[Secure-testing-commits] r23567 - data/CVE
Salvatore Bonaccorso
carnil at alioth.debian.org
Sat Sep 7 03:43:23 UTC 2013
Author: carnil
Date: 2013-09-07 03:43:22 +0000 (Sat, 07 Sep 2013)
New Revision: 23567
Modified:
data/CVE/list
Log:
Run the automatic update for CVE once
Question: seens there is a problem with the cronjob?
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-09-06 19:31:06 UTC (rev 23566)
+++ data/CVE/list 2013-09-07 03:43:22 UTC (rev 23567)
@@ -1,3 +1,129 @@
+CVE-2013-5708 (Coursemill Learning Management System (LMS) 6.8 constructs secret ...)
+ TODO: check
+CVE-2013-5707 (Multiple cross-site scripting (XSS) vulnerabilities in Coursemill ...)
+ TODO: check
+CVE-2013-5706 (Multiple cross-site scripting (XSS) vulnerabilities in Coursemill ...)
+ TODO: check
+CVE-2013-5705
+ RESERVED
+CVE-2013-5704
+ RESERVED
+CVE-2013-5703
+ RESERVED
+CVE-2013-5702
+ RESERVED
+CVE-2013-5701
+ RESERVED
+CVE-2013-5700
+ RESERVED
+CVE-2013-5699
+ RESERVED
+CVE-2013-5698 (Cross-site scripting (XSS) vulnerability in Open-Xchange AppSuite and ...)
+ TODO: check
+CVE-2013-5697
+ RESERVED
+CVE-2013-5696
+ RESERVED
+CVE-2013-5695
+ RESERVED
+CVE-2013-5694
+ RESERVED
+CVE-2013-5693
+ RESERVED
+CVE-2013-5692
+ RESERVED
+CVE-2013-5691
+ RESERVED
+CVE-2013-5690
+ RESERVED
+CVE-2013-5687
+ RESERVED
+CVE-2013-5686
+ RESERVED
+CVE-2013-5685
+ RESERVED
+CVE-2013-5684
+ RESERVED
+CVE-2013-5683
+ RESERVED
+CVE-2013-5682
+ RESERVED
+CVE-2013-5681
+ RESERVED
+CVE-2013-5680
+ RESERVED
+CVE-2013-5679
+ RESERVED
+CVE-2013-5678
+ RESERVED
+CVE-2013-5677
+ RESERVED
+CVE-2013-5676
+ RESERVED
+CVE-2013-5674
+ RESERVED
+CVE-2013-5669
+ RESERVED
+CVE-2013-5668
+ RESERVED
+CVE-2013-5667
+ RESERVED
+CVE-2013-5666
+ RESERVED
+CVE-2013-5665
+ RESERVED
+CVE-2013-5664 (Cross-site scripting (XSS) vulnerability in the web-based ...)
+ TODO: check
+CVE-2013-5663 (The App-ID cache feature in Palo Alto Networks PAN-OS before 4.0.14, ...)
+ TODO: check
+CVE-2013-5662
+ RESERVED
+CVE-2013-5661
+ RESERVED
+CVE-2013-5660
+ RESERVED
+CVE-2013-5659
+ RESERVED
+CVE-2013-5658
+ RESERVED
+CVE-2013-5657
+ RESERVED
+CVE-2013-5656
+ RESERVED
+CVE-2012-6606 (Palo Alto Networks GlobalProtect before 1.1.7, and NetConnect, does ...)
+ TODO: check
+CVE-2012-6605 (The device-management command-line interface in Palo Alto Networks ...)
+ TODO: check
+CVE-2012-6604 (The device-management command-line interface in Palo Alto Networks ...)
+ TODO: check
+CVE-2012-6603 (The web management UI in Palo Alto Networks PAN-OS before 3.1.12, ...)
+ TODO: check
+CVE-2012-6602 (The device-management command-line interface in Palo Alto Networks ...)
