[VIM] [CVENEW] New CVE CANs: 2013/03/20 14:00 ; count=10
coley at mitre.org
coley at mitre.org
Wed Mar 20 13:04:29 CDT 2013
======================================================
Name: CVE-2013-0711
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0711
Final-Decision:
Interim-Decision:
Modified:
Proposed:
Assigned: 20121228
Category:
Reference: MISC:http://jvn.jp/en/jp/JVN45545972/995359/index.html
Reference: JVN:JVN#45545972
Reference: URL:http://jvn.jp/en/jp/JVN45545972/index.html
Reference: JVNDB:JVNDB-2013-000018
Reference: URL:http://jvndb.jvn.jp/jvndb/JVNDB-2013-000018
IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9
allows remote attackers to cause a denial of service (daemon outage)
via a crafted authentication request.
======================================================
Name: CVE-2013-0712
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0712
Final-Decision:
Interim-Decision:
Modified:
Proposed:
Assigned: 20121228
Category:
Reference: MISC:http://jvn.jp/en/jp/JVN01611135/995359/index.html
Reference: JVN:JVN#01611135
Reference: URL:http://jvn.jp/en/jp/JVN01611135/index.html
Reference: JVNDB:JVNDB-2013-000019
Reference: URL:http://jvndb.jvn.jp/jvndb/JVNDB-2013-000019
IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9
allows remote authenticated users to cause a denial of service (daemon
outage) via a crafted packet.
======================================================
Name: CVE-2013-0713
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0713
Final-Decision:
Interim-Decision:
Modified:
Proposed:
Assigned: 20121228
Category:
Reference: MISC:http://jvn.jp/en/jp/JVN52492830/995359/index.html
Reference: JVN:JVN#52492830
Reference: URL:http://jvn.jp/en/jp/JVN52492830/index.html
Reference: JVNDB:JVNDB-2013-000020
Reference: URL:http://jvndb.jvn.jp/jvndb/JVNDB-2013-000020
IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9
allows remote authenticated users to cause a denial of service (daemon
outage) via a crafted pty request.
======================================================
Name: CVE-2013-0714
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0714
Final-Decision:
Interim-Decision:
Modified:
Proposed:
Assigned: 20121228
Category:
Reference: MISC:http://jvn.jp/en/jp/JVN20671901/995359/index.html
Reference: JVN:JVN#20671901
Reference: URL:http://jvn.jp/en/jp/JVN20671901/index.html
Reference: JVNDB:JVNDB-2013-000021
Reference: URL:http://jvndb.jvn.jp/jvndb/JVNDB-2013-000021
IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9
allows remote attackers to execute arbitrary code or cause a denial of
service (daemon hang) via a crafted public-key authentication request.
======================================================
Name: CVE-2013-0715
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0715
Final-Decision:
Interim-Decision:
Modified:
Proposed:
Assigned: 20121228
Category:
Reference: MISC:http://jvn.jp/en/jp/JVN65923092/995359/index.html
Reference: JVN:JVN#65923092
Reference: URL:http://jvn.jp/en/jp/JVN65923092/index.html
Reference: JVNDB:JVNDB-2013-000022
Reference: URL:http://jvndb.jvn.jp/jvndb/JVNDB-2013-000022
The WebCLI component in Wind River VxWorks 5.5 through 6.9 allows
remote authenticated users to cause a denial of service (CLI session
crash) via a crafted command string.
======================================================
Name: CVE-2013-0716
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0716
Final-Decision:
Interim-Decision:
Modified:
Proposed:
Assigned: 20121228
Category:
Reference: MISC:http://jvn.jp/en/jp/JVN41022517/995359/index.html
Reference: JVN:JVN#41022517
Reference: URL:http://jvn.jp/en/jp/JVN41022517/index.html
Reference: JVNDB:JVNDB-2013-000023
Reference: URL:http://jvndb.jvn.jp/jvndb/JVNDB-2013-000023
The web server in Wind River VxWorks 5.5 through 6.9 allows remote
attackers to cause a denial of service (daemon crash) via a crafted
URI.
======================================================
Name: CVE-2013-1750
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1750
Final-Decision:
Interim-Decision:
Modified:
Proposed:
Assigned: 20130215
Category:
Reference: CONFIRM:http://service.real.com/realplayer/security/03152013_player/en/
Heap-based buffer overflow in RealNetworks RealPlayer before 16.0.1.18
and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to execute
arbitrary code via a malformed MP4 file.
======================================================
Name: CVE-2013-1876
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1876
Final-Decision:
Interim-Decision:
Modified:
Proposed:
Assigned: 20130219
Category:
** REJECT **
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-2615. Reason:
This candidate is a duplicate of CVE-2013-2615. Notes: All CVE users
should reference CVE-2013-2615 instead of this candidate. All
references and descriptions in this candidate have been removed to
prevent accidental usage.
======================================================
Name: CVE-2013-1877
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1877
Final-Decision:
Interim-Decision:
Modified:
Proposed:
Assigned: 20130219
Category:
** REJECT **
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-2616. Reason:
This candidate is a duplicate of CVE-2013-2616. Notes: All CVE users
should reference CVE-2013-2616 instead of this candidate. All
references and descriptions in this candidate have been removed to
prevent accidental usage.
======================================================
Name: CVE-2013-1878
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1878
Final-Decision:
Interim-Decision:
Modified:
Proposed:
Assigned: 20130219
Category:
** REJECT **
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-2617. Reason:
This candidate is a duplicate of CVE-2013-2617. Notes: All CVE users
should reference CVE-2013-2617 instead of this candidate. All
references and descriptions in this candidate have been removed to
prevent accidental usage.
More information about the VIM
mailing list