Author: joeyh
Date: 2011-03-29 21:15:26 + (Tue, 29 Mar 2011)
New Revision: 16452
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===
--- data/CVE/list 2011-03-28 23:30:33 UTC (rev 16451)
+++ data/CVE/list 2011-03-29 21:15:26 UTC (rev 16452)
@@ -1,3 +1,15 @@
+CVE-2011-1524 (Cross-site scripting (XSS) vulnerability in the management
login GUI ...)
+ TODO: check
+CVE-2011-1523
+ RESERVED
+CVE-2011-1522
+ RESERVED
+CVE-2010-4777
+ RESERVED
+CVE-2009-5063
+ RESERVED
+CVE-2006-7244
+ RESERVED
CVE-2011-1520 (The default configuration of the server console in IBM Lotus
Domino ...)
TODO: check
CVE-2011-1519 (The remote console in the Server Controller in IBM Lotus Domino
7.x ...)
@@ -5,6 +17,7 @@
CVE-2011-1518
RESERVED
CVE-2011-1521 [python urllib]
+ RESERVED
- python2.7 unfixed
- python2.6 unfixed
- python2.5 unfixed
@@ -305,8 +318,8 @@
RESERVED
CVE-2011-1421
RESERVED
-CVE-2011-1420
- RESERVED
+CVE-2011-1420 (EMC Data Protection Advisor Collector 5.7 and 5.7.1 on Solaris
SPARC ...)
+ TODO: check
CVE-2011-1419 (Apache Tomcat 7.x before 7.0.11, when web.xml has no security
...)
- tomcat6 not-affected (Only affects Tomcat 7)
CVE-2011-1418 (The stateless address autoconfiguration (aka SLAAC)
functionality in ...)
@@ -930,8 +943,7 @@
[squeeze] - linux-2.6 not-affected (Introduced in 2.6.35)
CVE-2011-1168
RESERVED
-CVE-2011-1167
- RESERVED
+CVE-2011-1167 (Heap-based buffer overflow in the thunder (aka ThunderScan)
decoder in ...)
- tiff unfixed (bug filed)
CVE-2011-1166
RESERVED
@@ -2141,8 +2153,8 @@
TODO: check
CVE-2011-0761
RESERVED
-CVE-2011-0760
- RESERVED
+CVE-2011-0760 (Multiple cross-site request forgery (CSRF) vulnerabilities in
the ...)
+ TODO: check
CVE-2011-0759 (Multiple cross-site request forgery (CSRF) vulnerabilities in
the ...)
TODO: check
CVE-2010-4727 (Smarty before 3.0.0 beta 7 does not properly handle the
lt;?php and ?gt; ...)
@@ -2725,8 +2737,8 @@
RESERVED
CVE-2011-0546
RESERVED
-CVE-2011-0545
- RESERVED
+CVE-2011-0545 (Cross-site request forgery (CSRF) vulnerability in adduser.do
in ...)
+ TODO: check
CVE-2011-0544
RESERVED
CVE-2011-0543
@@ -2987,8 +2999,8 @@
RESERVED
CVE-2011-0459
RESERVED
-CVE-2011-0458
- RESERVED
+CVE-2011-0458 (Untrusted search path vulnerability in the Locate on Disk
feature in ...)
+ TODO: check
CVE-2011-0457 (Cross-site scripting (XSS) vulnerability in e107 0.7.22 and
earlier ...)
TODO: check
CVE-2011-0456 (Open Ticket Request System (OTRS) 2.3.4 and earlier allows
remote ...)
@@ -3039,11 +3051,9 @@
{DSA-2195-1}
- php5 5.3.6-1 (bug #618489)
NOTE: Debian-specific
-CVE-2011-0440
- RESERVED
+CVE-2011-0440 (Cross-site request forgery (CSRF) vulnerability in Mahara 1.2.x
before ...)
- mahara 1.2.7-1
-CVE-2011-0439
- RESERVED
+CVE-2011-0439 (Cross-site scripting (XSS) vulnerability in Mahara 1.2.x before
1.2.7 ...)
- mahara 1.2.7-1
CVE-2011-0438 (nslcd/pam.c in nss-pam-ldapd 0.8.0 PAM module returns a success
code ...)
- nss-pam-ldapd not-affected (Only affects 0.8.0, which was only
uploaded to experimental)
@@ -4592,8 +4602,8 @@
- openjdk-6 6b18-1.8.5-1
[squeeze] - openjdk-6 no-dsa (bug #614151)
[lenny] - openjdk-6 no-dsa (bug #614151)
-CVE-2011-0024
- RESERVED
+CVE-2011-0024 (Heap-based buffer overflow in wiretap/pcapng.c in Wireshark
before 1.2 ...)
+ TODO: check
CVE-2011-0023
RESERVED
CVE-2011-0022 (The setup scripts in 389 Directory Server 1.2.x (aka Red Hat
Directory ...)
@@ -8024,11 +8034,9 @@
REJECTED
CVE-2010-3277 (The installer in VMware Workstation 7.x before 7.1.2 build
301548 and ...)
NOT-FOR-US: VMware Workstation
-CVE-2010-3276
- RESERVED
+CVE-2010-3276 (libdirectx_plugin.dll in VideoLAN VLC Media Player before 1.1.8
allows ...)
- vlc unfixed
-CVE-2010-3275
- RESERVED
+CVE-2010-3275 (libdirectx_plugin.dll in VideoLAN VLC Media Player before 1.1.8
allows ...)
- vlc unfixed
CVE-2010-3274 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
NOT-FOR-US: ZOHO ManageEngine
___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits