Author: joeyh
Date: 2014-06-20 21:14:10 +0000 (Fri, 20 Jun 2014)
New Revision: 27371

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2014-06-20 21:10:49 UTC (rev 27370)
+++ data/CVE/list       2014-06-20 21:14:10 UTC (rev 27371)
@@ -1,3 +1,620 @@
+CVE-2014-4504
+       RESERVED
+CVE-2014-4503
+       RESERVED
+CVE-2014-4502
+       RESERVED
+CVE-2014-4501
+       RESERVED
+CVE-2014-4500
+       RESERVED
+CVE-2014-4499
+       RESERVED
+CVE-2014-4498
+       RESERVED
+CVE-2014-4497
+       RESERVED
+CVE-2014-4496
+       RESERVED
+CVE-2014-4495
+       RESERVED
+CVE-2014-4494
+       RESERVED
+CVE-2014-4493
+       RESERVED
+CVE-2014-4492
+       RESERVED
+CVE-2014-4491
+       RESERVED
+CVE-2014-4490
+       RESERVED
+CVE-2014-4489
+       RESERVED
+CVE-2014-4488
+       RESERVED
+CVE-2014-4487
+       RESERVED
+CVE-2014-4486
+       RESERVED
+CVE-2014-4485
+       RESERVED
+CVE-2014-4484
+       RESERVED
+CVE-2014-4483
+       RESERVED
+CVE-2014-4482
+       RESERVED
+CVE-2014-4481
+       RESERVED
+CVE-2014-4480
+       RESERVED
+CVE-2014-4479
+       RESERVED
+CVE-2014-4478
+       RESERVED
+CVE-2014-4477
+       RESERVED
+CVE-2014-4476
+       RESERVED
+CVE-2014-4475
+       RESERVED
+CVE-2014-4474
+       RESERVED
+CVE-2014-4473
+       RESERVED
+CVE-2014-4472
+       RESERVED
+CVE-2014-4471
+       RESERVED
+CVE-2014-4470
+       RESERVED
+CVE-2014-4469
+       RESERVED
+CVE-2014-4468
+       RESERVED
+CVE-2014-4467
+       RESERVED
+CVE-2014-4466
+       RESERVED
+CVE-2014-4465
+       RESERVED
+CVE-2014-4464
+       RESERVED
+CVE-2014-4463
+       RESERVED
+CVE-2014-4462
+       RESERVED
+CVE-2014-4461
+       RESERVED
+CVE-2014-4460
+       RESERVED
+CVE-2014-4459
+       RESERVED
+CVE-2014-4458
+       RESERVED
+CVE-2014-4457
+       RESERVED
+CVE-2014-4456
+       RESERVED
+CVE-2014-4455
+       RESERVED
+CVE-2014-4454
+       RESERVED
+CVE-2014-4453
+       RESERVED
+CVE-2014-4452
+       RESERVED
+CVE-2014-4451
+       RESERVED
+CVE-2014-4450
+       RESERVED
+CVE-2014-4449
+       RESERVED
+CVE-2014-4448
+       RESERVED
+CVE-2014-4447
+       RESERVED
+CVE-2014-4446
+       RESERVED
+CVE-2014-4445
+       RESERVED
+CVE-2014-4444
+       RESERVED
+CVE-2014-4443
+       RESERVED
+CVE-2014-4442
+       RESERVED
+CVE-2014-4441
+       RESERVED
+CVE-2014-4440
+       RESERVED
+CVE-2014-4439
+       RESERVED
+CVE-2014-4438
+       RESERVED
+CVE-2014-4437
+       RESERVED
+CVE-2014-4436
+       RESERVED
+CVE-2014-4435
+       RESERVED
+CVE-2014-4434
+       RESERVED
+CVE-2014-4433
+       RESERVED
+CVE-2014-4432
+       RESERVED
+CVE-2014-4431
+       RESERVED
+CVE-2014-4430
+       RESERVED
+CVE-2014-4429
+       RESERVED
+CVE-2014-4428
+       RESERVED
+CVE-2014-4427
+       RESERVED
+CVE-2014-4426
+       RESERVED
+CVE-2014-4425
+       RESERVED
+CVE-2014-4424
+       RESERVED
+CVE-2014-4423
+       RESERVED
+CVE-2014-4422
+       RESERVED
+CVE-2014-4421
+       RESERVED
+CVE-2014-4420
+       RESERVED
+CVE-2014-4419
+       RESERVED
+CVE-2014-4418
+       RESERVED
