thr3ads.net - Secure testing commits - [Secure-testing-commits] r19712

If this information is useful, please help other people find it:
Share via:
Joey Hess
2012-Jul-11 21:15 UTC
[Secure-testing-commits] r19712 - data/CVE

Author: joeyh
Date: 2012-07-11 21:15:07 +0000 (Wed, 11 Jul 2012)
New Revision: 19712

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2012-07-11 20:16:45 UTC (rev 19711)
+++ data/CVE/list	2012-07-11 21:15:07 UTC (rev 19712)
@@ -1,9 +1,129 @@
-CVE-2012-3890
+CVE-2012-3951
 	RESERVED
-	NOT-FOR-US: Winamp
-CVE-2012-3889
+CVE-2012-3950
 	RESERVED
+CVE-2012-3949
+	RESERVED
+CVE-2012-3948
+	RESERVED
+CVE-2012-3947
+	RESERVED
+CVE-2012-3946
+	RESERVED
+CVE-2012-3945
+	RESERVED
+CVE-2012-3944
+	RESERVED
+CVE-2012-3943
+	RESERVED
+CVE-2012-3942
+	RESERVED
+CVE-2012-3941
+	RESERVED
+CVE-2012-3940
+	RESERVED
+CVE-2012-3939
+	RESERVED
+CVE-2012-3938
+	RESERVED
+CVE-2012-3937
+	RESERVED
+CVE-2012-3936
+	RESERVED
+CVE-2012-3935
+	RESERVED
+CVE-2012-3934
+	RESERVED
+CVE-2012-3933
+	RESERVED
+CVE-2012-3932
+	RESERVED
+CVE-2012-3931
+	RESERVED
+CVE-2012-3930
+	RESERVED
+CVE-2012-3929
+	RESERVED
+CVE-2012-3928
+	RESERVED
+CVE-2012-3927
+	RESERVED
+CVE-2012-3926
+	RESERVED
+CVE-2012-3925
+	RESERVED
+CVE-2012-3924
+	RESERVED
+CVE-2012-3923
+	RESERVED
+CVE-2012-3922
+	RESERVED
+CVE-2012-3921
+	RESERVED
+CVE-2012-3920
+	RESERVED
+CVE-2012-3919
+	RESERVED
+CVE-2012-3918
+	RESERVED
+CVE-2012-3917
+	RESERVED
+CVE-2012-3916
+	RESERVED
+CVE-2012-3915
+	RESERVED
+CVE-2012-3914
+	RESERVED
+CVE-2012-3913
+	RESERVED
+CVE-2012-3912
+	RESERVED
+CVE-2012-3911
+	RESERVED
+CVE-2012-3910
+	RESERVED
+CVE-2012-3909
+	RESERVED
+CVE-2012-3908
+	RESERVED
+CVE-2012-3907
+	RESERVED
+CVE-2012-3906
+	RESERVED
+CVE-2012-3905
+	RESERVED
+CVE-2012-3904
+	RESERVED
+CVE-2012-3903
+	RESERVED
+CVE-2012-3902
+	RESERVED
+CVE-2012-3901
+	RESERVED
+CVE-2012-3900
+	RESERVED
+CVE-2012-3899
+	RESERVED
+CVE-2012-3898
+	RESERVED
+CVE-2012-3897
+	RESERVED
+CVE-2012-3896
+	RESERVED
+CVE-2012-3895
+	RESERVED
+CVE-2012-3894
+	RESERVED
+CVE-2012-3893
+	RESERVED
+CVE-2012-3892
+	RESERVED
+CVE-2012-3891
+	RESERVED
+CVE-2012-3890 (The in_mod plugin in Winamp before 5.63 allows remote attackers
to ...)
 	NOT-FOR-US: Winamp
+CVE-2012-3889 (The in_mod plugin in Winamp before 5.63 allows remote attackers
to ...)
+	NOT-FOR-US: Winamp
 CVE-2012-3888
 	RESERVED
 CVE-2012-3887
@@ -4398,11 +4518,9 @@
 	RESERVED
 CVE-2012-2021
 	RESERVED
-CVE-2012-2020
-	RESERVED
+CVE-2012-2020 (Unspecified vulnerability in HP Operations Agent before 11.03.12
...)
