From 21629a91bd6b31f6d0b865e36d074e56f3723afa Mon Sep 17 00:00:00 2001 From: security tracker role Date: Wed, 12 Feb 2020 20:10:26 +0000 Subject: automatic update --- data/CVE/2012.list | 24 +++++++++++++----------- 1 file changed, 13 insertions(+), 11 deletions(-) (limited to 'data/CVE/2012.list') diff --git a/data/CVE/2012.list b/data/CVE/2012.list index 05409377e6..c182a4dbd1 100644 --- a/data/CVE/2012.list +++ b/data/CVE/2012.list @@ -1,3 +1,7 @@ +CVE-2012-6721 (Multiple cross-site request forgery (CSRF) vulnerabilities in the (1) ...) + TODO: check +CVE-2012-6720 (Multiple cross-site scripting (XSS) vulnerabilities in SocialEngine be ...) + TODO: check CVE-2012-6719 (The sharebar plugin before 1.2.2 for WordPress has SQL injection. ...) NOT-FOR-US: sharebar plugin for WordPress CVE-2012-6718 (The sharebar plugin before 1.2.2 for WordPress has XSS, a different is ...) @@ -10403,8 +10407,8 @@ CVE-2012-2519 (Untrusted search path vulnerability in Entity Framework in ADO.NE NOT-FOR-US: Microsoft .NET framework CVE-2012-2518 REJECTED -CVE-2012-2517 - RESERVED +CVE-2012-2517 (Cross-site scripting (XSS) vulnerability in PrestaShop before 1.4.9 al ...) + TODO: check CVE-2012-2516 (An ActiveX control in KeyHelp.ocx in KeyWorks KeyHelp Module (aka the ...) NOT-FOR-US: KeyWorks not in Debian CVE-2012-2515 (Multiple stack-based buffer overflows in the KeyHelp.KeyCtrl.1 ActiveX ...) @@ -10534,8 +10538,8 @@ CVE-2012-2454 RESERVED CVE-2012-2453 RESERVED -CVE-2012-2452 - RESERVED +CVE-2012-2452 (Multiple cross-site scripting (XSS) vulnerabilities in pragmaMx 1.x be ...) + TODO: check CVE-2012-2450 (VMware Workstation 8.x before 8.0.3, VMware Player 4.x before 4.0.3, V ...) NOT-FOR-US: VMware CVE-2012-2449 (VMware Workstation 8.x before 8.0.3, VMware Player 4.x before 4.0.3, V ...) @@ -11155,7 +11159,7 @@ CVE-2012-2218 CVE-2012-2217 (The HTC IQRD service for Android on the HTC EVO 4G before 4.67.651.3, ...) NOT-FOR-US: Android CVE-2012-2216 - RESERVED + REJECTED CVE-2012-2095 (The SetWiredProperty function in the D-Bus interface in WICD before 1. ...) - wicd 1.7.2.4-1 (low; bug #668397) [squeeze] - wicd 1.7.0+ds1-5+squeeze2 @@ -13733,8 +13737,7 @@ CVE-2012-1126 (FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 1 NOTE: Crash only CVE-2012-1125 (Unrestricted file upload vulnerability in uploadify/scripts/uploadify. ...) NOT-FOR-US: Kish Guest Posting Plugin for WordPress (not in Debian) -CVE-2012-1124 - RESERVED +CVE-2012-1124 (SQL injection vulnerability in search.php in phxEventManager 2.0 beta ...) NOT-FOR-US: phxEventManager not in Debian CVE-2012-1123 (The mci_check_login function in api/soap/mc_api.php in the SOAP API in ...) {DSA-2500-1} @@ -14147,8 +14150,8 @@ CVE-2012-0953 RESERVED CVE-2012-0952 RESERVED -CVE-2012-0951 - RESERVED +CVE-2012-0951 (A Memory Corruption Vulnerability exists in NVIDIA Graphics Drivers 29 ...) + TODO: check CVE-2012-0950 (The Apport hook (DistUpgradeApport.py) in Update Manager, as used by U ...) - update-manager (Ubuntu-specific) CVE-2012-0949 (The Apport hook in Update Manager as used by Ubuntu 12.04 LTS, 11.10, ...) @@ -14519,8 +14522,7 @@ CVE-2012-0812 (PostfixAdmin 2.3.4 has multiple XSS vulnerabilities ...) CVE-2012-0811 (Multiple SQL injection vulnerabilities in Postfix Admin (aka postfixad ...) - postfixadmin 2.3.5-1 NOTE: http://seclists.org/oss-sec/2012/q1/285 -CVE-2012-0810 - RESERVED +CVE-2012-0810 (The int3 handler in the Linux kernel before 3.3 relies on a per-CPU de ...) - linux-2.6 3.2.16-1 (bug #672660) [squeeze] - linux-2.6 (rt patchset not yet present) NOTE: Ben Hutchings said it was fixed in 3.2.9-1, I checked it for 3.2.16-1 -- cgit v1.2.3