Author: joeyh
Date: 2013-07-17 21:14:27 +0000 (Wed, 17 Jul 2013)
New Revision: 22990
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-07-17 19:56:57 UTC (rev 22989)
+++ data/CVE/list 2013-07-17 21:14:27 UTC (rev 22990)
@@ -1,3 +1,21 @@
+CVE-2013-4857
+ RESERVED
+CVE-2013-4856
+ RESERVED
+CVE-2013-4855
+ RESERVED
+CVE-2013-4854
+ RESERVED
+CVE-2013-4853
+ RESERVED
+CVE-2013-4852
+ RESERVED
+CVE-2013-4851
+ RESERVED
+CVE-2013-4850
+ RESERVED
+CVE-2013-4849
+ RESERVED
CVE-2013-XXXX [mongodb: databasespraying remote code execution]
- mongodb <unfixed> (high; bug #717173)
CVE-2013-4848
@@ -1573,6 +1591,7 @@
[squeeze] - nagstamon <no-dsa> (Minor issue)
NOTE: update checks are disabled in Debian by default, see
debian/patches/check-for-new-version.patch
CVE-2013-4113 (ext/xml/xml.c in PHP before 5.3.27 does not properly consider
parsing ...)
+ {DSA-2723-1}
- php5 5.5.0+dfsg-15 (bug #717139)
CVE-2013-4112
RESERVED
@@ -2202,117 +2221,101 @@
RESERVED
CVE-2013-3826
RESERVED
-CVE-2013-3825
- RESERVED
-CVE-2013-3824
- RESERVED
-CVE-2013-3823
- RESERVED
-CVE-2013-3822
- RESERVED
-CVE-2013-3821
- RESERVED
-CVE-2013-3820
- RESERVED
-CVE-2013-3819
- RESERVED
-CVE-2013-3818
- RESERVED
+CVE-2013-3825 (Unspecified vulnerability in the Oracle Agile Product
Collaboration ...)
+ TODO: check
+CVE-2013-3824 (Unspecified vulnerability in the Oracle Agile Collaboration
Framework ...)
+ TODO: check
+CVE-2013-3823 (Unspecified vulnerability in the Oracle Agile PLM Framework
component ...)
+ TODO: check
+CVE-2013-3822 (Unspecified vulnerability in the Oracle Agile PLM Framework
component ...)
+ TODO: check
+CVE-2013-3821 (Unspecified vulnerability in the PeopleSoft Enterprise
PeopleTools ...)
+ TODO: check
+CVE-2013-3820 (Unspecified vulnerability in the PeopleSoft Enterprise
PeopleTools ...)
+ TODO: check
+CVE-2013-3819 (Unspecified vulnerability in the PeopleSoft Enterprise
PeopleTools ...)
+ TODO: check
+CVE-2013-3818 (Unspecified vulnerability in the PeopleSoft Enterprise
PeopleTools ...)
+ TODO: check
CVE-2013-3817
RESERVED
-CVE-2013-3816
- RESERVED
+CVE-2013-3816 (Unspecified vulnerability in the Oracle Policy Automation
component in ...)
+ TODO: check
CVE-2013-3815
RESERVED
CVE-2013-3814
RESERVED
-CVE-2013-3813
- RESERVED
-CVE-2013-3812
- RESERVED
+CVE-2013-3813 (Unspecified vulnerability in Oracle Solaris 10 allows remote
attackers ...)
+ TODO: check
+CVE-2013-3812 (Unspecified vulnerability in the MySQL Server component in
Oracle ...)
- mysql-5.5 <unfixed>
- mysql-5.1 <not-affected> (Only affects 5.5 and 5.6)
NOTE:
http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
-CVE-2013-3811
- RESERVED
+CVE-2013-3811 (Unspecified vulnerability in the MySQL Server component in
Oracle ...)
- mysql-5.5 <not-affected> (Only affects Mysql 5.6)
- mysql-5.1 <not-affected> (Only affects Mysql 5.6)
NOTE:
http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
-CVE-2013-3810
- RESERVED
+CVE-2013-3810 (Unspecified vulnerability in the MySQL Server component in
Oracle ...)
