Author: joeyh
Date: 2013-01-03 21:14:24 +0000 (Thu, 03 Jan 2013)
New Revision: 20801
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-01-03 18:56:47 UTC (rev 20800)
+++ data/CVE/list 2013-01-03 21:14:24 UTC (rev 20801)
@@ -1,3 +1,211 @@
+CVE-2013-0802
+ RESERVED
+CVE-2013-0801
+ RESERVED
+CVE-2013-0800
+ RESERVED
+CVE-2013-0799
+ RESERVED
+CVE-2013-0798
+ RESERVED
+CVE-2013-0797
+ RESERVED
+CVE-2013-0796
+ RESERVED
+CVE-2013-0795
+ RESERVED
+CVE-2013-0794
+ RESERVED
+CVE-2013-0793
+ RESERVED
+CVE-2013-0792
+ RESERVED
+CVE-2013-0791
+ RESERVED
+CVE-2013-0790
+ RESERVED
+CVE-2013-0789
+ RESERVED
+CVE-2013-0788
+ RESERVED
+CVE-2013-0787
+ RESERVED
+CVE-2013-0786
+ RESERVED
+CVE-2013-0785
+ RESERVED
+CVE-2013-0784
+ RESERVED
+CVE-2013-0783
+ RESERVED
+CVE-2013-0782
+ RESERVED
+CVE-2013-0781
+ RESERVED
+CVE-2013-0780
+ RESERVED
+CVE-2013-0779
+ RESERVED
+CVE-2013-0778
+ RESERVED
+CVE-2013-0777
+ RESERVED
+CVE-2013-0776
+ RESERVED
+CVE-2013-0775
+ RESERVED
+CVE-2013-0774
+ RESERVED
+CVE-2013-0773
+ RESERVED
+CVE-2013-0772
+ RESERVED
+CVE-2013-0771
+ RESERVED
+CVE-2013-0770
+ RESERVED
+CVE-2013-0769
+ RESERVED
+CVE-2013-0768
+ RESERVED
+CVE-2013-0767
+ RESERVED
+CVE-2013-0766
+ RESERVED
+CVE-2013-0765
+ RESERVED
+CVE-2013-0764
+ RESERVED
+CVE-2013-0763
+ RESERVED
+CVE-2013-0762
+ RESERVED
+CVE-2013-0761
+ RESERVED
+CVE-2013-0760
+ RESERVED
+CVE-2013-0759
+ RESERVED
+CVE-2013-0758
+ RESERVED
+CVE-2013-0757
+ RESERVED
+CVE-2013-0756
+ RESERVED
+CVE-2013-0755
+ RESERVED
+CVE-2013-0754
+ RESERVED
+CVE-2013-0753
+ RESERVED
+CVE-2013-0752
+ RESERVED
+CVE-2013-0751
+ RESERVED
+CVE-2013-0750
+ RESERVED
+CVE-2013-0749
+ RESERVED
+CVE-2013-0748
+ RESERVED
+CVE-2013-0747
+ RESERVED
+CVE-2013-0746
+ RESERVED
+CVE-2013-0745
+ RESERVED
+CVE-2013-0744
+ RESERVED
+CVE-2013-0743
+ RESERVED
+CVE-2013-0742
+ RESERVED
+CVE-2013-0741
+ RESERVED
+CVE-2013-0740
+ RESERVED
+CVE-2013-0739
+ RESERVED
+CVE-2013-0738
+ RESERVED
+CVE-2013-0737
+ RESERVED
+CVE-2013-0736
+ RESERVED
+CVE-2013-0735
+ RESERVED
+CVE-2013-0734
+ RESERVED
+CVE-2013-0733
+ RESERVED
+CVE-2013-0732
+ RESERVED
+CVE-2013-0731
+ RESERVED
+CVE-2013-0730
+ RESERVED
+CVE-2013-0729
+ RESERVED
+CVE-2013-0728
+ RESERVED
+CVE-2013-0727
+ RESERVED
+CVE-2013-0726
+ RESERVED
+CVE-2013-0725
+ RESERVED
+CVE-2013-0724
+ RESERVED
+CVE-2013-0723
+ RESERVED
+CVE-2013-0722
+ RESERVED
+CVE-2012-6495 (Multiple directory traversal vulnerabilities in the (1)
twikidraw ...)
