Secure testing commits - Jun 2012 - r19547 - data/CVE

Author: joeyh
Date: 2012-06-20 21:14:27 +0000 (Wed, 20 Jun 2012)
New Revision: 19547

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2012-06-20 20:30:26 UTC (rev 19546)
+++ data/CVE/list	2012-06-20 21:14:27 UTC (rev 19547)
@@ -1,3 +1,425 @@
+CVE-2012-3789
+	RESERVED
+CVE-2012-3788
+	RESERVED
+CVE-2012-3787
+	RESERVED
+CVE-2012-3786
+	RESERVED
+CVE-2012-3785
+	RESERVED
+CVE-2012-3784
+	RESERVED
+CVE-2012-3783
+	RESERVED
+CVE-2012-3782
+	RESERVED
+CVE-2012-3781
+	RESERVED
+CVE-2012-3780
+	RESERVED
+CVE-2012-3779
+	RESERVED
+CVE-2012-3778
+	RESERVED
+CVE-2012-3777
+	RESERVED
+CVE-2012-3776
+	RESERVED
+CVE-2012-3775
+	RESERVED
+CVE-2012-3774
+	RESERVED
+CVE-2012-3773
+	RESERVED
+CVE-2012-3772
+	RESERVED
+CVE-2012-3771
+	RESERVED
+CVE-2012-3770
+	RESERVED
+CVE-2012-3769
+	RESERVED
+CVE-2012-3768
+	RESERVED
+CVE-2012-3767
+	RESERVED
+CVE-2012-3766
+	RESERVED
+CVE-2012-3765
+	RESERVED
+CVE-2012-3764
+	RESERVED
+CVE-2012-3763
+	RESERVED
+CVE-2012-3762
+	RESERVED
+CVE-2012-3761
+	RESERVED
+CVE-2012-3760
+	RESERVED
+CVE-2012-3759
+	RESERVED
+CVE-2012-3758
+	RESERVED
+CVE-2012-3757
+	RESERVED
+CVE-2012-3756
+	RESERVED
+CVE-2012-3755
+	RESERVED
+CVE-2012-3754
+	RESERVED
+CVE-2012-3753
+	RESERVED
+CVE-2012-3752
+	RESERVED
+CVE-2012-3751
+	RESERVED
+CVE-2012-3750
+	RESERVED
+CVE-2012-3749
+	RESERVED
+CVE-2012-3748
+	RESERVED
+CVE-2012-3747
+	RESERVED
+CVE-2012-3746
+	RESERVED
+CVE-2012-3745
+	RESERVED
+CVE-2012-3744
+	RESERVED
+CVE-2012-3743
+	RESERVED
+CVE-2012-3742
+	RESERVED
+CVE-2012-3741
+	RESERVED
+CVE-2012-3740
+	RESERVED
+CVE-2012-3739
+	RESERVED
+CVE-2012-3738
+	RESERVED
+CVE-2012-3737
+	RESERVED
+CVE-2012-3736
+	RESERVED
+CVE-2012-3735
+	RESERVED
+CVE-2012-3734
+	RESERVED
+CVE-2012-3733
+	RESERVED
+CVE-2012-3732
+	RESERVED
+CVE-2012-3731
+	RESERVED
+CVE-2012-3730
+	RESERVED
+CVE-2012-3729
+	RESERVED
+CVE-2012-3728
+	RESERVED
+CVE-2012-3727
+	RESERVED
+CVE-2012-3726
+	RESERVED
+CVE-2012-3725
+	RESERVED
+CVE-2012-3724
+	RESERVED
+CVE-2012-3723
+	RESERVED
+CVE-2012-3722
+	RESERVED
+CVE-2012-3721
+	RESERVED
+CVE-2012-3720
+	RESERVED
+CVE-2012-3719
+	RESERVED
+CVE-2012-3718
+	RESERVED
+CVE-2012-3717
+	RESERVED
+CVE-2012-3716
+	RESERVED
+CVE-2012-3715
+	RESERVED
+CVE-2012-3714
+	RESERVED
+CVE-2012-3713
+	RESERVED
+CVE-2012-3712
+	RESERVED
+CVE-2012-3711
+	RESERVED
+CVE-2012-3710
+	RESERVED
+CVE-2012-3709
+	RESERVED
+CVE-2012-3708
+	RESERVED
+CVE-2012-3707
+	RESERVED
