[Secure-testing-commits] r22507 - data/CVE

Wed Jun 5 21:14:29 UTC 2013

Author: joeyh
Date: 2013-06-05 21:14:29 +0000 (Wed, 05 Jun 2013)
New Revision: 22507

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2013-06-05 20:58:06 UTC (rev 22506)
+++ data/CVE/list	2013-06-05 21:14:29 UTC (rev 22507)
@@ -1,4 +1,435 @@
+CVE-2013-3955 (The get_xattrinfo function in the XNU kernel in Apple iOS 5.x and 6.x ...)
+	TODO: check
+CVE-2013-3954 (The posix_spawn system call in the XNU kernel in Apple Mac OS X 10.8.x ...)
+	TODO: check
+CVE-2013-3953 (The mach_port_space_info function in osfmk/ipc/mach_debug.c in the XNU ...)
+	TODO: check
+CVE-2013-3952 (The fill_pipeinfo function in bsd/kern/sys_pipe.c in the XNU kernel in ...)
+	TODO: check
+CVE-2013-3951 (sys/openbsd/stack_protector.c in libc in Apple iOS 6.1.3 and Mac OS X ...)
+	TODO: check
+CVE-2013-3950 (Stack-based buffer overflow in the openSharedCacheFile function in ...)
+	TODO: check
+CVE-2013-3949 (The posix_spawn system call in the XNU kernel in Apple Mac OS X 10.8.x ...)
+	TODO: check
+CVE-2013-3948 (Apple iOS 6.1.3 does not follow redirects during determination of the ...)
+	TODO: check
+CVE-2013-3947
+	RESERVED
+CVE-2013-3946
+	RESERVED
+CVE-2013-3945
+	RESERVED
+CVE-2013-3944
+	RESERVED
+CVE-2013-3943
+	RESERVED
+CVE-2013-3942
+	RESERVED
+CVE-2013-3941
+	RESERVED
+CVE-2013-3940
+	RESERVED
+CVE-2013-3939
+	RESERVED
+CVE-2013-3938
+	RESERVED
+CVE-2013-3937
+	RESERVED
+CVE-2013-3936
+	RESERVED
+CVE-2013-3935
+	RESERVED
+CVE-2013-3934
+	RESERVED
+CVE-2013-3933
+	RESERVED
+CVE-2013-3932
+	RESERVED
+CVE-2013-3931
+	RESERVED
+CVE-2013-3930
+	RESERVED
+CVE-2013-3929
+	RESERVED
+CVE-2013-3928
+	RESERVED
+CVE-2013-3927
+	RESERVED
+CVE-2013-3926
+	RESERVED
+CVE-2013-3925
+	RESERVED
+CVE-2013-3924
+	RESERVED
+CVE-2013-3923
+	RESERVED
+CVE-2013-3922
+	RESERVED
+CVE-2013-3921
+	RESERVED
+CVE-2013-3920
+	RESERVED
+CVE-2013-3918
+	RESERVED
+CVE-2013-3917
+	RESERVED
+CVE-2013-3916
+	RESERVED
+CVE-2013-3915
+	RESERVED
+CVE-2013-3914
+	RESERVED
+CVE-2013-3913
+	RESERVED
+CVE-2013-3912
+	RESERVED
+CVE-2013-3911
+	RESERVED
+CVE-2013-3910
+	RESERVED
+CVE-2013-3909
+	RESERVED
+CVE-2013-3908
+	RESERVED
+CVE-2013-3907
+	RESERVED
+CVE-2013-3906
+	RESERVED
+CVE-2013-3905
+	RESERVED
+CVE-2013-3904
+	RESERVED
+CVE-2013-3903
+	RESERVED
+CVE-2013-3902
+	RESERVED
+CVE-2013-3901
+	RESERVED
+CVE-2013-3900
