[Secure-testing-commits] r20489 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Wed Nov 14 21:14:22 UTC 2012
Author: joeyh
Date: 2012-11-14 21:14:22 +0000 (Wed, 14 Nov 2012)
New Revision: 20489
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-11-14 16:11:59 UTC (rev 20488)
+++ data/CVE/list 2012-11-14 21:14:22 UTC (rev 20489)
@@ -1,3 +1,5 @@
+CVE-2012-5860 (Unspecified vulnerability on Oberthur ID-One COSMO 5.2, 5.2a, and 64 ...)
+ TODO: check
CVE-2012-XXXX [xscreensaver lock bypass]
- libpam-rsa <unfixed> (high; bug #693087)
CVE-2012-5859
@@ -744,9 +746,11 @@
CVE-2012-5524
RESERVED
CVE-2012-5523 [mantis: information disclosure]
+ RESERVED
TODO: check
NOTE: http://www.mantisbt.org/bugs/view.php?id=14704
CVE-2012-5522 [mantis: information disclosure]
+ RESERVED
TODO: check
NOTE: http://www.mantisbt.org/bugs/view.php?id=14496
CVE-2012-5521
@@ -942,10 +946,10 @@
RESERVED
CVE-2012-5460
RESERVED
-CVE-2012-5459
- RESERVED
-CVE-2012-5458
- RESERVED
+CVE-2012-5459 (Untrusted search path vulnerability in VMware Workstation 8.x before ...)
+ TODO: check
+CVE-2012-5458 (VMware Workstation 8.x before 8.0.5 and VMware Player 4.x before 4.0.5 ...)
+ TODO: check
CVE-2012-5457
RESERVED
CVE-2012-5456 (The Zoner AntiVirus Free application for Android does not verify that ...)
@@ -2088,18 +2092,18 @@
RESERVED
CVE-2012-4954
RESERVED
-CVE-2012-4953
- RESERVED
+CVE-2012-4953 (The decomposer engine in Symantec Endpoint Protection (SEP) 11.0, ...)
+ TODO: check
CVE-2012-4952
RESERVED
CVE-2012-4951
RESERVED
CVE-2012-4950
RESERVED
-CVE-2012-4949
- RESERVED
-CVE-2012-4948
- RESERVED
+CVE-2012-4949 (SQL injection vulnerability in ESRI ArcGIS 10.1 allows remote ...)
+ TODO: check
+CVE-2012-4948 (The default configuration of Fortinet Fortigate UTM appliances uses ...)
+ TODO: check
CVE-2012-4947
RESERVED
CVE-2012-4946
@@ -2338,20 +2342,20 @@
RESERVED
CVE-2012-4854
RESERVED
-CVE-2012-4853
- RESERVED
+CVE-2012-4853 (Cross-site request forgery (CSRF) vulnerability in IBM WebSphere ...)
+ TODO: check
CVE-2012-4852
RESERVED
-CVE-2012-4851
- RESERVED
-CVE-2012-4850
- RESERVED
+CVE-2012-4851 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Application ...)
+ TODO: check
+CVE-2012-4850 (IBM WebSphere Application Server 8.5 Liberty Profile before 8.5.0.1, ...)
+ TODO: check
CVE-2012-4849
RESERVED
CVE-2012-4848
RESERVED
-CVE-2012-4847
- RESERVED
+CVE-2012-4847 (IBM Cognos Business Intelligence (BI) 8.4 and 8.4.1 allows remote ...)
+ TODO: check
CVE-2012-4846
RESERVED
CVE-2012-4845 (The FTP client in AIX 6.1 and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, does ...)
@@ -2490,12 +2494,12 @@
RESERVED
CVE-2012-4778
RESERVED
-CVE-2012-4777
- RESERVED
-CVE-2012-4776
- RESERVED
-CVE-2012-4775
- RESERVED
+CVE-2012-4777 (The code-optimization feature in the reflection implementation in ...)
