Secure testing commits - Dec 2011 - r17789 - data/CVE

Author: joeyh
Date: 2011-12-14 21:14:21 +0000 (Wed, 14 Dec 2011)
New Revision: 17789

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2011-12-14 19:24:08 UTC (rev 17788)
+++ data/CVE/list	2011-12-14 21:14:21 UTC (rev 17789)
@@ -1,3 +1,215 @@
+CVE-2012-0185
+	RESERVED
+CVE-2012-0184
+	RESERVED
+CVE-2012-0183
+	RESERVED
+CVE-2012-0182
+	RESERVED
+CVE-2012-0181
+	RESERVED
+CVE-2012-0180
+	RESERVED
+CVE-2012-0179
+	RESERVED
+CVE-2012-0178
+	RESERVED
+CVE-2012-0177
+	RESERVED
+CVE-2012-0176
+	RESERVED
+CVE-2012-0175
+	RESERVED
+CVE-2012-0174
+	RESERVED
+CVE-2012-0173
+	RESERVED
+CVE-2012-0172
+	RESERVED
+CVE-2012-0171
+	RESERVED
+CVE-2012-0170
+	RESERVED
+CVE-2012-0169
+	RESERVED
+CVE-2012-0168
+	RESERVED
+CVE-2012-0167
+	RESERVED
+CVE-2012-0166
+	RESERVED
+CVE-2012-0165
+	RESERVED
+CVE-2012-0164
+	RESERVED
+CVE-2012-0163
+	RESERVED
+CVE-2012-0162
+	RESERVED
+CVE-2012-0161
+	RESERVED
+CVE-2012-0160
+	RESERVED
+CVE-2012-0159
+	RESERVED
+CVE-2012-0158
+	RESERVED
+CVE-2012-0157
+	RESERVED
+CVE-2012-0156
+	RESERVED
+CVE-2012-0155
+	RESERVED
+CVE-2012-0154
+	RESERVED
+CVE-2012-0153
+	RESERVED
+CVE-2012-0152
+	RESERVED
+CVE-2012-0151
+	RESERVED
+CVE-2012-0150
+	RESERVED
+CVE-2012-0149
+	RESERVED
+CVE-2012-0148
+	RESERVED
+CVE-2012-0147
+	RESERVED
+CVE-2012-0146
+	RESERVED
+CVE-2012-0145
+	RESERVED
+CVE-2012-0144
+	RESERVED
+CVE-2012-0143
+	RESERVED
+CVE-2012-0142
+	RESERVED
+CVE-2012-0141
+	RESERVED
+CVE-2012-0140
+	RESERVED
+CVE-2012-0139
+	RESERVED
+CVE-2012-0138
+	RESERVED
+CVE-2012-0137
+	RESERVED
+CVE-2012-0136
+	RESERVED
+CVE-2012-0135
+	RESERVED
+CVE-2012-0134
+	RESERVED
+CVE-2012-0133
+	RESERVED
+CVE-2012-0132
+	RESERVED
+CVE-2012-0131
+	RESERVED
+CVE-2012-0130
+	RESERVED
+CVE-2012-0129
+	RESERVED
+CVE-2012-0128
+	RESERVED
+CVE-2012-0127
+	RESERVED
+CVE-2012-0126
+	RESERVED
+CVE-2012-0125
+	RESERVED
+CVE-2012-0124
+	RESERVED
+CVE-2012-0123
+	RESERVED
+CVE-2012-0122
+	RESERVED
+CVE-2012-0121
+	RESERVED
+CVE-2011-4814 (Multiple cross-site scripting (XSS) vulnerabilities in Dolibarr
3.1.0 ...)
+	TODO: check
+CVE-2011-4813 (Directory traversal vulnerability in clientarea.php in ...)
+	TODO: check
+CVE-2011-4812 (Cross-site scripting (XSS) vulnerability in nowosci.php in
BestShopPro ...)
+	TODO: check
+CVE-2011-4811 (SQL injection vulnerability in pokaz_podkat.php in BestShopPro
allows ...)
+	TODO: check
+CVE-2011-4810 (Multiple directory traversal vulnerabilities in
WHMCompleteSolution ...)
+	TODO: check
+CVE-2011-4809 (Multiple cross-site scripting (XSS) vulnerabilities in the HM
...)
+	TODO: check
+CVE-2011-4808 (SQL injection vulnerability in the HM Community
(com_hmcommunity) ...)
