Secure testing commits - Feb 2012 - r18445 - data/CVE

Author: joeyh
Date: 2012-02-15 21:14:39 +0000 (Wed, 15 Feb 2012)
New Revision: 18445

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2012-02-15 21:01:50 UTC (rev 18444)
+++ data/CVE/list	2012-02-15 21:14:39 UTC (rev 18445)
@@ -1,3 +1,261 @@
+CVE-2012-1187
+	RESERVED
+CVE-2012-1186
+	RESERVED
+CVE-2012-1185
+	RESERVED
+CVE-2012-1184
+	RESERVED
+CVE-2012-1183
+	RESERVED
+CVE-2012-1182
+	RESERVED
+CVE-2012-1181
+	RESERVED
+CVE-2012-1180
+	RESERVED
+CVE-2012-1179
+	RESERVED
+CVE-2012-1178
+	RESERVED
+CVE-2012-1177
+	RESERVED
+CVE-2012-1176
+	RESERVED
+CVE-2012-1175
+	RESERVED
+CVE-2012-1174
+	RESERVED
+CVE-2012-1173
+	RESERVED
+CVE-2012-1172
+	RESERVED
+CVE-2012-1171
+	RESERVED
+CVE-2012-1170
+	RESERVED
+CVE-2012-1169
+	RESERVED
+CVE-2012-1168
+	RESERVED
+CVE-2012-1167
+	RESERVED
+CVE-2012-1166
+	RESERVED
+CVE-2012-1165
+	RESERVED
+CVE-2012-1164
+	RESERVED
+CVE-2012-1163
+	RESERVED
+CVE-2012-1162
+	RESERVED
+CVE-2012-1161
+	RESERVED
+CVE-2012-1160
+	RESERVED
+CVE-2012-1159
+	RESERVED
+CVE-2012-1158
+	RESERVED
+CVE-2012-1157
+	RESERVED
+CVE-2012-1156
+	RESERVED
+CVE-2012-1155
+	RESERVED
+CVE-2012-1154
+	RESERVED
+CVE-2012-1153
+	RESERVED
+CVE-2012-1152
+	RESERVED
+CVE-2012-1151
+	RESERVED
+CVE-2012-1150
+	RESERVED
+CVE-2012-1149
+	RESERVED
+CVE-2012-1148
+	RESERVED
+CVE-2012-1147
+	RESERVED
+CVE-2012-1146
+	RESERVED
+CVE-2012-1145
+	RESERVED
+CVE-2012-1144
+	RESERVED
+CVE-2012-1143
+	RESERVED
+CVE-2012-1142
+	RESERVED
+CVE-2012-1141
+	RESERVED
+CVE-2012-1140
+	RESERVED
+CVE-2012-1139
+	RESERVED
+CVE-2012-1138
+	RESERVED
+CVE-2012-1137
+	RESERVED
+CVE-2012-1136
+	RESERVED
+CVE-2012-1135
+	RESERVED
+CVE-2012-1134
+	RESERVED
+CVE-2012-1133
+	RESERVED
+CVE-2012-1132
+	RESERVED
+CVE-2012-1131
+	RESERVED
+CVE-2012-1130
+	RESERVED
+CVE-2012-1129
+	RESERVED
+CVE-2012-1128
+	RESERVED
+CVE-2012-1127
+	RESERVED
+CVE-2012-1126
+	RESERVED
+CVE-2012-1125
+	RESERVED
+CVE-2012-1124
+	RESERVED
+CVE-2012-1123
+	RESERVED
+CVE-2012-1122
+	RESERVED
+CVE-2012-1121
+	RESERVED
+CVE-2012-1120
+	RESERVED
+CVE-2012-1119
+	RESERVED
+CVE-2012-1118
+	RESERVED
+CVE-2012-1117
+	RESERVED
+CVE-2012-1116
+	RESERVED
+CVE-2012-1115
+	RESERVED
+CVE-2012-1114
+	RESERVED
+CVE-2012-1113
+	RESERVED
+CVE-2012-1112
+	RESERVED
+CVE-2012-1111
+	RESERVED
+CVE-2012-1110
+	RESERVED
+CVE-2012-1109
+	RESERVED
+CVE-2012-1108
+	RESERVED
+CVE-2012-1107
+	RESERVED
+CVE-2012-1106
+	RESERVED
+CVE-2012-1105
+	RESERVED
+CVE-2012-1104
+	RESERVED
+CVE-2012-1103
+	RESERVED
+CVE-2012-1102
+	RESERVED
+CVE-2012-1101