- mysql-5.5 <not-affected> (Only affects Mysql 5.6)
- mysql-5.1 <not-affected> (Only affects Mysql 5.6)
NOTE:
http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
-CVE-2013-3809
- RESERVED
+CVE-2013-3809 (Unspecified vulnerability in the MySQL Server component in
Oracle ...)
- mysql-5.5 <unfixed>
- mysql-5.1 <not-affected> (Only affects 5.5 and 5.6)
NOTE:
http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
-CVE-2013-3808
- RESERVED
+CVE-2013-3808 (Unspecified vulnerability in the MySQL Server component in
Oracle ...)
- mysql-5.5 <unfixed>
- mysql-5.1 <removed>
NOTE:
http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
-CVE-2013-3807
- RESERVED
+CVE-2013-3807 (Unspecified vulnerability in the MySQL Server component in
Oracle ...)
- mysql-5.5 <not-affected> (Only affects Mysql 5.6)
- mysql-5.1 <not-affected> (Only affects Mysql 5.6)
NOTE:
http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
-CVE-2013-3806
- RESERVED
+CVE-2013-3806 (Unspecified vulnerability in the MySQL Server component in
Oracle ...)
- mysql-5.5 <not-affected> (Only affects Mysql 5.6)
- mysql-5.1 <not-affected> (Only affects Mysql 5.6)
NOTE:
http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
-CVE-2013-3805
- RESERVED
+CVE-2013-3805 (Unspecified vulnerability in the MySQL Server component in
Oracle ...)
- mysql-5.5 <unfixed>
- mysql-5.1 <not-affected> (Only affects Mysql 5.5 and 5.6)
NOTE:
http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
-CVE-2013-3804
- RESERVED
+CVE-2013-3804 (Unspecified vulnerability in the MySQL Server component in
Oracle ...)
- mysql-5.5 <unfixed>
- mysql-5.1 <removed>
NOTE:
http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
-CVE-2013-3803
- RESERVED
-CVE-2013-3802
- RESERVED
+CVE-2013-3803 (Unspecified vulnerability in the Hyperion BI+ component in
Oracle ...)
+ TODO: check
+CVE-2013-3802 (Unspecified vulnerability in the MySQL Server component in
Oracle ...)
- mysql-5.5 <unfixed>
- mysql-5.1 <removed>
NOTE:
http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
-CVE-2013-3801
- RESERVED
+CVE-2013-3801 (Unspecified vulnerability in the MySQL Server component in
Oracle ...)
- mysql-5.5 <unfixed>
- mysql-5.1 <not-affected> (Only affects 5.5 and 5.6)
NOTE:
http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
-CVE-2013-3800
- RESERVED
-CVE-2013-3799
- RESERVED
-CVE-2013-3798
- RESERVED
+CVE-2013-3800 (Unspecified vulnerability in the PeopleSoft Enterprise
PeopleTools ...)
+ TODO: check
+CVE-2013-3799 (Unspecified vulnerability in Oracle Solaris 10 and 11, when
running on ...)
+ TODO: check
+CVE-2013-3798 (Unspecified vulnerability in the MySQL Server component in
Oracle ...)
- mysql-5.5 <not-affected> (Only affects Mysql 5.6)
- mysql-5.1 <not-affected> (Only affects Mysql 5.6)
NOTE:
http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
-CVE-2013-3797
- RESERVED
-CVE-2013-3796
- RESERVED
+CVE-2013-3797 (Unspecified vulnerability in Oracle Solaris 11 allows local
users to ...)
+ TODO: check
+CVE-2013-3796 (Unspecified vulnerability in the MySQL Server component in
Oracle ...)
- mysql-5.5 <not-affected> (Only affects Mysql 5.6)
- mysql-5.1 <not-affected> (Only affects Mysql 5.6)
NOTE:
http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
-CVE-2013-3795
- RESERVED
+CVE-2013-3795 (Unspecified vulnerability in the MySQL Server component in
Oracle ...)
- mysql-5.5 <not-affected> (Only affects 5.5 and 5.6)
- mysql-5.1 <not-affected> (Only affects 5.5 and 5.6)
NOTE:
http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
-CVE-2013-3794
- RESERVED
+CVE-2013-3794 (Unspecified vulnerability in the MySQL Server component in
Oracle ...)
