Author: joeyh Date: 2012-01-19 21:14:23 +0000 (Thu, 19 Jan 2012) New Revision: 18224 Modified: data/CVE/list Log: automatic update Modified: data/CVE/list ==================================================================--- data/CVE/list 2012-01-19 21:07:53 UTC (rev 18223) +++ data/CVE/list 2012-01-19 21:14:23 UTC (rev 18224) @@ -1,3 +1,73 @@ +CVE-2012-0784 + RESERVED +CVE-2012-0783 + RESERVED +CVE-2012-0782 + RESERVED +CVE-2012-0781 (The tidy_diagnose function in PHP 5.3.8 might allow remote attackers ...) + TODO: check +CVE-2012-0780 + RESERVED +CVE-2012-0779 + RESERVED +CVE-2012-0778 + RESERVED +CVE-2012-0777 + RESERVED +CVE-2012-0776 + RESERVED +CVE-2012-0775 + RESERVED +CVE-2012-0774 + RESERVED +CVE-2012-0773 + RESERVED +CVE-2012-0772 + RESERVED +CVE-2012-0771 + RESERVED +CVE-2012-0770 + RESERVED +CVE-2012-0769 + RESERVED +CVE-2012-0768 + RESERVED +CVE-2012-0767 + RESERVED +CVE-2012-0766 + RESERVED +CVE-2012-0765 + RESERVED +CVE-2012-0764 + RESERVED +CVE-2012-0763 + RESERVED +CVE-2012-0762 + RESERVED +CVE-2012-0761 + RESERVED +CVE-2012-0760 + RESERVED +CVE-2012-0759 + RESERVED +CVE-2012-0758 + RESERVED +CVE-2012-0757 + RESERVED +CVE-2012-0756 + RESERVED +CVE-2012-0755 + RESERVED +CVE-2012-0754 + RESERVED +CVE-2012-0753 + RESERVED +CVE-2012-0752 + RESERVED +CVE-2012-0751 + RESERVED +CVE-2012-0750 + RESERVED CVE-2012-0749 RESERVED CVE-2012-0748 @@ -533,32 +603,32 @@ RESERVED CVE-2012-0497 RESERVED -CVE-2012-0496 - RESERVED -CVE-2012-0495 - RESERVED -CVE-2012-0494 - RESERVED -CVE-2012-0493 - RESERVED -CVE-2012-0492 - RESERVED -CVE-2012-0491 - RESERVED -CVE-2012-0490 - RESERVED -CVE-2012-0489 - RESERVED -CVE-2012-0488 - RESERVED -CVE-2012-0487 - RESERVED -CVE-2012-0486 - RESERVED -CVE-2012-0485 - RESERVED -CVE-2012-0484 - RESERVED +CVE-2012-0496 (Unspecified vulnerability in the MySQL Server component in Oracle ...) + TODO: check +CVE-2012-0495 (Unspecified vulnerability in the MySQL Server component in Oracle ...) + TODO: check +CVE-2012-0494 (Unspecified vulnerability in the MySQL Server component in Oracle ...) + TODO: check +CVE-2012-0493 (Unspecified vulnerability in the MySQL Server component in Oracle ...) + TODO: check +CVE-2012-0492 (Unspecified vulnerability in the MySQL Server component in Oracle ...) + TODO: check +CVE-2012-0491 (Unspecified vulnerability in the MySQL Server component in Oracle ...) + TODO: check +CVE-2012-0490 (Unspecified vulnerability in the MySQL Server component in Oracle ...) + TODO: check +CVE-2012-0489 (Unspecified vulnerability in the MySQL Server component in Oracle ...) + TODO: check +CVE-2012-0488 (Unspecified vulnerability in the MySQL Server component in Oracle ...) + TODO: check +CVE-2012-0487 (Unspecified vulnerability in the MySQL Server component in Oracle ...) + TODO: check +CVE-2012-0486 (Unspecified vulnerability in the MySQL Server component in Oracle ...) + TODO: check +CVE-2012-0485 (Unspecified vulnerability in the MySQL Server component in Oracle ...) + TODO: check +CVE-2012-0484 (Unspecified