+ TODO: check
+CVE-2012-6601 (The device-management command-line interface in Palo Alto Networks ...)
+ TODO: check
+CVE-2012-6600 (The device-management command-line interface in Palo Alto Networks ...)
+ TODO: check
+CVE-2012-6599 (The device-management command-line interface in Palo Alto Networks ...)
+ TODO: check
+CVE-2012-6598 (The device-management command-line interface in Palo Alto Networks ...)
+ TODO: check
+CVE-2012-6597 (Palo Alto Networks PAN-OS before 3.1.11 and 4.0.x before 4.0.9 allows ...)
+ TODO: check
+CVE-2012-6596 (Palo Alto Networks PAN-OS 4.0.x before 4.0.9 and 4.1.x before 4.1.3 ...)
+ TODO: check
+CVE-2012-6595 (The device-management command-line interface in Palo Alto Networks ...)
+ TODO: check
+CVE-2012-6594 (The device-management command-line interface in Palo Alto Networks ...)
+ TODO: check
+CVE-2012-6593 (Palo Alto Networks PAN-OS before 3.1.10 and 4.0.x before 4.0.4 allows ...)
+ TODO: check
+CVE-2012-6592 (Palo Alto Networks PAN-OS before 3.1.10 and 4.0.x before 4.0.5 allows ...)
+ TODO: check
+CVE-2012-6591 (The device-management command-line interface in Palo Alto Networks ...)
+ TODO: check
+CVE-2012-6590 (The web-based management UI in Palo Alto Networks PAN-OS 4.0.x before ...)
+ TODO: check
CVE-2013-5689 [Arbitrary File Upload]
RESERVED
- ajaxplorer <itp> (bug #668381)
@@ -5,18 +131,24 @@
RESERVED
- ajaxplorer <itp> (bug #668381)
CVE-2013-5675
+ RESERVED
NOT-FOR-US: Symantec Endpoint Protection
CVE-2013-4298 [Memory corruption while processing GIF comments]
RESERVED
+ {DSA-2750-1}
- imagemagick 8:6.7.7.10-6 (bug #721273)
[squeeze] - imagemagick <not-affected> (Code not vulnerable)
CVE-2013-5673 [SQL injection]
+ RESERVED
NOT-FOR-US: IndiaNIC Testimonial plugin 2.2 for WordPress
CVE-2013-5672 [CSRF]
+ RESERVED
NOT-FOR-US: IndiaNIC Testimonial plugin 2.2 for WordPress
CVE-2013-5671 [Remote Command Injection]
+ RESERVED
NOT-FOR-US: fog-dragonfly Ruby Gem
CVE-2013-5670 [XSS]
+ RESERVED
- serendipity <not-affected> (Spellcheck plugin not included in 1.5.x)
CVE-2013-5653
RESERVED
@@ -437,12 +569,12 @@
RESERVED
CVE-2013-5472
RESERVED
-CVE-2013-5471
- RESERVED
-CVE-2013-5470
- RESERVED
-CVE-2013-5469
- RESERVED
+CVE-2013-5471 (Cross-site request forgery (CSRF) vulnerability in the web framework ...)
+ TODO: check
+CVE-2013-5470 (Cisco Secure Access Control System (ACS) does not properly handle ...)
+ TODO: check
+CVE-2013-5469 (The TCP implementation in Cisco IOS does not properly implement the ...)
+ TODO: check
CVE-2013-5468
RESERVED
CVE-2013-5467
@@ -1323,8 +1455,7 @@
RESERVED
CVE-2013-5036
RESERVED
-CVE-2013-5035
- RESERVED
+CVE-2013-5035 (Multiple race conditions in HtmlCleaner before 2.6, as used in ...)
NOT-FOR-US: Open-Xchange
CVE-2013-5034
RESERVED
@@ -1884,8 +2015,7 @@
RESERVED
CVE-2013-4791
RESERVED
-CVE-2013-4790 [Data injection]
- RESERVED
+CVE-2013-4790 (Open-Xchange AppSuite before 7.0.2 rev14, 7.2.0 before rev11, 7.2.1 ...)
