Author: joeyh
Date: 2012-07-26 21:14:22 +0000 (Thu, 26 Jul 2012)
New Revision: 19809
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-07-26 17:55:49 UTC (rev 19808)
+++ data/CVE/list 2012-07-26 21:14:22 UTC (rev 19809)
@@ -1,3 +1,31 @@
+CVE-2012-4061 (Multiple SQL injection vulnerabilities in ASP-DEv XM Diary
allow ...)
+ TODO: check
+CVE-2012-4060 (Multiple SQL injection vulnerabilities in ASP-DEv XM Forums RC3
allow ...)
+ TODO: check
+CVE-2012-4059 (Cross-site request forgery (CSRF) vulnerability in
home/secretqtn.php ...)
+ TODO: check
+CVE-2012-4058 (Cross-site scripting (XSS) vulnerability in SocketMail Pro
2.2.9 ...)
+ TODO: check
+CVE-2012-4057 (Buffer overflow in the Player in Remote-Anything 5.60.15 allows
remote ...)
+ TODO: check
+CVE-2012-4056 (SQL injection vulnerability in index2.php in Uiga Personal
Portal ...)
+ TODO: check
+CVE-2012-4055 (SQL injection vulnerability in index2.php in Uiga Fan Club
allows ...)
+ TODO: check
+CVE-2012-4054 (Buffer overflow in the readfile function in CPE17 Autorun
Killer 1.7.1 ...)
+ TODO: check
+CVE-2012-4053 (Cross-site request forgery (CSRF) vulnerability in eZOE flash
player ...)
+ TODO: check
+CVE-2012-4052
+ RESERVED
+CVE-2012-4051
+ RESERVED
+CVE-2007-6754 (The ipalloc function in libc/stdlib/malloc.c in jemalloc in
libc for ...)
+ TODO: check
+CVE-2006-7252 (Integer overflow in the calloc function in libc/stdlib/malloc.c
in ...)
+ TODO: check
+CVE-2005-4895 (Multiple integer overflows in TCMalloc (tcmalloc.cc) in
gperftools ...)
+ TODO: check
CVE-2012-XXXX [XSA-10: HVM guest user mode MMIO emulation DoS vulnerability]
TODO: check
NOTE: http://www.openwall.com/lists/oss-security/2012/07/26/4
@@ -210,6 +238,7 @@
CVE-2012-3955
RESERVED
CVE-2012-3954 (Multiple memory leaks in ISC DHCP 4.1.x and 4.2.x before
4.2.4-P1 and ...)
+ {DSA-2516-1}
- isc-dhcp <unfixed>
NOTE: https://kb.isc.org/article/AA-00737
CVE-2012-3953
@@ -753,80 +782,80 @@
RESERVED
CVE-2012-3698
RESERVED
-CVE-2012-3697
- RESERVED
-CVE-2012-3696
- RESERVED
-CVE-2012-3695
- RESERVED
-CVE-2012-3694
- RESERVED
-CVE-2012-3693
- RESERVED
+CVE-2012-3697 (WebKit in Apple Safari before 6.0 does not properly handle
file: URLs, ...)
+ TODO: check
+CVE-2012-3696 (CRLF injection vulnerability in WebKit in Apple Safari before
6.0 ...)
+ TODO: check
+CVE-2012-3695 (Cross-site scripting (XSS) vulnerability in WebKit in Apple
Safari ...)
+ TODO: check
+CVE-2012-3694 (WebKit in Apple Safari before 6.0 does not properly handle ...)
+ TODO: check
+CVE-2012-3693 (Incomplete blacklist vulnerability in WebKit in Apple Safari
before ...)
+ TODO: check
CVE-2012-3692
RESERVED
-CVE-2012-3691
- RESERVED
-CVE-2012-3690
- RESERVED
-CVE-2012-3689
- RESERVED
+CVE-2012-3691 (WebKit in Apple Safari before 6.0 does not properly handle
Cascading ...)
