[VIM] [CVENEW] New CVE CANs: 2013/03/20 14:00 ; count=10

coley at mitre.org coley at mitre.org
Wed Mar 20 13:04:29 CDT 2013


======================================================
Name: CVE-2013-0711
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0711
Final-Decision: 
Interim-Decision: 
Modified: 
Proposed: 
Assigned: 20121228
Category: 
Reference: MISC:http://jvn.jp/en/jp/JVN45545972/995359/index.html
Reference: JVN:JVN#45545972
Reference: URL:http://jvn.jp/en/jp/JVN45545972/index.html
Reference: JVNDB:JVNDB-2013-000018
Reference: URL:http://jvndb.jvn.jp/jvndb/JVNDB-2013-000018

IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9
allows remote attackers to cause a denial of service (daemon outage)
via a crafted authentication request.



======================================================
Name: CVE-2013-0712
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0712
Final-Decision: 
Interim-Decision: 
Modified: 
Proposed: 
Assigned: 20121228
Category: 
Reference: MISC:http://jvn.jp/en/jp/JVN01611135/995359/index.html
Reference: JVN:JVN#01611135
Reference: URL:http://jvn.jp/en/jp/JVN01611135/index.html
Reference: JVNDB:JVNDB-2013-000019
Reference: URL:http://jvndb.jvn.jp/jvndb/JVNDB-2013-000019

IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9
allows remote authenticated users to cause a denial of service (daemon
outage) via a crafted packet.



======================================================
Name: CVE-2013-0713
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0713
Final-Decision: 
Interim-Decision: 
Modified: 
Proposed: 
Assigned: 20121228
Category: 
Reference: MISC:http://jvn.jp/en/jp/JVN52492830/995359/index.html
Reference: JVN:JVN#52492830
Reference: URL:http://jvn.jp/en/jp/JVN52492830/index.html
Reference: JVNDB:JVNDB-2013-000020
Reference: URL:http://jvndb.jvn.jp/jvndb/JVNDB-2013-000020

IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9
allows remote authenticated users to cause a denial of service (daemon
outage) via a crafted pty request.



======================================================
Name: CVE-2013-0714
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0714
Final-Decision: 
Interim-Decision: 
Modified: 
Proposed: 
Assigned: 20121228
Category: 
Reference: MISC:http://jvn.jp/en/jp/JVN20671901/995359/index.html
Reference: JVN:JVN#20671901
Reference: URL:http://jvn.jp/en/jp/JVN20671901/index.html
Reference: JVNDB:JVNDB-2013-000021
Reference: URL:http://jvndb.jvn.jp/jvndb/JVNDB-2013-000021

IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9
allows remote attackers to execute arbitrary code or cause a denial of
service (daemon hang) via a crafted public-key authentication request.



======================================================
Name: CVE-2013-0715
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0715
Final-Decision: 
Interim-Decision: 
Modified: 
Proposed: 
Assigned: 20121228
Category: 
Reference: MISC:http://jvn.jp/en/jp/JVN65923092/995359/index.html
Reference: JVN:JVN#65923092
Reference: URL:http://jvn.jp/en/jp/JVN65923092/index.html
Reference: JVNDB:JVNDB-2013-000022
Reference: URL:http://jvndb.jvn.jp/jvndb/JVNDB-2013-000022

The WebCLI component in Wind River VxWorks 5.5 through 6.9 allows
remote authenticated users to cause a denial of service (CLI session
crash) via a crafted command string.



======================================================
Name: CVE-2013-0716
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0716
Final-Decision: 
Interim-Decision: 
Modified: 
Proposed: 
Assigned: 20121228
Category: 
Reference: MISC:http://jvn.jp/en/jp/JVN41022517/995359/index.html
Reference: JVN:JVN#41022517
Reference: URL:http://jvn.jp/en/jp/JVN41022517/index.html
Reference: JVNDB:JVNDB-2013-000023
Reference: URL:http://jvndb.jvn.jp/jvndb/JVNDB-2013-000023

The web server in Wind River VxWorks 5.5 through 6.9 allows remote
attackers to cause a denial of service (daemon crash) via a crafted
URI.



======================================================
Name: CVE-2013-1750
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1750
Final-Decision: 
Interim-Decision: 
Modified: 
Proposed: 
Assigned: 20130215
Category: 
Reference: CONFIRM:http://service.real.com/realplayer/security/03152013_player/en/

Heap-based buffer overflow in RealNetworks RealPlayer before 16.0.1.18
and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to execute
arbitrary code via a malformed MP4 file.



======================================================
Name: CVE-2013-1876
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1876
Final-Decision: 
Interim-Decision: 
Modified: 
Proposed: 
Assigned: 20130219
Category: 

** REJECT **

DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: CVE-2013-2615.  Reason:
This candidate is a duplicate of CVE-2013-2615.  Notes: All CVE users
should reference CVE-2013-2615 instead of this candidate.  All
references and descriptions in this candidate have been removed to
prevent accidental usage.



======================================================
Name: CVE-2013-1877
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1877
Final-Decision: 
Interim-Decision: 
Modified: 
Proposed: 
Assigned: 20130219
Category: 

** REJECT **

DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: CVE-2013-2616.  Reason:
This candidate is a duplicate of CVE-2013-2616.  Notes: All CVE users
should reference CVE-2013-2616 instead of this candidate.  All
references and descriptions in this candidate have been removed to
prevent accidental usage.



======================================================
Name: CVE-2013-1878
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1878
Final-Decision: 
Interim-Decision: 
Modified: 
Proposed: 
Assigned: 20130219
Category: 

** REJECT **

DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: CVE-2013-2617.  Reason:
This candidate is a duplicate of CVE-2013-2617.  Notes: All CVE users
should reference CVE-2013-2617 instead of this candidate.  All
references and descriptions in this candidate have been removed to
prevent accidental usage.





More information about the VIM mailing list