[Secure-testing-commits] r23150 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Tue Jul 30 21:14:23 UTC 2013
Author: joeyh
Date: 2013-07-30 21:14:23 +0000 (Tue, 30 Jul 2013)
New Revision: 23150
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-07-30 19:32:56 UTC (rev 23149)
+++ data/CVE/list 2013-07-30 21:14:23 UTC (rev 23150)
@@ -1,3 +1,135 @@
+CVE-2013-5017
+ RESERVED
+CVE-2013-5016
+ RESERVED
+CVE-2013-5015
+ RESERVED
+CVE-2013-5014
+ RESERVED
+CVE-2013-5013
+ RESERVED
+CVE-2013-5012
+ RESERVED
+CVE-2013-5011
+ RESERVED
+CVE-2013-5010
+ RESERVED
+CVE-2013-5009
+ RESERVED
+CVE-2013-5008
+ RESERVED
+CVE-2013-5007
+ RESERVED
+CVE-2013-5006
+ RESERVED
+CVE-2013-5005
+ RESERVED
+CVE-2013-5004
+ RESERVED
+CVE-2013-4994
+ RESERVED
+CVE-2013-4993
+ RESERVED
+CVE-2013-4992
+ RESERVED
+CVE-2013-4991
+ RESERVED
+CVE-2013-4990
+ RESERVED
+CVE-2013-4989
+ RESERVED
+CVE-2013-4988
+ RESERVED
+CVE-2013-4987
+ RESERVED
+CVE-2013-4986
+ RESERVED
+CVE-2013-4985
+ RESERVED
+CVE-2013-4984
+ RESERVED
+CVE-2013-4983
+ RESERVED
+CVE-2013-4982
+ RESERVED
+CVE-2013-4981
+ RESERVED
+CVE-2013-4980
+ RESERVED
+CVE-2013-4979
+ RESERVED
+CVE-2013-4978
+ RESERVED
+CVE-2013-4977
+ RESERVED
+CVE-2013-4976
+ RESERVED
+CVE-2013-4975
+ RESERVED
+CVE-2013-4974
+ RESERVED
+CVE-2013-4973
+ RESERVED
+CVE-2013-4972
+ RESERVED
+CVE-2013-4971
+ RESERVED
+CVE-2013-4970
+ RESERVED
+CVE-2013-4969
+ RESERVED
+CVE-2013-4968
+ RESERVED
+CVE-2013-4967
+ RESERVED
+CVE-2013-4966
+ RESERVED
+CVE-2013-4965
+ RESERVED
+CVE-2013-4964
+ RESERVED
+CVE-2013-4963
+ RESERVED
+CVE-2013-4962
+ RESERVED
+CVE-2013-4961
+ RESERVED
+CVE-2013-4960
+ RESERVED
+CVE-2013-4959
+ RESERVED
+CVE-2013-4958
+ RESERVED
+CVE-2013-4957
+ RESERVED
+CVE-2013-4956
+ RESERVED
+CVE-2013-4955
+ RESERVED
+CVE-2013-4954 (Multiple cross-site scripting (XSS) vulnerabilities in wp-login.php in ...)
+ TODO: check
+CVE-2013-4953 (SQL injection vulnerability in play.php in Top Games Script 1.2 allows ...)
+ TODO: check
+CVE-2013-4952 (SQL injection vulnerability in functions/global.php in Elemata CMS RC ...)
+ TODO: check
+CVE-2013-4951 (Multiple cross-site scripting (XSS) vulnerabilities in Mintboard 0.3 ...)
+ TODO: check
+CVE-2013-4950 (Cross-site scripting (XSS) vulnerability in view.php in Machform 2 ...)
+ TODO: check
+CVE-2013-4949 (Unrestricted file upload vulnerability in view.php in Machform 2 ...)
+ TODO: check
+CVE-2013-4948 (SQL injection vulnerability in view.php in Machform 2 allows remote ...)
+ TODO: check
+CVE-2013-4947 (Unspecified vulnerability in the update and build database page in ...)
+ TODO: check
+CVE-2013-4946 (Multiple cross-site scripting (XSS) vulnerabilities in BMC Service ...)
+ TODO: check
+CVE-2013-4945 (Multiple SQL injection vulnerabilities in BMC Service Desk Express ...)
+ TODO: check
+CVE-2013-4944 (Cross-site scripting (XSS) vulnerability in the BuddyPress Extended ...)
+ TODO: check
+CVE-2013-4943
+ RESERVED
CVE-2013-4942 (Cross-site scripting (XSS) vulnerability in flashuploader.swf in the ...)
