Author: joeyh
Date: 2012-12-12 21:14:21 +0000 (Wed, 12 Dec 2012)
New Revision: 20655
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-12-12 17:55:06 UTC (rev 20654)
+++ data/CVE/list 2012-12-12 21:14:21 UTC (rev 20655)
@@ -2365,17 +2365,14 @@
RESERVED
CVE-2012-5679
RESERVED
-CVE-2012-5678
- RESERVED
+CVE-2012-5678 (Adobe Flash Player before 10.3.183.48 and 11.x before
11.5.502.135 on ...)
NOT-FOR-US: Adobe Flash
-CVE-2012-5677
- RESERVED
+CVE-2012-5677 (Integer overflow in Adobe Flash Player before 10.3.183.48 and
11.x ...)
NOT-FOR-US: Adobe Flash
-CVE-2012-5676
- RESERVED
+CVE-2012-5676 (Buffer overflow in Adobe Flash Player before 10.3.183.48 and
11.x ...)
NOT-FOR-US: Adobe Flash
-CVE-2012-5675
- RESERVED
+CVE-2012-5675 (Adobe ColdFusion 9.0 through 9.0.2, and 10, allows local users
to ...)
+ TODO: check
CVE-2012-5674 (Unspecified vulnerability in Adobe ColdFusion 10 before Update
5, when ...)
NOT-FOR-US: Adobe ColdFusion
CVE-2012-5673 (Unspecified vulnerability in Adobe Flash Player before
10.3.183.29 and ...)
@@ -3712,24 +3709,18 @@
RESERVED
CVE-2012-5145
RESERVED
-CVE-2012-5144
- RESERVED
+CVE-2012-5144 (Google Chrome before 23.0.1271.97 does not properly perform AAC
...)
- chromium-browser <unfixed>
TODO: That might affect the internal ffmpeg copy
-CVE-2012-5143
- RESERVED
+CVE-2012-5143 (Integer overflow in Google Chrome before 23.0.1271.97 allows
remote ...)
- chromium-browser <unfixed>
-CVE-2012-5142
- RESERVED
+CVE-2012-5142 (Google Chrome before 23.0.1271.97 does not properly handle
history ...)
- chromium-browser <unfixed>
-CVE-2012-5141
- RESERVED
+CVE-2012-5141 (Google Chrome before 23.0.1271.97 does not properly restrict
...)
- chromium-browser <unfixed>
-CVE-2012-5140
- RESERVED
+CVE-2012-5140 (Use-after-free vulnerability in Google Chrome before
23.0.1271.97 ...)
- chromium-browser <unfixed>
-CVE-2012-5139
- RESERVED
+CVE-2012-5139 (Use-after-free vulnerability in Google Chrome before
23.0.1271.97 ...)
- chromium-browser <unfixed>
CVE-2012-5138 (Google Chrome before 23.0.1271.95 does not properly handle file
paths, ...)
- chromium-browser <unfixed>
@@ -4096,20 +4087,20 @@
RESERVED
CVE-2012-4978
RESERVED
-CVE-2012-4977
- RESERVED
-CVE-2012-4976
- RESERVED
-CVE-2012-4975
- RESERVED
-CVE-2012-4974
- RESERVED
+CVE-2012-4977 (Layton Helpbox 4.4.0 allows remote attackers to discover
cleartext ...)
+ TODO: check
+CVE-2012-4976 (selectawasset.asp in Layton Helpbox 4.4.0 allows remote
attackers to ...)
+ TODO: check
+CVE-2012-4975 (editrequestuser.asp in Layton Helpbox 4.4.0 allows remote ...)
+ TODO: check
+CVE-2012-4974 (Layton Helpbox 4.4.0 allows remote authenticated users to
change the ...)
+ TODO: check
CVE-2012-4973
RESERVED
-CVE-2012-4972
- RESERVED
-CVE-2012-4971
- RESERVED
+CVE-2012-4972 (Multiple cross-site scripting (XSS) vulnerabilities in Layton
Helpbox ...)
+ TODO: check
+CVE-2012-4971 (Multiple SQL injection vulnerabilities in Layton Helpbox 4.4.0
allow ...)
