[Secure-testing-commits] r18445 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Wed Feb 15 21:14:39 UTC 2012
Author: joeyh
Date: 2012-02-15 21:14:39 +0000 (Wed, 15 Feb 2012)
New Revision: 18445
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-02-15 21:01:50 UTC (rev 18444)
+++ data/CVE/list 2012-02-15 21:14:39 UTC (rev 18445)
@@ -1,3 +1,261 @@
+CVE-2012-1187
+ RESERVED
+CVE-2012-1186
+ RESERVED
+CVE-2012-1185
+ RESERVED
+CVE-2012-1184
+ RESERVED
+CVE-2012-1183
+ RESERVED
+CVE-2012-1182
+ RESERVED
+CVE-2012-1181
+ RESERVED
+CVE-2012-1180
+ RESERVED
+CVE-2012-1179
+ RESERVED
+CVE-2012-1178
+ RESERVED
+CVE-2012-1177
+ RESERVED
+CVE-2012-1176
+ RESERVED
+CVE-2012-1175
+ RESERVED
+CVE-2012-1174
+ RESERVED
+CVE-2012-1173
+ RESERVED
+CVE-2012-1172
+ RESERVED
+CVE-2012-1171
+ RESERVED
+CVE-2012-1170
+ RESERVED
+CVE-2012-1169
+ RESERVED
+CVE-2012-1168
+ RESERVED
+CVE-2012-1167
+ RESERVED
+CVE-2012-1166
+ RESERVED
+CVE-2012-1165
+ RESERVED
+CVE-2012-1164
+ RESERVED
+CVE-2012-1163
+ RESERVED
+CVE-2012-1162
+ RESERVED
+CVE-2012-1161
+ RESERVED
+CVE-2012-1160
+ RESERVED
+CVE-2012-1159
+ RESERVED
+CVE-2012-1158
+ RESERVED
+CVE-2012-1157
+ RESERVED
+CVE-2012-1156
+ RESERVED
+CVE-2012-1155
+ RESERVED
+CVE-2012-1154
+ RESERVED
+CVE-2012-1153
+ RESERVED
+CVE-2012-1152
+ RESERVED
+CVE-2012-1151
+ RESERVED
+CVE-2012-1150
+ RESERVED
+CVE-2012-1149
+ RESERVED
+CVE-2012-1148
+ RESERVED
+CVE-2012-1147
+ RESERVED
+CVE-2012-1146
+ RESERVED
+CVE-2012-1145
+ RESERVED
+CVE-2012-1144
+ RESERVED
+CVE-2012-1143
+ RESERVED
+CVE-2012-1142
+ RESERVED
+CVE-2012-1141
+ RESERVED
+CVE-2012-1140
+ RESERVED
+CVE-2012-1139
+ RESERVED
+CVE-2012-1138
+ RESERVED
+CVE-2012-1137
+ RESERVED
+CVE-2012-1136
+ RESERVED
+CVE-2012-1135
+ RESERVED
+CVE-2012-1134
+ RESERVED
+CVE-2012-1133
+ RESERVED
+CVE-2012-1132
+ RESERVED
+CVE-2012-1131
+ RESERVED
+CVE-2012-1130
+ RESERVED
+CVE-2012-1129
+ RESERVED
+CVE-2012-1128
+ RESERVED
+CVE-2012-1127
+ RESERVED
+CVE-2012-1126
+ RESERVED
+CVE-2012-1125
+ RESERVED
+CVE-2012-1124
+ RESERVED
+CVE-2012-1123
+ RESERVED
+CVE-2012-1122
+ RESERVED
+CVE-2012-1121
+ RESERVED
+CVE-2012-1120
+ RESERVED
+CVE-2012-1119
+ RESERVED
+CVE-2012-1118
+ RESERVED
+CVE-2012-1117
+ RESERVED
+CVE-2012-1116
+ RESERVED
+CVE-2012-1115
+ RESERVED
+CVE-2012-1114
+ RESERVED
+CVE-2012-1113
+ RESERVED
+CVE-2012-1112
+ RESERVED
+CVE-2012-1111
+ RESERVED
+CVE-2012-1110
+ RESERVED
+CVE-2012-1109
+ RESERVED
+CVE-2012-1108
+ RESERVED
+CVE-2012-1107
+ RESERVED
+CVE-2012-1106
+ RESERVED
+CVE-2012-1105
+ RESERVED
+CVE-2012-1104
+ RESERVED
+CVE-2012-1103
+ RESERVED
+CVE-2012-1102
+ RESERVED
+CVE-2012-1101
+ RESERVED
+CVE-2012-1100
+ RESERVED
+CVE-2012-1099
+ RESERVED
+CVE-2012-1098
+ RESERVED
+CVE-2012-1097
+ RESERVED
+CVE-2012-1096
+ RESERVED
+CVE-2012-1095
+ RESERVED
+CVE-2012-1094
+ RESERVED
+CVE-2012-1093
+ RESERVED
+CVE-2012-1092
+ RESERVED
+CVE-2012-1091
+ RESERVED
+CVE-2012-1090
+ RESERVED
+CVE-2012-1089
+ RESERVED
+CVE-2012-1088
+ RESERVED
+CVE-2012-1087 (Cross-site scripting (XSS) vulnerability in the Post data records to ...)