+	RESERVED
+CVE-2013-3899
+	RESERVED
+CVE-2013-3898
+	RESERVED
+CVE-2013-3897
+	RESERVED
+CVE-2013-3896
+	RESERVED
+CVE-2013-3895
+	RESERVED
+CVE-2013-3894
+	RESERVED
+CVE-2013-3893
+	RESERVED
+CVE-2013-3892
+	RESERVED
+CVE-2013-3891
+	RESERVED
+CVE-2013-3890
+	RESERVED
+CVE-2013-3889
+	RESERVED
+CVE-2013-3888
+	RESERVED
+CVE-2013-3887
+	RESERVED
+CVE-2013-3886
+	RESERVED
+CVE-2013-3885
+	RESERVED
+CVE-2013-3884
+	RESERVED
+CVE-2013-3883
+	RESERVED
+CVE-2013-3882
+	RESERVED
+CVE-2013-3881
+	RESERVED
+CVE-2013-3880
+	RESERVED
+CVE-2013-3879
+	RESERVED
+CVE-2013-3878
+	RESERVED
+CVE-2013-3877
+	RESERVED
+CVE-2013-3876
+	RESERVED
+CVE-2013-3875
+	RESERVED
+CVE-2013-3874
+	RESERVED
+CVE-2013-3873
+	RESERVED
+CVE-2013-3872
+	RESERVED
+CVE-2013-3871
+	RESERVED
+CVE-2013-3870
+	RESERVED
+CVE-2013-3869
+	RESERVED
+CVE-2013-3868
+	RESERVED
+CVE-2013-3867
+	RESERVED
+CVE-2013-3866
+	RESERVED
+CVE-2013-3865
+	RESERVED
+CVE-2013-3864
+	RESERVED
+CVE-2013-3863
+	RESERVED
+CVE-2013-3862
+	RESERVED
+CVE-2013-3861
+	RESERVED
+CVE-2013-3860
+	RESERVED
+CVE-2013-3859
+	RESERVED
+CVE-2013-3858
+	RESERVED
+CVE-2013-3857
+	RESERVED
+CVE-2013-3856
+	RESERVED
+CVE-2013-3855
+	RESERVED
+CVE-2013-3854
+	RESERVED
+CVE-2013-3853
+	RESERVED
+CVE-2013-3852
+	RESERVED
+CVE-2013-3851
+	RESERVED
+CVE-2013-3850
+	RESERVED
+CVE-2013-3849
+	RESERVED
+CVE-2013-3848
+	RESERVED
+CVE-2013-3847
+	RESERVED
+CVE-2013-3846
+	RESERVED
+CVE-2013-3845
+	RESERVED
+CVE-2013-3844
+	RESERVED
+CVE-2013-3842
+	RESERVED
+CVE-2013-3841
+	RESERVED
+CVE-2013-3840
+	RESERVED
+CVE-2013-3839
+	RESERVED
+CVE-2013-3838
+	RESERVED
+CVE-2013-3837
+	RESERVED
+CVE-2013-3836
+	RESERVED
+CVE-2013-3835
+	RESERVED
+CVE-2013-3834
+	RESERVED
+CVE-2013-3833
+	RESERVED
+CVE-2013-3832
+	RESERVED
+CVE-2013-3831
+	RESERVED
+CVE-2013-3830
+	RESERVED
+CVE-2013-3829
+	RESERVED
+CVE-2013-3828
+	RESERVED
+CVE-2013-3827
+	RESERVED
+CVE-2013-3826
+	RESERVED
+CVE-2013-3825
+	RESERVED
+CVE-2013-3824
+	RESERVED
+CVE-2013-3823
+	RESERVED
+CVE-2013-3822
+	RESERVED
+CVE-2013-3821
+	RESERVED
+CVE-2013-3820
+	RESERVED
+CVE-2013-3819
+	RESERVED
+CVE-2013-3818
+	RESERVED
+CVE-2013-3817
+	RESERVED
+CVE-2013-3816
+	RESERVED
+CVE-2013-3815
+	RESERVED
+CVE-2013-3814
+	RESERVED
+CVE-2013-3813
+	RESERVED
+CVE-2013-3812
+	RESERVED
+CVE-2013-3811
+	RESERVED
+CVE-2013-3810
+	RESERVED
+CVE-2013-3809
+	RESERVED
+CVE-2013-3808
+	RESERVED
