Author: joeyh
Date: 2011-11-14 21:15:51 +0000 (Mon, 14 Nov 2011)
New Revision: 17613
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2011-11-14 19:10:50 UTC (rev 17612)
+++ data/CVE/list 2011-11-14 21:15:51 UTC (rev 17613)
@@ -1,3 +1,85 @@
+CVE-2012-0020
+ RESERVED
+CVE-2012-0019
+ RESERVED
+CVE-2012-0018
+ RESERVED
+CVE-2012-0017
+ RESERVED
+CVE-2012-0016
+ RESERVED
+CVE-2012-0015
+ RESERVED
+CVE-2012-0014
+ RESERVED
+CVE-2012-0013
+ RESERVED
+CVE-2012-0012
+ RESERVED
+CVE-2012-0011
+ RESERVED
+CVE-2012-0010
+ RESERVED
+CVE-2012-0009
+ RESERVED
+CVE-2012-0008
+ RESERVED
+CVE-2012-0007
+ RESERVED
+CVE-2012-0006
+ RESERVED
+CVE-2012-0005
+ RESERVED
+CVE-2012-0004
+ RESERVED
+CVE-2012-0003
+ RESERVED
+CVE-2012-0002
+ RESERVED
+CVE-2012-0001
+ RESERVED
+CVE-2011-4436 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+ TODO: check
+CVE-2011-4435 (The web-server component in the Consolidation and Analysis
Engine ...)
+ TODO: check
+CVE-2011-4434 (Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold
and SP1 ...)
+ TODO: check
+CVE-2011-4433
+ RESERVED
+CVE-2011-4432 (www/include/configuration/nconfigObject/contact/DB-Func.php in
...)
+ TODO: check
+CVE-2011-4431 (Directory traversal vulnerability in main.php in Merethis
Centreon ...)
+ TODO: check
+CVE-2011-4430
+ RESERVED
+CVE-2011-4429
+ RESERVED
+CVE-2011-4428
+ RESERVED
+CVE-2011-4427
+ RESERVED
+CVE-2011-4426
+ RESERVED
+CVE-2011-4425
+ RESERVED
+CVE-2011-4424
+ RESERVED
+CVE-2011-4423
+ RESERVED
+CVE-2011-4422
+ RESERVED
+CVE-2011-4421
+ RESERVED
+CVE-2011-4420
+ RESERVED
+CVE-2011-4419
+ RESERVED
+CVE-2011-4418
+ RESERVED
+CVE-2011-4417
+ RESERVED
+CVE-2011-4416
+ RESERVED
CVE-2011-4415 (The ap_pregsub function in server/util.c in the Apache HTTP
Server ...)
- apache2 <unfixed>
CVE-2011-4414
@@ -1036,12 +1118,12 @@
RESERVED
CVE-2011-4049
RESERVED
-CVE-2011-4048
- RESERVED
-CVE-2011-4047
- RESERVED
-CVE-2011-4046
- RESERVED
+CVE-2011-4048 (The Dell KACE K2000 System Deployment Appliance has a default
username ...)
+ TODO: check
+CVE-2011-4047 (The Dell KACE K2000 System Deployment Appliance allows remote
...)
+ TODO: check
+CVE-2011-4046 (The Dell KACE K2000 System Deployment Appliance stores the
recovery ...)
+ TODO: check
CVE-2011-4045
RESERVED
CVE-2011-4044
@@ -1345,12 +1427,12 @@
RESERVED
CVE-2011-4000 (Buffer overflow in ChaSen 2.4.x allows remote attackers to
execute ...)
- chasen <unfixed> (medium; bug #648359)
-CVE-2011-3999
- RESERVED
-CVE-2011-3998
- RESERVED
-CVE-2011-3997
- RESERVED
+CVE-2011-3999 (Cross-site scripting (XSS) vulnerability in the RSS/Atom
feed-reader ...)
+ TODO: check
+CVE-2011-3998 (Cross-site scripting (XSS) vulnerability in Apple WebObjects
5.2 and ...)