+CVE-2012-3706
+	RESERVED
+CVE-2012-3705
+	RESERVED
+CVE-2012-3704
+	RESERVED
+CVE-2012-3703
+	RESERVED
+CVE-2012-3702
+	RESERVED
+CVE-2012-3701
+	RESERVED
+CVE-2012-3700
+	RESERVED
+CVE-2012-3699
+	RESERVED
+CVE-2012-3698
+	RESERVED
+CVE-2012-3697
+	RESERVED
+CVE-2012-3696
+	RESERVED
+CVE-2012-3695
+	RESERVED
+CVE-2012-3694
+	RESERVED
+CVE-2012-3693
+	RESERVED
+CVE-2012-3692
+	RESERVED
+CVE-2012-3691
+	RESERVED
+CVE-2012-3690
+	RESERVED
+CVE-2012-3689
+	RESERVED
+CVE-2012-3688
+	RESERVED
+CVE-2012-3687
+	RESERVED
+CVE-2012-3686
+	RESERVED
+CVE-2012-3685
+	RESERVED
+CVE-2012-3684
+	RESERVED
+CVE-2012-3683
+	RESERVED
+CVE-2012-3682
+	RESERVED
+CVE-2012-3681
+	RESERVED
+CVE-2012-3680
+	RESERVED
+CVE-2012-3679
+	RESERVED
+CVE-2012-3678
+	RESERVED
+CVE-2012-3677
+	RESERVED
+CVE-2012-3676
+	RESERVED
+CVE-2012-3675
+	RESERVED
+CVE-2012-3674
+	RESERVED
+CVE-2012-3673
+	RESERVED
+CVE-2012-3672
+	RESERVED
+CVE-2012-3671
+	RESERVED
+CVE-2012-3670
+	RESERVED
+CVE-2012-3669
+	RESERVED
+CVE-2012-3668
+	RESERVED
+CVE-2012-3667
+	RESERVED
+CVE-2012-3666
+	RESERVED
+CVE-2012-3665
+	RESERVED
+CVE-2012-3664
+	RESERVED
+CVE-2012-3663
+	RESERVED
+CVE-2012-3662
+	RESERVED
+CVE-2012-3661
+	RESERVED
+CVE-2012-3660
+	RESERVED
+CVE-2012-3659
+	RESERVED
+CVE-2012-3658
+	RESERVED
+CVE-2012-3657
+	RESERVED
+CVE-2012-3656
+	RESERVED
+CVE-2012-3655
+	RESERVED
+CVE-2012-3654
+	RESERVED
+CVE-2012-3653
+	RESERVED
+CVE-2012-3652
+	RESERVED
+CVE-2012-3651
+	RESERVED
+CVE-2012-3650
+	RESERVED
+CVE-2012-3649
+	RESERVED
+CVE-2012-3648
+	RESERVED
+CVE-2012-3647
+	RESERVED
+CVE-2012-3646
+	RESERVED
+CVE-2012-3645
+	RESERVED
+CVE-2012-3644
+	RESERVED
+CVE-2012-3643
+	RESERVED
+CVE-2012-3642
+	RESERVED
+CVE-2012-3641
+	RESERVED
+CVE-2012-3640
+	RESERVED
+CVE-2012-3639
+	RESERVED
+CVE-2012-3638
+	RESERVED
+CVE-2012-3637
+	RESERVED
+CVE-2012-3636
+	RESERVED
+CVE-2012-3635
+	RESERVED
+CVE-2012-3634
+	RESERVED
+CVE-2012-3633
+	RESERVED
+CVE-2012-3632
+	RESERVED
+CVE-2012-3631
+	RESERVED
+CVE-2012-3630
+	RESERVED
+CVE-2012-3629
+	RESERVED
+CVE-2012-3628
+	RESERVED
+CVE-2012-3627
+	RESERVED
+CVE-2012-3626
+	RESERVED
+CVE-2012-3625
+	RESERVED
+CVE-2012-3624
+	RESERVED
+CVE-2012-3623
+	RESERVED
+CVE-2012-3622
+	RESERVED
+CVE-2012-3621
+	RESERVED
+CVE-2012-3620
+	RESERVED
+CVE-2012-3619
+	RESERVED
+CVE-2012-3618
+	RESERVED
+CVE-2012-3617
+	RESERVED
+CVE-2012-3616
+	RESERVED
+CVE-2012-3615
+	RESERVED
+CVE-2012-3614
+	RESERVED
+CVE-2012-3613
+	RESERVED
