[Secure-testing-commits] r20119 - data/CVE

Joey Hess joeyh at alioth.debian.org
Fri Sep 7 21:14:22 UTC 2012


Author: joeyh
Date: 2012-09-07 21:14:22 +0000 (Fri, 07 Sep 2012)
New Revision: 20119

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-09-07 18:42:30 UTC (rev 20118)
+++ data/CVE/list	2012-09-07 21:14:22 UTC (rev 20119)
@@ -1,3 +1,351 @@
+CVE-2012-4883 (Multiple untrusted search path vulnerabilities in 3DVIA Composer ...)
+	TODO: check
+CVE-2012-4882 (Multiple untrusted search path vulnerabilities in 3D XML Player ...)
+	TODO: check
+CVE-2012-4881 (Untrusted search path vulnerability in moviEZ HD 1.0 Build ...)
+	TODO: check
+CVE-2012-4880 (Multiple untrusted search path vulnerabilities in DVD Architect Pro ...)
+	TODO: check
+CVE-2012-4879 (The Linux Console on the WAGO I/O System 758 model 758-870, 758-874, ...)
+	TODO: check
+CVE-2012-4878 (Absolute path traversal vulnerability in controlcenter.php in FlatnuX ...)
+	TODO: check
+CVE-2012-4877 (Cross-site request forgery (CSRF) vulnerability in controlcenter.php ...)
+	TODO: check
+CVE-2012-4876 (Stack-based buffer overflow in the UltraMJCam ActiveX Control in ...)
+	TODO: check
+CVE-2012-4875 (** DISPUTED ** ...)
+	TODO: check
+CVE-2012-4874 (Unspecified vulnerability in the Another WordPress Classifieds Plugin ...)
+	TODO: check
+CVE-2012-4873 (Cross-site scripting (XSS) vulnerability in the file_download function ...)
+	TODO: check
+CVE-2012-4872 (Cross-site scripting (XSS) vulnerability in Tickets/Submit in Kayako ...)
+	TODO: check
+CVE-2012-4871 (Cross-site scripting (XSS) vulnerability in service/graph_html.php in ...)
+	TODO: check
+CVE-2012-4870 (Multiple cross-site scripting (XSS) vulnerabilities in FreePBX 2.9 and ...)
+	TODO: check
+CVE-2012-4869 (The callme_startcall function in recordings/misc/callme_page.php in ...)
+	TODO: check
+CVE-2012-4868 (SQL injection vulnerability in news.php in the Kunena component 1.7.2 ...)
+	TODO: check
+CVE-2012-4867 (Directory traversal vulnerability in ...)
+	TODO: check
+CVE-2012-4866 (Untrusted search path vulnerability in Xtreme RAT 3.5 allows local ...)
+	TODO: check
+CVE-2012-4865 (Buffer overflow in Oreans Themida 2.1.8.0 allows remote attackers to ...)
+	TODO: check
+CVE-2012-4864 (Oreans WinLicense 2.1.8.0 allows remote attackers to cause a denial of ...)
