[Secure-testing-commits] r18684 - data/CVE

Thu, 15 Mar 2012 14:14:46 -0700 

Author: joeyh
Date: 2012-03-15 21:14:34 +0000 (Thu, 15 Mar 2012)
New Revision: 18684

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2012-03-15 20:00:38 UTC (rev 18683)
+++ data/CVE/list       2012-03-15 21:14:34 UTC (rev 18684)
@@ -1,3 +1,7 @@
+CVE-2012-1665
+       RESERVED
+CVE-2012-1664
+       RESERVED
 CVE-2012-1663 (Double free vulnerability in libgnutls in GnuTLS before 3.0.14 
allows ...)
        TODO: check
 CVE-2012-1662
@@ -996,8 +1000,7 @@
        NOTE: http://seclists.org/oss-sec/2012/q1/644
 CVE-2012-1179
        RESERVED
-CVE-2012-1178 [pidgin: Possible MSN remote crash]
-       RESERVED
+CVE-2012-1178 (The msn_oim_report_to_user function in oim.c in the MSN 
protocol ...)
        - pidgin 2.10.2-1 (bug #664030)
        NOTE: http://pidgin.im/news/security/?id=61
 CVE-2012-1177 [libgdata did not verify SSL]
@@ -2772,71 +2775,60 @@
        RESERVED
 CVE-2012-0465
        RESERVED
-CVE-2012-0464
-       RESERVED
+CVE-2012-0464 (Use-after-free vulnerability in the browser engine in Mozilla 
Firefox ...)
        - icedove <unfixed>
        [squeeze] - icedove <not-affected> (Vulnerable code not present)
        - iceweasel 10.0.3esr-1
        [squeeze] - iceweasel <not-affected> (Vulnerable code not present)
        - iceape <unfixed>
        [squeeze] - iceape <not-affected> (Vulnerable code not present)
-CVE-2012-0463
-       RESERVED
+CVE-2012-0463 (The nsWindow implementation in the browser engine in Mozilla 
Firefox ...)
        - iceweasel <not-affected> (Only affects Firefox Mobile on Android)
-CVE-2012-0462
-       RESERVED
+CVE-2012-0462 (Multiple unspecified vulnerabilities in the browser engine in 
Mozilla ...)
        - icedove <unfixed>
        [squeeze] - icedove <not-affected> (Vulnerable code not present)
        - iceweasel 10.0.3esr-1
        [squeeze] - iceweasel <not-affected> (Vulnerable code not present)
        - iceape <unfixed>
        [squeeze] - iceape <not-affected> (Vulnerable code not present)
-CVE-2012-0461
-       RESERVED
+CVE-2012-0461 (Multiple unspecified vulnerabilities in the browser engine in 
Mozilla ...)
        - icedove <unfixed>
        - iceweasel 10.0.3esr-1
        - iceape <unfixed>
-CVE-2012-0460
-       RESERVED
+CVE-2012-0460 (Mozilla Firefox 4.x through 10.0, Firefox ESR 10.x before 
10.0.3, ...)
        - icedove <unfixed>
        [squeeze] - icedove <not-affected> (Vulnerable code not present)
        - iceweasel 10.0.3esr-1
        [squeeze] - iceweasel <not-affected> (Vulnerable code not present)
        - iceape <unfixed>
        [squeeze] - iceape <not-affected> (Vulnerable code not present)
-CVE-2012-0459
-       RESERVED
+CVE-2012-0459 (The Cascading Style Sheets (CSS) implementation in Mozilla 
Firefox 4.x ...)
        - icedove <unfixed>
        [squeeze] - icedove <not-affected> (Vulnerable code not present)
        - iceweasel 10.0.3esr-1
        [squeeze] - iceweasel <not-affected> (Vulnerable code not present)
        - iceape <unfixed>
        [squeeze] - iceape <not-affected> (Vulnerable code not present)
-CVE-2012-0458
-       RESERVED
+CVE-2012-0458 (Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 
10.x ...)
        - icedove <unfixed>
        - iceweasel 10.0.3esr-1
        - iceape <unfixed>
-CVE-2012-0457
-       RESERVED
+CVE-2012-0457 (Use-after-free vulnerability in the ...)
        - icedove <unfixed>
        [squeeze] - icedove <not-affected> (Vulnerable code not present)
        - iceweasel 10.0.3esr-1
        [squeeze] - iceweasel <not-affected> (Vulnerable code not present)