+	RESERVED
+CVE-2012-1100
+	RESERVED
+CVE-2012-1099
+	RESERVED
+CVE-2012-1098
+	RESERVED
+CVE-2012-1097
+	RESERVED
+CVE-2012-1096
+	RESERVED
+CVE-2012-1095
+	RESERVED
+CVE-2012-1094
+	RESERVED
+CVE-2012-1093
+	RESERVED
+CVE-2012-1092
+	RESERVED
+CVE-2012-1091
+	RESERVED
+CVE-2012-1090
+	RESERVED
+CVE-2012-1089
+	RESERVED
+CVE-2012-1088
+	RESERVED
+CVE-2012-1087 (Cross-site scripting (XSS) vulnerability in the Post data
records to ...)
+	TODO: check
+CVE-2012-1086 (Cross-site scripting (XSS) vulnerability in the UrlTool
(aeurltool) ...)
+	TODO: check
+CVE-2012-1085 (Unspecified vulnerability in the BE User Switch (beuserswitch)
...)
+	TODO: check
+CVE-2012-1084 (Cross-site scripting (XSS) vulnerability in the BE User Switch
...)
+	TODO: check
+CVE-2012-1083 (Cross-site request forgery (CSRF) vulnerability in the Terminal
PHP ...)
+	TODO: check
+CVE-2012-1082 (Cross-site scripting (XSS) vulnerability in the Terminal PHP
Shell ...)
+	TODO: check
+CVE-2012-1081 (Cross-site scripting (XSS) vulnerability in the Yet another
Google ...)
+	TODO: check
+CVE-2012-1080 (Cross-site scripting (XSS) vulnerability in the Euro Calculator
...)
+	TODO: check
+CVE-2012-1079 (Unspecified vulnerability in the Webservices for TYPO3 ...)
+	TODO: check
+CVE-2012-1078 (The System Utilities (sysutils) extension 1.0.3 and earlier for
TYPO3 ...)
+	TODO: check
+CVE-2012-1077 (SQL injection vulnerability in the Post data records to facebook
...)
+	TODO: check
+CVE-2012-1076 (Cross-site scripting (XSS) vulnerability in the Documents
download ...)
+	TODO: check
+CVE-2012-1075 (SQL injection vulnerability in the Documents download
(rtg_files) ...)
+	TODO: check
+CVE-2012-1074 (SQL injection vulnerability in the White Papers (mm_whtppr)
extension ...)
+	TODO: check
+CVE-2012-1073 (Cross-site scripting (XSS) vulnerability in the Category-System
...)
+	TODO: check
+CVE-2012-1072 (SQL injection vulnerability in the Category-System
(toi_category) ...)
+	TODO: check
+CVE-2012-1071 (SQL injection vulnerability in the Kitchen recipe (mv_cooking)
...)
+	TODO: check
+CVE-2012-1070 (Cross-site scripting (XSS) vulnerability in the Modern FAQ
(irfaq) ...)
+	TODO: check
+CVE-2012-1069 (Cross-site scripting (XSS) vulnerability in
module/kb/search_word in ...)
+	TODO: check
+CVE-2012-1068 (Cross-site scripting (XSS) vulnerability in the rc_ajax function
in ...)
+	TODO: check
+CVE-2012-1067 (SQL injection vulnerability in the WP-RecentComments plugin
2.0.7 for ...)
+	TODO: check
+CVE-2012-1066 (Cross-site scripting (XSS) vulnerability in the template module
in ...)
