[Secure-testing-commits] r19962 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Thu Aug 16 21:14:18 UTC 2012
Author: joeyh
Date: 2012-08-16 21:14:18 +0000 (Thu, 16 Aug 2012)
New Revision: 19962
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-08-16 15:44:10 UTC (rev 19961)
+++ data/CVE/list 2012-08-16 21:14:18 UTC (rev 19962)
@@ -1,3 +1,23 @@
+CVE-2012-4345
+ RESERVED
+CVE-2012-4344 (Cross-site scripting (XSS) vulnerability in Ipswitch WhatsUp Gold ...)
+ TODO: check
+CVE-2012-4343 (Multiple unspecified vulnerabilities in Gallery 3 before 3.0.4 allow ...)
+ TODO: check
+CVE-2012-4342 (Multiple cross-site scripting (XSS) vulnerabilities in Gallery 3 ...)
+ TODO: check
+CVE-2012-4341 (Multiple stack-based buffer overflows in msg_server.exe in SAP ...)
+ TODO: check
+CVE-2012-4340 (Cross-site scripting (XSS) vulnerability in Sybase EAServer before 6.1 ...)
+ TODO: check
+CVE-2012-4339
+ RESERVED
+CVE-2012-4338
+ RESERVED
+CVE-2012-4337
+ RESERVED
+CVE-2012-4336
+ RESERVED
CVE-2012-4335 (Samsung NET-i viewer 1.37.120316 allows remote attackers to cause a ...)
TODO: check
CVE-2012-4334 (The ConnectDDNS method in the (1) STWConfigNVR 1.1.13.15 and (2) ...)
@@ -72,34 +92,34 @@
RESERVED
CVE-2012-4299
RESERVED
-CVE-2012-4298
- RESERVED
-CVE-2012-4297
- RESERVED
-CVE-2012-4296
- RESERVED
-CVE-2012-4295
- RESERVED
-CVE-2012-4294
- RESERVED
-CVE-2012-4293
- RESERVED
-CVE-2012-4292
- RESERVED
-CVE-2012-4291
- RESERVED
-CVE-2012-4290
- RESERVED
-CVE-2012-4289
- RESERVED
-CVE-2012-4288
- RESERVED
-CVE-2012-4287
- RESERVED
-CVE-2012-4286
- RESERVED
-CVE-2012-4285
- RESERVED
+CVE-2012-4298 (Integer signedness error in the vwr_read_rec_data_ethernet function in ...)
+ TODO: check
+CVE-2012-4297 (Buffer overflow in the dissect_gsm_rlcmac_downlink function in ...)
+ TODO: check
+CVE-2012-4296 (Buffer overflow in epan/dissectors/packet-rtps2.c in the RTPS2 ...)
+ TODO: check
+CVE-2012-4295 (Array index error in the channelised_fill_sdh_g707_format function in ...)
+ TODO: check
+CVE-2012-4294 (Buffer overflow in the channelised_fill_sdh_g707_format function in ...)
+ TODO: check
+CVE-2012-4293 (plugins/ethercat/packet-ecatmb.c in the EtherCAT Mailbox dissector in ...)
+ TODO: check
+CVE-2012-4292 (The dissect_stun_message function in epan/dissectors/packet-stun.c in ...)
+ TODO: check
+CVE-2012-4291 (The CIP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before ...)
+ TODO: check
+CVE-2012-4290 (The CTDB dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before ...)
+ TODO: check
+CVE-2012-4289 (epan/dissectors/packet-afp.c in the AFP dissector in Wireshark 1.4.x ...)
+ TODO: check
+CVE-2012-4288 (Integer overflow in the dissect_xtp_ecntl function in ...)
+ TODO: check
+CVE-2012-4287 (epan/dissectors/packet-mongo.c in the MongoDB dissector in Wireshark ...)
+ TODO: check
+CVE-2012-4286 (The pcapng_read_packet_block function in wiretap/pcapng.c in the ...)
+ TODO: check
+CVE-2012-4285 (The dissect_pft function in epan/dissectors/packet-dcp-etsi.c in the ...)
+ TODO: check
CVE-2012-4284
RESERVED
CVE-2011-5099 (SQL injection vulnerability in helper/popup.php in the ccNewsletter ...)
@@ -628,8 +648,7 @@
RESERVED
CVE-2012-4038
RESERVED
-CVE-2012-4037
- RESERVED
+CVE-2012-4037 (Multiple cross-site scripting (XSS) vulnerabilities in the web client ...)
- transmission 2.52-3 (bug #683380)
CVE-2012-4036
RESERVED
@@ -1941,12 +1960,10 @@
RESERVED
{DSA-2524-1}
- openttd <unfixed> (low; bug #683258)
-CVE-2012-3435 [Zabbix SQL injection flaw]
- RESERVED
+CVE-2012-3435 (SQL injection vulnerability in frontends/php/popup_bitem.php in Zabbix ...)
