thr3ads.net - Secure testing commits - [Secure-testing-commits] r17795

If this information is useful, please help other people find it:
Share via:
Joey Hess
2011-Dec-15 21:14 UTC
[Secure-testing-commits] r17795 - data/CVE

Author: joeyh
Date: 2011-12-15 21:14:23 +0000 (Thu, 15 Dec 2011)
New Revision: 17795

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2011-12-15 18:54:33 UTC (rev 17794)
+++ data/CVE/list	2011-12-15 21:14:23 UTC (rev 17795)
@@ -1,3 +1,119 @@
+CVE-2012-0220
+	RESERVED
+CVE-2012-0219
+	RESERVED
+CVE-2012-0218
+	RESERVED
+CVE-2012-0217
+	RESERVED
+CVE-2012-0216
+	RESERVED
+CVE-2012-0215
+	RESERVED
+CVE-2012-0214
+	RESERVED
+CVE-2012-0213
+	RESERVED
+CVE-2012-0212
+	RESERVED
+CVE-2012-0211
+	RESERVED
+CVE-2012-0210
+	RESERVED
+CVE-2012-0209
+	RESERVED
+CVE-2012-0208
+	RESERVED
+CVE-2012-0207
+	RESERVED
+CVE-2012-0206
+	RESERVED
+CVE-2012-0205
+	RESERVED
+CVE-2012-0204
+	RESERVED
+CVE-2012-0203
+	RESERVED
+CVE-2012-0202
+	RESERVED
+CVE-2012-0201
+	RESERVED
+CVE-2012-0200
+	RESERVED
+CVE-2012-0199
+	RESERVED
+CVE-2012-0198
+	RESERVED
+CVE-2012-0197
+	RESERVED
+CVE-2012-0196
+	RESERVED
+CVE-2012-0195
+	RESERVED
+CVE-2012-0194
+	RESERVED
+CVE-2012-0193
+	RESERVED
+CVE-2012-0192
+	RESERVED
+CVE-2012-0191
+	RESERVED
+CVE-2012-0190
+	RESERVED
+CVE-2012-0189
+	RESERVED
+CVE-2012-0188
+	RESERVED
+CVE-2012-0187
+	RESERVED
+CVE-2012-0186
+	RESERVED
+CVE-2011-4837 (Cross-site request forgery (CSRF) vulnerability in /ctrl in the
web ...)
+	TODO: check
+CVE-2011-4836 (Cross-site scripting (XSS) vulnerability in the web interface in
...)
+	TODO: check
+CVE-2011-4835 (Directory traversal vulnerability in the web interface in
HomeSeer HS2 ...)
+	TODO: check
+CVE-2011-4834 (The GetInstalledPackages function in the configuration tool in
HP ...)
+	TODO: check
+CVE-2011-4833 (Multiple SQL injection vulnerabilities in the Leads module in
SugarCRM ...)
+	TODO: check
+CVE-2011-4832 (Directory traversal vulnerability in CaupoShop Pro 2.x,
CaupoShop ...)
+	TODO: check
+CVE-2011-4831 (Directory traversal vulnerability in webFileBrowser.php in Web
File ...)
+	TODO: check
+CVE-2011-4830 (Multiple cross-site scripting (XSS) vulnerabilities in the
com_listing ...)
+	TODO: check
+CVE-2011-4829 (SQL injection vulnerability in the com_listing component in
Barter ...)
+	TODO: check
+CVE-2011-4828 (Unrestricted file upload vulnerability in ...)
+	TODO: check
+CVE-2011-4827 (Multiple cross-site scripting (XSS) vulnerabilities in AutoSec
Tools ...)
+	TODO: check
+CVE-2011-4826 (SQL injection vulnerability in session.php in AutoSec Tools
V-CMS 1.0 ...)
+	TODO: check
+CVE-2011-4825 (Static code injection vulnerability in inc/function.base.php in
