thr3ads.net - Secure testing commits - [Secure-testing-commits] r18691

If this information is useful, please help other people find it:
Share via:
Joey Hess
2012-Mar-16 21:14 UTC
[Secure-testing-commits] r18691 - data/CVE

Author: joeyh
Date: 2012-03-16 21:14:35 +0000 (Fri, 16 Mar 2012)
New Revision: 18691

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2012-03-16 15:34:16 UTC (rev 18690)
+++ data/CVE/list	2012-03-16 21:14:35 UTC (rev 18691)
@@ -1,3 +1,7 @@
+CVE-2012-1667
+	RESERVED
+CVE-2012-1666
+	RESERVED
 CVE-2012-XXXX [http://downloads.asterisk.org/pub/security/AST-2012-003.html]
 	- asterisk <unfixed>
 	[squeeze] - asterisk <not-affected> (Vulnerable code not present)
@@ -369,16 +373,16 @@
 	RESERVED
 CVE-2012-1486
 	RESERVED
-CVE-2012-1485
-	RESERVED
-CVE-2012-1484
-	RESERVED
-CVE-2012-1483
-	RESERVED
-CVE-2012-1482
-	RESERVED
-CVE-2012-1481
-	RESERVED
+CVE-2012-1485 (Unspecified vulnerability in the NetFront Life Browser ...)
+	TODO: check
+CVE-2012-1484 (Unspecified vulnerability in the WaliSMS CN
(cn.com.wali.walisms) ...)
+	TODO: check
+CVE-2012-1483 (Unspecified vulnerability in the Message Forwarder ...)
+	TODO: check
+CVE-2012-1482 (Unspecified vulnerability in the TouchPal Contacts ...)
+	TODO: check
+CVE-2012-1481 (Unspecified vulnerability in the Textdroid
(com.app.android.textdroid) ...)
+	TODO: check
 CVE-2012-1480 (Unspecified vulnerability in the Pansi SMS (com.pansi.msg)
application ...)
 	NOT-FOR-US: Pansi SMS
 CVE-2012-1479 (Unspecified vulnerability in the AContact
(com.movester.quickcontact) ...)
@@ -1003,6 +1007,7 @@
 	- libapache2-mod-fcgid 1:2.3.6-1 (bug #615814)
 CVE-2012-1180 [nginx fix for malformed HTTP responses from upstream servers]
 	RESERVED
+	{DSA-2434-1}
 	- nginx <unfixed> (bug #664137)
 	NOTE: http://seclists.org/oss-sec/2012/q1/644
 CVE-2012-1179
@@ -1046,8 +1051,7 @@
 	- ldm  2:2.2.7-1 (bug #663645)
 	[squeeze] - ldm <not-affected> (Introduced in 2.2)
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/ldm/+bug/953340
-CVE-2012-1165 [openssl: possible NULL dereference on bad MIME headers]
-	RESERVED
+CVE-2012-1165 (The mime_param_cmp function in crypto/asn1/asn_mime.c in OpenSSL
...)
 	- openssl 1.0.0h-1 (low; bug #663642)
 	NOTE: http://www.openwall.com/lists/oss-security/2012/03/12/3
 CVE-2012-1164 [openldap (slapd): Assertion failure by processing search
quer...]
@@ -3825,14 +3829,14 @@
 	NOT-FOR-US: Advantech/BroadWin WebAccess
 CVE-2012-0233 (Cross-site scripting (XSS) vulnerability in Advantech/BroadWin
...)
 	NOT-FOR-US: Advantech/BroadWin WebAccess
-CVE-2012-0232
-	RESERVED
-CVE-2012-0231
-	RESERVED
-CVE-2012-0230
-	RESERVED
-CVE-2012-0229
-	RESERVED
+CVE-2012-0232 (Directory traversal vulnerability in rifsrvd.exe in the Remote
...)
+	TODO: check
+CVE-2012-0231 (PRLicenseMgr.exe in the Proficy Server License Manager in GE
...)
+	TODO: check
+CVE-2012-0230 (PRRDS.exe in the Proficy Remote Data Service in GE Intelligent
...)
+	TODO: check
+CVE-2012-0229 (The Data Archiver service in GE Intelligent Platforms Proficy
...)
+	TODO: check
 CVE-2012-0228
 	RESERVED
 CVE-2012-0227
Secure testing commits - Mar 2012 - r18691 - data/CVE

[Secure-testing-commits] r18691 - data/CVE
