Author: joeyh
Date: 2013-11-01 21:14:28 +0000 (Fri, 01 Nov 2013)
New Revision: 24249
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-11-01 18:20:57 UTC (rev 24248)
+++ data/CVE/list 2013-11-01 21:14:28 UTC (rev 24249)
@@ -1,3 +1,105 @@
+CVE-2013-6340
+ RESERVED
+CVE-2013-6339
+ RESERVED
+CVE-2013-6338
+ RESERVED
+CVE-2013-6337
+ RESERVED
+CVE-2013-6336
+ RESERVED
+CVE-2013-6335
+ RESERVED
+CVE-2013-6334
+ RESERVED
+CVE-2013-6333
+ RESERVED
+CVE-2013-6332
+ RESERVED
+CVE-2013-6331
+ RESERVED
+CVE-2013-6330
+ RESERVED
+CVE-2013-6329
+ RESERVED
+CVE-2013-6328
+ RESERVED
+CVE-2013-6327
+ RESERVED
+CVE-2013-6326
+ RESERVED
+CVE-2013-6325
+ RESERVED
+CVE-2013-6324
+ RESERVED
+CVE-2013-6323
+ RESERVED
+CVE-2013-6322
+ RESERVED
+CVE-2013-6321
+ RESERVED
+CVE-2013-6320
+ RESERVED
+CVE-2013-6319
+ RESERVED
+CVE-2013-6318
+ RESERVED
+CVE-2013-6317
+ RESERVED
+CVE-2013-6316
+ RESERVED
+CVE-2013-6315
+ RESERVED
+CVE-2013-6314
+ RESERVED
+CVE-2013-6313
+ RESERVED
+CVE-2013-6312
+ RESERVED
+CVE-2013-6311
+ RESERVED
+CVE-2013-6310
+ RESERVED
+CVE-2013-6309
+ RESERVED
+CVE-2013-6308
+ RESERVED
+CVE-2013-6307
+ RESERVED
+CVE-2013-6306
+ RESERVED
+CVE-2013-6305
+ RESERVED
+CVE-2013-6304
+ RESERVED
+CVE-2013-6303
+ RESERVED
+CVE-2013-6302
+ RESERVED
+CVE-2013-6301
+ RESERVED
+CVE-2013-6300
+ RESERVED
+CVE-2013-6299
+ RESERVED
+CVE-2013-6298
+ RESERVED
+CVE-2013-6297
+ RESERVED
+CVE-2013-6296
+ RESERVED
+CVE-2013-6295
+ RESERVED
+CVE-2013-6294
+ RESERVED
+CVE-2013-6293
+ RESERVED
+CVE-2013-6292
+ RESERVED
+CVE-2013-6291
+ RESERVED
+CVE-2013-6290
+ RESERVED
CVE-2013-6287
RESERVED
CVE-2013-6286
@@ -1559,71 +1661,61 @@
RESERVED
CVE-2013-5605
RESERVED
-CVE-2013-5604
- RESERVED
+CVE-2013-5604 (The txXPathNodeUtils::getBaseURI function in the XSLT processor
in ...)
{DSA-2788-1}
- iceweasel <unfixed>
[squeeze] - iceweasel <end-of-life>
- icedove <unfixed>
- iceape <unfixed>
-CVE-2013-5603
- RESERVED
+CVE-2013-5603 (Use-after-free vulnerability in the ...)
- iceweasel <unfixed>
[wheezy] - iceweasel <not-affected> (Only affects Firefox > 17)
[squeeze] - iceweasel <end-of-life>
- icedove <not-affected> (Only affects Firefox > 17)
- iceape <not-affected> (Only affects Firefox > 17)
-CVE-2013-5602
- RESERVED
+CVE-2013-5602 (The Worker::SetEventListener function in the Web workers ...)
{DSA-2788-1}
- iceweasel <unfixed>
[squeeze] - iceweasel <end-of-life>
- icedove <unfixed>
- iceape <unfixed>
-CVE-2013-5601
- RESERVED
+CVE-2013-5601 (Use-after-free vulnerability in the ...)
{DSA-2788-1}
- iceweasel <unfixed>
[squeeze] - iceweasel <end-of-life>
- icedove <unfixed>
- iceape <unfixed>
-CVE-2013-5600
- RESERVED
+CVE-2013-5600 (Use-after-free vulnerability in the ...)
{DSA-2788-1}
- iceweasel <unfixed>
[squeeze] - iceweasel <end-of-life>
- icedove <unfixed>
- iceape <unfixed>
-CVE-2013-5599
- RESERVED
+CVE-2013-5599 (Use-after-free vulnerability in the
nsIPresShell::GetPresContext ...)
{DSA-2788-1}
- iceweasel <unfixed>
[squeeze] - iceweasel <end-of-life>
- icedove <unfixed>
- iceape <unfixed>
-CVE-2013-5598
- RESERVED
+CVE-2013-5598 (PDF.js in Mozilla Firefox before 25.0 and Firefox ESR 24.x
before 24.1 ...)
- iceweasel <unfixed>
[wheezy] - iceweasel <not-affected> (Only affects Firefox >=24)
[squeeze] - iceweasel <end-of-life>
- icedove <not-affected> (Only affects Firefox >=24)
- iceape <not-affected> (Only affects Firefox >=24)
-CVE-2013-5597
- RESERVED
+CVE-2013-5597 (Use-after-free vulnerability in the
nsDocLoader::doStopDocumentLoad ...)
{DSA-2788-1}
- iceweasel <unfixed>
[squeeze] - iceweasel <end-of-life>
- icedove <unfixed>
- iceape <unfixed>
-CVE-2013-5596
- RESERVED
+CVE-2013-5596 (The cycle collection (CC) implementation in Mozilla Firefox
before ...)
- iceweasel <unfixed>
[wheezy] - iceweasel <not-affected> (Only affects Firefox > 17)
[squeeze] - iceweasel <end-of-life>
- icedove <not-affected> (Only affects Firefox > 17)
- iceape <not-affected> (Only affects Firefox > 17)
-CVE-2013-5595
- RESERVED
+CVE-2013-5595 (The JavaScript engine in Mozilla Firefox before 25.0, Firefox
ESR 17.x ...)
{DSA-2788-1}
- iceweasel <unfixed>
[squeeze] - iceweasel <end-of-life>
@@ -1631,29 +1723,25 @@
- iceape <unfixed>
CVE-2013-5594
RESERVED
-CVE-2013-5593
- RESERVED
+CVE-2013-5593 (The SELECT element implementation in Mozilla Firefox before
25.0, ...)
- iceweasel <unfixed>
[wheezy] - iceweasel <not-affected> (Only affects Firefox > 17)
[squeeze] - iceweasel <end-of-life>
- icedove <not-affected> (Only affects Firefox > 17)
- iceape <not-affected> (Only affects Firefox > 17)
-CVE-2013-5592
- RESERVED
+CVE-2013-5592 (Multiple unspecified vulnerabilities in the browser engine in
Mozilla ...)
- iceweasel <unfixed>
[wheezy] - iceweasel <not-affected> (Only affects Firefox >=24)
[squeeze] - iceweasel <end-of-life>
- icedove <unfixed>
- iceape <unfixed>
-CVE-2013-5591
- RESERVED
+CVE-2013-5591 (Unspecified vulnerability in the browser engine in Mozilla
Firefox ...)
- iceweasel <unfixed>
[wheezy] - iceweasel <not-affected> (Only affects Firefox >=24)
[squeeze] - iceweasel <end-of-life>
- icedove <unfixed>
- iceape <unfixed>
-CVE-2013-5590
- RESERVED
+CVE-2013-5590 (Multiple unspecified vulnerabilities in the browser engine in
Mozilla ...)
{DSA-2788-1}
- iceweasel <unfixed>
[squeeze] - iceweasel <end-of-life>
@@ -1761,32 +1849,32 @@
RESERVED
CVE-2013-5556
RESERVED
-CVE-2013-5555
- RESERVED
+CVE-2013-5555 (Cisco Unified Communications Manager (aka CUCM or Unified CM)
allows ...)
+ TODO: check
CVE-2013-5554
RESERVED
CVE-2013-5553
RESERVED
CVE-2013-5552
RESERVED
-CVE-2013-5551
- RESERVED
+CVE-2013-5551 (Cisco Adaptive Security Appliance (ASA) Software, when certain
...)
+ TODO: check
CVE-2013-5550 (The fabric-interconnect component in Cisco Unified Computing
System ...)
NOT-FOR-US: Cisco Unified Computing System
CVE-2013-5549 (Cisco IOS XR 3.8.1 through 4.2.0 does not properly process
fragmented ...)