Ajax ...)
+	TODO: check
+CVE-2011-4824 (SQL injection vulnerability in auth_login.php in Cacti before
0.8.7h ...)
+	TODO: check
+CVE-2011-4823 (Multiple SQL injection vulnerabilities in Vik Real Estate ...)
+	TODO: check
+CVE-2011-4822 (Multiple cross-site scripting (XSS) vulnerabilities in the user
...)
+	TODO: check
+CVE-2011-4821
+	RESERVED
+CVE-2011-4820
+	RESERVED
+CVE-2011-4819
+	RESERVED
+CVE-2011-4818
+	RESERVED
+CVE-2011-4817
+	RESERVED
+CVE-2011-4816
+	RESERVED
+CVE-2011-4815
+	RESERVED
 CVE-2012-0185
 	RESERVED
 CVE-2012-0184
@@ -777,8 +893,7 @@
 	RESERVED
 	- putty 0.62-1 (unimportant)
 	NOTE: Hardening measure, not a vulnerability
-CVE-2011-4606 [http://seclists.org/oss-sec/2011/q4/497]
-	RESERVED
+CVE-2011-4606 (Artsoft Entertainment Rocks''n''Diamonds (aka
rocksndiamonds) 3.3.0.1 ...)
 	- rocksndiamonds <unfixed> (bug #651620)
 	[squeeze] - rocksndiamonds <no-dsa> (Contrib not supported)
 	[lenny] - rocksndiamonds <no-dsa> (Contrib not supported)
@@ -801,11 +916,9 @@
 	RESERVED
 CVE-2011-4599
 	RESERVED
-CVE-2011-4598 [http://downloads.asterisk.org/pub/security/AST-2011-014.html]
-	RESERVED
+CVE-2011-4598 (channels/chan_sip.c in Asterisk Open Source 1.6.2.x before
1.6.2.21 ...)
 	- asterisk <unfixed> (bug #651552)
-CVE-2011-4597 [http://downloads.asterisk.org/pub/security/AST-2011-013.html]
-	RESERVED
+CVE-2011-4597 (The SIP over UDP implementation in Asterisk Open Source 1.4.x
before ...)
 	- asterisk <unfixed> (unimportant; bug #651552)
 	NOTE: This is mostly a design limitation and has very little impact
 CVE-2011-4596
@@ -999,10 +1112,10 @@
 	RESERVED
 CVE-2011-4518
 	RESERVED
-CVE-2011-4517
-	RESERVED
-CVE-2011-4516
-	RESERVED
+CVE-2011-4517 (The jpc_crg_getparms function in libjasper/jpc/jpc_cs.c in
JasPer ...)
+	TODO: check
+CVE-2011-4516 (Heap-based buffer overflow in the jpc_cox_getcompparms function
in ...)
+	TODO: check
 CVE-2011-4515
 	RESERVED
 CVE-2011-4514
@@ -1487,8 +1600,7 @@
 CVE-2011-4340
 	RESERVED
 	- symfony <removed>
-CVE-2011-4339 [http://seclists.org/oss-sec/2011/q4/501]
-	RESERVED
+CVE-2011-4339 (ipmievd (aka the IPMI event daemon) in OpenIPMI, as used in the
...)
 	- ipmitool <unfixed> (bug #651917)
 CVE-2011-4338
 	RESERVED
@@ -22448,7 +22560,7 @@
 CVE-2010-1681 (Buffer overflow in VISIODWG.DLL before 10.0.6880.4 in Microsoft
Office ...)
 	NOT-FOR-US: Microsoft Office Visio
 CVE-2010-1680
-	RESERVED
+	REJECTED
 CVE-2010-1679 (Directory traversal vulnerability in dpkg-source in dpkg before
...)
 	{DSA-2142-1}
 	- dpkg 1.15.8.8
Secure testing commits - Dec 2011 - r17795 - data/CVE

[Secure-testing-commits] r17795 - data/CVE
