[Secure-testing-commits] r20061 - data/CVE
Moritz Muehlenhoff
jmm at alioth.debian.org
Fri Aug 31 08:00:30 UTC 2012
Author: jmm
Date: 2012-08-31 08:00:30 +0000 (Fri, 31 Aug 2012)
New Revision: 20061
Modified:
data/CVE/list
Log:
new wireshark issue
openttd CVE ID messup
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-08-30 22:44:59 UTC (rev 20060)
+++ data/CVE/list 2012-08-31 08:00:30 UTC (rev 20061)
@@ -2624,8 +2624,8 @@
NOTE: http://www.exploit-db.com/exploits/20226/
CVE-2012-3548 [wireshark DoS via DRDA dissector]
RESERVED
- - wireshark <unfixed>
- TODO: check
+ - wireshark <unfixed> (unimportant; bug #686225)
+ NOTE: Doesn't allow code injection
CVE-2012-3547
RESERVED
CVE-2012-3546
@@ -6723,7 +6723,7 @@
CVE-2012-1922
RESERVED
CVE-2012-1921 (Cross-site request forgery (CSRF) vulnerability in ...)
- TODO: check
+ NOT-FOR-US: Sitecom
CVE-2012-1920 (@Mail WebMail Client in AtMail Open-Source 1.04 and earlier allows ...)
NOT-FOR-US: AtMail
CVE-2012-1919 (CRLF injection vulnerability in mime.php in @Mail WebMail Client in ...)
@@ -8139,7 +8139,7 @@
CVE-2012-1297 (Multiple cross-site request forgery (CSRF) vulnerabilities in main.php ...)
NOT-FOR-US: Contao
CVE-2012-1296 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
- TODO: check
+ NOT-FOR-US: Elefant CMS
CVE-2012-1295
RESERVED
CVE-2012-1294 (SQL injection vulnerability in CONTIMEX Impulsio CMS allows remote ...)
@@ -12341,7 +12341,7 @@
NOTE: http://vcs.openttd.org/svn/changeset/23764
NOTE: http://security.openttd.org/en/CVE-2012-0049
CVE-2012-0048 (OpenTTD 0.3.5 through 1.1.4 allows remote attackers to cause a denial ...)
- TODO: check
+ TODO: contacted MITRE, seems like a typo
CVE-2012-0047 (Cross-site scripting (XSS) vulnerability in Apache Wicket 1.4.x before ...)
NOT-FOR-US: Apache Wicket
CVE-2012-0046 [mediawiki info leak]
More information about the Secure-testing-commits
mailing list