[Secure-testing-commits] r18684 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Thu Mar 15 21:14:35 UTC 2012
Author: joeyh
Date: 2012-03-15 21:14:34 +0000 (Thu, 15 Mar 2012)
New Revision: 18684
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-03-15 20:00:38 UTC (rev 18683)
+++ data/CVE/list 2012-03-15 21:14:34 UTC (rev 18684)
@@ -1,3 +1,7 @@
+CVE-2012-1665
+ RESERVED
+CVE-2012-1664
+ RESERVED
CVE-2012-1663 (Double free vulnerability in libgnutls in GnuTLS before 3.0.14 allows ...)
TODO: check
CVE-2012-1662
@@ -996,8 +1000,7 @@
NOTE: http://seclists.org/oss-sec/2012/q1/644
CVE-2012-1179
RESERVED
-CVE-2012-1178 [pidgin: Possible MSN remote crash]
- RESERVED
+CVE-2012-1178 (The msn_oim_report_to_user function in oim.c in the MSN protocol ...)
- pidgin 2.10.2-1 (bug #664030)
NOTE: http://pidgin.im/news/security/?id=61
CVE-2012-1177 [libgdata did not verify SSL]
@@ -2772,71 +2775,60 @@
RESERVED
CVE-2012-0465
RESERVED
-CVE-2012-0464
- RESERVED
+CVE-2012-0464 (Use-after-free vulnerability in the browser engine in Mozilla Firefox ...)
- icedove <unfixed>
[squeeze] - icedove <not-affected> (Vulnerable code not present)
- iceweasel 10.0.3esr-1
[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
- iceape <unfixed>
[squeeze] - iceape <not-affected> (Vulnerable code not present)
-CVE-2012-0463
- RESERVED
+CVE-2012-0463 (The nsWindow implementation in the browser engine in Mozilla Firefox ...)
- iceweasel <not-affected> (Only affects Firefox Mobile on Android)
-CVE-2012-0462
- RESERVED
+CVE-2012-0462 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
- icedove <unfixed>
[squeeze] - icedove <not-affected> (Vulnerable code not present)
- iceweasel 10.0.3esr-1
[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
- iceape <unfixed>
[squeeze] - iceape <not-affected> (Vulnerable code not present)
-CVE-2012-0461
- RESERVED
+CVE-2012-0461 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
- icedove <unfixed>
- iceweasel 10.0.3esr-1
- iceape <unfixed>
-CVE-2012-0460
- RESERVED
+CVE-2012-0460 (Mozilla Firefox 4.x through 10.0, Firefox ESR 10.x before 10.0.3, ...)
- icedove <unfixed>
[squeeze] - icedove <not-affected> (Vulnerable code not present)
- iceweasel 10.0.3esr-1
[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
- iceape <unfixed>
[squeeze] - iceape <not-affected> (Vulnerable code not present)
-CVE-2012-0459
- RESERVED
+CVE-2012-0459 (The Cascading Style Sheets (CSS) implementation in Mozilla Firefox 4.x ...)
- icedove <unfixed>
[squeeze] - icedove <not-affected> (Vulnerable code not present)
- iceweasel 10.0.3esr-1
[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
- iceape <unfixed>
[squeeze] - iceape <not-affected> (Vulnerable code not present)
-CVE-2012-0458
- RESERVED
+CVE-2012-0458 (Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x ...)
- icedove <unfixed>
- iceweasel 10.0.3esr-1
- iceape <unfixed>
-CVE-2012-0457
- RESERVED
+CVE-2012-0457 (Use-after-free vulnerability in the ...)
- icedove <unfixed>
[squeeze] - icedove <not-affected> (Vulnerable code not present)
- iceweasel 10.0.3esr-1
[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
- iceape <unfixed>
[squeeze] - iceape <not-affected> (Vulnerable code not present)
-CVE-2012-0456
- RESERVED
+CVE-2012-0456 (The SVG Filters implementation in Mozilla Firefox before 3.6.28 and ...)