+CVE-2014-4417
+       RESERVED
+CVE-2014-4416
+       RESERVED
+CVE-2014-4415
+       RESERVED
+CVE-2014-4414
+       RESERVED
+CVE-2014-4413
+       RESERVED
+CVE-2014-4412
+       RESERVED
+CVE-2014-4411
+       RESERVED
+CVE-2014-4410
+       RESERVED
+CVE-2014-4409
+       RESERVED
+CVE-2014-4408
+       RESERVED
+CVE-2014-4407
+       RESERVED
+CVE-2014-4406
+       RESERVED
+CVE-2014-4405
+       RESERVED
+CVE-2014-4404
+       RESERVED
+CVE-2014-4403
+       RESERVED
+CVE-2014-4402
+       RESERVED
+CVE-2014-4401
+       RESERVED
+CVE-2014-4400
+       RESERVED
+CVE-2014-4399
+       RESERVED
+CVE-2014-4398
+       RESERVED
+CVE-2014-4397
+       RESERVED
+CVE-2014-4396
+       RESERVED
+CVE-2014-4395
+       RESERVED
+CVE-2014-4394
+       RESERVED
+CVE-2014-4393
+       RESERVED
+CVE-2014-4392
+       RESERVED
+CVE-2014-4391
+       RESERVED
+CVE-2014-4390
+       RESERVED
+CVE-2014-4389
+       RESERVED
+CVE-2014-4388
+       RESERVED
+CVE-2014-4387
+       RESERVED
+CVE-2014-4386
+       RESERVED
+CVE-2014-4385
+       RESERVED
+CVE-2014-4384
+       RESERVED
+CVE-2014-4383
+       RESERVED
+CVE-2014-4382
+       RESERVED
+CVE-2014-4381
+       RESERVED
+CVE-2014-4380
+       RESERVED
+CVE-2014-4379
+       RESERVED
+CVE-2014-4378
+       RESERVED
+CVE-2014-4377
+       RESERVED
+CVE-2014-4376
+       RESERVED
+CVE-2014-4375
+       RESERVED
+CVE-2014-4374
+       RESERVED
+CVE-2014-4373
+       RESERVED
+CVE-2014-4372
+       RESERVED
+CVE-2014-4371
+       RESERVED
+CVE-2014-4370
+       RESERVED
+CVE-2014-4369
+       RESERVED
+CVE-2014-4368
+       RESERVED
+CVE-2014-4367
+       RESERVED
+CVE-2014-4366
+       RESERVED
+CVE-2014-4365
+       RESERVED
+CVE-2014-4364
+       RESERVED
+CVE-2014-4363
+       RESERVED
+CVE-2014-4362
+       RESERVED
+CVE-2014-4361
+       RESERVED
+CVE-2014-4360
+       RESERVED
+CVE-2014-4359
+       RESERVED
+CVE-2014-4358
+       RESERVED
+CVE-2014-4357
+       RESERVED
+CVE-2014-4356
+       RESERVED
+CVE-2014-4355
+       RESERVED
+CVE-2014-4354
+       RESERVED
+CVE-2014-4353
+       RESERVED
+CVE-2014-4352
+       RESERVED
+CVE-2014-4351
+       RESERVED
+CVE-2014-4350
+       RESERVED
+CVE-2014-4349
+       RESERVED
+CVE-2014-4348
+       RESERVED
+CVE-2014-4347
+       RESERVED
+CVE-2014-4346
+       RESERVED
+CVE-2014-4345
+       RESERVED
+CVE-2014-4344
+       RESERVED
+CVE-2014-4343
+       RESERVED
+CVE-2014-4342
+       RESERVED
+CVE-2014-4341
+       RESERVED
+CVE-2014-4340
+       RESERVED
+CVE-2014-4339
+       RESERVED
+CVE-2014-4335 (Multiple cross-site scripting (XSS) vulnerabilities in 
BarracudaDrive ...)
+       TODO: check
+CVE-2014-4334 (Stack-based buffer overflow in Ubisoft Rayman Legends before 
...)
+       TODO: check
+CVE-2014-4333 (Cross-site request forgery (CSRF) vulnerability in ...)
+       TODO: check
+CVE-2014-4332
+       RESERVED
+CVE-2014-4331
+       RESERVED
+CVE-2014-4330
+       RESERVED
+CVE-2014-4329 (Cross-site scripting (XSS) vulnerability in 
lua/host_details.lua in ...)
