[Secure-testing-commits] r18513 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Wed Feb 22 09:14:32 UTC 2012
Author: joeyh
Date: 2012-02-22 09:14:31 +0000 (Wed, 22 Feb 2012)
New Revision: 18513
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-02-22 08:51:29 UTC (rev 18512)
+++ data/CVE/list 2012-02-22 09:14:31 UTC (rev 18513)
@@ -1,3 +1,73 @@
+CVE-2012-1235 (Cross-site request forgery (CSRF) vulnerability in Advantech/BroadWin ...)
+ TODO: check
+CVE-2012-1234 (SQL injection vulnerability in Advantech/BroadWin WebAccess 7.0 allows ...)
+ TODO: check
+CVE-2012-1233
+ RESERVED
+CVE-2012-1232
+ RESERVED
+CVE-2012-1231
+ RESERVED
+CVE-2012-1230
+ RESERVED
+CVE-2012-1229
+ RESERVED
+CVE-2012-1228
+ RESERVED
+CVE-2012-1227 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+ TODO: check
+CVE-2012-1226 (Multiple directory traversal vulnerabilities in Dolibarr CMS 3.2.0 ...)
+ TODO: check
+CVE-2012-1225 (Multiple SQL injection vulnerabilities in Dolibarr CMS 3.2.0 Alpha and ...)
+ TODO: check
+CVE-2012-1224 (Cross-site scripting (XSS) vulnerability in system/classes/login.php ...)
+ TODO: check
+CVE-2012-1223 (RabidHamster R2/Extreme 1.65 and earlier uses a small search space of ...)
+ TODO: check
+CVE-2012-1222 (Stack-based buffer overflow in RabidHamster R2/Extreme 1.65 and ...)
+ TODO: check
+CVE-2012-1221 (Directory traversal vulnerability in the telnet server in RabidHamster ...)
+ TODO: check
+CVE-2012-1220 (Cross-site request forgery (CSRF) vulnerability in ...)
+ TODO: check
+CVE-2012-1219 (Multiple cross-site scripting (XSS) vulnerabilities in freelancerKit ...)
+ TODO: check
+CVE-2012-1218 (Multiple SQL injection vulnerabilities in freelancerKit 2.35 allow ...)
+ TODO: check
+CVE-2012-1217 (Multiple cross-site scripting (XSS) vulnerabilities in STHS v2 Web ...)
+ TODO: check
+CVE-2012-1216 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+ TODO: check
+CVE-2012-1215 (Cross-site scripting (XSS) vulnerability in the Add friends module in ...)
+ TODO: check
+CVE-2012-1214 (Cross-site scripting (XSS) vulnerability in the Add friends module in ...)
+ TODO: check
+CVE-2012-1213 (Cross-site scripting (XSS) vulnerability in zimbra/h/calendar in ...)
+ TODO: check
+CVE-2012-1212 (Cross-site scripting (XSS) vulnerability in the smwfOnSfSetTargetName ...)
+ TODO: check
+CVE-2012-1211 (Cross-site scripting (XSS) vulnerability in pfile/kommentar.php in ...)
+ TODO: check
+CVE-2012-1210 (SQL injection vulnerability in pfile/file.php in Powie pFile 1.02 ...)
+ TODO: check
+CVE-2012-1209 (Cross-site scripting (XSS) vulnerability in ...)
+ TODO: check
+CVE-2012-1208 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+ TODO: check
+CVE-2012-1207 (Directory traversal vulnerability in ...)
+ TODO: check
+CVE-2012-1206 (Multiple integer overflows in Hancom Office 2010 SE 8.5.5 allow remote ...)
+ TODO: check
+CVE-2012-1205 (PHP remote file inclusion vulnerability in relocate-upload.php in ...)
+ TODO: check
+CVE-2012-1204
+ RESERVED
+CVE-2012-1203
+ RESERVED
+CVE-2012-1202
+ RESERVED
+CVE-2012-1201
+ RESERVED
CVE-2012-1200 (Multiple PHP remote file inclusion vulnerabilities in Nova CMS allow ...)
TODO: check
CVE-2012-1199 (Multiple PHP remote file inclusion vulnerabilities in Basic Analysis ...)
