[Secure-testing-commits] r20283 - data/CVE

Wed Oct 3 21:14:18 UTC 2012

Author: joeyh
Date: 2012-10-03 21:14:18 +0000 (Wed, 03 Oct 2012)
New Revision: 20283

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2012-10-03 19:48:01 UTC (rev 20282)
+++ data/CVE/list	2012-10-03 21:14:18 UTC (rev 20283)
@@ -1,3 +1,15 @@
+CVE-2012-5240
+	RESERVED
+CVE-2012-5239
+	RESERVED
+CVE-2012-5238
+	RESERVED
+CVE-2012-5237
+	RESERVED
+CVE-2012-5236
+	RESERVED
+CVE-2012-5235
+	RESERVED
 CVE-2012-5234 (Open redirect vulnerability in index.php in ocPortal before 7.1.6 ...)
 	TODO: check
 CVE-2012-5233 (Cross-site scripting (XSS) vulnerability in the stickynote module ...)
@@ -4165,8 +4177,7 @@
 	NOT-FOR-US: Opera
 CVE-2012-3554 (SQL injection vulnerability in the RSGallery2 (com_rsgallery2) ...)
 	NOT-FOR-US: Joomla addon
-CVE-2012-3552
-	RESERVED
+CVE-2012-3552 (The IP implementation in the Linux kernel before 3.0 might allow ...)
 	- linux 3.0-1
 	- linux-2.6 <removed>
 CVE-2012-3551 (Cross-site scripting (XSS) vulnerability in ...)
@@ -4256,8 +4267,7 @@
 	RESERVED
 	- geshi 1.0.8.4-2 (bug #685324)
 	[squeeze] - geshi 1.0.8.4-1+squeeze1
-CVE-2012-3520
-	RESERVED
+CVE-2012-3520 (The Netlink implementation in the Linux kernel before 3.2.30 does not ...)
 	- linux 3.2.29-1
 	- linux-2.6 <not-affected> (Introduced in 3.1)
 CVE-2012-3519 (routerlist.c in Tor before 0.2.2.38 uses a different amount of time ...)
@@ -4290,12 +4300,10 @@
 	RESERVED
 	- munin 2.0.6-1 (bug #684075)
 	NOTE: http://www.munin-monitoring.org/ticket/1234
-CVE-2012-3511
-	RESERVED
+CVE-2012-3511 (Multiple race conditions in the madvise_remove function in ...)
 	- linux 3.2.23-1
 	- linux-2.6 <removed>
-CVE-2012-3510
-	RESERVED
+CVE-2012-3510 (Use-after-free vulnerability in the xacct_add_tsk function in ...)
 	- linux 2.6.20-1
 	- linux-2.6 2.6.20-1
 CVE-2012-3509 (Multiple integer overflows in the (1) _objalloc_alloc function in ...)
@@ -4537,8 +4545,7 @@
 CVE-2012-3431
 	RESERVED
 	NOT-FOR-US: Teeid
-CVE-2012-3430 [kernel: recv{from,msg}() on an rds socket can leak kernel memory]
-	RESERVED
+CVE-2012-3430 (The rds_recvmsg function in net/rds/recv.c in the Linux kernel before ...)
 	- linux 3.2.29-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 2.6.32-36
@@ -4590,8 +4597,7 @@
 	NOTE: CVE-request http://www.openwall.com/lists/oss-security/2012/07/13/3
 	NOTE: https://projects.kde.org/projects/kde/kdepim/repository/revisions/dbb2f72f4745e00f53031965a9c10b2d6862bd54
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/kdepim/+bug/1022690
-CVE-2012-3412
-	RESERVED
+CVE-2012-3412 (The sfc (aka Solarflare Solarstorm) driver in the Linux kernel before ...)
 	- linux 3.2.29-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 2.6.32-36
@@ -4652,8 +4658,7 @@