+	TODO: check
+CVE-2011-4807 (Directory traversal vulnerability in main.php in phpAlbum
0.4.1.16 and ...)
+	TODO: check
+CVE-2011-4806 (Multiple cross-site scripting (XSS) vulnerabilities in main.php
in ...)
+	TODO: check
+CVE-2011-4805 (Cross-site scripting (XSS) vulnerability in pubDBLogon.jsp in
SAP ...)
+	TODO: check
+CVE-2011-4804 (Directory traversal vulnerability in the obSuggest
(com_obsuggest) ...)
+	TODO: check
+CVE-2011-4803 (SQL injection vulnerability in wptouch/ajax.php in the WPTouch
plugin ...)
+	TODO: check
+CVE-2011-4802 (Multiple SQL injection vulnerabilities in Dolibarr 3.1.0 RC and
...)
+	TODO: check
+CVE-2011-4801 (SQL injection vulnerability in akeyActivationLogin.do in
Authenex Web ...)
+	TODO: check
+CVE-2011-4800 (Directory traversal vulnerability in Serv-U FTP Server before
11.1.0.5 ...)
+	TODO: check
+CVE-2011-4799
+	RESERVED
+CVE-2011-4798
+	RESERVED
+CVE-2011-4797
+	RESERVED
+CVE-2011-4796
+	RESERVED
+CVE-2011-4795
+	RESERVED
+CVE-2011-4794
+	RESERVED
+CVE-2011-4793
+	RESERVED
+CVE-2011-4792
+	RESERVED
+CVE-2011-4791
+	RESERVED
+CVE-2011-4790
+	RESERVED
+CVE-2011-4789
+	RESERVED
+CVE-2011-4788
+	RESERVED
+CVE-2011-4787
+	RESERVED
+CVE-2011-4786
+	RESERVED
+CVE-2011-4785
+	RESERVED
+CVE-2011-4784
+	RESERVED
+CVE-2011-4783
+	RESERVED
+CVE-2011-4782
+	RESERVED
+CVE-2011-4781
+	RESERVED
+CVE-2011-4780
+	RESERVED
+CVE-2011-4779
+	RESERVED
+CVE-2011-4778
+	RESERVED
+CVE-2011-4777
+	RESERVED
+CVE-2011-4776
+	RESERVED
+CVE-2011-4775
+	RESERVED
+CVE-2011-4774
+	RESERVED
 CVE-2011-XXXX [bokken: insecure tempfile]
 	- bokken 1.5-3 (bug #651931)
 CVE-2012-0120
@@ -1150,8 +1362,8 @@
 	RESERVED
 CVE-2011-4369
 	RESERVED
-CVE-2011-4368
-	RESERVED
+CVE-2011-4368 (Cross-site scripting (XSS) vulnerability in Remote Development
...)
+	TODO: check
 CVE-2011-4367
 	RESERVED
 CVE-2011-4366
@@ -2698,36 +2910,36 @@
 	RESERVED
 CVE-2011-3918
 	RESERVED
-CVE-2011-3917
-	RESERVED
-CVE-2011-3916
-	RESERVED
-CVE-2011-3915
-	RESERVED
-CVE-2011-3914
-	RESERVED
-CVE-2011-3913
-	RESERVED
-CVE-2011-3912
-	RESERVED
-CVE-2011-3911
-	RESERVED
-CVE-2011-3910
-	RESERVED
-CVE-2011-3909
-	RESERVED
-CVE-2011-3908
-	RESERVED
-CVE-2011-3907
-	RESERVED
-CVE-2011-3906
-	RESERVED
-CVE-2011-3905
-	RESERVED
-CVE-2011-3904
-	RESERVED
-CVE-2011-3903
-	RESERVED
+CVE-2011-3917 (Stack-based buffer overflow in FileWatcher in Google Chrome
before ...)
+	TODO: check
+CVE-2011-3916 (Google Chrome before 16.0.912.63 does not properly handle PDF
cross ...)
+	TODO: check
+CVE-2011-3915 (Buffer overflow in Google Chrome before 16.0.912.63 allows
remote ...)
+	TODO: check
+CVE-2011-3914 (The internationalization (aka i18n) functionality in Google V8,
as ...)
+	TODO: check
+CVE-2011-3913 (Use-after-free vulnerability in Google Chrome before 16.0.912.63
...)
+	TODO: check
+CVE-2011-3912 (Use-after-free vulnerability in Google Chrome before 16.0.912.63
...)