+	TODO: check
+CVE-2012-4863
+	RESERVED
+CVE-2012-4862
+	RESERVED
+CVE-2012-4861
+	RESERVED
+CVE-2012-4860
+	RESERVED
+CVE-2012-4859
+	RESERVED
+CVE-2012-4858
+	RESERVED
+CVE-2012-4857
+	RESERVED
+CVE-2012-4856
+	RESERVED
+CVE-2012-4855
+	RESERVED
+CVE-2012-4854
+	RESERVED
+CVE-2012-4853
+	RESERVED
+CVE-2012-4852
+	RESERVED
+CVE-2012-4851
+	RESERVED
+CVE-2012-4850
+	RESERVED
+CVE-2012-4849
+	RESERVED
+CVE-2012-4848
+	RESERVED
+CVE-2012-4847
+	RESERVED
+CVE-2012-4846
+	RESERVED
+CVE-2012-4845
+	RESERVED
+CVE-2012-4844
+	RESERVED
+CVE-2012-4843
+	RESERVED
+CVE-2012-4842
+	RESERVED
+CVE-2012-4841
+	RESERVED
+CVE-2012-4840
+	RESERVED
+CVE-2012-4839
+	RESERVED
+CVE-2012-4838
+	RESERVED
+CVE-2012-4837
+	RESERVED
+CVE-2012-4836
+	RESERVED
+CVE-2012-4835
+	RESERVED
+CVE-2012-4834
+	RESERVED
+CVE-2012-4833
+	RESERVED
+CVE-2012-4832
+	RESERVED
+CVE-2012-4831
+	RESERVED
+CVE-2012-4830
+	RESERVED
+CVE-2012-4829
+	RESERVED
+CVE-2012-4828
+	RESERVED
+CVE-2012-4827
+	RESERVED
+CVE-2012-4826
+	RESERVED
+CVE-2012-4825
+	RESERVED
+CVE-2012-4824
+	RESERVED
+CVE-2012-4823
+	RESERVED
+CVE-2012-4822
+	RESERVED
+CVE-2012-4821
+	RESERVED
+CVE-2012-4820
+	RESERVED
+CVE-2012-4819
+	RESERVED
+CVE-2012-4818
+	RESERVED
+CVE-2012-4817
+	RESERVED
+CVE-2012-4816
+	RESERVED
+CVE-2012-4815
+	RESERVED
+CVE-2012-4814
+	RESERVED
+CVE-2012-4813
+	RESERVED
+CVE-2012-4812
+	RESERVED
+CVE-2012-4811
+	RESERVED
+CVE-2012-4810
+	RESERVED
+CVE-2012-4809
+	RESERVED
+CVE-2012-4808
+	RESERVED
+CVE-2012-4807
+	RESERVED
+CVE-2012-4806
+	RESERVED
+CVE-2012-4805
+	RESERVED
+CVE-2012-4804
+	RESERVED
+CVE-2012-4803
+	RESERVED
+CVE-2012-4802
+	RESERVED
+CVE-2012-4801
+	RESERVED
+CVE-2012-4800
+	RESERVED
+CVE-2012-4799
+	RESERVED
+CVE-2012-4798
+	RESERVED
+CVE-2012-4797
+	RESERVED
+CVE-2012-4796
+	RESERVED
+CVE-2012-4795
+	RESERVED
+CVE-2012-4794
+	RESERVED
+CVE-2012-4793
+	RESERVED
+CVE-2012-4792
+	RESERVED
+CVE-2012-4791
+	RESERVED
+CVE-2012-4790
+	RESERVED
+CVE-2012-4789
+	RESERVED
+CVE-2012-4788
+	RESERVED
+CVE-2012-4787
+	RESERVED
+CVE-2012-4786
+	RESERVED
+CVE-2012-4785
+	RESERVED
+CVE-2012-4784
+	RESERVED
+CVE-2012-4783
+	RESERVED
+CVE-2012-4782
+	RESERVED
+CVE-2012-4781
+	RESERVED
+CVE-2012-4780
+	RESERVED
+CVE-2012-4779
+	RESERVED
+CVE-2012-4778
+	RESERVED
+CVE-2012-4777
+	RESERVED
+CVE-2012-4776
+	RESERVED
+CVE-2012-4775
+	RESERVED
+CVE-2012-4774
+	RESERVED
+CVE-2012-4773
+	RESERVED
+CVE-2012-4772
+	RESERVED
+CVE-2012-4771
+	RESERVED
+CVE-2012-4770
+	RESERVED
+CVE-2012-4769
+	RESERVED
+CVE-2012-4768
+	RESERVED
+CVE-2012-4767
+	RESERVED
+CVE-2012-4766
+	RESERVED
+CVE-2012-4765
+	RESERVED
+CVE-2012-4764
+	RESERVED
+CVE-2012-4763
+	RESERVED
+CVE-2012-4762
+	RESERVED
+CVE-2012-4761
+	RESERVED
+CVE-2012-4760
+	RESERVED
+CVE-2011-5158 (Multiple untrusted search path vulnerabilities in the DMTGUI2.EXE and ...)
