[Secure-testing-commits] r22288 - data/CVE

Joey Hess joeyh at alioth.debian.org
Thu May 16 21:16:26 UTC 2013 

Author: joeyh
Date: 2013-05-16 21:16:25 +0000 (Thu, 16 May 2013)
New Revision: 22288

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-05-16 20:46:43 UTC (rev 22287)
+++ data/CVE/list	2013-05-16 21:16:25 UTC (rev 22288)
@@ -48,7 +48,7 @@
 	NOT-FOR-US: Vanilla Forums
 CVE-2013-3526 (Cross-site scripting (XSS) vulnerability in js/ta_loaded.js.php in the ...)
 	NOT-FOR-US: WordPress plugin
-CVE-2013-3525 (SQL injection vulnerability in Approvals/ in Request Tracker (RT) ...)
+CVE-2013-3525 (** DISPUTED ** ...)
 	NOTE: http://blog.bestpractical.com/2013/04/on-our-security-policies.html
 CVE-2013-3524 (SQL injection vulnerability in popupnewsitem/ in the Pop Up News ...)
 	NOT-FOR-US: phpVMS
@@ -416,50 +416,44 @@
 	RESERVED
 CVE-2013-3343
 	RESERVED
-CVE-2013-3342
-	RESERVED
+CVE-2013-3342 (Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2013-3341
-	RESERVED
+CVE-2013-3341 (Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2013-3340
-	RESERVED
+CVE-2013-3340 (Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2013-3339
-	RESERVED
+CVE-2013-3339 (Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2013-3338
-	RESERVED
+CVE-2013-3338 (Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2013-3337
-	RESERVED
+CVE-2013-3337 (Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and ...)
 	NOT-FOR-US: Adobe Reader
 CVE-2013-3336 (Unspecified vulnerability in Adobe ColdFusion 9.0, 9.0.1, 9.0.2, and ...)
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2013-3335
-	RESERVED
-CVE-2013-3334
-	RESERVED
-CVE-2013-3333
-	RESERVED
-CVE-2013-3332
-	RESERVED
-CVE-2013-3331
-	RESERVED
-CVE-2013-3330
-	RESERVED
-CVE-2013-3329
-	RESERVED
-CVE-2013-3328
-	RESERVED
-CVE-2013-3327
-	RESERVED
-CVE-2013-3326
-	RESERVED
-CVE-2013-3325
-	RESERVED
-CVE-2013-3324
-	RESERVED
+CVE-2013-3335 (Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on ...)
+	TODO: check
+CVE-2013-3334 (Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on ...)
+	TODO: check
+CVE-2013-3333 (Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on ...)
+	TODO: check
+CVE-2013-3332 (Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on ...)
+	TODO: check
+CVE-2013-3331 (Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on ...)
+	TODO: check
+CVE-2013-3330 (Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on ...)
+	TODO: check
+CVE-2013-3329 (Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on ...)
+	TODO: check
+CVE-2013-3328 (Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on ...)
+	TODO: check
+CVE-2013-3327 (Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on ...)
+	TODO: check
+CVE-2013-3326 (Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on ...)
+	TODO: check
+CVE-2013-3325 (Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on ...)
+	TODO: check
+CVE-2013-3324 (Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on ...)
+	TODO: check
 CVE-2013-3323
 	RESERVED
 CVE-2013-3322
@@ -1695,64 +1689,45 @@
 	RESERVED
 CVE-2013-2738
 	RESERVED
-CVE-2013-2737
-	RESERVED
+CVE-2013-2737 (A JavaScript API in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2013-2736
-	RESERVED
+CVE-2013-2736 (Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2013-2735
-	RESERVED
+CVE-2013-2735 (Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2013-2734
-	RESERVED
+CVE-2013-2734 (Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2013-2733
-	RESERVED
+CVE-2013-2733 (Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2013-2732
-	RESERVED
+CVE-2013-2732 (Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2013-2731
-	RESERVED
+CVE-2013-2731 (Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2013-2730
-	RESERVED
+CVE-2013-2730 (Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2013-2729
-	RESERVED
+CVE-2013-2729 (Integer overflow in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2013-2728
-	RESERVED
-CVE-2013-2727
-	RESERVED
+CVE-2013-2728 (Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on ...)
