[Secure-testing-commits] r20119 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Fri Sep 7 21:14:22 UTC 2012
Author: joeyh
Date: 2012-09-07 21:14:22 +0000 (Fri, 07 Sep 2012)
New Revision: 20119
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-09-07 18:42:30 UTC (rev 20118)
+++ data/CVE/list 2012-09-07 21:14:22 UTC (rev 20119)
@@ -1,3 +1,351 @@
+CVE-2012-4883 (Multiple untrusted search path vulnerabilities in 3DVIA Composer ...)
+ TODO: check
+CVE-2012-4882 (Multiple untrusted search path vulnerabilities in 3D XML Player ...)
+ TODO: check
+CVE-2012-4881 (Untrusted search path vulnerability in moviEZ HD 1.0 Build ...)
+ TODO: check
+CVE-2012-4880 (Multiple untrusted search path vulnerabilities in DVD Architect Pro ...)
+ TODO: check
+CVE-2012-4879 (The Linux Console on the WAGO I/O System 758 model 758-870, 758-874, ...)
+ TODO: check
+CVE-2012-4878 (Absolute path traversal vulnerability in controlcenter.php in FlatnuX ...)
+ TODO: check
+CVE-2012-4877 (Cross-site request forgery (CSRF) vulnerability in controlcenter.php ...)
+ TODO: check
+CVE-2012-4876 (Stack-based buffer overflow in the UltraMJCam ActiveX Control in ...)
+ TODO: check
+CVE-2012-4875 (** DISPUTED ** ...)
+ TODO: check
+CVE-2012-4874 (Unspecified vulnerability in the Another WordPress Classifieds Plugin ...)
+ TODO: check
+CVE-2012-4873 (Cross-site scripting (XSS) vulnerability in the file_download function ...)
+ TODO: check
+CVE-2012-4872 (Cross-site scripting (XSS) vulnerability in Tickets/Submit in Kayako ...)
+ TODO: check
+CVE-2012-4871 (Cross-site scripting (XSS) vulnerability in service/graph_html.php in ...)
+ TODO: check
+CVE-2012-4870 (Multiple cross-site scripting (XSS) vulnerabilities in FreePBX 2.9 and ...)
+ TODO: check
+CVE-2012-4869 (The callme_startcall function in recordings/misc/callme_page.php in ...)
+ TODO: check
+CVE-2012-4868 (SQL injection vulnerability in news.php in the Kunena component 1.7.2 ...)
+ TODO: check
+CVE-2012-4867 (Directory traversal vulnerability in ...)
+ TODO: check
+CVE-2012-4866 (Untrusted search path vulnerability in Xtreme RAT 3.5 allows local ...)
+ TODO: check
+CVE-2012-4865 (Buffer overflow in Oreans Themida 2.1.8.0 allows remote attackers to ...)
+ TODO: check
+CVE-2012-4864 (Oreans WinLicense 2.1.8.0 allows remote attackers to cause a denial of ...)
