[Secure-testing-commits] r20621 - data/CVE

Thu Dec 6 21:14:21 UTC 2012

Author: joeyh
Date: 2012-12-06 21:14:20 +0000 (Thu, 06 Dec 2012)
New Revision: 20621

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2012-12-06 15:01:00 UTC (rev 20620)
+++ data/CVE/list	2012-12-06 21:14:20 UTC (rev 20621)
@@ -1,3 +1,7 @@
+CVE-2012-6069
+	RESERVED
+CVE-2012-6068
+	RESERVED
 CVE-2012-6067 (freeFTPd.exe in freeFTPd through 1.0.11 allows remote attackers to ...)
 	TODO: check
 CVE-2012-6066 (freeSSHd.exe in freeSSHd through 1.2.6 allows remote attackers to ...)
@@ -1074,8 +1078,7 @@
 	RESERVED
 CVE-2012-5689
 	RESERVED
-CVE-2012-5688
-	RESERVED
+CVE-2012-5688 (ISC BIND 9.8.x before 9.8.4-P1 and 9.9.x before 9.9.2-P1, when DNS64 ...)
 	- bind9 1:9.8.4.dfsg.P1-1 (bug #695192)
 	[squeeze] - bind9 <not-affected> (Only affects 9.8 and 9.9)
 CVE-2012-5687 (Directory traversal vulnerability in the web-based management feature ...)
@@ -2357,10 +2360,10 @@
 	RESERVED
 CVE-2012-5177
 	RESERVED
-CVE-2012-5176
-	RESERVED
-CVE-2012-5175
-	RESERVED
+CVE-2012-5176 (Cross-site scripting (XSS) vulnerability in KENT-WEB ACCESS REPORT ...)
+	TODO: check
+CVE-2012-5175 (Cross-site scripting (XSS) vulnerability in KENT-WEB ACCESS REPORT 4.2 ...)
+	TODO: check
 CVE-2012-5174 (The KYOCERA AH-K3001V, AH-K3002V, WX300K, WX310K, WX320K, and WX320KR ...)
 	TODO: check
 CVE-2012-5173 (Session fixation vulnerability in BIGACE before 2.7.8 allows remote ...)
@@ -2619,8 +2622,8 @@
 	RESERVED
 CVE-2012-5056
 	RESERVED
-CVE-2012-5055
-	RESERVED
+CVE-2012-5055 (DaoAuthenticationProvider in VMware SpringSource Spring Security ...)
+	TODO: check
 CVE-2012-5054 (Integer overflow in the copyRawDataTo method in the Matrix3D class in ...)
 	NOT-FOR-US: Adobe Flash player
 CVE-2012-5053
@@ -7487,14 +7490,14 @@
 	RESERVED
 CVE-2012-3276
 	RESERVED
-CVE-2012-3275
-	RESERVED
-CVE-2012-3274
-	RESERVED
-CVE-2012-3273
-	RESERVED
-CVE-2012-3272
-	RESERVED
+CVE-2012-3275 (Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.1x and ...)
+	TODO: check
+CVE-2012-3274 (Stack-based buffer overflow in uam.exe in the User Access Manager ...)
+	TODO: check
+CVE-2012-3273 (Multiple unspecified vulnerabilities on the HP LaserJet Pro 400 MFP ...)
+	TODO: check
+CVE-2012-3272 (Cross-site scripting (XSS) vulnerability on the HP Color LaserJet ...)
+	TODO: check
 CVE-2012-3271 (Unspecified vulnerability on the HP Integrated Lights-Out 3 (aka iLO3) ...)
 	NOT-FOR-US: HP ILO
 CVE-2012-3270 (Unspecified vulnerability in HP Performance Insight 5.31, 5.40, and ...)
@@ -10435,6 +10438,7 @@
 	- nginx 1.1.19-1
 	[squeeze] - nginx <not-affected> (Vulnerable code not present)
 CVE-2012-2088 (Integer signedness error in the TIFFReadDirectory function in ...)
+	{DSA-2552-1}
 	- tiff 4.0-1 (bug #678140)
 	- tiff3 3.9.6-6
 CVE-2012-2087
@@ -22438,14 +22442,11 @@
 	RESERVED
 CVE-2011-2733 (EMC RSA Adaptive Authentication On-Premise (AAOP) 6.0.2.1 SP1 Patch 2, ...)
 	NOT-FOR-US: EMC RSA Adaptive Authentication On-Premise
-CVE-2011-2732
-	RESERVED
+CVE-2011-2732 (CRLF injection vulnerability in the logout functionality in VMware ...)
 	- libspring-security-2.0-java 2.0.7.RELEASE-1 (bug #670901)
-CVE-2011-2731
-	RESERVED
+CVE-2011-2731 (Race condition in the RunAsManager mechanism in VMware SpringSource ...)
 	- libspring-security-2.0-java 2.0.7.RELEASE-1 (bug #670901)
-CVE-2011-2730
-	RESERVED
+CVE-2011-2730 (VMware SpringSource Spring Framework before 2.5.6.SEC03, 2.5.7.SR023, ...)
 	{DSA-2504-1}
 	- libspring-2.5-java <unfixed> (bug #677814)
 CVE-2011-2729 (native/unix/native/jsvc-unix.c in jsvc in the Daemon component 1.0.3 ...)
@@ -48913,8 +48914,8 @@
 	- tomcat5.5 <not-affected> (Windows-only)
 CVE-2009-2900
 	RESERVED
-CVE-2009-2899
-	RESERVED
+CVE-2009-2899 (The monitor perl script in the Sybase database plug-in in SpringSource ...)
+	TODO: check
 CVE-2009-2898 (Cross-site scripting (XSS) vulnerability in the Alerts list feature in ...)
 	NOT-FOR-US: SpringSource Hyperic HQ
 CVE-2009-2897 (Multiple cross-site scripting (XSS) vulnerabilities in ...)