+ TODO: check
+CVE-2011-3997 (Opengear console servers with firmware before 2.2.1 allow
remote ...)
+ TODO: check
CVE-2011-3996 (The LiveData Service in CSWorks before 2.0.4115.1 allows remote
...)
NOT-FOR-US: CSWorks
CVE-2011-3995 (Unspecified vulnerability in Twilight Frontier Touhou Hisouten
1.06 ...)
@@ -1373,8 +1455,8 @@
NOT-FOR-US: DAEMON Tools
CVE-2011-3986 (Cross-site scripting (XSS) vulnerability in Pligg before 1.2.0
allows ...)
NOT-FOR-US: Pligg
-CVE-2011-3985
- RESERVED
+CVE-2011-3985 (Cross-site scripting (XSS) vulnerability in Plume before 1.2.3
allows ...)
+ TODO: check
CVE-2011-3984 (Cross-site scripting (XSS) vulnerability in KENT-WEB WEB FORUM
5.1 and ...)
NOT-FOR-US: KENT-WEB WEB FORUM
CVE-2011-3983 (Cross-site scripting (XSS) vulnerability in KENT-WEB WEB FORUM
5.1 and ...)
@@ -1595,20 +1677,20 @@
RESERVED
CVE-2011-3899
RESERVED
-CVE-2011-3898
- RESERVED
-CVE-2011-3897
- RESERVED
-CVE-2011-3896
- RESERVED
-CVE-2011-3895
- RESERVED
-CVE-2011-3894
- RESERVED
-CVE-2011-3893
- RESERVED
-CVE-2011-3892
- RESERVED
+CVE-2011-3898 (Google Chrome before 15.0.874.120, when Java Runtime
Environment (JRE) ...)
+ TODO: check
+CVE-2011-3897 (Use-after-free vulnerability in Google Chrome before
15.0.874.120 ...)
+ TODO: check
+CVE-2011-3896 (Buffer overflow in Google Chrome before 15.0.874.120 allows
remote ...)
+ TODO: check
+CVE-2011-3895 (Heap-based buffer overflow in the Vorbis decoder in Google
Chrome ...)
+ TODO: check
+CVE-2011-3894 (Google Chrome before 15.0.874.120 does not properly perform VP8
...)
+ TODO: check
+CVE-2011-3893 (Google Chrome before 15.0.874.120 does not properly implement
the MKV ...)
+ TODO: check
+CVE-2011-3892 (Double free vulnerability in the Theora decoder in Google
Chrome ...)
+ TODO: check
CVE-2011-3891 (Google Chrome before 15.0.874.102 does not properly restrict
access to ...)
- chromium-browser 15.0.874.106~r107270-1
- webkit <undetermined>
@@ -2735,14 +2817,14 @@
RESERVED
CVE-2011-3443
RESERVED
-CVE-2011-3442
- RESERVED
-CVE-2011-3441
- RESERVED
-CVE-2011-3440
- RESERVED
-CVE-2011-3439
- RESERVED
+CVE-2011-3442 (The kernel in Apple iOS before 5.0.1 does not ensure the
validity of ...)
+ TODO: check
+CVE-2011-3441 (libinfo in Apple iOS before 5.0.1 does not properly formulate
...)
+ TODO: check
+CVE-2011-3440 (The Passcode Lock feature in Apple iOS before 5.0.1 on the iPad
2 does ...)
+ TODO: check
+CVE-2011-3439 (FreeType in CoreGraphics in Apple iOS before 5.0.1 allows
remote ...)
+ TODO: check
CVE-2011-3438
RESERVED
CVE-2011-3437 (Integer signedness error in Apple Type Services (ATS) in Apple
Mac OS ...)
@@ -2948,8 +3030,8 @@
[lenny] - rpm <no-dsa> (rpm isn't used a a package manager, very
limited attack vector)
CVE-2011-3377
RESERVED
-CVE-2011-3376
- RESERVED
+CVE-2011-3376 (org/apache/catalina/core/DefaultInstanceManager.java in Apache
Tomcat ...)