+ TODO: check
+CVE-2012-3690 (WebKit in Apple Safari before 6.0 does not properly handle ...)
+ TODO: check
+CVE-2012-3689 (WebKit in Apple Safari before 6.0 does not properly handle ...)
+ TODO: check
CVE-2012-3688
RESERVED
CVE-2012-3687
RESERVED
-CVE-2012-3686
- RESERVED
+CVE-2012-3686 (WebKit, as used in Apple Safari before 6.0, allows remote
attackers to ...)
+ TODO: check
CVE-2012-3685
RESERVED
CVE-2012-3684
RESERVED
-CVE-2012-3683
- RESERVED
-CVE-2012-3682
- RESERVED
-CVE-2012-3681
- RESERVED
-CVE-2012-3680
- RESERVED
-CVE-2012-3679
- RESERVED
-CVE-2012-3678
- RESERVED
+CVE-2012-3683 (WebKit, as used in Apple Safari before 6.0, allows remote
attackers to ...)
+ TODO: check
+CVE-2012-3682 (WebKit, as used in Apple Safari before 6.0, allows remote
attackers to ...)
+ TODO: check
+CVE-2012-3681 (WebKit, as used in Apple Safari before 6.0, allows remote
attackers to ...)
+ TODO: check
+CVE-2012-3680 (WebKit, as used in Apple Safari before 6.0, allows remote
attackers to ...)
+ TODO: check
+CVE-2012-3679 (WebKit, as used in Apple Safari before 6.0, allows remote
attackers to ...)
+ TODO: check
+CVE-2012-3678 (WebKit, as used in Apple Safari before 6.0, allows remote
attackers to ...)
+ TODO: check
CVE-2012-3677
RESERVED
CVE-2012-3676
RESERVED
CVE-2012-3675
RESERVED
-CVE-2012-3674
- RESERVED
+CVE-2012-3674 (WebKit, as used in Apple Safari before 6.0, allows remote
attackers to ...)
+ TODO: check
CVE-2012-3673
RESERVED
CVE-2012-3672
RESERVED
CVE-2012-3671
RESERVED
-CVE-2012-3670
- RESERVED
-CVE-2012-3669
- RESERVED
-CVE-2012-3668
- RESERVED
-CVE-2012-3667
- RESERVED
-CVE-2012-3666
- RESERVED
-CVE-2012-3665
- RESERVED
-CVE-2012-3664
- RESERVED
-CVE-2012-3663
- RESERVED
+CVE-2012-3670 (WebKit, as used in Apple Safari before 6.0, allows remote
attackers to ...)
+ TODO: check
+CVE-2012-3669 (WebKit, as used in Apple Safari before 6.0, allows remote
attackers to ...)
+ TODO: check
+CVE-2012-3668 (WebKit, as used in Apple Safari before 6.0, allows remote
attackers to ...)
+ TODO: check
+CVE-2012-3667 (WebKit, as used in Apple Safari before 6.0, allows remote
attackers to ...)
+ TODO: check
+CVE-2012-3666 (WebKit, as used in Apple Safari before 6.0, allows remote
attackers to ...)
+ TODO: check
+CVE-2012-3665 (WebKit, as used in Apple Safari before 6.0, allows remote
attackers to ...)
+ TODO: check
+CVE-2012-3664 (WebKit, as used in Apple Safari before 6.0, allows remote
attackers to ...)
+ TODO: check
+CVE-2012-3663 (WebKit, as used in Apple Safari before 6.0, allows remote
attackers to ...)
+ TODO: check
CVE-2012-3662
RESERVED
-CVE-2012-3661
- RESERVED
+CVE-2012-3661 (WebKit, as used in Apple Safari before 6.0, allows remote
attackers to ...)