- open-xchange <itp> (bug #269329)
CVE-2013-4789 (SQL injection vulnerability in modules/rss/rss.php in Cotonti before ...)
NOT-FOR-US: Cotonti
@@ -2112,8 +2242,8 @@
RESERVED
CVE-2013-4703
RESERVED
-CVE-2013-4702
- RESERVED
+CVE-2013-4702 (Multiple directory traversal vulnerabilities in the doApiAction ...)
+ TODO: check
CVE-2013-4701 (Auth/Yadis/XML.php in PHP OpenID Library 2.2.2 and earlier allows ...)
- php-openid <unfixed> (bug #721221)
TODO: check, potentially also simplesamlphp, typo3-src and wordpress-openid (including a Auth/Yadis/XML.php in source)
@@ -3174,9 +3304,11 @@
RESERVED
CVE-2013-4234 [heap overflow]
RESERVED
+ {DSA-2751-1}
- libmodplug 1:0.8.8.4-4 (bug #719462)
CVE-2013-4233 [integer overflow]
RESERVED
+ {DSA-2751-1}
- libmodplug 1:0.8.8.4-4 (bug #719462)
CVE-2013-4232 [use after free]
RESERVED
@@ -4761,20 +4893,20 @@
RESERVED
CVE-2013-3606
RESERVED
-CVE-2013-3605
- RESERVED
-CVE-2013-3604
- RESERVED
-CVE-2013-3603
- RESERVED
-CVE-2013-3602
- RESERVED
-CVE-2013-3601
- RESERVED
-CVE-2013-3600
- RESERVED
-CVE-2013-3599
- RESERVED
+CVE-2013-3605 (Cross-site request forgery (CSRF) vulnerability in Coursemill Learning ...)
+ TODO: check
+CVE-2013-3604 (Multiple cross-site scripting (XSS) vulnerabilities in Coursemill ...)
+ TODO: check
+CVE-2013-3603 (Cross-site scripting (XSS) vulnerability in Coursemill Learning ...)
+ TODO: check
+CVE-2013-3602 (SQL injection vulnerability in admindocumentworker.jsp in Coursemill ...)
+ TODO: check
+CVE-2013-3601 (Coursemill Learning Management System (LMS) 6.6 does not properly ...)
+ TODO: check
+CVE-2013-3600 (Coursemill Learning Management System (LMS) 6.6 allows remote ...)
+ TODO: check
+CVE-2013-3599 (userlogin.jsp in Coursemill Learning Management System (LMS) 6.6 and ...)
+ TODO: check
CVE-2013-3598 (Directory traversal vulnerability in servlet/CreateTemplateServlet in ...)
NOT-FOR-US: SearchBlox
CVE-2013-3597 (servlet/CollectionListServlet in SearchBlox before 7.5 build 1 allows ...)
@@ -5036,8 +5168,8 @@
RESERVED
CVE-2013-3486
RESERVED
-CVE-2013-3485
- RESERVED
+CVE-2013-3485 (Multiple untrusted search path vulnerabilities in Soda PDF ...)
+ TODO: check
CVE-2013-3484
RESERVED
CVE-2013-3483
@@ -5048,8 +5180,8 @@
RESERVED
CVE-2013-3480 (Integer overflow in Sagelight 4.4 and earlier allows remote attackers ...)
NOT-FOR-US: Sagelight
-CVE-2013-3479
- RESERVED
+CVE-2013-3479 (Cross-site request forgery (CSRF) vulnerability in the ShareThis ...)
+ TODO: check
CVE-2013-3478
RESERVED
CVE-2013-3477
@@ -5058,8 +5190,8 @@
RESERVED
CVE-2013-3475 (Stack-based buffer overflow in db2aud in the Audit Facility in IBM DB2 ...)