+	TODO: check
+CVE-2011-3911 (Google Chrome before 16.0.912.63 does not properly handle PDF
...)
+	TODO: check
+CVE-2011-3910 (Google Chrome before 16.0.912.63 does not properly handle YUV
video ...)
+	TODO: check
+CVE-2011-3909 (The Cascading Style Sheets (CSS) implementation in Google Chrome
...)
+	TODO: check
+CVE-2011-3908 (Google Chrome before 16.0.912.63 does not properly parse SVG
...)
+	TODO: check
+CVE-2011-3907 (The view-source feature in Google Chrome before 16.0.912.63
allows ...)
+	TODO: check
+CVE-2011-3906 (The PDF parser in Google Chrome before 16.0.912.63 allows remote
...)
+	TODO: check
+CVE-2011-3905 (libxml2, as used in Google Chrome before 16.0.912.63, allows
remote ...)
+	TODO: check
+CVE-2011-3904 (Use-after-free vulnerability in Google Chrome before 16.0.912.63
...)
+	TODO: check
+CVE-2011-3903 (Google Chrome before 16.0.912.63 does not properly perform regex
...)
+	TODO: check
 CVE-2011-3902
 	RESERVED
 CVE-2011-3901
@@ -4036,42 +4248,42 @@
 	RESERVED
 CVE-2011-3414
 	RESERVED
-CVE-2011-3413
-	RESERVED
-CVE-2011-3412
-	RESERVED
-CVE-2011-3411
-	RESERVED
-CVE-2011-3410
-	RESERVED
+CVE-2011-3413 (Microsoft PowerPoint 2007 SP2; Office 2008 for Mac; Office ...)
+	TODO: check
+CVE-2011-3412 (Microsoft Publisher 2003 SP3, and 2007 SP2 and SP3, allows
remote ...)
+	TODO: check
+CVE-2011-3411 (Microsoft Publisher 2003 SP3 allows remote attackers to execute
...)
+	TODO: check
+CVE-2011-3410 (Array index error in Microsoft Publisher 2003 SP3, and 2007 SP2
and ...)
+	TODO: check
 CVE-2011-3409
 	RESERVED
-CVE-2011-3408
-	RESERVED
+CVE-2011-3408 (Csrsrv.dll in the Client/Server Run-time Subsystem (aka CSRSS)
in the ...)
+	TODO: check
 CVE-2011-3407
 	RESERVED
-CVE-2011-3406
-	RESERVED
+CVE-2011-3406 (Buffer overflow in Active Directory, Active Directory
Application Mode ...)
+	TODO: check
 CVE-2011-3405
 	RESERVED
-CVE-2011-3404
-	RESERVED
-CVE-2011-3403
-	RESERVED
+CVE-2011-3404 (Microsoft Internet Explorer 6 through 9 does not properly use
the ...)
+	TODO: check
+CVE-2011-3403 (Microsoft Excel 2003 SP3 and Office 2004 for Mac do not properly
...)
+	TODO: check
 CVE-2011-3402 (Unspecified vulnerability in the Win32k TrueType font parsing
engine ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-3401
-	RESERVED
-CVE-2011-3400
-	RESERVED
+CVE-2011-3401 (ENCDEC.DLL in Windows Media Player and Media Center in Microsoft
...)
+	TODO: check
+CVE-2011-3400 (Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 do not
properly ...)
+	TODO: check
 CVE-2011-3399
 	RESERVED
 CVE-2011-3398
 	RESERVED
-CVE-2011-3397
-	RESERVED
-CVE-2011-3396
-	RESERVED
+CVE-2011-3397 (The Microsoft Time component in DATIME.DLL in Microsoft Windows
XP SP2 ...)
+	TODO: check
+CVE-2011-3396 (Untrusted search path vulnerability in Microsoft PowerPoint 2007
SP2 ...)
+	TODO: check
 CVE-2011-3395
 	RESERVED
 CVE-2011-3394 (SQL injection vulnerability in findagent.php in MYRE Real Estate
...)
@@ -6044,10 +6256,10 @@
 	NOT-FOR-US: Chyrp
 CVE-2011-2743 (Multiple cross-site scripting (XSS) vulnerabilities in Chyrp 2.1
and ...)
 	NOT-FOR-US: Chyrp
-CVE-2011-2742
-	RESERVED
-CVE-2011-2741
-	RESERVED
+CVE-2011-2742 (EMC RSA Adaptive Authentication On-Premise (AAOP) 6.0.2.1 SP1
Patch 2, ...)