- mysql-5.5 <unfixed>
- mysql-5.1 <not-affected> (Only affects 5.5 and 5.6)
NOTE:
http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
-CVE-2013-3793
- RESERVED
+CVE-2013-3793 (Unspecified vulnerability in the MySQL Server component in
Oracle ...)
- mysql-5.5 <unfixed>
- mysql-5.1 <not-affected> (Only affects 5.5 and 5.6)
NOTE:
http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
@@ -2321,103 +2324,102 @@
- virtualbox-ose <removed>
- virtualbox <unfixed> (bug #715327)
NOTE: https://www.virtualbox.org/ticket/11863
-CVE-2013-3791
- RESERVED
-CVE-2013-3790
- RESERVED
-CVE-2013-3789
- RESERVED
-CVE-2013-3788
- RESERVED
-CVE-2013-3787
- RESERVED
-CVE-2013-3786
- RESERVED
+CVE-2013-3791 (Unspecified vulnerability in Enterprise Manager (EM) Base
Platform ...)
+ TODO: check
+CVE-2013-3790 (Unspecified vulnerability in the Core RDBMS component in Oracle
...)
+ TODO: check
+CVE-2013-3789 (Unspecified vulnerability in the Core RDBMS component in Oracle
...)
+ TODO: check
+CVE-2013-3788 (Unspecified vulnerability in the Oracle iSupplier Portal
component in ...)
+ TODO: check
+CVE-2013-3787 (Unspecified vulnerability in Oracle Solaris 10 and 11 allows
remote ...)
+ TODO: check
+CVE-2013-3786 (Unspecified vulnerability in Oracle Solaris 9, 10, and 11
allows local ...)
+ TODO: check
CVE-2013-3785
RESERVED
-CVE-2013-3784
- RESERVED
-CVE-2013-3783
- RESERVED
+CVE-2013-3784 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS
component ...)
+ TODO: check
+CVE-2013-3783 (Unspecified vulnerability in the MySQL Server component in
Oracle ...)
- mysql-5.5 <unfixed>
- mysql-5.1 <not-affected> (Only affects 5.5)
NOTE:
http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
-CVE-2013-3782
- RESERVED
-CVE-2013-3781
- RESERVED
-CVE-2013-3780
- RESERVED
-CVE-2013-3779
- RESERVED
-CVE-2013-3778
- RESERVED
-CVE-2013-3777
- RESERVED
-CVE-2013-3776
- RESERVED
-CVE-2013-3775
- RESERVED
-CVE-2013-3774
- RESERVED
-CVE-2013-3773
- RESERVED
-CVE-2013-3772
- RESERVED
-CVE-2013-3771
- RESERVED
-CVE-2013-3770
- RESERVED
-CVE-2013-3769
- RESERVED
-CVE-2013-3768
- RESERVED
-CVE-2013-3767
- RESERVED
+CVE-2013-3782 (Unspecified vulnerability in the Secure Global Desktop
component in ...)
+ TODO: check
+CVE-2013-3781 (Unspecified vulnerability in the Oracle Outside In Technology
...)
+ TODO: check
+CVE-2013-3780 (Unspecified vulnerability in the PeopleSoft Enterprise Portal
...)
+ TODO: check
+CVE-2013-3779 (Unspecified vulnerability in the Secure Global Desktop
component in ...)
+ TODO: check
+CVE-2013-3778 (Unspecified vulnerability in the Oracle Applications Technology
Stack ...)
+ TODO: check
+CVE-2013-3777 (Unspecified vulnerability in the Oracle Application Object
Library ...)
+ TODO: check
+CVE-2013-3776 (Unspecified vulnerability in the Oracle Outside In Technology
...)
+ TODO: check
+CVE-2013-3775 (Unspecified vulnerability in the Oracle iLearning component in
Oracle ...)
+ TODO: check
+CVE-2013-3774 (Unspecified vulnerability in the Network Layer component in
Oracle ...)
+ TODO: check
+CVE-2013-3773 (Unspecified vulnerability in the SPARC Enterprise M Series
Servers ...)
+ TODO: check
+CVE-2013-3772 (Unspecified vulnerability in the Oracle WebCenter Content
component in ...)