NOT-FOR-US: IBM
-CVE-2013-3474
- RESERVED
+CVE-2013-3474 (The Web Administrator Interface on Cisco Wireless LAN Controller (WLC) ...)
+ TODO: check
CVE-2013-3473
RESERVED
CVE-2013-3472 (Cross-site request forgery (CSRF) vulnerability in the Enterprise ...)
@@ -5068,8 +5200,8 @@
NOT-FOR-US: Cisco
CVE-2013-3470 (The RIP process in Cisco IOS XR allows remote attackers to cause a ...)
NOT-FOR-US: Cisco IOS XR
-CVE-2013-3469
- RESERVED
+CVE-2013-3469 (Cisco Mobility Services Engine does not properly set up the Oracle SSL ...)
+ TODO: check
CVE-2013-3468 (The Cisco Unified IP Phone 8945 with software 9.3(2) allows remote ...)
NOT-FOR-US: Cisco
CVE-2013-3467 (Memory leak in the CLI component on Cisco Unified Computing System ...)
@@ -5328,8 +5460,7 @@
NOT-FOR-US: Adobe Shockwave Player
CVE-2013-3347 (Integer overflow in Adobe Flash Player before 11.7.700.232 and 11.8.x ...)
NOT-FOR-US: Adobe Flash
-CVE-2013-3346
- RESERVED
+CVE-2013-3346 (Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and ...)
NOT-FOR-US: Adobe Reader
CVE-2013-3345 (Adobe Flash Player before 11.7.700.232 and 11.8.x before 11.8.800.94 ...)
NOT-FOR-US: Adobe Flash
@@ -5470,9 +5601,9 @@
RESERVED
CVE-2013-3278
RESERVED
-CVE-2013-3277
+CVE-2013-3277 (Open redirect vulnerability in EMC RSA Archer GRC 5.x before 5.4 ...)
NOT-FOR-US: EMC
-CVE-2013-3276
+CVE-2013-3276 (EMC RSA Archer GRC 5.x before 5.4 allows remote authenticated users to ...)
NOT-FOR-US: EMC
CVE-2013-3275 (EMC Avamar Server and Avamar Virtual Edition before 7.0 on Data Store ...)
NOT-FOR-US: EMC
@@ -5875,8 +6006,8 @@
RESERVED
CVE-2013-3107 (VMware vCenter Server 5.1 before Update 1, when anonymous LDAP binding ...)
NOT-FOR-US: vCenter
-CVE-2013-3106
- RESERVED
+CVE-2013-3106 (Multiple cross-site scripting (XSS) vulnerabilities in Open-Xchange ...)
+ TODO: check
CVE-2013-3105
RESERVED
CVE-2013-3104
@@ -7110,10 +7241,10 @@
RESERVED
CVE-2013-2584
RESERVED
-CVE-2013-2583
- RESERVED
-CVE-2013-2582
- RESERVED
+CVE-2013-2583 (Multiple cross-site scripting (XSS) vulnerabilities in Open-Xchange ...)
+ TODO: check
+CVE-2013-2582 (CRLF injection vulnerability in the redirect servlet in Open-Xchange ...)
+ TODO: check
CVE-2013-2581
RESERVED
CVE-2013-2580
@@ -10157,8 +10288,7 @@
RESERVED
CVE-2013-1662 (vmware-mount in VMware Workstation 8.x and 9.x and VMware Player 4.x ...)
NOT-FOR-US: VMware
-CVE-2013-1661
- RESERVED
+CVE-2013-1661 (VMware ESXi 4.0 through 5.1, and ESX 4.0 and 4.1, does not properly ...)
NOT-FOR-US: VMware ESXi
CVE-2013-1660
RESERVED
@@ -10202,21 +10332,20 @@
CVE-2013-1652 (Puppet before 2.6.18, 2.7.x before 2.7.21, and 3.1.x before 3.1.1, and ...)
