Secure testing commits - May 2012 - r19129 - data/CVE

Author: joeyh
Date: 2012-05-03 21:15:01 +0000 (Thu, 03 May 2012)
New Revision: 19129

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2012-05-03 20:54:08 UTC (rev 19128)
+++ data/CVE/list	2012-05-03 21:15:01 UTC (rev 19129)
@@ -9,6 +9,7 @@
 CVE-2012-2446
 	RESERVED
 CVE-2012-2451 [libconfig-inifiles-perl insecure temporary file creation]
+	RESERVED
 	- libconfig-inifiles-perl <unfixed> (bug #671255; low)
 	NOTE:
https://bitbucket.org/shlomif/perl-config-inifiles/changeset/a08fa26f4f59
 	NOTE: http://seclists.org/oss-sec/2012/q2/225
@@ -1120,20 +1121,20 @@
 	RESERVED
 CVE-2012-2007
 	RESERVED
-CVE-2012-2006
-	RESERVED
-CVE-2012-2005
-	RESERVED
-CVE-2012-2004
-	RESERVED
-CVE-2012-2003
-	RESERVED
-CVE-2012-2002
-	RESERVED
-CVE-2012-2001
-	RESERVED
-CVE-2012-2000
-	RESERVED
+CVE-2012-2006 (Unspecified vulnerability in HP Insight Management Agents before
...)
+	TODO: check
+CVE-2012-2005 (Cross-site scripting (XSS) vulnerability in HP Insight
Management ...)
+	TODO: check
+CVE-2012-2004 (Open redirect vulnerability in HP Insight Management Agents
before ...)
+	TODO: check
+CVE-2012-2003 (Cross-site request forgery (CSRF) vulnerability in HP Insight
...)
+	TODO: check
+CVE-2012-2002 (Open redirect vulnerability in HP SNMP Agents for Linux before
9.0.0 ...)
+	TODO: check
+CVE-2012-2001 (Cross-site scripting (XSS) vulnerability in HP SNMP Agents for
Linux ...)
+	TODO: check
+CVE-2012-2000 (Multiple unspecified vulnerabilities in HP System Health
Application ...)
+	TODO: check
 CVE-2012-1999
 	RESERVED
 CVE-2012-1998
@@ -1525,8 +1526,8 @@
 	RESERVED
 CVE-2012-1820
 	RESERVED
-CVE-2012-1819
-	RESERVED
+CVE-2012-1819 (Untrusted search path vulnerability in WellinTech KingView 6.53
allows ...)
+	TODO: check
 CVE-2012-1818
 	RESERVED
 CVE-2012-1817
@@ -2934,8 +2935,7 @@
 	RESERVED
 	{DSA-2414-1}
 	- fex 20120215-1 (low; bug #660621)
-CVE-2012-1190 [phpMyAdmin PMASA-2012-1 XSS using a crafted database name]
-	RESERVED
+CVE-2012-1190 (Cross-site scripting (XSS) vulnerability in the
replication-setup ...)
 	- phpmyadmin 4:3.4.10.1-1 (unimportant)
 	[lenny] - phpmyadmin <not-affected>
 	[squeeze] - phpmyadmin <not-affected>
@@ -3610,6 +3610,7 @@
 CVE-2012-0948
 	RESERVED
 CVE-2012-0947 [Heap-based Buffer Overflow in libavcodec]
+	RESERVED
 	- libav <unfixed>
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/libav/+bug/980963
 	NOTE: http://www.openwall.com/lists/oss-security/2012/05/03/4
@@ -4178,24 +4179,24 @@
 	RESERVED
 CVE-2012-0738
 	RESERVED
-CVE-2012-0737
-	RESERVED
-CVE-2012-0736
-	RESERVED
-CVE-2012-0735
-	RESERVED
-CVE-2012-0734
-	RESERVED
-CVE-2012-0733
-	RESERVED
-CVE-2012-0732
-	RESERVED
-CVE-2012-0731
-	RESERVED
-CVE-2012-0730
-	RESERVED
-CVE-2012-0729
-	RESERVED
+CVE-2012-0737 (Cross-site scripting (XSS) vulnerability in IBM Rational AppScan
...)
+	TODO: check
+CVE-2012-0736 (IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1 does
not ...)
+	TODO: check
+CVE-2012-0735 (IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1 does
not ...)
+	TODO: check
+CVE-2012-0734 (IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1 does
not ...)
+	TODO: check
+CVE-2012-0733 (IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1, when
...)
+	TODO: check
+CVE-2012-0732 (The Enterprise Console client in IBM Rational AppScan Enterprise
5.x ...)
+	TODO: check
+CVE-2012-0731 (IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1 does
not ...)
+	TODO: check
+CVE-2012-0730 (Multiple cross-site request forgery (CSRF) vulnerabilities in
IBM ...)
+	TODO: check
+CVE-2012-0729 (Unrestricted file upload vulnerability in IBM Rational AppScan
...)
+	TODO: check
 CVE-2012-0728
 	RESERVED
 CVE-2012-0727
@@ -8388,8 +8389,8 @@
 	RESERVED
 CVE-2011-4238
 	RESERVED
-CVE-2011-4237
-	RESERVED
+CVE-2011-4237 (CRLF injection vulnerability in autologin.jsp in Cisco
CiscoWorks ...)
+	TODO: check
 CVE-2011-4236
 	RESERVED
 CVE-2011-4235
@@ -8398,10 +8399,10 @@
 	RESERVED
 CVE-2011-4233
 	RESERVED
-CVE-2011-4232
-	RESERVED
-CVE-2011-4231
-	RESERVED
+CVE-2011-4232 (The web server in Cisco Unified MeetingPlace 6.1 and 8.5
produces ...)
+	TODO: check
+CVE-2011-4231 (Cisco IOS 15.1 and 15.2 and IOS XE 3.x, when configured as an
IPsec ...)
+	TODO: check
 CVE-2011-4230
 	RESERVED
 CVE-2011-4229
@@ -9228,16 +9229,16 @@
 CVE-2011-4024 (Cross-site scripting (XSS) vulnerability in ocsinventory in OCS
...)
 	- ocsinventory-server 2.0.2-1 (unimportant)
 	NOTE: Authentication is needed, only supported in trusted environments, see
debtags
-CVE-2011-4023
-	RESERVED
-CVE-2011-4022
-	RESERVED
+CVE-2011-4023 (Memory leak in libcmd in Cisco NX-OS 5.0 on Nexus switches
allows ...)
+	TODO: check
+CVE-2011-4022 (The sensor in Cisco Intrusion Prevention System (IPS) 7.0 and
7.1 ...)
+	TODO: check
 CVE-2011-4021
 	RESERVED
 CVE-2011-4020
 	RESERVED
-CVE-2011-4019
-	RESERVED
+CVE-2011-4019 (Memory leak in Cisco IOS 12.4 and 15.0 through 15.2, and Cisco
Unified ...)
+	TODO: check
 CVE-2011-4018
 	RESERVED
 CVE-2011-4017