+ TODO: check
+CVE-2012-1086 (Cross-site scripting (XSS) vulnerability in the UrlTool (aeurltool) ...)
+ TODO: check
+CVE-2012-1085 (Unspecified vulnerability in the BE User Switch (beuserswitch) ...)
+ TODO: check
+CVE-2012-1084 (Cross-site scripting (XSS) vulnerability in the BE User Switch ...)
+ TODO: check
+CVE-2012-1083 (Cross-site request forgery (CSRF) vulnerability in the Terminal PHP ...)
+ TODO: check
+CVE-2012-1082 (Cross-site scripting (XSS) vulnerability in the Terminal PHP Shell ...)
+ TODO: check
+CVE-2012-1081 (Cross-site scripting (XSS) vulnerability in the Yet another Google ...)
+ TODO: check
+CVE-2012-1080 (Cross-site scripting (XSS) vulnerability in the Euro Calculator ...)
+ TODO: check
+CVE-2012-1079 (Unspecified vulnerability in the Webservices for TYPO3 ...)
+ TODO: check
+CVE-2012-1078 (The System Utilities (sysutils) extension 1.0.3 and earlier for TYPO3 ...)
+ TODO: check
+CVE-2012-1077 (SQL injection vulnerability in the Post data records to facebook ...)
+ TODO: check
+CVE-2012-1076 (Cross-site scripting (XSS) vulnerability in the Documents download ...)
+ TODO: check
+CVE-2012-1075 (SQL injection vulnerability in the Documents download (rtg_files) ...)
+ TODO: check
+CVE-2012-1074 (SQL injection vulnerability in the White Papers (mm_whtppr) extension ...)
+ TODO: check
+CVE-2012-1073 (Cross-site scripting (XSS) vulnerability in the Category-System ...)
+ TODO: check
+CVE-2012-1072 (SQL injection vulnerability in the Category-System (toi_category) ...)
+ TODO: check
+CVE-2012-1071 (SQL injection vulnerability in the Kitchen recipe (mv_cooking) ...)
+ TODO: check
+CVE-2012-1070 (Cross-site scripting (XSS) vulnerability in the Modern FAQ (irfaq) ...)
+ TODO: check
+CVE-2012-1069 (Cross-site scripting (XSS) vulnerability in module/kb/search_word in ...)
+ TODO: check
+CVE-2012-1068 (Cross-site scripting (XSS) vulnerability in the rc_ajax function in ...)
+ TODO: check
+CVE-2012-1067 (SQL injection vulnerability in the WP-RecentComments plugin 2.0.7 for ...)
+ TODO: check
+CVE-2012-1066 (Cross-site scripting (XSS) vulnerability in the template module in ...)
+ TODO: check
+CVE-2012-1065 (Insecure method vulnerability in TuxScripting.dll in the TuxSystem ...)
+ TODO: check
+CVE-2012-1064
+ RESERVED
+CVE-2011-5080 (Cross-site scripting (XSS) vulnerability in ...)
+ TODO: check
+CVE-2011-5079 (Open redirect vulnerability in the Modern FAQ (irfaq) extension 1.1.2 ...)
+ TODO: check
+CVE-2010-5085 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+ TODO: check
+CVE-2010-5084 (The cross-site request forgery (CSRF) protection mechanism in e107 ...)
+ TODO: check
+CVE-2010-5083 (SQL injection vulnerability in the Web_Links module for PHP-Nuke 8.0 ...)
+ TODO: check
CVE-2012-1063 (Multiple SQL injection vulnerabilities in ManageEngine Applications ...)
TODO: check
CVE-2012-1062 (Multiple cross-site scripting (XSS) vulnerabilities in ManageEngine ...)
@@ -115,8 +373,8 @@
NOT-FOR-US: HDWiki
CVE-2011-5076 (SQL injection vulnerability in model/comment.class.php in HDWiki 5.0, ...)
NOT-FOR-US: HDWiki
-CVE-2012-1009
- RESERVED
+CVE-2012-1009 (NetSarang Xlpd 4 Build 0100 and NetSarang Xmanager Enterprise 4 Build ...)
+ TODO: check
CVE-2012-1008 (OfficeSIP Server 3.1 allows remote attackers to cause a denial of ...)
