[Secure-testing-commits] r23598 - data/CVE
Salvatore Bonaccorso
carnil at alioth.debian.org
Tue Sep 10 05:15:59 UTC 2013
Author: carnil
Date: 2013-09-10 05:15:56 +0000 (Tue, 10 Sep 2013)
New Revision: 23598
Modified:
data/CVE/list
Log:
Do another manual update for the CVE list
Note: pinged joeyh already asking for if htere are problems with the
cronjob.
http://lists.debian.org/debian-security-tracker/2013/09/msg00006.html
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-09-09 19:45:36 UTC (rev 23597)
+++ data/CVE/list 2013-09-10 05:15:56 UTC (rev 23598)
@@ -1,3 +1,7 @@
+CVE-2013-5710
+ RESERVED
+CVE-2013-5709
+ RESERVED
CVE-2013-XXXX [Torque privilege escalation]
- torque <unfixed>
NOTE: http://www.supercluster.org/pipermail/torqueusers/2013-September/016098.html
@@ -553,8 +557,8 @@
RESERVED
CVE-2013-5484
RESERVED
-CVE-2013-5483
- RESERVED
+CVE-2013-5483 (Cross-site scripting (XSS) vulnerability in bookmarklet.jsp in Cisco ...)
+ TODO: check
CVE-2013-5482
RESERVED
CVE-2013-5481
@@ -1259,8 +1263,7 @@
RESERVED
CVE-2013-5133
RESERVED
-CVE-2013-5132
- RESERVED
+CVE-2013-5132 (Apple AirPort Base Station Firmware before 7.6.4 does not properly ...)
NOT-FOR-US: Apple AirPort
CVE-2013-5131
RESERVED
@@ -3095,6 +3098,7 @@
NOTE: IE6 lacks so many security features that this doesn't matter
CVE-2013-4302 [mediawiki anti CSRF modules could be accessed via JSON]
RESERVED
+ {DSA-2753-1}
- mediawiki 1:1.19.8+dfsg-1
NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=49090
CVE-2013-4301 [mediawiki full path disclosure]
@@ -3906,10 +3910,10 @@
RESERVED
CVE-2013-4063
RESERVED
-CVE-2013-4062
- RESERVED
-CVE-2013-4061
- RESERVED
+CVE-2013-4062 (IBM Rational Policy Tester 8.5 before 8.5.0.5 does not verify X.509 ...)
+ TODO: check
+CVE-2013-4061 (IBM Rational Policy Tester 8.5 before 8.5.0.5 does not properly check ...)
+ TODO: check
CVE-2013-4060
RESERVED
CVE-2013-4059
@@ -4904,12 +4908,12 @@
RESERVED
CVE-2013-3610
RESERVED
-CVE-2013-3609
- RESERVED
-CVE-2013-3608
- RESERVED
-CVE-2013-3607
- RESERVED
+CVE-2013-3609 (The web interface in the Intelligent Platform Management Interface ...)
+ TODO: check
+CVE-2013-3608 (The web interface in the Intelligent Platform Management Interface ...)
+ TODO: check
+CVE-2013-3607 (Multiple stack-based buffer overflows in the web interface in the ...)
+ TODO: check
CVE-2013-3606
RESERVED
CVE-2013-3605 (Cross-site request forgery (CSRF) vulnerability in Coursemill Learning ...)
@@ -4930,8 +4934,8 @@
NOT-FOR-US: SearchBlox
CVE-2013-3597 (servlet/CollectionListServlet in SearchBlox before 7.5 build 1 allows ...)
NOT-FOR-US: SearchBlox
-CVE-2013-3596
- RESERVED
+CVE-2013-3596 (AdvancePro Advanceware allows remote authenticated users to obtain ...)
+ TODO: check
CVE-2013-3595
RESERVED
CVE-2013-3594
@@ -5241,8 +5245,7 @@
NOT-FOR-US: Cisco
CVE-2013-3459 (Cisco Unified Communications Manager (Unified CM) 7.1(x) before ...)
NOT-FOR-US: Cisco
-CVE-2013-3458
- RESERVED
+CVE-2013-3458 (Cisco Adaptive Security Appliances (ASA) devices, when SMP is used, do ...)