NOT-FOR-US: Cisco IOS XR
-CVE-2013-5548
- RESERVED
-CVE-2013-5547
- RESERVED
-CVE-2013-5546
- RESERVED
-CVE-2013-5545
- RESERVED
+CVE-2013-5548 (The IKEv2 implementation in Cisco IOS, when AES-GCM or AES-GMAC
is ...)
+ TODO: check
+CVE-2013-5547 (Cisco IOS XE 3.9 before 3.9.2S on 1000 ASR devices allows
remote ...)
+ TODO: check
+CVE-2013-5546 (The TCP reassembly feature in Cisco IOS XE 3.7 before 3.7.3S
and 3.8 ...)
+ TODO: check
+CVE-2013-5545 (The PPTP ALG implementation in Cisco IOS XE 3.9 before 3.9.2S
on 1000 ...)
+ TODO: check
CVE-2013-5544 (The VPN authentication functionality in Cisco Adaptive Security
...)
NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2013-5543
- RESERVED
+CVE-2013-5543 (Cisco IOS XE 3.4 before 3.4.2S and 3.5 before 3.5.1S on 1000
ASR ...)
+ TODO: check
CVE-2013-5542 (Cisco Adaptive Security Appliance (ASA) Software 8.4 before
8.4(7.2), ...)
NOT-FOR-US: Cisco Adaptive Security Appliance
CVE-2013-5541 (Cross-site scripting (XSS) vulnerability in the file-upload
interface ...)
@@ -2009,8 +2097,8 @@
RESERVED
CVE-2013-5432
RESERVED
-CVE-2013-5431
- RESERVED
+CVE-2013-5431 (Open redirect vulnerability in IBM Tivoli Federated Identity
Manager ...)
+ TODO: check
CVE-2013-5430 (The Jazz Team Server component in IBM Security AppScan
Enterprise 8.x ...)
NOT-FOR-US: IBM Security AppScan Enterprise
CVE-2013-5429
@@ -3579,8 +3667,8 @@
RESERVED
CVE-2013-4714
RESERVED
-CVE-2013-4713
- RESERVED
+CVE-2013-4713 (Cross-site scripting (XSS) vulnerability in I-O DATA DEVICE
RockDisk ...)
+ TODO: check
CVE-2013-4712 (I-O DATA DEVICE HDL-A and HDL2-A devices with firmware 1.07 and
...)
NOT-FOR-US: I-O DATA DEVICE HDL-A and HDL2-A devices
CVE-2013-4711 (Cross-site scripting (XSS) vulnerability in Accela BizSearch
3.2 on ...)
@@ -4069,8 +4157,7 @@
RESERVED
CVE-2013-4485
RESERVED
-CVE-2013-4484 [crashes if GET consists from whitespaces only]
- RESERVED
+CVE-2013-4484 (Varnish before 3.0.5 allows remote attackers to cause a denial
of ...)
- varnish <unfixed>
NOTE: https://www.varnish-cache.org/trac/ticket/1367
CVE-2013-4483 [ipc: ipc_rcu_putref refcount races]
@@ -4835,8 +4922,7 @@
CVE-2013-4262 [svnwcsub.py and irkerbridge.py are vulnerable to symlink attack]
RESERVED
- subversion <not-affected> (Optional admin-side utilities in
Subversion 1.8.x)
-CVE-2013-4261 [DoS]
- RESERVED
+CVE-2013-4261 (OpenStack Compute (Nova) Folsom, Grizzly, and earlier, when
using ...)
- nova 2013.2-1
NOTE: https://bugs.launchpad.net/nova/+bug/1215091/comments/10
(relevant question for other components)
NOTE: probably does not affect Essex/2012.1, see
https://bugs.launchpad.net/nova/+bug/1215091/comments/6
@@ -5104,8 +5190,7 @@
NOT-FOR-US: Flippy Contributed Drupal module
CVE-2013-4186
RESERVED
-CVE-2013-4185 [Denial of Service in Nova network source security groups]
- RESERVED
+CVE-2013-4185 (Algorithmic complexity vulnerability in OpenStack Compute
(Nova) ...)
- nova 2013.1.2-3 (bug #718907)
CVE-2013-4184 [symlink attacks]
RESERVED
@@ -6473,8 +6558,8 @@
RESERVED
CVE-2013-3631
RESERVED
-CVE-2013-3630
- RESERVED
+CVE-2013-3630 (Moodle through 2.5.2 allows remote authenticated administrators
to ...)
+ TODO: check
CVE-2013-3629
RESERVED
CVE-2013-3628
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
