[Secure-testing-commits] r19486 - data/CVE

Joey Hess Thu, 14 Jun 2012 14:14:30 -0700

Author: joeyh
Date: 2012-06-14 21:14:20 +0000 (Thu, 14 Jun 2012)
New Revision: 19486


Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2012-06-14 20:07:50 UTC (rev 19485)
+++ data/CVE/list       2012-06-14 21:14:20 UTC (rev 19486)
@@ -1,3 +1,15 @@
+CVE-2012-3352
+       RESERVED
+CVE-2012-3351
+       RESERVED
+CVE-2012-3350
+       RESERVED
+CVE-2012-3349
+       RESERVED
+CVE-2012-3348
+       RESERVED
+CVE-2012-3347 (AutoFORM PDM Archive before 7.0 implements user accounts in a 
way that ...)
+       TODO: check
 CVE-2012-3346
        RESERVED
 CVE-2012-3345
@@ -118,8 +130,7 @@
        RESERVED
 CVE-2012-3288
        RESERVED
-CVE-2012-3287
-       RESERVED
+CVE-2012-3287 (Poul-Henning Kamp md5crypt has insufficient algorithmic 
complexity and ...)
        NOT-FOR-US: md5crypt
 CVE-2012-3286
        RESERVED
@@ -1562,12 +1573,12 @@
        RESERVED
 CVE-2012-2607
        RESERVED
-CVE-2012-2606
-       RESERVED
-CVE-2012-2605
-       RESERVED
-CVE-2012-2604
-       RESERVED
+CVE-2012-2606 (The agent in Bradford Network Sentry before 5.3.3 does not 
require ...)
+       TODO: check
+CVE-2012-2605 (Multiple cross-site request forgery (CSRF) vulnerabilities in 
the ...)
+       TODO: check
+CVE-2012-2604 (Multiple cross-site scripting (XSS) vulnerabilities in 
GuestAccess.jsp ...)
+       TODO: check
 CVE-2012-2603 (The server in CollabNet ScrumWorks Pro before 6.0 allows remote 
...)
        TODO: check
 CVE-2012-2602
@@ -3190,8 +3201,8 @@
        RESERVED
 CVE-2012-2012
        RESERVED
-CVE-2012-2011
-       RESERVED
+CVE-2012-2011 (Multiple cross-site scripting (XSS) vulnerabilities in HP Web 
Jetadmin ...)
+       TODO: check
 CVE-2012-2010 (The ACMELOGIN implementation in HP OpenVMS 8.3 and 8.4 on the 
Alpha ...)
        NOT-FOR-US: OpenVMS
 CVE-2012-2009 (Unspecified vulnerability in HP Performance Insight for 
Networks ...)
@@ -3485,7 +3496,7 @@
        TODO: check
 CVE-2012-1877 (Microsoft Internet Explorer 6 through 9 does not properly 
handle ...)
        TODO: check
-CVE-2012-1876 (Microsoft Internet Explorer 6 through 9 does not properly 
handle ...)
+CVE-2012-1876 (Microsoft Internet Explorer 6 through 9, and 10 Consumer 
Preview, does ...)
        TODO: check
 CVE-2012-1875 (Microsoft Internet Explorer 8 does not properly handle objects 
in ...)
        TODO: check
@@ -3580,12 +3591,12 @@
        RESERVED
 CVE-2012-1830
        RESERVED
-CVE-2012-1829
-       RESERVED
-CVE-2012-1828
-       RESERVED
-CVE-2012-1827
-       RESERVED
+CVE-2012-1829 (Multiple cross-site scripting (XSS) vulnerabilities in AutoFORM 
PDM ...)
+       TODO: check
+CVE-2012-1828 (The administrative functions in AutoFORM PDM Archive before 7.1 
do not ...)
+       TODO: check
+CVE-2012-1827 (The web service in AutoFORM PDM Archive before 7.1 does not 
have ...)
+       TODO: check
 CVE-2012-1826 (dotCMS 1.9 before 1.9.5.1 allows remote authenticated users to 
execute ...)
        TODO: check
 CVE-2012-1825 (Multiple cross-site scripting (XSS) vulnerabilities in the 
status ...)
@@ -3601,8 +3612,7 @@
        RESERVED
 CVE-2012-1821 (The Network Threat Protection module in the Manager component 
in ...)
        NOT-FOR-US: Symantec Endpoint Protection on Windows Server 2003
-CVE-2012-1820
-       RESERVED
+CVE-2012-1820 (The bgp_capability_orf function in bgpd in Quagga 0.99.20.1 and 
...)
        - quagga <unfixed> (bug #676510)
 CVE-2012-1819 (Untrusted search path vulnerability in WellinTech KingView 6.53 
allows ...)
        NOT-FOR-US: WellinTech KingView
@@ -4290,7 +4300,8 @@
        RESERVED
 CVE-2012-1545 (Microsoft Internet Explorer 6 through 9, and 10 Consumer 
Preview, ...)
        NOT-FOR-US: Microsoft Internet Explorer
-CVE-2012-1544 (Heap-based buffer overflow in Microsoft Internet Explorer 6 
through 9, ...)
+CVE-2012-1544
+       REJECTED
        NOT-FOR-US: Microsoft Internet Explorer
 CVE-2012-1543
        RESERVED
@@ -5953,8 +5964,10 @@
        - ffmpeg <removed>
 CVE-2012-0852
        RESERVED
+       {DSA-2494-1}
 CVE-2012-0851
        RESERVED
+       {DSA-2494-1}
        - libav 6:0.8.3-1
        - ffmpeg <removed>
 CVE-2012-0850
@@ -11548,10 +11561,12 @@
        - webkit <undetermined>
 CVE-2011-3952
        RESERVED
+       {DSA-2494-1}
        - libav 4:0.8.1-1
        - ffmpeg <removed>
 CVE-2011-3951
        RESERVED
+       {DSA-2494-1}
        - libav 4:0.8.1-1
        - ffmpeg <removed>
 CVE-2011-3950
@@ -15768,8 +15783,8 @@
        NOT-FOR-US: Cisco SA 500 series appliances management interface
 CVE-2011-2546 (SQL injection vulnerability in the web-based management 
interface on ...)
        NOT-FOR-US: Cisco SA 500 series appliances management interface
-CVE-2011-2545
-       RESERVED
+CVE-2011-2545 (Cross-site scripting (XSS) vulnerability in the SIP 
implementation on ...)
+       TODO: check
 CVE-2011-2544 (Cross-site scripting (XSS) vulnerability in the web interface 
in Cisco ...)
        NOT-FOR-US: Cisco
 CVE-2011-2543 (Buffer overflow in the cuil component in Cisco Telepresence 
System ...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r19486 - data/CVE

Reply via email to