[Secure-testing-commits] r18803 - data/CVE
Helmut Grohne
helmut-guest at alioth.debian.org
Mon Apr 2 08:46:59 UTC 2012
Author: helmut-guest
Date: 2012-04-02 08:46:59 +0000 (Mon, 02 Apr 2012)
New Revision: 18803
Modified:
data/CVE/list
Log:
undetermined affects, NFUs, not completely trivial
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-04-02 08:00:16 UTC (rev 18802)
+++ data/CVE/list 2012-04-02 08:46:59 UTC (rev 18803)
@@ -926,7 +926,7 @@
CVE-2012-1498 (Multiple cross-site request forgery (CSRF) vulnerabilities in Webfolio ...)
NOT-FOR-US: Webfolio CMS
CVE-2012-1497 (The default configuration of Movable Type before 4.38, 5.0x before ...)
- TODO: check
+ - movabletype-opensource <undetermined>
CVE-2012-1496
RESERVED
CVE-2012-1495
@@ -1088,7 +1088,9 @@
CVE-2012-1419 (The TAR file parser in ClamAV 0.96.4 and Quick Heal (aka Cat ...)
TODO: check
CVE-2012-1418 (Multiple unspecified vulnerabilities in Google Chrome before ...)
- TODO: check
+ - chromium-browser <undetermined>
+ - webkit <undetermined>
+ NOTE: Might by a NFU as it affects specific devices.
CVE-2012-1417
RESERVED
CVE-2012-1416
@@ -1104,7 +1106,7 @@
CVE-2012-1411
RESERVED
CVE-2012-1410 (Multiple cross-site scripting (XSS) vulnerabilities in the History ...)
- TODO: check
+ - kadu <undetermined>
CVE-2012-1409 (Unspecified vulnerability in the Tiny Password ...)
NOT-FOR-US: Tiny Password
CVE-2012-1408 (Unspecified vulnerability in the App Lock (com.cc.applock) application ...)
@@ -1404,7 +1406,7 @@
CVE-2012-1263
RESERVED
CVE-2012-1262 (Cross-site scripting (XSS) vulnerability in cgi-bin/mt/mt-wizard.cgi ...)
- TODO: check
+ - movabletype-opensource <undetermined>
CVE-2012-1261
RESERVED
CVE-2012-1260
@@ -2501,7 +2503,8 @@
CVE-2012-0839 (OCaml 3.12.1 and earlier computes hash values without restricting the ...)
- ocaml <unfixed> (low; bug #659149)
CVE-2012-0838 (Apache Struts 2 before 2.2.3.1 evaluates a string as an OGNL ...)
- TODO: check
+ - libstruts1.2-java <undetermined>
+ NOTE: likely unaffected, because of version difference
CVE-2012-0837
RESERVED
NOT-FOR-US: Joomla!
@@ -3788,13 +3791,13 @@
CVE-2012-0321 (Unspecified vulnerability in the device driver in Kingsoft Internet ...)
NOT-FOR-US: Kingsoft Internet Security 2011
CVE-2012-0320 (Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13 ...)
- TODO: check
+ - movabletype-opensource <undetermined>
CVE-2012-0319 (The file-management system in Movable Type before 4.38, 5.0x before ...)
- TODO: check
+ - movabletype-opensource <undetermined>
CVE-2012-0318 (Multiple cross-site scripting (XSS) vulnerabilities in Movable Type ...)
- TODO: check
+ - movabletype-opensource <undetermined>
CVE-2012-0317 (Multiple cross-site request forgery (CSRF) vulnerabilities in Movable ...)
- TODO: check
+ - movabletype-opensource <undetermined>
CVE-2012-0316 (The Cookpad 1.5.16 and earlier and Cookpad Noseru 1.1.1 and earlier ...)
NOT-FOR-US: Cookpad
CVE-2012-0315 (Untrusted search path vulnerability in ALFTP before 5.31 allows local ...)
@@ -4607,7 +4610,7 @@
CVE-2006-7251
RESERVED
CVE-2006-7250 (The mime_hdr_cmp function in crypto/asn1/asn_mime.c in OpenSSL 0.9.8t ...)
- TODO: check
+ - openssl <undetermined>
CVE-2006-7249
REJECTED
CVE-2006-7248
@@ -8241,9 +8244,9 @@
CVE-2011-3846
RESERVED
CVE-2011-3845 (Use-after-free vulnerability in Apple Safari 5.1.2, when a plug-in ...)
- TODO: check
+ NOT-FOR-US: Apple Safari
CVE-2011-3844 (Apple Safari 5.0.5 does not properly implement the setInterval ...)
- TODO: check
+ NOT-FOR-US: Apple Safari
CVE-2011-3843
RESERVED
CVE-2011-3842
@@ -9340,7 +9343,8 @@
CVE-2011-3444 (Address Book in Apple Mac OS X before 10.7.3 automatically switches to ...)
NOT-FOR-US: Mac OS X
CVE-2011-3443 (Use-after-free vulnerability in WebKit, as used in Apple Safari before ...)
- TODO: check
+ - chromium-browser <undetermined>
+ - webkit <undetermined>
CVE-2011-3442 (The kernel in Apple iOS before 5.0.1 does not ensure the validity of ...)
NOT-FOR-US: Apple iOS
CVE-2011-3441 (libinfo in Apple iOS before 5.0.1 does not properly formulate ...)
@@ -11074,21 +11078,29 @@
[squeeze] - chromium-browser <not-affected>
- webkit <not-affected> (chromium specific)
CVE-2011-2873 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
- TODO: check
+ NOT-FOR-US: Apple WebKit
+ NOTE: reported by google, likely duplicate
CVE-2011-2872 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
- TODO: check
+ NOT-FOR-US: Apple WebKit
+ NOTE: reported by google, likely duplicate
CVE-2011-2871 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
- TODO: check
+ NOT-FOR-US: Apple WebKit
+ NOTE: reported by google, likely duplicate
CVE-2011-2870 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
- TODO: check
+ NOT-FOR-US: Apple WebKit
+ NOTE: reported by google, likely duplicate
CVE-2011-2869 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
- TODO: check
+ NOT-FOR-US: Apple WebKit
+ NOTE: reported by google, likely duplicate
CVE-2011-2868 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
- TODO: check
+ NOT-FOR-US: Apple WebKit
+ NOTE: reported by google, likely duplicate
CVE-2011-2867 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
- TODO: check
+ NOT-FOR-US: Apple WebKit
+ NOTE: reported by google, likely duplicate
CVE-2011-2866 (WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle ...)
- TODO: check
+ NOT-FOR-US: Apple WebKit
+ NOTE: reported by google, likely duplicate
CVE-2011-2865
RESERVED
CVE-2011-2864 (Google Chrome before 14.0.835.163 does not properly handle Tibetan ...)
@@ -11213,6 +11225,8 @@
- libxml2 2.7.8.dfsg-5 (low; bug #643648)
[squeeze] - libxml2 <no-dsa> (denial-of-service only issue)
CVE-2011-2833 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows ...)
+ - chromium-browser <undetermined>
+ - webkit <undetermined>
TODO: check iOS
CVE-2011-2832
RESERVED
More information about the Secure-testing-commits
mailing list