+	TODO: check
+CVE-2011-2741 (EMC RSA Adaptive Authentication On-Premise (AAOP) 6.0.2.1 SP1
Patch 2, ...)
+	TODO: check
 CVE-2011-2740 (EMC RSA Key Manager (RKM) Appliance 2.7 SP1 before 2.7.1.6, when
...)
 	NOT-FOR-US: EMC RSA Key Manager
 CVE-2011-2739 (The file-blocking feature in EMC Documentum eRoom 7.3.x and
7.4.x ...)
@@ -6808,8 +7020,8 @@
 CVE-2011-2464 (Unspecified vulnerability in ISC BIND 9 9.6.x before
9.6-ESV-R4-P3, ...)
 	{DSA-2272-1}
 	- bind9 1:9.8.1.dfsg-1 (high)
-CVE-2011-2463
-	RESERVED
+CVE-2011-2463 (Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 8.0
...)
+	TODO: check
 CVE-2011-2462 (Unspecified vulnerability in the U3D component in Adobe Reader
and ...)
 	TODO: check
 CVE-2011-2461 (Cross-site scripting (XSS) vulnerability in the Adobe Flex SDK
3.x and ...)
@@ -7972,10 +8184,10 @@
 	NOT-FOR-US: TIBCO iProcess Engine
 CVE-2011-2020 (Cross-site scripting (XSS) vulnerability in TIBCO iProcess
Engine ...)
 	NOT-FOR-US: TIBCO iProcess Engine
-CVE-2011-2019
-	RESERVED
-CVE-2011-2018
-	RESERVED
+CVE-2011-2019 (Untrusted search path vulnerability in Microsoft Internet
Explorer 9 ...)
+	TODO: check
+CVE-2011-2018 (The kernel in Microsoft Windows XP SP2 and SP3, Windows Server
2003 ...)
+	TODO: check
 CVE-2011-2017
 	RESERVED
 CVE-2011-2016 (Untrusted search path vulnerability in Windows Mail and Windows
...)
@@ -7990,8 +8202,8 @@
 	NOT-FOR-US: Microsoft Forefront
 CVE-2011-2011 (Use-after-free vulnerability in win32k.sys in the kernel-mode
drivers ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-2010
-	RESERVED
+CVE-2011-2010 (The Microsoft Office Input Method Editor (IME) for Simplified
Chinese ...)
+	TODO: check
 CVE-2011-2009 (Untrusted search path vulnerability in Windows Media Center in
...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2011-2008 (Microsoft Host Integration Server (HIS) 2004 SP1, 2006 SP1,
2009, and ...)
@@ -8026,8 +8238,8 @@
 	RESERVED
 CVE-2011-1993 (Microsoft Internet Explorer 6 through 9 does not properly handle
...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-1992
-	RESERVED
+CVE-2011-1992 (The XSS Filter in Microsoft Internet Explorer 8 allows remote
...)
+	TODO: check
 CVE-2011-1991 (Multiple untrusted search path vulnerabilities in Microsoft
Windows XP ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2011-1990 (Microsoft Excel 2007 SP2; Excel in Office 2007 SP2; Excel Viewer
SP2; ...)
@@ -8044,8 +8256,8 @@
 	NOT-FOR-US: Microsoft Windows
 CVE-2011-1984 (WINS in Microsoft Windows Server 2003 SP2 and Server 2008 SP2,
R2, and ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1983
-	RESERVED
+CVE-2011-1983 (Use-after-free vulnerability in Microsoft Office 2007 SP2 and
SP3, ...)
+	TODO: check
 CVE-2011-1982 (Microsoft Office 2007 SP2, and 2010 Gold and SP1, does not
initialize ...)
 	NOT-FOR-US: Microsoft Office
 CVE-2011-1981
@@ -9394,8 +9606,8 @@
 	NOT-FOR-US: ManageEngine ServiceDesk Plus
 CVE-2011-1509 (The encryptPassword function in Login.js in ManageEngine
ServiceDesk ...)
 	NOT-FOR-US: ManageEngine ServiceDesk Plus
-CVE-2011-1508
-	RESERVED
+CVE-2011-1508 (Microsoft Publisher 2003 SP3, and 2007 SP2 and SP3, does not
properly ...)
+	TODO: check
 CVE-2011-1507 (Asterisk Open Source 1.4.x before 1.4.40.1, 1.6.1.x before
1.6.1.25, ...)
 	{DSA-2225-1}
 	- asterisk 1:1.8.3.3-1