[Secure-testing-commits] r23767 - data/CVE

Joey Hess joeyh at alioth.debian.org
Mon Sep 23 21:16:35 UTC 2013 

Author: joeyh
Date: 2013-09-23 21:16:35 +0000 (Mon, 23 Sep 2013)
New Revision: 23767

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-09-23 19:19:13 UTC (rev 23766)
+++ data/CVE/list	2013-09-23 21:16:35 UTC (rev 23767)
@@ -1,9 +1,29 @@
-CVE-2013-5919
+CVE-2013-5929
 	RESERVED
-CVE-2013-5918
+CVE-2013-5928
 	RESERVED
-CVE-2013-5917
+CVE-2013-5927
 	RESERVED
+CVE-2013-5926
+	RESERVED
+CVE-2013-5925
+	RESERVED
+CVE-2013-5924
+	RESERVED
+CVE-2013-5923
+	RESERVED
+CVE-2013-5922
+	RESERVED
+CVE-2013-5921
+	RESERVED
+CVE-2013-5920
+	RESERVED
+CVE-2013-5919
+	RESERVED
+CVE-2013-5918 (Cross-site scripting (XSS) vulnerability in platinum_seo_pack.php in ...)
+	TODO: check
+CVE-2013-5917 (SQL injection vulnerability in wp-comments-post.php in the NOSpam PTI ...)
+	TODO: check
 CVE-2013-5916
 	RESERVED
 CVE-2013-5915
@@ -470,8 +490,7 @@
 	- open-xchange <itp> (bug #269329)
 CVE-2013-5697
 	RESERVED
-CVE-2013-5696
-	RESERVED
+CVE-2013-5696 (inc/central.class.php in GLPI before 0.84.2 does not attempt to make ...)
 	- glpi <unfixed> (bug #723837)
 	NOTE: CVE split pending
 CVE-2013-5695
@@ -482,8 +501,7 @@
 	RESERVED
 CVE-2013-5692
 	RESERVED
-CVE-2013-5691 [ifioctl credential checks missing]
-	RESERVED
+CVE-2013-5691 (The (1) IPv6 and (2) ATM ioctl request handlers in the kernel in ...)
 	- kfreebsd-9 9.2~svn255465-1 (bug #722338)
 	- kfreebsd-8 <removed>
 CVE-2013-5690
@@ -958,13 +976,11 @@
 	RESERVED
 CVE-2013-5503
 	RESERVED
-CVE-2013-5502
-	RESERVED
-CVE-2013-5501
-	RESERVED
+CVE-2013-5502 (The web interface in Cisco MediaSense does not properly protect the ...)
+	TODO: check
+CVE-2013-5501 (Cross-site scripting (XSS) vulnerability in the oraservice page in ...)
 	NOT-FOR-US: Cisco MediaSense
-CVE-2013-5500
-	RESERVED
+CVE-2013-5500 (Multiple cross-site scripting (XSS) vulnerabilities in the oraadmin ...)
 	NOT-FOR-US: Cisco MediaSense
 CVE-2013-5499
 	RESERVED
@@ -984,16 +1000,16 @@
 	NOT-FOR-US: Cisco
 CVE-2013-5491
 	RESERVED
-CVE-2013-5490
-	RESERVED
+CVE-2013-5490 (Cisco Prime Data Center Network Manager (DCNM) before 6.2(1) allows ...)
+	TODO: check
 CVE-2013-5489 (The gadget implementation in Cisco SocialMiner does not properly ...)
 	NOT-FOR-US: Cisco
 CVE-2013-5488 (Cisco Common Services, as used in Cisco Prime LAN Management Solution ...)
 	NOT-FOR-US: Cisco
-CVE-2013-5487
-	RESERVED
-CVE-2013-5486
-	RESERVED
+CVE-2013-5487 (DCNM-SAN Server in Cisco Prime Data Center Network Manager (DCNM) ...)
+	TODO: check
+CVE-2013-5486 (DCNM-SAN Server in Cisco Prime Data Center Network Manager (DCNM) ...)
+	TODO: check
 CVE-2013-5485
 	RESERVED
 CVE-2013-5484
@@ -2406,27 +2422,21 @@
 	RESERVED
 CVE-2013-4822
 	RESERVED
-CVE-2013-4821
-	RESERVED
-CVE-2013-4820
-	RESERVED
+CVE-2013-4821 (Unspecified vulnerability in HP System Management Homepage (SMH) ...)
+	TODO: check
+CVE-2013-4820 (Unspecified vulnerability in HP IceWall SSO 8.0 through 10.0, IceWall ...)
 	NOT-FOR-US: HP
-CVE-2013-4819
-	RESERVED
+CVE-2013-4819 (Unspecified vulnerability in HP IceWall SSO Agent Option 8.0 through ...)
 	NOT-FOR-US: HP
-CVE-2013-4818
-	RESERVED
+CVE-2013-4818 (Unspecified vulnerability in HP IceWall SSO 8.0 through 10.0, IceWall ...)
 	NOT-FOR-US: HP
-CVE-2013-4817
-	RESERVED
+CVE-2013-4817 (Unspecified vulnerability in HP IceWall SSO Agent Option 8.0 through ...)