+	TODO: check
+CVE-2010-5274 (Untrusted search path vulnerability in PKZIP before 12.50.0014 allows ...)
+	TODO: check
+CVE-2010-5273 (Untrusted search path vulnerability in Altova DiffDog 2011 Enterprise ...)
+	TODO: check
+CVE-2010-5272 (Untrusted search path vulnerability in Altova DatabaseSpy 2011 ...)
+	TODO: check
+CVE-2010-5271 (Untrusted search path vulnerability in Altova MapForce 2011 Enterprise ...)
+	TODO: check
+CVE-2010-5270 (Multiple untrusted search path vulnerabilities in Adobe Device Central ...)
+	TODO: check
+CVE-2010-5269 (Untrusted search path vulnerability in tbb.dll in Intel Threading ...)
+	TODO: check
+CVE-2010-5268 (Untrusted search path vulnerability in Amazon Kindle for PC 1.3.0 ...)
+	TODO: check
+CVE-2010-5267 (Untrusted search path vulnerability in MunSoft Easy Office Recovery ...)
+	TODO: check
+CVE-2010-5266 (Untrusted search path vulnerability in VideoCharge Studio 2.9.0.632 ...)
+	TODO: check
+CVE-2010-5265 (Untrusted search path vulnerability in SmartSniff 1.71 allows local ...)
+	TODO: check
+CVE-2010-5264 (Untrusted search path vulnerability in the CExtDWM::CExtDWM method in ...)
+	TODO: check
+CVE-2010-5263 (Untrusted search path vulnerability in Sothink SWF Decompiler 6.0 ...)
+	TODO: check
+CVE-2010-5262 (Multiple untrusted search path vulnerabilities in libmcl-5.4.0.dll in ...)
+	TODO: check
+CVE-2010-5261 (Untrusted search path vulnerability in SnowFox Total Video Converter ...)
+	TODO: check
+CVE-2010-5260 (Untrusted search path vulnerability in Agrin All DVD Ripper 4.0 allows ...)
+	TODO: check
+CVE-2010-5259 (Multiple untrusted search path vulnerabilities in IsoBuster 2.8 allow ...)
+	TODO: check
+CVE-2010-5258 (Untrusted search path vulnerability in Adobe Audition 3.0 build 7283.0 ...)
+	TODO: check
+CVE-2010-5257 (Multiple untrusted search path vulnerabilities in ArchiCAD 13 and 14 ...)
+	TODO: check
+CVE-2010-5256 (Untrusted search path vulnerability in CDisplay 1.8.1 allows local ...)
+	TODO: check
+CVE-2010-5255 (Untrusted search path vulnerability in UltraISO 9.3.6.2750 allows ...)
+	TODO: check
+CVE-2010-5254 (Untrusted search path vulnerability in GFI Backup 3.1 Build 20100730 ...)
+	TODO: check
+CVE-2010-5253 (Untrusted search path vulnerability in WinImage 8.50 allows local ...)
+	TODO: check
+CVE-2010-5252 (Untrusted search path vulnerability in HTTrack 3.43-9 allows local ...)
+	TODO: check
+CVE-2010-5251 (Multiple untrusted search path vulnerabilities in IBM Lotus Notes 8.5 ...)
+	TODO: check
+CVE-2010-5250 (Untrusted search path vulnerability in the ...)
+	TODO: check
+CVE-2010-5249 (Untrusted search path vulnerability in Sophos Free Encryption 2.40.1.1 ...)
+	TODO: check
+CVE-2010-5248 (Untrusted search path vulnerability in UltraVNC 1.0.8.2 allows local ...)
+	TODO: check
+CVE-2010-5247 (Untrusted search path vulnerability in QtWeb Browser 3.3 build 043 ...)
+	TODO: check
+CVE-2010-5246 (Multiple untrusted search path vulnerabilities in Maxthon Browser ...)
+	TODO: check
+CVE-2010-5245 (Untrusted search path vulnerability in PDF-XChange Viewer 2.0 Build ...)
+	TODO: check
+CVE-2010-5244 (Untrusted search path vulnerability in SiSoftware Sandra 2010 Lite ...)
