thr3ads.net - Secure testing commits - [Secure-testing-commits] r18592

If this information is useful, please help other people find it:
Share via:
Joey Hess
2012-Mar-05 21:14 UTC
[Secure-testing-commits] r18592 - data/CVE

Author: joeyh
Date: 2012-03-05 21:14:24 +0000 (Mon, 05 Mar 2012)
New Revision: 18592

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2012-03-05 20:27:06 UTC (rev 18591)
+++ data/CVE/list	2012-03-05 21:14:24 UTC (rev 18592)
@@ -1,3 +1,11 @@
+CVE-2012-1498
+	RESERVED
+CVE-2012-1497 (The default configuration of Movable Type before 4.38, 5.0x
before ...)
+	TODO: check
+CVE-2012-1496
+	RESERVED
+CVE-2012-1495
+	RESERVED
 CVE-2012-1102 [XML::Atom Perl module XML entity expansion]
 	RESERVED
 	{DSA-2424-1}
@@ -471,8 +479,8 @@
 	RESERVED
 CVE-2012-1263
 	RESERVED
-CVE-2012-1262
-	RESERVED
+CVE-2012-1262 (Cross-site scripting (XSS) vulnerability in
cgi-bin/mt/mt-wizard.cgi ...)
+	TODO: check
 CVE-2012-1261
 	RESERVED
 CVE-2012-1260
@@ -1433,8 +1441,8 @@
 	NOTE: Commit
http://mail-archives.apache.org/mod_mbox/apr-commits/201201.mbox/%3C20120115003715.071D423888FD
at eris.apache.org%3E seems to cause regressions
 CVE-2012-0839 (OCaml 3.12.1 and earlier computes hash values without
restricting the ...)
 	- ocaml <unfixed> (low; bug #659149)
-CVE-2012-0838
-	RESERVED
+CVE-2012-0838 (Apache Struts 2 before 2.2.3.1 evaluates a string as an OGNL
...)
+	TODO: check
 CVE-2012-0837
 	RESERVED
 CVE-2012-0836
@@ -1741,8 +1749,8 @@
 	RESERVED
 CVE-2012-0716
 	RESERVED
-CVE-2012-0715
-	RESERVED
+CVE-2012-0715 (Cross-site scripting (XSS) vulnerability in the Gantt applet
viewer in ...)
+	TODO: check
 CVE-2012-0714
 	RESERVED
 CVE-2012-0713
@@ -2669,16 +2677,16 @@
 	RESERVED
 CVE-2012-0322
 	RESERVED
-CVE-2012-0321
-	RESERVED
-CVE-2012-0320
-	RESERVED
-CVE-2012-0319
-	RESERVED
-CVE-2012-0318
-	RESERVED
-CVE-2012-0317
-	RESERVED
+CVE-2012-0321 (Unspecified vulnerability in the device driver in Kingsoft
Internet ...)
+	TODO: check
+CVE-2012-0320 (Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13
...)
+	TODO: check
+CVE-2012-0319 (The file-management system in Movable Type before 4.38, 5.0x
before ...)
+	TODO: check
+CVE-2012-0318 (Multiple cross-site scripting (XSS) vulnerabilities in Movable
Type ...)
+	TODO: check
+CVE-2012-0317 (Multiple cross-site request forgery (CSRF) vulnerabilities in
Movable ...)
+	TODO: check
 CVE-2012-0316 (The Cookpad 1.5.16 and earlier and Cookpad Noseru 1.1.1 and
earlier ...)
 	TODO: check
 CVE-2012-0315 (Untrusted search path vulnerability in ALFTP before 5.31 allows
local ...)
@@ -5866,8 +5874,8 @@
 	NOT-FOR-US: Novell NetWare
 CVE-2011-4190
 	RESERVED
-CVE-2011-4189
-	RESERVED
+CVE-2011-4189 (The client in Novell GroupWise 8.0x through 8.02HP3 allows
remote ...)
+	TODO: check
 CVE-2011-4188
 	RESERVED
 CVE-2011-4187 (Buffer overflow in the GetDriverSettings function in nipplib.dll
in ...)
@@ -14238,8 +14246,8 @@
 	RESERVED
 CVE-2011-1386 (IBM Tivoli Federated Identity Manager (TFIM) and Tivoli
Federated ...)
 	NOT-FOR-US: IBM Tivoli Federated Identity Manager
-CVE-2011-1385
-	RESERVED
+CVE-2011-1385 (IBM AIX 5.3, 6.1, and 7.1, and VIOS 2.1.x and 2.2.x, allows
remote ...)
+	TODO: check
 CVE-2011-1384 (The (1) bin/invscoutClient_VPD_Survey and (2)
sbin/invscout_lsvpd ...)
 	NOT-FOR-US: IBM AIX
 CVE-2011-1383
Secure testing commits - Mar 2012 - r18592 - data/CVE

[Secure-testing-commits] r18592 - data/CVE