@@ -22,6 +92,7 @@
TODO: check
CVE-2012-0869 [F*X XSS issues via various HTTP parameters in fup]
RESERVED
+ {DSA-2414-1}
- fex 20120215-1 (low; bug #660621)
CVE-2012-1190 [phpMyAdmin PMASA-2012-1 XSS using a crafted database name]
RESERVED
@@ -436,22 +507,22 @@
NOT-FOR-US: OpenConf
CVE-2012-1001
RESERVED
-CVE-2012-1000
- RESERVED
-CVE-2012-0999
- RESERVED
-CVE-2012-0998
- RESERVED
-CVE-2012-0997
- RESERVED
-CVE-2012-0996
- RESERVED
-CVE-2012-0995
- RESERVED
-CVE-2012-0994
- RESERVED
-CVE-2012-0993
- RESERVED
+CVE-2012-1000 (Multiple cross-site scripting (XSS) vulnerabilities in LEPTON 1.1.3 ...)
+ TODO: check
+CVE-2012-0999 (SQL injection vulnerability in modules/news/rss.php in LEPTON before ...)
+ TODO: check
+CVE-2012-0998 (Directory traversal vulnerability in account/preferences.php in LEPTON ...)
+ TODO: check
+CVE-2012-0997 (Cross-site request forgery (CSRF) vulnerability in admin/index.php in ...)
+ TODO: check
+CVE-2012-0996 (Multiple directory traversal vulnerabilities in 11in1 1.2.1 stable ...)
+ TODO: check
+CVE-2012-0995 (Multiple cross-site scripting (XSS) vulnerabilities in ZENphoto 1.4.2 ...)
+ TODO: check
+CVE-2012-0994 (SQL injection vulnerability in the Manage Albums feature in ...)
+ TODO: check
+CVE-2012-0993 (Eval injection vulnerability in ...)
+ TODO: check
CVE-2012-0992 (interface/fax/fax_dispatch.php in OpenEMR 4.1.0 allows remote ...)
NOT-FOR-US: OpenEMR
CVE-2012-0991 (Multiple directory traversal vulnerabilities in OpenEMR 4.1.0 allow ...)
@@ -728,8 +799,8 @@
RESERVED
CVE-2012-0866
RESERVED
-CVE-2012-0865
- RESERVED
+CVE-2012-0865 (Multiple open redirect vulnerabilities in CubeCart 3.0.20 and earlier ...)
+ TODO: check
CVE-2012-0864 [FORTIFY_SOURCE format string protection bypass]
RESERVED
- eglibc <unfixed> (low; bug #660611)
@@ -2610,30 +2681,30 @@
RESERVED
CVE-2012-0245
RESERVED
-CVE-2012-0244
- RESERVED
-CVE-2012-0243
- RESERVED
-CVE-2012-0242
- RESERVED
-CVE-2012-0241
- RESERVED
-CVE-2012-0240
- RESERVED
-CVE-2012-0239
- RESERVED
-CVE-2012-0238
- RESERVED
-CVE-2012-0237
- RESERVED
-CVE-2012-0236
- RESERVED
-CVE-2012-0235
- RESERVED
-CVE-2012-0234
- RESERVED
-CVE-2012-0233
- RESERVED
+CVE-2012-0244 (Multiple SQL injection vulnerabilities in Advantech/BroadWin WebAccess ...)
+ TODO: check
+CVE-2012-0243 (Buffer overflow in an ActiveX control in bwocxrun.ocx in ...)
+ TODO: check
+CVE-2012-0242 (Format string vulnerability in Advantech/BroadWin WebAccess before 7.0 ...)
+ TODO: check
+CVE-2012-0241 (Advantech/BroadWin WebAccess before 7.0 allows remote attackers to ...)
+ TODO: check
+CVE-2012-0240 (GbScriptAddUp.asp in Advantech/BroadWin WebAccess before 7.0 does not ...)
+ TODO: check
+CVE-2012-0239 (uaddUpAdmin.asp in Advantech/BroadWin WebAccess before 7.0 does not ...)
+ TODO: check
+CVE-2012-0238 (Stack-based buffer overflow in opcImg.asp in Advantech/BroadWin ...)
+ TODO: check
+CVE-2012-0237 (Advantech/BroadWin WebAccess before 7.0 allows remote attackers to (1) ...)
+ TODO: check
+CVE-2012-0236 (Advantech/BroadWin WebAccess 7.0 and earlier allows remote attackers ...)
+ TODO: check
+CVE-2012-0235 (Cross-site request forgery (CSRF) vulnerability in Advantech/BroadWin ...)
+ TODO: check
+CVE-2012-0234 (SQL injection vulnerability in Advantech/BroadWin WebAccess before 7.0 ...)
+ TODO: check
+CVE-2012-0233 (Cross-site scripting (XSS) vulnerability in Advantech/BroadWin ...)
+ TODO: check
CVE-2012-0232
RESERVED
CVE-2012-0231
@@ -2650,8 +2721,8 @@
RESERVED
CVE-2012-0225
RESERVED
-CVE-2012-0224
- RESERVED
+CVE-2012-0224 (Untrusted search path vulnerability in 7-Technologies (7T) AQUIS 1.5 ...)
