thr3ads.net - Secure testing commits - [Secure-testing-commits] r19025

If this information is useful, please help other people find it:
Share via:
Joey Hess
2012-Apr-20 21:14 UTC
[Secure-testing-commits] r19025 - data/CVE

Author: joeyh
Date: 2012-04-20 21:14:46 +0000 (Fri, 20 Apr 2012)
New Revision: 19025

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2012-04-20 20:29:38 UTC (rev 19024)
+++ data/CVE/list	2012-04-20 21:14:46 UTC (rev 19025)
@@ -1,3 +1,249 @@
+CVE-2012-2398 (Cross-site scripting (XSS) vulnerability in
files/ajax/download.php in ...)
+	TODO: check
+CVE-2012-2397 (Cross-site request forgery (CSRF) vulnerability in ownCloud
3.0.2 ...)
+	TODO: check
+CVE-2012-2396 (VideoLAN VLC media player 2.0.1 allows remote attackers to cause
a ...)
+	TODO: check
+CVE-2012-2395
+	RESERVED
+CVE-2012-2394
+	RESERVED
+CVE-2012-2393
+	RESERVED
+CVE-2012-2392
+	RESERVED
+CVE-2012-2391
+	RESERVED
+CVE-2012-2390
+	RESERVED
+CVE-2012-2389
+	RESERVED
+CVE-2012-2388
+	RESERVED
+CVE-2012-2387
+	RESERVED
+CVE-2012-2386
+	RESERVED
+CVE-2012-2385
+	RESERVED
+CVE-2012-2384
+	RESERVED
+CVE-2012-2383
+	RESERVED
+CVE-2012-2382
+	RESERVED
+CVE-2012-2381
+	RESERVED
+CVE-2012-2380
+	RESERVED
+CVE-2012-2379
+	RESERVED
+CVE-2012-2378
+	RESERVED
+CVE-2012-2377
+	RESERVED
+CVE-2012-2376
+	RESERVED
+CVE-2012-2375
+	RESERVED
+CVE-2012-2374
+	RESERVED
+CVE-2012-2373
+	RESERVED
+CVE-2012-2372
+	RESERVED
+CVE-2012-2371
+	RESERVED
+CVE-2012-2370
+	RESERVED
+CVE-2012-2369
+	RESERVED
+CVE-2012-2368
+	RESERVED
+CVE-2012-2367
+	RESERVED
+CVE-2012-2366
+	RESERVED
+CVE-2012-2365
+	RESERVED
+CVE-2012-2364
+	RESERVED
+CVE-2012-2363
+	RESERVED
+CVE-2012-2362
+	RESERVED
+CVE-2012-2361
+	RESERVED
+CVE-2012-2360
+	RESERVED
+CVE-2012-2359
+	RESERVED
+CVE-2012-2358
+	RESERVED
+CVE-2012-2357
+	RESERVED
+CVE-2012-2356
+	RESERVED
+CVE-2012-2355
+	RESERVED
+CVE-2012-2354
+	RESERVED
+CVE-2012-2353
+	RESERVED
+CVE-2012-2352
+	RESERVED
+CVE-2012-2351
+	RESERVED
+CVE-2012-2350
+	RESERVED
+CVE-2012-2349
+	RESERVED
+CVE-2012-2348
+	RESERVED
+CVE-2012-2347
+	RESERVED
+CVE-2012-2346
+	RESERVED
+CVE-2012-2345
+	RESERVED
+CVE-2012-2344
+	RESERVED
+CVE-2012-2343
+	RESERVED
+CVE-2012-2342
+	RESERVED
+CVE-2012-2341
+	RESERVED
+CVE-2012-2340
+	RESERVED
+CVE-2012-2339
+	RESERVED
+CVE-2012-2338
+	RESERVED
+CVE-2012-2337
+	RESERVED
+CVE-2012-2336
+	RESERVED
+CVE-2012-2335
+	RESERVED
+CVE-2012-2334
+	RESERVED
+CVE-2012-2333
+	RESERVED
+CVE-2012-2332
+	RESERVED
+CVE-2012-2331
+	RESERVED
+CVE-2012-2330
+	RESERVED
+CVE-2012-2329
+	RESERVED
+CVE-2012-2328
+	RESERVED
+CVE-2012-2327
+	RESERVED
+CVE-2012-2326
+	RESERVED
+CVE-2012-2325
+	RESERVED
+CVE-2012-2324
+	RESERVED
+CVE-2012-2323
+	RESERVED
+CVE-2012-2322
+	RESERVED
+CVE-2012-2321
+	RESERVED
+CVE-2012-2320
+	RESERVED
+CVE-2012-2319
+	RESERVED
+CVE-2012-2318
+	RESERVED
+CVE-2012-2317
+	RESERVED
+CVE-2012-2316
+	RESERVED
+CVE-2012-2315
+	RESERVED
+CVE-2012-2314
+	RESERVED
+CVE-2012-2313
+	RESERVED
+CVE-2012-2312
+	RESERVED
+CVE-2012-2311
+	RESERVED
+CVE-2012-2310
+	RESERVED
+CVE-2012-2309
+	RESERVED
+CVE-2012-2308
+	RESERVED
+CVE-2012-2307
+	RESERVED
+CVE-2012-2306
+	RESERVED
+CVE-2012-2305
+	RESERVED
+CVE-2012-2304
+	RESERVED
+CVE-2012-2303
+	RESERVED
+CVE-2012-2302
+	RESERVED
+CVE-2012-2301
+	RESERVED
+CVE-2012-2300
+	RESERVED
+CVE-2012-2299
+	RESERVED
+CVE-2012-2298
+	RESERVED
+CVE-2012-2297
+	RESERVED
+CVE-2012-2296
