[Secure-testing-commits] r19962 - data/CVE

Thu Aug 16 21:14:18 UTC 2012

Author: joeyh
Date: 2012-08-16 21:14:18 +0000 (Thu, 16 Aug 2012)
New Revision: 19962

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2012-08-16 15:44:10 UTC (rev 19961)
+++ data/CVE/list	2012-08-16 21:14:18 UTC (rev 19962)
@@ -1,3 +1,23 @@
+CVE-2012-4345
+	RESERVED
+CVE-2012-4344 (Cross-site scripting (XSS) vulnerability in Ipswitch WhatsUp Gold ...)
+	TODO: check
+CVE-2012-4343 (Multiple unspecified vulnerabilities in Gallery 3 before 3.0.4 allow ...)
+	TODO: check
+CVE-2012-4342 (Multiple cross-site scripting (XSS) vulnerabilities in Gallery 3 ...)
+	TODO: check
+CVE-2012-4341 (Multiple stack-based buffer overflows in msg_server.exe in SAP ...)
+	TODO: check
+CVE-2012-4340 (Cross-site scripting (XSS) vulnerability in Sybase EAServer before 6.1 ...)
+	TODO: check
+CVE-2012-4339
+	RESERVED
+CVE-2012-4338
+	RESERVED
+CVE-2012-4337
+	RESERVED
+CVE-2012-4336
+	RESERVED
 CVE-2012-4335 (Samsung NET-i viewer 1.37.120316 allows remote attackers to cause a ...)
 	TODO: check
 CVE-2012-4334 (The ConnectDDNS method in the (1) STWConfigNVR 1.1.13.15 and (2) ...)
@@ -72,34 +92,34 @@
 	RESERVED
 CVE-2012-4299
 	RESERVED
-CVE-2012-4298
-	RESERVED
-CVE-2012-4297
-	RESERVED
-CVE-2012-4296
-	RESERVED
-CVE-2012-4295
-	RESERVED
-CVE-2012-4294
-	RESERVED
-CVE-2012-4293
-	RESERVED
-CVE-2012-4292
-	RESERVED
-CVE-2012-4291
-	RESERVED
-CVE-2012-4290
-	RESERVED
-CVE-2012-4289
-	RESERVED
-CVE-2012-4288
-	RESERVED
-CVE-2012-4287
-	RESERVED
-CVE-2012-4286
-	RESERVED
-CVE-2012-4285
-	RESERVED
+CVE-2012-4298 (Integer signedness error in the vwr_read_rec_data_ethernet function in ...)
+	TODO: check
+CVE-2012-4297 (Buffer overflow in the dissect_gsm_rlcmac_downlink function in ...)
+	TODO: check
+CVE-2012-4296 (Buffer overflow in epan/dissectors/packet-rtps2.c in the RTPS2 ...)
+	TODO: check
+CVE-2012-4295 (Array index error in the channelised_fill_sdh_g707_format function in ...)
+	TODO: check
+CVE-2012-4294 (Buffer overflow in the channelised_fill_sdh_g707_format function in ...)
+	TODO: check
+CVE-2012-4293 (plugins/ethercat/packet-ecatmb.c in the EtherCAT Mailbox dissector in ...)
+	TODO: check
+CVE-2012-4292 (The dissect_stun_message function in epan/dissectors/packet-stun.c in ...)
+	TODO: check
+CVE-2012-4291 (The CIP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before ...)
+	TODO: check
+CVE-2012-4290 (The CTDB dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before ...)
+	TODO: check
+CVE-2012-4289 (epan/dissectors/packet-afp.c in the AFP dissector in Wireshark 1.4.x ...)
+	TODO: check
+CVE-2012-4288 (Integer overflow in the dissect_xtp_ecntl function in ...)
+	TODO: check
+CVE-2012-4287 (epan/dissectors/packet-mongo.c in the MongoDB dissector in Wireshark ...)
+	TODO: check
+CVE-2012-4286 (The pcapng_read_packet_block function in wiretap/pcapng.c in the ...)
+	TODO: check
+CVE-2012-4285 (The dissect_pft function in epan/dissectors/packet-dcp-etsi.c in the ...)
+	TODO: check
 CVE-2012-4284
 	RESERVED
 CVE-2011-5099 (SQL injection vulnerability in helper/popup.php in the ccNewsletter ...)
@@ -628,8 +648,7 @@
 	RESERVED
 CVE-2012-4038
 	RESERVED
-CVE-2012-4037
-	RESERVED
+CVE-2012-4037 (Multiple cross-site scripting (XSS) vulnerabilities in the web client ...)
 	- transmission 2.52-3 (bug #683380)
 CVE-2012-4036
 	RESERVED
@@ -1941,12 +1960,10 @@
 	RESERVED
 	{DSA-2524-1}
 	- openttd <unfixed> (low; bug #683258)
-CVE-2012-3435 [Zabbix SQL injection flaw]
-	RESERVED
+CVE-2012-3435 (SQL injection vulnerability in frontends/php/popup_bitem.php in Zabbix ...)
 	- zabbix 1:2.0.2+dfsg-1 (bug #683273)
