[Secure-testing-commits] r19845 - data/CVE

Joey Hess Tue, 31 Jul 2012 14:14:34 -0700

Author: joeyh
Date: 2012-07-31 21:14:20 +0000 (Tue, 31 Jul 2012)
New Revision: 19845


Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2012-07-31 20:01:04 UTC (rev 19844)
+++ data/CVE/list       2012-07-31 21:14:20 UTC (rev 19845)
@@ -1,3 +1,7 @@
+CVE-2012-4070
+       RESERVED
+CVE-2012-4069
+       RESERVED
 CVE-2012-4068 (Heap-based buffer overflow in the SoapServer service in Citrix 
...)
        NOT-FOR-US: Citrix
 CVE-2012-4067
@@ -261,8 +265,8 @@
        RESERVED
 CVE-2012-3952
        RESERVED
-CVE-2012-3951
-       RESERVED
+CVE-2012-3951 (The MySQL component in Plixer Scrutinizer (aka Dell SonicWALL 
...)
+       TODO: check
 CVE-2012-3950
        RESERVED
 CVE-2012-3949
@@ -474,8 +478,8 @@
        RESERVED
 CVE-2012-3849
        RESERVED
-CVE-2012-3848
-       RESERVED
+CVE-2012-3848 (Multiple cross-site scripting (XSS) vulnerabilities in the web 
console ...)
+       TODO: check
 CVE-2012-3863 (channels/chan_sip.c in Asterisk Open Source 1.8.x before 
1.8.13.1 and ...)
        - asterisk <unfixed>
 CVE-2012-3847 (slssvc.exe in Invensys Wonderware SuiteLink in Invensys InTouch 
2012 ...)
@@ -1374,8 +1378,7 @@
        RESERVED
 CVE-2012-3427
        RESERVED
-CVE-2012-3426 [keystone token expiration issues]
-       RESERVED
+CVE-2012-3426 (OpenStack Keystone before 2012.1.1, as used in OpenStack Folsom 
before ...)
        - keystone 2012.1.1-1
 CVE-2012-3425 [libpng: Out-of heap-based buffer read by inflating certain PNG 
images]
        RESERVED
@@ -2335,12 +2338,12 @@
        RESERVED
 CVE-2012-3019
        RESERVED
-CVE-2012-3018
-       RESERVED
-CVE-2012-3017
-       RESERVED
-CVE-2012-3016
-       RESERVED
+CVE-2012-3018 (The lockout-recovery feature in the Security Configurator 
component in ...)
+       TODO: check
+CVE-2012-3017 (Siemens SIMATIC S7-400 PN CPU devices with firmware 5.x allow 
remote ...)
+       TODO: check
+CVE-2012-3016 (Siemens SIMATIC S7-400 PN CPU devices with firmware 6 before 
6.0.3 ...)
+       TODO: check
 CVE-2012-3015 (Untrusted search path vulnerability in Siemens SIMATIC STEP7 
before ...)
        TODO: check
 CVE-2012-3014
@@ -2449,8 +2452,7 @@
        RESERVED
 CVE-2012-2963
        RESERVED
-CVE-2012-2962
-       RESERVED
+CVE-2012-2962 (SQL injection vulnerability in d4d/statusFilter.php in Plixer 
...)
        NOT-FOR-US: Dell SonicWALL Scrutinizer
 CVE-2012-2961 (SQL injection vulnerability in the management console in 
Symantec Web ...)
        NOT-FOR-US: Symantec Web Gateway
@@ -3200,8 +3202,8 @@
        RESERVED
 CVE-2012-2648
        RESERVED
-CVE-2012-2647
-       RESERVED
+CVE-2012-2647 (Yahoo! Toolbar 1.0.0.5 and earlier for Chrome and Safari allows 
remote ...)
+       TODO: check
 CVE-2012-2646 (The Sleipnir Mobile application before 2.1.0 and Sleipnir 
Mobile Black ...)
        TODO: check
 CVE-2012-2645 (The Yahoo! Japan Yahoo! Browser application 1.2.0 and earlier 
for ...)
@@ -3241,10 +3243,10 @@
        RESERVED
 CVE-2012-2628
        RESERVED
-CVE-2012-2627
-       RESERVED
-CVE-2012-2626
-       RESERVED
+CVE-2012-2627 (d4d/uploader.php in the web console in Plixer Scrutinizer (aka 
Dell ...)
+       TODO: check
+CVE-2012-2626 (cgi-bin/admin.cgi in the web console in Plixer Scrutinizer (aka 
Dell ...)
+       TODO: check
 CVE-2012-2625
        RESERVED
        - xen <unfixed> (low)
@@ -4442,8 +4444,8 @@
        RESERVED
 CVE-2012-2164
        RESERVED
-CVE-2012-2163
-       RESERVED
+CVE-2012-2163 (IBM Scale Out Network Attached Storage (SONAS) 1.1 through 
1.3.1 ...)
+       TODO: check
 CVE-2012-2162 (The Web Server Plug-in in IBM WebSphere Application Server 
(WAS) 8.0 ...)
        NOT-FOR-US: WebSphere
 CVE-2012-2161 (Cross-site scripting (XSS) vulnerability in deferredView.jsp in 
IBM ...)
@@ -4973,12 +4975,10 @@
        RESERVED
 CVE-2012-1970
        RESERVED
-CVE-2012-1969
-       RESERVED
+CVE-2012-1969 (The get_attachment_link function in Template.pm in Bugzilla 2.x 
and ...)
        - bugzilla <removed> (low)
        [squeeze] - bugzilla <no-dsa> (Minor issue)
-CVE-2012-1968
-       RESERVED
+CVE-2012-1968 (Bugzilla 4.1.x and 4.2.x before 4.2.2 and 4.3.x before 4.3.2 
uses ...)
        - bugzilla <not-affected> (Only affects 4.1 to 4.3)
 CVE-2012-1967 (Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 
10.0.6, ...)
        {DSA-2514-1 DSA-2513-1}
@@ -7279,10 +7279,12 @@
        RESERVED
 CVE-2012-1015 [KDC frees uninitialized pointer]
        RESERVED
+       {DSA-2518-1}
        - krb5 1.10.1+dfsg-2 (bug #683429)
        NOTE: http://seclists.org/bugtraq/2012/Jul/171
 CVE-2012-1014 [KDC dereferences uninitialized pointer]
        RESERVED
+       {DSA-2518-1}
        - krb5 <unfixed> (bug #683429)
        NOTE: http://seclists.org/bugtraq/2012/Jul/171
 CVE-2012-1013 (The check_1_6_dummy function in lib/kadm5/srv/svr_principal.c 
in ...)
@@ -8037,8 +8039,8 @@
        NOT-FOR-US: Adobe Flash Player
 CVE-2012-0724 (Adobe Flash Player before 11.2.202.229 in Google Chrome before 
...)
        NOT-FOR-US: Adobe Flash Player
-CVE-2012-0723
-       RESERVED
+CVE-2012-0723 (The kernel in IBM AIX 5.3, 6.1, and 7.1, and VIOS 2.2.1.4-FP-25 
SP-02, ...)
+       TODO: check
 CVE-2012-0722
        RESERVED
 CVE-2012-0721


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r19845 - data/CVE

Reply via email to