+	TODO: check
+CVE-2012-1065 (Insecure method vulnerability in TuxScripting.dll in the
TuxSystem ...)
+	TODO: check
+CVE-2012-1064
+	RESERVED
+CVE-2011-5080 (Cross-site scripting (XSS) vulnerability in ...)
+	TODO: check
+CVE-2011-5079 (Open redirect vulnerability in the Modern FAQ (irfaq) extension
1.1.2 ...)
+	TODO: check
+CVE-2010-5085 (Multiple cross-site request forgery (CSRF) vulnerabilities in
...)
+	TODO: check
+CVE-2010-5084 (The cross-site request forgery (CSRF) protection mechanism in
e107 ...)
+	TODO: check
+CVE-2010-5083 (SQL injection vulnerability in the Web_Links module for PHP-Nuke
8.0 ...)
+	TODO: check
 CVE-2012-1063 (Multiple SQL injection vulnerabilities in ManageEngine
Applications ...)
 	TODO: check
 CVE-2012-1062 (Multiple cross-site scripting (XSS) vulnerabilities in
ManageEngine ...)
@@ -115,8 +373,8 @@
 	NOT-FOR-US: HDWiki
 CVE-2011-5076 (SQL injection vulnerability in model/comment.class.php in HDWiki
5.0, ...)
 	NOT-FOR-US: HDWiki
-CVE-2012-1009
-	RESERVED
+CVE-2012-1009 (NetSarang Xlpd 4 Build 0100 and NetSarang Xmanager Enterprise 4
Build ...)
+	TODO: check
 CVE-2012-1008 (OfficeSIP Server 3.1 allows remote attackers to cause a denial
of ...)
 	NOT-FOR-US: OfficeSIP Server
 CVE-2012-1007 (Multiple cross-site scripting (XSS) vulnerabilities in Apache
Struts ...)
@@ -339,9 +597,9 @@
 	RESERVED
 CVE-2012-0909 (Cross-site scripting (XSS) vulnerability in Horde_Form in Horde
...)
 	- horde3 <unfixed>
-        [squeeze] - horde3 <not-affected> (affected files do not exist)
+	[squeeze] - horde3 <not-affected> (affected files do not exist)
 	- imp4 <unfixed> (bug #659392)
-        [squeeze] - imp4 <not-affected> (affected files do not exist)
+	[squeeze] - imp4 <not-affected> (affected files do not exist)
 CVE-2012-0907 (Directory traversal vulnerability in the web player in NeoAxis
NeoAxis ...)
 	NOT-FOR-US: NeoAxis NeoAxis web player
 CVE-2012-0906 (SQL injection vulnerability in the Moviebase addon for
deV!L''z ...)
@@ -629,10 +887,9 @@
 	- imp4 <unfixed> (bug #659392)
 CVE-2012-0790 (Cross-site scripting (XSS) vulnerability in smokeping_cgi in
Smokeping ...)
 	- smokeping 2.6.7-1 (bug #659899)
-CVE-2012-0789
-	RESERVED
-CVE-2012-0788
-	RESERVED
+CVE-2012-0789 (Memory leak in the timezone functionality in PHP before 5.3.9
allows ...)
+	TODO: check
+CVE-2012-0788 (The PDORow implementation in PHP before 5.3.9 does not properly
...)
 	{DSA-2408-1}
 	- php5 5.3.9-1
 CVE-2012-0787
@@ -682,26 +939,26 @@
 	RESERVED
 CVE-2012-0767
 	RESERVED
-CVE-2012-0766
-	RESERVED
-CVE-2012-0765
-	RESERVED
-CVE-2012-0764
-	RESERVED
-CVE-2012-0763
-	RESERVED
-CVE-2012-0762
-	RESERVED
-CVE-2012-0761
-	RESERVED
-CVE-2012-0760
-	RESERVED
-CVE-2012-0759
-	RESERVED
-CVE-2012-0758
-	RESERVED
-CVE-2012-0757
-	RESERVED
+CVE-2012-0766 (The Shockwave 3D Asset component in Adobe Shockwave Player
before ...)
