[Secure-testing-commits] r19671 - data/CVE
Moritz Muehlenhoff
jmm at alioth.debian.org
Fri Jul 6 06:10:55 UTC 2012
Author: jmm
Date: 2012-07-06 06:10:55 +0000 (Fri, 06 Jul 2012)
New Revision: 19671
Modified:
data/CVE/list
Log:
new nginx issue (requested CVE ID)
new asterisk issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-07-05 21:14:29 UTC (rev 19670)
+++ data/CVE/list 2012-07-06 06:10:55 UTC (rev 19671)
@@ -1,3 +1,6 @@
+CVE-2012-XXXX [naxsi: file disclosure in nx_extract]
+ - nginx 1.2.1-2
+ [squeeze] - nginx <not-affected> (naxsi package was introduced in 1.1.18-1)
CVE-2012-3847 (slssvc.exe in Invensys Wonderware SuiteLink in Invensys InTouch 2012 ...)
TODO: check
CVE-2012-3846 (Cross-site scripting (XSS) vulnerability in index.php in PHP-pastebin ...)
@@ -35,9 +38,9 @@
CVE-2012-3830 (Cross-site scripting (XSS) vulnerability in decoda/templates/video.php ...)
TODO: check
CVE-2012-3829 (Joomla! 2.5.3 allows remote attackers to obtain the installation path ...)
- TODO: check
+ - joomla <itp> (bug #571794)
CVE-2012-3828 (Cross-site scripting (XSS) vulnerability in Joomla! 2.5.3 allows ...)
- TODO: check
+ - joomla <itp> (bug #571794)
CVE-2012-3827
RESERVED
CVE-2011-5096 (Stack-based buffer overflow in cstore.exe in the Media Application ...)
@@ -83,8 +86,11 @@
NOT-FOR-US: Wordpress plugin
CVE-2012-3813
RESERVED
-CVE-2012-3812
+CVE-2012-XXXX [AST-2012-010: Possible resource leak on uncompleted re-invite transactions]
+ - asterisk <unfixed>
+CVE-2012-3812 [AST-2012-011: Remote crash vulnerability in voice mail application]
RESERVED
+ - asterisk <unfixed>
CVE-2012-3811 (Unrestricted file upload vulnerability in ImageUpload.ashx in the ...)
TODO: check
CVE-2012-3810
More information about the Secure-testing-commits
mailing list