+ TODO: check
+CVE-2012-4776 (The Web Proxy Auto-Discovery (WPAD) functionality in Microsoft .NET ...)
+ TODO: check
+CVE-2012-4775 (Use-after-free vulnerability in Microsoft Internet Explorer 9 allows ...)
+ TODO: check
CVE-2012-4774
RESERVED
CVE-2012-4773 (Multiple cross-site request forgery (CSRF) vulnerabilities in Subrion ...)
@@ -5838,8 +5842,8 @@
- isc-dhcp 4.2.4-2 (bug #686174)
[squeeze] - isc-dhcp <not-affected> (Vulnerable code not present)
[wheezy] - isc-dhcp 4.2.2.dfsg.1-5+deb70u1
-CVE-2012-3569
- RESERVED
+CVE-2012-3569 (Format string vulnerability in VMware OVF Tool 2.1 on Windows, as used ...)
+ TODO: check
CVE-2012-3568 (Opera before 12.00 Beta allows remote attackers to cause a denial of ...)
NOT-FOR-US: Opera
CVE-2012-3567 (Opera before 12.00 Beta allows remote attackers to cause a denial of ...)
@@ -6577,8 +6581,8 @@
RESERVED
CVE-2012-3331
RESERVED
-CVE-2012-3330
- RESERVED
+CVE-2012-3330 (The proxy server in IBM WebSphere Application Server 7.0 before ...)
+ TODO: check
CVE-2012-3329
RESERVED
CVE-2012-3328
@@ -7488,7 +7492,7 @@
RESERVED
CVE-2012-2898
RESERVED
-CVE-2012-2897 (The kernel in Microsoft Windows 7, as used by Google Chrome before ...)
+CVE-2012-2897 (The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows ...)
- chromium-browser <not-affected> (Windows-specific)
CVE-2012-2896 (Integer overflow in the WebGL implementation in Google Chrome before ...)
- chromium-browser <not-affected> (MacOS X-specific)
@@ -8218,8 +8222,8 @@
RESERVED
CVE-2012-2620
RESERVED
-CVE-2012-2619
- RESERVED
+CVE-2012-2619 (The Broadcom BCM4325 and BCM4329 Wi-Fi chips, as used in certain Acer, ...)
+ TODO: check
CVE-2012-2618
RESERVED
CVE-2012-2617
@@ -8351,8 +8355,8 @@
RESERVED
CVE-2012-2554
RESERVED
-CVE-2012-2553
- RESERVED
+CVE-2012-2553 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers ...)
+ TODO: check
CVE-2012-2552 (Cross-site scripting (XSS) vulnerability in the SQL Server Report ...)
NOT-FOR-US: Microsoft SQL Server
CVE-2012-2551 (The server in Kerberos in Microsoft Windows Server 2008 R2 and R2 SP1, ...)
@@ -8371,8 +8375,8 @@
RESERVED
CVE-2012-2544
RESERVED
-CVE-2012-2543
- RESERVED
+CVE-2012-2543 (Stack-based buffer overflow in Microsoft Excel 2007 SP2 and SP3 and ...)
+ TODO: check
CVE-2012-2542
RESERVED
CVE-2012-2541
@@ -8393,12 +8397,12 @@
RESERVED
CVE-2012-2533
RESERVED
-CVE-2012-2532
- RESERVED
-CVE-2012-2531
- RESERVED
-CVE-2012-2530
- RESERVED
+CVE-2012-2532 (Microsoft FTP Service 7.0 and 7.5 for Internet Information Services ...)
+ TODO: check
+CVE-2012-2531 (Microsoft Internet Information Services (IIS) 7.5 uses weak ...)
+ TODO: check
+CVE-2012-2530 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers ...)
+ TODO: check
CVE-2012-2529 (Integer overflow in the kernel in Microsoft Windows XP SP2 and SP3, ...)