 	NOTE: http://seclists.org/oss-sec/2012/q3/127
-CVE-2012-3434 [WordPress plugin Count Per Day XSS (SSCHADV2012-015)]
-	RESERVED
+CVE-2012-3434 (Multiple cross-site scripting (XSS) vulnerabilities in userperspan.php ...)
 	NOT-FOR-US: WordPress plugin Count Per Day
 CVE-2012-3433
 	RESERVED
@@ -2456,16 +2473,16 @@
 	RESERVED
 CVE-2012-3252
 	RESERVED
-CVE-2012-3251
-	RESERVED
-CVE-2012-3250
-	RESERVED
-CVE-2012-3249
-	RESERVED
-CVE-2012-3248
-	RESERVED
-CVE-2012-3247
-	RESERVED
+CVE-2012-3251 (Cross-site scripting (XSS) vulnerability in HP Service Manager Web ...)
+	TODO: check
+CVE-2012-3250 (Unspecified vulnerability in HP Service Manager Server 7.11, 9.21, and ...)
+	TODO: check
+CVE-2012-3249 (HP Fortify Software Security Center 3.1, 3.3, 3.4, and 3.5 allows ...)
+	TODO: check
+CVE-2012-3248 (HP Fortify Software Security Center 3.1, 3.3, 3.4, and 3.5 allows ...)
+	TODO: check
+CVE-2012-3247 (Unspecified vulnerability on the HP Integrity Server BL860c i2, BL870c ...)
+	TODO: check
 CVE-2012-3246
 	RESERVED
 CVE-2012-3245
@@ -2913,10 +2930,10 @@
 	RESERVED
 CVE-2012-3026
 	RESERVED
-CVE-2012-3025
-	RESERVED
-CVE-2012-3024
-	RESERVED
+CVE-2012-3025 (The default configuration of Tridium Niagara AX Framework through 3.6 ...)
+	TODO: check
+CVE-2012-3024 (Tridium Niagara AX Framework through 3.6 uses predictable values for ...)
+	TODO: check
 CVE-2012-3023
 	RESERVED
 CVE-2012-3022
@@ -2945,8 +2962,8 @@
 	RESERVED
 CVE-2012-3010
 	RESERVED
-CVE-2012-3009
-	RESERVED
+CVE-2012-3009 (Siemens COMOS before 9.1 Patch 413, 9.2 before Update 03 Patch 023, ...)
+	TODO: check
 CVE-2012-3008 (Stack-based buffer overflow in OSIsoft PI OPC DA Interface before ...)
 	NOT-FOR-US: OSIsoft PI OPC DA Interface
 CVE-2012-3007 (Stack-based buffer overflow in slssvc.exe before 58.x in Invensys ...)
@@ -3489,15 +3506,12 @@
 	RESERVED
 CVE-2012-2771
 	RESERVED
-CVE-2012-2770 [privilege escalation in Request Tracker external auth extension]
-	RESERVED
+CVE-2012-2770 (The Authen::ExternalAuth extension before 0.11 for Best Practical ...)
 	- rt-authen-externalauth <unfixed> (bug #683288)
-CVE-2012-2769
-	RESERVED
+CVE-2012-2769 (Multiple cross-site scripting (XSS) vulnerabilities in the topic ...)
 	- request-tracker4 4.0.6-1
 	NOTE: bundled in RT4
-CVE-2012-2768 [multiple XSS in RTFM, Request Tracker FAQ manager]
-	RESERVED
+CVE-2012-2768 (Multiple cross-site scripting (XSS) vulnerabilities in the topic ...)
 	- rtfm <unfixed> (bug #683290)
 	- request-tracker4 4.0.6-1
 	NOTE: bundled in RT4
@@ -3918,8 +3932,8 @@
 	NOT-FOR-US: CollabNet ScrumWorks Pro
 CVE-2012-2602 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
 	NOT-FOR-US: SolarWinds Orion Network Performance Monitor
-CVE-2012-2601
-	RESERVED
+CVE-2012-2601 (SQL injection vulnerability in WrVMwareHostList.asp in Ipswitch ...)
+	TODO: check
 CVE-2012-2600
 	RESERVED
 CVE-2012-2599
@@ -3980,8 +3994,8 @@
 	RESERVED
 CVE-2012-2571 (Multiple cross-site scripting (XSS) vulnerabilities in WinWebMail ...)
 	NOT-FOR-US: WinWebMail
-CVE-2012-2570
-	RESERVED
+CVE-2012-2570 (Cross-site scripting (XSS) vulnerability in products_map.php in X-Cart ...)
+	TODO: check
 CVE-2012-2569
 	RESERVED
 CVE-2012-2568 (d41d8cd98f00b204e9800998ecf8427e.php in the management web server on ...)
@@ -4786,8 +4800,8 @@
 	RESERVED
 CVE-2012-2284
 	RESERVED
-CVE-2012-2283
-	RESERVED
+CVE-2012-2283 (The Iomega Home Media Network Hard Drive with EMC Lifeline firmware ...)
+	TODO: check
 CVE-2012-2282 (EMC Celerra Network Server 6.x before 6.0.61.0, VNX 7.x before ...)
 	NOT-FOR-US: EMC Celerra/VNX/VNXe
 CVE-2012-2281 (EMC RSA Access Manager Server 6.x before 6.1 SP4 and RSA Access ...)


