[Secure-testing-commits] r20343 - data/CVE
Thijs Kinkhorst
thijs at alioth.debian.org
Sun Oct 14 09:19:51 UTC 2012
Author: thijs
Date: 2012-10-14 09:19:50 +0000 (Sun, 14 Oct 2012)
New Revision: 20343
Modified:
data/CVE/list
Log:
axis2 saml; nfu
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-10-13 20:38:39 UTC (rev 20342)
+++ data/CVE/list 2012-10-14 09:19:50 UTC (rev 20343)
@@ -72,35 +72,35 @@
- ssmtp <unfixed> (unimportant; bug #662960)
NOTE: http://www.openwall.com/lists/oss-security/2012/10/10/6
CVE-2012-5353 (Eduserv allows remote attackers to forge messages and bypass ...)
- TODO: check
+ NOT-FOR-US: Eduserv
CVE-2012-5352 (Java Open Single Sign-On Project Home (JOSSO) allows remote attackers ...)
- TODO: check
+ NOT-FOR-US: josso
CVE-2012-5351 (Apache Axis2 allows remote attackers to forge messages and bypass ...)
- TODO: check
+ - libapache2-mod-axis2 <unfixed> (low; bug #690421)
CVE-2012-5350 (SQL injection vulnerability in the Pay With Tweet plugin before 1.2 ...)
- TODO: check
+ NOT-FOR-US: wp Pay With Tweet plugin
CVE-2012-5349 (Multiple cross-site scripting (XSS) vulnerabilities in pay.php in the ...)
- TODO: check
+ NOT-FOR-US: wp Pay With Tweet plugin
CVE-2012-5348 (SQL injection vulnerability in MangosWeb Enhanced 3.0.3 allows remote ...)
- TODO: check
+ NOT-FOR-US: MangosWeb
CVE-2012-5347 (TinyWebGallery 1.8.3 allows remote attackers to execute arbitrary code ...)
- TODO: check
+ NOT-FOR-US: TinyWebGallery
CVE-2012-5346 (Cross-site scripting (XSS) vulnerability in wp-live.php in the WP ...)
- TODO: check
+ NOT-FOR-US: WP live plugin
CVE-2012-5345 (Buffer overflow in the Remote command server (Rcmd.bat) in IpTools ...)
- TODO: check
+ NOT-FOR-US: batch file
CVE-2012-5344 (Directory traversal vulnerability in the WebServer (Thttpd.bat) in ...)
- TODO: check
+ NOT-FOR-US: batch file
CVE-2012-5343 (Cross-site scripting (XSS) vulnerability in admin/login.php in Limny ...)
- TODO: check
+ NOT-FOR-US: Limny
CVE-2012-5342 (Multiple SQL injection vulnerabilities in SenseSites CommonSense CMS ...)
- TODO: check
+ NOT-FOR-US: SenseSites CommonSense
CVE-2012-5341 (Multiple cross-site scripting (XSS) vulnerabilities in statistik.php ...)
- TODO: check
+ NOT-FOR-US: Otterware StatIt
CVE-2011-5210 (Directory traversal vulnerability in admin/preview.php in Limny 3.0.0 ...)
- TODO: check
+ NOT-FOR-US: Limny
CVE-2011-5209 (Cross-site scripting (XSS) vulnerability in search/ in GraphicsClone ...)
- TODO: check
+ NOT-FOR-US: GraphicsClone
CVE-2012-5340
RESERVED
CVE-2012-5339
@@ -713,9 +713,9 @@
CVE-2012-5052
RESERVED
CVE-2012-5051 (Directory traversal vulnerability in VMware CapacityIQ 1.5.x allows ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2012-5050 (Cross-site scripting (XSS) vulnerability in the server in VMware ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2012-5049 (APIFTP Server in Optimalog Optima PLC 1.5.2 and earlier allows remote ...)
NOT-FOR-US: Optimalog Optima PLC
CVE-2012-5048 (APIFTP Server in Optimalog Optima PLC 1.5.2 and earlier allows remote ...)
