[Secure-testing-commits] r22137 - data/CVE

Joey Hess Thu, 02 May 2013 14:15:10 -0700

Author: joeyh
Date: 2013-05-02 21:14:56 +0000 (Thu, 02 May 2013)
New Revision: 22137


Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2013-05-02 19:44:10 UTC (rev 22136)
+++ data/CVE/list       2013-05-02 21:14:56 UTC (rev 22137)
@@ -1,3 +1,23 @@
+CVE-2013-3318
+       RESERVED
+CVE-2013-3317
+       RESERVED
+CVE-2013-3316
+       RESERVED
+CVE-2013-3315
+       RESERVED
+CVE-2013-3314
+       RESERVED
+CVE-2013-3313
+       RESERVED
+CVE-2013-3312
+       RESERVED
+CVE-2013-3311
+       RESERVED
+CVE-2013-3310
+       RESERVED
+CVE-2009-5135 (The Java XML parser in Echo before 2.1.1 and 3.x before 3.0.b6 
allows ...)
+       TODO: check
 CVE-2013-3309
        RESERVED
 CVE-2013-3308
@@ -94,8 +114,7 @@
 CVE-2013-3267
        RESERVED
        - joomla <itp> (bug #571794)
-CVE-2013-3266 [Insufficient input validation in the NFS server]
-       RESERVED
+CVE-2013-3266 (The nfsrvd_readdir function in sys/fs/nfsserver/nfs_nfsdport.c 
in the ...)
        - kfreebsd-9 9.0-11 (bug #706414)
        - kfreebsd-8 <unfixed> (bug #706418)
        NOTE: 
http://www.freebsd.org/security/advisories/FreeBSD-SA-13:05.nfsserver.asc
@@ -448,8 +467,8 @@
        RESERVED
 CVE-2013-3108
        RESERVED
-CVE-2013-3107
-       RESERVED
+CVE-2013-3107 (VMware vCenter Server 5.1 before Update 1, when anonymous LDAP 
binding ...)
+       TODO: check
 CVE-2013-3106
        RESERVED
 CVE-2013-3105
@@ -502,10 +521,10 @@
        RESERVED
 CVE-2013-3081
        RESERVED
-CVE-2013-3080
-       RESERVED
-CVE-2013-3079
-       RESERVED
+CVE-2013-3080 (VMware vCenter Server Appliance (vCSA) 5.1 before Update 1 
allows ...)
+       TODO: check
+CVE-2013-3079 (VMware vCenter Server Appliance (vCSA) 5.1 before Update 1 
allows ...)
+       TODO: check
 CVE-2013-3078
        RESERVED
 CVE-2013-3077
@@ -537,12 +556,12 @@
        RESERVED
 CVE-2013-3064
        RESERVED
-CVE-2013-3063
-       RESERVED
-CVE-2013-3062
-       RESERVED
-CVE-2013-3061
-       RESERVED
+CVE-2013-3063 (SAP BASIS Communication Services 4.6B through 7.30 allows 
remote ...)
+       TODO: check
+CVE-2013-3062 (The CP_RC_TRANSACTION_CALL_BY_SET function in the Engineering 
...)
+       TODO: check
+CVE-2013-3061 (The ISHMED-PATRED_TRANSACT_RFCCALL function in the IS-H ...)
+       TODO: check
 CVE-2013-3060 (The web console in Apache ActiveMQ before 5.8.0 does not 
require ...)
        - activemq <unfixed>
        TODO: check
@@ -2220,8 +2239,8 @@
        RESERVED
 CVE-2013-2322
        RESERVED
-CVE-2013-2321
-       RESERVED
+CVE-2013-2321 (Cross-site scripting (XSS) vulnerability in HP Service Manager 
Web ...)
+       TODO: check
 CVE-2013-2320
        RESERVED
 CVE-2013-2319
@@ -3872,11 +3891,11 @@
 CVE-2013-1666
        RESERVED
        - foswiki <itp> (bug #509864)
-CVE-2013-1665 (OpenStack Keystone Essex and Folsom allows remote attackers to 
read ...)
+CVE-2013-1665 (The XML libraries for Python 3.4, 3.3, 3.2, 3.1, 2.7, and 2.6, 
as used ...)
