Author: joeyh
Date: 2012-10-03 21:14:18 +0000 (Wed, 03 Oct 2012)
New Revision: 20283
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-10-03 19:48:01 UTC (rev 20282)
+++ data/CVE/list 2012-10-03 21:14:18 UTC (rev 20283)
@@ -1,3 +1,15 @@
+CVE-2012-5240
+ RESERVED
+CVE-2012-5239
+ RESERVED
+CVE-2012-5238
+ RESERVED
+CVE-2012-5237
+ RESERVED
+CVE-2012-5236
+ RESERVED
+CVE-2012-5235
+ RESERVED
CVE-2012-5234 (Open redirect vulnerability in index.php in ocPortal before
7.1.6 ...)
TODO: check
CVE-2012-5233 (Cross-site scripting (XSS) vulnerability in the stickynote
module ...)
@@ -4165,8 +4177,7 @@
NOT-FOR-US: Opera
CVE-2012-3554 (SQL injection vulnerability in the RSGallery2 (com_rsgallery2)
...)
NOT-FOR-US: Joomla addon
-CVE-2012-3552
- RESERVED
+CVE-2012-3552 (The IP implementation in the Linux kernel before 3.0 might
allow ...)
- linux 3.0-1
- linux-2.6 <removed>
CVE-2012-3551 (Cross-site scripting (XSS) vulnerability in ...)
@@ -4256,8 +4267,7 @@
RESERVED
- geshi 1.0.8.4-2 (bug #685324)
[squeeze] - geshi 1.0.8.4-1+squeeze1
-CVE-2012-3520
- RESERVED
+CVE-2012-3520 (The Netlink implementation in the Linux kernel before 3.2.30
does not ...)
- linux 3.2.29-1
- linux-2.6 <not-affected> (Introduced in 3.1)
CVE-2012-3519 (routerlist.c in Tor before 0.2.2.38 uses a different amount of
time ...)
@@ -4290,12 +4300,10 @@
RESERVED
- munin 2.0.6-1 (bug #684075)
NOTE: http://www.munin-monitoring.org/ticket/1234
-CVE-2012-3511
- RESERVED
+CVE-2012-3511 (Multiple race conditions in the madvise_remove function in ...)
- linux 3.2.23-1
- linux-2.6 <removed>
-CVE-2012-3510
- RESERVED
+CVE-2012-3510 (Use-after-free vulnerability in the xacct_add_tsk function in
...)
- linux 2.6.20-1
- linux-2.6 2.6.20-1
CVE-2012-3509 (Multiple integer overflows in the (1) _objalloc_alloc function
in ...)
@@ -4537,8 +4545,7 @@
CVE-2012-3431
RESERVED
NOT-FOR-US: Teeid
-CVE-2012-3430 [kernel: recv{from,msg}() on an rds socket can leak kernel
memory]
- RESERVED
+CVE-2012-3430 (The rds_recvmsg function in net/rds/recv.c in the Linux kernel
before ...)
- linux 3.2.29-1
- linux-2.6 <removed>
[squeeze] - linux-2.6 2.6.32-36
@@ -4590,8 +4597,7 @@
NOTE: CVE-request
http://www.openwall.com/lists/oss-security/2012/07/13/3
NOTE:
https://projects.kde.org/projects/kde/kdepim/repository/revisions/dbb2f72f4745e00f53031965a9c10b2d6862bd54
NOTE: https://bugs.launchpad.net/ubuntu/+source/kdepim/+bug/1022690
-CVE-2012-3412
- RESERVED
+CVE-2012-3412 (The sfc (aka Solarflare Solarstorm) driver in the Linux kernel
before ...)
- linux 3.2.29-1
- linux-2.6 <removed>
[squeeze] - linux-2.6 2.6.32-36
@@ -4652,8 +4658,7 @@
- tiff 4.0.2-2 (bug #682115)
- tiff3 3.9.6-7 (bug #682195)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=837577
-CVE-2012-3400
- RESERVED
+CVE-2012-3400 (Heap-based buffer overflow in the udf_load_logicalvol function
in ...)