+ TODO: check
+CVE-2013-3771 (Unspecified vulnerability in the Oracle executable component in
Oracle ...)
+ TODO: check
+CVE-2013-3770 (Unspecified vulnerability in the Oracle WebCenter Content
component in ...)
+ TODO: check
+CVE-2013-3769 (Unspecified vulnerability in the Oracle WebCenter Content
component in ...)
+ TODO: check
+CVE-2013-3768 (Unspecified vulnerability in the PeopleSoft Enterprise
PeopleTools ...)
+ TODO: check
+CVE-2013-3767 (Unspecified vulnerability in the Oracle Application Object
Library ...)
+ TODO: check
CVE-2013-3766
RESERVED
-CVE-2013-3765
- RESERVED
-CVE-2013-3764
- RESERVED
-CVE-2013-3763
- RESERVED
+CVE-2013-3765 (Unspecified vulnerability in Oracle Solaris 11 allows local
users to ...)
+ TODO: check
+CVE-2013-3764 (Unspecified vulnerability in the Oracle Endeca Server component
in ...)
+ TODO: check
+CVE-2013-3763 (Unspecified vulnerability in the Oracle Endeca Server component
in ...)
+ TODO: check
CVE-2013-3762
RESERVED
-CVE-2013-3761
- RESERVED
-CVE-2013-3760
- RESERVED
-CVE-2013-3759
- RESERVED
-CVE-2013-3758
- RESERVED
-CVE-2013-3757
- RESERVED
-CVE-2013-3756
- RESERVED
-CVE-2013-3755
- RESERVED
-CVE-2013-3754
- RESERVED
-CVE-2013-3753
- RESERVED
-CVE-2013-3752
- RESERVED
-CVE-2013-3751
- RESERVED
-CVE-2013-3750
- RESERVED
-CVE-2013-3749
- RESERVED
-CVE-2013-3748
- RESERVED
-CVE-2013-3747
- RESERVED
-CVE-2013-3746
- RESERVED
-CVE-2013-3745
- RESERVED
+CVE-2013-3761 (Unspecified vulnerability in the PeopleSoft Enterprise
PeopleTools ...)
+ TODO: check
+CVE-2013-3760 (Unspecified vulnerability in the Oracle executable component in
Oracle ...)
+ TODO: check
+CVE-2013-3759 (Unspecified vulnerability in the PeopleSoft Enterprise
PeopleTools ...)
+ TODO: check
+CVE-2013-3758 (Unspecified vulnerability in the Enterprise Manager (EM) Base
Platform ...)
+ TODO: check
+CVE-2013-3757 (Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11
allows ...)
+ TODO: check
+CVE-2013-3756 (Unspecified vulnerability in the Oracle Landed Cost Management
...)
+ TODO: check
+CVE-2013-3755 (Unspecified vulnerability in the Oracle Access Manager
component in ...)
+ TODO: check
+CVE-2013-3754 (Unspecified vulnerability in the Solaris Cluster component in
Oracle ...)
+ TODO: check
+CVE-2013-3753 (Unspecified vulnerability in Oracle Solaris 11 allows remote
attackers ...)
+ TODO: check
+CVE-2013-3752 (Unspecified vulnerability in Oracle Solaris 11 allows remote
attackers ...)
+ TODO: check
+CVE-2013-3751 (Unspecified vulnerability in the XML Parser component in Oracle
...)
+ TODO: check
+CVE-2013-3750 (Unspecified vulnerability in Oracle Solaris 11 allows local
users to ...)
+ TODO: check
+CVE-2013-3749 (Unspecified vulnerability in the Oracle Application Object
Library ...)
+ TODO: check
+CVE-2013-3748 (Unspecified vulnerability in Oracle Solaris 11 allows remote
attackers ...)
+ TODO: check
+CVE-2013-3747 (Unspecified vulnerability in the Oracle Applications Technology
Stack ...)
+ TODO: check
+CVE-2013-3746 (Unspecified vulnerability in the Solaris Cluster component in
Oracle ...)
+ TODO: check
+CVE-2013-3745 (Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11
allows ...)
+ TODO: check
CVE-2013-3744 (Unspecified vulnerability in the Java Runtime Environment (JRE)
...)
