[Secure-testing-commits] r19813 - data/CVE

Joey Hess Fri, 27 Jul 2012 14:14:34 -0700

Author: joeyh
Date: 2012-07-27 21:14:22 +0000 (Fri, 27 Jul 2012)
New Revision: 19813


Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2012-07-27 09:14:20 UTC (rev 19812)
+++ data/CVE/list       2012-07-27 21:14:22 UTC (rev 19813)
@@ -1,3 +1,17 @@
+CVE-2012-4068 (Heap-based buffer overflow in the SoapServer service in Citrix 
...)
+       TODO: check
+CVE-2012-4067
+       RESERVED
+CVE-2012-4066
+       RESERVED
+CVE-2012-4065
+       RESERVED
+CVE-2012-4064
+       RESERVED
+CVE-2012-4063
+       RESERVED
+CVE-2012-4062
+       RESERVED
 CVE-2012-4061 (Multiple SQL injection vulnerabilities in ASP-DEv XM Diary 
allow ...)
        TODO: check
 CVE-2012-4060 (Multiple SQL injection vulnerabilities in ASP-DEv XM Forums RC3 
allow ...)
@@ -34,8 +48,8 @@
        TODO: check
 CVE-2012-4044
        RESERVED
-CVE-2012-4043
-       RESERVED
+CVE-2012-4043 (Cross-site scripting (XSS) vulnerability in 
global-protect/login.esp ...)
+       TODO: check
 CVE-2012-4042
        RESERVED
 CVE-2012-4041
@@ -368,16 +382,16 @@
        NOT-FOR-US: Winamp
 CVE-2012-3889 (The in_mod plugin in Winamp before 5.63 allows remote attackers 
to ...)
        NOT-FOR-US: Winamp
-CVE-2012-3888
-       RESERVED
-CVE-2012-3887
-       RESERVED
-CVE-2012-3886
-       RESERVED
-CVE-2012-3885
-       RESERVED
-CVE-2012-3884
-       RESERVED
+CVE-2012-3888 (The login implementation in AirDroid 1.0.4 beta allows remote 
...)
+       TODO: check
+CVE-2012-3887 (AirDroid before 1.0.7 beta uses a cleartext base64 format for 
data ...)
+       TODO: check
+CVE-2012-3886 (AirDroid 1.0.4 beta uses the MD5 algorithm for values in the 
...)
+       TODO: check
+CVE-2012-3885 (The default configuration of AirDroid 1.0.4 beta uses a 
four-character ...)
+       TODO: check
+CVE-2012-3884 (AirDroid 1.0.4 beta implements authentication through direct 
...)
+       TODO: check
 CVE-2012-3883
        RESERVED
 CVE-2012-3882
@@ -777,8 +791,8 @@
        RESERVED
 CVE-2012-3699
        RESERVED
-CVE-2012-3698
-       RESERVED
+CVE-2012-3698 (Apple Xcode before 4.4 does not properly compose a designated 
...)
+       TODO: check
 CVE-2012-3697 (WebKit in Apple Safari before 6.0 does not properly handle 
file: URLs, ...)
        TODO: check
 CVE-2012-3696 (CRLF injection vulnerability in WebKit in Apple Safari before 
6.0 ...)
@@ -2365,9 +2379,9 @@
        RESERVED
 CVE-2012-2979
        RESERVED
-CVE-2012-2978
-       RESERVED
+CVE-2012-2978 (query.c in NSD 3.0.x through 3.0.8, 3.1.x through 3.1.1, and 
3.2.x ...)
        {DSA-2515-1}
+       TODO: check
 CVE-2012-2977 (The management console in Symantec Web Gateway 5.0.x before 
5.0.3.18 ...)
        NOT-FOR-US: Symantec Web Gateway
 CVE-2012-2976 (The management console in Symantec Web Gateway 5.0.x before 
5.0.3.18 ...)
@@ -4305,8 +4319,8 @@
        RESERVED
 CVE-2012-2203
        RESERVED
-CVE-2012-2202
-       RESERVED
+CVE-2012-2202 (Directory traversal vulnerability in javatester_init.php in IBM 
Lotus ...)
+       TODO: check
 CVE-2012-2201
        RESERVED
 CVE-2012-2200 (The default configuration of sendmail in IBM AIX 6.1 and 7.1, 
and VIOS ...)
@@ -9416,8 +9430,8 @@
 CVE-2011-4964
        REJECTED
        NOTE: Rejected CVE-identifier. Please use CVE-2012-2667
-CVE-2011-4963
-       RESERVED
+CVE-2011-4963 (nginx/Windows 1.3.x before 1.3.1 and 1.2.x before 1.2.1 allows 
remote ...)
+       TODO: check
 CVE-2011-4962 [silverstripe: Potential remote code execution]
        RESERVED
        - silverstripe <itp> (bug #528461)
@@ -15433,8 +15447,8 @@
        NOT-FOR-US: Novell ZENworks Configuration Management
 CVE-2011-3175 (Stack-based buffer overflow in the Preboot Service in Novell 
ZENworks ...)
        NOT-FOR-US: Novell ZENworks Configuration Management
-CVE-2011-3174
-       RESERVED
+CVE-2011-3174 (Buffer overflow in the DoFindReplace function in the 
ISGrid.Grid2.1 ...)
+       TODO: check
 CVE-2011-3173 (Stack-based buffer overflow in the GetDriverSettings function 
in ...)
        NOT-FOR-US: Novell Open Enterprise Server
 CVE-2011-3172
@@ -17133,10 +17147,10 @@
        NOTE: This only affects the SUSE packaging.
 CVE-2011-2659
        RESERVED
-CVE-2011-2658
-       RESERVED
-CVE-2011-2657
-       RESERVED
+CVE-2011-2658 (The ISList.ISAvi ActiveX control in AdminStudio in Novell 
ZENworks ...)
+       TODO: check
+CVE-2011-2657 (Directory traversal vulnerability in the LaunchProcess function 
in the ...)
+       TODO: check
 CVE-2011-2656 (Unspecified vulnerability in ZfHSrvr.exe in Novell ZENworks 
Handheld ...)
        NOT-FOR-US: Novell ZENworks
 CVE-2011-2655 (Unspecified vulnerability in ZfHSrvr.exe in Novell ZENworks 
Handheld ...)
@@ -17534,13 +17548,11 @@
        RESERVED
        - x11-apps 7.7~1 (low)
        [squeeze] - x11-apps <no-dsa> (Minor issue)
-CVE-2011-2503
-       RESERVED
+CVE-2011-2503 (The insert_module function in runtime/staprun/staprun_funcs.c 
in the ...)
        {DSA-2348-1}
        - systemtap 1.6-1 (bug #635542)
        [lenny] - systemtap <not-affected> (Signed modules not yet supported)
-CVE-2011-2502
-       RESERVED
+CVE-2011-2502 (runtime/staprun/staprun_funcs.c in the systemtap runtime tool 
...)
        - systemtap 1.6-1 (bug #635542)
        [lenny] - systemtap <not-affected> (Affected option introduced in 1.4)
        [squeeze] - systemtap <not-affected> (Affected option introduced in 1.4)


_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r19813 - data/CVE

Reply via email to