+ TODO: check
+CVE-2012-4863
+ RESERVED
+CVE-2012-4862
+ RESERVED
+CVE-2012-4861
+ RESERVED
+CVE-2012-4860
+ RESERVED
+CVE-2012-4859
+ RESERVED
+CVE-2012-4858
+ RESERVED
+CVE-2012-4857
+ RESERVED
+CVE-2012-4856
+ RESERVED
+CVE-2012-4855
+ RESERVED
+CVE-2012-4854
+ RESERVED
+CVE-2012-4853
+ RESERVED
+CVE-2012-4852
+ RESERVED
+CVE-2012-4851
+ RESERVED
+CVE-2012-4850
+ RESERVED
+CVE-2012-4849
+ RESERVED
+CVE-2012-4848
+ RESERVED
+CVE-2012-4847
+ RESERVED
+CVE-2012-4846
+ RESERVED
+CVE-2012-4845
+ RESERVED
+CVE-2012-4844
+ RESERVED
+CVE-2012-4843
+ RESERVED
+CVE-2012-4842
+ RESERVED
+CVE-2012-4841
+ RESERVED
+CVE-2012-4840
+ RESERVED
+CVE-2012-4839
+ RESERVED
+CVE-2012-4838
+ RESERVED
+CVE-2012-4837
+ RESERVED
+CVE-2012-4836
+ RESERVED
+CVE-2012-4835
+ RESERVED
+CVE-2012-4834
+ RESERVED
+CVE-2012-4833
+ RESERVED
+CVE-2012-4832
+ RESERVED
+CVE-2012-4831
+ RESERVED
+CVE-2012-4830
+ RESERVED
+CVE-2012-4829
+ RESERVED
+CVE-2012-4828
+ RESERVED
+CVE-2012-4827
+ RESERVED
+CVE-2012-4826
+ RESERVED
+CVE-2012-4825
+ RESERVED
+CVE-2012-4824
+ RESERVED
+CVE-2012-4823
+ RESERVED
+CVE-2012-4822
+ RESERVED
+CVE-2012-4821
+ RESERVED
+CVE-2012-4820
+ RESERVED
+CVE-2012-4819
+ RESERVED
+CVE-2012-4818
+ RESERVED
+CVE-2012-4817
+ RESERVED
+CVE-2012-4816
+ RESERVED
+CVE-2012-4815
+ RESERVED
+CVE-2012-4814
+ RESERVED
+CVE-2012-4813
+ RESERVED
+CVE-2012-4812
+ RESERVED
+CVE-2012-4811
+ RESERVED
+CVE-2012-4810
+ RESERVED
+CVE-2012-4809
+ RESERVED
+CVE-2012-4808
+ RESERVED
+CVE-2012-4807
+ RESERVED
+CVE-2012-4806
+ RESERVED
+CVE-2012-4805
+ RESERVED
+CVE-2012-4804
+ RESERVED
+CVE-2012-4803
+ RESERVED
+CVE-2012-4802
+ RESERVED
+CVE-2012-4801
+ RESERVED
+CVE-2012-4800
+ RESERVED
+CVE-2012-4799
+ RESERVED
+CVE-2012-4798
+ RESERVED
+CVE-2012-4797
+ RESERVED
+CVE-2012-4796
+ RESERVED
+CVE-2012-4795
+ RESERVED
+CVE-2012-4794
+ RESERVED
+CVE-2012-4793
+ RESERVED
+CVE-2012-4792
+ RESERVED
+CVE-2012-4791
+ RESERVED
+CVE-2012-4790
+ RESERVED
+CVE-2012-4789
+ RESERVED
+CVE-2012-4788
+ RESERVED
+CVE-2012-4787
+ RESERVED
+CVE-2012-4786
+ RESERVED
+CVE-2012-4785
+ RESERVED
+CVE-2012-4784
+ RESERVED
+CVE-2012-4783
+ RESERVED
+CVE-2012-4782
+ RESERVED
+CVE-2012-4781
+ RESERVED
+CVE-2012-4780
+ RESERVED
+CVE-2012-4779
+ RESERVED
+CVE-2012-4778
+ RESERVED
+CVE-2012-4777
+ RESERVED
+CVE-2012-4776
+ RESERVED
+CVE-2012-4775
+ RESERVED
+CVE-2012-4774
+ RESERVED
+CVE-2012-4773
+ RESERVED
+CVE-2012-4772
+ RESERVED
+CVE-2012-4771
+ RESERVED
+CVE-2012-4770
+ RESERVED
+CVE-2012-4769
+ RESERVED
+CVE-2012-4768
+ RESERVED
+CVE-2012-4767
+ RESERVED
+CVE-2012-4766
+ RESERVED
+CVE-2012-4765
+ RESERVED
+CVE-2012-4764
+ RESERVED
+CVE-2012-4763
+ RESERVED
+CVE-2012-4762
+ RESERVED
+CVE-2012-4761
+ RESERVED
+CVE-2012-4760
+ RESERVED
+CVE-2011-5158 (Multiple untrusted search path vulnerabilities in the DMTGUI2.EXE and ...)
