[Secure-testing-commits] r22395 - data/CVE

Wed May 29 09:14:26 UTC 2013

Author: joeyh
Date: 2013-05-29 09:14:26 +0000 (Wed, 29 May 2013)
New Revision: 22395

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2013-05-29 08:52:09 UTC (rev 22394)
+++ data/CVE/list	2013-05-29 09:14:26 UTC (rev 22395)
@@ -1,3 +1,47 @@
+CVE-2013-3681
+	RESERVED
+CVE-2013-3680
+	RESERVED
+CVE-2013-3679
+	RESERVED
+CVE-2013-3678
+	RESERVED
+CVE-2013-3677
+	RESERVED
+CVE-2013-3676
+	RESERVED
+CVE-2013-3675
+	RESERVED
+CVE-2013-3674
+	RESERVED
+CVE-2013-3673
+	RESERVED
+CVE-2013-3672
+	RESERVED
+CVE-2013-3671
+	RESERVED
+CVE-2013-3670
+	RESERVED
+CVE-2013-3669
+	RESERVED
+CVE-2013-3668
+	RESERVED
+CVE-2013-3667
+	RESERVED
+CVE-2013-3666
+	RESERVED
+CVE-2013-3665
+	RESERVED
+CVE-2013-3664
+	RESERVED
+CVE-2013-3663
+	RESERVED
+CVE-2013-3662
+	RESERVED
+CVE-2013-3661 (The EPATHOBJ::bFlatten function in win32k.sys in Microsoft Windows XP ...)
+	TODO: check
+CVE-2013-3660 (The EPATHOBJ::pprFlattenRec function in win32k.sys in Microsoft ...)
+	TODO: check
 CVE-2013-XXXX [libraw: multiple issues]
 	- libraw <unfixed>
 	NOTE: http://www.openwall.com/lists/oss-security/2013/05/28/3
@@ -73,10 +117,10 @@
 	RESERVED
 CVE-2013-3635
 	RESERVED
-CVE-2013-3634
-	RESERVED
-CVE-2013-3633
-	RESERVED
+CVE-2013-3634 (The SNMPv3 functionality on Siemens Scalance X200 IRT switches with ...)
+	TODO: check
+CVE-2013-3633 (The web interface on Siemens Scalance X200 IRT switches with firmware ...)
+	TODO: check
 CVE-2013-3632
 	RESERVED
 CVE-2013-3631
@@ -221,44 +265,36 @@
 	RESERVED
 CVE-2013-3563
 	RESERVED
-CVE-2013-3562 [wireshark: Websocket dissector crash]
-	RESERVED
+CVE-2013-3562 (Multiple integer signedness errors in the tvb_unmasked function in ...)
 	- wireshark 1.8.7-1 (bug #709167)
 	[squeeze] - wireshark <not-affected> (Only affects 1.8.x)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8499
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2013-29.html
-CVE-2013-3561 [wireshark: Websocket dissector crash]
-	RESERVED
+CVE-2013-3561 (Multiple integer overflows in Wireshark 1.8.x before 1.8.7 allow ...)
 	- wireshark 1.8.7-1 (bug #709167)
 	[squeeze] - wireshark <not-affected> (Only affects 1.8.x)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8448
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2013-29.html
-CVE-2013-3560 [wireshark: MPEG DSM-CC dissector crash]
-	RESERVED
+CVE-2013-3560 (The dissect_dsmcc_un_download function in ...)
 	- wireshark 1.8.7-1 (unimportant; bug #709167)
 	[squeeze] - wireshark <not-affected> (Only affects 1.8.x)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2013-28.html
 	NOTE: Not suitable for code injection
-CVE-2013-3559 [wireshark: DCP ETSI dissector crash]
-	RESERVED
+CVE-2013-3559 (epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in ...)
 	- wireshark 1.8.7-1 (bug #709167)
 	[squeeze] - wireshark <not-affected> (Only affects 1.8.x)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2013-27.html
-CVE-2013-3558 [wireshark: PPP CCP dissector crash]
-	RESERVED
+CVE-2013-3558 (The dissect_ccp_bsdcomp_opt function in epan/dissectors/packet-ppp.c ...)
 	- wireshark 1.8.7-1 (bug #709167)
 	[squeeze] - wireshark <not-affected> (Only affects 1.8.x)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2013-26.html
-CVE-2013-3557 [wireshark: ASN.1 BER dissector crash]
-	RESERVED
