[Secure-testing-commits] r16452 - data/CVE

Joey Hess Tue, 29 Mar 2011 14:18:43 -0700

Author: joeyh
Date: 2011-03-29 21:15:26 +0000 (Tue, 29 Mar 2011)
New Revision: 16452


Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2011-03-28 23:30:33 UTC (rev 16451)
+++ data/CVE/list       2011-03-29 21:15:26 UTC (rev 16452)
@@ -1,3 +1,15 @@
+CVE-2011-1524 (Cross-site scripting (XSS) vulnerability in the management 
login GUI ...)
+       TODO: check
+CVE-2011-1523
+       RESERVED
+CVE-2011-1522
+       RESERVED
+CVE-2010-4777
+       RESERVED
+CVE-2009-5063
+       RESERVED
+CVE-2006-7244
+       RESERVED
 CVE-2011-1520 (The default configuration of the server console in IBM Lotus 
Domino ...)
        TODO: check
 CVE-2011-1519 (The remote console in the Server Controller in IBM Lotus Domino 
7.x ...)
@@ -5,6 +17,7 @@
 CVE-2011-1518
        RESERVED
 CVE-2011-1521 [python urllib]
+       RESERVED
        - python2.7 <unfixed>
        - python2.6 <unfixed>
        - python2.5 <unfixed>
@@ -305,8 +318,8 @@
        RESERVED
 CVE-2011-1421
        RESERVED
-CVE-2011-1420
-       RESERVED
+CVE-2011-1420 (EMC Data Protection Advisor Collector 5.7 and 5.7.1 on Solaris 
SPARC ...)
+       TODO: check
 CVE-2011-1419 (Apache Tomcat 7.x before 7.0.11, when web.xml has no security 
...)
        - tomcat6 <not-affected> (Only affects Tomcat 7)
 CVE-2011-1418 (The stateless address autoconfiguration (aka SLAAC) 
functionality in ...)
@@ -930,8 +943,7 @@
        [squeeze] - linux-2.6 <not-affected> (Introduced in 2.6.35)
 CVE-2011-1168
        RESERVED
-CVE-2011-1167
-       RESERVED
+CVE-2011-1167 (Heap-based buffer overflow in the thunder (aka ThunderScan) 
decoder in ...)
        - tiff <unfixed> (bug filed)
 CVE-2011-1166
        RESERVED
@@ -2141,8 +2153,8 @@
        TODO: check
 CVE-2011-0761
        RESERVED
-CVE-2011-0760
-       RESERVED
+CVE-2011-0760 (Multiple cross-site request forgery (CSRF) vulnerabilities in 
the ...)
+       TODO: check
 CVE-2011-0759 (Multiple cross-site request forgery (CSRF) vulnerabilities in 
the ...)
        TODO: check
 CVE-2010-4727 (Smarty before 3.0.0 beta 7 does not properly handle the 
&lt;?php and ?&gt; ...)
@@ -2725,8 +2737,8 @@
        RESERVED
 CVE-2011-0546
        RESERVED
-CVE-2011-0545
-       RESERVED
+CVE-2011-0545 (Cross-site request forgery (CSRF) vulnerability in adduser.do 
in ...)
+       TODO: check
 CVE-2011-0544
        RESERVED
 CVE-2011-0543
@@ -2987,8 +2999,8 @@
        RESERVED
 CVE-2011-0459
        RESERVED
-CVE-2011-0458
-       RESERVED
+CVE-2011-0458 (Untrusted search path vulnerability in the Locate on Disk 
feature in ...)
+       TODO: check
 CVE-2011-0457 (Cross-site scripting (XSS) vulnerability in e107 0.7.22 and 
earlier ...)
        TODO: check
 CVE-2011-0456 (Open Ticket Request System (OTRS) 2.3.4 and earlier allows 
remote ...)
@@ -3039,11 +3051,9 @@
        {DSA-2195-1}
        - php5 5.3.6-1 (bug #618489)
        NOTE: Debian-specific
-CVE-2011-0440
-       RESERVED
+CVE-2011-0440 (Cross-site request forgery (CSRF) vulnerability in Mahara 1.2.x 
before ...)
        - mahara 1.2.7-1
-CVE-2011-0439
-       RESERVED
+CVE-2011-0439 (Cross-site scripting (XSS) vulnerability in Mahara 1.2.x before 
1.2.7 ...)
        - mahara 1.2.7-1
 CVE-2011-0438 (nslcd/pam.c in nss-pam-ldapd 0.8.0 PAM module returns a success 
code ...)
        - nss-pam-ldapd <not-affected> (Only affects 0.8.0, which was only 
uploaded to experimental)
@@ -4592,8 +4602,8 @@
        - openjdk-6 6b18-1.8.5-1
        [squeeze] - openjdk-6 <no-dsa> (bug #614151)
        [lenny] - openjdk-6 <no-dsa> (bug #614151)
-CVE-2011-0024
-       RESERVED
+CVE-2011-0024 (Heap-based buffer overflow in wiretap/pcapng.c in Wireshark 
before 1.2 ...)
+       TODO: check
 CVE-2011-0023
        RESERVED
 CVE-2011-0022 (The setup scripts in 389 Directory Server 1.2.x (aka Red Hat 
Directory ...)
@@ -8024,11 +8034,9 @@
        REJECTED
 CVE-2010-3277 (The installer in VMware Workstation 7.x before 7.1.2 build 
301548 and ...)
        NOT-FOR-US: VMware Workstation
-CVE-2010-3276
-       RESERVED
+CVE-2010-3276 (libdirectx_plugin.dll in VideoLAN VLC Media Player before 1.1.8 
allows ...)
        - vlc <unfixed>
-CVE-2010-3275
-       RESERVED
+CVE-2010-3275 (libdirectx_plugin.dll in VideoLAN VLC Media Player before 1.1.8 
allows ...)
        - vlc <unfixed>
 CVE-2010-3274 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
        NOT-FOR-US: ZOHO ManageEngine


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r16452 - data/CVE

Reply via email to