- linux 3.2.23-1
- linux-2.6 <removed>
[squeeze] - linux-2.6 2.6.32-36
@@ -4744,8 +4749,7 @@
CVE-2012-3376 (DataNodes in Apache Hadoop 2.0.0 alpha does not check the
BlockTokens ...)
- hadoop <itp> (bug #535861)
NOTE: http://seclists.org/bugtraq/2012/Jul/48
-CVE-2012-3375
- RESERVED
+CVE-2012-3375 (The epoll_ctl system call in fs/eventpoll.c in the Linux kernel
before ...)
- linux 3.2.23-1
- linux-2.6 <removed>
CVE-2012-3374 (Buffer overflow in markup.c in the MXit protocol plugin in
libpurple ...)
@@ -4909,8 +4913,8 @@
RESERVED
CVE-2012-3315
RESERVED
-CVE-2012-3314
- RESERVED
+CVE-2012-3314 (IBM Tivoli Federated Identity Manager (TFIM) and Tivoli
Federated ...)
+ TODO: check
CVE-2012-3313 (Cross-site scripting (XSS) vulnerability in IBM Maximo Asset
...)
NOT-FOR-US: IBM Maximo Asset Management
CVE-2012-3312 (The datasource definition editor in IBM InfoSphere Guardium 8.2
and ...)
@@ -5007,8 +5011,8 @@
RESERVED
CVE-2012-3267
RESERVED
-CVE-2012-3266
- RESERVED
+CVE-2012-3266 (Unspecified vulnerability in IBRIX 6.1.196 through 6.1.251 on
HP IBRIX ...)
+ TODO: check
CVE-2012-3265
RESERVED
CVE-2012-3264 (Unspecified vulnerability in a SOAP feature in HP SiteScope
11.10 ...)
@@ -11234,10 +11238,10 @@
NOTE: http://seclists.org/bugtraq/2012/Jun/165
CVE-2012-0693 (** DISPUTED ** submitticket.php in WHMCompleteSolution (WHMCS)
5.03 ...)
NOT-FOR-US: WHMCompleteSolution
-CVE-2012-0692
- RESERVED
-CVE-2012-0691
- RESERVED
+CVE-2012-0692 (CA License (aka CA Licensing) before 1.90.03 allows local users
to ...)
+ TODO: check
+CVE-2012-0691 (CA License (aka CA Licensing) before 1.90.03 does not properly
...)
+ TODO: check
CVE-2012-0690 (TIBCO Spotfire Web Application, Web Player Application,
Automation ...)
NOT-FOR-US: TIBCO Spotfire
CVE-2012-0689 (The server in TIBCO ActiveMatrix Platform in TIBCO Silver
Fabric ...)
@@ -18466,8 +18470,7 @@
- openssl 1.0.0e-1
[lenny] - openssl 0.9.8g-15+lenny13
[squeeze] - openssl 0.9.8o-4squeeze3
-CVE-2011-3209
- RESERVED
+CVE-2011-3209 (The div_long_long_rem implementation in include/asm-x86/div64.h
in the ...)
- linux-2.6 2.6.26-1
CVE-2011-3208 (Stack-based buffer overflow in the split_wildmats function in
nntpd.c ...)
{DSA-2318-1}
@@ -22429,8 +22432,7 @@
RESERVED
{DSA-2382-1}
- ecryptfs-utils 92-1
-CVE-2011-1833
- RESERVED
+CVE-2011-1833 (Race condition in the ecryptfs_mount function in
fs/ecryptfs/main.c in ...)
{DSA-2443-1}
- ecryptfs-utils 92-1
[squeeze] - ecryptfs-utils <no-dsa> (Minor issue)
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