+CVE-2013-3807
+	RESERVED
+CVE-2013-3806
+	RESERVED
+CVE-2013-3805
+	RESERVED
+CVE-2013-3804
+	RESERVED
+CVE-2013-3803
+	RESERVED
+CVE-2013-3802
+	RESERVED
+CVE-2013-3801
+	RESERVED
+CVE-2013-3800
+	RESERVED
+CVE-2013-3799
+	RESERVED
+CVE-2013-3798
+	RESERVED
+CVE-2013-3797
+	RESERVED
+CVE-2013-3796
+	RESERVED
+CVE-2013-3795
+	RESERVED
+CVE-2013-3794
+	RESERVED
+CVE-2013-3793
+	RESERVED
+CVE-2013-3792
+	RESERVED
+CVE-2013-3791
+	RESERVED
+CVE-2013-3790
+	RESERVED
+CVE-2013-3789
+	RESERVED
+CVE-2013-3788
+	RESERVED
+CVE-2013-3787
+	RESERVED
+CVE-2013-3786
+	RESERVED
+CVE-2013-3785
+	RESERVED
+CVE-2013-3784
+	RESERVED
+CVE-2013-3783
+	RESERVED
+CVE-2013-3782
+	RESERVED
+CVE-2013-3781
+	RESERVED
+CVE-2013-3780
+	RESERVED
+CVE-2013-3779
+	RESERVED
+CVE-2013-3778
+	RESERVED
+CVE-2013-3777
+	RESERVED
+CVE-2013-3776
+	RESERVED
+CVE-2013-3775
+	RESERVED
+CVE-2013-3774
+	RESERVED
+CVE-2013-3773
+	RESERVED
+CVE-2013-3772
+	RESERVED
+CVE-2013-3771
+	RESERVED
+CVE-2013-3770
+	RESERVED
+CVE-2013-3769
+	RESERVED
+CVE-2013-3768
+	RESERVED
+CVE-2013-3767
+	RESERVED
+CVE-2013-3766
+	RESERVED
+CVE-2013-3765
+	RESERVED
+CVE-2013-3764
+	RESERVED
+CVE-2013-3763
+	RESERVED
+CVE-2013-3762
+	RESERVED
+CVE-2013-3761
+	RESERVED
+CVE-2013-3760
+	RESERVED
+CVE-2013-3759
+	RESERVED
+CVE-2013-3758
+	RESERVED
+CVE-2013-3757
+	RESERVED
+CVE-2013-3756
+	RESERVED
+CVE-2013-3755
+	RESERVED
+CVE-2013-3754
+	RESERVED
+CVE-2013-3753
+	RESERVED
+CVE-2013-3752
+	RESERVED
+CVE-2013-3751
+	RESERVED
+CVE-2013-3750
+	RESERVED
+CVE-2013-3749
+	RESERVED
+CVE-2013-3748
+	RESERVED
+CVE-2013-3747
+	RESERVED
+CVE-2013-3746
+	RESERVED
+CVE-2013-3745
+	RESERVED
+CVE-2013-3744
+	RESERVED
+CVE-2013-3743
+	RESERVED
+CVE-2013-3741
+	RESERVED
+CVE-2013-3740
+	RESERVED
+CVE-2013-3739
+	RESERVED
+CVE-2013-3738
+	RESERVED
 CVE-2013-3843
+	RESERVED
 	- monkey <removed>
 	NOTE: http://bugs.monkey-project.com/ticket/182
 CVE-2013-3919 [DoS/crash by a query for an malformed zone]
@@ -6,6 +437,7 @@
 	- bind9 <not-affected> (vulnerable code not present)
 	NOTE: https://kb.isc.org/article/AA-00967
 CVE-2013-3742 [phpMyAdmin PMASA-2013-6]
+	RESERVED
 	- phpmyadmin 4:4.0.1-3 (low)
 	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
@@ -624,8 +1056,8 @@
 	RESERVED
 CVE-2013-3476
 	RESERVED
-CVE-2013-3475
-	RESERVED
+CVE-2013-3475 (Stack-based buffer overflow in db2aud in the Audit Facility in IBM DB2 ...)