- moodle 2.5.1-1
[squeeze] - moodle <not-affected> (Vulnerable code not present)
@@ -14,101 +146,93 @@
- moodle 2.5.1-1
[squeeze] - moodle <not-affected> (Vulnerable code not present)
CVE-2013-4995 [http://www.phpmyadmin.net/home_page/security/PMASA-2013-8.php]
+ RESERVED
- phpmyadmin 4:4.0.4.2-1 (low)
CVE-2013-4996 [PMASA-2013-9, PMASA-2013-11]
+ RESERVED
- phpmyadmin 4:4.0.4.2-1
CVE-2013-4997 [PMASA-2013-9]
+ RESERVED
- phpmyadmin 4:4.0.4.2-1
CVE-2013-4998 [PMASA-2013-12]
+ RESERVED
- phpmyadmin 4:4.0.4.2-1 (unimportant)
NOTE: Full path disclosure irrelevant in Debian packages
CVE-2013-4999 [PMASA-2013-12]
+ RESERVED
- phpmyadmin 4:4.0.4.2-1 (unimportant)
NOTE: Full path disclosure irrelevant in Debian packages
CVE-2013-5000 [PMASA-2013-12]
+ RESERVED
- phpmyadmin 4:4.0.4.2-1 (unimportant)
NOTE: Full path disclosure irrelevant in Debian packages
CVE-2013-5001 [PMASA-2013-13]
+ RESERVED
- phpmyadmin 4:4.0.4.2-1 (low)
[squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
CVE-2013-5002 [PMASA-2013-14]
+ RESERVED
- phpmyadmin 4:4.0.4.2-1 (low)
CVE-2013-5003 [PMASA-2013-15]
+ RESERVED
- phpmyadmin 4:4.0.4.2-1
CVE-2013-4937 (Multiple unspecified vulnerabilities in the AiCloud feature on the ...)
NOT-FOR-US: Asus firmware
-CVE-2013-4936 [PROFINET Real-Time dissector crash]
- RESERVED
+CVE-2013-4936 (The IsDFP_Frame function in plugins/profinet/packet-pn-rt.c in the ...)
- wireshark 1.10.1-1
[wheezy] - wireshark <not-affected> (Only affects 1.10.x)
[squeeze] - wireshark <not-affected> (Only affects 1.10.x)
-CVE-2013-4935 [ASN.1 PER dissector crash]
- RESERVED
+CVE-2013-4935 (The dissect_per_length_determinant function in ...)
- wireshark 1.10.1-1
-CVE-2013-4934 [Netmon file parser crash]
- RESERVED
+CVE-2013-4934 (The netmon_open function in wiretap/netmon.c in the Netmon file parser ...)
- wireshark 1.10.1-1
-CVE-2013-4933 [Netmon file parser crash]
- RESERVED
+CVE-2013-4933 (The netmon_open function in wiretap/netmon.c in the Netmon file parser ...)
- wireshark 1.10.1-1
-CVE-2013-4932 [GSM A Common dissector crash]
- RESERVED
+CVE-2013-4932 (Multiple array index errors in epan/dissectors/packet-gsm_a_common.c ...)
- wireshark 1.10.1-1
-CVE-2013-4931 [GSM RR dissector (and possibly others) could go into a large loop]
- RESERVED
+CVE-2013-4931 (epan/proto.c in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 ...)
- wireshark 1.10.1-1 (unimportant)
NOTE: Not suitable for code injection
-CVE-2013-4930 [DVB-CI dissector crash]
- RESERVED
+CVE-2013-4930 (The dissect_dvbci_tpdu_hdr function in epan/dissectors/packet-dvbci.c ...)
- wireshark 1.10.1-1
[squeeze] - wireshark <not-affected> (Affected dissector not yet present)
-CVE-2013-4929 [DIS dissector could go into a large loop]
- RESERVED
+CVE-2013-4929 (The parseFields function in epan/dissectors/packet-dis-pdus.c in the ...)
- wireshark 1.10.1-1 (unimportant)
NOTE: Not suitable for code injection
-CVE-2013-4928 [Bluetooth OBEX dissector could go into an infinite loop]
- RESERVED
+CVE-2013-4928 (Integer signedness error in the dissect_headers function in ...)
- wireshark 1.10.1-1 (unimportant)
[wheezy] - wireshark <not-affected> (Only affects 1.10.x)
[squeeze] - wireshark <not-affected> (Only affects 1.10.x)
NOTE: Not suitable for code injection
-CVE-2013-4927 [Bluetooth SDP dissector could go into a large loop]
- RESERVED
+CVE-2013-4927 (Integer signedness error in the get_type_length function in ...)
