[Secure-testing-commits] r20410 - data/CVE

Joey Hess joeyh at alioth.debian.org
Fri Oct 26 21:14:27 UTC 2012 

Author: joeyh
Date: 2012-10-26 21:14:27 +0000 (Fri, 26 Oct 2012)
New Revision: 20410

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-10-26 19:46:45 UTC (rev 20409)
+++ data/CVE/list	2012-10-26 21:14:27 UTC (rev 20410)
@@ -1,3 +1,49 @@
+CVE-2011-5235 (SQL injection vulnerability in mnoGoSearch before 3.3.12 allows remote ...)
+	TODO: check
+CVE-2011-5234 (SQL injection vulnerability in user.php in Social Network Community 2 ...)
+	TODO: check
+CVE-2011-5233 (Heap-based buffer overflow in IrfanView before 4.32 allows remote ...)
+	TODO: check
+CVE-2011-5232 (Double free vulnerability in the Free_All_Memory function in ...)
+	TODO: check
+CVE-2011-5231 (Double free vulnerability in the get_chunk_header function in ...)
+	TODO: check
+CVE-2011-5230 (Multiple SQL injection vulnerabilities in the selectUserIdByLoginPass ...)
+	TODO: check
+CVE-2011-5229 (SQL injection vulnerability in quickstart/profile/index.php in the ...)
+	TODO: check
+CVE-2011-5228 (Cross-site scripting (XSS) vulnerability in the Search module ...)
+	TODO: check
+CVE-2011-5227 (Stack-based buffer overflow in the Syslog service (nssyslogd.exe) in ...)
+	TODO: check
+CVE-2011-5226 (Cross-site request forgery (CSRF) vulnerability in ...)
+	TODO: check
+CVE-2011-5225 (Cross-site scripting (XSS) vulnerability in wordpress_sentinel.php in ...)
+	TODO: check
+CVE-2011-5224 (SQL injection vulnerability in the Sentinel plugin 1.0.0 for WordPress ...)
+	TODO: check
+CVE-2011-5223 (Cross-site request forgery (CSRF) vulnerability in logout.php in Cacti ...)
+	TODO: check
+CVE-2011-5222 (SQL injection vulnerability in rub2_w.php in PHP Flirt-Projekt 4.8 and ...)
+	TODO: check
+CVE-2011-5221 (Cross-site scripting (XSS) vulnerability in the getLog function in ...)
+	TODO: check
+CVE-2011-5220 (Cross-site scripting (XSS) vulnerability in ...)
+	TODO: check
+CVE-2011-5219 (Directory traversal vulnerability in examples/show_code.php in mPDF ...)
+	TODO: check
+CVE-2011-5218 (SQL injection vulnerability in DotA OpenStats 1.3.9 and earlier allows ...)
+	TODO: check
+CVE-2011-5217 (Directory traversal vulnerability in the PXE Mtftp service in Hitachi ...)
+	TODO: check
+CVE-2011-5216 (SQL injection vulnerability in ajax.php in SCORM Cloud For WordPress ...)
+	TODO: check
+CVE-2011-5215 (SQL injection vulnerability in index.php in Video Community Portal ...)
+	TODO: check
+CVE-2011-5214 (Multiple cross-site scripting (XSS) vulnerabilities in BrowserCRM ...)
+	TODO: check
+CVE-2011-5213 (Multiple SQL injection vulnerabilities in BrowserCRM 5.100.01 and ...)
+	TODO: check
 CVE-2012-5672 (Microsoft Excel Viewer (aka Xlview.exe) and Excel in Microsoft Office ...)
 	TODO: check
 CVE-2012-5671 [exim4 heap overflow]
@@ -404,8 +450,8 @@
 	RESERVED
 CVE-2012-5471
 	RESERVED
-CVE-2012-5470
-	RESERVED
+CVE-2012-5470 (libpng_plugin in VideoLAN VLC media player 2.0.3 allows remote ...)
+	TODO: check
 CVE-2012-5469
 	RESERVED
 CVE-2012-5468
@@ -1752,6 +1798,7 @@
 	- mediawiki 1:1.19.0-1 (low)
 CVE-2012-4884
 	RESERVED
+	{DSA-2567-1}
 CVE-2011-5161 (Unrestricted file upload vulnerability in the patient photograph ...)
 	NOT-FOR-US: OpenEMR
 CVE-2011-5160 (Cross-site scripting (XSS) vulnerability in setup.php in OpenEMR 4 ...)
@@ -2266,18 +2313,23 @@
 	NOT-FOR-US: Sophos SafeGuard Enterprise
 CVE-2012-4735
 	RESERVED
+	{DSA-2567-1}
 CVE-2012-4734
 	RESERVED
+	{DSA-2567-1}
 CVE-2012-4733
 	RESERVED
 CVE-2012-4732
 	RESERVED
+	{DSA-2567-1}
 CVE-2012-4731
 	RESERVED
+	{DSA-2568-1}
 CVE-2012-4730
 	RESERVED
-CVE-2012-4729
-	RESERVED
+	{DSA-2567-1}
+CVE-2012-4729 (Wing FTP Server before 4.1.1 allows remote authenticated users to ...)
+	TODO: check
 CVE-2012-4728
 	RESERVED
 CVE-2012-4727
@@ -2986,8 +3038,8 @@
 	RESERVED
 CVE-2012-4502
 	RESERVED
-CVE-2012-4501
-	RESERVED
+CVE-2012-4501 (Citrix Cloud.com CloudStack, and Apache CloudStack pre-release, allows ...)
+	TODO: check
 CVE-2012-4500
 	RESERVED
 CVE-2012-4499
@@ -4183,8 +4235,8 @@
 	RESERVED
 CVE-2012-4020
 	RESERVED
-CVE-2012-4019
-	RESERVED
+CVE-2012-4019 (Cross-site scripting (XSS) vulnerability in tokyo_bbs.cgi in Come on ...)
+	TODO: check
 CVE-2012-4018 (Cross-site scripting (XSS) vulnerability in Final Beta Laboratory ...)
 	NOT-FOR-US: Final Beta Laboratory MyWebSearch
 CVE-2012-4017 (The jigbrowser+ application before 1.5.0 for Android does not properly ...)
@@ -4466,18 +4518,18 @@
 	RESERVED
 CVE-2012-3942
 	RESERVED
-CVE-2012-3941
-	RESERVED
-CVE-2012-3940
-	RESERVED
-CVE-2012-3939
-	RESERVED
-CVE-2012-3938
-	RESERVED
-CVE-2012-3937
-	RESERVED
-CVE-2012-3936
-	RESERVED
+CVE-2012-3941 (Heap-based buffer overflow in the Cisco WebEx Recording Format (WRF) ...)
+	TODO: check
+CVE-2012-3940 (Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 ...)
+	TODO: check
+CVE-2012-3939 (Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 ...)
+	TODO: check
+CVE-2012-3938 (Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 ...)
+	TODO: check
+CVE-2012-3937 (Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 ...)
+	TODO: check
+CVE-2012-3936 (Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 ...)
+	TODO: check
 CVE-2012-3935 (Cisco Unified Presence (CUP) before 8.6(3) and Jabber Extensible ...)
 	NOT-FOR-US: Cisco Unified Presence, Jabber Extensible Communications Platform
 CVE-2012-3934

More information about the Secure-testing-commits mailing list