+       TODO: check
+CVE-2014-4328
+       RESERVED
+CVE-2014-4327
+       RESERVED
+CVE-2014-4326
+       RESERVED
+CVE-2014-4325
+       RESERVED
+CVE-2014-4324
+       RESERVED
+CVE-2014-4323
+       RESERVED
+CVE-2014-4322
+       RESERVED
+CVE-2014-4321
+       RESERVED
+CVE-2014-4320
+       RESERVED
+CVE-2014-4319
+       RESERVED
+CVE-2014-4318
+       RESERVED
+CVE-2014-4317
+       RESERVED
+CVE-2014-4316
+       RESERVED
+CVE-2014-4315
+       RESERVED
+CVE-2014-4314
+       RESERVED
+CVE-2014-4313
+       RESERVED
+CVE-2014-4312
+       RESERVED
+CVE-2014-4311
+       RESERVED
+CVE-2014-4310
+       RESERVED
+CVE-2014-4309 (Multiple cross-site scripting (XSS) vulnerabilities in 
Openfiler 2.99 ...)
+       TODO: check
+CVE-2014-4308 (Multiple cross-site scripting (XSS) vulnerabilities in NICE 
Recording ...)
+       TODO: check
+CVE-2014-4307 (SQL injection vulnerability in categories-x.php in WebTitan 
before ...)
+       TODO: check
+CVE-2014-4306 (Directory traversal vulnerability in logs-x.php in WebTitan 
before ...)
+       TODO: check
+CVE-2014-4305 (Multiple SQL injection vulnerabilities in NICE Recording 
eXpress (aka ...)
+       TODO: check
+CVE-2014-4304 (Cross-site scripting (XSS) vulnerability in browse.php in SQL 
Buddy ...)
+       TODO: check
+CVE-2014-4303 (Multiple cross-site scripting (XSS) vulnerabilities in the 
Touch theme ...)
+       TODO: check
+CVE-2014-4302 (Cross-site scripting (XSS) vulnerability in rating/rating.php 
in HAM3D ...)
+       TODO: check
+CVE-2014-4301 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+       TODO: check
+CVE-2014-4300
+       RESERVED
+CVE-2014-4299
+       RESERVED
+CVE-2014-4298
+       RESERVED
+CVE-2014-4297
+       RESERVED
+CVE-2014-4296
+       RESERVED
+CVE-2014-4295
+       RESERVED
+CVE-2014-4294
+       RESERVED
+CVE-2014-4293
+       RESERVED
+CVE-2014-4292
+       RESERVED
+CVE-2014-4291
+       RESERVED
+CVE-2014-4290
+       RESERVED
+CVE-2014-4289
+       RESERVED
+CVE-2014-4288
+       RESERVED
+CVE-2014-4287
+       RESERVED
+CVE-2014-4286
+       REJECTED
+       TODO: check
+CVE-2014-4285
+       RESERVED
+CVE-2014-4284
+       RESERVED
+CVE-2014-4283
+       RESERVED
+CVE-2014-4282
+       RESERVED
+CVE-2014-4281
+       RESERVED
+CVE-2014-4280
+       RESERVED
+CVE-2014-4279
+       RESERVED
+CVE-2014-4278
+       RESERVED
+CVE-2014-4277
+       RESERVED
+CVE-2014-4276
+       RESERVED
+CVE-2014-4275
+       RESERVED
+CVE-2014-4274
+       RESERVED
+CVE-2014-4273
+       RESERVED
+CVE-2014-4272
+       RESERVED
+CVE-2014-4271
+       RESERVED
+CVE-2014-4270
+       RESERVED
+CVE-2014-4269
+       RESERVED
+CVE-2014-4268
+       RESERVED
+CVE-2014-4267
+       RESERVED
+CVE-2014-4266
+       RESERVED
+CVE-2014-4265
+       RESERVED
+CVE-2014-4264
+       RESERVED
+CVE-2014-4263
+       RESERVED
+CVE-2014-4262
+       RESERVED
+CVE-2014-4261
+       RESERVED
+CVE-2014-4260
+       RESERVED
+CVE-2014-4259
+       RESERVED
+CVE-2014-4258
+       RESERVED
+CVE-2014-4257
+       RESERVED
+CVE-2014-4256
+       RESERVED
+CVE-2014-4255
+       RESERVED
+CVE-2014-4254
+       RESERVED
+CVE-2014-4253
+       RESERVED
+CVE-2014-4252
+       RESERVED
+CVE-2014-4251
+       RESERVED
+CVE-2014-4250
+       RESERVED
+CVE-2014-4249
+       RESERVED
+CVE-2014-4248
+       RESERVED
+CVE-2014-4247
+       RESERVED
+CVE-2014-4246
+       RESERVED
+CVE-2014-4245
+       RESERVED
+CVE-2014-4244
+       RESERVED
+CVE-2014-4243
+       RESERVED
+CVE-2014-4242
+       RESERVED