+	TODO: check
+CVE-2010-5243 (Multiple untrusted search path vulnerabilities in Cyberlink Power2Go ...)
+	TODO: check
+CVE-2010-5242 (Untrusted search path vulnerability in Sound Forge Pro 10.0b Build 474 ...)
+	TODO: check
+CVE-2010-5241 (Multiple untrusted search path vulnerabilities in Autodesk AutoCAD ...)
+	TODO: check
+CVE-2010-5240 (Multiple untrusted search path vulnerabilities in Corel PHOTO-PAINT ...)
+	TODO: check
+CVE-2010-5239 (Untrusted search path vulnerability in DAEMON Tools Lite 4.35.6.0091 ...)
+	TODO: check
+CVE-2010-5238 (Untrusted search path vulnerability in CyberLink PowerDirector ...)
+	TODO: check
+CVE-2010-5237 (Untrusted search path vulnerability in CyberLink PowerDirector 7 ...)
+	TODO: check
+CVE-2010-5236 (Untrusted search path vulnerability in Roxio Easy Media Creator Home ...)
+	TODO: check
+CVE-2010-5235 (Untrusted search path vulnerability in IZArc Archiver 4.1.2 allows ...)
+	TODO: check
+CVE-2010-5234 (Multiple untrusted search path vulnerabilities in Camtasia Studio ...)
+	TODO: check
+CVE-2010-5233 (Untrusted search path vulnerability in Virtual DJ 6.1.2 Trial b301 ...)
+	TODO: check
+CVE-2010-5232 (Untrusted search path vulnerability in DivX Plus Player 8.1.0 allows ...)
+	TODO: check
+CVE-2010-5231 (Untrusted search path vulnerability in DivX Player 7.2.019 allows ...)
+	TODO: check
+CVE-2010-5230 (Multiple untrusted search path vulnerabilities in MicroStation 7.1 ...)
+	TODO: check
+CVE-2010-5229 (Untrusted search path vulnerability in 010 Editor before 3.1.3 allows ...)
+	TODO: check
+CVE-2010-5228 (Untrusted search path vulnerability in RealPlayer SP 1.1.5 12.0.0.879 ...)
+	TODO: check
+CVE-2010-5227 (Untrusted search path vulnerability in Opera before 10.62 allows local ...)
+	TODO: check
+CVE-2010-5226 (Multiple untrusted search path vulnerabilities in Autodesk Design ...)
+	TODO: check
 CVE-2012-4759 (Untrusted search path vulnerability in facebook_plugin.fpi in the ...)
 	TODO: check
 CVE-2012-4758 (Multiple untrusted search path vulnerabilities in CyberLink ...)
@@ -3187,6 +3535,7 @@
 	RESERVED
 CVE-2012-3458
 	RESERVED
+	{DSA-2541-1}
 	- beaker 1.6.3-1.1 (bug #684890)
 CVE-2012-3457 (PNP4Nagios 0.6 through 0.6.16 uses world-readable permissions for ...)
 	- pnp4nagios <unfixed> (low; bug #683879)
@@ -4254,8 +4603,8 @@
 	NOT-FOR-US: Siemens SIMATIC
 CVE-2012-3014 (The Management Software application in GarrettCom Magnum MNS-6K before ...)
 	NOT-FOR-US: GarrettCom Magnum MNS-6K
-CVE-2012-3013
-	RESERVED
+CVE-2012-3013 (WAGO I/O System 758 model 758-870, 758-874, 758-875, and 758-876 ...)
+	TODO: check
 CVE-2012-3012 (The Arbiter Power Sentinel 1133A device with firmware before 11Jun2012 ...)
 	TODO: check
 CVE-2012-3011
@@ -4884,11 +5233,9 @@
 CVE-2012-2742 (Revelation 0.4.13-2 and earlier uses only the first 32 characters of a ...)
 	- revelation 0.4.11-10 (bug #633088)
 	NOTE: http://www.openwall.com/lists/oss-security/2012/06/18/1
-CVE-2012-2741 [phplist before 2.10.18 XSS]
-	RESERVED
+CVE-2012-2741 (Cross-site scripting (XSS) vulnerability in public_html/lists/admin/ ...)
