Author: joeyh
Date: 2012-05-24 21:14:27 +0000 (Thu, 24 May 2012)
New Revision: 19319
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2012-05-24 19:44:53 UTC (rev 19318)
+++ data/CVE/list 2012-05-24 21:14:27 UTC (rev 19319)
@@ -1,3 +1,15 @@
+CVE-2012-2932
+ RESERVED
+CVE-2012-2931
+ RESERVED
+CVE-2012-2930
+ RESERVED
+CVE-2012-2929
+ RESERVED
+CVE-2011-5091 (Multiple SQL injection vulnerabilities in GR Board (aka grboard)
...)
+ TODO: check
+CVE-2011-5090 (GR Board (aka grboard) 1.8.6.5 Community Edition does not
require ...)
+ TODO: check
CVE-2012-2928 (The Gliffy plugin before 3.7.1 for Atlassian JIRA, and before
4.2 for ...)
TODO: check
CVE-2012-2927 (The TM Software Tempo plugin before 6.4.3.1, 6.5.x before
6.5.0.2, and ...)
@@ -1281,8 +1293,7 @@
CVE-2012-2375
RESERVED
- linux-2.6 <unfixed>
-CVE-2012-2374
- RESERVED
+CVE-2012-2374 (CRLF injection vulnerability in the ...)
- python-tornado 2.1.0-3 (low; bug #673987)
[squeeze] - python-tornado <not-affected> (Vulnerable code not present)
CVE-2012-2373
@@ -1295,8 +1306,7 @@
CVE-2012-2370
RESERVED
- gdk-pixbuf 2.26.1-1 (low)
-CVE-2012-2369 [format string security flaw]
- RESERVED
+CVE-2012-2369 (Format string vulnerability in the log_message_cb function in
...)
{DSA-2476-1}
- pidgin-otr 3.2.1-1 (medium; bug #673154)
NOTE: libotr not affected
@@ -2669,8 +2679,8 @@
NOTE: 5.4.2-1 ''fixed'' this, but fix is incomplete:
CVE-2012-2311
CVE-2012-1822
RESERVED
-CVE-2012-1821
- RESERVED
+CVE-2012-1821 (The Network Threat Protection module in the Manager component in
...)
+ TODO: check
CVE-2012-1820
RESERVED
CVE-2012-1819 (Untrusted search path vulnerability in WellinTech KingView 6.53
allows ...)
@@ -4142,8 +4152,7 @@
{DSA-2447-1}
- tiff3 3.9.6-2
- tiff 4.0.1-2
-CVE-2012-1172 [PHP 5.3.x Corrupted $_FILES indices lead to security concern]
- RESERVED
+CVE-2012-1172 (The file-upload implementation in rfc1867.c in PHP before 5.4.0
does ...)
{DSA-2465-1}
- php5 5.4.0-1 (bug #663760)
CVE-2012-1171 [safemode bypass after RSHUTDOWN]
@@ -6461,10 +6470,10 @@
TODO: check
CVE-2012-0296 (Multiple cross-site scripting (XSS) vulnerabilities in the
management ...)
TODO: check
-CVE-2012-0295
- RESERVED
-CVE-2012-0294
- RESERVED
+CVE-2012-0295 (The Manager service in the management console in Symantec
Endpoint ...)
+ TODO: check
+CVE-2012-0294 (Directory traversal vulnerability in the Manager service in the
...)
+ TODO: check
CVE-2012-0293 (Multiple SQL injection vulnerabilities in Symantec Altiris WISE
...)
NOT-FOR-US: Symantec Altiris WISE Package Studio
CVE-2012-0292 (The awhost32 service in Symantec pcAnywhere through 12.5.3,
Altiris IT ...)
@@ -6473,8 +6482,8 @@
NOT-FOR-US: pcAnywhere
CVE-2012-0290 (Symantec pcAnywhere through 12.5.3, Altiris IT Management Suite
...)
NOT-FOR-US: Symantec pcAnywhere
-CVE-2012-0289
- RESERVED
+CVE-2012-0289 (Buffer overflow in Symantec Endpoint Protection (SEP) 11.0.600x
...)
+ TODO: check
CVE-2011-5052 (Stack-based buffer overflow in CoCSoft Stream Down 6.8.0 allows
remote ...)
NOT-FOR-US: CoCSoft Stream Down
CVE-2011-5051 (Multiple unrestricted file upload vulnerabilities in the WP
Symposium ...)
@@ -8817,12 +8826,15 @@
[squeeze] - jetty <no-dsa> (Minor issue)
CVE-2011-4460
RESERVED
+ {DSA-2480-1}
- request-tracker4 4.0.5-3
CVE-2011-4459
RESERVED
+ {DSA-2480-1}
- request-tracker4 4.0.5-3
CVE-2011-4458
RESERVED
+ {DSA-2480-1}
- request-tracker4 4.0.5-3
CVE-2011-4457 (OWASP HTML Sanitizer (aka owasp-java-html-sanitizer) before 88,
when ...)
NOT-FOR-US: OWASP HTML Sanitizer
@@ -16140,15 +16152,19 @@
RESERVED
CVE-2011-2085
RESERVED
+ {DSA-2480-1}
- request-tracker4 4.0.5-3
CVE-2011-2084
RESERVED
+ {DSA-2480-1}
- request-tracker4 4.0.5-3
CVE-2011-2083
RESERVED
+ {DSA-2480-1}
- request-tracker4 4.0.5-3
CVE-2011-2082
RESERVED
+ {DSA-2480-1}
- request-tracker4 4.0.5-3
CVE-2011-2081 (MediaCAST 8 and earlier does not properly handle requests for
...)
NOT-FOR-US: MediaCAST