+ TODO: check
CVE-2012-0223
RESERVED
CVE-2012-0222
@@ -2672,8 +2743,8 @@
RESERVED
CVE-2011-4891
RESERVED
-CVE-2011-4890
- RESERVED
+CVE-2011-4890 (The server in IBM solidDB 6.5 before FP9 and 7.0 before FP1 allows ...)
+ TODO: check
CVE-2011-4889
RESERVED
CVE-2011-4888
@@ -2902,8 +2973,8 @@
RESERVED
CVE-2012-0201
RESERVED
-CVE-2012-0200
- RESERVED
+CVE-2012-0200 (The server in IBM solidDB 6.5 before Interim Fix 6 does not properly ...)
+ TODO: check
CVE-2012-0199
RESERVED
CVE-2012-0198
@@ -4120,18 +4191,18 @@
- unbound 1.4.14-1 (medium)
CVE-2011-4527
RESERVED
-CVE-2011-4526
- RESERVED
-CVE-2011-4525
- RESERVED
-CVE-2011-4524
- RESERVED
-CVE-2011-4523
- RESERVED
-CVE-2011-4522
- RESERVED
-CVE-2011-4521
- RESERVED
+CVE-2011-4526 (Buffer overflow in an ActiveX control in Advantech/BroadWin WebAccess ...)
+ TODO: check
+CVE-2011-4525 (Advantech/BroadWin WebAccess before 7.0 allows remote attackers to ...)
+ TODO: check
+CVE-2011-4524 (Buffer overflow in Advantech/BroadWin WebAccess before 7.0 allows ...)
+ TODO: check
+CVE-2011-4523 (Cross-site scripting (XSS) vulnerability in bwview.asp in ...)
+ TODO: check
+CVE-2011-4522 (Cross-site scripting (XSS) vulnerability in bwerrdn.asp in ...)
+ TODO: check
+CVE-2011-4521 (SQL injection vulnerability in Advantech/BroadWin WebAccess before 7.0 ...)
+ TODO: check
CVE-2011-4520
RESERVED
CVE-2011-4519
@@ -5175,12 +5246,12 @@
RESERVED
CVE-2011-4188
RESERVED
-CVE-2011-4187
- RESERVED
-CVE-2011-4186
- RESERVED
-CVE-2011-4185
- RESERVED
+CVE-2011-4187 (Buffer overflow in the GetDriverSettings function in nipplib.dll in ...)
+ TODO: check
+CVE-2011-4186 (Heap-based buffer overflow in nipplib.dll in Novell iPrint Client ...)
+ TODO: check
+CVE-2011-4185 (The GetPrinterURLList2 method in the ActiveX control in Novell iPrint ...)
+ TODO: check
CVE-2011-4184
RESERVED
CVE-2011-4183
@@ -9038,18 +9109,23 @@
- qtnx <removed> (bug #637439)
CVE-2011-2915
RESERVED
+ {DSA-2415-1}
- libmodplug 1:0.8.8.4-1
CVE-2011-2914
RESERVED
+ {DSA-2415-1}
- libmodplug 1:0.8.8.4-1
CVE-2011-2913
RESERVED
+ {DSA-2415-1}
- libmodplug 1:0.8.8.4-1
CVE-2011-2912
RESERVED
+ {DSA-2415-1}
- libmodplug 1:0.8.8.4-1
CVE-2011-2911
RESERVED
+ {DSA-2415-1}
- libmodplug 1:0.8.8.4-1
CVE-2011-2910
RESERVED
@@ -11837,8 +11913,8 @@
RESERVED
CVE-2011-1915 (SQL injection vulnerability in eClient 7.3.2.3 in Enspire Distribution ...)
NOT-FOR-US: Enspire Distribution Management Solution
-CVE-2011-1914
- RESERVED
+CVE-2011-1914 (Buffer overflow in the Advantech ADAM OLE for Process Control (OPC) ...)
+ TODO: check
CVE-2011-1913 (SQL injection vulnerability in the login form in the web interface in ...)
NOT-FOR-US: Mercator SENTINEL
CVE-2011-1912
@@ -12337,6 +12413,7 @@
RESERVED
CVE-2011-1761 [modplug ABC buffer overflow]
RESERVED
+ {DSA-2415-1}
- libmodplug 1:0.8.8.4-1 (low; bug #625966)
CVE-2011-1760 (utils/opcontrol in OProfile 0.9.6 and earlier might allow local users ...)
{DSA-2254-2 DSA-2254-1}
More information about the Secure-testing-commits
mailing list