Author: joeyh
Date: 2012-04-20 21:14:46 +0000 (Fri, 20 Apr 2012)
New Revision: 19025
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-04-20 20:29:38 UTC (rev 19024)
+++ data/CVE/list 2012-04-20 21:14:46 UTC (rev 19025)
@@ -1,3 +1,249 @@
+CVE-2012-2398 (Cross-site scripting (XSS) vulnerability in
files/ajax/download.php in ...)
+ TODO: check
+CVE-2012-2397 (Cross-site request forgery (CSRF) vulnerability in ownCloud
3.0.2 ...)
+ TODO: check
+CVE-2012-2396 (VideoLAN VLC media player 2.0.1 allows remote attackers to
cause a ...)
+ TODO: check
+CVE-2012-2395
+ RESERVED
+CVE-2012-2394
+ RESERVED
+CVE-2012-2393
+ RESERVED
+CVE-2012-2392
+ RESERVED
+CVE-2012-2391
+ RESERVED
+CVE-2012-2390
+ RESERVED
+CVE-2012-2389
+ RESERVED
+CVE-2012-2388
+ RESERVED
+CVE-2012-2387
+ RESERVED
+CVE-2012-2386
+ RESERVED
+CVE-2012-2385
+ RESERVED
+CVE-2012-2384
+ RESERVED
+CVE-2012-2383
+ RESERVED
+CVE-2012-2382
+ RESERVED
+CVE-2012-2381
+ RESERVED
+CVE-2012-2380
+ RESERVED
+CVE-2012-2379
+ RESERVED
+CVE-2012-2378
+ RESERVED
+CVE-2012-2377
+ RESERVED
+CVE-2012-2376
+ RESERVED
+CVE-2012-2375
+ RESERVED
+CVE-2012-2374
+ RESERVED
+CVE-2012-2373
+ RESERVED
+CVE-2012-2372
+ RESERVED
+CVE-2012-2371
+ RESERVED
+CVE-2012-2370
+ RESERVED
+CVE-2012-2369
+ RESERVED
+CVE-2012-2368
+ RESERVED
+CVE-2012-2367
+ RESERVED
+CVE-2012-2366
+ RESERVED
+CVE-2012-2365
+ RESERVED
+CVE-2012-2364
+ RESERVED
+CVE-2012-2363
+ RESERVED
+CVE-2012-2362
+ RESERVED
+CVE-2012-2361
+ RESERVED
+CVE-2012-2360
+ RESERVED
+CVE-2012-2359
+ RESERVED
+CVE-2012-2358
+ RESERVED
+CVE-2012-2357
+ RESERVED
+CVE-2012-2356
+ RESERVED
+CVE-2012-2355
+ RESERVED
+CVE-2012-2354
+ RESERVED
+CVE-2012-2353
+ RESERVED
+CVE-2012-2352
+ RESERVED
+CVE-2012-2351
+ RESERVED
+CVE-2012-2350
+ RESERVED
+CVE-2012-2349
+ RESERVED
+CVE-2012-2348
+ RESERVED
+CVE-2012-2347
+ RESERVED
+CVE-2012-2346
+ RESERVED
+CVE-2012-2345
+ RESERVED
+CVE-2012-2344
+ RESERVED
+CVE-2012-2343
+ RESERVED
+CVE-2012-2342
+ RESERVED
+CVE-2012-2341
+ RESERVED
+CVE-2012-2340
+ RESERVED
+CVE-2012-2339
+ RESERVED
+CVE-2012-2338
+ RESERVED
+CVE-2012-2337
+ RESERVED
+CVE-2012-2336
+ RESERVED
+CVE-2012-2335
+ RESERVED
+CVE-2012-2334
+ RESERVED
+CVE-2012-2333
+ RESERVED
+CVE-2012-2332
+ RESERVED
+CVE-2012-2331
+ RESERVED
+CVE-2012-2330
+ RESERVED
+CVE-2012-2329
+ RESERVED
+CVE-2012-2328
+ RESERVED
+CVE-2012-2327
+ RESERVED
+CVE-2012-2326
+ RESERVED
+CVE-2012-2325
+ RESERVED
+CVE-2012-2324
+ RESERVED
+CVE-2012-2323
+ RESERVED
+CVE-2012-2322
+ RESERVED
+CVE-2012-2321
+ RESERVED
+CVE-2012-2320
+ RESERVED
+CVE-2012-2319
+ RESERVED
+CVE-2012-2318
+ RESERVED
+CVE-2012-2317
+ RESERVED
+CVE-2012-2316
+ RESERVED
+CVE-2012-2315
+ RESERVED
+CVE-2012-2314
+ RESERVED
+CVE-2012-2313
+ RESERVED
+CVE-2012-2312
+ RESERVED
+CVE-2012-2311
+ RESERVED
+CVE-2012-2310
+ RESERVED
+CVE-2012-2309
+ RESERVED
+CVE-2012-2308
+ RESERVED
+CVE-2012-2307
+ RESERVED
+CVE-2012-2306
+ RESERVED
+CVE-2012-2305
+ RESERVED
+CVE-2012-2304
+ RESERVED
+CVE-2012-2303
+ RESERVED
+CVE-2012-2302
+ RESERVED
+CVE-2012-2301
+ RESERVED
+CVE-2012-2300
+ RESERVED
+CVE-2012-2299
+ RESERVED
+CVE-2012-2298
+ RESERVED
+CVE-2012-2297
+ RESERVED
+CVE-2012-2296
+ RESERVED
+CVE-2012-2295
+ RESERVED
+CVE-2012-2294