+	TODO: check
 CVE-2013-3474
 	RESERVED
 CVE-2013-3473
@@ -1713,8 +2145,8 @@
 	RESERVED
 CVE-2013-2971
 	RESERVED
-CVE-2013-2970
-	RESERVED
+CVE-2013-2970 (Unspecified vulnerability in IBM QRadar Security Information and Event ...)
+	TODO: check
 CVE-2013-2969
 	RESERVED
 CVE-2013-2968
@@ -1753,8 +2185,8 @@
 	RESERVED
 CVE-2013-2951
 	RESERVED
-CVE-2013-2950
-	RESERVED
+CVE-2013-2950 (CRLF injection vulnerability in IBM WebSphere Portal 6.1.0.x before ...)
+	TODO: check
 CVE-2013-2949
 	RESERVED
 CVE-2013-2948
@@ -1924,41 +2356,29 @@
 	RESERVED
 CVE-2013-2866
 	RESERVED
-CVE-2013-2865
-	RESERVED
+CVE-2013-2865 (Multiple unspecified vulnerabilities in Google Chrome before ...)
 	- chromium-browser <unfixed>
-CVE-2013-2864
-	RESERVED
+CVE-2013-2864 (The PDF functionality in Google Chrome before 27.0.1453.110 allows ...)
 	- chromium-browser <not-affected> (PDF viewer not included in Chromium)
-CVE-2013-2863
-	RESERVED
+CVE-2013-2863 (Google Chrome before 27.0.1453.110 does not properly handle SSL ...)
 	- chromium-browser <unfixed>
-CVE-2013-2862
-	RESERVED
+CVE-2013-2862 (Skia, as used in Google Chrome before 27.0.1453.110, does not properly ...)
 	- chromium-browser <unfixed>
-CVE-2013-2861
-	RESERVED
+CVE-2013-2861 (Use-after-free vulnerability in the SVG implementation in Google ...)
 	- chromium-browser <unfixed>
-CVE-2013-2860
-	RESERVED
+CVE-2013-2860 (Use-after-free vulnerability in Google Chrome before 27.0.1453.110 ...)
 	- chromium-browser <unfixed>
-CVE-2013-2859
-	RESERVED
+CVE-2013-2859 (Google Chrome before 27.0.1453.110 allows remote attackers to bypass ...)
 	- chromium-browser <unfixed>
-CVE-2013-2858
-	RESERVED
+CVE-2013-2858 (Use-after-free vulnerability in the HTML5 Audio implementation in ...)
 	- chromium-browser <unfixed>
-CVE-2013-2857
-	RESERVED
+CVE-2013-2857 (Use-after-free vulnerability in Google Chrome before 27.0.1453.110 ...)
 	- chromium-browser <unfixed>
-CVE-2013-2856
-	RESERVED
+CVE-2013-2856 (Use-after-free vulnerability in Google Chrome before 27.0.1453.110 ...)
 	- chromium-browser <unfixed>
-CVE-2013-2855
-	RESERVED
+CVE-2013-2855 (The Developer Tools API in Google Chrome before 27.0.1453.110 allows ...)
 	- chromium-browser <unfixed>
-CVE-2013-2854
-	RESERVED
+CVE-2013-2854 (Google Chrome before 27.0.1453.110 on Windows provides an incorrect ...)
 	- chromium-browser <unfixed>
 CVE-2013-2853
 	RESERVED
@@ -3272,10 +3692,10 @@
 	RESERVED
 CVE-2013-2318
 	RESERVED
-CVE-2013-2317
-	RESERVED
-CVE-2013-2316
-	RESERVED
+CVE-2013-2317 (The Sleipnir Mobile application 2.9.1 and earlier and Sleipnir Mobile ...)
+	TODO: check
+CVE-2013-2316 (The Yahoo! Browser application 1.4.4 and earlier for Android allows ...)