+CVE-2014-4241
+       RESERVED
+CVE-2014-4240
+       RESERVED
+CVE-2014-4239
+       RESERVED
+CVE-2014-4238
+       RESERVED
+CVE-2014-4237
+       RESERVED
+CVE-2014-4236
+       RESERVED
+CVE-2014-4235
+       RESERVED
+CVE-2014-4234
+       RESERVED
+CVE-2014-4233
+       RESERVED
+CVE-2014-4232
+       RESERVED
+CVE-2014-4231
+       RESERVED
+CVE-2014-4230
+       RESERVED
+CVE-2014-4229
+       RESERVED
+CVE-2014-4228
+       RESERVED
+CVE-2014-4227
+       RESERVED
+CVE-2014-4226
+       RESERVED
+CVE-2014-4225
+       RESERVED
+CVE-2014-4224
+       RESERVED
+CVE-2014-4223
+       RESERVED
+CVE-2014-4222
+       RESERVED
+CVE-2014-4221
+       RESERVED
+CVE-2014-4220
+       RESERVED
+CVE-2014-4219
+       RESERVED
+CVE-2014-4218
+       RESERVED
+CVE-2014-4217
+       RESERVED
+CVE-2014-4216
+       RESERVED
+CVE-2014-4215
+       RESERVED
+CVE-2014-4214
+       RESERVED
+CVE-2014-4213
+       RESERVED
+CVE-2014-4212
+       RESERVED
+CVE-2014-4211
+       RESERVED
+CVE-2014-4210
+       RESERVED
+CVE-2014-4209
+       RESERVED
+CVE-2014-4208
+       RESERVED
+CVE-2014-4207
+       RESERVED
+CVE-2014-4206
+       RESERVED
+CVE-2014-4205
+       RESERVED
+CVE-2014-4204
+       RESERVED
+CVE-2014-4203
+       RESERVED
+CVE-2014-4202
+       RESERVED
+CVE-2014-4201
+       RESERVED
+CVE-2014-4200
+       RESERVED
+CVE-2014-4199
+       RESERVED
+CVE-2014-4198
+       RESERVED
+CVE-2014-4197
+       RESERVED
+CVE-2014-4196
+       RESERVED
+CVE-2014-4195
+       RESERVED
+CVE-2014-4194
+       RESERVED
 CVE-2014-XXXX [softhsm-keyconv creates security-sensibe file world-readable]
        - softhsm <unfixed> (bug #752092)
 CVE-2014-XXXX [docker VMM breakout]
@@ -40,8 +657,8 @@
        RESERVED
 CVE-2014-4175
        RESERVED
-CVE-2014-4174
-       RESERVED
+CVE-2014-4174 (wiretap/libpcap.c in the libpcap file parser in Wireshark 
1.10.x ...)
+       TODO: check
 CVE-2014-4173
        RESERVED
 CVE-2014-4172
@@ -59,7 +676,7 @@
        TODO: check
 CVE-2014-4165 (Cross-site scripting (XSS) vulnerability in ntop allows remote 
...)
        - ntop <unfixed> (bug #751946)
-CVE-2014-4164 (Cross-site scripting (XSS) vulnerability in AlogoSec FireFlow 
6.3-b230 ...)
+CVE-2014-4164 (Cross-site scripting (XSS) vulnerability in AlgoSec FireFlow 
6.3-b230 ...)
        NOT-FOR-US: AlogoSec FireFlow
 CVE-2014-4163 (Multiple cross-site request forgery (CSRF) vulnerabilities in 
the ...)
        TODO: check
@@ -75,16 +692,16 @@
        TODO: check
 CVE-2014-4156
        RESERVED
-CVE-2014-4155
-       RESERVED
+CVE-2014-4155 (Cross-site request forgery (CSRF) vulnerability in the ZTE 
ZXV10 W300 ...)
+       TODO: check
 CVE-2014-4154
        RESERVED
-CVE-2014-4153
-       RESERVED
-CVE-2014-4152
-       RESERVED
-CVE-2014-4151
-       RESERVED
+CVE-2014-4153 (The av-centerd SOAP service in AlienVault OSSIM before 4.8.0 
allows ...)
+       TODO: check
+CVE-2014-4152 (The av-centerd SOAP service in AlienVault OSSIM before 4.8.0 
allows ...)
+       TODO: check
+CVE-2014-4151 (The av-centerd SOAP service in AlienVault OSSIM before 4.8.0 
allows ...)
+       TODO: check
 CVE-2014-4149
        RESERVED
 CVE-2014-4148
@@ -346,8 +963,7 @@
 CVE-2014-XXXX [Class loader vulnerability in DefaultResolver]
        - commons-beanutils 1.9.2-1
        NOTE: https://issues.apache.org/jira/browse/BEANUTILS-463
-CVE-2014-4049 [PHP heap-based buffer overflow in DNS TXT record parsing]
-       RESERVED
+CVE-2014-4049 (Heap-based buffer overflow in the php_parserr function in ...)