vulnerability in the MySQL Server component in Oracle ...) + TODO: check CVE-2012-0483 RESERVED CVE-2012-0482 @@ -1118,7 +1188,7 @@ - libv8 3.6.6.14-2 (bug #653962) CVE-2011-5036 (Rack before 1.1.3, 1.2.x before 1.2.5, and 1.3.x before 1.3.6 computes ...) - ruby-rack <unfixed> (bug #653962) -CVE-2011-5035 (Oracle Glassfish 3.1.1 and earlier computes hash values for form ...) +CVE-2011-5035 (Oracle Glassfish 2.1.1, 3.0.1, and 3.1.1, as used in Communications ...) - glassfish <unfixed> (bug #653964) CVE-2011-5034 (Apache Geronimo 2.2.1 and earlier computes hash values for form ...) TODO: check @@ -1356,6 +1426,7 @@ CVE-2011-4925 (Terascale Open-Source Resource and Queue Manager (aka TORQUE Resource ...) - torque <not-affected> (The version in Debian doesn''t yet have MUNGE support) CVE-2011-4924 + RESERVED - zope2.12 2.12.22-1 - zope3 <removed> (low) - zope2.10 <removed> (low) @@ -1798,12 +1869,12 @@ RESERVED CVE-2012-0191 RESERVED -CVE-2012-0190 - RESERVED -CVE-2012-0189 - RESERVED -CVE-2012-0188 - RESERVED +CVE-2012-0190 (Unspecified vulnerability in the Render method in the ExportHTML.ocx ...) + TODO: check +CVE-2012-0189 (Multiple unspecified vulnerabilities in the (1) PrintFile and (2) ...) + TODO: check +CVE-2012-0188 (Unspecified vulnerability in the SetLicenseInfoEx method in an ActiveX ...) + TODO: check CVE-2012-0187 RESERVED CVE-2012-0186 @@ -2071,104 +2142,104 @@ RESERVED CVE-2011-XXXX [bokken: insecure tempfile] - bokken 1.5-3 (bug #651931) -CVE-2012-0120 - RESERVED -CVE-2012-0119 - RESERVED -CVE-2012-0118 - RESERVED -CVE-2012-0117 - RESERVED -CVE-2012-0116 - RESERVED -CVE-2012-0115 - RESERVED -CVE-2012-0114 - RESERVED -CVE-2012-0113 - RESERVED -CVE-2012-0112 - RESERVED -CVE-2012-0111 - RESERVED -CVE-2012-0110 - RESERVED -CVE-2012-0109 - RESERVED +CVE-2012-0120 (Unspecified vulnerability in the MySQL Server component in Oracle ...) + TODO: check +CVE-2012-0119 (Unspecified vulnerability in the MySQL Server component in Oracle ...) + TODO: check +CVE-2012-0118 (Unspecified vulnerability in the MySQL Server component in Oracle ...) + TODO: check +CVE-2012-0117 (Unspecified vulnerability in the MySQL Server component in Oracle ...) + TODO: check +CVE-2012-0116 (Unspecified vulnerability in the MySQL Server component in Oracle ...) + TODO: check +CVE-2012-0115 (Unspecified vulnerability in the MySQL Server component in Oracle ...) + TODO: check +CVE-2012-0114 (Unspecified vulnerability in the MySQL Server component in Oracle ...) + TODO: check +CVE-2012-0113 (Unspecified vulnerability in the MySQL Server component in Oracle ...) + TODO: check +CVE-2012-0112 (Unspecified vulnerability in the MySQL Server component in Oracle ...) + TODO: check +CVE-2012-0111 (Unspecified vulnerability in the Oracle VM VirtualBox component in ...) + TODO: check +CVE-2012-0110 (Unspecified vulnerability in the Oracle Outside In Technology ...) + TODO: check +CVE-2012-0109 (Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express ...) + TODO: check CVE-2012-0108 