 	- tiff 4.0.2-2 (bug #682115)
 	- tiff3 3.9.6-7 (bug #682195)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=837577
-CVE-2012-3400
-	RESERVED
+CVE-2012-3400 (Heap-based buffer overflow in the udf_load_logicalvol function in ...)
 	- linux 3.2.23-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 2.6.32-36
@@ -4744,8 +4749,7 @@
 CVE-2012-3376 (DataNodes in Apache Hadoop 2.0.0 alpha does not check the BlockTokens ...)
 	- hadoop <itp> (bug #535861)
 	NOTE: http://seclists.org/bugtraq/2012/Jul/48
-CVE-2012-3375
-	RESERVED
+CVE-2012-3375 (The epoll_ctl system call in fs/eventpoll.c in the Linux kernel before ...)
 	- linux 3.2.23-1
 	- linux-2.6 <removed>
 CVE-2012-3374 (Buffer overflow in markup.c in the MXit protocol plugin in libpurple ...)
@@ -4909,8 +4913,8 @@
 	RESERVED
 CVE-2012-3315
 	RESERVED
-CVE-2012-3314
-	RESERVED
+CVE-2012-3314 (IBM Tivoli Federated Identity Manager (TFIM) and Tivoli Federated ...)
+	TODO: check
 CVE-2012-3313 (Cross-site scripting (XSS) vulnerability in IBM Maximo Asset ...)
 	NOT-FOR-US: IBM Maximo Asset Management
 CVE-2012-3312 (The datasource definition editor in IBM InfoSphere Guardium 8.2 and ...)
@@ -5007,8 +5011,8 @@
 	RESERVED
 CVE-2012-3267
 	RESERVED
-CVE-2012-3266
-	RESERVED
+CVE-2012-3266 (Unspecified vulnerability in IBRIX 6.1.196 through 6.1.251 on HP IBRIX ...)
+	TODO: check
 CVE-2012-3265
 	RESERVED
 CVE-2012-3264 (Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 ...)
@@ -11234,10 +11238,10 @@
 	NOTE: http://seclists.org/bugtraq/2012/Jun/165
 CVE-2012-0693 (** DISPUTED ** submitticket.php in WHMCompleteSolution (WHMCS) 5.03 ...)
 	NOT-FOR-US: WHMCompleteSolution
-CVE-2012-0692
-	RESERVED
-CVE-2012-0691
-	RESERVED
+CVE-2012-0692 (CA License (aka CA Licensing) before 1.90.03 allows local users to ...)
+	TODO: check
+CVE-2012-0691 (CA License (aka CA Licensing) before 1.90.03 does not properly ...)
+	TODO: check
 CVE-2012-0690 (TIBCO Spotfire Web Application, Web Player Application, Automation ...)
 	NOT-FOR-US: TIBCO Spotfire
 CVE-2012-0689 (The server in TIBCO ActiveMatrix Platform in TIBCO Silver Fabric ...)
@@ -18466,8 +18470,7 @@
 	- openssl 1.0.0e-1
 	[lenny] - openssl 0.9.8g-15+lenny13
 	[squeeze] - openssl 0.9.8o-4squeeze3
-CVE-2011-3209
-	RESERVED
+CVE-2011-3209 (The div_long_long_rem implementation in include/asm-x86/div64.h in the ...)
 	- linux-2.6 2.6.26-1
 CVE-2011-3208 (Stack-based buffer overflow in the split_wildmats function in nntpd.c ...)
 	{DSA-2318-1}
@@ -22429,8 +22432,7 @@
 	RESERVED
 	{DSA-2382-1}
 	- ecryptfs-utils 92-1
-CVE-2011-1833
-	RESERVED
+CVE-2011-1833 (Race condition in the ecryptfs_mount function in fs/ecryptfs/main.c in ...)
 	{DSA-2443-1}
 	- ecryptfs-utils 92-1
 	[squeeze] - ecryptfs-utils <no-dsa> (Minor issue)