- zabbix 1:2.0.2+dfsg-1 (bug #683273)
NOTE: http://seclists.org/oss-sec/2012/q3/127
-CVE-2012-3434 [WordPress plugin Count Per Day XSS (SSCHADV2012-015)]
- RESERVED
+CVE-2012-3434 (Multiple cross-site scripting (XSS) vulnerabilities in userperspan.php ...)
NOT-FOR-US: WordPress plugin Count Per Day
CVE-2012-3433
RESERVED
@@ -2456,16 +2473,16 @@
RESERVED
CVE-2012-3252
RESERVED
-CVE-2012-3251
- RESERVED
-CVE-2012-3250
- RESERVED
-CVE-2012-3249
- RESERVED
-CVE-2012-3248
- RESERVED
-CVE-2012-3247
- RESERVED
+CVE-2012-3251 (Cross-site scripting (XSS) vulnerability in HP Service Manager Web ...)
+ TODO: check
+CVE-2012-3250 (Unspecified vulnerability in HP Service Manager Server 7.11, 9.21, and ...)
+ TODO: check
+CVE-2012-3249 (HP Fortify Software Security Center 3.1, 3.3, 3.4, and 3.5 allows ...)
+ TODO: check
+CVE-2012-3248 (HP Fortify Software Security Center 3.1, 3.3, 3.4, and 3.5 allows ...)
+ TODO: check
+CVE-2012-3247 (Unspecified vulnerability on the HP Integrity Server BL860c i2, BL870c ...)
+ TODO: check
CVE-2012-3246
RESERVED
CVE-2012-3245
@@ -2913,10 +2930,10 @@
RESERVED
CVE-2012-3026
RESERVED
-CVE-2012-3025
- RESERVED
-CVE-2012-3024
- RESERVED
+CVE-2012-3025 (The default configuration of Tridium Niagara AX Framework through 3.6 ...)
+ TODO: check
+CVE-2012-3024 (Tridium Niagara AX Framework through 3.6 uses predictable values for ...)
+ TODO: check
CVE-2012-3023
RESERVED
CVE-2012-3022
@@ -2945,8 +2962,8 @@
RESERVED
CVE-2012-3010
RESERVED
-CVE-2012-3009
- RESERVED
+CVE-2012-3009 (Siemens COMOS before 9.1 Patch 413, 9.2 before Update 03 Patch 023, ...)
+ TODO: check
CVE-2012-3008 (Stack-based buffer overflow in OSIsoft PI OPC DA Interface before ...)
NOT-FOR-US: OSIsoft PI OPC DA Interface
CVE-2012-3007 (Stack-based buffer overflow in slssvc.exe before 58.x in Invensys ...)
@@ -3489,15 +3506,12 @@
RESERVED
CVE-2012-2771
RESERVED
-CVE-2012-2770 [privilege escalation in Request Tracker external auth extension]
- RESERVED
+CVE-2012-2770 (The Authen::ExternalAuth extension before 0.11 for Best Practical ...)
- rt-authen-externalauth <unfixed> (bug #683288)
-CVE-2012-2769
- RESERVED
+CVE-2012-2769 (Multiple cross-site scripting (XSS) vulnerabilities in the topic ...)
- request-tracker4 4.0.6-1
NOTE: bundled in RT4
-CVE-2012-2768 [multiple XSS in RTFM, Request Tracker FAQ manager]
- RESERVED
+CVE-2012-2768 (Multiple cross-site scripting (XSS) vulnerabilities in the topic ...)
- rtfm <unfixed> (bug #683290)
- request-tracker4 4.0.6-1
NOTE: bundled in RT4
@@ -3918,8 +3932,8 @@
NOT-FOR-US: CollabNet ScrumWorks Pro
CVE-2012-2602 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
NOT-FOR-US: SolarWinds Orion Network Performance Monitor
-CVE-2012-2601
- RESERVED
+CVE-2012-2601 (SQL injection vulnerability in WrVMwareHostList.asp in Ipswitch ...)
+ TODO: check
CVE-2012-2600
RESERVED
CVE-2012-2599
@@ -3980,8 +3994,8 @@
RESERVED
CVE-2012-2571 (Multiple cross-site scripting (XSS) vulnerabilities in WinWebMail ...)
NOT-FOR-US: WinWebMail
-CVE-2012-2570
- RESERVED
+CVE-2012-2570 (Cross-site scripting (XSS) vulnerability in products_map.php in X-Cart ...)
+ TODO: check
CVE-2012-2569
RESERVED
CVE-2012-2568 (d41d8cd98f00b204e9800998ecf8427e.php in the management web server on ...)
@@ -4786,8 +4800,8 @@
RESERVED
CVE-2012-2284
RESERVED
-CVE-2012-2283
- RESERVED
+CVE-2012-2283 (The Iomega Home Media Network Hard Drive with EMC Lifeline firmware ...)
+ TODO: check
CVE-2012-2282 (EMC Celerra Network Server 6.x before 6.0.61.0, VNX 7.x before ...)
NOT-FOR-US: EMC Celerra/VNX/VNXe
CVE-2012-2281 (EMC RSA Access Manager Server 6.x before 6.1 SP4 and RSA Access ...)
More information about the Secure-testing-commits
mailing list