overflows in VideoLAN VLC media player 2.0.4 and ...)
 	- vlc 2.0.5-1
 	NOTE: http://www.videolan.org/security/sa1301.html
 CVE-2013-1867
@@ -9104,8 +9101,8 @@
 	NOT-FOR-US: Cisco Unified Communications Manager
 CVE-2013-1133 (Cisco Unified Communications Manager (CUCM) 8.6 before 8.6(2a)su2, 8.6 ...)
 	NOT-FOR-US: Cisco Unified Communications Manager
-CVE-2013-1132
-	RESERVED
+CVE-2013-1132 (Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unified ...)
+	TODO: check
 CVE-2013-1131 (Cisco Small Business Wireless Access Points WAP200, WAP2000, WAP200E, ...)
 	NOT-FOR-US: Cisco Small Business Wireless Access Points
 CVE-2013-1130
@@ -13685,8 +13682,7 @@
 	RESERVED
 CVE-2012-5856 (Cross-site scripting (XSS) vulnerability in the Uk Cookie (aka ...)
 	NOT-FOR-US: Wordpress plugin (uk cookie)
-CVE-2012-5855
-	RESERVED
+CVE-2012-5855 (The SHAddToRecentDocs function in VideoLAN VLC media player 2.0.4 and ...)
 	- vlc <unfixed> (unimportant)
 	NOTE: Harmless crasher without security relevance
 CVE-2012-5853

More information about the Secure-testing-commits mailing list