+CVE-2013-3557 (The dissect_ber_choice function in epan/dissectors/packet-ber.c in the ...)
 	- wireshark 1.8.7-1 (bug #709167)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2013-25.html
-CVE-2013-3556 [wireshark: ASN.1 BER dissector crash]
-	RESERVED
+CVE-2013-3556 (The fragment_add_seq_common function in epan/reassemble.c in the ASN.1 ...)
 	- wireshark <not-affected> (Only affected the dev trunk)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2013-25.html (r48943)
-CVE-2013-3555 [wireshark: GTPv2 dissector crash]
-	RESERVED
+CVE-2013-3555 (epan/dissectors/packet-gtpv2.c in the GTPv2 dissector in Wireshark ...)
 	- wireshark 1.8.7-1 (bug #709167)
 	[squeeze] - wireshark <not-affected> (Only affects 1.8.x)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2013-24.html
@@ -1534,20 +1570,20 @@
 	RESERVED
 CVE-2013-2960
 	RESERVED
-CVE-2013-2959
-	RESERVED
+CVE-2013-2959 (The Console in IBM InfoSphere Optim Data Growth for Oracle E-Business ...)
+	TODO: check
 CVE-2013-2958
 	RESERVED
-CVE-2013-2957
-	RESERVED
-CVE-2013-2956
-	RESERVED
-CVE-2013-2955
-	RESERVED
-CVE-2013-2954
-	RESERVED
-CVE-2013-2953
-	RESERVED
+CVE-2013-2957 (Cross-site scripting (XSS) vulnerability in IBM InfoSphere Optim Data ...)
+	TODO: check
+CVE-2013-2956 (SQL injection vulnerability in the Console in IBM InfoSphere Optim ...)
+	TODO: check
+CVE-2013-2955 (Cross-site scripting (XSS) vulnerability in IBM InfoSphere Optim Data ...)
+	TODO: check
+CVE-2013-2954 (The login page in the Console in IBM InfoSphere Optim Data Growth for ...)
+	TODO: check
+CVE-2013-2953 (IBM InfoSphere Optim Data Growth for Oracle E-Business Suite 6.x, 7.x, ...)
+	TODO: check
 CVE-2013-2952
 	RESERVED
 CVE-2013-2951
@@ -3601,27 +3637,22 @@
 	- owncloud <not-affected> (Only affects 5.0.x)
 CVE-2013-2084
 	RESERVED
-CVE-2013-2083 [Form filtering issue]
-	RESERVED
+CVE-2013-2083 (The MoodleQuickForm class in lib/formslib.php in Moodle through ...)
 	- moodle <unfixed> (low)
 	[squeeze] - moodle <no-dsa> (Minor issue)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-38885
-CVE-2013-2082 [Permission issue in blog comments]
-	RESERVED
+CVE-2013-2082 (Moodle through 2.1.10, 2.2.x before 2.2.10, 2.3.x before 2.3.7, and ...)
 	- moodle <unfixed>
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-37245
-CVE-2013-2081 [Information leak in hub registration]
-	RESERVED
+CVE-2013-2081 (Moodle through 2.1.10, 2.2.x before 2.2.10, 2.3.x before 2.3.7, and ...)
 	- moodle <unfixed> (low)
 	[squeeze] - moodle <no-dsa> (Minor issue)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-37822
-CVE-2013-2080 [Potential information leak in Gradebook]
-	RESERVED
+CVE-2013-2080 (The core_grade component in Moodle through 2.2.10, 2.3.x before 2.3.7, ...)
 	- moodle <unfixed> (low)
 	[squeeze] - moodle <no-dsa> (Minor issue)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-37475
-CVE-2013-2079 [Capability issue in Assignment]
-	RESERVED
+CVE-2013-2079 (mod/assign/locallib.php in the assignment module in Moodle 2.3.x ...)
 	- moodle <not-affected> (Only affects 2.3 and later)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-38443
 CVE-2013-2078
@@ -7995,8 +8026,8 @@
 	RESERVED
 CVE-2012-6400
 	RESERVED
-CVE-2012-6399
-	RESERVED
+CVE-2012-6399 (Cisco WebEx 4.1 on iOS does not verify that the server hostname ...)
+	TODO: check
 CVE-2012-6398
 	RESERVED
 CVE-2012-6397 (Cross-site scripting (XSS) vulnerability in Cisco WebEx Social ...)