NOT-FOR-US: OfficeSIP Server
CVE-2012-1007 (Multiple cross-site scripting (XSS) vulnerabilities in Apache Struts ...)
@@ -339,9 +597,9 @@
RESERVED
CVE-2012-0909 (Cross-site scripting (XSS) vulnerability in Horde_Form in Horde ...)
- horde3 <unfixed>
- [squeeze] - horde3 <not-affected> (affected files do not exist)
+ [squeeze] - horde3 <not-affected> (affected files do not exist)
- imp4 <unfixed> (bug #659392)
- [squeeze] - imp4 <not-affected> (affected files do not exist)
+ [squeeze] - imp4 <not-affected> (affected files do not exist)
CVE-2012-0907 (Directory traversal vulnerability in the web player in NeoAxis NeoAxis ...)
NOT-FOR-US: NeoAxis NeoAxis web player
CVE-2012-0906 (SQL injection vulnerability in the Moviebase addon for deV!L'z ...)
@@ -629,10 +887,9 @@
- imp4 <unfixed> (bug #659392)
CVE-2012-0790 (Cross-site scripting (XSS) vulnerability in smokeping_cgi in Smokeping ...)
- smokeping 2.6.7-1 (bug #659899)
-CVE-2012-0789
- RESERVED
-CVE-2012-0788
- RESERVED
+CVE-2012-0789 (Memory leak in the timezone functionality in PHP before 5.3.9 allows ...)
+ TODO: check
+CVE-2012-0788 (The PDORow implementation in PHP before 5.3.9 does not properly ...)
{DSA-2408-1}
- php5 5.3.9-1
CVE-2012-0787
@@ -682,26 +939,26 @@
RESERVED
CVE-2012-0767
RESERVED
-CVE-2012-0766
- RESERVED
-CVE-2012-0765
- RESERVED
-CVE-2012-0764
- RESERVED
-CVE-2012-0763
- RESERVED
-CVE-2012-0762
- RESERVED
-CVE-2012-0761
- RESERVED
-CVE-2012-0760
- RESERVED
-CVE-2012-0759
- RESERVED
-CVE-2012-0758
- RESERVED
-CVE-2012-0757
- RESERVED
+CVE-2012-0766 (The Shockwave 3D Asset component in Adobe Shockwave Player before ...)
+ TODO: check
+CVE-2012-0765 (Multiple cross-site scripting (XSS) vulnerabilities in Adobe RoboHelp ...)
+ TODO: check
+CVE-2012-0764 (The Shockwave 3D Asset component in Adobe Shockwave Player before ...)
+ TODO: check
+CVE-2012-0763 (The Shockwave 3D Asset component in Adobe Shockwave Player before ...)
+ TODO: check
+CVE-2012-0762 (The Shockwave 3D Asset component in Adobe Shockwave Player before ...)
+ TODO: check
+CVE-2012-0761 (The Shockwave 3D Asset component in Adobe Shockwave Player before ...)
+ TODO: check
+CVE-2012-0760 (The Shockwave 3D Asset component in Adobe Shockwave Player before ...)
+ TODO: check
+CVE-2012-0759 (Adobe Shockwave Player before 11.6.4.634 allows attackers to execute ...)
+ TODO: check
+CVE-2012-0758 (Heap-based buffer overflow in Adobe Shockwave Player before 11.6.4.634 ...)
+ TODO: check
+CVE-2012-0757 (The Shockwave 3D Asset component in Adobe Shockwave Player before ...)
+ TODO: check
CVE-2012-0756
RESERVED
CVE-2012-0755
@@ -1864,7 +2121,7 @@
NOT-FOR-US: NTR ActiveX control
CVE-2012-0265
RESERVED
-CVE-2011-5046 (win32k.sys in the kernel-mode drivers in Microsoft Windows 7 ...)
+CVE-2011-5046 (The Graphics Device Interface (GDI) in win32k.sys in the kernel-mode ...)
NOT-FOR-US: Microsoft Windows 7
CVE-2011-5045 (Cross-site scripting (XSS) vulnerability in details_view.php in PHP ...)
NOT-FOR-US: PHP Booking Calendar 10e (not in Debian)
@@ -2531,12 +2788,15 @@
RESERVED
CVE-2012-0212
RESERVED
+ {DSA-2409-1}
- devscripts <unfixed>
CVE-2012-0211
RESERVED
+ {DSA-2409-1}
- devscripts <unfixed>
CVE-2012-0210
RESERVED
+ {DSA-2409-1}
- devscripts <unfixed>
CVE-2012-0209 [horde backdoor]
RESERVED
@@ -2703,30 +2963,30 @@
RESERVED
CVE-2012-0156
RESERVED
-CVE-2012-0155
- RESERVED
-CVE-2012-0154
- RESERVED
+CVE-2012-0155 (Microsoft Internet Explorer 9 does not properly handle objects in ...)
