Secure testing commits - Jun 2012 - r19416 - data/CVE

Author: helmut-guest
Date: 2012-06-03 09:24:06 +0000 (Sun, 03 Jun 2012)
New Revision: 19416

Modified:
   data/CVE/list
Log:
1 libav bug, 2 NFUs, 2 undetermined webkut

Modified: data/CVE/list
==================================================================---
data/CVE/list	2012-06-03 07:13:41 UTC (rev 19415)
+++ data/CVE/list	2012-06-03 09:24:06 UTC (rev 19416)
@@ -4341,7 +4341,7 @@
 CVE-2012-1249 (The iLunascape application 1.0.4.0 and earlier for Android does
not ...)
 	NOT-FOR-US: iLunascape
 CVE-2012-1248 (app/config/core.php in baserCMS 1.6.15 and earlier does not
properly ...)
-	TODO: check
+	NOT-FOR-US: BaserCMS
 CVE-2012-1247 (Cross-site scripting (XSS) vulnerability in KENT-WEB WEB MART
1.7 and ...)
 	NOT-FOR-US: KENT-WEB WEB MART
 CVE-2012-1246 (Cross-site scripting (XSS) vulnerability in KENT-WEB WEB MART
1.7 and ...)
@@ -5865,15 +5865,19 @@
 CVE-2012-0677
 	RESERVED
 CVE-2012-0676 (WebKit in Apple Safari before 5.1.7 does not properly track
state ...)
-	TODO: check
+	- webkit <undetermined>
+	NOTE:
http://packetstormsecurity.sebug.net/files/download/112596/APPLE-SA-2012-05-09-2.txt
+	TODO: Check. Seems to be a general webkit issue instantiated for Apple.
 CVE-2012-0675 (Time Machine in Apple Mac OS X before 10.7.4 does not require
...)
 	NOT-FOR-US: Time Machine
 CVE-2012-0674 (Safari in Apple iOS before 5.1.1 allows remote attackers to
spoof the ...)
-	TODO: check
+	NOT-FOR-US: Apple Safari
 CVE-2012-0673
 	RESERVED
 CVE-2012-0672 (WebKit in Apple iOS before 5.1.1 allows remote attackers to
execute ...)
-	TODO: check
+	- webkit <undetermined>
+	NOTE:
http://dl.packetstormsecurity.net/1205-advisories/APPLE-SA-2012-05-09-2.txt
+	TODO: Check. Seems to be a general webkit issue instantiated for Apple.
 CVE-2012-0671 (Apple QuickTime before 7.7.2 allows remote attackers to execute
...)
 	NOT-FOR-US: Apple QuickTime
 CVE-2012-0670 (Integer overflow in Apple QuickTime before 7.7.2 allows remote
...)
@@ -10559,7 +10563,7 @@
 CVE-2011-4032
 	RESERVED
 CVE-2011-4031 (Integer underflow in the asfrtp_parse_packet function in ...)
-	TODO: check
+	- libav <undetermined> (bug #675767)
 CVE-2011-4030 (The CMFEditions component 2.x in Plone 4.0.x through 4.0.9, 4.1,
and ...)
 	- plone3 <not-affected> (Only affects Plone 4.x)
 CVE-2011-4029