[Secure-testing-commits] r21598 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Tue Mar 12 21:14:22 UTC 2013
Author: joeyh
Date: 2013-03-12 21:14:22 +0000 (Tue, 12 Mar 2013)
New Revision: 21598
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-03-12 21:02:07 UTC (rev 21597)
+++ data/CVE/list 2013-03-12 21:14:22 UTC (rev 21598)
@@ -108,8 +108,7 @@
RESERVED
CVE-2013-2504
RESERVED
-CVE-2013-2503 [Proxy-Authentication response spoofing]
- RESERVED
+CVE-2013-2503 (Privoxy before 3.0.21 does not properly handle Proxy-Authenticate and ...)
- privoxy <unfixed> (bug #702896)
NOTE: http://blog.c22.cc/2013/03/11/privoxy-proxy-authentication-credential-exposure-cve-2013-2503/
NOTE: http://ijbswa.cvs.sourceforge.net/viewvc/ijbswa/current/ChangeLog?revision=1.188&view=markup
@@ -590,10 +589,10 @@
RESERVED
CVE-2013-2294
RESERVED
-CVE-2013-2293
- RESERVED
-CVE-2013-2292
- RESERVED
+CVE-2013-2293 (The CTransaction::FetchInputs method in bitcoind and Bitcoin-Qt before ...)
+ TODO: check
+CVE-2013-2292 (bitcoind and Bitcoin-Qt 0.8.0 and earlier allow remote attackers to ...)
+ TODO: check
CVE-2013-2291
RESERVED
CVE-2013-2290
@@ -630,14 +629,16 @@
- libav <not-affected> (Doesn't affect libav, specific to current ffmpeg)
CVE-2013-2275 [puppet incorrect default report ACL vulnerability]
RESERVED
+ {DSA-2643-1}
- puppet <unfixed>
CVE-2013-2274 [puppet remote code execution]
RESERVED
+ {DSA-2643-1}
- puppet <unfixed>
-CVE-2013-2273
- RESERVED
-CVE-2013-2272
- RESERVED
+CVE-2013-2273 (bitcoind and Bitcoin-Qt before 0.4.9rc1, 0.5.x before 0.5.8rc1, 0.6.0 ...)
+ TODO: check
+CVE-2013-2272 (The penny-flooding protection mechanism in the CTxMemPool::accept ...)
+ TODO: check
CVE-2013-2271
RESERVED
CVE-2013-2270
@@ -1989,15 +1990,19 @@
TODO: check
CVE-2013-1655 [puppet unauthenticated client remote code execution]
RESERVED
+ {DSA-2643-1}
- puppet <unfixed>
CVE-2013-1654 [puppet SSL downgrade vulnerability]
RESERVED
+ {DSA-2643-1}
- puppet <unfixed>
CVE-2013-1653 [puppet agent remote code execution]
RESERVED
+ {DSA-2643-1}
- puppet <unfixed>
CVE-2013-1652 [puppet insufficient input validation vulnerability and unautorised data access]
RESERVED
+ {DSA-2643-1}
- puppet <unfixed>
CVE-2013-1651
RESERVED
@@ -2024,8 +2029,9 @@
CVE-2013-1641
RESERVED
CVE-2013-1640 [puppet remote code execution]
+ RESERVED
+ {DSA-2643-1}
- puppet <unfixed>
- RESERVED
CVE-2013-1639 (Opera before 12.13 does not send CORS preflight requests in all ...)
NOT-FOR-US: Opera
CVE-2013-1638 (Opera before 12.13 allows remote attackers to execute arbitrary code ...)
@@ -2053,8 +2059,8 @@
RESERVED
CVE-2013-1628
RESERVED
-CVE-2013-1627
- RESERVED
+CVE-2013-1627 (Absolute path traversal vulnerability in NTWebServer.exe in Indusoft ...)
+ TODO: check
CVE-2013-1626
RESERVED
CVE-2013-1625
@@ -3312,8 +3318,8 @@
RESERVED
CVE-2013-1082
RESERVED
-CVE-2013-1081
- RESERVED
+CVE-2013-1081 (Directory traversal vulnerability in MDM.php in Novell ZENworks Mobile ...)
+ TODO: check
CVE-2013-1080
RESERVED
CVE-2013-1079
@@ -10558,10 +10564,10 @@
NOT-FOR-US: 3S CODESYS Gateway-Server
CVE-2012-4704 (Array index error in 3S CODESYS Gateway-Server before 2.3.9.27 allows ...)
NOT-FOR-US: 3S CODESYS Gateway-Server
-CVE-2012-4703
- RESERVED
-CVE-2012-4702
- RESERVED
+CVE-2012-4703 (The Emerson DeltaV SE3006 through 11.3.1, DeltaV VE3005 through 10.3.1 ...)
+ TODO: check
+CVE-2012-4702 (360 Systems Maxx, Image Server Maxx, and Image Server 2000 have a ...)
+ TODO: check
CVE-2012-4701 (Directory traversal vulnerability in Tridium Niagara AX 3.5, 3.6, and ...)
NOT-FOR-US: Tridium Niagara
CVE-2012-4700 (Multiple buffer overflows in an ActiveX control in PE3DO32A.ocx in ...)
@@ -10596,8 +10602,8 @@
NOT-FOR-US: vBulletin
CVE-2012-4685 (Cross-site scripting (XSS) vulnerability in Arbor Networks Peakflow SP ...)
NOT-FOR-US: Arbor Networks Peakflow SP
-CVE-2012-4684
- RESERVED
+CVE-2012-4684 (The alert functionality in bitcoind and Bitcoin-Qt before 0.7.0 ...)
+ TODO: check
CVE-2012-4683 (Unspecified vulnerability in bitcoind and Bitcoin-Qt allows attackers ...)
- bitcoin 0.7.2-1 (bug #688813)
CVE-2012-4682 (Unspecified vulnerability in bitcoind and Bitcoin-Qt allows attackers ...)
@@ -17647,16 +17653,16 @@
NOT-FOR-US: Proprietary HP monitoring tools
CVE-2012-2000 (Multiple unspecified vulnerabilities in HP System Health Application ...)
NOT-FOR-US: Proprietary HP monitoring tools
-CVE-2012-1999
- RESERVED
-CVE-2012-1998
- RESERVED
-CVE-2012-1997
- RESERVED
-CVE-2012-1996
- RESERVED
-CVE-2012-1995
- RESERVED
+CVE-2012-1999 (Unspecified vulnerability in HP Systems Insight Manager (SIM) before ...)
+ TODO: check
+CVE-2012-1998 (Unspecified vulnerability in HP Systems Insight Manager (SIM) before ...)
+ TODO: check
+CVE-2012-1997 (Unspecified vulnerability in HP Systems Insight Manager (SIM) before ...)
+ TODO: check
+CVE-2012-1996 (Unspecified vulnerability in HP Systems Insight Manager (SIM) before ...)
+ TODO: check
+CVE-2012-1995 (Unspecified vulnerability in HP Systems Insight Manager (SIM) before ...)
+ TODO: check
CVE-2012-1994
RESERVED
CVE-2012-1993 (Unspecified vulnerability in HP System Management Homepage (SMH) ...)
More information about the Secure-testing-commits
mailing list