+ TODO: check
+CVE-2012-6494
+ RESERVED
+CVE-2012-6493
+ RESERVED
+CVE-2012-6492
+ RESERVED
+CVE-2012-6491
+ RESERVED
+CVE-2012-6490
+ RESERVED
+CVE-2012-6489
+ RESERVED
+CVE-2012-6488
+ RESERVED
+CVE-2012-6487
+ RESERVED
+CVE-2012-6486
+ RESERVED
+CVE-2012-6485
+ RESERVED
+CVE-2012-6484
+ RESERVED
+CVE-2012-6483
+ RESERVED
+CVE-2012-6482
+ RESERVED
+CVE-2012-6481
+ RESERVED
+CVE-2012-6480
+ RESERVED
+CVE-2012-6479
+ RESERVED
+CVE-2012-6478
+ RESERVED
+CVE-2012-6477
+ RESERVED
+CVE-2012-6476
+ RESERVED
+CVE-2012-6475
+ RESERVED
+CVE-2012-6474
+ RESERVED
+CVE-2012-6473
+ RESERVED
CVE-2013-0721 (wp-php-widget.php in the WP PHP widget plugin 1.0.2 for
WordPress ...)
TODO: check
CVE-2013-0720
@@ -120,10 +328,10 @@
RESERVED
CVE-2012-6435
RESERVED
-CVE-2012-6434
- RESERVED
-CVE-2012-6433
- RESERVED
+CVE-2012-6434 (Multiple cross-site request forgery (CSRF) vulnerabilities in
...)
+ TODO: check
+CVE-2012-6433 (Cross-site request forgery (CSRF) vulnerability in ...)
+ TODO: check
CVE-2013-0700
RESERVED
CVE-2013-0699
@@ -2045,22 +2253,19 @@
RESERVED
- freeciv <unfixed> (low; bug #696306)
[squeeze] - freeciv <no-dsa> (Minor issue)
-CVE-2012-6082 [moin: XSS in rss link]
- RESERVED
+CVE-2012-6082 (Cross-site scripting (XSS) vulnerability in the rsslink
function in ...)
{DSA-2593-1}
- moin 1.9.5-2
[wheezy] - moin 1.9.4-8+deb7u1
NOTE: Fix http://hg.moinmo.in/moin/1.9/rev/c98ec456e493
NOTE: CVE request
http://www.openwall.com/lists/oss-security/2012/12/29/7
-CVE-2012-6081 [moin: remote code execution vulnerability]
- RESERVED
+CVE-2012-6081 (Multiple unrestricted file upload vulnerabilities in the (1)
twikidraw ...)
{DSA-2593-1}
[wheezy] - moin 1.9.4-8+deb7u1
- moin 1.9.5-3 (bug #696948)
NOTE: Fix http://hg.moinmo.in/moin/1.9/rev/7e7e1cbb9d3f
NOTE: CVE request
http://www.openwall.com/lists/oss-security/2012/12/29/6
-CVE-2012-6080 [moin: path traversal vulnerability]
- RESERVED
+CVE-2012-6080 (Directory traversal vulnerability in the _do_attachment_move
function ...)
{DSA-2593-1}
[wheezy] - moin 1.9.4-8+deb7u1
- moin 1.9.5-4 (bug #696949)
@@ -3336,18 +3541,15 @@
- freetype 2.4.9-1.1 (unimportant; bug #696691)
NOTE: https://savannah.nongnu.org/bugs/?37905
NOTE:
http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=9b6b5754b57c12b820e01305eb69b8863a161e5a
-CVE-2012-5667 [grep: arbitrary command execution vulnerability]
- RESERVED
+CVE-2012-5667 (Multiple integer overflows in GNU Grep before 2.11 might allow
...)