+	TODO: check
+CVE-2012-0765 (Multiple cross-site scripting (XSS) vulnerabilities in Adobe
RoboHelp ...)
+	TODO: check
+CVE-2012-0764 (The Shockwave 3D Asset component in Adobe Shockwave Player
before ...)
+	TODO: check
+CVE-2012-0763 (The Shockwave 3D Asset component in Adobe Shockwave Player
before ...)
+	TODO: check
+CVE-2012-0762 (The Shockwave 3D Asset component in Adobe Shockwave Player
before ...)
+	TODO: check
+CVE-2012-0761 (The Shockwave 3D Asset component in Adobe Shockwave Player
before ...)
+	TODO: check
+CVE-2012-0760 (The Shockwave 3D Asset component in Adobe Shockwave Player
before ...)
+	TODO: check
+CVE-2012-0759 (Adobe Shockwave Player before 11.6.4.634 allows attackers to
execute ...)
+	TODO: check
+CVE-2012-0758 (Heap-based buffer overflow in Adobe Shockwave Player before
11.6.4.634 ...)
+	TODO: check
+CVE-2012-0757 (The Shockwave 3D Asset component in Adobe Shockwave Player
before ...)
+	TODO: check
 CVE-2012-0756
 	RESERVED
 CVE-2012-0755
@@ -1864,7 +2121,7 @@
 	NOT-FOR-US: NTR ActiveX control
 CVE-2012-0265
 	RESERVED
-CVE-2011-5046 (win32k.sys in the kernel-mode drivers in Microsoft Windows 7
...)
+CVE-2011-5046 (The Graphics Device Interface (GDI) in win32k.sys in the
kernel-mode ...)
 	NOT-FOR-US: Microsoft Windows 7
 CVE-2011-5045 (Cross-site scripting (XSS) vulnerability in details_view.php in
PHP ...)
 	NOT-FOR-US: PHP Booking Calendar 10e (not in Debian)
@@ -2531,12 +2788,15 @@
 	RESERVED
 CVE-2012-0212
 	RESERVED
+	{DSA-2409-1}
 	- devscripts <unfixed>
 CVE-2012-0211
 	RESERVED
+	{DSA-2409-1}
 	- devscripts <unfixed>
 CVE-2012-0210
 	RESERVED
+	{DSA-2409-1}
 	- devscripts <unfixed>
 CVE-2012-0209 [horde backdoor]
 	RESERVED
@@ -2703,30 +2963,30 @@
 	RESERVED
 CVE-2012-0156
 	RESERVED
-CVE-2012-0155
-	RESERVED
-CVE-2012-0154
-	RESERVED
+CVE-2012-0155 (Microsoft Internet Explorer 9 does not properly handle objects
in ...)
+	TODO: check
+CVE-2012-0154 (Use-after-free vulnerability in win32k.sys in the kernel-mode
drivers ...)
+	TODO: check
 CVE-2012-0153
 	RESERVED
 CVE-2012-0152
 	RESERVED
 CVE-2012-0151
 	RESERVED
-CVE-2012-0150
-	RESERVED
-CVE-2012-0149
-	RESERVED
-CVE-2012-0148
-	RESERVED
+CVE-2012-0150 (Buffer overflow in msvcrt.dll in Microsoft Windows Vista SP2,
Windows ...)
+	TODO: check
+CVE-2012-0149 (afd.sys in the Ancillary Function Driver in Microsoft Windows
Server ...)
+	TODO: check
+CVE-2012-0148 (afd.sys in the Ancillary Function Driver in Microsoft Windows XP
SP2, ...)
+	TODO: check
 CVE-2012-0147
 	RESERVED
 CVE-2012-0146
 	RESERVED
-CVE-2012-0145
-	RESERVED
-CVE-2012-0144
-	RESERVED
+CVE-2012-0145 (Cross-site scripting (XSS) vulnerability in wizardlist.aspx in
...)