+ TODO: check
+CVE-2012-0154 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers ...)
+ TODO: check
CVE-2012-0153
RESERVED
CVE-2012-0152
RESERVED
CVE-2012-0151
RESERVED
-CVE-2012-0150
- RESERVED
-CVE-2012-0149
- RESERVED
-CVE-2012-0148
- RESERVED
+CVE-2012-0150 (Buffer overflow in msvcrt.dll in Microsoft Windows Vista SP2, Windows ...)
+ TODO: check
+CVE-2012-0149 (afd.sys in the Ancillary Function Driver in Microsoft Windows Server ...)
+ TODO: check
+CVE-2012-0148 (afd.sys in the Ancillary Function Driver in Microsoft Windows XP SP2, ...)
+ TODO: check
CVE-2012-0147
RESERVED
CVE-2012-0146
RESERVED
-CVE-2012-0145
- RESERVED
-CVE-2012-0144
- RESERVED
+CVE-2012-0145 (Cross-site scripting (XSS) vulnerability in wizardlist.aspx in ...)
+ TODO: check
+CVE-2012-0144 (Cross-site scripting (XSS) vulnerability in themeweb.aspx in Microsoft ...)
+ TODO: check
CVE-2012-0143
RESERVED
CVE-2012-0142
@@ -2737,12 +2997,12 @@
RESERVED
CVE-2012-0139
RESERVED
-CVE-2012-0138
- RESERVED
-CVE-2012-0137
- RESERVED
-CVE-2012-0136
- RESERVED
+CVE-2012-0138 (Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle ...)
+ TODO: check
+CVE-2012-0137 (Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle ...)
+ TODO: check
+CVE-2012-0136 (Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle ...)
+ TODO: check
CVE-2012-0135
RESERVED
CVE-2012-0134
@@ -4001,28 +4261,28 @@
RESERVED
CVE-2011-4437
RESERVED
-CVE-2012-0020
- RESERVED
-CVE-2012-0019
- RESERVED
+CVE-2012-0020 (Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle ...)
+ TODO: check
+CVE-2012-0019 (Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle ...)
+ TODO: check
CVE-2012-0018
RESERVED
-CVE-2012-0017
- RESERVED
+CVE-2012-0017 (Cross-site scripting (XSS) vulnerability in inplview.aspx in Microsoft ...)
+ TODO: check
CVE-2012-0016
RESERVED
-CVE-2012-0015
- RESERVED
-CVE-2012-0014
- RESERVED
+CVE-2012-0015 (Microsoft .NET Framework 2.0 SP2 and 3.5.1 does not properly calculate ...)
+ TODO: check
+CVE-2012-0014 (Microsoft .NET Framework 2.0 SP2, 3.5.1, and 4, and Silverlight 4 ...)
+ TODO: check
CVE-2012-0013 (Incomplete blacklist vulnerability in the Windows Packager ...)
NOT-FOR-US: Microsoft Windows
-CVE-2012-0012
- RESERVED
-CVE-2012-0011
- RESERVED
-CVE-2012-0010
- RESERVED
+CVE-2012-0012 (Microsoft Internet Explorer 9 does not properly handle the creation ...)
+ TODO: check
+CVE-2012-0011 (Microsoft Internet Explorer 7 through 9 does not properly handle ...)
+ TODO: check
+CVE-2012-0010 (Microsoft Internet Explorer 6 through 9 does not properly perform ...)
+ TODO: check
CVE-2012-0009 (Untrusted search path vulnerability in the Windows Object Packager ...)
NOT-FOR-US: Microsoft Windows
CVE-2012-0008
@@ -8274,6 +8534,7 @@
RESERVED
CVE-2011-3026
RESERVED
+ {DSA-2410-1}
- libpng <unfixed> (high; bug #660026)
CVE-2011-3025
RESERVED
@@ -21511,7 +21772,7 @@
NOT-FOR-US: Microsoft Windows Internet Communication Settings
CVE-2010-3139 (Untrusted search path vulnerability in Microsoft Windows Progman Group ...)
NOT-FOR-US: Microsoft Windows Progman Group Converter
-CVE-2010-3138 (Untrusted search path vulnerability in the Indeo filter (iac25_32.ax) ...)
+CVE-2010-3138 (Untrusted search path vulnerability in the Indeo Codec in iac25_32.ax ...)
NOT-FOR-US: Microsoft Windows Media Player
CVE-2010-3137 (Untrusted search path vulnerability in Nullsoft Winamp 5.581, and ...)
NOT-FOR-US: Nullsoft Winamp
More information about the Secure-testing-commits
mailing list