[Secure-testing-commits] r19478 - data/CVE

Tue Jun 12 21:15:00 UTC 2012

Author: joeyh
Date: 2012-06-12 21:15:00 +0000 (Tue, 12 Jun 2012)
New Revision: 19478

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2012-06-12 19:19:04 UTC (rev 19477)
+++ data/CVE/list	2012-06-12 21:15:00 UTC (rev 19478)
@@ -1,3 +1,11 @@
+CVE-2012-3345
+	RESERVED
+CVE-2012-3344
+	RESERVED
+CVE-2012-3343 (Cross-site request forgery (CSRF) vulnerability in Microdasys before ...)
+	TODO: check
+CVE-2010-5141
+	RESERVED
 CVE-2012-3342
 	RESERVED
 CVE-2012-3341
@@ -681,8 +689,8 @@
 	RESERVED
 CVE-2012-3004
 	RESERVED
-CVE-2012-3003
-	RESERVED
+CVE-2012-3003 (Open redirect vulnerability in an unspecified web application in ...)
+	TODO: check
 CVE-2012-3002
 	RESERVED
 CVE-2012-3001
@@ -769,8 +777,8 @@
 	RESERVED
 CVE-2012-2960
 	RESERVED
-CVE-2012-2959
-	RESERVED
+CVE-2012-2959 (Cross-site request forgery (CSRF) vulnerability in ...)
+	TODO: check
 CVE-2012-2958
 	RESERVED
 CVE-2012-2957
@@ -792,8 +800,10 @@
 CVE-2012-2949 (The ZTE sync_agent program for Android 2.3.4 on the Score M device ...)
 	NOT-FOR-US: Android
 CVE-2012-2948 (chan_skinny.c in the Skinny (aka SCCP) channel driver in Certified ...)
+	{DSA-2493-1}
 	- asterisk 1:1.8.13.0~dfsg-1 (bug #675210)
 CVE-2012-2947 (chan_iax2.c in the IAX2 channel driver in Certified Asterisk ...)
+	{DSA-2493-1}
 	- asterisk 1:1.8.13.0~dfsg-1 (bug #675204)
 CVE-2012-2946
 	RESERVED
@@ -1550,8 +1560,8 @@
 	RESERVED
 CVE-2012-2604
 	RESERVED
-CVE-2012-2603
-	RESERVED
+CVE-2012-2603 (The server in CollabNet ScrumWorks Pro before 6.0 allows remote ...)
+	TODO: check
 CVE-2012-2602
 	RESERVED
 CVE-2012-2601
@@ -1560,14 +1570,14 @@
 	RESERVED
 CVE-2012-2599
 	RESERVED
-CVE-2012-2598
-	RESERVED
-CVE-2012-2597
-	RESERVED
-CVE-2012-2596
-	RESERVED
-CVE-2012-2595
-	RESERVED
+CVE-2012-2598 (Buffer overflow in the DiagAgent web server in Siemens WinCC 7.0 SP3 ...)
+	TODO: check
+CVE-2012-2597 (Multiple directory traversal vulnerabilities in Siemens WinCC 7.0 SP3 ...)
+	TODO: check
+CVE-2012-2596 (The XPath functionality in unspecified web applications in Siemens ...)
+	TODO: check
+CVE-2012-2595 (Multiple cross-site scripting (XSS) vulnerabilities in unspecified web ...)
+	TODO: check
 CVE-2012-2594
 	RESERVED
 CVE-2012-2593
@@ -1624,14 +1634,14 @@
 	NOT-FOR-US: Seagate BlackArmor
 CVE-2012-2567 (The Xelex MobileTrack application 2.3.7 and earlier for Android uses ...)
 	NOT-FOR-US: Xelex MobileTrack application
-CVE-2012-2566
-	RESERVED
-CVE-2012-2565
-	RESERVED
-CVE-2012-2564
-	RESERVED
-CVE-2012-2563
-	RESERVED
+CVE-2012-2566 (Bloxx Web Filtering before 5.0.14 does not properly interpret ...)
+	TODO: check
+CVE-2012-2565 (Bloxx Web Filtering before 5.0.14 does not use a salt during ...)
+	TODO: check
+CVE-2012-2564 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+	TODO: check