- icedove <unfixed>
- iceweasel 10.0.3esr-1
- iceape <unfixed>
-CVE-2012-0455
- RESERVED
+CVE-2012-0455 (Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x ...)
- icedove <unfixed>
- iceweasel 10.0.3esr-1
- iceape <unfixed>
-CVE-2012-0454
- RESERVED
+CVE-2012-0454 (Use-after-free vulnerability in Mozilla Firefox 4.x through 10.0, ...)
- iceweasel <not-affected> (Only affects Firefox on Windows)
CVE-2012-0453 (Cross-site request forgery (CSRF) vulnerability in xmlrpc.cgi in ...)
- bugzilla <removed>
@@ -2846,8 +2838,7 @@
- iceweasel 10.0.1-1
[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 10)
- iceape <not-affected> (Vulnerable version never uploaded to the archive)
-CVE-2012-0451
- RESERVED
+CVE-2012-0451 (CRLF injection vulnerability in Mozilla Firefox 4.x through 10.0, ...)
- icedove <unfixed>
[squeeze] - icedove <not-affected> (CSP introduced in Thunderbird 3.3)
- iceweasel 10.0.3esr-1
@@ -2992,8 +2983,8 @@
RESERVED
CVE-2012-0405
RESERVED
-CVE-2012-0404
- RESERVED
+CVE-2012-0404 (Cross-site scripting (XSS) vulnerability in EMC Documentum eRoom ...)
+ TODO: check
CVE-2012-0403
RESERVED
CVE-2012-0402
@@ -3004,8 +2995,8 @@
RESERVED
CVE-2012-0399
RESERVED
-CVE-2012-0398
- RESERVED
+CVE-2012-0398 (EMC Documentum eRoom before 7.4.4 does not properly validate session ...)
+ TODO: check
CVE-2012-0397 (Buffer overflow in EMC RSA SecurID Software Token Converter before ...)
NOT-FOR-US: EMC RSA SecurID Software Token Converter
CVE-2012-0396 (EMC Documentum xPlore 1.0, 1.1 before P07, and 1.2 does not properly ...)
@@ -3097,18 +3088,18 @@
RESERVED
CVE-2012-0359 (The Cisco Cius with software before 9.2(1) SR2 allows remote attackers ...)
NOT-FOR-US: Cisco Cius
-CVE-2012-0358
- RESERVED
+CVE-2012-0358 (Buffer overflow in the Cisco Port Forwarder ActiveX control in ...)
+ TODO: check
CVE-2012-0357
RESERVED
-CVE-2012-0356
- RESERVED
-CVE-2012-0355
- RESERVED
-CVE-2012-0354
- RESERVED
-CVE-2012-0353
- RESERVED
+CVE-2012-0356 (Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ...)
+ TODO: check
+CVE-2012-0355 (Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ...)
+ TODO: check
+CVE-2012-0354 (The Threat Detection feature on Cisco Adaptive Security Appliances ...)
+ TODO: check
+CVE-2012-0353 (The UDP inspection engine on Cisco Adaptive Security Appliances (ASA) ...)
+ TODO: check
CVE-2012-0352 (Cisco NX-OS 4.2.x before 4.2(1)SV1(5.1) on Nexus 1000v series ...)
NOT-FOR-US: Cisco NX-OS
CVE-2012-0351
@@ -3593,8 +3584,7 @@
- python2.6 <unfixed> (low; bug #664135)
- python2.5 <removed>
NOTE: http://www.openwall.com/lists/oss-security/2012/03/14/11
-CVE-2011-4939 [XMPP remote crash]
- RESERVED
+CVE-2011-4939 (The pidgin_conv_chat_rename_user function in gtkconv.c in Pidgin ...)
- pidgin <unfixed> (bug #664028)
[squeeze] - pidgin <not-affected> (vulnerable code not present)
NOTE: http://pidgin.im/news/security/?id=60
More information about the Secure-testing-commits
mailing list