[Secure-testing-commits] r20223 - data/CVE

Joey Hess joeyh at alioth.debian.org
Mon Sep 24 21:14:19 UTC 2012 

Author: joeyh
Date: 2012-09-24 21:14:18 +0000 (Mon, 24 Sep 2012)
New Revision: 20223

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-09-24 20:13:35 UTC (rev 20222)
+++ data/CVE/list	2012-09-24 21:14:18 UTC (rev 20223)
@@ -1,3 +1,221 @@
+CVE-2012-5105 (Multiple cross-site scripting (XSS) vulnerabilities in SQLiteManager ...)
+	TODO: check
+CVE-2012-5104 (Cross-site scripting (XSS) vulnerability in forums/ubbthreads.php in ...)
+	TODO: check
+CVE-2012-5103 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+	TODO: check
+CVE-2012-5102 (Cross-site scripting (XSS) vulnerability in inc/extensions.php in ...)
+	TODO: check
+CVE-2012-5101 (SQL injection vulnerability in the JExtensions JE Poll component ...)
+	TODO: check
+CVE-2012-5100 (Directory traversal vulnerability in HServer 0.1.1 allows remote ...)
+	TODO: check
+CVE-2012-5099 (Cross-site scripting (XSS) vulnerability in list.php in PHPB2B 4.1 and ...)
+	TODO: check
+CVE-2012-5098 (Multiple SQL injection vulnerabilities in Php-X-Links, possibly 1.0, ...)
+	TODO: check
+CVE-2012-5097
+	RESERVED
+CVE-2012-5096
+	RESERVED
+CVE-2012-5095
+	RESERVED
+CVE-2012-5094
+	RESERVED
+CVE-2012-5093
+	RESERVED
+CVE-2012-5092
+	RESERVED
+CVE-2012-5091
+	RESERVED
+CVE-2012-5090
+	RESERVED
+CVE-2012-5089
+	RESERVED
+CVE-2012-5088
+	RESERVED
+CVE-2012-5087
+	RESERVED
+CVE-2012-5086
+	RESERVED
+CVE-2012-5085
+	RESERVED
+CVE-2012-5084
+	RESERVED
+CVE-2012-5083
+	RESERVED
+CVE-2012-5082
+	RESERVED
+CVE-2012-5081
+	RESERVED
+CVE-2012-5080
+	RESERVED
+CVE-2012-5079
+	RESERVED
+CVE-2012-5078
+	RESERVED
+CVE-2012-5077
+	RESERVED
+CVE-2012-5076
+	RESERVED
+CVE-2012-5075
+	RESERVED
+CVE-2012-5074
+	RESERVED
+CVE-2012-5073
+	RESERVED
+CVE-2012-5072
+	RESERVED
+CVE-2012-5071
+	RESERVED
+CVE-2012-5070
+	RESERVED
+CVE-2012-5069
+	RESERVED
+CVE-2012-5068
+	RESERVED
+CVE-2012-5067
+	RESERVED
+CVE-2012-5066
+	RESERVED
+CVE-2012-5065
+	RESERVED
+CVE-2012-5064
+	RESERVED
+CVE-2012-5063
+	RESERVED
+CVE-2012-5062
+	RESERVED
+CVE-2012-5061
+	RESERVED
+CVE-2012-5060
+	RESERVED
+CVE-2012-5059
+	RESERVED
+CVE-2012-5058
+	RESERVED
+CVE-2012-5057
+	RESERVED
+CVE-2012-5056
+	RESERVED
+CVE-2012-5055
+	RESERVED
+CVE-2012-5054
+	RESERVED
+CVE-2012-5053
+	RESERVED
+CVE-2012-5052
+	RESERVED
+CVE-2012-5051
+	RESERVED
+CVE-2012-5050
+	RESERVED
+CVE-2012-5049
+	RESERVED
+CVE-2012-5048
+	RESERVED
+CVE-2012-5047
+	RESERVED
+CVE-2012-5046
+	RESERVED
+CVE-2012-5045
+	RESERVED
+CVE-2012-5044
+	RESERVED
+CVE-2012-5043
+	RESERVED
+CVE-2012-5042
+	RESERVED
+CVE-2012-5041
+	RESERVED
+CVE-2012-5040
+	RESERVED
+CVE-2012-5039
+	RESERVED
+CVE-2012-5038
+	RESERVED
+CVE-2012-5037
+	RESERVED
+CVE-2012-5036
+	RESERVED
+CVE-2012-5035
+	RESERVED
+CVE-2012-5034
+	RESERVED
+CVE-2012-5033
+	RESERVED