+CVE-2012-2563 (Multiple cross-site scripting (XSS) vulnerabilities in Bloxx Web ...)
+	TODO: check
 CVE-2012-2562 (The Xelex MobileTrack application 2.3.7 and earlier for Android does ...)
 	NOT-FOR-US: Xelex MobileTrack application
 CVE-2012-2561 (HP Business Service Management (BSM) 9.12 does not properly restrict ...)
@@ -3116,25 +3126,19 @@
 	NOT-FOR-US: Adobe Illustrator
 CVE-2012-2041
 	RESERVED
-CVE-2012-2040
-	RESERVED
-CVE-2012-2039
-	RESERVED
+CVE-2012-2040 (Untrusted search path vulnerability in the installer in Adobe Flash ...)
+	TODO: check
+CVE-2012-2039 (Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on ...)
 	NOT-FOR-US: Adobe Flash
-CVE-2012-2038
-	RESERVED
+CVE-2012-2038 (Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on ...)
 	NOT-FOR-US: Adobe Flash
-CVE-2012-2037
-	RESERVED
+CVE-2012-2037 (Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on ...)
 	NOT-FOR-US: Adobe Flash
-CVE-2012-2036
-	RESERVED
+CVE-2012-2036 (Integer overflow in Adobe Flash Player before 10.3.183.20 and 11.x ...)
 	NOT-FOR-US: Adobe Flash
-CVE-2012-2035
-	RESERVED
+CVE-2012-2035 (Stack-based buffer overflow in Adobe Flash Player before 10.3.183.20 ...)
 	NOT-FOR-US: Adobe Flash
-CVE-2012-2034
-	RESERVED
+CVE-2012-2034 (Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on ...)
 	NOT-FOR-US: Adobe Flash
 CVE-2012-2033 (Adobe Shockwave Player before 11.6.5.635 allows attackers to execute ...)
 	NOT-FOR-US: Adobe Shockwave Player
@@ -3576,10 +3580,10 @@
 	RESERVED
 CVE-2012-1827
 	RESERVED
-CVE-2012-1826
-	RESERVED
-CVE-2012-1825
-	RESERVED
+CVE-2012-1826 (dotCMS 1.9 before 1.9.5.1 allows remote authenticated users to execute ...)
+	TODO: check
+CVE-2012-1825 (Multiple cross-site scripting (XSS) vulnerabilities in the status ...)
+	TODO: check
 CVE-2012-1824 (Untrusted search path vulnerability in Measuresoft ScadaPro Client ...)
 	NOT-FOR-US: Measuresoft ScadaPro
 CVE-2012-1823 (sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when ...)
@@ -3596,16 +3600,16 @@
 	- quagga <unfixed> (bug #676510)
 CVE-2012-1819 (Untrusted search path vulnerability in WellinTech KingView 6.53 allows ...)
 	NOT-FOR-US: WellinTech KingView
-CVE-2012-1818
-	RESERVED
-CVE-2012-1817
-	RESERVED
-CVE-2012-1816
-	RESERVED
-CVE-2012-1815
-	RESERVED
-CVE-2012-1814
-	RESERVED
+CVE-2012-1818 (An unspecified ActiveX control in Emerson DeltaV and DeltaV ...)
+	TODO: check
+CVE-2012-1817 (Buffer overflow in Emerson DeltaV and DeltaV Workstations 9.3.1, ...)
+	TODO: check
+CVE-2012-1816 (PORTSERV.exe in Emerson DeltaV and DeltaV Workstations 9.3.1, 10.3.1, ...)
+	TODO: check
+CVE-2012-1815 (SQL injection vulnerability in Emerson DeltaV and DeltaV Workstations ...)
+	TODO: check
+CVE-2012-1814 (Cross-site scripting (XSS) vulnerability in Emerson DeltaV and DeltaV ...)
+	TODO: check
 CVE-2012-1813
 	RESERVED
 CVE-2012-1812