+ TODO: check
CVE-2012-3660
RESERVED
CVE-2012-3659
@@ -835,70 +864,70 @@
RESERVED
CVE-2012-3657
RESERVED
-CVE-2012-3656
- RESERVED
-CVE-2012-3655
- RESERVED
+CVE-2012-3656 (WebKit, as used in Apple Safari before 6.0, allows remote
attackers to ...)
+ TODO: check
+CVE-2012-3655 (WebKit, as used in Apple Safari before 6.0, allows remote
attackers to ...)
+ TODO: check
CVE-2012-3654
RESERVED
-CVE-2012-3653
- RESERVED
+CVE-2012-3653 (WebKit, as used in Apple Safari before 6.0, allows remote
attackers to ...)
+ TODO: check
CVE-2012-3652
RESERVED
CVE-2012-3651
RESERVED
-CVE-2012-3650
- RESERVED
+CVE-2012-3650 (WebKit in Apple Safari before 6.0 accesses uninitialized memory
...)
+ TODO: check
CVE-2012-3649
RESERVED
CVE-2012-3648
RESERVED
CVE-2012-3647
RESERVED
-CVE-2012-3646
- RESERVED
-CVE-2012-3645
- RESERVED
-CVE-2012-3644
- RESERVED
+CVE-2012-3646 (WebKit, as used in Apple Safari before 6.0, allows remote
attackers to ...)
+ TODO: check
+CVE-2012-3645 (WebKit, as used in Apple Safari before 6.0, allows remote
attackers to ...)
+ TODO: check
+CVE-2012-3644 (WebKit, as used in Apple Safari before 6.0, allows remote
attackers to ...)
+ TODO: check
CVE-2012-3643
RESERVED
-CVE-2012-3642
- RESERVED
-CVE-2012-3641
- RESERVED
-CVE-2012-3640
- RESERVED
-CVE-2012-3639
- RESERVED
-CVE-2012-3638
- RESERVED
-CVE-2012-3637
- RESERVED
-CVE-2012-3636
- RESERVED
-CVE-2012-3635
- RESERVED
-CVE-2012-3634
- RESERVED
-CVE-2012-3633
- RESERVED
+CVE-2012-3642 (WebKit, as used in Apple Safari before 6.0, allows remote
attackers to ...)
+ TODO: check
+CVE-2012-3641 (WebKit, as used in Apple Safari before 6.0, allows remote
attackers to ...)
+ TODO: check
+CVE-2012-3640 (WebKit, as used in Apple Safari before 6.0, allows remote
attackers to ...)
+ TODO: check
+CVE-2012-3639 (WebKit, as used in Apple Safari before 6.0, allows remote
attackers to ...)
+ TODO: check
+CVE-2012-3638 (WebKit, as used in Apple Safari before 6.0, allows remote
attackers to ...)
+ TODO: check
+CVE-2012-3637 (WebKit, as used in Apple Safari before 6.0, allows remote
attackers to ...)
+ TODO: check
+CVE-2012-3636 (WebKit, as used in Apple Safari before 6.0, allows remote
attackers to ...)
+ TODO: check
+CVE-2012-3635 (WebKit, as used in Apple Safari before 6.0, allows remote
attackers to ...)
+ TODO: check
+CVE-2012-3634 (WebKit, as used in Apple Safari before 6.0, allows remote
attackers to ...)
+ TODO: check
+CVE-2012-3633 (WebKit, as used in Apple Safari before 6.0, allows remote
attackers to ...)
+ TODO: check
CVE-2012-3632
RESERVED
-CVE-2012-3631
- RESERVED
-CVE-2012-3630
- RESERVED
-CVE-2012-3629
- RESERVED
-CVE-2012-3628
- RESERVED
-CVE-2012-3627
- RESERVED
-CVE-2012-3626
- RESERVED
-CVE-2012-3625
- RESERVED
+CVE-2012-3631 (WebKit, as used in Apple Safari before 6.0, allows remote
attackers to ...)
+ TODO: check
+CVE-2012-3630 (WebKit, as used in Apple Safari before 6.0, allows remote
attackers to ...)