 	NOT-FOR-US: HP Operations Agent
-CVE-2012-2019
-	RESERVED
+CVE-2012-2019 (Unspecified vulnerability in HP Operations Agent before 11.03.12
...)
 	NOT-FOR-US: HP Operations Agent
 CVE-2012-2018 (Cross-site scripting (XSS) vulnerability in HP Network Node
Manager i ...)
 	TODO: check
@@ -4687,16 +4805,16 @@
 	RESERVED
 CVE-2012-1895
 	RESERVED
-CVE-2012-1894
-	RESERVED
-CVE-2012-1893
-	RESERVED
+CVE-2012-1894 (Microsoft Office for Mac 2011 uses world-writable permissions
for the ...)
+	TODO: check
+CVE-2012-1893 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP
SP2 and ...)
+	TODO: check
 CVE-2012-1892
 	RESERVED
-CVE-2012-1891
-	RESERVED
-CVE-2012-1890
-	RESERVED
+CVE-2012-1891 (Heap-based buffer overflow in Microsoft Data Access Components
(MDAC) ...)
+	TODO: check
+CVE-2012-1890 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP
SP2 and ...)
+	TODO: check
 CVE-2012-1889 (Microsoft XML Core Services 3.0, 4.0, 5.0, and 6.0 accesses ...)
 	NOT-FOR-US: Microsoft XML Core Services
 CVE-2012-1888
@@ -4735,8 +4853,8 @@
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2012-1871
 	RESERVED
-CVE-2012-1870
-	RESERVED
+CVE-2012-1870 (The CBC mode in the TLS protocol, as used in Microsoft Windows
XP SP2 ...)
+	TODO: check
 CVE-2012-1869
 	RESERVED
 CVE-2012-1868 (Race condition in the thread-creation implementation in
win32k.sys in ...)
@@ -4749,16 +4867,16 @@
 	NOT-FOR-US: Microsoft Windows
 CVE-2012-1864 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP
SP2 and ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2012-1863
-	RESERVED
-CVE-2012-1862
-	RESERVED
-CVE-2012-1861
-	RESERVED
-CVE-2012-1860
-	RESERVED
-CVE-2012-1859
-	RESERVED
+CVE-2012-1863 (Cross-site scripting (XSS) vulnerability in Microsoft Office
...)
+	TODO: check
+CVE-2012-1862 (Open redirect vulnerability in Microsoft Office SharePoint
Server 2007 ...)
+	TODO: check
+CVE-2012-1861 (Cross-site scripting (XSS) vulnerability in Microsoft SharePoint
...)
+	TODO: check
+CVE-2012-1860 (Microsoft Office SharePoint Server 2007 SP2 and SP3, SharePoint
Server ...)
+	TODO: check
+CVE-2012-1859 (Cross-site scripting (XSS) vulnerability in scriptresx.ashx in
...)
+	TODO: check
 CVE-2012-1858 (The toStaticHTML API (aka the SafeHTML component) in Microsoft
...)
 	NOT-FOR-US: MicrosoftInternet Explorer, Communicator, Lync
 CVE-2012-1857 (Cross-site scripting (XSS) vulnerability in the Enterprise
Portal ...)
@@ -4767,8 +4885,8 @@
 	RESERVED
 CVE-2012-1855 (Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does
not ...)
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2012-1854
-	RESERVED
+CVE-2012-1854 (Untrusted search path vulnerability in VBE6.dll in Microsoft
Office ...)
+	TODO: check
 CVE-2012-1853
 	RESERVED
 CVE-2012-1852
@@ -5567,12 +5685,12 @@
 	RESERVED
 CVE-2012-1525
 	RESERVED
-CVE-2012-1524
-	RESERVED
+CVE-2012-1524 (Microsoft Internet Explorer 9 does not properly handle objects
in ...)
+	TODO: check
 CVE-2012-1523 (Microsoft Internet Explorer 6 through 8 does not properly handle
...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2012-1522
-	RESERVED
+CVE-2012-1522 (Microsoft Internet Explorer 9 does not properly handle objects
in ...)
