[Secure-testing-commits] r23014 - data/CVE

Joey Hess joeyh at alioth.debian.org
Fri Jul 19 21:14:22 UTC 2013 

Author: joeyh
Date: 2013-07-19 21:14:22 +0000 (Fri, 19 Jul 2013)
New Revision: 23014

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-07-19 21:00:34 UTC (rev 23013)
+++ data/CVE/list	2013-07-19 21:14:22 UTC (rev 23014)
@@ -1,3 +1,17 @@
+CVE-2013-4878 (The default configuration of Parallels Plesk Panel 9.0.x and 9.2.x on ...)
+	TODO: check
+CVE-2013-4877 (The Verizon Wireless Network Extender SCS-26UC4 and SCS-2U01 does not ...)
+	TODO: check
+CVE-2013-4876 (The Verizon Wireless Network Extender SCS-2U01 has a hardcoded ...)
+	TODO: check
+CVE-2013-4875 (The Uboot bootloader on the Verizon Wireless Network Extender SCS-2U01 ...)
+	TODO: check
+CVE-2013-4874 (The Uboot bootloader on the Verizon Wireless Network Extender ...)
+	TODO: check
+CVE-2013-4873 (The Yahoo! Tumblr app before 3.4.1 for iOS sends cleartext ...)
+	TODO: check
+CVE-2013-4872 (Google Glass before XE6 does not properly restrict the processing of ...)
+	TODO: check
 CVE-2013-4871 (Cross-site request forgery (CSRF) vulnerability in the TEQneers SEO ...)
 	TODO: check
 CVE-2013-4870 (SQL injection vulnerability in the News Search (news_search) extension ...)
@@ -178,14 +192,14 @@
 	NOTE: Design flaw in the IPMI 2.0 specification. Any correctly implemented device is vulnerable.
 CVE-2013-4784 (The HP Integrated Lights-Out (iLO) BMC implementation allows remote ...)
 	NOT-FOR-US: HP IPMI device
-CVE-2013-4781
-	RESERVED
-CVE-2013-4780
-	RESERVED
-CVE-2013-4779
-	RESERVED
-CVE-2013-4778
-	RESERVED
+CVE-2013-4781 (core/getLog.php on the Siemens Enterprise OpenScape Branch appliance ...)
+	TODO: check
+CVE-2013-4780 (core/getLog.php on the Siemens Enterprise OpenScape Branch appliance ...)
+	TODO: check
+CVE-2013-4779 (Cross-site scripting (XSS) vulnerability in core/handleTw.php on the ...)
+	TODO: check
+CVE-2013-4778 (core/getLog.php on the Siemens Enterprise OpenScape Branch appliance ...)
+	TODO: check
 CVE-2013-4777
 	RESERVED
 CVE-2013-4776
@@ -429,8 +443,7 @@
 	RESERVED
 CVE-2013-4670
 	RESERVED
-CVE-2013-4668 [path sanitization errors]
-	RESERVED
+CVE-2013-4668 (Directory traversal vulnerability in File Roller 3.6.x before 3.6.4, ...)
 	- file-roller 3.8.3-1
 	[squeeze] - file-roller <not-affected> (Doesn't use libarchive)
 	[wheezy] - file-roller <not-affected> (Doesn't use libarchive)
@@ -1523,7 +1536,7 @@
 	RESERVED
 	- mongodb <unfixed> (high; bug #717173)
 CVE-2013-4141
-	RESERVED
+	REJECTED
 CVE-2013-4140
 	RESERVED
 CVE-2013-4139
@@ -1891,8 +1904,8 @@
 	RESERVED
 CVE-2013-4012
 	RESERVED
-CVE-2013-4011
-	RESERVED
+CVE-2013-4011 (Multiple unspecified vulnerabilities in the InfiniBand subsystem in ...)
+	TODO: check
 CVE-2013-4010
 	RESERVED
 CVE-2013-4009
@@ -2659,8 +2672,8 @@
 	RESERVED
 CVE-2013-3666 (The LG Hidden Menu component for Android on the LG Optimus G E973 ...)
