[Secure-testing-commits] r18394 - data/CVE

Mon Feb 6 21:14:24 UTC 2012

Author: joeyh
Date: 2012-02-06 21:14:24 +0000 (Mon, 06 Feb 2012)
New Revision: 18394

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2012-02-06 20:01:24 UTC (rev 18393)
+++ data/CVE/list	2012-02-06 21:14:24 UTC (rev 18394)
@@ -1,3 +1,5 @@
+CVE-2012-1003
+	RESERVED
 CVE-2002-2483
 	- linux-2.6 2.4.20
 CVE-2012-1002
@@ -2218,22 +2220,22 @@
 	RESERVED
 CVE-2011-4880
 	RESERVED
-CVE-2011-4879
-	RESERVED
-CVE-2011-4878
-	RESERVED
-CVE-2011-4877
-	RESERVED
-CVE-2011-4876
-	RESERVED
-CVE-2011-4875
-	RESERVED
+CVE-2011-4879 (miniweb.exe in the HMI web server in Siemens WinCC flexible 2004, ...)
+	TODO: check
+CVE-2011-4878 (Directory traversal vulnerability in miniweb.exe in the HMI web server ...)
+	TODO: check
+CVE-2011-4877 (HmiLoad in the runtime loader in Siemens WinCC flexible 2004, 2005, ...)
+	TODO: check
+CVE-2011-4876 (Directory traversal vulnerability in HmiLoad in the runtime loader in ...)
+	TODO: check
+CVE-2011-4875 (Stack-based buffer overflow in HmiLoad in the runtime loader in ...)
+	TODO: check
 CVE-2011-4874
 	RESERVED
 CVE-2011-4873 (Unspecified vulnerability in the server in Certec EDV atvise before ...)
 	NOT-FOR-US: Certec EDV atvise
-CVE-2011-4872
-	RESERVED
+CVE-2011-4872 (Multiple HTC Android devices including Desire HD FRG83D and GRI40, ...)
+	TODO: check
 CVE-2011-4871
 	RESERVED
 CVE-2011-4870 (Multiple buffer overflows in the (1) GUIControls, (2) BatchObjSrv, and ...)
@@ -3660,20 +3662,20 @@
 	NOTE: ghostscript using system jasper since this version
 CVE-2011-4515
 	RESERVED
-CVE-2011-4514
-	RESERVED
-CVE-2011-4513
-	RESERVED
-CVE-2011-4512
-	RESERVED
-CVE-2011-4511
-	RESERVED
-CVE-2011-4510
-	RESERVED
-CVE-2011-4509
-	RESERVED
-CVE-2011-4508
-	RESERVED
+CVE-2011-4514 (The TELNET daemon in Siemens WinCC flexible 2004, 2005, 2007, and ...)
+	TODO: check
+CVE-2011-4513 (Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA ...)
+	TODO: check
+CVE-2011-4512 (CRLF injection vulnerability in the HMI web server in Siemens WinCC ...)
+	TODO: check
+CVE-2011-4511 (Cross-site scripting (XSS) vulnerability in the HMI web server in ...)
+	TODO: check
+CVE-2011-4510 (Cross-site scripting (XSS) vulnerability in the HMI web server in ...)
+	TODO: check
+CVE-2011-4509 (The HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and ...)
+	TODO: check
+CVE-2011-4508 (The HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and ...)
+	TODO: check
 CVE-2010-5062 (SQL injection vulnerability in search.php in MH Products ...)
 	NOT-FOR-US: MH Products kleinanzeigenmarkt
 CVE-2010-5061 (SQL injection vulnerability in index.php in RSStatic allows remote ...)
@@ -17198,9 +17200,9 @@
 CVE-2010-4561
 	RESERVED
 CVE-2010-4560
-	RESERVED
+	REJECTED
 CVE-2010-4559
-	RESERVED
+	REJECTED
 CVE-2010-4587 (Opera before 11.00 on Windows does not properly implement the Insecure ...)
 	NOT-FOR-US: Opera
 CVE-2010-4586 (The default configuration of Opera before 11.00 enables WebSockets ...)