+	RESERVED
+CVE-2012-2295
+	RESERVED
+CVE-2012-2294
+	RESERVED
+CVE-2012-2293
+	RESERVED
+CVE-2012-2292
+	RESERVED
+CVE-2012-2291
+	RESERVED
+CVE-2012-2290
+	RESERVED
+CVE-2012-2289
+	RESERVED
+CVE-2012-2288
+	RESERVED
+CVE-2012-2287
+	RESERVED
+CVE-2012-2286
+	RESERVED
+CVE-2012-2285
+	RESERVED
+CVE-2012-2284
+	RESERVED
+CVE-2012-2283
+	RESERVED
+CVE-2012-2282
+	RESERVED
+CVE-2012-2281
+	RESERVED
+CVE-2012-2280
+	RESERVED
+CVE-2012-2279
+	RESERVED
+CVE-2012-2278
+	RESERVED
+CVE-2012-2277
+	RESERVED
+CVE-2012-2276
+	RESERVED
 CVE-2012-XXXX
 	- pastescript <unfixed>
 	NOTE: https://groups.google.com/d/topic/paste-users/KqZRujMcJHE/discussion
@@ -6,16 +252,16 @@
 	RESERVED
 CVE-2012-2274
 	RESERVED
-CVE-2012-2273
-	RESERVED
+CVE-2012-2273 (Comodo Internet Security before 5.10.228257.2253 on Windows 7
x64 ...)
+	TODO: check
 CVE-2012-2272
 	RESERVED
 CVE-2012-2271
 	RESERVED
-CVE-2012-2270
-	RESERVED
-CVE-2012-2269
-	RESERVED
+CVE-2012-2270 (Open redirect vulnerability in index.php (aka the Login Page) in
...)
+	TODO: check
+CVE-2012-2269 (Multiple cross-site scripting (XSS) vulnerabilities in ownCloud
3.0.0 ...)
+	TODO: check
 CVE-2011-5089 (Buffer overflow in the Security Login ActiveX controls in
ICONICS ...)
 	NOT-FOR-US: ICONICS, BizViz
 CVE-2011-5088 (The GENESIS32 IcoSetServer ActiveX control in ICONICS GENESIS32
9.21 ...)
@@ -88,8 +334,8 @@
 	RESERVED
 CVE-2012-2237
 	RESERVED
-CVE-2012-2236
-	RESERVED
+CVE-2012-2236 (SQL injection vulnerability in users.php in PHP Gift Registry
1.5.5 ...)
+	TODO: check
 CVE-2012-XXXX [dokuwiki doku.php ''target'' param xss]
 	- dokuwiki <unfixed>
 	TODO: check
@@ -359,12 +605,12 @@
 	RESERVED
 CVE-2012-2112
 	RESERVED
+	{DSA-2455-1}
 	- typo3-src <unfixed> (bug #669158)
 	NOTE:
http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-002/
 CVE-2012-2111
 	RESERVED
-CVE-2012-2110 [ossl DER int conversion issues]
-	RESERVED
+CVE-2012-2110 (The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in
OpenSSL ...)
 	{DSA-2454-1}
 	- openssl 1.0.1a-1
 	NOTE: http://www.openssl.org/news/secadv_20120419.txt
@@ -4539,10 +4785,10 @@
 	RESERVED
 CVE-2012-0408
 	RESERVED
-CVE-2012-0407
-	RESERVED
-CVE-2012-0406
-	RESERVED
+CVE-2012-0407 (Integer overflow in the DPA_Utilities library in EMC Data
Protection ...)
+	TODO: check
+CVE-2012-0406 (The DPA_Utilities.cProcessAuthenticationData function in EMC
Data ...)
+	TODO: check
 CVE-2012-0405
 	RESERVED
 CVE-2012-0404 (Cross-site scripting (XSS) vulnerability in EMC Documentum eRoom
...)
@@ -5564,6 +5810,7 @@
 CVE-2006-7251
 	RESERVED
 CVE-2006-7250 (The mime_hdr_cmp function in crypto/asn1/asn_mime.c in OpenSSL
0.9.8t ...)
+	{DSA-2454-1}
 	- openssl 1.0.0h-1
 	NOTE: DSA addressed it in patch for CVE-2012-1165
 CVE-2006-7249
@@ -5867,8 +6114,8 @@
 	NOT-FOR-US: Microsoft
 CVE-2012-0135 (Unspecified vulnerability in HP System Management Homepage (SMH)
...)
 	NOT-FOR-US: HP System Management Homepage
-CVE-2012-0134
-	RESERVED
+CVE-2012-0134 (Unspecified vulnerability in HP OpenVMS 7.3-2 on the Alpha
platform, ...)
+	TODO: check
 CVE-2012-0133 (HP ProCurve 5400 zl switches with certain serial numbers include
a ...)
 	NOT-FOR-US: HP ProCurve
 CVE-2012-0132 (Cross-site scripting (XSS) vulnerability in HP Business
Availability ...)
Secure testing commits - Apr 2012 - r19025 - data/CVE

[Secure-testing-commits] r19025 - data/CVE