- openjdk-6 <not-affected> (Only affects Java 7)
- openjdk-7 <not-affected> (Deployment components not part of OpenJDK,
only present in Oracle Java)
@@ -6365,12 +6367,10 @@
RESERVED
CVE-2013-2136
RESERVED
-CVE-2013-2135
- RESERVED
+CVE-2013-2135 (Apache Struts 2 before 2.3.14.3 allows remote attackers to
execute ...)
- libstruts1.2-java <not-affected> (Only affects 2.x)
NOTE: http://struts.apache.org/release/2.3.x/docs/s2-015.html
-CVE-2013-2134
- RESERVED
+CVE-2013-2134 (Apache Struts 2 before 2.3.14.3 allows remote attackers to
execute ...)
- libstruts1.2-java <not-affected> (Only affects 2.x)
NOTE: http://struts.apache.org/release/2.3.x/docs/s2-015.html
CVE-2013-2133
@@ -6429,8 +6429,7 @@
CVE-2013-2123
RESERVED
NOT-FOR-US: Node access user reference Drupal contributed module
-CVE-2013-2122
- RESERVED
+CVE-2013-2122 (The Edit Limit module 7.x-1.x before 7.x-1.3 for Drupal does
not ...)
NOT-FOR-US: Edit Limit Drupal contributed module
CVE-2013-2121
RESERVED
@@ -7145,8 +7144,7 @@
- icedtea-web 1.3.2-1
CVE-2013-1926 (The IcedTea-Web plugin before 1.2.3 and 1.3.x before 1.3.2 uses
the ...)
- icedtea-web 1.3.2-1
-CVE-2013-1925
- RESERVED
+CVE-2013-1925 (The Chaos Tool Suite (ctools) module 7.x-1.x before 7.x-1.3 for
Drupal ...)
NOT-FOR-US: CTools module for Drupal
CVE-2013-1924
RESERVED
@@ -7208,10 +7206,10 @@
RESERVED
- qpid-python 0.22-1 (low; bug #714133)
[wheezy] - qpid-python <no-dsa> (Minor issue)
-CVE-2013-1908
- RESERVED
-CVE-2013-1907
- RESERVED
+CVE-2013-1908 (The Commons Wikis module before 7.x-3.1 for Drupal, as used in
the ...)
+ TODO: check
+CVE-2013-1907 (The Commons Group module before 7.x-3.1 for Drupal, as used in
the ...)
+ TODO: check
CVE-2013-1906 (Cross-site scripting (XSS) vulnerability in the Rules module
7.x-2.x ...)
TODO: check
CVE-2013-1905 (Cross-site scripting (XSS) vulnerability in the Zero Point
theme ...)
@@ -11667,8 +11665,8 @@
NOT-FOR-US: Solaris
CVE-2013-0399 (Unspecified vulnerability in Oracle Sun Solaris 9 and 10 allows
local ...)
NOT-FOR-US: Solaris
-CVE-2013-0398
- RESERVED
+CVE-2013-0398 (Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11
allows ...)
+ TODO: check
CVE-2013-0397 (Unspecified vulnerability in the Oracle Applications Framework
...)
NOT-FOR-US: Oracle Applications Framework
CVE-2013-0396 (Unspecified vulnerability in the Application Performance
Management ...)
@@ -12097,12 +12095,10 @@
NOTE: Only affects example code
CVE-2013-0247 (OpenStack Keystone Essex 2012.1.3 and earlier, Folsom 2012.2.3
and ...)
- keystone 2012.1.1-12 (bug #699835)
-CVE-2013-0246 [Access bypass Image module - Drupal 7]
- RESERVED
+CVE-2013-0246 (The Image module in Drupal 7.x before 7.19, when a private file
system ...)
- drupal7 7.14-1.3 (bug #698334)
NOTE: https://drupal.org/SA-CORE-2013-001
-CVE-2013-0245 [Access bypass Book module printer friendly version - Drupal 6
and 7]
- RESERVED
+CVE-2013-0245 (The printer friendly version functionality in the Book module
in ...)
- drupal6 <removed> (bug #698333)
- drupal7 7.14-1.3 (bug #698334)
NOTE: https://drupal.org/SA-CORE-2013-001
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