+CVE-2012-3612
+	RESERVED
+CVE-2012-3611
+	RESERVED
+CVE-2012-3610
+	RESERVED
+CVE-2012-3609
+	RESERVED
+CVE-2012-3608
+	RESERVED
+CVE-2012-3607
+	RESERVED
+CVE-2012-3606
+	RESERVED
+CVE-2012-3605
+	RESERVED
+CVE-2012-3604
+	RESERVED
+CVE-2012-3603
+	RESERVED
+CVE-2012-3602
+	RESERVED
+CVE-2012-3601
+	RESERVED
+CVE-2012-3600
+	RESERVED
+CVE-2012-3599
+	RESERVED
+CVE-2012-3598
+	RESERVED
+CVE-2012-3597
+	RESERVED
+CVE-2012-3596
+	RESERVED
+CVE-2012-3595
+	RESERVED
+CVE-2012-3594
+	RESERVED
+CVE-2012-3593
+	RESERVED
+CVE-2012-3592
+	RESERVED
+CVE-2012-3591
+	RESERVED
+CVE-2012-3590
+	RESERVED
+CVE-2012-3589
+	RESERVED
+CVE-2012-3588 (Directory traversal vulnerability in preview.php in the Plugin
...)
+	TODO: check
+CVE-2012-3587 (APT 0.7.x before 0.7.25 and 0.8.x before 0.8.16, when using the
...)
+	TODO: check
+CVE-2012-3586
+	RESERVED
+CVE-2012-3585
+	RESERVED
+CVE-2012-3584
+	RESERVED
+CVE-2012-3583
+	RESERVED
+CVE-2012-3582
+	RESERVED
+CVE-2012-3581
+	RESERVED
+CVE-2012-3580
+	RESERVED
+CVE-2012-3579
+	RESERVED
 CVE-2012-XXXX [at-spi2-atk insecure tmp]
 	- at-spi2-atk <unfixed> (bug #678026)
 CVE-2012-3578 (Unrestricted file upload vulnerability in html/Upload.php in the
...)
@@ -452,8 +874,7 @@
 	RESERVED
 CVE-2012-3353
 	RESERVED
-CVE-2012-3553
-	RESERVED
+CVE-2012-3553 (chan_skinny.c in the Skinny (aka SCCP) channel driver in
Asterisk Open ...)
 	- asterisk <not-affected> (Only affects Asterisk 10)
 CVE-2012-3352
 	RESERVED
@@ -1155,8 +1576,8 @@
 	RESERVED
 CVE-2012-3007
 	RESERVED
-CVE-2012-3006
-	RESERVED
+CVE-2012-3006 (The Innominate mGuard Smart HW before HW-101130 and BD before
...)
+	TODO: check
 CVE-2012-3005
 	RESERVED
 CVE-2012-3004
@@ -1685,8 +2106,8 @@
 	RESERVED
 CVE-2012-2754
 	RESERVED
-CVE-2012-2753
-	RESERVED
+CVE-2012-2753 (Untrusted search path vulnerability in TrGUI.exe in the Endpoint
...)
+	TODO: check
 CVE-2012-2752 (Untrusted search path vulnerability in VMware vMA 4.x and 5.x
before ...)
 	NOT-FOR-US: VMware
 CVE-2012-2751
@@ -1696,6 +2117,7 @@
 	- mysql-5.5 5.5.24+dfsg-1
 CVE-2012-2749
 	RESERVED
+	{DSA-2496-1}
 	- mysql-5.1 <unfixed>
 	- mysql-5.5 5.5.24+dfsg-1
 CVE-2012-2748 [Joomla! Core - Information Disclosure
471-20120602-core-information-disclosure.html]
@@ -1989,12 +2411,12 @@
 	RESERVED
 CVE-2012-2639
 	RESERVED
-CVE-2012-2638
-	RESERVED
-CVE-2012-2637
-	RESERVED
-CVE-2012-2636
-	RESERVED
+CVE-2012-2638 (Cross-site scripting (XSS) vulnerability in SmallPICT.cgi in
SmallPICT ...)