NOT-FOR-US: Cisco Adaptive Security Appliances
CVE-2013-3457 (Absolute path traversal vulnerability in the web interface in Cisco ...)
NOT-FOR-US: Cisco Finesse
@@ -6181,8 +6184,8 @@
NOT-FOR-US: IBM Tivoli Remote Control
CVE-2013-3032 (Cross-site scripting (XSS) vulnerability in the MIME e-mail ...)
NOT-FOR-US: IBM Domino
-CVE-2013-3031
- RESERVED
+CVE-2013-3031 (A SQL stored procedure in the Universal Cache component in IBM solidDB ...)
+ TODO: check
CVE-2013-3030
RESERVED
CVE-2013-3029 (Cross-site request forgery (CSRF) vulnerability in the Administrative ...)
@@ -6249,8 +6252,8 @@
RESERVED
CVE-2013-2998
RESERVED
-CVE-2013-2997
- RESERVED
+CVE-2013-2997 (IBM Security AppScan Enterprise before 8.7 does not invalidate the ...)
+ TODO: check
CVE-2013-2996
RESERVED
CVE-2013-2995
@@ -6259,8 +6262,8 @@
NOT-FOR-US: IBM
CVE-2013-2993 (IBM WebSphere Commerce 6.x through 6.0.0.11 and 7.x through 7.0.0.7 ...)
NOT-FOR-US: IBM
-CVE-2013-2992
- RESERVED
+CVE-2013-2992 (The Search component in IBM WebSphere Commerce 7.0 FP4 through FP6, in ...)
+ TODO: check
CVE-2013-2991
RESERVED
CVE-2013-2990
@@ -6776,8 +6779,8 @@
RESERVED
CVE-2013-2804 (The DNP Master Driver in Software Toolbox TOP Server before 5.12.140.0 ...)
NOT-FOR-US: TOP Server OPC Server
-CVE-2013-2803
- RESERVED
+CVE-2013-2803 (ProSoft RadioLinx ControlScape before 6.00.040 uses a deficient PRNG ...)
+ TODO: check
CVE-2013-2802 (The universal protocol implementation in Sixnet UDR before 2.0 and RTU ...)
NOT-FOR-US: Sixnet
CVE-2013-2801 (The OSIsoft PI Interface for IEEE C37.118 before 1.0.6.158 allows ...)
@@ -6794,14 +6797,14 @@
NOT-FOR-US: Schneider Electric Vijeo Citect
CVE-2013-2795
RESERVED
-CVE-2013-2794
- RESERVED
-CVE-2013-2793
- RESERVED
+CVE-2013-2794 (Triangle MicroWorks SCADA Data Gateway 2.50.0309 through 3.00.0616, ...)
+ TODO: check
+CVE-2013-2793 (Triangle MicroWorks SCADA Data Gateway 2.50.0309 through 3.00.0616, ...)
+ TODO: check
CVE-2013-2792 (Schweitzer Engineering Laboratories (SEL) SEL-2241, SEL-3505, and ...)
NOT-FOR-US: Schweitzer Engineering Laboratories
-CVE-2013-2791
- RESERVED
+CVE-2013-2791 (MatrikonOPC SCADA DNP3 OPC Server 1.2.0 allows remote attackers to ...)
+ TODO: check
CVE-2013-2790 (The master-station DNP3 driver before driver19.exe, and Beta2041.exe, ...)
NOT-FOR-US: IOServer
CVE-2013-2789 (The Kepware DNP Master Driver for the KEPServerEX Communications ...)
@@ -13431,8 +13434,8 @@
NOT-FOR-US: IBM Sametime
CVE-2013-0532 (Cross-site request forgery (CSRF) vulnerability in IBM Security ...)
NOT-FOR-US: IBM Security AppScan Enterprise
-CVE-2013-0531
- RESERVED
+CVE-2013-0531 (The SSL implementation in IBM Security AppScan Enterprise before ...)
+ TODO: check
CVE-2013-0530
RESERVED
CVE-2013-0529 (The Browser in IBM Sterling Connect:Direct 1.4 before 1.4.0.11 and 1.5 ...)
More information about the Secure-testing-commits
mailing list