        {DSA-2961-1}
        - php5 5.6.0~beta4+dfsg-3 (bug #751364)
        NOTE: 
https://github.com/php/php-src/commit/b34d7849ed90ced9345f8ea1c59bc8d101c18468
@@ -365,7 +981,7 @@
 CVE-2014-4045 (The Publish/Subscribe Framework in the PJSIP channel driver in 
...)
        - asterisk <not-affected> (Only affects Asterisk 12.x)
        NOTE: http://downloads.asterisk.org/pub/security/AST-2014-005.html
-CVE-2014-4044 (OpenAFS 1.6.8 does no properly clear the fields in the host 
structure, ...)
+CVE-2014-4044 (OpenAFS 1.6.8 does not properly clear the fields in the host 
structure, ...)
        - openafs 1.6.9-1
        [wheezy] - openafs <not-affected> (Vulnerable code introduced in 1.6.8)
        [squeeze] - openafs <not-affected> (Vulnerable code introduced in 1.6.8)
@@ -376,11 +992,9 @@
        [squeeze] - eglibc <no-dsa> (Minor issue)
 CVE-2014-4040 (snap in powerpc-utils 1.2.20 produces an archive with fstab and 
...)
        - ppc64-diag <itp> (bug #740179)
-CVE-2014-4021 [XSA-100]
-       RESERVED
+CVE-2014-4021 (Xen 3.2.x through 4.4.x does not properly clean memory pages 
recovered ...)
        - xen <unfixed> (bug #751894)
-CVE-2014-4020 [Frame metadissector crash (wnpa-sec-2014-07)]
-       RESERVED
+CVE-2014-4020 (The dissect_frame function in epan/dissectors/packet-frame.c in 
the ...)
        - wireshark 1.10.8-1
        [wheezy] - wireshark <not-affected> (Only affects 1.10.0 to 1.10.7)
        [squeeze] - wireshark <not-affected> (Only affects 1.10.0 to 1.10.7)
@@ -695,13 +1309,11 @@
        RESERVED
 CVE-2014-3878 (Multiple cross-site scripting (XSS) vulnerabilities in the web 
client ...)
        NOT-FOR-US: IPSwitch IMail
-CVE-2014-3877
-       RESERVED
+CVE-2014-3877 (Incomplete blacklist vulnerability in Frams' Fast File EXchange 
(F*EX, ...)
        - fex 20140530-1
        [wheezy] - fex <no-dsa> (non-free not supported)
        NOTE: https://www.lsexperts.de/advisories/lse-2014-05-22.txt
-CVE-2014-3876
-       RESERVED
+CVE-2014-3876 (Multiple cross-site scripting (XSS) vulnerabilities in Frams' 
Fast ...)
        - fex 20140530-1
        [wheezy] - fex <no-dsa> (non-free not supported)
        NOTE: https://www.lsexperts.de/advisories/lse-2014-05-22.txt
@@ -890,8 +1502,8 @@
        NOT-FOR-US: Juniper Junos Pulse Secure Access Service
 CVE-2014-3811
        RESERVED
-CVE-2014-3810
-       RESERVED
+CVE-2014-3810 (SQL injection vulnerability in administration/profiles.php in 
BoonEx ...)
+       TODO: check
 CVE-2014-3809
        RESERVED
 CVE-2014-3808 (Multiple cross-site scripting (XSS) vulnerabilities in 
BarracudaDrive ...)
@@ -965,8 +1577,8 @@
        NOT-FOR-US: Citrix
 CVE-2014-3779
        RESERVED
-CVE-2014-3778
-       RESERVED
+CVE-2014-3778 (Multiple cross-site request forgery (CSRF) vulnerabilities in 
...)
+       TODO: check
 CVE-2014-3777
        RESERVED
 CVE-2014-3770
@@ -2695,10 +3307,10 @@
        NOT-FOR-US: IBM Sametime
 CVE-2014-3014 (Cross-site scripting (XSS) vulnerability in the Meeting Server 
in IBM ...)
        NOT-FOR-US: IBM Sametime
-CVE-2014-3013
-       RESERVED
-CVE-2014-3012
-       RESERVED
+CVE-2014-3013 (Multiple cross-site scripting (XSS) vulnerabilities in IBM 
Curam ...)
+       TODO: check
+CVE-2014-3012 (Multiple CRLF injection vulnerabilities in IBM Curam Social 
Program ...)