RESERVED CVE-2012-0107 RESERVED CVE-2012-0106 RESERVED -CVE-2012-0105 - RESERVED -CVE-2012-0104 - RESERVED -CVE-2012-0103 - RESERVED -CVE-2012-0102 - RESERVED -CVE-2012-0101 - RESERVED -CVE-2012-0100 - RESERVED -CVE-2012-0099 - RESERVED -CVE-2012-0098 - RESERVED -CVE-2012-0097 - RESERVED -CVE-2012-0096 - RESERVED +CVE-2012-0105 (Unspecified vulnerability in the Oracle VM VirtualBox component in ...) + TODO: check +CVE-2012-0104 (Unspecified vulnerability in Oracle GlassFish Enterprise Server 3.0.1 ...) + TODO: check +CVE-2012-0103 (Unspecified vulnerability in Oracle Solaris 11 Express allows local ...) + TODO: check +CVE-2012-0102 (Unspecified vulnerability in the MySQL Server component in Oracle ...) + TODO: check +CVE-2012-0101 (Unspecified vulnerability in the MySQL Server component in Oracle ...) + TODO: check +CVE-2012-0100 (Unspecified vulnerability in Oracle Solaris 9, 10, and 11 Express ...) + TODO: check +CVE-2012-0099 (Unspecified vulnerability in Oracle Solaris 9, 10, and 11 Express ...) + TODO: check +CVE-2012-0098 (Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express ...) + TODO: check +CVE-2012-0097 (Unspecified vulnerability in Oracle Solaris 11 Express allows local ...) + TODO: check +CVE-2012-0096 (Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express ...) + TODO: check CVE-2012-0095 RESERVED -CVE-2012-0094 - RESERVED +CVE-2012-0094 (Unspecified vulnerability in Oracle Solaris 9, 10, and 11 Express ...) + TODO: check CVE-2012-0093 RESERVED CVE-2012-0092 RESERVED -CVE-2012-0091 - RESERVED +CVE-2012-0091 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...) + TODO: check CVE-2012-0090 RESERVED -CVE-2012-0089 - RESERVED -CVE-2012-0088 - RESERVED -CVE-2012-0087 - RESERVED +CVE-2012-0089 (Unspecified vulnerability in the PeopleSoft Enterprise HCM component ...) + TODO: check +CVE-2012-0088 (Unspecified vulnerability in the PeopleSoft Enterprise HCM component ...) + TODO: check +CVE-2012-0087 (Unspecified vulnerability in the MySQL Server component in Oracle ...) + TODO: check CVE-2012-0086 RESERVED -CVE-2012-0085 - RESERVED -CVE-2012-0084 - RESERVED -CVE-2012-0083 - RESERVED -CVE-2012-0082 - RESERVED -CVE-2012-0081 - RESERVED -CVE-2012-0080 - RESERVED -CVE-2012-0079 - RESERVED -CVE-2012-0078 - RESERVED -CVE-2012-0077 - RESERVED -CVE-2012-0076 - RESERVED -CVE-2012-0075 - RESERVED -CVE-2012-0074 - RESERVED -CVE-2012-0073 - RESERVED -CVE-2012-0072 - RESERVED +CVE-2012-0085 (Unspecified vulnerability in the Oracle WebCenter Content component in ...) + TODO: check +CVE-2012-0084 (Unspecified vulnerability in the Oracle WebCenter Content component in ...) + TODO: check +CVE-2012-0083 (Unspecified vulnerability in the Oracle WebCenter Content component in ...) + TODO: check +CVE-2012-0082 (Unspecified vulnerability in the Core RDBMS component in Oracle ...) + TODO: check +CVE-2012-0081 (Unspecified vulnerability in Oracle GlassFish Enterprise Server 3.1.1 ...) + TODO: check +CVE-2012-0080 (Unspecified vulnerability in