+ TODO: check
+CVE-2012-3629 (WebKit, as used in Apple Safari before 6.0, allows remote
attackers to ...)
+ TODO: check
+CVE-2012-3628 (WebKit, as used in Apple Safari before 6.0, allows remote
attackers to ...)
+ TODO: check
+CVE-2012-3627 (WebKit, as used in Apple Safari before 6.0, allows remote
attackers to ...)
+ TODO: check
+CVE-2012-3626 (WebKit, as used in Apple Safari before 6.0, allows remote
attackers to ...)
+ TODO: check
+CVE-2012-3625 (WebKit, as used in Apple Safari before 6.0, allows remote
attackers to ...)
+ TODO: check
CVE-2012-3624
RESERVED
CVE-2012-3623
@@ -907,70 +936,70 @@
RESERVED
CVE-2012-3621
RESERVED
-CVE-2012-3620
- RESERVED
+CVE-2012-3620 (WebKit, as used in Apple Safari before 6.0, allows remote
attackers to ...)
+ TODO: check
CVE-2012-3619
RESERVED
-CVE-2012-3618
- RESERVED
+CVE-2012-3618 (WebKit, as used in Apple Safari before 6.0, allows remote
attackers to ...)
+ TODO: check
CVE-2012-3617
RESERVED
CVE-2012-3616
RESERVED
-CVE-2012-3615
- RESERVED
+CVE-2012-3615 (WebKit, as used in Apple Safari before 6.0, allows remote
attackers to ...)
+ TODO: check
CVE-2012-3614
RESERVED
CVE-2012-3613
RESERVED
CVE-2012-3612
RESERVED
-CVE-2012-3611
- RESERVED
-CVE-2012-3610
- RESERVED
-CVE-2012-3609
- RESERVED
-CVE-2012-3608
- RESERVED
+CVE-2012-3611 (WebKit, as used in Apple Safari before 6.0, allows remote
attackers to ...)
+ TODO: check
+CVE-2012-3610 (WebKit, as used in Apple Safari before 6.0, allows remote
attackers to ...)
+ TODO: check
+CVE-2012-3609 (WebKit, as used in Apple Safari before 6.0, allows remote
attackers to ...)
+ TODO: check
+CVE-2012-3608 (WebKit, as used in Apple Safari before 6.0, allows remote
attackers to ...)
+ TODO: check
CVE-2012-3607
RESERVED
CVE-2012-3606
RESERVED
-CVE-2012-3605
- RESERVED
-CVE-2012-3604
- RESERVED
-CVE-2012-3603
- RESERVED
+CVE-2012-3605 (WebKit, as used in Apple Safari before 6.0, allows remote
attackers to ...)
+ TODO: check
+CVE-2012-3604 (WebKit, as used in Apple Safari before 6.0, allows remote
attackers to ...)
+ TODO: check
+CVE-2012-3603 (WebKit, as used in Apple Safari before 6.0, allows remote
attackers to ...)
+ TODO: check
CVE-2012-3602
RESERVED
CVE-2012-3601
RESERVED
-CVE-2012-3600
- RESERVED
-CVE-2012-3599
- RESERVED
+CVE-2012-3600 (WebKit, as used in Apple Safari before 6.0, allows remote
attackers to ...)
+ TODO: check
+CVE-2012-3599 (WebKit, as used in Apple Safari before 6.0, allows remote
attackers to ...)
+ TODO: check
CVE-2012-3598
RESERVED
-CVE-2012-3597
- RESERVED
-CVE-2012-3596
- RESERVED
-CVE-2012-3595
- RESERVED
-CVE-2012-3594
- RESERVED
-CVE-2012-3593
- RESERVED
-CVE-2012-3592
- RESERVED
-CVE-2012-3591
- RESERVED
-CVE-2012-3590
- RESERVED
-CVE-2012-3589
- RESERVED
+CVE-2012-3597 (WebKit, as used in Apple Safari before 6.0, allows remote
attackers to ...)