+ TODO: check
+CVE-2010-5274 (Untrusted search path vulnerability in PKZIP before 12.50.0014 allows ...)
+ TODO: check
+CVE-2010-5273 (Untrusted search path vulnerability in Altova DiffDog 2011 Enterprise ...)
+ TODO: check
+CVE-2010-5272 (Untrusted search path vulnerability in Altova DatabaseSpy 2011 ...)
+ TODO: check
+CVE-2010-5271 (Untrusted search path vulnerability in Altova MapForce 2011 Enterprise ...)
+ TODO: check
+CVE-2010-5270 (Multiple untrusted search path vulnerabilities in Adobe Device Central ...)
+ TODO: check
+CVE-2010-5269 (Untrusted search path vulnerability in tbb.dll in Intel Threading ...)
+ TODO: check
+CVE-2010-5268 (Untrusted search path vulnerability in Amazon Kindle for PC 1.3.0 ...)
+ TODO: check
+CVE-2010-5267 (Untrusted search path vulnerability in MunSoft Easy Office Recovery ...)
+ TODO: check
+CVE-2010-5266 (Untrusted search path vulnerability in VideoCharge Studio 2.9.0.632 ...)
+ TODO: check
+CVE-2010-5265 (Untrusted search path vulnerability in SmartSniff 1.71 allows local ...)
+ TODO: check
+CVE-2010-5264 (Untrusted search path vulnerability in the CExtDWM::CExtDWM method in ...)
+ TODO: check
+CVE-2010-5263 (Untrusted search path vulnerability in Sothink SWF Decompiler 6.0 ...)
+ TODO: check
+CVE-2010-5262 (Multiple untrusted search path vulnerabilities in libmcl-5.4.0.dll in ...)
+ TODO: check
+CVE-2010-5261 (Untrusted search path vulnerability in SnowFox Total Video Converter ...)
+ TODO: check
+CVE-2010-5260 (Untrusted search path vulnerability in Agrin All DVD Ripper 4.0 allows ...)
+ TODO: check
+CVE-2010-5259 (Multiple untrusted search path vulnerabilities in IsoBuster 2.8 allow ...)
+ TODO: check
+CVE-2010-5258 (Untrusted search path vulnerability in Adobe Audition 3.0 build 7283.0 ...)
+ TODO: check
+CVE-2010-5257 (Multiple untrusted search path vulnerabilities in ArchiCAD 13 and 14 ...)
+ TODO: check
+CVE-2010-5256 (Untrusted search path vulnerability in CDisplay 1.8.1 allows local ...)
+ TODO: check
+CVE-2010-5255 (Untrusted search path vulnerability in UltraISO 9.3.6.2750 allows ...)
+ TODO: check
+CVE-2010-5254 (Untrusted search path vulnerability in GFI Backup 3.1 Build 20100730 ...)
+ TODO: check
+CVE-2010-5253 (Untrusted search path vulnerability in WinImage 8.50 allows local ...)
+ TODO: check
+CVE-2010-5252 (Untrusted search path vulnerability in HTTrack 3.43-9 allows local ...)
+ TODO: check
+CVE-2010-5251 (Multiple untrusted search path vulnerabilities in IBM Lotus Notes 8.5 ...)
+ TODO: check
+CVE-2010-5250 (Untrusted search path vulnerability in the ...)
+ TODO: check
+CVE-2010-5249 (Untrusted search path vulnerability in Sophos Free Encryption 2.40.1.1 ...)
+ TODO: check
+CVE-2010-5248 (Untrusted search path vulnerability in UltraVNC 1.0.8.2 allows local ...)
+ TODO: check
+CVE-2010-5247 (Untrusted search path vulnerability in QtWeb Browser 3.3 build 043 ...)
+ TODO: check
+CVE-2010-5246 (Multiple untrusted search path vulnerabilities in Maxthon Browser ...)
+ TODO: check
+CVE-2010-5245 (Untrusted search path vulnerability in PDF-XChange Viewer 2.0 Build ...)
