[Secure-testing-commits] r19616 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Wed Jun 27 21:14:27 UTC 2012
Author: joeyh
Date: 2012-06-27 21:14:27 +0000 (Wed, 27 Jun 2012)
New Revision: 19616
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-06-27 20:47:02 UTC (rev 19615)
+++ data/CVE/list 2012-06-27 21:14:27 UTC (rev 19616)
@@ -1,3 +1,11 @@
+CVE-2012-3801 (The Advertisement module 6.x-2.x before 6.x-2.3 for Drupal does not ...)
+ TODO: check
+CVE-2012-3800 (Cross-site scripting (XSS) vulnerability in og.js in the Organic ...)
+ TODO: check
+CVE-2012-3799 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+ TODO: check
+CVE-2012-3798 (The Janrain Capture module 6.x-1.0 and 7.x-1.0 for Drupal, when ...)
+ TODO: check
CVE-2012-3797 (Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in ...)
NOT-FOR-US: Pro-face WinGP PC Runtime
CVE-2012-3796 (Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in ...)
@@ -1975,65 +1983,45 @@
RESERVED
CVE-2012-2835
RESERVED
-CVE-2012-2834
- RESERVED
+CVE-2012-2834 (Integer overflow in Google Chrome before 20.0.1132.43 allows remote ...)
- chromium-browser <unfixed>
-CVE-2012-2833
- RESERVED
+CVE-2012-2833 (Buffer overflow in the JS API in the PDF functionality in Google ...)
- chromium-browser <not-affected> (PDF functionality not present in Chromium)
-CVE-2012-2832
- RESERVED
+CVE-2012-2832 (The image-codec implementation in the PDF functionality in Google ...)
- chromium-browser <not-affected> (PDF functionality not present in Chromium)
-CVE-2012-2831
- RESERVED
+CVE-2012-2831 (Use-after-free vulnerability in Google Chrome before 20.0.1132.43 ...)
- chromium-browser <unfixed>
-CVE-2012-2830
- RESERVED
+CVE-2012-2830 (Google Chrome before 20.0.1132.43 does not properly set array values, ...)
- chromium-browser <unfixed>
-CVE-2012-2829
- RESERVED
+CVE-2012-2829 (Use-after-free vulnerability in the Cascading Style Sheets (CSS) ...)
- chromium-browser <unfixed>
-CVE-2012-2828
- RESERVED
+CVE-2012-2828 (Multiple integer overflows in the PDF functionality in Google Chrome ...)
- chromium-browser <not-affected> (PDF functionality not present in Chromium)
-CVE-2012-2827
- RESERVED
+CVE-2012-2827 (Use-after-free vulnerability in the UI in Google Chrome before ...)
- chromium-browser <not-affected> (MacOS specific)
-CVE-2012-2826
- RESERVED
+CVE-2012-2826 (Google Chrome before 20.0.1132.43 does not properly implement texture ...)
- chromium-browser <unfixed>
-CVE-2012-2825
- RESERVED
+CVE-2012-2825 (The XSL implementation in Google Chrome before 20.0.1132.43 allows ...)
- libxslt <unfixed> (bug #679283)
-CVE-2012-2824
- RESERVED
+CVE-2012-2824 (Use-after-free vulnerability in Google Chrome before 20.0.1132.43 ...)
- chromium-browser <unfixed>
-CVE-2012-2823
- RESERVED
+CVE-2012-2823 (Use-after-free vulnerability in Google Chrome before 20.0.1132.43 ...)
- chromium-browser <unfixed>
-CVE-2012-2822
- RESERVED
+CVE-2012-2822 (The PDF functionality in Google Chrome before 20.0.1132.43 allows ...)
- chromium-browser <not-affected> (PDF functionality not present in Chromium)
-CVE-2012-2821
- RESERVED
+CVE-2012-2821 (The autofill implementation in Google Chrome before 20.0.1132.43 does ...)
- chromium-browser <unfixed>
-CVE-2012-2820
- RESERVED
+CVE-2012-2820 (Google Chrome before 20.0.1132.43 does not properly implement SVG ...)
- chromium-browser <unfixed>
-CVE-2012-2819
- RESERVED
+CVE-2012-2819 (The texSubImage2D implementation in the WebGL subsystem in Google ...)
