Author: joeyh
Date: 2013-05-29 09:14:26 +0000 (Wed, 29 May 2013)
New Revision: 22395
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-05-29 08:52:09 UTC (rev 22394)
+++ data/CVE/list 2013-05-29 09:14:26 UTC (rev 22395)
@@ -1,3 +1,47 @@
+CVE-2013-3681
+ RESERVED
+CVE-2013-3680
+ RESERVED
+CVE-2013-3679
+ RESERVED
+CVE-2013-3678
+ RESERVED
+CVE-2013-3677
+ RESERVED
+CVE-2013-3676
+ RESERVED
+CVE-2013-3675
+ RESERVED
+CVE-2013-3674
+ RESERVED
+CVE-2013-3673
+ RESERVED
+CVE-2013-3672
+ RESERVED
+CVE-2013-3671
+ RESERVED
+CVE-2013-3670
+ RESERVED
+CVE-2013-3669
+ RESERVED
+CVE-2013-3668
+ RESERVED
+CVE-2013-3667
+ RESERVED
+CVE-2013-3666
+ RESERVED
+CVE-2013-3665
+ RESERVED
+CVE-2013-3664
+ RESERVED
+CVE-2013-3663
+ RESERVED
+CVE-2013-3662
+ RESERVED
+CVE-2013-3661 (The EPATHOBJ::bFlatten function in win32k.sys in Microsoft
Windows XP ...)
+ TODO: check
+CVE-2013-3660 (The EPATHOBJ::pprFlattenRec function in win32k.sys in Microsoft
...)
+ TODO: check
CVE-2013-XXXX [libraw: multiple issues]
- libraw <unfixed>
NOTE: http://www.openwall.com/lists/oss-security/2013/05/28/3
@@ -73,10 +117,10 @@
RESERVED
CVE-2013-3635
RESERVED
-CVE-2013-3634
- RESERVED
-CVE-2013-3633
- RESERVED
+CVE-2013-3634 (The SNMPv3 functionality on Siemens Scalance X200 IRT switches
with ...)
+ TODO: check
+CVE-2013-3633 (The web interface on Siemens Scalance X200 IRT switches with
firmware ...)
+ TODO: check
CVE-2013-3632
RESERVED
CVE-2013-3631
@@ -221,44 +265,36 @@
RESERVED
CVE-2013-3563
RESERVED
-CVE-2013-3562 [wireshark: Websocket dissector crash]
- RESERVED
+CVE-2013-3562 (Multiple integer signedness errors in the tvb_unmasked function
in ...)
- wireshark 1.8.7-1 (bug #709167)
[squeeze] - wireshark <not-affected> (Only affects 1.8.x)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8499
NOTE: http://www.wireshark.org/security/wnpa-sec-2013-29.html
-CVE-2013-3561 [wireshark: Websocket dissector crash]
- RESERVED
+CVE-2013-3561 (Multiple integer overflows in Wireshark 1.8.x before 1.8.7
allow ...)
- wireshark 1.8.7-1 (bug #709167)
[squeeze] - wireshark <not-affected> (Only affects 1.8.x)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8448
NOTE: http://www.wireshark.org/security/wnpa-sec-2013-29.html
-CVE-2013-3560 [wireshark: MPEG DSM-CC dissector crash]
- RESERVED
+CVE-2013-3560 (The dissect_dsmcc_un_download function in ...)
- wireshark 1.8.7-1 (unimportant; bug #709167)
[squeeze] - wireshark <not-affected> (Only affects 1.8.x)
NOTE: http://www.wireshark.org/security/wnpa-sec-2013-28.html
NOTE: Not suitable for code injection
-CVE-2013-3559 [wireshark: DCP ETSI dissector crash]
- RESERVED
+CVE-2013-3559 (epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in
...)
- wireshark 1.8.7-1 (bug #709167)
[squeeze] - wireshark <not-affected> (Only affects 1.8.x)
NOTE: http://www.wireshark.org/security/wnpa-sec-2013-27.html
-CVE-2013-3558 [wireshark: PPP CCP dissector crash]
- RESERVED
+CVE-2013-3558 (The dissect_ccp_bsdcomp_opt function in
epan/dissectors/packet-ppp.c ...)
- wireshark 1.8.7-1 (bug #709167)
[squeeze] - wireshark <not-affected> (Only affects 1.8.x)
NOTE: http://www.wireshark.org/security/wnpa-sec-2013-26.html
-CVE-2013-3557 [wireshark: ASN.1 BER dissector crash]
- RESERVED
+CVE-2013-3557 (The dissect_ber_choice function in epan/dissectors/packet-ber.c
in the ...)