        {DSA-2634-1}
        - keystone 2012.1.1-13 (bug #700948)
        - python-django 1.4.4-1
-CVE-2013-1664 (OpenStack Keystone Essex, Folsom, and Grizzly; Compute (Nova) 
Essex ...)
+CVE-2013-1664 (The XML libraries for Python 3.4, 3.3, 3.2, 3.1, 2.7, and 2.6, 
as used ...)
        - keystone 2012.1.1-13 (bug #700948)
        - nova 2012.1.1-13 (bug #700949)
        - cinder 2012.2.3-1 (bug #700950)
@@ -4763,8 +4782,8 @@
        RESERVED
 CVE-2013-1339
        RESERVED
-CVE-2013-1338
-       RESERVED
+CVE-2013-1338 (Use-after-free vulnerability in Microsoft Internet Explorer 6 
through ...)
+       TODO: check
 CVE-2013-1337
        RESERVED
 CVE-2013-1336
@@ -4993,10 +5012,10 @@
        RESERVED
 CVE-2013-1231
        RESERVED
-CVE-2013-1230
-       RESERVED
-CVE-2013-1229
-       RESERVED
+CVE-2013-1230 (Cisco Unified Communications Domain Manager allows remote 
attackers to ...)
+       TODO: check
+CVE-2013-1229 (TMSSNMPService.exe in TelePresence Manager in Cisco 
TelePresence ...)
+       TODO: check
 CVE-2013-1228
        RESERVED
 CVE-2013-1227 (Cross-site scripting (XSS) vulnerability in the web framework 
in Cisco ...)
@@ -5133,16 +5152,16 @@
        NOT-FOR-US: Cisco
 CVE-2013-1161 (The XML parser in the Cisco Jabber IM application for Android 
allows ...)
        NOT-FOR-US: Cisco
-CVE-2013-1160
-       RESERVED
-CVE-2013-1159
-       RESERVED
-CVE-2013-1158
-       RESERVED
-CVE-2013-1157
-       RESERVED
-CVE-2013-1156
-       RESERVED
+CVE-2013-1160 (Cross-site scripting (XSS) vulnerability in the OpenView web 
menus in ...)
+       TODO: check
+CVE-2013-1159 (Cross-site scripting (XSS) vulnerability in the Netcool Impact 
(NCI) ...)
+       TODO: check
+CVE-2013-1158 (Cross-site scripting (XSS) vulnerability in the IBM Tivoli 
Monitoring ...)
+       TODO: check
+CVE-2013-1157 (Cross-site scripting (XSS) vulnerability in the IBM Tivoli 
Monitoring ...)
+       TODO: check
+CVE-2013-1156 (Directory traversal vulnerability in Cisco Prime Central for 
Hosted ...)
+       TODO: check
 CVE-2013-1155 (The auth-proxy functionality in Cisco Firewall Services Module 
(FWSM) ...)
        NOT-FOR-US: Cisco Firewall Services Module
 CVE-2013-1154 (The Cisco Small Business 200 Series Smart Switch 1.2.7.76 and 
earlier, ...)
@@ -6345,8 +6364,8 @@
        NOT-FOR-US: e107
 CVE-2013-0700 (Siemens SIMATIC S7-1200 PLCs 2.x and 3.x allow remote attackers 
to ...)
        NOT-FOR-US: Siemens SIMATIC
-CVE-2013-0699
-       RESERVED
+CVE-2013-0699 (The Galil RIO-47100 Pocket PLC allows remote attackers to cause 
a ...)
+       TODO: check
 CVE-2013-0698
        RESERVED
 CVE-2013-0697
@@ -6397,8 +6416,8 @@
        NOT-FOR-US: Siemens WinCC
 CVE-2013-0674 (Buffer overflow in the RegReader ActiveX control in Siemens 
WinCC ...)
        NOT-FOR-US: Siemens WinCC
-CVE-2013-0673
-       RESERVED
+CVE-2013-0673 (Directory traversal vulnerability in the web interface in the 
Health ...)
+       TODO: check
 CVE-2013-0672 (Cross-site scripting (XSS) vulnerability in the HMI web 
application in ...)
        NOT-FOR-US: Siemens WinCC
 CVE-2013-0671 (Directory traversal vulnerability in Siemens WinCC (TIA Portal) 
11 ...)
