[Secure-testing-commits] r19462 - data/CVE

[Henri Salo]

Author: fgeek-guest
Date: 2012-06-09 10:54:59 +0000 (Sat, 09 Jun 2012)
New Revision: 19462

Modified:
   data/CVE/list
Log:
Added details and bug-report number for Collabtive CVE-2012-2670.

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-06-09 10:09:54 UTC (rev 19461)
+++ data/CVE/list	2012-06-09 10:54:59 UTC (rev 19462)
@@ -1369,8 +1369,12 @@
 CVE-2012-2671
 	RESERVED
 	NOT-FOR-US: rake-cache
-CVE-2012-2670
+CVE-2012-2670 [Arbitrary File Upload/Execution in Collabtive]
 	RESERVED
+	- collabtive 0.7.6-1 (bug #676311)
+	NOTE: http://www.securityfocus.com/archive/1/522973/30/0/threaded
+	NOTE: http://xync.org/2012/06/04/Arbitrary-File-Upload-in-Collabtive.html
+	NOTE: http://www.collabtive.o-dyn.de/blog/?p=426
 CVE-2012-2669 [hyper-v daemon fails to check origin of netlink messages]
 	RESERVED
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=761200