        - iceape <unfixed>
        [squeeze] - iceape <not-affected> (Vulnerable code not present)
-CVE-2012-0456
-       RESERVED
+CVE-2012-0456 (The SVG Filters implementation in Mozilla Firefox before 3.6.28 
and ...)
        - icedove <unfixed>
        - iceweasel 10.0.3esr-1
        - iceape <unfixed>
-CVE-2012-0455
-       RESERVED
+CVE-2012-0455 (Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 
10.x ...)
        - icedove <unfixed>
        - iceweasel 10.0.3esr-1
        - iceape <unfixed>
-CVE-2012-0454
-       RESERVED
+CVE-2012-0454 (Use-after-free vulnerability in Mozilla Firefox 4.x through 
10.0, ...)
        - iceweasel <not-affected> (Only affects Firefox on Windows)
 CVE-2012-0453 (Cross-site request forgery (CSRF) vulnerability in xmlrpc.cgi 
in ...)
        - bugzilla <removed>
@@ -2846,8 +2838,7 @@
        - iceweasel 10.0.1-1
        [squeeze] - iceweasel <not-affected> (Only affects Firefox >= 10)
        - iceape <not-affected> (Vulnerable version never uploaded to the 
archive)
-CVE-2012-0451
-       RESERVED
+CVE-2012-0451 (CRLF injection vulnerability in Mozilla Firefox 4.x through 
10.0, ...)
        - icedove <unfixed>
        [squeeze] - icedove <not-affected> (CSP introduced in Thunderbird 3.3)
        - iceweasel 10.0.3esr-1
@@ -2992,8 +2983,8 @@
        RESERVED
 CVE-2012-0405
        RESERVED
-CVE-2012-0404
-       RESERVED
+CVE-2012-0404 (Cross-site scripting (XSS) vulnerability in EMC Documentum 
eRoom ...)
+       TODO: check
 CVE-2012-0403
        RESERVED
 CVE-2012-0402
@@ -3004,8 +2995,8 @@
        RESERVED
 CVE-2012-0399
        RESERVED
-CVE-2012-0398
-       RESERVED
+CVE-2012-0398 (EMC Documentum eRoom before 7.4.4 does not properly validate 
session ...)
+       TODO: check
 CVE-2012-0397 (Buffer overflow in EMC RSA SecurID Software Token Converter 
before ...)
        NOT-FOR-US: EMC RSA SecurID Software Token Converter
 CVE-2012-0396 (EMC Documentum xPlore 1.0, 1.1 before P07, and 1.2 does not 
properly ...)
@@ -3097,18 +3088,18 @@
        RESERVED
 CVE-2012-0359 (The Cisco Cius with software before 9.2(1) SR2 allows remote 
attackers ...)
        NOT-FOR-US: Cisco Cius
-CVE-2012-0358
-       RESERVED
+CVE-2012-0358 (Buffer overflow in the Cisco Port Forwarder ActiveX control in 
...)
+       TODO: check
 CVE-2012-0357
        RESERVED
-CVE-2012-0356
-       RESERVED
-CVE-2012-0355
-       RESERVED
-CVE-2012-0354
-       RESERVED
-CVE-2012-0353
-       RESERVED
+CVE-2012-0356 (Cisco Adaptive Security Appliances (ASA) 5500 series devices, 
and the ...)
+       TODO: check
+CVE-2012-0355 (Cisco Adaptive Security Appliances (ASA) 5500 series devices, 
and the ...)
+       TODO: check
+CVE-2012-0354 (The Threat Detection feature on Cisco Adaptive Security 
Appliances ...)
+       TODO: check
+CVE-2012-0353 (The UDP inspection engine on Cisco Adaptive Security Appliances 
(ASA) ...)
+       TODO: check
 CVE-2012-0352 (Cisco NX-OS 4.2.x before 4.2(1)SV1(5.1) on Nexus 1000v series 
...)
        NOT-FOR-US: Cisco NX-OS
 CVE-2012-0351
@@ -3593,8 +3584,7 @@
        - python2.6 <unfixed> (low; bug #664135)
        - python2.5 <removed> 
        NOTE: http://www.openwall.com/lists/oss-security/2012/03/14/11
-CVE-2011-4939 [XMPP remote crash]
-       RESERVED
+CVE-2011-4939 (The pidgin_conv_chat_rename_user function in gtkconv.c in 
Pidgin ...)
        - pidgin <unfixed> (bug #664028)
        [squeeze] - pidgin <not-affected> (vulnerable code not present)
        NOTE: http://pidgin.im/news/security/?id=60


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to