- grep 2.11-1
NOTE: https://bugs.launchpad.net/ubuntu/+source/grep/+bug/1091473
NOTE: patch
http://git.savannah.gnu.org/cgit/grep.git/commit/?id=cbbc1a45b9f843c811905c97c90a5d31f8e6c189
NOTE: http://www.openwall.com/lists/oss-security/2012/12/22/1
TODO: check if stable is affected (the segfault is reproducible;
command execution possible?)
-CVE-2012-5666 [XSS vulnerability in bookmarks]
- RESERVED
+CVE-2012-5666 (Cross-site scripting (XSS) vulnerability in
bookmarks/js/bookmarks.js ...)
- owncloud <unfixed> (bug #696574)
-CVE-2012-5665 [Auth bypass in user_webdavauth and user_ldap]
- RESERVED
+CVE-2012-5665 (ownCloud 4.0.x before 4.0.10 and 4.5.x before 4.5.5 does not
properly ...)
- owncloud <unfixed> (bug #696574)
CVE-2012-5664 (SQL injection vulnerability in the Authlogic gem for Ruby on
Rails ...)
- ruby-activerecord-2.3 2.3.14-3
@@ -3377,21 +3579,18 @@
CVE-2012-5656 [XXE via SVG rasterization]
RESERVED
- inkscape 0.48.3.1-1.2 (bug #696485)
-CVE-2012-5655
- RESERVED
-CVE-2012-5654
- RESERVED
-CVE-2012-5653 [Arbitrary PHP code execution (File upload modules - Drupal 6
and 7)]
- RESERVED
+CVE-2012-5655 (The Context module 6.x-3.x before 6.x-3.1 and 7.x-3.x before
...)
+ TODO: check
+CVE-2012-5654 (The Nodewords: D6 Meta Tags module before 6.x-1.14 for Drupal,
when ...)
+ TODO: check
+CVE-2012-5653 (The file upload feature in Drupal 6.x before 6.27 and 7.x
before 7.18 ...)
- drupal6 <unfixed> (bug #696343)
- drupal7 <unfixed> (bug #696342)
NOTE: http://drupal.org/SA-CORE-2012-004
-CVE-2012-5652 [Access bypass (Upload module - Drupal 6)]
- RESERVED
+CVE-2012-5652 (Drupal 6.x before 6.27 allows remote attackers to obtain
sensitive ...)
- drupal6 <unfixed> (bug #696343)
NOTE: http://drupal.org/SA-CORE-2012-004
-CVE-2012-5651 [Access bypass (User module search - Drupal 6 and 7)]
- RESERVED
+CVE-2012-5651 (Drupal 6.x before 6.27 and 7.x before 7.18 displays information
for ...)
- drupal6 <unfixed> (bug #696343)
- drupal7 <unfixed> (bug #696342)
NOTE: http://drupal.org/SA-CORE-2012-004
@@ -6421,8 +6620,7 @@
NOTE: awredir.pl is not installed into the binary package
CVE-2012-4546
RESERVED
-CVE-2012-4545
- RESERVED
+CVE-2012-4545 (The http_negotiate_create_context function in ...)
{DSA-2592-1}
- elinks 0.12~pre5-9
CVE-2012-4544 (The PV domain builder in Xen 4.2 and earlier does not validate
the ...)
@@ -11934,8 +12132,7 @@
NOT-FOR-US: Apache Roller
CVE-2012-2380 (Multiple cross-site request forgery (CSRF) vulnerabilities in
the ...)
NOT-FOR-US: Apache Roller
-CVE-2012-2379
- RESERVED
+CVE-2012-2379 (Apache CXF 2.4.x before 2.4.8, 2.5.x before 2.5.4, and 2.6.x
before ...)
NOT-FOR-US: Apache CXF
CVE-2012-2378
RESERVED
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