+       TODO: check
 CVE-2014-3011
        RESERVED
 CVE-2014-3010 (Cross-site scripting (XSS) vulnerability in the Web UI in IBM 
...)
@@ -2781,13 +3393,16 @@
        NOTE: 
https://github.com/miniupnp/miniupnp/commit/3a87aa2f10bd7f1408e1849bdb59c41dd63a9fe9
        NOTE: http://www.openwall.com/lists/oss-security/2014/04/30/3
 CVE-2014-4338 [handle BrowseAllow directive securely]
+       RESERVED
        - cups-filters 1.0.53-1
        [wheezy] - cups-filters <not-affected> (vulnerable code not present)
        NOTE: 
http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7195
 CVE-2014-4337 [OOB accesses in the process_browse_data function when reading 
the packet variable]
+       RESERVED
        - cups-filters 1.0.53-1
        [wheezy] - cups-filters <not-affected> (vulnerable code not present)
 CVE-2014-4336 [incomplete fix for CVE-2014-2707]
+       RESERVED
        - cups-filters 1.0.53-1
        [wheezy] - cups-filters <not-affected> (vulnerable code not present)
        NOTE: incomplete fix was applied
@@ -2837,8 +3452,8 @@
        RESERVED
 CVE-2014-2963
        RESERVED
-CVE-2014-2962
-       RESERVED
+CVE-2014-2962 (Absolute path traversal vulnerability in the webproc cgi module 
on the ...)
+       TODO: check
 CVE-2014-2961
        RESERVED
 CVE-2014-2960
@@ -2868,8 +3483,8 @@
        RESERVED
 CVE-2014-2950
        RESERVED
-CVE-2014-2949
-       RESERVED
+CVE-2014-2949 (SQL injection vulnerability in the web service in F5 ARX Data 
Manager ...)
+       TODO: check
 CVE-2014-2948 (SQL injection vulnerability in workflowenginesoa.asmx in Bizagi 
BPM ...)
        NOT-FOR-US: Bizagi BPM
 CVE-2014-2947 (Cross-site scripting (XSS) vulnerability in Login.aspx in 
Bizagi BPM ...)
@@ -3256,14 +3871,14 @@
        RESERVED
 CVE-2014-2783
        RESERVED
-CVE-2014-2782
-       RESERVED
+CVE-2014-2782 (Microsoft Internet Explorer 9 through 11 allows remote 
attackers to ...)
+       TODO: check
 CVE-2014-2781
        RESERVED
 CVE-2014-2780
        RESERVED
-CVE-2014-2779
-       RESERVED
+CVE-2014-2779 (mpengine.dll in Microsoft Malware Protection Engine before 
1.1.10701.0 ...)
+       TODO: check
 CVE-2014-2778 (Microsoft Word 2007 SP3 and Office Compatibility Pack SP3 allow 
remote ...)
        NOT-FOR-US: Microsoft Internet Explorer
 CVE-2014-2777 (Microsoft Internet Explorer 8 through 11 allows remote 
attackers to ...)
@@ -3785,14 +4400,11 @@
        RESERVED
 CVE-2014-2612
        RESERVED
-CVE-2014-2611
-       RESERVED
+CVE-2014-2611 (Directory traversal vulnerability in the fndwar web application 
in HP ...)
        NOT-FOR-US: HP Software Executive Scorecard
-CVE-2014-2610
-       RESERVED
+CVE-2014-2610 (Directory traversal vulnerability in the Content Acceleration 
Pack ...)
        NOT-FOR-US: HP Software Executive Scorecard
-CVE-2014-2609
-       RESERVED
+CVE-2014-2609 (The Java Glassfish Admin Console in HP Executive Scorecard 9.40 
and ...)
        NOT-FOR-US: HP Software Executive Scorecard
 CVE-2014-2608
        RESERVED
@@ -4917,8 +5529,8 @@
        RESERVED
 CVE-2014-2152
        RESERVED
-CVE-2014-2151
-       RESERVED
+CVE-2014-2151 (The WebVPN portal in Cisco Adaptive Security Appliance (ASA) 
Software ...)
+       TODO: check
 CVE-2014-2150
        RESERVED
 CVE-2014-2149
@@ -5340,10 +5952,10 @@
        TODO: check
 CVE-2014-2002 (Cross-site scripting (XSS) vulnerability in C-BOARD Moyuku 
1.01b6 and ...)
        TODO: check
-CVE-2014-2001
-       RESERVED
-CVE-2014-2000
-       RESERVED
+CVE-2014-2001 (The East Japan Railway Company JR East Japan application before 
1.2.0 ...)
+       TODO: check
+CVE-2014-2000 (The NTT 050 plus application before 4.2.1 for Android allows 
attackers ...)