+ RESERVED
+CVE-2012-2293
+ RESERVED
+CVE-2012-2292
+ RESERVED
+CVE-2012-2291
+ RESERVED
+CVE-2012-2290
+ RESERVED
+CVE-2012-2289
+ RESERVED
+CVE-2012-2288
+ RESERVED
+CVE-2012-2287
+ RESERVED
+CVE-2012-2286
+ RESERVED
+CVE-2012-2285
+ RESERVED
+CVE-2012-2284
+ RESERVED
+CVE-2012-2283
+ RESERVED
+CVE-2012-2282
+ RESERVED
+CVE-2012-2281
+ RESERVED
+CVE-2012-2280
+ RESERVED
+CVE-2012-2279
+ RESERVED
+CVE-2012-2278
+ RESERVED
+CVE-2012-2277
+ RESERVED
+CVE-2012-2276
+ RESERVED
CVE-2012-XXXX
- pastescript <unfixed>
NOTE:
https://groups.google.com/d/topic/paste-users/KqZRujMcJHE/discussion
@@ -6,16 +252,16 @@
RESERVED
CVE-2012-2274
RESERVED
-CVE-2012-2273
- RESERVED
+CVE-2012-2273 (Comodo Internet Security before 5.10.228257.2253 on Windows 7
x64 ...)
+ TODO: check
CVE-2012-2272
RESERVED
CVE-2012-2271
RESERVED
-CVE-2012-2270
- RESERVED
-CVE-2012-2269
- RESERVED
+CVE-2012-2270 (Open redirect vulnerability in index.php (aka the Login Page)
in ...)
+ TODO: check
+CVE-2012-2269 (Multiple cross-site scripting (XSS) vulnerabilities in ownCloud
3.0.0 ...)
+ TODO: check
CVE-2011-5089 (Buffer overflow in the Security Login ActiveX controls in
ICONICS ...)
NOT-FOR-US: ICONICS, BizViz
CVE-2011-5088 (The GENESIS32 IcoSetServer ActiveX control in ICONICS GENESIS32
9.21 ...)
@@ -88,8 +334,8 @@
RESERVED
CVE-2012-2237
RESERVED
-CVE-2012-2236
- RESERVED
+CVE-2012-2236 (SQL injection vulnerability in users.php in PHP Gift Registry
1.5.5 ...)
+ TODO: check
CVE-2012-XXXX [dokuwiki doku.php 'target' param xss]
- dokuwiki <unfixed>
TODO: check
@@ -359,12 +605,12 @@
RESERVED
CVE-2012-2112
RESERVED
+ {DSA-2455-1}
- typo3-src <unfixed> (bug #669158)
NOTE:
http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-002/
CVE-2012-2111
RESERVED
-CVE-2012-2110 [ossl DER int conversion issues]
- RESERVED
+CVE-2012-2110 (The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in
OpenSSL ...)
{DSA-2454-1}
- openssl 1.0.1a-1
NOTE: http://www.openssl.org/news/secadv_20120419.txt
@@ -4539,10 +4785,10 @@
RESERVED
CVE-2012-0408
RESERVED
-CVE-2012-0407
- RESERVED
-CVE-2012-0406
- RESERVED
+CVE-2012-0407 (Integer overflow in the DPA_Utilities library in EMC Data
Protection ...)
+ TODO: check
+CVE-2012-0406 (The DPA_Utilities.cProcessAuthenticationData function in EMC
Data ...)
+ TODO: check
CVE-2012-0405
RESERVED
CVE-2012-0404 (Cross-site scripting (XSS) vulnerability in EMC Documentum
eRoom ...)
@@ -5564,6 +5810,7 @@
CVE-2006-7251
RESERVED
CVE-2006-7250 (The mime_hdr_cmp function in crypto/asn1/asn_mime.c in OpenSSL
0.9.8t ...)
+ {DSA-2454-1}
- openssl 1.0.0h-1
NOTE: DSA addressed it in patch for CVE-2012-1165
CVE-2006-7249
@@ -5867,8 +6114,8 @@
NOT-FOR-US: Microsoft
CVE-2012-0135 (Unspecified vulnerability in HP System Management Homepage
(SMH) ...)
NOT-FOR-US: HP System Management Homepage
-CVE-2012-0134
- RESERVED
+CVE-2012-0134 (Unspecified vulnerability in HP OpenVMS 7.3-2 on the Alpha
platform, ...)
+ TODO: check
CVE-2012-0133 (HP ProCurve 5400 zl switches with certain serial numbers
include a ...)
NOT-FOR-US: HP ProCurve
CVE-2012-0132 (Cross-site scripting (XSS) vulnerability in HP Business
Availability ...)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