+ TODO: check
+CVE-2010-5244 (Untrusted search path vulnerability in SiSoftware Sandra 2010 Lite ...)
+ TODO: check
+CVE-2010-5243 (Multiple untrusted search path vulnerabilities in Cyberlink Power2Go ...)
+ TODO: check
+CVE-2010-5242 (Untrusted search path vulnerability in Sound Forge Pro 10.0b Build 474 ...)
+ TODO: check
+CVE-2010-5241 (Multiple untrusted search path vulnerabilities in Autodesk AutoCAD ...)
+ TODO: check
+CVE-2010-5240 (Multiple untrusted search path vulnerabilities in Corel PHOTO-PAINT ...)
+ TODO: check
+CVE-2010-5239 (Untrusted search path vulnerability in DAEMON Tools Lite 4.35.6.0091 ...)
+ TODO: check
+CVE-2010-5238 (Untrusted search path vulnerability in CyberLink PowerDirector ...)
+ TODO: check
+CVE-2010-5237 (Untrusted search path vulnerability in CyberLink PowerDirector 7 ...)
+ TODO: check
+CVE-2010-5236 (Untrusted search path vulnerability in Roxio Easy Media Creator Home ...)
+ TODO: check
+CVE-2010-5235 (Untrusted search path vulnerability in IZArc Archiver 4.1.2 allows ...)
+ TODO: check
+CVE-2010-5234 (Multiple untrusted search path vulnerabilities in Camtasia Studio ...)
+ TODO: check
+CVE-2010-5233 (Untrusted search path vulnerability in Virtual DJ 6.1.2 Trial b301 ...)
+ TODO: check
+CVE-2010-5232 (Untrusted search path vulnerability in DivX Plus Player 8.1.0 allows ...)
+ TODO: check
+CVE-2010-5231 (Untrusted search path vulnerability in DivX Player 7.2.019 allows ...)
+ TODO: check
+CVE-2010-5230 (Multiple untrusted search path vulnerabilities in MicroStation 7.1 ...)
+ TODO: check
+CVE-2010-5229 (Untrusted search path vulnerability in 010 Editor before 3.1.3 allows ...)
+ TODO: check
+CVE-2010-5228 (Untrusted search path vulnerability in RealPlayer SP 1.1.5 12.0.0.879 ...)
+ TODO: check
+CVE-2010-5227 (Untrusted search path vulnerability in Opera before 10.62 allows local ...)
+ TODO: check
+CVE-2010-5226 (Multiple untrusted search path vulnerabilities in Autodesk Design ...)
+ TODO: check
CVE-2012-4759 (Untrusted search path vulnerability in facebook_plugin.fpi in the ...)
TODO: check
CVE-2012-4758 (Multiple untrusted search path vulnerabilities in CyberLink ...)
@@ -3187,6 +3535,7 @@
RESERVED
CVE-2012-3458
RESERVED
+ {DSA-2541-1}
- beaker 1.6.3-1.1 (bug #684890)
CVE-2012-3457 (PNP4Nagios 0.6 through 0.6.16 uses world-readable permissions for ...)
- pnp4nagios <unfixed> (low; bug #683879)
@@ -4254,8 +4603,8 @@
NOT-FOR-US: Siemens SIMATIC
CVE-2012-3014 (The Management Software application in GarrettCom Magnum MNS-6K before ...)
NOT-FOR-US: GarrettCom Magnum MNS-6K
-CVE-2012-3013
- RESERVED
+CVE-2012-3013 (WAGO I/O System 758 model 758-870, 758-874, 758-875, and 758-876 ...)
+ TODO: check
CVE-2012-3012 (The Arbiter Power Sentinel 1133A device with firmware before 11Jun2012 ...)
TODO: check
CVE-2012-3011
@@ -4884,11 +5233,9 @@
CVE-2012-2742 (Revelation 0.4.13-2 and earlier uses only the first 32 characters of a ...)