 	NOT-FOR-US: HP
 CVE-2013-4816
 	RESERVED
-CVE-2013-4815
-	RESERVED
+CVE-2013-4815 (Cross-site scripting (XSS) vulnerability in the web interface in HP ...)
 	NOT-FOR-US: HP
-CVE-2013-4814
-	RESERVED
+CVE-2013-4814 (Cross-site scripting (XSS) vulnerability in HP XP P9000 Command View ...)
 	NOT-FOR-US: HP
 CVE-2013-4813 (The Agent (aka AgentController) servlet in HP ProCurve Manager (PCM) ...)
 	NOT-FOR-US: HP
@@ -2690,16 +2700,13 @@
 	RESERVED
 CVE-2013-4710
 	RESERVED
-CVE-2013-4709
-	RESERVED
+CVE-2013-4709 (Buffer overflow in the PPP Access Concentrator (PPPAC) on the SEIL/x86 ...)
 	NOT-FOR-US: PPP Access Concentrator
 CVE-2013-4708
 	RESERVED
-CVE-2013-4707
-	RESERVED
+CVE-2013-4707 (The SSH implementation on D-Link Japan DES-3810 devices with firmware ...)
 	NOT-FOR-US: D-Link
-CVE-2013-4706
-	RESERVED
+CVE-2013-4706 (The SSH implementation on the D-Link Japan DWL-2100AP with firmware ...)
 	NOT-FOR-US: D-Link
 CVE-2013-4705 (Cross-site scripting (XSS) vulnerability in Opera before 15.00 allows ...)
 	NOT-FOR-US: Opera
@@ -3548,8 +3555,7 @@
 CVE-2013-4326 [use of insecure polkit DBUS API]
 	RESERVED
 	- rtkit 0.10-3 (bug #723714)
-CVE-2013-4325 [use of insecure polkit DBUS API]
-	RESERVED
+CVE-2013-4325 (The check_permission_v1 function in base/pkit.py in HP Linux Imaging ...)
 	- hplip 3.13.9-1 (bug #723716)
 CVE-2013-4324 [Insecure calling of polkit via polkit_unix_process_new()]
 	RESERVED
@@ -4430,8 +4436,7 @@
 	RESERVED
 CVE-2013-4069
 	RESERVED
-CVE-2013-4068
-	RESERVED
+CVE-2013-4068 (Buffer overflow in iNotes in IBM Domino 8.5.3 before FP5 IF1 and 9.0 ...)
 	NOT-FOR-US: IBM
 CVE-2013-4067
 	RESERVED
@@ -4461,10 +4466,10 @@
 	RESERVED
 CVE-2013-4054
 	RESERVED
-CVE-2013-4053
-	RESERVED
-CVE-2013-4052
-	RESERVED
+CVE-2013-4053 (The WS-Security implementation in IBM WebSphere Application Server ...)
+	TODO: check
+CVE-2013-4052 (Cross-site scripting (XSS) vulnerability in the UDDI Administrative ...)
+	TODO: check
 CVE-2013-4051
 	RESERVED
 CVE-2013-4050
@@ -5748,8 +5753,7 @@
 	NOT-FOR-US: IBM
 CVE-2013-3474 (The Web Administrator Interface on Cisco Wireless LAN Controller (WLC) ...)
 	NOT-FOR-US: Cisco
-CVE-2013-3473
-	RESERVED
+CVE-2013-3473 (The web framework in Cisco Prime Central for Hosted Collaboration ...)
 	NOT-FOR-US: Cisco
 CVE-2013-3472 (Cross-site request forgery (CSRF) vulnerability in the Enterprise ...)
 	NOT-FOR-US: Cisco
@@ -10510,10 +10514,10 @@
 	- icedove <not-affected> (Only affects Firefox > 17)
 	- iceape <not-affected> (Only affects Firefox > 17)
 CVE-2013-1737 (Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, ...)
-	{DSA-2759-1}
+	{DSA-2762-1 DSA-2759-1}
 	TODO: check
 CVE-2013-1736 (The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before ...)
-	{DSA-2759-1}
+	{DSA-2762-1 DSA-2759-1}
 	- iceweasel 24.0-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove <unfixed>
@@ -10521,7 +10525,7 @@
 	- iceape <unfixed>
 	[squeeze] - iceape <end-of-life>
 CVE-2013-1735 (Use-after-free vulnerability in the mozilla::layout::ScrollbarActivity ...)
-	{DSA-2759-1}
+	{DSA-2762-1 DSA-2759-1}
 	- iceweasel 24.0-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove <unfixed>
@@ -10533,7 +10537,7 @@
 CVE-2013-1733
 	RESERVED
 CVE-2013-1732 (Buffer overflow in the nsFloatManager::GetFlowArea function in Mozilla ...)
-	{DSA-2759-1}
+	{DSA-2762-1 DSA-2759-1}
 	- iceweasel 24.0-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove <unfixed>
@@ -10545,7 +10549,7 @@
 	- icedove <not-affected> (Android-specific)
 	- iceape <not-affected> (Android-specific)
 CVE-2013-1730 (Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, ...)