+	TODO: check
+CVE-2013-2727 (Integer overflow in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2013-2726
-	RESERVED
+CVE-2013-2726 (Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2013-2725
-	RESERVED
+CVE-2013-2725 (Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2013-2724
-	RESERVED
+CVE-2013-2724 (Stack-based buffer overflow in Adobe Reader and Acrobat 9.x before ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2013-2723
-	RESERVED
+CVE-2013-2723 (Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2013-2722
-	RESERVED
+CVE-2013-2722 (Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2013-2721
-	RESERVED
+CVE-2013-2721 (Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2013-2720
-	RESERVED
+CVE-2013-2720 (Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2013-2719
-	RESERVED
+CVE-2013-2719 (Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2013-2718
-	RESERVED
+CVE-2013-2718 (Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and ...)
 	NOT-FOR-US: Adobe Reader
 CVE-2013-2717 (Multiple unspecified vulnerabilities in the System Management (aka ...)
 	NOT-FOR-US: EMC
@@ -4463,66 +4438,53 @@
 	RESERVED
 CVE-2013-1682
 	RESERVED
-CVE-2013-1681
-	RESERVED
+CVE-2013-1681 (Use-after-free vulnerability in the ...)
 	- iceweasel 17.0.6esr-1
 	- icedove <unfixed>
 	- iceape <unfixed>
-CVE-2013-1680
-	RESERVED
+CVE-2013-1680 (Use-after-free vulnerability in the nsFrameList::FirstChild function ...)
 	- iceweasel 17.0.6esr-1
 	- icedove <unfixed>
 	- iceape <unfixed>
-CVE-2013-1679
-	RESERVED
+CVE-2013-1679 (Use-after-free vulnerability in the ...)
 	- iceweasel 17.0.6esr-1
 	- icedove <unfixed>
 	- iceape <unfixed>
-CVE-2013-1678
-	RESERVED
+CVE-2013-1678 (The _cairo_xlib_surface_add_glyph function in Mozilla Firefox before ...)
 	- iceweasel 17.0.6esr-1
 	- icedove <unfixed>
 	- iceape <unfixed>
-CVE-2013-1677
-	RESERVED
+CVE-2013-1677 (The gfxSkipCharsIterator::SetOffsets function in Mozilla Firefox ...)
 	- iceweasel 17.0.6esr-1
 	- icedove <unfixed>
 	- iceape <unfixed>
-CVE-2013-1676
-	RESERVED
+CVE-2013-1676 (The SelectionIterator::GetNextSegment function in Mozilla Firefox ...)
 	- iceweasel 17.0.6esr-1
 	- icedove <unfixed>
 	- iceape <unfixed>
-CVE-2013-1675
-	RESERVED
+CVE-2013-1675 (Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, ...)
 	- iceweasel 17.0.6esr-1
 	- icedove <unfixed>
 	- iceape <unfixed>
-CVE-2013-1674
-	RESERVED
+CVE-2013-1674 (Use-after-free vulnerability in Mozilla Firefox before 21.0, Firefox ...)
 	- iceweasel 17.0.6esr-1
 	- icedove <unfixed>
 	- iceape <unfixed>
-CVE-2013-1673
-	RESERVED
+CVE-2013-1673 (The Mozilla Updater in Mozilla Firefox before 21.0 on Windows does not ...)
 	- iceweasel <not-affected> (Windows build only)
-CVE-2013-1672
-	RESERVED
+CVE-2013-1672 (The Mozilla Maintenance Service in Mozilla Firefox before 21.0, ...)
 	- iceweasel <not-affected> (Windows build only)
 	- icedove <not-affected> (Windows build only)
 	- iceape <not-affected> (Windows build only)
-CVE-2013-1671
-	RESERVED
+CVE-2013-1671 (Mozilla Firefox before 21.0 does not properly implement the INPUT ...)
 	- iceweasel <unfixed>
 	[wheezy] - iceweasel <not-affected> (Doesn't affect ESR 17 series)
 	NOTE: fixed in experimental in 21.0-1
-CVE-2013-1670
-	RESERVED
+CVE-2013-1670 (The Chrome Object Wrapper (COW) implementation in Mozilla Firefox ...)