+	TODO: check
 CVE-2012-1521 (Use-after-free vulnerability in the XML parser in Google Chrome
before ...)
 	- chromium-browser 18.0.1025.168~r134367-1
 CVE-2012-1520
@@ -9699,8 +9817,8 @@
 	NOT-FOR-US: Microsoft
 CVE-2012-0176 (Double free vulnerability in Microsoft Silverlight 4 before
4.1.10329 ...)
 	NOT-FOR-US: Microsoft Silverlight
-CVE-2012-0175
-	RESERVED
+CVE-2012-0175 (The Shell in Microsoft Windows XP SP2 and SP3, Windows Server
2003 ...)
+	TODO: check
 CVE-2012-0174 (Windows Firewall in tcpip.sys in Microsoft Windows Vista SP2,
Windows ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2012-0173 (The Remote Desktop Protocol (RDP) implementation in Microsoft
Windows ...)
@@ -11470,46 +11588,34 @@
 CVE-2011-4310
 	RESERVED
 	NOT-FOR-US: cmsmadesimple
-CVE-2011-4309 [MSA-11-0041]
-	RESERVED
+CVE-2011-4309 (Moodle 2.0.x before 2.0.5 and 2.1.x before 2.1.2 allows remote
...)
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-4308 [MSA-11-0040]
-	RESERVED
+CVE-2011-4308 (mod/forum/user.php in Moodle 1.9.x before 1.9.14, 2.0.x before
2.0.5, ...)
 	{DSA-2421-1}
 	- moodle 1.9.9.dfsg2-5
-CVE-2011-4307 [MSA-11-0039]
-	RESERVED
+CVE-2011-4307 (Cross-site scripting (XSS) vulnerability in
mod/wiki/lang/en/wiki.php ...)
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-4306 [MSA-11-0037]
-	RESERVED
+CVE-2011-4306 (Cross-site scripting (XSS) vulnerability in
course/editsection.html in ...)
 	{DSA-2338-1}
 	- moodle 1.9.9.dfsg2-4
-CVE-2011-4305 [MSA-11-0036]
-	RESERVED
+CVE-2011-4305 (message/refresh.php in Moodle 1.9.x before 1.9.14 allows remote
...)
 	{DSA-2338-1}
 	- moodle 1.9.9.dfsg2-4
-CVE-2011-4304 [MSA-11-0034]
-	RESERVED
+CVE-2011-4304 (The chat functionality in Moodle 2.0.x before 2.0.5 and 2.1.x
before ...)
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-4303 [MSA-11-0033]
-	RESERVED
+CVE-2011-4303 (lib/db/upgrade.php in Moodle 2.0.x before 2.0.5 and 2.1.x before
2.1.2 ...)
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-4302 [MSA-11-0032]
-	RESERVED
+CVE-2011-4302 (mnet/xmlrpc/client.php in MNET in Moodle 1.9.x before 1.9.14,
2.0.x ...)
 	{DSA-2338-1}
 	- moodle 1.9.9.dfsg2-4
-CVE-2011-4301 [MSA-11-0031]
-	RESERVED
+CVE-2011-4301 (The MoodleQuickForm class in the Forms Library in
lib/formslib.php in ...)
 	{DSA-2338-1}
 	- moodle 1.9.9.dfsg2-4
-CVE-2011-4300 [MSA-11-0029]
-	RESERVED
+CVE-2011-4300 (The file_browser component in Moodle 2.0.x before 2.0.5 and
2.1.x ...)
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-4299 [MSA-11-0028]
-	RESERVED
+CVE-2011-4299 (Cross-site scripting (XSS) vulnerability in mod/wiki/pagelib.php
in ...)
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-4298 [MSA-11-0027]
-	RESERVED
+CVE-2011-4298 (Multiple cross-site request forgery (CSRF) vulnerabilities in
...)
 	- moodle <not-affected> (Only affects 2.x)
 CVE-2011-4297 [MSA-11-0023]
 	RESERVED
Secure testing commits - Jul 2012 - r19712 - data/CVE

[Secure-testing-commits] r19712 - data/CVE