+ TODO: check
CVE-2012-4970
RESERVED
CVE-2011-5190 (Multiple cross-site scripting (XSS) vulnerabilities in Social
Book ...)
@@ -4551,28 +4542,28 @@
RESERVED
CVE-2012-4792
RESERVED
-CVE-2012-4791
- RESERVED
+CVE-2012-4791 (Microsoft Exchange Server 2007 SP3 and 2010 SP1 and SP2 allows
remote ...)
+ TODO: check
CVE-2012-4790
RESERVED
CVE-2012-4789
RESERVED
CVE-2012-4788
RESERVED
-CVE-2012-4787
- RESERVED
-CVE-2012-4786
- RESERVED
+CVE-2012-4787 (Use-after-free vulnerability in Microsoft Internet Explorer 9
and 10 ...)
+ TODO: check
+CVE-2012-4786 (The kernel-mode drivers in Microsoft Windows XP SP2 and SP3,
Windows ...)
+ TODO: check
CVE-2012-4785
RESERVED
CVE-2012-4784
RESERVED
CVE-2012-4783
RESERVED
-CVE-2012-4782
- RESERVED
-CVE-2012-4781
- RESERVED
+CVE-2012-4782 (Use-after-free vulnerability in Microsoft Internet Explorer 9
and 10 ...)
+ TODO: check
+CVE-2012-4781 (Use-after-free vulnerability in Microsoft Internet Explorer 6
through ...)
+ TODO: check
CVE-2012-4780
RESERVED
CVE-2012-4779
@@ -4585,8 +4576,8 @@
NOT-FOR-US: Microsoft .NET Framework
CVE-2012-4775 (Use-after-free vulnerability in Microsoft Internet Explorer 9
allows ...)
NOT-FOR-US: Internet Explorer
-CVE-2012-4774
- RESERVED
+CVE-2012-4774 (Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2,
Windows ...)
+ TODO: check
CVE-2012-4773 (Multiple cross-site request forgery (CSRF) vulnerabilities in
Subrion ...)
NOT-FOR-US: Subrion CMS
CVE-2012-4772 (SQL injection vulnerability in register/ in Subrion CMS before
2.2.3 ...)
@@ -10474,8 +10465,8 @@
RESERVED
CVE-2012-2557 (Use-after-free vulnerability in Microsoft Internet Explorer 6
through ...)
NOT-FOR-US: Internet Explorer
-CVE-2012-2556
- RESERVED
+CVE-2012-2556 (The OpenType Font (OTF) driver in the kernel-mode drivers in
Microsoft ...)
+ TODO: check
CVE-2012-2555
RESERVED
CVE-2012-2554
@@ -10488,8 +10479,8 @@
NOT-FOR-US: Microsoft Windows Server
CVE-2012-2550 (Microsoft Works 9 allows remote attackers to execute arbitrary
code or ...)
NOT-FOR-US: Microsoft Works
-CVE-2012-2549
- RESERVED
+CVE-2012-2549 (The IP-HTTPS server in Windows Server 2008 R2 and R2 SP1 and
Server ...)
+ TODO: check
CVE-2012-2548 (Use-after-free vulnerability in Microsoft Internet Explorer 9
allows ...)
NOT-FOR-US: Internet Explorer
CVE-2012-2547
@@ -10508,8 +10499,8 @@
RESERVED
CVE-2012-2540
RESERVED
-CVE-2012-2539
- RESERVED
+CVE-2012-2539 (Microsoft Word 2003 SP3, 2007 SP2 and SP3, and 2010 SP1; Word
Viewer; ...)
+ TODO: check
CVE-2012-2538
RESERVED
CVE-2012-2537
@@ -13048,8 +13039,8 @@
NOT-FOR-US: Microsoft Internet Explorer
CVE-2012-1538 (Use-after-free vulnerability in Microsoft Internet Explorer 9
allows ...)
NOT-FOR-US: Microsoft Internet Explorer
-CVE-2012-1537
- RESERVED
+CVE-2012-1537 (Heap-based buffer overflow in DirectPlay in DirectX 9.0 through
11.1 ...)
+ TODO: check
CVE-2012-1536
RESERVED
CVE-2012-1535 (Unspecified vulnerability in Adobe Flash Player before
11.3.300.271 on ...)
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
