[Secure-testing-commits] r22794 - data/CVE

Fri Jun 28 21:14:24 UTC 2013

Author: joeyh
Date: 2013-06-28 21:14:24 +0000 (Fri, 28 Jun 2013)
New Revision: 22794

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2013-06-28 21:02:16 UTC (rev 22793)
+++ data/CVE/list	2013-06-28 21:14:24 UTC (rev 22794)
@@ -1,3 +1,21 @@
+CVE-2013-4721 (SQL injection vulnerability in the RSS feed from records extension ...)
+	TODO: check
+CVE-2013-4720 (SQL injection vulnerability in the WEC Discussion Forum extension ...)
+	TODO: check
+CVE-2013-4719 (SQL injection vulnerability in the SEO Pack for tt_news extension ...)
+	TODO: check
+CVE-2013-4718
+	RESERVED
+CVE-2013-4717
+	RESERVED
+CVE-2012-6577 (SQL injection vulnerability in the Formhandler extension before 1.4.1 ...)
+	TODO: check
+CVE-2012-6576 (Cross-site scripting (XSS) vulnerability in the PRH Search module ...)
+	TODO: check
+CVE-2012-6575 (Cross-site scripting (XSS) vulnerability in the Exposed Filter Data ...)
+	TODO: check
+CVE-2012-6574 (Cross-site scripting (XSS) vulnerability in the Fonecta verify module ...)
+	TODO: check
 CVE-2013-4716
 	RESERVED
 CVE-2013-4715
@@ -2812,14 +2830,14 @@
 	RESERVED
 CVE-2013-3387
 	RESERVED
-CVE-2013-3386
-	RESERVED
-CVE-2013-3385
-	RESERVED
-CVE-2013-3384
-	RESERVED
-CVE-2013-3383
-	RESERVED
+CVE-2013-3386 (The IronPort Spam Quarantine (ISQ) component in the web framework in ...)
+	TODO: check
+CVE-2013-3385 (The management GUI in the web framework in IronPort AsyncOS on Cisco ...)
+	TODO: check
+CVE-2013-3384 (The web framework in IronPort AsyncOS on Cisco Web Security Appliance ...)
+	TODO: check
+CVE-2013-3383 (The web framework in IronPort AsyncOS on Cisco Web Security Appliance ...)
+	TODO: check
 CVE-2013-3382 (The Next-Generation Firewall (aka NGFW, formerly CX Context-Aware ...)
 	NOT-FOR-US: Cisco ASA
 CVE-2013-3381 (Cisco Hosted Collaboration Mediation allows remote attackers to cause ...)
@@ -19645,7 +19663,7 @@
 CVE-2012-3574 (Unrestricted file upload vulnerability in ...)
 	NOT-FOR-US: Wordpress plugin
 CVE-2012-3573
-	RESERVED
+	REJECTED
 CVE-2012-3572 (Open Source Competency Center (OSCC) MyMeeting 3.0.1 and earlier, and ...)
 	NOT-FOR-US: Open Source Competency Center (OSCC) MyMeeting
 CVE-2011-5094 (** DISPUTED ** Mozilla Network Security Services (NSS) 3.x, with ...)
@@ -31325,17 +31343,17 @@
 CVE-2009-5102 (SQL injection vulnerability in default.asp in ATCOM Netvolution 1.0 ...)
 	NOT-FOR-US: ATCOM Netvolution
 CVE-2011-4150
-	RESERVED
+	REJECTED
 CVE-2011-4149
-	RESERVED
+	REJECTED
 CVE-2011-4148
-	RESERVED
+	REJECTED
 CVE-2011-4147
-	RESERVED
+	REJECTED
 CVE-2011-4146
-	RESERVED
+	REJECTED
 CVE-2011-4145
-	RESERVED
+	REJECTED
 CVE-2011-4144 (Unspecified vulnerability in EMC Documentum Content Server 6.0, 6.5 ...)
 	NOT-FOR-US: EMC
 CVE-2011-4143 (EMC RSA enVision 4.0 before SP4 P5 and 4.1 before P3 allows remote ...)
@@ -40189,7 +40207,7 @@
 	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.38-2
 CVE-2011-1181 [missing error handling in linux netdev]
-	RESERVED
+	REJECTED
 	- linux-2.6 <not-affected> (No security issue, see http://marc.info/?l=linux-netdev&m=130075091711143&w=2)
 CVE-2011-1180 (Multiple stack-based buffer overflows in the ...)
 	{DSA-2264-1 DSA-2240-1}