-	{DSA-2759-1}
+	{DSA-2762-1 DSA-2759-1}
 	- iceweasel 24.0-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove <unfixed>
@@ -10571,7 +10575,7 @@
 	- icedove <not-affected> (Updater not used in Debian)
 	- iceape <not-affected> (Updater not used in Debian)
 CVE-2013-1725 (Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, ...)
-	{DSA-2759-1}
+	{DSA-2762-1 DSA-2759-1}
 	- iceweasel 24.0-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove <unfixed>
@@ -10591,7 +10595,7 @@
 	- icedove <not-affected> (Only affects Firefox > 17)
 	- iceape <not-affected> (Only affects Firefox > 17)
 CVE-2013-1722 (Use-after-free vulnerability in the ...)
-	{DSA-2759-1}
+	{DSA-2762-1 DSA-2759-1}
 	- iceweasel 24.0-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove <unfixed>
@@ -10616,7 +10620,7 @@
 	- icedove <not-affected> (Only affects Firefox > 17)
 	- iceape <not-affected> (Only affects Firefox > 17)
 CVE-2013-1718 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
-	{DSA-2759-1}
+	{DSA-2762-1 DSA-2759-1}
 	- iceweasel 24.0-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove <unfixed>
@@ -11434,7 +11438,7 @@
 	NOT-FOR-US: w-CMS 2.01
 CVE-2011-5255 (Multiple cross-site scripting (XSS) vulnerabilities in admin/login in ...)
 	NOT-FOR-US: X3 CMS
-CVE-2010-5290
+CVE-2010-5290 (The authentication process in Adobe ColdFusion before 10 does not ...)
 	NOT-FOR-US: Adobe ColdFusion
 CVE-2010-5287 (SQL injection vulnerability in default.php in Cornerstone Technologies ...)
 	NOT-FOR-US: Cornerstone Technologies webConductor
@@ -12274,8 +12278,7 @@
 	NOT-FOR-US: Cisco
 CVE-2013-1131 (Cisco Small Business Wireless Access Points WAP200, WAP2000, WAP200E, ...)
 	NOT-FOR-US: Cisco Small Business Wireless Access Points
-CVE-2013-1130
-	RESERVED
+CVE-2013-1130 (Cisco AnyConnect Secure Mobility Client on Mac OS X uses weak ...)
 	NOT-FOR-US: Cisco
 CVE-2013-1129 (Memory leak in Cisco Unity Connection 9.x allows remote attackers to ...)
 	NOT-FOR-US: Cisco
@@ -13915,8 +13918,8 @@
 	RESERVED
 CVE-2013-0597 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Application ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2013-0596
-	RESERVED
+CVE-2013-0596 (Cross-site scripting (XSS) vulnerability in the Administrative console ...)
+	TODO: check
 CVE-2013-0595 (Multiple cross-site scripting (XSS) vulnerabilities in iNotes 8.5.x in ...)
 	NOT-FOR-US: IBM Lotus Domino
 CVE-2013-0594
@@ -21844,8 +21847,7 @@
 	RESERVED
 CVE-2012-4094
 	RESERVED
-CVE-2012-4093
-	RESERVED
+CVE-2012-4093 (The Manager component in Cisco Unified Computing System (UCS) allows ...)
 	NOT-FOR-US: Cisco Unified Computing System
 CVE-2012-4092
 	RESERVED
@@ -21865,14 +21867,11 @@
 	RESERVED
 CVE-2012-4084
 	RESERVED
-CVE-2012-4083
-	RESERVED
+CVE-2012-4083 (Multiple buffer overflows in the administrative web interface in Cisco ...)
 	NOT-FOR-US: Cisco Unified Computing System
-CVE-2012-4082
-	RESERVED
+CVE-2012-4082 (MCTools in the Cisco Management Controller in Cisco Unified Computing ...)
 	NOT-FOR-US: Cisco
-CVE-2012-4081
-	RESERVED
+CVE-2012-4081 (MCServer in the Cisco Management Controller in Cisco Unified Computing ...)
 	NOT-FOR-US: Cisco
 CVE-2012-4080
 	RESERVED
@@ -21886,14 +21885,11 @@
 	RESERVED
 CVE-2012-4075
 	RESERVED
-CVE-2012-4074
-	RESERVED
+CVE-2012-4074 (The Board Management Controller (BMC) in the Serial over LAN (SoL) ...)
 	NOT-FOR-US: Cisco Unified Computing System
-CVE-2012-4073
-	RESERVED
+CVE-2012-4073 (The KVM subsystem in the client in Cisco Unified Computing System ...)
 	NOT-FOR-US: Cisco Unified Computing System
-CVE-2012-4072
-	RESERVED
+CVE-2012-4072 (The KVM subsystem in Cisco Unified Computing System (UCS) relies on a ...)
 	NOT-FOR-US: Cisco Unified Computing System
 CVE-2012-4071 (Cross-site scripting (XSS) vulnerability in the comments module in the ...)
 	NOT-FOR-US: Joomla addon

More information about the Secure-testing-commits mailing list