+CVE-2012-5032
+	RESERVED
+CVE-2012-5031
+	RESERVED
+CVE-2012-5030
+	RESERVED
+CVE-2012-5029
+	RESERVED
+CVE-2012-5028
+	RESERVED
+CVE-2012-5027
+	RESERVED
+CVE-2012-5026
+	RESERVED
+CVE-2012-5025
+	RESERVED
+CVE-2012-5024
+	RESERVED
+CVE-2012-5023
+	RESERVED
+CVE-2012-5022
+	RESERVED
+CVE-2012-5021
+	RESERVED
+CVE-2012-5020
+	RESERVED
+CVE-2012-5019
+	RESERVED
+CVE-2012-5018
+	RESERVED
+CVE-2012-5017
+	RESERVED
+CVE-2012-5016
+	RESERVED
+CVE-2012-5015
+	RESERVED
+CVE-2012-5014
+	RESERVED
+CVE-2012-5013
+	RESERVED
+CVE-2012-5012
+	RESERVED
+CVE-2012-5011
+	RESERVED
+CVE-2012-5010
+	RESERVED
+CVE-2012-5009
+	RESERVED
+CVE-2012-5008
+	RESERVED
+CVE-2011-5201 (Multiple SQL injection vulnerabilities in sign.php in tinyguestbook ...)
+	TODO: check
+CVE-2011-5200 (Multiple SQL injection vulnerabilities in DeDeCMS, possibly 5.6, allow ...)
+	TODO: check
+CVE-2011-5199 (Cross-site scripting (XSS) vulnerability in sign.php in tinyguestbook ...)
+	TODO: check
+CVE-2011-5198 (SQL injection vulnerability in search.php in Neturf eCommerce Shopping ...)
+	TODO: check
+CVE-2011-5197 (Cross-site request forgery (CSRF) vulnerability in ...)
+	TODO: check
+CVE-2011-5196 (Cross-site request forgery (CSRF) vulnerability in ...)
+	TODO: check
+CVE-2011-5195 (Cross-site request forgery (CSRF) vulnerability in ...)
+	TODO: check
+CVE-2011-5194 (Cross-site scripting (XSS) vulnerability in ...)
+	TODO: check
+CVE-2011-5193 (Cross-site scripting (XSS) vulnerability in ...)
+	TODO: check
+CVE-2011-5192 (Cross-site scripting (XSS) vulnerability in pretty-bar.php in Pretty ...)
+	TODO: check
+CVE-2011-5191 (Cross-site scripting (XSS) vulnerability in pretty-bar.php in Pretty ...)
+	TODO: check
 CVE-2012-5007 (The Fill PDF module 7.x-1.x before 7.x-1.2 for Drupal allows remote ...)
 	NOT-FOR-US: Drupal addon Fill PDF
 CVE-2012-5006 (Heap-based buffer overflow in npdjvu.dll in Caminova DjVu Browser ...)
@@ -2730,6 +2948,7 @@
 CVE-2012-3979 (Mozilla Firefox before 15.0 on Android does not properly implement ...)
 	- iceweasel <not-affected> (Only affects Firefox for Android)
 CVE-2012-3978 (The nsLocation::CheckURL function in Mozilla Firefox before 15.0, ...)
+	{DSA-2553-1}
 	- iceweasel 10.0.7esr-1
 	- icedove 10.0.7-1
 	- iceape 2.7.7-1
@@ -2747,6 +2966,7 @@
 CVE-2012-3973 (The debugger in the developer-tools subsystem in Mozilla Firefox ...)
 	- iceweasel <not-affected> (Only affects Firefox >= 10)
 CVE-2012-3972 (The format-number functionality in the XSLT implementation in Mozilla ...)
+	{DSA-2553-1}
 	- iceweasel 10.0.7esr-1
 	- icedove 10.0.7-1
 	- iceape 2.7.7-1
@@ -2759,6 +2979,7 @@
 	- icedove <not-affected> (Vulnerable code not present in Firefox 10.x codebase)
 	- iceape <not-affected> (Vulnerable code not present in Firefox 10.x codebase)
 CVE-2012-3969 (Integer overflow in the nsSVGFEMorphologyElement::Filter function in ...)
