[Secure-testing-commits] r20621 - data/CVE

Thu, 06 Dec 2012 13:14:31 -0800 

Author: joeyh
Date: 2012-12-06 21:14:20 +0000 (Thu, 06 Dec 2012)
New Revision: 20621

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2012-12-06 15:01:00 UTC (rev 20620)
+++ data/CVE/list       2012-12-06 21:14:20 UTC (rev 20621)
@@ -1,3 +1,7 @@
+CVE-2012-6069
+       RESERVED
+CVE-2012-6068
+       RESERVED
 CVE-2012-6067 (freeFTPd.exe in freeFTPd through 1.0.11 allows remote attackers 
to ...)
        TODO: check
 CVE-2012-6066 (freeSSHd.exe in freeSSHd through 1.2.6 allows remote attackers 
to ...)
@@ -1074,8 +1078,7 @@
        RESERVED
 CVE-2012-5689
        RESERVED
-CVE-2012-5688
-       RESERVED
+CVE-2012-5688 (ISC BIND 9.8.x before 9.8.4-P1 and 9.9.x before 9.9.2-P1, when 
DNS64 ...)
        - bind9 1:9.8.4.dfsg.P1-1 (bug #695192)
        [squeeze] - bind9 <not-affected> (Only affects 9.8 and 9.9)
 CVE-2012-5687 (Directory traversal vulnerability in the web-based management 
feature ...)
@@ -2357,10 +2360,10 @@
        RESERVED
 CVE-2012-5177
        RESERVED
-CVE-2012-5176
-       RESERVED
-CVE-2012-5175
-       RESERVED
+CVE-2012-5176 (Cross-site scripting (XSS) vulnerability in KENT-WEB ACCESS 
REPORT ...)
+       TODO: check
+CVE-2012-5175 (Cross-site scripting (XSS) vulnerability in KENT-WEB ACCESS 
REPORT 4.2 ...)
+       TODO: check
 CVE-2012-5174 (The KYOCERA AH-K3001V, AH-K3002V, WX300K, WX310K, WX320K, and 
WX320KR ...)
        TODO: check
 CVE-2012-5173 (Session fixation vulnerability in BIGACE before 2.7.8 allows 
remote ...)
@@ -2619,8 +2622,8 @@
        RESERVED
 CVE-2012-5056
        RESERVED
-CVE-2012-5055
-       RESERVED
+CVE-2012-5055 (DaoAuthenticationProvider in VMware SpringSource Spring 
Security ...)
+       TODO: check
 CVE-2012-5054 (Integer overflow in the copyRawDataTo method in the Matrix3D 
class in ...)
        NOT-FOR-US: Adobe Flash player
 CVE-2012-5053
@@ -7487,14 +7490,14 @@
        RESERVED
 CVE-2012-3276
        RESERVED
-CVE-2012-3275
-       RESERVED
-CVE-2012-3274
-       RESERVED
-CVE-2012-3273
-       RESERVED
-CVE-2012-3272
-       RESERVED
+CVE-2012-3275 (Unspecified vulnerability in HP Network Node Manager i (NNMi) 
9.1x and ...)
+       TODO: check
+CVE-2012-3274 (Stack-based buffer overflow in uam.exe in the User Access 
Manager ...)
+       TODO: check
+CVE-2012-3273 (Multiple unspecified vulnerabilities on the HP LaserJet Pro 400 
MFP ...)
+       TODO: check
+CVE-2012-3272 (Cross-site scripting (XSS) vulnerability on the HP Color 
LaserJet ...)
+       TODO: check
 CVE-2012-3271 (Unspecified vulnerability on the HP Integrated Lights-Out 3 
(aka iLO3) ...)
        NOT-FOR-US: HP ILO
 CVE-2012-3270 (Unspecified vulnerability in HP Performance Insight 5.31, 5.40, 
and ...)
@@ -10435,6 +10438,7 @@
        - nginx 1.1.19-1
        [squeeze] - nginx <not-affected> (Vulnerable code not present)
 CVE-2012-2088 (Integer signedness error in the TIFFReadDirectory function in 
...)
+       {DSA-2552-1}
        - tiff 4.0-1 (bug #678140)
        - tiff3 3.9.6-6
 CVE-2012-2087
@@ -22438,14 +22442,11 @@
        RESERVED
 CVE-2011-2733 (EMC RSA Adaptive Authentication On-Premise (AAOP) 6.0.2.1 SP1 
Patch 2, ...)
        NOT-FOR-US: EMC RSA Adaptive Authentication On-Premise
-CVE-2011-2732
-       RESERVED
+CVE-2011-2732 (CRLF injection vulnerability in the logout functionality in 
VMware ...)
        - libspring-security-2.0-java 2.0.7.RELEASE-1 (bug #670901)
-CVE-2011-2731
-       RESERVED
+CVE-2011-2731 (Race condition in the RunAsManager mechanism in VMware 
SpringSource ...)
        - libspring-security-2.0-java 2.0.7.RELEASE-1 (bug #670901)
-CVE-2011-2730
-       RESERVED
+CVE-2011-2730 (VMware SpringSource Spring Framework before 2.5.6.SEC03, 
2.5.7.SR023, ...)
        {DSA-2504-1}
        - libspring-2.5-java <unfixed> (bug #677814)
 CVE-2011-2729 (native/unix/native/jsvc-unix.c in jsvc in the Daemon component 
1.0.3 ...)
@@ -48913,8 +48914,8 @@
        - tomcat5.5 <not-affected> (Windows-only)
 CVE-2009-2900
        RESERVED
-CVE-2009-2899
-       RESERVED
+CVE-2009-2899 (The monitor perl script in the Sybase database plug-in in 
SpringSource ...)
+       TODO: check
 CVE-2009-2898 (Cross-site scripting (XSS) vulnerability in the Alerts list 
feature in ...)
        NOT-FOR-US: SpringSource Hyperic HQ
 CVE-2009-2897 (Multiple cross-site scripting (XSS) vulnerabilities in ...)


_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to