+       TODO: check
 CVE-2014-1999
        RESERVED
 CVE-2014-1998 (Cross-site scripting (XSS) vulnerability in Nippon Institute of 
...)
@@ -6448,12 +7060,12 @@
        RESERVED
 CVE-2014-1653
        RESERVED
-CVE-2014-1652
-       RESERVED
-CVE-2014-1651
-       RESERVED
-CVE-2014-1650
-       RESERVED
+CVE-2014-1652 (Multiple cross-site scripting (XSS) vulnerabilities in the 
management ...)
+       TODO: check
+CVE-2014-1651 (SQL injection vulnerability in clientreport.php in the 
management ...)
+       TODO: check
+CVE-2014-1650 (SQL injection vulnerability in user.php in the management 
console in ...)
+       TODO: check
 CVE-2014-1649 (The server in Symantec Workspace Streaming (SWS) before 
7.5.0.749 ...)
        NOT-FOR-US: Symantec Workspace Streaming
 CVE-2014-1648 (Cross-site scripting (XSS) vulnerability in ...)
@@ -7946,8 +8558,8 @@
        RESERVED
 CVE-2014-0911 (inetd in IBM WebSphere MQ 7.1.x before 7.1.0.5 and 7.5.x before 
...)
        NOT-FOR-US: IBM WebSphere MQ
-CVE-2014-0910
-       RESERVED
+CVE-2014-0910 (Cross-site scripting (XSS) vulnerability in IBM WebSphere 
Portal ...)
+       TODO: check
 CVE-2014-0909
        RESERVED
 CVE-2014-0908 (The User Attribute implementation in IBM Business Process 
Manager ...)
@@ -8689,10 +9301,10 @@
        RESERVED
 CVE-2014-0600
        RESERVED
-CVE-2014-0599
-       RESERVED
-CVE-2014-0598
-       RESERVED
+CVE-2014-0599 (Cross-site scripting (XSS) vulnerability in iPrint in Novell 
Open ...)
+       TODO: check
+CVE-2014-0598 (Directory traversal vulnerability in iPrint in Novell Open 
Enterprise ...)
+       TODO: check
 CVE-2014-0597
        RESERVED
 CVE-2014-0596
@@ -13196,8 +13808,7 @@
        NOT-FOR-US: Livezilla
 CVE-2013-6222
        RESERVED
-CVE-2013-6221
-       RESERVED
+CVE-2013-6221 (Directory traversal vulnerability in CommunicationServlet in HP 
...)
        NOT-FOR-US: HP Service Virtualization
 CVE-2013-6220 (Cross-site scripting (XSS) vulnerability in HP Network Node 
Manager i ...)
        NOT-FOR-US: HP
@@ -16049,8 +16660,8 @@
        - strongswan <not-affected> (Only affects 5.0.4 from experimental)
        NOTE: The PEM aspect is under control of the administrator, so not a 
security issue
        NOTE: The XAuth / EAP Issue only affects 5.0.3/5.0.4
-CVE-2013-5017
-       RESERVED
+CVE-2013-5017 (SNMPConfig.php in the management console in Symantec Web 
Gateway (SWG) ...)
+       TODO: check
 CVE-2013-5016 (Symantec Critical System Protection (SCSP) before 5.2.9, when 
...)
        NOT-FOR-US: Symantec
 CVE-2013-5015 (SQL injection vulnerability in the management console in 
Symantec ...)
@@ -27042,8 +27653,8 @@
        NOT-FOR-US: Ubuntu MAAS
 CVE-2013-1069 (Ubuntu Metal as a Service (MaaS) 1.2 and 1.4 uses 
world-readable ...)
        NOT-FOR-US: Ubuntu MAAS
-CVE-2013-1068
-       RESERVED
+CVE-2013-1068 (The OpenStack Nova (python-nova) package 1:2013.2.3-0 before 
...)
+       TODO: check
 CVE-2013-1067 (Apport 2.12.5 and earlier uses weak permissions for core dump 
files ...)
        - apport 2.12.6-1 (bug #727661)
        NOTE: apport only in experimental, so we cannot track this in 
security-tracker
@@ -40254,8 +40865,8 @@
        RESERVED
 CVE-2012-2593
        RESERVED
-CVE-2012-2592
-       RESERVED
+CVE-2012-2592 (Cross-site scripting (XSS) vulnerability in Axigen Mail Server 
8.0.1 ...)
+       TODO: check
 CVE-2012-2591
        RESERVED
 CVE-2012-2590 (Multiple cross-site scripting (XSS) vulnerabilities in ESCON 
...)