+ TODO: check
+CVE-2012-3596 (WebKit, as used in Apple Safari before 6.0, allows remote
attackers to ...)
+ TODO: check
+CVE-2012-3595 (WebKit, as used in Apple Safari before 6.0, allows remote
attackers to ...)
+ TODO: check
+CVE-2012-3594 (WebKit, as used in Apple Safari before 6.0, allows remote
attackers to ...)
+ TODO: check
+CVE-2012-3593 (WebKit, as used in Apple Safari before 6.0, allows remote
attackers to ...)
+ TODO: check
+CVE-2012-3592 (WebKit, as used in Apple Safari before 6.0, allows remote
attackers to ...)
+ TODO: check
+CVE-2012-3591 (WebKit, as used in Apple Safari before 6.0, allows remote
attackers to ...)
+ TODO: check
+CVE-2012-3590 (WebKit, as used in Apple Safari before 6.0, allows remote
attackers to ...)
+ TODO: check
+CVE-2012-3589 (WebKit, as used in Apple Safari before 6.0, allows remote
attackers to ...)
+ TODO: check
CVE-2012-3588 (Directory traversal vulnerability in preview.php in the Plugin
...)
NOT-FOR-US: Wordpress plugin
CVE-2012-3587 (APT 0.7.x before 0.7.25 and 0.8.x before 0.8.16, when using the
...)
@@ -1009,6 +1038,7 @@
CVE-2011-5094 (** DISPUTED ** Mozilla Network Security Services (NSS) 3.x,
with ...)
NOTE: Disputed NSS issue
CVE-2012-3571 (ISC DHCP 4.1.2 through 4.2.4 and 4.1-ESV before 4.1-ESV-R6
allows ...)
+ {DSA-2516-1}
- isc-dhcp <unfixed>
NOTE: https://kb.isc.org/article/AA-00712
CVE-2012-3570 (Buffer overflow in ISC DHCP 4.2.x before 4.2.4-P1, when DHCPv6
mode is ...)
@@ -2259,8 +2289,8 @@
RESERVED
CVE-2012-3016
RESERVED
-CVE-2012-3015
- RESERVED
+CVE-2012-3015 (Untrusted search path vulnerability in Siemens SIMATIC STEP7
before ...)
+ TODO: check
CVE-2012-3014
RESERVED
CVE-2012-3013
@@ -2279,8 +2309,8 @@
NOT-FOR-US: Not in Debian
CVE-2012-3006 (The Innominate mGuard Smart HW before HW-101130 and BD before
...)
NOT-FOR-US: Innominate mGuard Smart
-CVE-2012-3005
- RESERVED
+CVE-2012-3005 (Untrusted search path vulnerability in Invensys Wonderware
InTouch ...)
+ TODO: check
CVE-2012-3004
RESERVED
CVE-2012-3003 (Open redirect vulnerability in an unspecified web application
in ...)
@@ -2813,8 +2843,7 @@
- serendipity <not-affected> (vulnerable code not present in 1.5.1, see
bug #678139)
CVE-2012-2761
RESERVED
-CVE-2012-2760
- RESERVED
+CVE-2012-2760 (mod_auth_openid before 0.7 for Apache uses world-readable
permissions ...)
- libapache2-mod-auth-openid 0.7-0.1 (bug #674165)
CVE-2012-2759 (Cross-site scripting (XSS) vulnerability in login-with-ajax.php
in the ...)
NOT-FOR-US: Wordpress plugin
@@ -3021,21 +3050,16 @@
NOT-FOR-US: Red Hat Network configuration client
CVE-2012-2678 (389 Directory Server before 1.2.11.6 (aka Red Hat Directory
Server ...)
- 389-ds <not-affected> (Fixed before initial upload)
-CVE-2012-2677
- RESERVED
+CVE-2012-2677 (Integer overflow in the ordered_malloc function in
boost/pool/pool.hpp ...)