 	NOT-FOR-US: LG Hidden Menu
-CVE-2013-3665
-	RESERVED
+CVE-2013-3665 (Unspecified vulnerability in Autodesk AutoCAD through 2014, AutoCAD LT ...)
+	TODO: check
 CVE-2013-3664
 	RESERVED
 CVE-2013-3663
@@ -3172,8 +3185,8 @@
 	RESERVED
 CVE-2013-3437
 	RESERVED
-CVE-2013-3436
-	RESERVED
+CVE-2013-3436 (The default configuration of the Group Encrypted Transport VPN (GET ...)
+	TODO: check
 CVE-2013-3435
 	RESERVED
 CVE-2013-3434 (Untrusted search path vulnerability in Cisco Unified Communications ...)
@@ -3518,11 +3531,9 @@
 	RESERVED
 CVE-2013-3276
 	RESERVED
-CVE-2013-3275
-	RESERVED
+CVE-2013-3275 (EMC Avamar Server and Avamar Virtual Edition before 7.0 on Data Store ...)
 	NOT-FOR-US: EMC
-CVE-2013-3274
-	RESERVED
+CVE-2013-3274 (EMC Avamar Server and Avamar Virtual Edition before 7.0 on Data Store ...)
 	NOT-FOR-US: EMC
 CVE-2013-3273 (EMC RSA Authentication Manager 8.0 before P2 and 7.1 before SP4 P26, ...)
 	NOT-FOR-US: EMC
@@ -8261,8 +8272,8 @@
 	NOT-FOR-US: Symantec
 CVE-2013-1607
 	RESERVED
-CVE-2013-1606
-	RESERVED
+CVE-2013-1606 (Buffer overflow in the ubnt-streamer RTSP service on the Ubiquiti UBNT ...)
+	TODO: check
 CVE-2013-1605
 	RESERVED
 CVE-2013-1604
@@ -11160,8 +11171,7 @@
 	RESERVED
 CVE-2013-0560 (Multiple SQL injection vulnerabilities in IBM Sterling B2B Integrator ...)
 	NOT-FOR-US: IBM
-CVE-2013-0559
-	RESERVED
+CVE-2013-0559 (Unspecified vulnerability in IBM API Management 2.0 before 2.0.0.1 ...)
 	NOT-FOR-US: IBM
 CVE-2013-0558 (IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 ...)
 	NOT-FOR-US: IBM
@@ -11533,8 +11543,8 @@
 	RESERVED
 CVE-2012-6350 (Cross-site scripting (XSS) vulnerability in the Web component in IBM ...)
 	NOT-FOR-US: IBM Cognos TM1
-CVE-2012-6349
-	RESERVED
+CVE-2012-6349 (Buffer overflow in the .mdb parser in Autonomy KeyView IDOL, as used ...)
+	TODO: check
 CVE-2012-6348 (Centrify Deployment Manager 2.1.0.283, as distributed in Centrify ...)
 	NOT-FOR-US: Centrify
 CVE-2012-6347
@@ -20691,8 +20701,7 @@
 	RESERVED
 	- plpupload <itp> (bug #668396)
 	- wordpress 3.3.2
-CVE-2012-3414 [libjs-swfupload, wordpress: XSS vulnerability]
-	RESERVED
+CVE-2012-3414 (Cross-site scripting (XSS) vulnerability in swfupload.swf in SWFUpload ...)
 	- libjs-swfupload 2.2.0.1+ds1-2 (low; bug #681323)
 	- wordpress 3.5.1+dfsg-1 (bug #698934)
 	NOTE: https://nealpoole.com/blog/2012/05/xss-and-csrf-via-swf-applets-swfupload-plupload/
@@ -23164,7 +23173,7 @@
 CVE-2012-2400 (Unspecified vulnerability in wp-includes/js/swfobject.js in WordPress ...)
 	{DSA-2470-1}
 	- wordpress 3.3.2+dfsg-1 (bug #670124)
-CVE-2012-2399 (Unspecified vulnerability in wp-includes/js/swfupload/swfupload.swf in ...)
+CVE-2012-2399 (Cross-site scripting (XSS) vulnerability in swfupload.swf in SWFupload ...)
 	{DSA-2470-1}
 	- wordpress 3.3.2+dfsg-1 (bug #670124)
 CVE-2010-5136

More information about the Secure-testing-commits mailing list