@@ -40295,14 +40906,14 @@
        NOT-FOR-US: Symantec Web Gateway
 CVE-2012-2573 (Multiple cross-site scripting (XSS) vulnerabilities in T-dah 
WebMail ...)
        NOT-FOR-US: Symantec Web Gateway
-CVE-2012-2572
-       RESERVED
+CVE-2012-2572 (Cross-site scripting (XSS) vulnerability in the ThreeWP Email 
...)
+       TODO: check
 CVE-2012-2571 (Multiple cross-site scripting (XSS) vulnerabilities in 
WinWebMail ...)
        NOT-FOR-US: WinWebMail
 CVE-2012-2570 (Cross-site scripting (XSS) vulnerability in products_map.php in 
X-Cart ...)
        NOT-FOR-US: X-Cart Gold
-CVE-2012-2569
-       RESERVED
+CVE-2012-2569 (Cross-site scripting (XSS) vulnerability in Synametrics 
Technologies ...)
+       TODO: check
 CVE-2012-2568 (d41d8cd98f00b204e9800998ecf8427e.php in the management web 
server on ...)
        NOT-FOR-US: Seagate BlackArmor
 CVE-2012-2567 (The Xelex MobileTrack application 2.3.7 and earlier for Android 
uses ...)
@@ -41717,8 +42328,8 @@
        [squeeze] - redmine <no-dsa> (Minor issue)
 CVE-2012-2053 (The sudoers file in the Linux system configuration in F5 
FirePass ...)
        NOT-FOR-US: F5 Firepass
-CVE-2012-2052
-       RESERVED
+CVE-2012-2052 (Stack-based buffer overflow in the U3D.8BI library plugin in 
Adobe ...)
+       TODO: check
 CVE-2012-2051 (Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 
10.1.4 on ...)
        NOT-FOR-US: Adobe Reader
 CVE-2012-2050 (Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.2 
and 10.x ...)
@@ -41765,9 +42376,9 @@
        NOT-FOR-US: Adobe Shockwave Player
 CVE-2012-2029 (Adobe Shockwave Player before 11.6.5.635 allows attackers to 
execute ...)
        NOT-FOR-US: Adobe Shockwave Player
-CVE-2012-2028 (Buffer overflow in Adobe Photoshop before CS6 allows remote 
attackers ...)
+CVE-2012-2028 (Buffer overflow in Adobe Photoshop CS5 12.x before 12.0.5 and 
CS5.1 ...)
        NOT-FOR-US: Adobe Photoshop
-CVE-2012-2027 (Use-after-free vulnerability in Adobe Photoshop before CS6 
allows ...)
+CVE-2012-2027 (Use-after-free vulnerability in Adobe Photoshop CS5 12.x before 
12.0.5 ...)
        NOT-FOR-US: Adobe Photoshop
 CVE-2012-2026 (Adobe Illustrator before CS6 allows attackers to execute 
arbitrary ...)
        NOT-FOR-US: Adobe Illustrator
@@ -42775,8 +43386,7 @@
 CVE-2012-1622
        RESERVED
        NOT-FOR-US: Apache OFBiz
-CVE-2012-1621
-       RESERVED
+CVE-2012-1621 (Multiple cross-site scripting (XSS) vulnerabilities in Apache 
Open For ...)
        NOT-FOR-US: Apache OFBiz
 CVE-2012-1620 (slock 0.9 does not properly handle the XRaiseWindow event when 
the ...)
        - suckless-tools <unfixed> (unimportant; bug #667796)
@@ -48685,8 +49295,8 @@
        NOT-FOR-US: Adobe Acrobat Reader
 CVE-2011-4368 (Cross-site scripting (XSS) vulnerability in Remote Development 
...)
        NOT-FOR-US: Adobe Cold Fusion
-CVE-2011-4367
-       RESERVED
+CVE-2011-4367 (Multiple directory traversal vulnerabilities in MyFaces 
JavaServer ...)
+       TODO: check
 CVE-2011-4366
        RESERVED
        NOT-FOR-US: ** REJECT ** duplicate of CVE-2011-4090
@@ -54281,8 +54891,8 @@
        NOTE: This is http://www.kmplayer.com and not our kmplayer package.
 CVE-2011-2593
        RESERVED
-CVE-2011-2592
-       RESERVED
+CVE-2011-2592 (Heap-based buffer overflow in the StartEpa method in the 
nsepacom ...)
+       TODO: check
 CVE-2011-2591 (Multiple buffer overflows in the Provideo ActiveX controls 
allow ...)
        NOT-FOR-US: Provideo ActiveX
 CVE-2011-2590 (The Play method in the UUPlayer ActiveX control 6.0.0.1 in 
UUSee 2010 ...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to