the PeopleSoft Enterprise HCM component ...) + TODO: check +CVE-2012-0079 (Unspecified vulnerability in Oracle OpenSSO 7.1 and 8.0 allows remote ...) + TODO: check +CVE-2012-0078 (Unspecified vulnerability in the Oracle Application Object Library ...) + TODO: check +CVE-2012-0077 (Unspecified vulnerability in the Oracle WebLogic Server component in ...) + TODO: check +CVE-2012-0076 (Unspecified vulnerability in the PeopleSoft Enterprise HCM component ...) + TODO: check +CVE-2012-0075 (Unspecified vulnerability in the MySQL Server component in Oracle ...) + TODO: check +CVE-2012-0074 (Unspecified vulnerability in the PeopleSoft Enterprise CRM component ...) + TODO: check +CVE-2012-0073 (Unspecified vulnerability in the Oracle Forms component in Oracle ...) + TODO: check +CVE-2012-0072 (Unspecified vulnerability in the Listener component in Oracle Database ...) + TODO: check CVE-2012-0071 RESERVED CVE-2011-4773 @@ -2453,8 +2524,8 @@ [lenny] - znc <not-affected> (Only affects 0.200 and 0.202) CVE-2012-0032 RESERVED -CVE-2012-0031 - RESERVED +CVE-2012-0031 (scoreboard.c in the Apache HTTP Server 2.2.21 and earlier might allow ...) + TODO: check CVE-2012-0030 (Nova 2011.3 and Essex, when using the OpenStack API, allows remote ...) - nova <unfixed> CVE-2012-0029 @@ -2478,8 +2549,8 @@ CVE-2012-0023 [http://www.videolan.org/security/sa1108.html] RESERVED - vlc 1.1.13-1 -CVE-2012-0022 - RESERVED +CVE-2012-0022 (Apache Tomcat 5.5.x before 5.5.35, 6.x before 6.0.34, and 7.x before ...) + TODO: check CVE-2012-0021 RESERVED CVE-2011-4695 (Unspecified vulnerability in Microsoft Windows 7 SP1, when Java is ...) @@ -4063,8 +4134,8 @@ NOT-FOR-US: HP Network Node Manager CVE-2011-4154 RESERVED -CVE-2011-4153 - RESERVED +CVE-2011-4153 (PHP 5.3.8 does not always check the return value of the zend_strndup ...) + TODO: check CVE-2011-4152 RESERVED CVE-2011-4151 (The krb5_db2_lockout_audit function in the Key Distribution Center ...) @@ -4094,8 +4165,8 @@ RESERVED CVE-2011-4143 RESERVED -CVE-2011-4142 - RESERVED +CVE-2011-4142 (The Web Search feature in EMC SourceOne Email Management 6.5 before ...) + TODO: check CVE-2011-4141 (Untrusted search path vulnerability in EMC RSA SecurID Software Token ...) NOT-FOR-US: RSA SecurID CVE-2011-4140 (The CSRF protection mechanism in Django through 1.2.7 and 1.3.x ...) @@ -5903,28 +5974,28 @@ NOT-FOR-US: IBM Lotus Domino CVE-2011-3575 (Stack-based buffer overflow in the NSFComputeEvaluateExt function in ...) NOT-FOR-US: IBM Lotus Domino -CVE-2011-3574 - RESERVED -CVE-2011-3573 - RESERVED +CVE-2011-3574 (Unspecified vulnerability in Oracle Communications Unified 7.0 allows ...) + TODO: check +CVE-2011-3573 (Unspecified vulnerability in Oracle Communications Unified 7.0 allows ...) + TODO: check CVE-2011-3572 RESERVED -CVE-2011-3571 - RESERVED -CVE-2011-3570 - RESERVED -CVE-2011-3569 - RESERVED -CVE-2011-3568 - RESERVED +CVE-2011-3571 (Unspecified vulnerability in the Virtual Desktop Infrastructure (VDI) ...) + TODO: check +CVE-2011-3570 (Unspecified vulnerability in Oracle Communications Unified 7.0 allows ...) + TODO: check +CVE-2011-3569 (Unspecified vulnerability in the Oracle Web Services Manager component ...) + TODO: check +CVE-2011-3568 (Unspecified vulnerability in the Oracle Web Services Manager component ...) + TODO: check CVE-2011-3567 RESERVED -CVE-2011-3566 - RESERVED -CVE-2011-3565 - RESERVED -CVE-2011-3564 - RESERVED +CVE-2011-3566 (Unspecified vulnerability in the Oracle WebLogic Server component in ...) + TODO: check +CVE-2011-3565 (Unspecified vulnerability in Oracle Communications Unified 7.0 allows ...) + TODO: check +CVE-2011-3564 (Unspecified vulnerability in Oracle GlassFish Enterprise Server 2.1.1 ...) + TODO: check CVE-2011-3563 RESERVED CVE-2011-3562 @@ -6057,8 +6128,8 @@ NOT-FOR-US: Oracle PeopleSoft CVE-2011-3532 (Unspecified vulnerability in the Oracle Agile Product Supplier ...) NOT-FOR-US: Oracle Supply Chain -CVE-2011-3531 - RESERVED +CVE-2011-3531 (Unspecified vulnerability in the Oracle Web Services Manager component ...) + TODO: check CVE-2011-3530 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component ...) NOT-FOR-US: Oracle PeopleSoft CVE-2011-3529 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component ...) @@ -6071,8 +6142,8 @@ NOT-FOR-US: Oracle Siebel CVE-2011-3525 (Unspecified vulnerability in the Application Express component in ...) NOT-FOR-US: Oracle Database Server -CVE-2011-3524 - RESERVED +CVE-2011-3524 (Unspecified vulnerability in the JD Edwards EnterpriseOne Tools ...) + TODO: check CVE-2011-3523 (Unspecified vulnerability in the Oracle Web Services Manager component ...) NOT-FOR-US: Oracle Fusion CVE-2011-3522 (Unspecified vulnerability in SysFW 8.0 on certain SPARC T3, Netra ...) @@ -6097,8 +6168,8 @@ - openjdk-6 <not-affected> (Windows-specific) CVE-2011-3515 (Unspecified vulnerability in the Oracle Solaris 10 and 11 Express ...) NOT-FOR-US: Oracle Solaris -CVE-2011-3514 - RESERVED +CVE-2011-3514 (Unspecified vulnerability in the JD Edwards EnterpriseOne Tools ...) + TODO: check CVE-2011-3513 (Unspecified vulnerability in the Oracle Application Object Library ...) NOT-FOR-US: Oracle E-Business Suite CVE-2011-3512 (Unspecified vulnerability in the Core RDBMS component in Oracle ...) @@ -6107,8 +6178,8 @@ NOT-FOR-US: Oracle Database Server CVE-2011-3510 (Unspecified vulnerability in the Oracle Business Intelligence ...) NOT-FOR-US: Oracle Fusion Middleware -CVE-2011-3509 - RESERVED +CVE-2011-3509 (Unspecified vulnerability in the JD Edwards EnterpriseOne Tools ...) + TODO: check CVE-2011-3508 (Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express ...) NOT-FOR-US: Oracle Solaris CVE-2011-3507 (Unspecified vulnerability in the Oracle Communications Unified ...) @@ -6463,8 +6534,8 @@ RESERVED CVE-2011-3376 (org/apache/catalina/core/DefaultInstanceManager.java in Apache Tomcat ...) - tomcat7 7.0.22-1 -CVE-2011-3375 - RESERVED +CVE-2011-3375 (Apache Tomcat 6.0.30 through 6.0.33 and 7.x before 7.0.22 does not ...) + TODO: check CVE-2011-3374 [apt-key insecure validation] RESERVED - apt <unfixed> (unimportant; bug #642480) @@ -9524,26 +9595,26 @@ - rampart <removed> (bug #631221) CVE-2011-2327 (Unspecified vulnerability in the Oracle Communications Unified ...) NOT-FOR-US: Oracle Sun Products Suite -CVE-2011-2326 - RESERVED -CVE-2011-2325 - RESERVED -CVE-2011-2324 - RESERVED +CVE-2011-2326 (Unspecified vulnerability in the JD Edwards EnterpriseOne Tools ...) + TODO: check +CVE-2011-2325 (Unspecified vulnerability in the JD Edwards EnterpriseOne Tools ...) + TODO: check +CVE-2011-2324 (Unspecified vulnerability in the JD Edwards EnterpriseOne Tools ...) + TODO: check CVE-2011-2323 (Unspecified vulnerability in the Health Sciences - Oracle Thesaurus ...) NOT-FOR-US: Oracle Thesaurus Management System CVE-2011-2322 (Unspecified vulnerability in the Database Vault component in Oracle ...) NOT-FOR-US: Oracle Database Server -CVE-2011-2321 - RESERVED +CVE-2011-2321 (Unspecified vulnerability in the JD Edwards EnterpriseOne Tools ...) + TODO: check CVE-2011-2320 (Unspecified vulnerability in the Oracle WebLogic Server component in ...) NOT-FOR-US: Oracle Fusion Middleware CVE-2011-2319 (Unspecified vulnerability in the Oracle WebLogic Server component in ...) NOT-FOR-US: Oracle Fusion Middleware CVE-2011-2318 (Unspecified vulnerability in the Oracle WebLogic Server component in ...) NOT-FOR-US: Oracle Fusion Middleware -CVE-2011-2317 - RESERVED +CVE-2011-2317 (Unspecified vulnerability in the JD Edwards EnterpriseOne Tools ...) + TODO: check CVE-2011-2316 (Unspecified vulnerability in the Siebel Apps - Marketing component in ...) NOT-FOR-US: Oracle Siebel CVE-2011-2315 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...) @@ -9636,8 +9707,8 @@ NOT-FOR-US: Oracle Supply Chain Products Suite CVE-2011-2272 (Unspecified vulnerability in the PeopleSoft Enterprise FSCM component ...) NOT-FOR-US: Oracle PeopleSoft Products -CVE-2011-2271 - RESERVED +CVE-2011-2271 (Unspecified vulnerability in the Oracle Application Object Library ...) + TODO: check CVE-2011-2270 RESERVED CVE-2011-2269 @@ -9654,8 +9725,8 @@ NOT-FOR-US: Oracle Fusion Middleware CVE-2011-2263 (Unspecified vulnerability in Sun Integrated Lights Out Manager in ...) NOT-FOR-US: Oracle SysFW -CVE-2011-2262 - RESERVED +CVE-2011-2262 (Unspecified vulnerability in the MySQL Server component in Oracle ...) + TODO: check CVE-2011-2261 (Unspecified vulnerability in the Oracle Secure Backup component in ...) NOT-FOR-US: Oracle Secure Backup CVE-2011-2260 (Unspecified vulnerability in the Oracle GlassFish Server component in ...) @@ -12251,8 +12322,8 @@ NOT-FOR-US: IBM WebSphere CVE-2011-1377 (The Web Services Security component in the Web Services Feature Pack ...) TODO: check -CVE-2011-1376 - RESERVED +CVE-2011-1376 (iscdeploy in IBM WebSphere Application Server (WAS) 6.1 before ...) + TODO: check CVE-2011-1375 (IBM AIX 6.1 and 7.1 does not restrict the wpar_limits_config and ...) NOT-FOR-US: IBM AIX CVE-2011-1374