Author: joeyh
Date: 2011-12-24 09:14:25 +0000 (Sat, 24 Dec 2011)
New Revision: 17865
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2011-12-23 21:58:29 UTC (rev 17864)
+++ data/CVE/list 2011-12-24 09:14:25 UTC (rev 17865)
@@ -1,3 +1,147 @@
+CVE-2012-0264
+ RESERVED
+CVE-2012-0263
+ RESERVED
+CVE-2012-0262
+ RESERVED
+CVE-2012-0261
+ RESERVED
+CVE-2012-0260
+ RESERVED
+CVE-2012-0259
+ RESERVED
+CVE-2012-0258
+ RESERVED
+CVE-2012-0257
+ RESERVED
+CVE-2012-0256
+ RESERVED
+CVE-2012-0255
+ RESERVED
+CVE-2012-0254
+ RESERVED
+CVE-2012-0253
+ RESERVED
+CVE-2012-0252
+ RESERVED
+CVE-2012-0251
+ RESERVED
+CVE-2012-0250
+ RESERVED
+CVE-2012-0249
+ RESERVED
+CVE-2012-0248
+ RESERVED
+CVE-2012-0247
+ RESERVED
+CVE-2012-0246
+ RESERVED
+CVE-2012-0245
+ RESERVED
+CVE-2012-0244
+ RESERVED
+CVE-2012-0243
+ RESERVED
+CVE-2012-0242
+ RESERVED
+CVE-2012-0241
+ RESERVED
+CVE-2012-0240
+ RESERVED
+CVE-2012-0239
+ RESERVED
+CVE-2012-0238
+ RESERVED
+CVE-2012-0237
+ RESERVED
+CVE-2012-0236
+ RESERVED
+CVE-2012-0235
+ RESERVED
+CVE-2012-0234
+ RESERVED
+CVE-2012-0233
+ RESERVED
+CVE-2012-0232
+ RESERVED
+CVE-2012-0231
+ RESERVED
+CVE-2012-0230
+ RESERVED
+CVE-2012-0229
+ RESERVED
+CVE-2012-0228
+ RESERVED
+CVE-2012-0227
+ RESERVED
+CVE-2012-0226
+ RESERVED
+CVE-2012-0225
+ RESERVED
+CVE-2012-0224
+ RESERVED
+CVE-2012-0223
+ RESERVED
+CVE-2012-0222
+ RESERVED
+CVE-2012-0221
+ RESERVED
+CVE-2011-4897 (Tor before 0.2.2.25-alpha, when configured as a relay without
the ...)
+ TODO: check
+CVE-2011-4896 (Tor before 0.2.2.24-alpha continues to use a reachable bridge
that was ...)
+ TODO: check
+CVE-2011-4895 (Tor before 0.2.2.34, when configured as a bridge, sets up
circuits ...)
+ TODO: check
+CVE-2011-4894 (Tor before 0.2.2.34, when configured as a bridge, uses direct
DirPort ...)
+ TODO: check
+CVE-2011-4893
+ RESERVED
+CVE-2011-4892
+ RESERVED
+CVE-2011-4891
+ RESERVED
+CVE-2011-4890
+ RESERVED
+CVE-2011-4889
+ RESERVED
+CVE-2011-4888
+ RESERVED
+CVE-2011-4887
+ RESERVED
+CVE-2011-4886
+ RESERVED
+CVE-2011-4885
+ RESERVED
+CVE-2011-4884
+ RESERVED
+CVE-2011-4883
+ RESERVED
+CVE-2011-4882
+ RESERVED
+CVE-2011-4881
+ RESERVED
+CVE-2011-4880
+ RESERVED
+CVE-2011-4879
+ RESERVED
+CVE-2011-4878
+ RESERVED
+CVE-2011-4877
+ RESERVED
+CVE-2011-4876
+ RESERVED
+CVE-2011-4875
+ RESERVED
+CVE-2011-4874
+ RESERVED
+CVE-2011-4873
+ RESERVED
+CVE-2011-4872
+ RESERVED
+CVE-2011-4871
+ RESERVED
+CVE-2011-4870
+ RESERVED
CVE-2011-4869 (validator/val_nsec3.c in Unbound before 1.4.13p2 does not
properly ...)
{DSA-2370-1}
- unbound 1.4.14-1 (medium)
@@ -433,16 +577,14 @@
RESERVED
CVE-2011-4783
RESERVED
-CVE-2011-4782
- RESERVED
+CVE-2011-4782 (Cross-site scripting (XSS) vulnerability in ...)
- phpmyadmin 4:3.4.9-1
CVE-2011-4781
RESERVED
-CVE-2011-4780
- RESERVED
+CVE-2011-4780 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
- phpmyadmin 4:3.4.9-1
CVE-2011-4779
- RESERVED
+ REJECTED
CVE-2011-4778
RESERVED
CVE-2011-4777 (Cross-site scripting (XSS) vulnerability in the Site Editor (aka
...)
@@ -964,8 +1106,7 @@
RESERVED
CVE-2011-4635
RESERVED
-CVE-2011-4634 [PMASA-2011-18 xss]
- RESERVED
+CVE-2011-4634 (Multiple cross-site scripting (XSS) vulnerabilities in
phpMyAdmin ...)