{DSA-2643-1}
- puppet 2.7.18-3
-CVE-2013-1651
- RESERVED
-CVE-2013-1650
- RESERVED
-CVE-2013-1649
- RESERVED
-CVE-2013-1648
- RESERVED
-CVE-2013-1647
- RESERVED
-CVE-2013-1646
- RESERVED
+CVE-2013-1651 (OXUpdater in Open-Xchange Server before 6.20.7 rev14, 6.22.0 before ...)
+ TODO: check
+CVE-2013-1650 (Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and ...)
+ TODO: check
+CVE-2013-1649 (Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and ...)
+ TODO: check
+CVE-2013-1648 (The Subscriptions feature in Open-Xchange Server before 6.20.7 rev14, ...)
+ TODO: check
+CVE-2013-1647 (Multiple CRLF injection vulnerabilities in Open-Xchange Server before ...)
+ TODO: check
+CVE-2013-1646 (Multiple cross-site scripting (XSS) vulnerabilities in Open-Xchange ...)
NOT-FOR-US: Open-Xchange
-CVE-2013-1645
- RESERVED
+CVE-2013-1645 (Directory traversal vulnerability in Open-Xchange Server before 6.20.7 ...)
+ TODO: check
CVE-2013-1644
RESERVED
CVE-2013-1643 (The SOAP parser in PHP before 5.3.22 and 5.4.x before 5.4.13 allows ...)
@@ -11320,8 +11449,8 @@
NOT-FOR-US: Cisco
CVE-2013-1229 (TMSSNMPService.exe in TelePresence Manager in Cisco TelePresence ...)
NOT-FOR-US: Cisco
-CVE-2013-1228
- RESERVED
+CVE-2013-1228 (Cisco Jabber on Windows does not verify X.509 certificates from SSL ...)
+ TODO: check
CVE-2013-1227 (Cross-site scripting (XSS) vulnerability in the web framework in Cisco ...)
NOT-FOR-US: Cisco Unified Communications Domain Manager
CVE-2013-1226 (The Ethernet frame-forwarding implementation in Cisco NX-OS on Nexus ...)
@@ -11538,15 +11667,15 @@
RESERVED
CVE-2013-1120 (Multiple cross-site request forgery (CSRF) vulnerabilities on the ...)
NOT-FOR-US: Cisco Unity Express
-CVE-2013-1119
+CVE-2013-1119 (Buffer overflow in Cisco WebEx Recording Format (WRF) player T27 LD ...)
NOT-FOR-US: Cisco WebEx
-CVE-2013-1118
+CVE-2013-1118 (Stack-based buffer overflow in Cisco WebEx Recording Format (WRF) ...)
NOT-FOR-US: Cisco WebEx
-CVE-2013-1117
+CVE-2013-1117 (Buffer overflow in the exception handler in Cisco WebEx Recording ...)
NOT-FOR-US: Cisco WebEx
-CVE-2013-1116
+CVE-2013-1116 (Buffer overflow in Cisco WebEx Advanced Recording Format (ARF) player ...)
NOT-FOR-US: Cisco WebEx
-CVE-2013-1115
+CVE-2013-1115 (Buffer overflow in Cisco WebEx Advanced Recording Format (ARF) player ...)
NOT-FOR-US: Cisco WebEx
CVE-2013-1114 (Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unity ...)
NOT-FOR-US: Cisco Unity Express
@@ -15783,8 +15912,8 @@
NOT-FOR-US: Cisco
CVE-2012-5991 (screens/base/web_auth_custom.html on Cisco Wireless LAN Controller ...)
NOT-FOR-US: Cisco
-CVE-2012-5990
- RESERVED
+CVE-2012-5990 (Multiple cross-site scripting (XSS) vulnerabilities in Health Monitor ...)
+ TODO: check
CVE-2012-5989
RESERVED
CVE-2012-5988
More information about the Secure-testing-commits
mailing list