+	TODO: check
+CVE-2012-2637 (Cross-site scripting (XSS) vulnerability in KENT-WEB WEB PATIO
4.04 ...)
+	TODO: check
+CVE-2012-2636 (Cross-site scripting (XSS) vulnerability in KENT-WEB WEB PATIO
4.04 ...)
+	TODO: check
 CVE-2012-2635 (The Dolphin Browser HD application before 7.6 and Dolphin for
Pad ...)
 	NOT-FOR-US: Dolphin
 CVE-2012-2634 (Cross-site scripting (XSS) vulnerability in FeedDemon before
4.0, when ...)
@@ -2825,8 +3247,7 @@
 	NOTE: Rather harmless bug
 CVE-2012-2335 (php-wrapper.fcgi does not properly handle command-line
arguments, ...)
 	NOT-FOR-US: Incomplete wrapper provided by PHP as workaround for
CVE-2012-1823/CVE-2012-2311
-CVE-2012-2334 [filter/source/msfilter msdffimp.cxx issue]
-	RESERVED
+CVE-2012-2334 (Integer overflow in filter/source/msfilter/msdffimp.cxx in ...)
 	{DSA-2487-1}
 	- libreoffice 1:3.5.2~rc2-1
 	- openoffice.org 1:3.3.0-1
@@ -3185,8 +3606,8 @@
 	RESERVED
 CVE-2012-2193
 	RESERVED
-CVE-2012-2192
-	RESERVED
+CVE-2012-2192 (The socketpair function in IBM AIX 5.3, 6.1, and 7.1 and VIOS
...)
+	TODO: check
 CVE-2012-2191
 	RESERVED
 CVE-2012-2190
@@ -3209,8 +3630,8 @@
 	RESERVED
 CVE-2012-2181
 	RESERVED
-CVE-2012-2180
-	RESERVED
+CVE-2012-2180 (The chaining functionality in the Distributed Relational
Database ...)
+	TODO: check
 CVE-2012-2179
 	RESERVED
 CVE-2012-2178
@@ -3219,18 +3640,18 @@
 	RESERVED
 CVE-2012-2176 (Multiple stack-based buffer overflows in a certain ActiveX
control in ...)
 	NOT-FOR-US: IBM Lotus Quickr
-CVE-2012-2175
-	RESERVED
-CVE-2012-2174
-	RESERVED
-CVE-2012-2173
-	RESERVED
+CVE-2012-2175 (Buffer overflow in the Attachment_Times method in a certain
ActiveX ...)
+	TODO: check
+CVE-2012-2174 (The URL handler in IBM Lotus Notes 8.x before 8.5.3 FP2 allows
remote ...)
+	TODO: check
+CVE-2012-2173 (The ODBC driver in IBM Security AppScan Source 7.x and 8.x
before 8.6 ...)
+	TODO: check
 CVE-2012-2172
 	RESERVED
 CVE-2012-2171
 	RESERVED
-CVE-2012-2170
-	RESERVED
+CVE-2012-2170 (The Application Snoop Servlet in IBM WebSphere Application
Server 7.0 ...)
+	TODO: check
 CVE-2012-2169
 	RESERVED
 CVE-2012-2168
@@ -3247,12 +3668,12 @@
 	RESERVED
 CVE-2012-2162 (The Web Server Plug-in in IBM WebSphere Application Server (WAS)
8.0 ...)
 	NOT-FOR-US: WebSphere
-CVE-2012-2161
-	RESERVED
+CVE-2012-2161 (Cross-site scripting (XSS) vulnerability in deferredView.jsp in
IBM ...)
+	TODO: check
 CVE-2012-2160
 	RESERVED
-CVE-2012-2159
-	RESERVED
+CVE-2012-2159 (Open redirect vulnerability in IBM Eclipse Help System (IEHS),
as used ...)
+	TODO: check
 CVE-2012-2158
 	RESERVED
 CVE-2012-2157
@@ -3456,6 +3877,7 @@
 	[lenny] - munin <not-affected> (Vulnerable code not present)
 CVE-2012-2102 [mysql DoS by authenticated user]
 	RESERVED
+	{DSA-2496-1}
 	- mysql-5.1 5.1.62-1 (low; bug #670636)
 	- mysql-5.5 5.5.24+dfsg-1 (low)
 CVE-2012-2101 (Openstack Compute (Nova) Folsom, 2012.1, and 2011.3 does not
limit the ...)