 	NOT-FOR-US: phplist
-CVE-2012-2740 [phplist before 2.10.18 SQL-injection]
-	RESERVED
+CVE-2012-2740 (SQL injection vulnerability in public_html/lists/admin in phpList ...)
 	NOT-FOR-US: phplist
 CVE-2012-2739 [java HashDos]
 	RESERVED
@@ -6190,6 +6537,7 @@
 	RESERVED
 CVE-2012-2237
 	RESERVED
+	{DSA-2540-1}
 	- mahara 1.5.1-2
 CVE-2012-2236 (SQL injection vulnerability in users.php in PHP Gift Registry 1.5.5 ...)
 	NOT-FOR-US: PHP Gift Registry
@@ -6617,8 +6965,7 @@
 	NOT-FOR-US: Drupal addon module not packaged in Debian
 CVE-2012-2070 (Cross-site scripting (XSS) vulnerability in the MultiBlock module ...)
 	NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-2069
-	RESERVED
+CVE-2012-2069 (Cross-site request forgery (CSRF) vulnerability in the Wishlist module ...)
 	NOT-FOR-US: Drupal addon module not packaged in Debian
 CVE-2012-2068 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
 	NOT-FOR-US: Drupal addon module not packaged in Debian
@@ -7720,11 +8067,9 @@
 	NOT-FOR-US: Coppermine
 CVE-2012-1613 (Cross-site scripting (XSS) vulnerability in edit_one_pic.php in ...)
 	NOT-FOR-US: Coppermine
-CVE-2012-1612 [joomla info disc]
-	RESERVED
+CVE-2012-1612 (Cross-site scripting (XSS) vulnerability in the update manager in ...)
 	- joomla <itp> (bug #571794)
-CVE-2012-1611 [joomla xss]
-	RESERVED
+CVE-2012-1611 (Joomla! 2.5.x before 2.5.4 does not properly check permissions, which ...)
 	- joomla <itp> (bug #571794)
 CVE-2012-1610 (Integer overflow in the GetEXIFProperty function in magick/property.c ...)
 	{DSA-2462-1}
@@ -7791,8 +8136,7 @@
 	REJECTED
 CVE-2012-1585 (OpenStack Compute (Nova) Essex before 2011.3 allows remote ...)
 	- nova 2012-1~rc3-1 (bug #666888)
-CVE-2012-1584
-	RESERVED
+CVE-2012-1584 (Integer overflow in the mid function in toolkit/tbytevector.cpp in ...)
 	- taglib 1.7.1-1 (low; bug #662705)
 	[squeeze] - taglib <no-dsa> (Minor issue)
 CVE-2012-1583 (Double free vulnerability in the xfrm6_tunnel_rcv function in ...)
@@ -8051,12 +8395,12 @@
 	RESERVED
 CVE-2012-1470
 	RESERVED
-CVE-2012-1469
-	RESERVED
-CVE-2012-1468
-	RESERVED
-CVE-2012-1467
-	RESERVED
+CVE-2012-1469 (Multiple cross-site scripting (XSS) vulnerabilities in Open Journal ...)
+	TODO: check
+CVE-2012-1468 (Incomplete blacklist vulnerability in Open Journal Systems before ...)
+	TODO: check
+CVE-2012-1467 (Multiple directory traversal vulnerabilities in the iBrowser plugin ...)
+	TODO: check
 CVE-2012-1466 (The Traffic Grapher Server for NetMechanica NetDecision before 4.6.1 ...)
 	NOT-FOR-US: NetMechanica NetDecision
 CVE-2012-1465 (Stack-based buffer overflow in the HTTP Server in NetMechanica ...)
@@ -8892,24 +9236,20 @@
 CVE-2012-1113 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
 	- gallery2 2.3.2.dfsg-1 (low)
 	[squeeze] - gallery2 <no-dsa> (Minor issue)
-CVE-2012-1112
-	RESERVED
+CVE-2012-1112 (Directory traversal vulnerability in Open-Realty CMS 2.5.8 and earlier ...)
