[Secure-testing-commits] r20104 - data/CVE

Wed Sep 5 21:14:32 UTC 2012

Author: joeyh
Date: 2012-09-05 21:14:31 +0000 (Wed, 05 Sep 2012)
New Revision: 20104

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2012-09-05 19:58:08 UTC (rev 20103)
+++ data/CVE/list	2012-09-05 21:14:31 UTC (rev 20104)
@@ -1,3 +1,11 @@
+CVE-2012-4751
+	RESERVED
+CVE-2012-4750
+	RESERVED
+CVE-2012-4749
+	RESERVED
+CVE-2012-4748
+	RESERVED
 CVE-2011-3090 (Race condition in Google Chrome before 19.0.1084.46 allows remote ...)
 	TODO: check
 CVE-2012-4746 (Cross-site request forgery (CSRF) vulnerability in accessaccount.cgi ...)
@@ -918,6 +926,7 @@
 	RESERVED
 CVE-2012-4404 [moinmoin virtual groups and ACLs evaluation issue]
 	RESERVED
+	{DSA-2538-1}
 	- moin 1.9.4-8
 	NOTE: http://hg.moinmo.in/moin/1.9/rev/7b9f39289e16
 CVE-2012-4403
@@ -6420,8 +6429,7 @@
 	{DSA-2454-1}
 	- openssl 1.0.1a-1
 	NOTE: http://www.openssl.org/news/secadv_20120419.txt
-CVE-2012-2109
-	RESERVED
+CVE-2012-2109 (SQL injection vulnerability in wp-load.php in the BuddyPress plugin ...)
 	NOT-FOR-US: wordpress buddypress plugin
 CVE-2012-2108
 	RESERVED
@@ -6532,23 +6540,17 @@
 CVE-2012-2069
 	RESERVED
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-2068
-	RESERVED
+CVE-2012-2068 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-2067
-	RESERVED
+CVE-2012-2067 (Unspecified vulnerability in the CKeditor module 6.x-2.x before ...)
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-2066
-	RESERVED
+CVE-2012-2066 (Cross-site scripting (XSS) vulnerability in the FCKeditor module ...)
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-2065
-	RESERVED
+CVE-2012-2065 (Cross-site scripting (XSS) vulnerability in the Language Icons module ...)
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-2064
-	RESERVED
+CVE-2012-2064 (Cross-site scripting (XSS) vulnerability in ...)
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-2063
-	RESERVED
+CVE-2012-2063 (The Slidebox module before 7.x-1.4 for Drupal does not properly check ...)
 	NOT-FOR-US: Drupal addon module not packaged in Debian
 CVE-2012-2062
 	RESERVED
@@ -7634,11 +7636,9 @@
 CVE-2012-1615 [sectool dbus priv escalation]
 	RESERVED
 	NOT-FOR-US: sectool
-CVE-2012-1614 [coppermine path disc]
-	RESERVED
+CVE-2012-1614 (Coppermine Photo Gallery before 1.5.20 allows remote attackers to ...)
 	NOT-FOR-US: Coppermine
-CVE-2012-1613 [coppermine xss]
-	RESERVED
+CVE-2012-1613 (Cross-site scripting (XSS) vulnerability in edit_one_pic.php in ...)
 	NOT-FOR-US: Coppermine
 CVE-2012-1612 [joomla info disc]
 	RESERVED
@@ -7651,20 +7651,16 @@
 	- imagemagick 8:6.7.4.0-4 (bug #667635)
 CVE-2012-1609
 	RESERVED
-CVE-2012-1608
-	RESERVED
+CVE-2012-1608 (The t3lib_div::RemoveXSS API method in TYPO3 4.4.0 through 4.4.13, ...)
 	{DSA-2445-1}
 	- typo3-src 4.5.14+dfsg1-1
-CVE-2012-1607
-	RESERVED
+CVE-2012-1607 (The Command Line Interface (CLI) script in TYPO3 4.4.0 through 4.4.13, ...)
 	{DSA-2445-1}
 	- typo3-src 4.5.14+dfsg1-1
-CVE-2012-1606
-	RESERVED
+CVE-2012-1606 (Multiple cross-site scripting (XSS) vulnerabilities in the Backend ...)
 	{DSA-2445-1}
 	- typo3-src 4.5.14+dfsg1-1
-CVE-2012-1605
-	RESERVED
+CVE-2012-1605 (The Extbase Framework in TYPO3 4.6.x through 4.6.6, 4.7, and 6.0 ...)
 	- typo3-src <not-affected> (vulnerable code not yet present)
 CVE-2012-1604
 	RESERVED