- chromium-browser <unfixed>
-CVE-2012-2818
- RESERVED
+CVE-2012-2818 (Use-after-free vulnerability in Google Chrome before 20.0.1132.43 ...)
- chromium-browser <unfixed>
-CVE-2012-2817
- RESERVED
+CVE-2012-2817 (Use-after-free vulnerability in Google Chrome before 20.0.1132.43 ...)
- chromium-browser <unfixed>
-CVE-2012-2816
- RESERVED
+CVE-2012-2816 (Google Chrome before 20.0.1132.43 on Windows does not properly isolate ...)
- chromium-browser <unfixed>
-CVE-2012-2815
- RESERVED
+CVE-2012-2815 (Google Chrome before 20.0.1132.43 allows remote attackers to obtain ...)
- chromium-browser <unfixed>
CVE-2012-2814
RESERVED
@@ -2049,8 +2037,7 @@
RESERVED
CVE-2012-2808
RESERVED
-CVE-2012-2807
- RESERVED
+CVE-2012-2807 (Multiple integer overflows in libxml2, as used in Google Chrome before ...)
- libxml2 <unfixed> (bug #679280)
NOTE: http://git.chromium.org/gitweb/?p=chromium/src.git;a=patch;h=f183580d61c054f7f6bb35cfe29e1b342390fbebcd
CVE-2012-2806
@@ -2137,8 +2124,7 @@
RESERVED
CVE-2012-2765
RESERVED
-CVE-2012-2764
- RESERVED
+CVE-2012-2764 (Untrusted search path vulnerability in Google Chrome before ...)
- chromium-browser <not-affected> (Windows specific)
CVE-2012-2763
RESERVED
@@ -2235,73 +2221,73 @@
CVE-2012-2733
RESERVED
CVE-2012-2732
- RESERVED
-CVE-2012-2731
- RESERVED
-CVE-2012-2730
- RESERVED
-CVE-2012-2729
- RESERVED
-CVE-2012-2728
- RESERVED
-CVE-2012-2727
- RESERVED
-CVE-2012-2726
- RESERVED
-CVE-2012-2725
- RESERVED
+ REJECTED
+CVE-2012-2731 (The Ubercart AJAX Cart 6.x-2.x before 6.x-2.1 for Drupal stores the ...)
+ TODO: check
+CVE-2012-2730 (The Protected Node module 6.x-1.x before 6.x-1.6 for Drupal does not ...)
+ TODO: check
+CVE-2012-2729 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+ TODO: check
+CVE-2012-2728 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Node ...)
+ TODO: check
+CVE-2012-2727 (Open redirect vulnerability in the Janrain Capture module 6.x-1.0 and ...)
+ TODO: check
+CVE-2012-2726 (Cross-site scripting (XSS) vulnerability in the Protest module 6.x-1.x ...)
+ TODO: check
+CVE-2012-2725 (classes/Filter/WhitelistedExternalFilter.php in the Authoring HTML ...)
+ TODO: check
CVE-2012-2724
RESERVED
-CVE-2012-2723
- RESERVED
-CVE-2012-2722
- RESERVED
-CVE-2012-2721
- RESERVED
-CVE-2012-2720
- RESERVED
-CVE-2012-2719
- RESERVED
+CVE-2012-2723 (Cross-site scripting (XSS) vulnerability in the Maestro module 7.x-1.x ...)
+ TODO: check
+CVE-2012-2722 (The node selection interface in the WYSIWYG editor (CKEditor) in the ...)
+ TODO: check
+CVE-2012-2721 (The default views in the Organic Groups (OG) module 6.x-2.x before ...)
+ TODO: check
+CVE-2012-2720 (The Token Authentication (tokenauth) module 6.x-1.x before 6.x-1.7 for ...)
+ TODO: check
+CVE-2012-2719 (The filedepot module 6.x-1.x before 6.x-1.3 for Drupal, when accessed ...)
+ TODO: check
CVE-2012-2718 (SQL injection vulnerability in the Counter module for Drupal allows ...)
NOT-FOR-US: Drupal module
CVE-2012-2717
RESERVED
CVE-2012-2716 (Cross-site request forgery (CSRF) vulnerability in the Comment ...)
NOT-FOR-US: Drupal module
-CVE-2012-2715
- RESERVED
+CVE-2012-2715 (Cross-site scripting (XSS) vulnerability in the themes_links function ...)