- wireshark 1.8.7-1 (bug #709167)
NOTE: http://www.wireshark.org/security/wnpa-sec-2013-25.html
-CVE-2013-3556 [wireshark: ASN.1 BER dissector crash]
- RESERVED
+CVE-2013-3556 (The fragment_add_seq_common function in epan/reassemble.c in
the ASN.1 ...)
- wireshark <not-affected> (Only affected the dev trunk)
NOTE: http://www.wireshark.org/security/wnpa-sec-2013-25.html (r48943)
-CVE-2013-3555 [wireshark: GTPv2 dissector crash]
- RESERVED
+CVE-2013-3555 (epan/dissectors/packet-gtpv2.c in the GTPv2 dissector in
Wireshark ...)
- wireshark 1.8.7-1 (bug #709167)
[squeeze] - wireshark <not-affected> (Only affects 1.8.x)
NOTE: http://www.wireshark.org/security/wnpa-sec-2013-24.html
@@ -1534,20 +1570,20 @@
RESERVED
CVE-2013-2960
RESERVED
-CVE-2013-2959
- RESERVED
+CVE-2013-2959 (The Console in IBM InfoSphere Optim Data Growth for Oracle
E-Business ...)
+ TODO: check
CVE-2013-2958
RESERVED
-CVE-2013-2957
- RESERVED
-CVE-2013-2956
- RESERVED
-CVE-2013-2955
- RESERVED
-CVE-2013-2954
- RESERVED
-CVE-2013-2953
- RESERVED
+CVE-2013-2957 (Cross-site scripting (XSS) vulnerability in IBM InfoSphere
Optim Data ...)
+ TODO: check
+CVE-2013-2956 (SQL injection vulnerability in the Console in IBM InfoSphere
Optim ...)
+ TODO: check
+CVE-2013-2955 (Cross-site scripting (XSS) vulnerability in IBM InfoSphere
Optim Data ...)
+ TODO: check
+CVE-2013-2954 (The login page in the Console in IBM InfoSphere Optim Data
Growth for ...)
+ TODO: check
+CVE-2013-2953 (IBM InfoSphere Optim Data Growth for Oracle E-Business Suite
6.x, 7.x, ...)
+ TODO: check
CVE-2013-2952
RESERVED
CVE-2013-2951
@@ -3601,27 +3637,22 @@
- owncloud <not-affected> (Only affects 5.0.x)
CVE-2013-2084
RESERVED
-CVE-2013-2083 [Form filtering issue]
- RESERVED
+CVE-2013-2083 (The MoodleQuickForm class in lib/formslib.php in Moodle through
...)
- moodle <unfixed> (low)
[squeeze] - moodle <no-dsa> (Minor issue)
NOTE:
http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-38885
-CVE-2013-2082 [Permission issue in blog comments]
- RESERVED
+CVE-2013-2082 (Moodle through 2.1.10, 2.2.x before 2.2.10, 2.3.x before 2.3.7,
and ...)
- moodle <unfixed>
NOTE:
http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-37245
-CVE-2013-2081 [Information leak in hub registration]
- RESERVED
+CVE-2013-2081 (Moodle through 2.1.10, 2.2.x before 2.2.10, 2.3.x before 2.3.7,
and ...)
- moodle <unfixed> (low)
[squeeze] - moodle <no-dsa> (Minor issue)
NOTE:
http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-37822
-CVE-2013-2080 [Potential information leak in Gradebook]
- RESERVED
+CVE-2013-2080 (The core_grade component in Moodle through 2.2.10, 2.3.x before
2.3.7, ...)
- moodle <unfixed> (low)
[squeeze] - moodle <no-dsa> (Minor issue)
NOTE:
http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-37475
-CVE-2013-2079 [Capability issue in Assignment]
- RESERVED
+CVE-2013-2079 (mod/assign/locallib.php in the assignment module in Moodle
2.3.x ...)
- moodle <not-affected> (Only affects 2.3 and later)
NOTE:
http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-38443
CVE-2013-2078
@@ -7995,8 +8026,8 @@
RESERVED
CVE-2012-6400
RESERVED
-CVE-2012-6399
- RESERVED
+CVE-2012-6399 (Cisco WebEx 4.1 on iOS does not verify that the server hostname
...)
+ TODO: check
CVE-2012-6398
RESERVED
CVE-2012-6397 (Cross-site scripting (XSS) vulnerability in Cisco WebEx Social
...)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