- revelation 0.4.11-10 (bug #633088)
NOTE: http://www.openwall.com/lists/oss-security/2012/06/18/1
-CVE-2012-2741 [phplist before 2.10.18 XSS]
- RESERVED
+CVE-2012-2741 (Cross-site scripting (XSS) vulnerability in public_html/lists/admin/ ...)
NOT-FOR-US: phplist
-CVE-2012-2740 [phplist before 2.10.18 SQL-injection]
- RESERVED
+CVE-2012-2740 (SQL injection vulnerability in public_html/lists/admin in phpList ...)
NOT-FOR-US: phplist
CVE-2012-2739 [java HashDos]
RESERVED
@@ -6190,6 +6537,7 @@
RESERVED
CVE-2012-2237
RESERVED
+ {DSA-2540-1}
- mahara 1.5.1-2
CVE-2012-2236 (SQL injection vulnerability in users.php in PHP Gift Registry 1.5.5 ...)
NOT-FOR-US: PHP Gift Registry
@@ -6617,8 +6965,7 @@
NOT-FOR-US: Drupal addon module not packaged in Debian
CVE-2012-2070 (Cross-site scripting (XSS) vulnerability in the MultiBlock module ...)
NOT-FOR-US: Drupal addon module not packaged in Debian
-CVE-2012-2069
- RESERVED
+CVE-2012-2069 (Cross-site request forgery (CSRF) vulnerability in the Wishlist module ...)
NOT-FOR-US: Drupal addon module not packaged in Debian
CVE-2012-2068 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
NOT-FOR-US: Drupal addon module not packaged in Debian
@@ -7720,11 +8067,9 @@
NOT-FOR-US: Coppermine
CVE-2012-1613 (Cross-site scripting (XSS) vulnerability in edit_one_pic.php in ...)
NOT-FOR-US: Coppermine
-CVE-2012-1612 [joomla info disc]
- RESERVED
+CVE-2012-1612 (Cross-site scripting (XSS) vulnerability in the update manager in ...)
- joomla <itp> (bug #571794)
-CVE-2012-1611 [joomla xss]
- RESERVED
+CVE-2012-1611 (Joomla! 2.5.x before 2.5.4 does not properly check permissions, which ...)
- joomla <itp> (bug #571794)
CVE-2012-1610 (Integer overflow in the GetEXIFProperty function in magick/property.c ...)
{DSA-2462-1}
@@ -7791,8 +8136,7 @@
REJECTED
CVE-2012-1585 (OpenStack Compute (Nova) Essex before 2011.3 allows remote ...)
- nova 2012-1~rc3-1 (bug #666888)
-CVE-2012-1584
- RESERVED
+CVE-2012-1584 (Integer overflow in the mid function in toolkit/tbytevector.cpp in ...)
- taglib 1.7.1-1 (low; bug #662705)
[squeeze] - taglib <no-dsa> (Minor issue)
CVE-2012-1583 (Double free vulnerability in the xfrm6_tunnel_rcv function in ...)
@@ -8051,12 +8395,12 @@
RESERVED
CVE-2012-1470
RESERVED
-CVE-2012-1469
- RESERVED
-CVE-2012-1468
- RESERVED
-CVE-2012-1467
- RESERVED
+CVE-2012-1469 (Multiple cross-site scripting (XSS) vulnerabilities in Open Journal ...)
+ TODO: check
+CVE-2012-1468 (Incomplete blacklist vulnerability in Open Journal Systems before ...)
+ TODO: check
+CVE-2012-1467 (Multiple directory traversal vulnerabilities in the iBrowser plugin ...)
+ TODO: check
CVE-2012-1466 (The Traffic Grapher Server for NetMechanica NetDecision before 4.6.1 ...)
NOT-FOR-US: NetMechanica NetDecision
CVE-2012-1465 (Stack-based buffer overflow in the HTTP Server in NetMechanica ...)
@@ -8892,24 +9236,20 @@
CVE-2012-1113 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
- gallery2 2.3.2.dfsg-1 (low)
[squeeze] - gallery2 <no-dsa> (Minor issue)
-CVE-2012-1112
- RESERVED
+CVE-2012-1112 (Directory traversal vulnerability in Open-Realty CMS 2.5.8 and earlier ...)