+ TODO: check
CVE-2012-2714
RESERVED
-CVE-2012-2713
- RESERVED
-CVE-2012-2712
- RESERVED
-CVE-2012-2711
- RESERVED
-CVE-2012-2710
- RESERVED
+CVE-2012-2713 (Cross-site request forgery (CSRF) vulnerability in the BrowserID ...)
+ TODO: check
+CVE-2012-2712 (Multiple cross-site scripting (XSS) vulnerabilities in the Search API ...)
+ TODO: check
+CVE-2012-2711 (Multiple cross-site scripting (XSS) vulnerabilities in the Taxonomy ...)
+ TODO: check
+CVE-2012-2710 (Cross-site scripting (XSS) vulnerability in the Zen module 6.x-1.x ...)
+ TODO: check
CVE-2012-2709
RESERVED
-CVE-2012-2708
- RESERVED
-CVE-2012-2707
- RESERVED
-CVE-2012-2706
- RESERVED
-CVE-2012-2705
- RESERVED
+CVE-2012-2708 (Cross-site scripting (XSS) vulnerability in the ...)
+ TODO: check
+CVE-2012-2707 (The Hostmaster (Aegir) module 6.x-1.x before 6.x-1.9 for Drupal does ...)
+ TODO: check
+CVE-2012-2706 (Cross-site scripting (XSS) vulnerability in the Post Affiliate Pro ...)
+ TODO: check
+CVE-2012-2705 (The filter_titles function in the Smart Breadcrumb module 6.x-1.x ...)
+ TODO: check
CVE-2012-2704
RESERVED
-CVE-2012-2703
- RESERVED
-CVE-2012-2702
- RESERVED
+CVE-2012-2703 (Cross-site scripting (XSS) vulnerability in the Advertisement module ...)
+ TODO: check
+CVE-2012-2702 (The Ubercart Product Keys module 6.x-1.x before 6.x-1.1 for Drupal ...)
+ TODO: check
CVE-2012-2701
- RESERVED
+ REJECTED
CVE-2012-2700
- RESERVED
+ REJECTED
CVE-2012-2699
- RESERVED
+ REJECTED
CVE-2012-2698 [mediawiki uselang XSS]
RESERVED
[squeeze] - mediawiki <not-affected> (bug #677895; only affects experimental version 1.9.0)
@@ -2472,7 +2458,8 @@
RESERVED
CVE-2012-2640
RESERVED
-CVE-2012-2639 (The list_directory function in Lib/SimpleHTTPServer.py in ...)
+CVE-2012-2639
+ REJECTED
NOTE: Duplicate with CVE-2011-4940 http://www.openwall.com/lists/oss-security/2012/06/26/3
CVE-2012-2638 (Cross-site scripting (XSS) vulnerability in SmallPICT.cgi in SmallPICT ...)
NOT-FOR-US: SmallPICT
@@ -3653,8 +3640,8 @@
RESERVED
CVE-2012-2201
RESERVED
-CVE-2012-2200
- RESERVED
+CVE-2012-2200 (The default configuration of sendmail in IBM AIX 6.1 and 7.1, and VIOS ...)
+ TODO: check
CVE-2012-2199
RESERVED
CVE-2012-2198
@@ -3858,8 +3845,7 @@
CVE-2012-2123 (The cap_bprm_set_creds function in security/commoncap.c in the Linux ...)
{DSA-2469-1}
- linux-2.6 3.2.16-1
-CVE-2012-2122 [mysql authentication bypass]
- RESERVED
+CVE-2012-2122 (sql/password.c in Oracle MySQL 5.1.x before 5.1.63, 5.5.x before ...)
{DSA-2496-1}
- mysql-5.1 <unfixed> (bug #677018)
- mysql-5.5 5.5.24+dfsg-1
@@ -8795,8 +8781,7 @@
CVE-2011-4941
RESERVED
NOT-FOR-US: piwik
-CVE-2011-4940 [python: potential XSS in SimpleHTTPServer's list_directory()]
- RESERVED
+CVE-2011-4940 (The list_directory function in Lib/SimpleHTTPServer.py in ...)
- python2.7 2.7.2-8 (unimportant)
- python2.6 <unfixed> (unimportant; bug #664135)
- python2.5 <removed> (unimportant)
More information about the Secure-testing-commits
mailing list