Author: joeyh
Date: 2012-08-17 21:14:23 +0000 (Fri, 17 Aug 2012)
New Revision: 19966
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-08-17 20:48:01 UTC (rev 19965)
+++ data/CVE/list 2012-08-17 21:14:23 UTC (rev 19966)
@@ -1,3 +1,15 @@
+CVE-2012-4351
+ RESERVED
+CVE-2012-4350
+ RESERVED
+CVE-2012-4349
+ RESERVED
+CVE-2012-4348
+ RESERVED
+CVE-2012-4347
+ RESERVED
+CVE-2012-4346
+ RESERVED
CVE-2012-4345 [phpMyAdmin PMASA-2012-4 xss]
RESERVED
- phpmyadmin 4:3.4.11.1-1
@@ -29,6 +41,7 @@
CVE-2012-4332 (The ShareYourCart plugin 1.7.1 for WordPress allows remote
attackers ...)
NOT-FOR-US: Wordpress plugin
CVE-2012-4331 (Multiple unspecified vulnerabilities in SPIP before 1.9.2.o,
2.0.x ...)
+ {DSA-2461-1}
- spip 2.1.13-1
CVE-2012-4330 (The Samsung D6000 TV and possibly other products allows remote
...)
NOT-FOR-US: Samsung D6000 TV
@@ -2151,8 +2164,7 @@
- mono 2.10.8.1-5 (bug #681095)
NOTE: https://bugzilla.novell.com/show_bug.cgi?id=769799
NOTE:
https://github.com/mono/mono/commit/d16d4623edb210635bec3ca3786481b82cde25a2
-CVE-2012-3381 [sblim-sfcb: insecure LD_LIBRARY_PATH usage]
- RESERVED
+CVE-2012-3381 (sfcb in sblim-sfcb places a zero-length directory name in the
...)
NOT-FOR-US: sblim-sfcb
NOTE: https://bugzilla.novell.com/show_bug.cgi?id=770234
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=838160
@@ -2356,8 +2368,8 @@
RESERVED
CVE-2012-3309
RESERVED
-CVE-2012-3308
- RESERVED
+CVE-2012-3308 (Cross-site scripting (XSS) vulnerability in IBM Sametime 8.0.2
through ...)
+ TODO: check
CVE-2012-3307
RESERVED
CVE-2012-3306
@@ -2384,8 +2396,8 @@
RESERVED
CVE-2012-3295
RESERVED
-CVE-2012-3294
- RESERVED
+CVE-2012-3294 (Multiple cross-site request forgery (CSRF) vulnerabilities in
the Web ...)
+ TODO: check
CVE-2012-3293
RESERVED
CVE-2012-3292 (The GridFTP in Globus Toolkit (GT) before 5.2.2, when certain
autoconf ...)
@@ -3556,11 +3568,9 @@
- libapache-mod-security <removed> (bug #678529)
NOTE: http://www.openwall.com/lists/oss-security/2012/06/22/1
NOTE: http://www.openwall.com/lists/oss-security/2012/06/22/2
-CVE-2012-2750
- RESERVED
+CVE-2012-2750 (Unspecified vulnerability in MySQL 5.5.x before 5.5.23 has
unknown ...)
- mysql-5.5 5.5.24+dfsg-1
-CVE-2012-2749
- RESERVED
+CVE-2012-2749 (MySQL 5.1.x before 5.1.63 and 5.5.x before 5.5.24 allows remote
...)
{DSA-2496-1}
- mysql-5.1 <removed>
- mysql-5.5 5.5.24+dfsg-1
@@ -4503,7 +4513,7 @@
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7125 is
CVE-2012-3825 and CVE-2012-3826
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=824411
CVE-2012-2391
- RESERVED
+ REJECTED
- haproxy 1.4.15-1 (bug #674447)
CVE-2012-2390 (Memory leak in mm/hugetlb.c in the Linux kernel before 3.4.2
allows ...)
- linux-2.6 3.2.19-1 (low)
@@ -4974,8 +4984,8 @@
TODO: check
CVE-2012-2207
RESERVED
-CVE-2012-2206
- RESERVED
+CVE-2012-2206 (The Web Gateway component in IBM WebSphere MQ File Transfer
Edition ...)
+ TODO: check
CVE-2012-2205
RESERVED
CVE-2012-2204
@@ -5258,8 +5268,7 @@
- munin 2.0~rc6-1 (bug #668778)
[squeeze] - munin <not-affected> (Vulnerable code not present)
[lenny] - munin <not-affected> (Vulnerable code not present)
-CVE-2012-2102 [mysql DoS by authenticated user]
- RESERVED
+CVE-2012-2102 (MySQL 5.1.x before 5.1.62 and 5.5.x before 5.5.22 allows remote
...)
{DSA-2496-1}
- mysql-5.1 5.1.62-1 (low; bug #670636)
- mysql-5.5 5.5.24+dfsg-1 (low)
@@ -5751,8 +5760,8 @@
- bitcoin <not-affected> (windows-only, qt gui not built)
CVE-2012-1909 (The Bitcoin protocol, as used in bitcoind before 0.4.4,
wxBitcoin, ...)
- bitcoin 0.6.0-1
-CVE-2012-1908
- RESERVED
+CVE-2012-1908 (Cross-site scripting (XSS) vulnerability in Splunk 4.0 through
4.3 ...)
+ TODO: check
CVE-2012-1907 (The scanner engine in PrivaWall Antivirus 5.6 and earlier does
not ...)
NOT-FOR-US: PrivaWall Antivirus
CVE-2012-1906 (Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet
...)
@@ -6493,8 +6502,8 @@
RESERVED
CVE-2012-1598
RESERVED
-CVE-2012-1597
- RESERVED
+CVE-2012-1597 (Cross-site scripting (XSS) vulnerability in the textEncode
function in ...)
+ TODO: check
CVE-2012-1596 (The mp2t_process_fragmented_payload function in ...)
- wireshark 1.6.6-1 (unimportant; bug #666058)
NOTE: Not suitable for code injection
@@ -6524,8 +6533,7 @@
CVE-2012-1587
RESERVED
NOTE: To be rejected
-CVE-2012-1585
- RESERVED
+CVE-2012-1585 (OpenStack Compute (Nova) Essex before 2011.3 allows remote ...)
- nova 2012-1~rc3-1 (bug #666888)
CVE-2012-1584
RESERVED
@@ -25904,8 +25912,8 @@
- namazu2 2.0.20-1.0 (low)
CVE-2009-5027
RESERVED
-CVE-2009-5026
- RESERVED
+CVE-2009-5026 (The executable comment feature in MySQL 5.0.x before 5.0.93 and
5.1.x ...)
+ TODO: check
CVE-2009-5025 [PyForum XSS+CSRF]
RESERVED
NOT-FOR-US: PyForum
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