 	- iceweasel 17.0.6esr-1
 	- icedove <unfixed>
 	- iceape <unfixed>
-CVE-2013-1669
-	RESERVED
+CVE-2013-1669 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
 	- iceweasel <unfixed>
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox 20)
 	- icedove <unfixed>
@@ -5323,8 +5285,8 @@
 	RESERVED
 CVE-2013-1390
 	RESERVED
-CVE-2013-1389
-	RESERVED
+CVE-2013-1389 (Unspecified vulnerability in Adobe ColdFusion 9.0 before Update 11, ...)
+	TODO: check
 CVE-2013-1388 (Unspecified vulnerability in Adobe ColdFusion 9.0 before Update 10, ...)
 	NOT-FOR-US: Adobe ColdFusion
 CVE-2013-1387 (Unspecified vulnerability in Adobe ColdFusion 9.0 before Update 10, ...)
@@ -5634,10 +5596,10 @@
 	RESERVED
 CVE-2013-1246
 	RESERVED
-CVE-2013-1245
-	RESERVED
-CVE-2013-1244
-	RESERVED
+CVE-2013-1245 (The user-management page in Cisco WebEx Social relies on client-side ...)
+	TODO: check
+CVE-2013-1244 (Cross-site scripting (XSS) vulnerability in the portal module in Cisco ...)
+	TODO: check
 CVE-2013-1243
 	RESERVED
 CVE-2013-1242 (Memory leak in the web framework in the server in Cisco Unified ...)
@@ -5652,8 +5614,8 @@
 	RESERVED
 CVE-2013-1237
 	RESERVED
-CVE-2013-1236
-	RESERVED
+CVE-2013-1236 (Cisco TelePresence Supervisor MSE 8050 before 2.3(1.31) allows remote ...)
+	TODO: check
 CVE-2013-1235 (Cisco Wireless LAN Controller (WLC) devices do not properly address ...)
 	NOT-FOR-US: Cisco Wireless LAN Controller
 CVE-2013-1234 (The SNMP module in Cisco IOS XR allows remote authenticated users to ...)
@@ -5724,8 +5686,8 @@
 	RESERVED
 CVE-2013-1201
 	RESERVED
-CVE-2013-1200
-	RESERVED
+CVE-2013-1200 (Session fixation vulnerability in Cisco Secure Access Control System ...)
+	TODO: check
 CVE-2013-1199 (Race condition in the CIFS implementation in the rewriter module in ...)
 	NOT-FOR-US: Cisco
 CVE-2013-1198 (Cross-site scripting (XSS) vulnerability in a Flash component in Cisco ...)
@@ -5748,8 +5710,8 @@
 	RESERVED
 CVE-2013-1189 (Cisco Universal Broadband (aka uBR) 10000 series routers, when an ...)
 	NOT-FOR-US: Cisco Universal Broadband 10000 series routers
-CVE-2013-1188
-	RESERVED
+CVE-2013-1188 (Cisco Unified Communications Manager (CUCM) does not properly limit ...)
+	TODO: check
 CVE-2013-1187 (The Connection Manager in Cisco Jabber Extensible Communications ...)
 	NOT-FOR-US: Cisco
 CVE-2013-1186 (Cisco Unified Computing System (UCS) 1.x before 1.4(4) and 2.x before ...)
@@ -5774,8 +5736,8 @@
 	NOT-FOR-US: Cisco Network Admission Control Manager
 CVE-2013-1176 (The DSP card on Cisco TelePresence MCU 4500 and 4501 devices before ...)
 	NOT-FOR-US: Cisco
-CVE-2013-1175
-	RESERVED
+CVE-2013-1175 (The SSL logging daemon in the Application Control Engine module in ...)
+	TODO: check
 CVE-2013-1174 (Cisco Tivoli Business Service Manager (TBSM) in Hosted Collaboration ...)
 	NOT-FOR-US: Cisco Tivoli Business Service Manager
 CVE-2013-1173 (Heap-based buffer overflow in ciscod.exe in the Cisco Security Service ...)
@@ -6554,8 +6516,7 @@
 	NOTE: Starting with 2.3.14.1 rails is a transition package
 CVE-2013-0802
 	RESERVED
-CVE-2013-0801
-	RESERVED
+CVE-2013-0801 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
 	- iceweasel 17.0.6esr-1
 	- icedove <unfixed>
 	- iceape <unfixed>

More information about the Secure-testing-commits mailing list