@@ -6411,8 +6430,8 @@
        NOT-FOR-US: Siemens WinCC
 CVE-2013-0667 (Cross-site scripting (XSS) vulnerability in the HMI web 
application in ...)
        NOT-FOR-US: Siemens WinCC
-CVE-2013-0666
-       RESERVED
+CVE-2013-0666 (The configuration utility in MatrikonOPC Security Gateway 1.0 
allows ...)
+       TODO: check
 CVE-2013-0665 (Schweitzer Engineering Laboratories (SEL) AcSELerator QuickSet 
before ...)
        NOT-FOR-US: Schweitzer Engineering Laboratories AcSELerator QuickSet
 CVE-2013-0664 (The FactoryCast service on the Schneider Electric Quantum 
140NOE77111 ...)
@@ -6683,8 +6702,8 @@
        NOT-FOR-US: IBM WebSphere Application Server
 CVE-2013-0539
        RESERVED
-CVE-2013-0538
-       RESERVED
+CVE-2013-0538 (Cross-site scripting (XSS) vulnerability in IBM Lotus Notes 8.x 
before ...)
+       TODO: check
 CVE-2013-0537
        RESERVED
 CVE-2013-0536
@@ -7993,10 +8012,10 @@
        RESERVED
 CVE-2013-0142
        RESERVED
-CVE-2013-0141
-       RESERVED
-CVE-2013-0140
-       RESERVED
+CVE-2013-0141 (Directory traversal vulnerability in McAfee ePolicy 
Orchestrator (ePO) ...)
+       TODO: check
+CVE-2013-0140 (SQL injection vulnerability in the Agent-Handler component in 
McAfee ...)
+       TODO: check
 CVE-2013-0139 (The Arecont Vision AV1355DN MegaDome camera allows remote 
attackers to ...)
        NOT-FOR-US: Arecont Vision
 CVE-2013-0138 (BitZipper 2013 before Update 1 allows remote attackers to 
execute ...)
@@ -8024,8 +8043,8 @@
        TODO: check
 CVE-2013-0128 (The Contact Customer Support feature in the TigerText Free 
Private ...)
        NOT-FOR-US: TigerText
-CVE-2013-0127
-       RESERVED
+CVE-2013-0127 (IBM Lotus Notes 8.x before 8.5.3 FP4 Interim Fix 1 and 9.0 
before ...)
+       TODO: check
 CVE-2013-0126 (Multiple cross-site request forgery (CSRF) vulnerabilities in 
...)
        NOT-FOR-US: Verizon router
 CVE-2013-0125 (Cross-site scripting (XSS) vulnerability in fileview.asp in C2 
...)
@@ -11140,8 +11159,8 @@
        NOT-FOR-US: vbadvanced CMPS
 CVE-2012-5223 (The proc_deutf function in 
includes/functions_vbseocp_abstract.php in ...)
        NOT-FOR-US: vBSEO
-CVE-2012-5222
-       RESERVED
+CVE-2012-5222 (HP Service Manager Web Tier 9.31 before 9.31.2004 p2 allows 
remote ...)
+       TODO: check
 CVE-2012-5221 (Unspecified vulnerability on the HP LaserJet 4xxx, 5200, 90xx, 
M30xx, ...)
        TODO: check
 CVE-2012-5220 (Unspecified vulnerability in HP Storage Data Protector 6.20, 
6.21, ...)
@@ -11766,8 +11785,8 @@
        NOT-FOR-US: Vanilla Forums
 CVE-2012-4953 (The decomposer engine in Symantec Endpoint Protection (SEP) 
11.0, ...)
        NOT-FOR-US: Symantec Endpoint Protection
-CVE-2012-4952
-       RESERVED
+CVE-2012-4952 (Henry Schein Dentrix G5 before 15.1.294 has a single 
internal-database ...)
+       TODO: check
 CVE-2012-4951 (Multiple SQL injection vulnerabilities in 
terminal/paramedit.aspx in ...)
        NOT-FOR-US: VeriFone VeriCentre Web Console
 CVE-2012-4950 (Cross-site scripting (XSS) vulnerability in the Keyword Search 
page in ...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r22137 - data/CVE

Reply via email to