@@ -1103,17 +1103,17 @@
CVE-2012-4900
RESERVED
CVE-2012-4899 (WellinTech KingView 6.5.3 and earlier uses a weak password-hashing ...)
- TODO: check
+ NOT-FOR-US: WellinTech KingView
CVE-2012-4898
RESERVED
CVE-2012-4897 (Untrusted search path vulnerability in the installer in VMware Movie ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2012-4896 (Heap-based buffer overflow in SumatraPDF before 2.1 allows remote ...)
NOT-FOR-US: SumatraPDF
CVE-2012-4895 (Heap-based buffer overflow in SumatraPDF before 2.1 allows remote ...)
NOT-FOR-US: SumatraPDF
CVE-2012-4894 (Google SketchUp before 8.0.14346 (aka 8 Maintenance 3) allows ...)
- TODO: check
+ NOT-FOR-US: Google SketchUp
CVE-2012-4893 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
NOT-FOR-US: Webmin
CVE-2012-4892 (Multiple cross-site scripting (XSS) vulnerabilities in FlatnuX CMS ...)
@@ -1257,9 +1257,9 @@
CVE-2012-4826
RESERVED
CVE-2012-4825 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
- TODO: check
+ NOT-FOR-US: Lotus Notes
CVE-2012-4824 (Open redirect vulnerability in servlet/traveler in IBM Lotus Notes ...)
- TODO: check
+ NOT-FOR-US: Lotus Notes
CVE-2012-4823
RESERVED
CVE-2012-4822
@@ -5875,7 +5875,7 @@
CVE-2012-3041
RESERVED
CVE-2012-3040 (Cross-site scripting (XSS) vulnerability in the web server on Siemens ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2012-3039
RESERVED
CVE-2012-3038
@@ -7039,11 +7039,11 @@
CVE-2012-2553
RESERVED
CVE-2012-2552 (Cross-site scripting (XSS) vulnerability in the SQL Server Report ...)
- TODO: check
+ NOT-FOR-US: Microsoft SQL Server
CVE-2012-2551 (The server in Kerberos in Microsoft Windows Server 2008 R2 and R2 SP1, ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows Server
CVE-2012-2550 (Microsoft Works 9 allows remote attackers to execute arbitrary code or ...)
- TODO: check
+ NOT-FOR-US: Microsoft Works
CVE-2012-2549
RESERVED
CVE-2012-2548 (Use-after-free vulnerability in Microsoft Internet Explorer 9 allows ...)
@@ -7085,9 +7085,9 @@
CVE-2012-2530
RESERVED
CVE-2012-2529 (Integer overflow in the kernel in Microsoft Windows XP SP2 and SP3, ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2012-2528 (Use-after-free vulnerability in Microsoft Word 2003 SP3, 2007 SP2 and ...)
- TODO: check
+ NOT-FOR-US: Microsoft Word
CVE-2012-2527 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers ...)
NOT-FOR-US: Microsoft Windows
CVE-2012-2526 (The Remote Desktop Protocol (RDP) implementation in Microsoft Windows ...)
@@ -7103,7 +7103,7 @@
CVE-2012-2521 (Microsoft Internet Explorer 6 through 9 does not properly handle ...)
NOT-FOR-US: Microsoft Internet Explorer
CVE-2012-2520 (Cross-site scripting (XSS) vulnerability in Microsoft InfoPath 2007 ...)
- TODO: check
+ NOT-FOR-US: Microsoft Infopath
CVE-2012-2519
RESERVED
CVE-2012-2518
@@ -7799,7 +7799,7 @@
CVE-2012-2287 (The authentication functionality in EMC RSA Authentication Agent 7.1 ...)
NOT-FOR-US: EMC RSA Authentication agent
CVE-2012-2286 (Unspecified vulnerability in EMC RSA Adaptive Authentication ...)
- TODO: check
+ NOT-FOR-US: EMC RSA Authentication agent
CVE-2012-2285 (EMC Cloud Tiering Appliance (aka CTA, formerly FMA) 9.0 and earlier, ...)
NOT-FOR-US: EMC Cloud Tiering Appliance
CVE-2012-2284
More information about the Secure-testing-commits
mailing list