[Secure-testing-commits] r19486 - data/CVE

Thu Jun 14 21:14:21 UTC 2012

Author: joeyh
Date: 2012-06-14 21:14:20 +0000 (Thu, 14 Jun 2012)
New Revision: 19486

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2012-06-14 20:07:50 UTC (rev 19485)
+++ data/CVE/list	2012-06-14 21:14:20 UTC (rev 19486)
@@ -1,3 +1,15 @@
+CVE-2012-3352
+	RESERVED
+CVE-2012-3351
+	RESERVED
+CVE-2012-3350
+	RESERVED
+CVE-2012-3349
+	RESERVED
+CVE-2012-3348
+	RESERVED
+CVE-2012-3347 (AutoFORM PDM Archive before 7.0 implements user accounts in a way that ...)
+	TODO: check
 CVE-2012-3346
 	RESERVED
 CVE-2012-3345
@@ -118,8 +130,7 @@
 	RESERVED
 CVE-2012-3288
 	RESERVED
-CVE-2012-3287
-	RESERVED
+CVE-2012-3287 (Poul-Henning Kamp md5crypt has insufficient algorithmic complexity and ...)
 	NOT-FOR-US: md5crypt
 CVE-2012-3286
 	RESERVED
@@ -1562,12 +1573,12 @@
 	RESERVED
 CVE-2012-2607
 	RESERVED
-CVE-2012-2606
-	RESERVED
-CVE-2012-2605
-	RESERVED
-CVE-2012-2604
-	RESERVED
+CVE-2012-2606 (The agent in Bradford Network Sentry before 5.3.3 does not require ...)
+	TODO: check
+CVE-2012-2605 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+	TODO: check
+CVE-2012-2604 (Multiple cross-site scripting (XSS) vulnerabilities in GuestAccess.jsp ...)
+	TODO: check
 CVE-2012-2603 (The server in CollabNet ScrumWorks Pro before 6.0 allows remote ...)
 	TODO: check
 CVE-2012-2602
@@ -3190,8 +3201,8 @@
 	RESERVED
 CVE-2012-2012
 	RESERVED
-CVE-2012-2011
-	RESERVED
+CVE-2012-2011 (Multiple cross-site scripting (XSS) vulnerabilities in HP Web Jetadmin ...)
+	TODO: check
 CVE-2012-2010 (The ACMELOGIN implementation in HP OpenVMS 8.3 and 8.4 on the Alpha ...)
 	NOT-FOR-US: OpenVMS
 CVE-2012-2009 (Unspecified vulnerability in HP Performance Insight for Networks ...)
@@ -3485,7 +3496,7 @@
 	TODO: check
 CVE-2012-1877 (Microsoft Internet Explorer 6 through 9 does not properly handle ...)
 	TODO: check
-CVE-2012-1876 (Microsoft Internet Explorer 6 through 9 does not properly handle ...)
+CVE-2012-1876 (Microsoft Internet Explorer 6 through 9, and 10 Consumer Preview, does ...)
 	TODO: check
 CVE-2012-1875 (Microsoft Internet Explorer 8 does not properly handle objects in ...)
 	TODO: check
@@ -3580,12 +3591,12 @@
 	RESERVED
 CVE-2012-1830
 	RESERVED
-CVE-2012-1829
-	RESERVED
-CVE-2012-1828
-	RESERVED
-CVE-2012-1827
-	RESERVED
+CVE-2012-1829 (Multiple cross-site scripting (XSS) vulnerabilities in AutoFORM PDM ...)
+	TODO: check
+CVE-2012-1828 (The administrative functions in AutoFORM PDM Archive before 7.1 do not ...)
+	TODO: check
+CVE-2012-1827 (The web service in AutoFORM PDM Archive before 7.1 does not have ...)
+	TODO: check
 CVE-2012-1826 (dotCMS 1.9 before 1.9.5.1 allows remote authenticated users to execute ...)
 	TODO: check
 CVE-2012-1825 (Multiple cross-site scripting (XSS) vulnerabilities in the status ...)
@@ -3601,8 +3612,7 @@
 	RESERVED
 CVE-2012-1821 (The Network Threat Protection module in the Manager component in ...)
 	NOT-FOR-US: Symantec Endpoint Protection on Windows Server 2003
-CVE-2012-1820
-	RESERVED
+CVE-2012-1820 (The bgp_capability_orf function in bgpd in Quagga 0.99.20.1 and ...)
 	- quagga <unfixed> (bug #676510)
 CVE-2012-1819 (Untrusted search path vulnerability in WellinTech KingView 6.53 allows ...)
 	NOT-FOR-US: WellinTech KingView
@@ -4290,7 +4300,8 @@
 	RESERVED
 CVE-2012-1545 (Microsoft Internet Explorer 6 through 9, and 10 Consumer Preview, ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2012-1544 (Heap-based buffer overflow in Microsoft Internet Explorer 6 through 9, ...)
+CVE-2012-1544
+	REJECTED
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2012-1543
 	RESERVED
@@ -5953,8 +5964,10 @@
 	- ffmpeg <removed>
 CVE-2012-0852
 	RESERVED
+	{DSA-2494-1}
 CVE-2012-0851
 	RESERVED
+	{DSA-2494-1}
 	- libav 6:0.8.3-1
 	- ffmpeg <removed>
 CVE-2012-0850
@@ -11548,10 +11561,12 @@
 	- webkit <undetermined>
 CVE-2011-3952
 	RESERVED
+	{DSA-2494-1}
 	- libav 4:0.8.1-1
 	- ffmpeg <removed>
 CVE-2011-3951
 	RESERVED
+	{DSA-2494-1}
 	- libav 4:0.8.1-1
 	- ffmpeg <removed>
 CVE-2011-3950
@@ -15768,8 +15783,8 @@
 	NOT-FOR-US: Cisco SA 500 series appliances management interface
 CVE-2011-2546 (SQL injection vulnerability in the web-based management interface on ...)
 	NOT-FOR-US: Cisco SA 500 series appliances management interface
-CVE-2011-2545
-	RESERVED
+CVE-2011-2545 (Cross-site scripting (XSS) vulnerability in the SIP implementation on ...)
+	TODO: check
 CVE-2011-2544 (Cross-site scripting (XSS) vulnerability in the web interface in Cisco ...)
 	NOT-FOR-US: Cisco
 CVE-2011-2543 (Buffer overflow in the cuil component in Cisco Telepresence System ...)