+	TODO: check
 CVE-2013-2315 (data/class/pages/forgot/LC_Page_Forgot.php in LOCKON EC-CUBE 2.11.0 ...)
 	NOT-FOR-US: LOCKON EC-CUBE
 CVE-2013-2314 (Cross-site scripting (XSS) vulnerability in the adminAuthorization ...)
@@ -4778,7 +5198,7 @@
 	- squid3 <not-affected> (the errors were introduced in trunk rev.11496 in 3.2.0.9)
 	NOTE: According to http://seclists.org/bugtraq/2013/Mar/68 not affecting 3.1?
 	NOTE: http://bazaar.launchpad.net/~squid/squid/3.2/revision/11796
-CVE-2013-1838 (OpenStack Nova Grizzly, Folsom (2012.2), and Essex (2012.1) does not ...)
+CVE-2013-1838 (OpenStack Compute (Nova) Grizzly, Folsom (2012.2), and Essex (2012.1) ...)
 	- nova 2012.1.1-15 (bug #703064)
 CVE-2013-1837
 	RESERVED
@@ -5549,7 +5969,7 @@
 	- openjdk-6 6b27-1.12.5-1
 CVE-2013-1556 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking ...)
 	NOT-FOR-US: Oracle Financial Services Software
-CVE-2013-1555 (Unspecified vulnerability in MySQL 5.1.67 and earlier and 5.5.29 and ...)
+CVE-2013-1555 (Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, and ...)
 	- mysql-5.5 5.5.30+dfsg-1
 	- mysql-5.1 <removed>
 CVE-2013-1554 (Unspecified vulnerability in the Network Layer component in Oracle ...)
@@ -6802,10 +7222,10 @@
 	RESERVED
 CVE-2013-1025
 	RESERVED
-CVE-2013-1024
-	RESERVED
-CVE-2013-1023
-	RESERVED
+CVE-2013-1024 (CoreMedia Playback in Apple Mac OS X before 10.8.4 does not properly ...)
+	TODO: check
+CVE-2013-1023 (WebKit, as used in Apple Safari before 6.0.5, allows remote attackers ...)
+	TODO: check
 CVE-2013-1022 (Buffer overflow in Apple QuickTime before 7.7.4 allows remote ...)
 	NOT-FOR-US: Apple QuickTime
 CVE-2013-1021 (Buffer overflow in Apple QuickTime before 7.7.4 allows remote ...)
@@ -6824,16 +7244,16 @@
 	NOT-FOR-US: Apple QuickTime
 CVE-2013-1014 (Apple iTunes before 11.0.3 does not properly verify X.509 ...)
 	NOT-FOR-US: Apple iTunes
-CVE-2013-1013
-	RESERVED
-CVE-2013-1012
-	RESERVED
+CVE-2013-1013 (XSS Auditor in WebKit in Apple Safari before 6.0.5 does not properly ...)
+	TODO: check
+CVE-2013-1012 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari ...)
+	TODO: check
 CVE-2013-1011 (WebKit, as used in Apple iTunes before 11.0.3, allows ...)
 	NOT-FOR-US: Apple iTunes
 CVE-2013-1010 (WebKit, as used in Apple iTunes before 11.0.3, allows ...)
 	NOT-FOR-US: Apple iTunes
-CVE-2013-1009
-	RESERVED
+CVE-2013-1009 (WebKit, as used in Apple Safari before 6.0.5, allows remote attackers ...)
+	TODO: check
 CVE-2013-1008 (WebKit, as used in Apple iTunes before 11.0.3, allows ...)
 	NOT-FOR-US: Apple iTunes
 CVE-2013-1007 (WebKit, as used in Apple iTunes before 11.0.3, allows ...)
@@ -6870,8 +7290,8 @@
 	NOT-FOR-US: Apple iTunes
 CVE-2013-0991 (WebKit, as used in Apple iTunes before 11.0.3, allows ...)
 	NOT-FOR-US: Apple iTunes
-CVE-2013-0990
-	RESERVED
+CVE-2013-0990 (SMB in Apple Mac OS X before 10.8.4, when file sharing is enabled, ...)