 	NOT-FOR-US: OpenRealty CMS not in Debian
 CVE-2012-1111
 	RESERVED
 	- lightdm 1.0.9-1 (bug #658678)
-CVE-2012-1110
-	RESERVED
+CVE-2012-1110 (Multiple cross-site scripting (XSS) vulnerabilities in Etano 1.22 and ...)
 	NOT-FOR-US: etano not in Debian
 CVE-2012-1109
 	RESERVED
 	NOT-FOR-US: mwlib not in Debian
-CVE-2012-1108
-	RESERVED
+CVE-2012-1108 (The parse function in ogg/xiphcomment.cpp in TagLib 1.7 and earlier ...)
 	- taglib 1.7.1-1 (low; bug #662705)
 	[squeeze] - taglib <no-dsa> (Minor issue)
-CVE-2012-1107
-	RESERVED
+CVE-2012-1107 (The analyzeCurrent function in ape/apeproperties.cpp in TagLib 1.7 and ...)
 	- taglib 1.7.1-1 (low; bug #662705)
 	[squeeze] - taglib <no-dsa> (Minor issue)
 CVE-2012-1106 (The C handler plug-in in Automatic Bug Reporting Tool (ABRT), possibly ...)
@@ -9599,14 +9939,11 @@
 	- ocaml 4.00.0~beta2-1 (low; bug #659149)
 CVE-2012-0838 (Apache Struts 2 before 2.2.3.1 evaluates a string as an OGNL ...)
 	- libstruts1.2-java <not-affected> (struts 2 issue)
-CVE-2012-0837
-	RESERVED
+CVE-2012-0837 (Joomla! 1.7.x before 1.7.5 and 2.5.x before 2.5.1 allows attackers to ...)
 	NOT-FOR-US: Joomla!
-CVE-2012-0836
-	RESERVED
+CVE-2012-0836 (Unspecified vulnerability in Joomla! 1.7.x before 1.7.5 allows ...)
 	NOT-FOR-US: Joomla!
-CVE-2012-0835
-	RESERVED
+CVE-2012-0835 (Unspecified vulnerability in Joomla! 1.7.x before 1.7.5 and 2.5.x ...)
 	NOT-FOR-US: Joomla!
 CVE-2012-0834 (Cross-site scripting (XSS) vulnerability in lib/QueryRender.php in ...)
 	- phpldapadmin 1.2.2-1 (bug #658907)
@@ -9646,17 +9983,13 @@
 	- libvpx 1.0.0-1
 	[squeeze] - libvpx <not-affected> (Introduced in 0.9.7)
 	NOTE: http://blog.webmproject.org/2012/01/vp8-codec-sdk-duclair-released.html
-CVE-2012-0822
-	RESERVED
+CVE-2012-0822 (Cross-site scripting (XSS) vulnerability in Joomla! 1.6 and 1.7.x ...)
 	NOT-FOR-US: Joomla!
-CVE-2012-0821
-	RESERVED
+CVE-2012-0821 (Unspecified vulnerability in Joomla! 1.6.x and 1.7.x before 1.7.4 ...)
 	NOT-FOR-US: Joomla!
-CVE-2012-0820
-	RESERVED
+CVE-2012-0820 (Cross-site scripting (XSS) vulnerability in Joomla! 1.6.x and 1.7.x ...)
 	NOT-FOR-US: Joomla!
-CVE-2012-0819
-	RESERVED
+CVE-2012-0819 (Unspecified vulnerability in Joomla! 1.6.x and 1.7.x before 1.7.4 ...)
 	NOT-FOR-US: Joomla!
 CVE-2012-0818
 	RESERVED
@@ -11832,8 +12165,7 @@
 	REJECTED
 CVE-2006-7248
 	REJECTED
-CVE-2006-7247
-	RESERVED
+CVE-2006-7247 (SQL injection vulnerability in the Weblinks (com_weblinks) component ...)
 	NOT-FOR-US: Joomla
 CVE-2005-4894
 	RESERVED




More information about the Secure-testing-commits mailing list