- wireshark 1.10.1-1 (unimportant)
NOTE: Not suitable for code injection
-CVE-2013-4926 [DCOM ISystemActivator dissector crash]
- RESERVED
+CVE-2013-4926 (epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator ...)
- wireshark 1.10.1-1
[wheezy] - wireshark <not-affected> (Only affects 1.10.x)
[squeeze] - wireshark <not-affected> (Only affects 1.10.x)
-CVE-2013-4925 [DCOM ISystemActivator dissector crash]
- RESERVED
+CVE-2013-4925 (Integer signedness error in epan/dissectors/packet-dcom-sysact.c in ...)
- wireshark 1.10.1-1
[wheezy] - wireshark <not-affected> (Only affects 1.10.x)
[squeeze] - wireshark <not-affected> (Only affects 1.10.x)
-CVE-2013-4924 [DCOM ISystemActivator dissector crash]
- RESERVED
+CVE-2013-4924 (epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator ...)
- wireshark 1.10.1-1
[wheezy] - wireshark <not-affected> (Only affects 1.10.x)
[squeeze] - wireshark <not-affected> (Only affects 1.10.x)
-CVE-2013-4923 [DCOM ISystemActivator dissector crash]
- RESERVED
+CVE-2013-4923 (Memory leak in the dissect_dcom_ActivationProperties function in ...)
- wireshark 1.10.1-1
[wheezy] - wireshark <not-affected> (Only affects 1.10.x)
[squeeze] - wireshark <not-affected> (Only affects 1.10.x)
-CVE-2013-4922 [DCOM ISystemActivator dissector crash]
- RESERVED
+CVE-2013-4922 (Double free vulnerability in the dissect_dcom_ActivationProperties ...)
- wireshark 1.10.1-1
[wheezy] - wireshark <not-affected> (Only affects 1.10.x)
[squeeze] - wireshark <not-affected> (Only affects 1.10.x)
-CVE-2013-4921 [Radiotap dissector crash]
- RESERVED
+CVE-2013-4921 (Off-by-one error in the dissect_radiotap function in ...)
- wireshark 1.10.1-1
[wheezy] - wireshark <not-affected> (Only affects 1.10.x)
[squeeze] - wireshark <not-affected> (Only affects 1.10.x)
-CVE-2013-4920 [P1 dissector crash]
- RESERVED
+CVE-2013-4920 (The P1 dissector in Wireshark 1.10.x before 1.10.1 does not properly ...)
- wireshark 1.10.1-1
[wheezy] - wireshark <not-affected> (Only affects 1.10.x)
[squeeze] - wireshark <not-affected> (Only affects 1.10.x)
@@ -1797,8 +1921,7 @@
NOTE: Should be REJECTED, see CVE-2013-3969
CVE-2013-4141
REJECTED
-CVE-2013-4140 [Cross Site Scripting]
- RESERVED
+CVE-2013-4140 (Cross-site scripting (XSS) vulnerability in the TinyBox (Simple ...)
NOT-FOR-US: TinyBox Drupal contributed module
CVE-2013-4139 [Denial of Service]
RESERVED
@@ -3296,8 +3419,7 @@
RESERVED
CVE-2013-3516
RESERVED
-CVE-2013-3515
- RESERVED
+CVE-2013-3515 (Multiple cross-site scripting (XSS) vulnerabilities in OpenX Source ...)
NOT-FOR-US: OpenX
CVE-2013-3514
RESERVED
@@ -6585,8 +6707,7 @@
RESERVED
- monkey <removed> (low)
[squeeze] - monkey <no-dsa> (Minor issue)
-CVE-2013-2181 [XSS on Monkey HTTPD - dirlisting plugin]
- RESERVED
+CVE-2013-2181 (Cross-site scripting (XSS) vulnerability in the Directory Listing ...)
- monkey <removed> (low)
[squeeze] - monkey <no-dsa> (Minor issue)
CVE-2013-2180
@@ -10978,8 +11099,8 @@
RESERVED
CVE-2013-0724
RESERVED
-CVE-2013-0723
- RESERVED
+CVE-2013-0723 (Multiple heap-based buffer overflows in etxrw.dll in Kingsoft ...)
+ TODO: check
CVE-2013-0722 (Stack-based buffer overflow in the scan_load_hosts function in ...)
- ettercap 1:0.7.5.1-2 (low; bug #697987)
[squeeze] - ettercap 1:0.7.3-2.1+squeeze1
More information about the Secure-testing-commits
mailing list