- boost1.42 <removed>
- boost1.49 1.49.0-3.1 (bug #677197)
-CVE-2012-2676
- RESERVED
+CVE-2012-2676 (Multiple integer overflows in the (1) malloc and (2) calloc
functions ...)
NOT-FOR-US: Hoard memory allocator
-CVE-2012-2675
- RESERVED
+CVE-2012-2675 (Multiple integer overflows in the (1) CallMalloc (malloc) and
(2) ...)
NOT-FOR-US: nedmalloc
-CVE-2012-2674
- RESERVED
+CVE-2012-2674 (Multiple integer overflows in the (1) chk_malloc, (2)
leak_malloc, and ...)
NOT-FOR-US: Android libc
-CVE-2012-2673
- RESERVED
+CVE-2012-2673 (Multiple integer overflows in the (1) GC_generic_malloc and (2)
calloc ...)
- libgc 1:7.1-9 (bug #677195)
CVE-2012-2672 (Oracle Mojarra 2.1.7 does not properly "clean up" the
FacesContext ...)
- mojarra <not-affected> (Only affected in combination with EAP6/AS7
application servers, bug #677194)
@@ -3537,8 +3561,8 @@
RESERVED
CVE-2012-2443
RESERVED
-CVE-2012-2442
- RESERVED
+CVE-2012-2442 (Buffer overflow in the Video Manager in Nokia PC Suite
7.1.180.64 and ...)
+ TODO: check
CVE-2012-2441 (RuggedCom Rugged Operating System (ROS) before 3.3 has a
factory ...)
NOT-FOR-US: RuggedCom Rugged Operating System
CVE-2012-2440 (The default configuration of the TP-Link 8840T router enables
...)
@@ -4037,31 +4061,24 @@
NOTE: This CVE ID is for the initial incomplete fix for CVE-2012-1823
NOTE: http://www.kb.cert.org/vuls/id/520827
NOTE: http://osvdb.org/show/osvdb/81633
-CVE-2012-2310 [Drupal SA-CONTRIB-2012-072 - cctags - XSS ]
- RESERVED
+CVE-2012-2310 (Cross-site scripting (XSS) vulnerability in the cctags module
for ...)
NOT-FOR-US: Drupal addon not packaged
-CVE-2012-2309 [Drupal SA-CONTRIB-2012-071 - Glossify - XSS ]
- RESERVED
+CVE-2012-2309 (Cross-site scripting (XSS) vulnerability in the Glossify
Internal ...)
NOT-FOR-US: Drupal addon not packaged
-CVE-2012-2308 [Drupal SA-CONTRIB-2012-070 - Taxonomy Grid : Catalog - XSS]
- RESERVED
+CVE-2012-2308 (Cross-site scripting (XSS) vulnerability in the Taxonomy Grid :
...)
NOT-FOR-US: Drupal addon not packaged
-CVE-2012-2307 [Drupal SA-CONTRIB-2012-069 - Addressbook - CSRF ]
- RESERVED
+CVE-2012-2307 (Cross-site request forgery (CSRF) vulnerability in the
Addressbook ...)
NOT-FOR-US: Drupal addon not packaged
-CVE-2012-2306 [Drupal SA-CONTRIB-2012-069 - Addressbook - SQL Injection]
- RESERVED
+CVE-2012-2306 (SQL injection vulnerability in the Addressbook module for
Drupal ...)
NOT-FOR-US: Drupal addon not packaged
-CVE-2012-2305 [Drupal SA-CONTRIB-2012-068 - Node Gallery - CSRF]
- RESERVED
+CVE-2012-2305 (Cross-site request forgery (CSRF) vulnerability in the Node
Gallery ...)