+	TODO: check
 CVE-2013-0989 (Buffer overflow in Apple QuickTime before 7.7.4 allows remote ...)
 	NOT-FOR-US: Apple QuickTime
 CVE-2013-0988 (Buffer overflow in Apple QuickTime before 7.7.4 allows remote ...)
@@ -6880,15 +7300,14 @@
 	NOT-FOR-US: Apple QuickTime
 CVE-2013-0986 (Buffer overflow in Apple QuickTime before 7.7.4 allows remote ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2013-0985
-	RESERVED
-CVE-2013-0984
-	RESERVED
+CVE-2013-0985 (Disk Management in Apple Mac OS X before 10.8.4 does not properly ...)
+	TODO: check
+CVE-2013-0984 (Directory Service in Apple Mac OS X through 10.6.8 allows remote ...)
 	NOT-FOR-US: Mac OS Server
-CVE-2013-0983
-	RESERVED
-CVE-2013-0982
-	RESERVED
+CVE-2013-0983 (Stack consumption vulnerability in CoreAnimation in Apple Mac OS X ...)
+	TODO: check
+CVE-2013-0982 (The Private Browsing feature in CFNetwork in Apple Mac OS X before ...)
+	TODO: check
 CVE-2013-0981 (The IOUSBDeviceFamily driver in the USB implementation in the kernel ...)
 	NOT-FOR-US: Apple iOS
 CVE-2013-0980 (The Passcode Lock implementation in Apple iOS before 6.1.3 does not ...)
@@ -6901,8 +7320,8 @@
 	NOT-FOR-US: Apple iOS
 CVE-2013-0976 (IOAcceleratorFamily in Apple Mac OS X before 10.8.3 allows remote ...)
 	NOT-FOR-US: Mac OS X
-CVE-2013-0975
-	RESERVED
+CVE-2013-0975 (Buffer overflow in QuickDraw Manager in Apple Mac OS X before 10.8.4 ...)
+	TODO: check
 CVE-2013-0974 (StoreKit in Apple iOS before 6.1 does not properly handle the ...)
 	NOT-FOR-US: Apple StoreKit
 CVE-2013-0973 (Software Update in Apple Mac OS X through 10.7.5 does not prevent ...)
@@ -8238,8 +8657,8 @@
 	RESERVED
 CVE-2013-0550
 	RESERVED
-CVE-2013-0549
-	RESERVED
+CVE-2013-0549 (Cross-site scripting (XSS) vulnerability in the Web Content Manager - ...)
+	TODO: check
 CVE-2013-0548
 	RESERVED
 CVE-2013-0547
@@ -8318,10 +8737,10 @@
 	NOT-FOR-US: IBM Security AppScan Enterprise
 CVE-2013-0510 (IBM Security AppScan Enterprise 5.6 and 8.x before 8.7 includes a ...)
 	NOT-FOR-US: IBM Security AppScan Enterprise
-CVE-2013-0509
-	RESERVED
-CVE-2013-0508
-	RESERVED
+CVE-2013-0509 (Buffer overflow in the Transaction MIB agent in IBM Tivoli Netcool ...)
+	TODO: check
+CVE-2013-0508 (Multiple buffer overflows in IBM Tivoli Netcool System Service ...)
+	TODO: check
 CVE-2013-0507
 	RESERVED
 CVE-2013-0506 (Cross-site scripting (XSS) vulnerability in IBM Sterling Order ...)
@@ -8408,8 +8827,8 @@
 	NOT-FOR-US: IBM
 CVE-2013-0465 (Unspecified vulnerability in the IBM WebSphere Cast Iron physical and ...)
 	NOT-FOR-US: IBM
-CVE-2013-0464
-	RESERVED
+CVE-2013-0464 (Multiple cross-site scripting (XSS) vulnerabilities in IBM Eclipse ...)
+	TODO: check
 CVE-2013-0463
 	RESERVED
 CVE-2013-0462 (Unspecified vulnerability in IBM WebSphere Application Server (WAS) ...)