+	TODO: check
+CVE-2012-0144 (Cross-site scripting (XSS) vulnerability in themeweb.aspx in
Microsoft ...)
+	TODO: check
 CVE-2012-0143
 	RESERVED
 CVE-2012-0142
@@ -2737,12 +2997,12 @@
 	RESERVED
 CVE-2012-0139
 	RESERVED
-CVE-2012-0138
-	RESERVED
-CVE-2012-0137
-	RESERVED
-CVE-2012-0136
-	RESERVED
+CVE-2012-0138 (Microsoft Visio Viewer 2010 Gold and SP1 does not properly
handle ...)
+	TODO: check
+CVE-2012-0137 (Microsoft Visio Viewer 2010 Gold and SP1 does not properly
handle ...)
+	TODO: check
+CVE-2012-0136 (Microsoft Visio Viewer 2010 Gold and SP1 does not properly
handle ...)
+	TODO: check
 CVE-2012-0135
 	RESERVED
 CVE-2012-0134
@@ -4001,28 +4261,28 @@
 	RESERVED
 CVE-2011-4437
 	RESERVED
-CVE-2012-0020
-	RESERVED
-CVE-2012-0019
-	RESERVED
+CVE-2012-0020 (Microsoft Visio Viewer 2010 Gold and SP1 does not properly
handle ...)
+	TODO: check
+CVE-2012-0019 (Microsoft Visio Viewer 2010 Gold and SP1 does not properly
handle ...)
+	TODO: check
 CVE-2012-0018
 	RESERVED
-CVE-2012-0017
-	RESERVED
+CVE-2012-0017 (Cross-site scripting (XSS) vulnerability in inplview.aspx in
Microsoft ...)
+	TODO: check
 CVE-2012-0016
 	RESERVED
-CVE-2012-0015
-	RESERVED
-CVE-2012-0014
-	RESERVED
+CVE-2012-0015 (Microsoft .NET Framework 2.0 SP2 and 3.5.1 does not properly
calculate ...)
+	TODO: check
+CVE-2012-0014 (Microsoft .NET Framework 2.0 SP2, 3.5.1, and 4, and Silverlight
4 ...)
+	TODO: check
 CVE-2012-0013 (Incomplete blacklist vulnerability in the Windows Packager ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2012-0012
-	RESERVED
-CVE-2012-0011
-	RESERVED
-CVE-2012-0010
-	RESERVED
+CVE-2012-0012 (Microsoft Internet Explorer 9 does not properly handle the
creation ...)
+	TODO: check
+CVE-2012-0011 (Microsoft Internet Explorer 7 through 9 does not properly handle
...)
+	TODO: check
+CVE-2012-0010 (Microsoft Internet Explorer 6 through 9 does not properly
perform ...)
+	TODO: check
 CVE-2012-0009 (Untrusted search path vulnerability in the Windows Object
Packager ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2012-0008
@@ -8274,6 +8534,7 @@
 	RESERVED
 CVE-2011-3026
 	RESERVED
+	{DSA-2410-1}
 	- libpng <unfixed> (high; bug #660026)
 CVE-2011-3025
 	RESERVED
@@ -21511,7 +21772,7 @@
 	NOT-FOR-US: Microsoft Windows Internet Communication Settings
 CVE-2010-3139 (Untrusted search path vulnerability in Microsoft Windows Progman
Group ...)
 	NOT-FOR-US: Microsoft Windows Progman Group Converter
-CVE-2010-3138 (Untrusted search path vulnerability in the Indeo filter
(iac25_32.ax) ...)
+CVE-2010-3138 (Untrusted search path vulnerability in the Indeo Codec in
iac25_32.ax ...)
 	NOT-FOR-US: Microsoft Windows Media Player
 CVE-2010-3137 (Untrusted search path vulnerability in Nullsoft Winamp 5.581,
and ...)
 	NOT-FOR-US: Nullsoft Winamp