+	{DSA-2553-1}
 	- iceweasel 10.0.7esr-1
 	- icedove 10.0.7-1
 	- iceape 2.7.7-1
@@ -2785,6 +3006,7 @@
 	- icedove <not-affected> (Vulnerable code not present in Firefox 10.x codebase)
 	- iceape <not-affected> (Vulnerable code not present in Firefox 10.x codebase)
 CVE-2012-3962 (Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, ...)
+	{DSA-2553-1}
 	- iceweasel 10.0.7esr-1
 	- icedove 10.0.7-1
 	- iceape 2.7.7-1
@@ -2797,6 +3019,7 @@
 	- icedove 10.0.7-1
 	- iceape 2.7.7-1
 CVE-2012-3959 (Use-after-free vulnerability in the nsRangeUpdater::SelAdjDeleteNode ...)
+	{DSA-2553-1}
 	- iceweasel 10.0.7esr-1
 	- icedove 10.0.7-1
 	- iceape 2.7.7-1
@@ -4765,8 +4988,8 @@
 	RESERVED
 CVE-2012-3138
 	RESERVED
-CVE-2012-3137
-	RESERVED
+CVE-2012-3137 (The authentication protocol in Oracle Database 11g 1 and 2 allows ...)
+	TODO: check
 CVE-2012-3136 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
 	- openjdk-7 7u3-2.1.2-1
 	- openjdk-6 <not-affected>
@@ -6088,8 +6311,8 @@
 	NOT-FOR-US: WellinTech KingHistorian
 CVE-2012-2558
 	RESERVED
-CVE-2012-2557
-	RESERVED
+CVE-2012-2557 (Use-after-free vulnerability in Microsoft Internet Explorer 6 through ...)
+	TODO: check
 CVE-2012-2556
 	RESERVED
 CVE-2012-2555
@@ -6106,12 +6329,12 @@
 	RESERVED
 CVE-2012-2549
 	RESERVED
-CVE-2012-2548
-	RESERVED
+CVE-2012-2548 (Use-after-free vulnerability in Microsoft Internet Explorer 9 allows ...)
+	TODO: check
 CVE-2012-2547
 	RESERVED
-CVE-2012-2546
-	RESERVED
+CVE-2012-2546 (Use-after-free vulnerability in Microsoft Internet Explorer 9 allows ...)
+	TODO: check
 CVE-2012-2545
 	RESERVED
 CVE-2012-2544
@@ -7596,28 +7819,34 @@
 CVE-2012-1977 (WellinTech KingSCADA 3.0 uses a cleartext base64 format for storage of ...)
 	NOT-FOR-US: WellinTech KingSCADA
 CVE-2012-1976 (Use-after-free vulnerability in the ...)
+	{DSA-2553-1}
 	- iceweasel 10.0.7esr-1
 	- icedove 10.0.7-1
 	- iceape 2.7.7-1
 CVE-2012-1975 (Use-after-free vulnerability in the PresShell::CompleteMove function ...)
+	{DSA-2553-1}
 	- iceweasel 10.0.7esr-1
 	- icedove 10.0.7-1
 	- iceape 2.7.7-1
 CVE-2012-1974 (Use-after-free vulnerability in the gfxTextRun::CanBreakLineBefore ...)
+	{DSA-2553-1}
 	- iceweasel 10.0.7esr-1
 	- icedove 10.0.7-1
 	- iceape 2.7.7-1
 CVE-2012-1973 (Use-after-free vulnerability in the nsObjectLoadingContent::LoadObject ...)
+	{DSA-2553-1}
 	- iceweasel 10.0.7esr-1
 	- icedove 10.0.7-1
 	- iceape 2.7.7-1
 CVE-2012-1972 (Use-after-free vulnerability in the ...)
+	{DSA-2553-1}
 	- iceweasel 10.0.7esr-1
 	- icedove 10.0.7-1
 	- iceape 2.7.7-1
 CVE-2012-1971 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
 	- iceweasel <not-affected> (Only affects Firefox >= 10)
 CVE-2012-1970 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+	{DSA-2553-1}
 	- iceweasel 10.0.7esr-1
 	- iceape 2.7.7-1
 CVE-2012-1969 (The get_attachment_link function in Template.pm in Bugzilla 2.x and ...)
@@ -8660,8 +8889,8 @@
 	RESERVED
 CVE-2012-1530
 	RESERVED
-CVE-2012-1529
-	RESERVED
+CVE-2012-1529 (Use-after-free vulnerability in Microsoft Internet Explorer 8 and 9 ...)
+	TODO: check
 CVE-2012-1528
 	RESERVED
 CVE-2012-1527

More information about the Secure-testing-commits mailing list