@@ -4100,6 +4522,7 @@
 CVE-2012-1821 (The Network Threat Protection module in the Manager component in
...)
 	NOT-FOR-US: Symantec Endpoint Protection on Windows Server 2003
 CVE-2012-1820 (The bgp_capability_orf function in bgpd in Quagga 0.99.20.1 and
...)
+	{DSA-2497-1}
 	- quagga 0.99.21-3 (bug #676510)
 CVE-2012-1819 (Untrusted search path vulnerability in WellinTech KingView 6.53
allows ...)
 	NOT-FOR-US: WellinTech KingView
@@ -6169,16 +6592,16 @@
 	RESERVED
 CVE-2012-0955
 	RESERVED
-CVE-2012-0954
-	RESERVED
+CVE-2012-0954 (APT 0.7.x before 0.7.25 and 0.8.x before 0.8.16, when using the
...)
+	TODO: check
 CVE-2012-0953
 	RESERVED
 CVE-2012-0952
 	RESERVED
 CVE-2012-0951
 	RESERVED
-CVE-2012-0950
-	RESERVED
+CVE-2012-0950 (The Apport hook (DistUpgradeApport.py) in Update Manager, as
used by ...)
+	TODO: check
 CVE-2012-0949 (The Apport hook in Update Manager as used by Ubuntu 12.04 LTS,
11.10, ...)
 	- update-manager <not-affected> (Ubuntu-specific)
 CVE-2012-0948 (DistUpgrade/DistUpgradeMain.py in Update Manager, as used by
Ubuntu ...)
@@ -6602,8 +7025,7 @@
 CVE-2012-0803
 	RESERVED
 	NOT-FOR-US: Apache CXF
-CVE-2012-0802 [spamdyke: incorrect use of the "snprintf()" and
"vsnprintf()" func]
-	RESERVED
+CVE-2012-0802 (Multiple buffer overflows in Spamdyke before 4.3.0 might allow
remote ...)
 	NOT-FOR-US: spamdyke
 CVE-2012-0801 [MSA-12-0012: Form validation issue]
 	RESERVED
@@ -6789,16 +7211,16 @@
 	RESERVED
 CVE-2012-0721
 	RESERVED
-CVE-2012-0720
-	RESERVED
+CVE-2012-0720 (Cross-site scripting (XSS) vulnerability in the Integration
Solution ...)
+	TODO: check
 CVE-2012-0719 (Cross-site scripting (XSS) vulnerability in IBM Tivoli Endpoint
...)
 	NOT-FOR-US: IBM Tivoli Endpoint Manager
 CVE-2012-0718
 	RESERVED
-CVE-2012-0717
-	RESERVED
-CVE-2012-0716
-	RESERVED
+CVE-2012-0717 (IBM WebSphere Application Server 7.0 before 7.0.0.23, when a
certain ...)
+	TODO: check
+CVE-2012-0716 (Cross-site scripting (XSS) vulnerability in the Administration
Console ...)
+	TODO: check
 CVE-2012-0715 (Cross-site scripting (XSS) vulnerability in the Gantt applet
viewer in ...)
 	NOT-FOR-US: IBM Tivoli Change and Configuration Management Database
 CVE-2012-0714
@@ -50025,12 +50447,12 @@
 	{DSA-1847-1}
 	- bind9 1:9.6.1.dfsg.P1-1 (bug #538975; high)
 	NOTE: See also http://www.kb.cert.org/vuls/id/725188
-CVE-2009-0695
-	RESERVED
+CVE-2009-0695 (hagent.exe in Wyse Device Manager (WDM) 4.7.x does not require
...)
+	TODO: check
 CVE-2009-0694
 	RESERVED
-CVE-2009-0693
-	RESERVED
+CVE-2009-0693 (Multiple buffer overflows in Wyse Device Manager (WDM) 4.7.x
allow ...)
+	TODO: check
 CVE-2009-0692 (Stack-based buffer overflow in the script_write_params method in
...)
 	{DSA-1833-2 DSA-1833-1}
 	- dhcp3 3.1.2p1-1 (medium)