NOT-FOR-US: OpenRealty CMS not in Debian
CVE-2012-1111
RESERVED
- lightdm 1.0.9-1 (bug #658678)
-CVE-2012-1110
- RESERVED
+CVE-2012-1110 (Multiple cross-site scripting (XSS) vulnerabilities in Etano 1.22 and ...)
NOT-FOR-US: etano not in Debian
CVE-2012-1109
RESERVED
NOT-FOR-US: mwlib not in Debian
-CVE-2012-1108
- RESERVED
+CVE-2012-1108 (The parse function in ogg/xiphcomment.cpp in TagLib 1.7 and earlier ...)
- taglib 1.7.1-1 (low; bug #662705)
[squeeze] - taglib <no-dsa> (Minor issue)
-CVE-2012-1107
- RESERVED
+CVE-2012-1107 (The analyzeCurrent function in ape/apeproperties.cpp in TagLib 1.7 and ...)
- taglib 1.7.1-1 (low; bug #662705)
[squeeze] - taglib <no-dsa> (Minor issue)
CVE-2012-1106 (The C handler plug-in in Automatic Bug Reporting Tool (ABRT), possibly ...)
@@ -9599,14 +9939,11 @@
- ocaml 4.00.0~beta2-1 (low; bug #659149)
CVE-2012-0838 (Apache Struts 2 before 2.2.3.1 evaluates a string as an OGNL ...)
- libstruts1.2-java <not-affected> (struts 2 issue)
-CVE-2012-0837
- RESERVED
+CVE-2012-0837 (Joomla! 1.7.x before 1.7.5 and 2.5.x before 2.5.1 allows attackers to ...)
NOT-FOR-US: Joomla!
-CVE-2012-0836
- RESERVED
+CVE-2012-0836 (Unspecified vulnerability in Joomla! 1.7.x before 1.7.5 allows ...)
NOT-FOR-US: Joomla!
-CVE-2012-0835
- RESERVED
+CVE-2012-0835 (Unspecified vulnerability in Joomla! 1.7.x before 1.7.5 and 2.5.x ...)
NOT-FOR-US: Joomla!
CVE-2012-0834 (Cross-site scripting (XSS) vulnerability in lib/QueryRender.php in ...)
- phpldapadmin 1.2.2-1 (bug #658907)
@@ -9646,17 +9983,13 @@
- libvpx 1.0.0-1
[squeeze] - libvpx <not-affected> (Introduced in 0.9.7)
NOTE: http://blog.webmproject.org/2012/01/vp8-codec-sdk-duclair-released.html
-CVE-2012-0822
- RESERVED
+CVE-2012-0822 (Cross-site scripting (XSS) vulnerability in Joomla! 1.6 and 1.7.x ...)
NOT-FOR-US: Joomla!
-CVE-2012-0821
- RESERVED
+CVE-2012-0821 (Unspecified vulnerability in Joomla! 1.6.x and 1.7.x before 1.7.4 ...)
NOT-FOR-US: Joomla!
-CVE-2012-0820
- RESERVED
+CVE-2012-0820 (Cross-site scripting (XSS) vulnerability in Joomla! 1.6.x and 1.7.x ...)
NOT-FOR-US: Joomla!
-CVE-2012-0819
- RESERVED
+CVE-2012-0819 (Unspecified vulnerability in Joomla! 1.6.x and 1.7.x before 1.7.4 ...)
NOT-FOR-US: Joomla!
CVE-2012-0818
RESERVED
@@ -11832,8 +12165,7 @@
REJECTED
CVE-2006-7248
REJECTED
-CVE-2006-7247
- RESERVED
+CVE-2006-7247 (SQL injection vulnerability in the Weblinks (com_weblinks) component ...)
NOT-FOR-US: Joomla
CVE-2005-4894
RESERVED
More information about the Secure-testing-commits
mailing list