NOT-FOR-US: Drupal addon not packaged
CVE-2012-2304 [Drupal SA-CONTRIB-2012-067 - Linkit - Access bypass]
RESERVED
NOT-FOR-US: Drupal addon not packaged
CVE-2012-2303 (The Spaces module 6.x-3.x before 6.x-3.4 for Drupal does not
enforce ...)
NOT-FOR-US: Drupal addon not packaged
-CVE-2012-2302 [Drupal SA-CONTRIB-2012-065 - Sitedoc - Information disclosure]
- RESERVED
+CVE-2012-2302 (Site Documentation (Sitedoc) module for Drupal 6.x-1.x before
6.x-1.4 ...)
NOT-FOR-US: Drupal addon not packaged
CVE-2012-2301 [Drupal SA-CONTRIB-2012-064 - Ubercart - Arbitrary PHP Execution]
RESERVED
@@ -4078,8 +4095,7 @@
CVE-2012-2297 [Drupal SA-CONTRIB-2012-062 - Creative Commons - XSS]
RESERVED
NOT-FOR-US: Drupal addon not packaged
-CVE-2012-2296 [Drupal SA-CONTRIB-2012-056 - Janrain Engage - Sensitive Data
...]
- RESERVED
+CVE-2012-2296 (The Janrain Engage (formerly RPX) module for Drupal 6.x-1.x.
6.x-2.x ...)
NOT-FOR-US: Drupal addon not packaged
CVE-2012-2295
RESERVED
@@ -4389,8 +4405,7 @@
NOT-FOR-US: Drupal addon not packaged
CVE-2012-2153
RESERVED
-CVE-2012-2152 [dhcpcd 3.2.3 remote stack overflow / denial of service]
- RESERVED
+CVE-2012-2152 (Stack-based buffer overflow in the get_packet method in
socket.c in ...)
{DSA-2498-1}
- dhcpcd 1:3.2.3-11 (bug #671265)
NOTE: http://www.openwall.com/lists/oss-security/2012/05/02/4
@@ -6000,8 +6015,8 @@
NOT-FOR-US: Microsoft Internet Explorer
CVE-2012-1521 (Use-after-free vulnerability in the XML parser in Google Chrome
before ...)
- chromium-browser 18.0.1025.168~r134367-1
-CVE-2012-1520
- RESERVED
+CVE-2012-1520 (WebKit, as used in Apple Safari before 6.0, allows remote
attackers to ...)
+ TODO: check
CVE-2012-1519
RESERVED
CVE-2012-1518 (VMware Workstation 8.x before 8.0.2, VMware Player 4.x before
4.0.2, ...)
@@ -8066,18 +8081,18 @@
NOT-FOR-US: XnView
CVE-2012-0684 (Integer overflow in XnViewer (aka XnView) before 1.98.5 allows
remote ...)
NOT-FOR-US: XnView
-CVE-2012-0683
- RESERVED
-CVE-2012-0682
- RESERVED
+CVE-2012-0683 (WebKit, as used in Apple Safari before 6.0, allows remote
attackers to ...)
+ TODO: check
+CVE-2012-0682 (WebKit, as used in Apple Safari before 6.0, allows remote
attackers to ...)
+ TODO: check
CVE-2012-0681
RESERVED
-CVE-2012-0680
- RESERVED
-CVE-2012-0679
- RESERVED
-CVE-2012-0678
- RESERVED
+CVE-2012-0680 (Apple Safari before 6.0 does not properly handle the
autocomplete ...)
+ TODO: check
+CVE-2012-0679 (Apple Safari before 6.0 allows remote attackers to read
arbitrary ...)
+ TODO: check
+CVE-2012-0678 (Cross-site scripting (XSS) vulnerability in Apple Safari before
6.0 ...)
+ TODO: check
CVE-2012-0677 (Heap-based buffer overflow in Apple iTunes before 10.6.3 allows
remote ...)
NOT-FOR-US: Apple iTunes
CVE-2012-0676 (WebKit in Apple Safari before 5.1.7 does not properly track
state ...)
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