NOT-FOR-US: Microsoft Windows
CVE-2012-2528 (Use-after-free vulnerability in Microsoft Word 2003 SP3, 2007 SP2 and ...)
@@ -8419,8 +8423,8 @@
NOT-FOR-US: Microsoft Internet Explorer
CVE-2012-2520 (Cross-site scripting (XSS) vulnerability in Microsoft InfoPath 2007 ...)
NOT-FOR-US: Microsoft Infopath
-CVE-2012-2519
- RESERVED
+CVE-2012-2519 (Untrusted search path vulnerability in Entity Framework in ADO.NET in ...)
+ TODO: check
CVE-2012-2518
RESERVED
CVE-2012-2517
@@ -10115,10 +10119,10 @@
CVE-2012-1586 (mount.cifs in cifs-utils 2.6 allows local users to determine the ...)
- cifs-utils 2:5.3-2 (low; bug #665923)
[squeeze] - cifs-utils <no-dsa> (Minor issue)
-CVE-2012-1896
- RESERVED
-CVE-2012-1895
- RESERVED
+CVE-2012-1896 (Microsoft .NET Framework 2.0 SP2 and 3.5.1 does not properly consider ...)
+ TODO: check
+CVE-2012-1895 (The reflection implementation in Microsoft .NET Framework 1.0 SP3, 1.1 ...)
+ TODO: check
CVE-2012-1894 (Microsoft Office for Mac 2011 uses world-writable permissions for the ...)
NOT-FOR-US: Microsoft Office
CVE-2012-1893 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
@@ -10133,12 +10137,12 @@
NOT-FOR-US: Microsoft XML Core Services
CVE-2012-1888 (Buffer overflow in Microsoft Visio 2010 SP1 and Visio Viewer 2010 SP1 ...)
NOT-FOR-US: Microsoft Visio
-CVE-2012-1887
- RESERVED
-CVE-2012-1886
- RESERVED
-CVE-2012-1885
- RESERVED
+CVE-2012-1887 (Use-after-free vulnerability in Microsoft Excel 2003 SP3, 2007 SP2 and ...)
+ TODO: check
+CVE-2012-1886 (Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 SP1; Excel ...)
+ TODO: check
+CVE-2012-1885 (Heap-based buffer overflow in Microsoft Excel 2003 SP3, 2007 SP2 and ...)
+ TODO: check
CVE-2012-1884
RESERVED
CVE-2012-1883
@@ -10918,10 +10922,10 @@
RESERVED
CVE-2012-1540
RESERVED
-CVE-2012-1539
- RESERVED
-CVE-2012-1538
- RESERVED
+CVE-2012-1539 (Use-after-free vulnerability in Microsoft Internet Explorer 9 allows ...)
+ TODO: check
+CVE-2012-1538 (Use-after-free vulnerability in Microsoft Internet Explorer 9 allows ...)
+ TODO: check
CVE-2012-1537
RESERVED
CVE-2012-1536
@@ -10943,10 +10947,10 @@
RESERVED
CVE-2012-1529 (Use-after-free vulnerability in Microsoft Internet Explorer 8 and 9 ...)
NOT-FOR-US: Internet Explorer
-CVE-2012-1528
- RESERVED
-CVE-2012-1527
- RESERVED
+CVE-2012-1528 (Integer overflow in Windows Shell in Microsoft Windows XP SP2 and SP3, ...)
+ TODO: check
+CVE-2012-1527 (Integer underflow in Windows Shell in Microsoft Windows XP SP2 and ...)
+ TODO: check
CVE-2012-1526 (Microsoft Internet Explorer 6 and 7 does not properly handle objects ...)
NOT-FOR-US: Microsoft Internet Explorer
CVE-2012-1525 (Heap-based buffer overflow in Adobe Reader and Acrobat 9.x before ...)
More information about the Secure-testing-commits
mailing list