- phpmyadmin 4:3.4.8-1 (low)
[squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
[lenny] - phpmyadmin <not-affected> (Vulnerable code not present)
@@ -987,6 +1128,7 @@
RESERVED
CVE-2011-4625 [simplesamlphp xml encryption issues]
RESERVED
+ {DSA-2330-1}
- simplesamlphp 1.8.1-1
CVE-2011-4624
RESERVED
@@ -1438,8 +1580,8 @@
RESERVED
CVE-2011-4454
RESERVED
-CVE-2011-4453
- RESERVED
+CVE-2011-4453 (The PageListSort function in scripts/pagelist.php in PmWiki 2.x
before ...)
+ TODO: check
CVE-2011-4452
RESERVED
CVE-2011-4451
@@ -2260,8 +2402,8 @@
RESERVED
CVE-2011-4204
RESERVED
-CVE-2011-4203
- RESERVED
+CVE-2011-4203 (CRLF injection vulnerability in calendar/set.php in the Calendar
...)
+ TODO: check
CVE-2011-4202 (The Tadasoft Restorepoint 3.2 evaluation image uses weak
permissions ...)
NOT-FOR-US: Tadasoft Restorepoint
CVE-2011-4201 (remote_support.cgi in the Tadasoft Restorepoint 3.2 evaluation
image ...)
@@ -2704,8 +2846,8 @@
RESERVED
CVE-2011-4038
RESERVED
-CVE-2011-4037
- RESERVED
+CVE-2011-4037 (Buffer overflow in Sielco Sistemi Winlog PRO before 2.07.09 and
Winlog ...)
+ TODO: check
CVE-2011-4036 (Directory traversal vulnerability in Schneider Electric Vijeo
...)
NOT-FOR-US: Schneider Electric Vijeo
CVE-2011-4035 (Cross-site scripting (XSS) vulnerability in Schneider Electric
Vijeo ...)
@@ -3010,8 +3152,8 @@
NOT-FOR-US: D-Link device
CVE-2011-3991 (Untrusted search path vulnerability in FFFTP 1.98a and earlier
allows ...)
NOT-FOR-US: FFFTP
-CVE-2011-3990
- RESERVED
+CVE-2011-3990 (Cross-site scripting (XSS) vulnerability in
plugin/comment.inc.php in ...)
+ TODO: check
CVE-2011-3989 (SQL injection vulnerability in DBD::mysqlPP 0.04 and earlier
allows ...)
NOT-FOR-US: DBD::mysqlPP Perl module
CVE-2011-3988 (SQL injection vulnerability in data/class/SC_Query.php in
EC-CUBE ...)
@@ -3787,21 +3929,17 @@
RESERVED
CVE-2011-3667
RESERVED
-CVE-2011-3666
- RESERVED
+CVE-2011-3666 (Mozilla Firefox before 3.6.25 and Thunderbird before 3.1.17 on
Mac OS ...)
- iceweasel <not-affected> (MacOS specific)
-CVE-2011-3665
- RESERVED
+CVE-2011-3665 (Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0,
and ...)
- xulrunner <not-affected> (Only affects Firefox >= 4)
- iceweasel 9.0-1
[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
- iceape <not-affected> (Only affects Firefox >= 4)
-CVE-2011-3664
- RESERVED
+CVE-2011-3664 (Mozilla Firefox before 9.0, Thunderbird before 9.0, and
SeaMonkey ...)
- iceweasel <not-affected> (MacOS specific)
-CVE-2011-3663
- RESERVED
+CVE-2011-3663 (Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0,
and ...)
- xulrunner <not-affected> (Only affects Firefox >= 4)
- iceweasel 9.0-1
[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
@@ -3809,19 +3947,17 @@
- iceape <not-affected> (Only affects Firefox >= 4)
CVE-2011-3662
RESERVED
-CVE-2011-3661
- RESERVED
+CVE-2011-3661 (YARR, as used in Mozilla Firefox 4.x through 8.0, Thunderbird
5.0 ...)
- xulrunner <not-affected> (Only affects Firefox >= 4)
- iceweasel 9.0-1
[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
- iceape <not-affected> (Only affects Firefox >= 4)
-CVE-2011-3660
- RESERVED
+CVE-2011-3660 (Multiple unspecified vulnerabilities in the browser engine in
Mozilla ...)
+ TODO: check
CVE-2011-3659
RESERVED
-CVE-2011-3658
- RESERVED
+CVE-2011-3658 (The SVG implementation in Mozilla Firefox 8.0, Thunderbird 8.0,
and ...)
- xulrunner <not-affected> (Only affects Firefox >= 8)
- iceweasel 9.0-1
[lenny] - iceweasel <not-affected> (Only affects Firefox >= 8)
@@ -6493,8 +6629,7 @@
NOT-FOR-US: Chyrp
CVE-2011-2779 (Windows Event Log SmartConnector in HP ArcSight Connector
Appliance ...)
NOT-FOR-US: HP ArcSight Connector Appliance
-CVE-2011-2778
- RESERVED
+CVE-2011-2778 (Multiple heap-based buffer overflows in Tor before 0.2.2.35
allow ...)
{DSA-2363-1}
- tor 0.2.2.35-1
CVE-2011-2777
@@ -6526,12 +6661,10 @@
CVE-2011-2770 (Cross-site scripting (XSS) vulnerability in man2html.cgi.c in
man2html ...)
{DSA-2335-1}
- man2html 1.6g-6
-CVE-2011-2769
- RESERVED
+CVE-2011-2769 (Tor before 0.2.2.34, when configured as a bridge, accepts the
CREATE ...)
{DSA-2331-1}
- tor 0.2.2.34-1
-CVE-2011-2768
- RESERVED
+CVE-2011-2768 (Tor before 0.2.2.34, when configured as a client or bridge,
sends a ...)
{DSA-2331-1}
- tor 0.2.2.34-1
CVE-2011-2767