+ TODO: check
CVE-2011-3375
RESERVED
CVE-2011-3374 [apt-key insecure validation]
@@ -3293,7 +3375,7 @@
NOT-FOR-US: Apple QuickTime
CVE-2011-3247 (Integer overflow in Apple QuickTime before 7.7.1 on Windows
allows ...)
NOT-FOR-US: Apple QuickTime
-CVE-2011-3246 (CFNetwork in Apple iOS before 5 and Mac OS X 10.7 before 10.7.2
does ...)
+CVE-2011-3246 (CFNetwork in Apple iOS before 5.0.1 and Mac OS X 10.7 before
10.7.2 ...)
NOT-FOR-US: Apple iOS
CVE-2011-3245 (The Keyboards component in Apple iOS before 5 displays the
final ...)
NOT-FOR-US: Apple iOS
@@ -4838,10 +4920,10 @@
RESERVED
CVE-2011-2741
RESERVED
-CVE-2011-2740
- RESERVED
-CVE-2011-2739
- RESERVED
+CVE-2011-2740 (EMC RSA Key Manager (RKM) Appliance 2.7 SP1 before 2.7.1.6,
when ...)
+ TODO: check
+CVE-2011-2739 (The file-blocking feature in EMC Documentum eRoom 7.3.x and
7.4.x ...)
+ TODO: check
CVE-2011-2738 (Multiple unspecified vulnerabilities in Cisco Unified Service
Monitor ...)
NOT-FOR-US: Cisco Unified Service Monitor, CiscoWorks LAN Management
Solution
CVE-2011-2737 (RSA enVision 3.x and 4.x before 4 SP4 P3 allows remote
attackers to ...)
@@ -5594,38 +5676,27 @@
RESERVED
CVE-2011-2461
RESERVED
-CVE-2011-2460
- RESERVED
+CVE-2011-2460 (Adobe Flash Player before 10.3.183.11 and 11.x before
11.1.102.55 on ...)
NOT-FOR-US: Adobe Flash Player
-CVE-2011-2459
- RESERVED
+CVE-2011-2459 (Adobe Flash Player before 10.3.183.11 and 11.x before
11.1.102.55 on ...)
NOT-FOR-US: Adobe Flash Player
-CVE-2011-2458
- RESERVED
+CVE-2011-2458 (Adobe Flash Player before 10.3.183.11 and 11.x before
11.1.102.55 on ...)
NOT-FOR-US: Adobe Flash Player
-CVE-2011-2457
- RESERVED
+CVE-2011-2457 (Stack-based buffer overflow in Adobe Flash Player before
10.3.183.11 ...)
NOT-FOR-US: Adobe Flash Player
-CVE-2011-2456
- RESERVED
+CVE-2011-2456 (Buffer overflow in Adobe Flash Player before 10.3.183.11 and
11.x ...)
NOT-FOR-US: Adobe Flash Player
-CVE-2011-2455
- RESERVED
+CVE-2011-2455 (Adobe Flash Player before 10.3.183.11 and 11.x before
11.1.102.55 on ...)
NOT-FOR-US: Adobe Flash Player
-CVE-2011-2454
- RESERVED
+CVE-2011-2454 (Adobe Flash Player before 10.3.183.11 and 11.x before
11.1.102.55 on ...)
NOT-FOR-US: Adobe Flash Player
-CVE-2011-2453
- RESERVED
+CVE-2011-2453 (Adobe Flash Player before 10.3.183.11 and 11.x before
11.1.102.55 on ...)
NOT-FOR-US: Adobe Flash Player
-CVE-2011-2452
- RESERVED
+CVE-2011-2452 (Adobe Flash Player before 10.3.183.11 and 11.x before
11.1.102.55 on ...)
NOT-FOR-US: Adobe Flash Player
-CVE-2011-2451
- RESERVED
+CVE-2011-2451 (Adobe Flash Player before 10.3.183.11 and 11.x before
11.1.102.55 on ...)
NOT-FOR-US: Adobe Flash Player
-CVE-2011-2450
- RESERVED
+CVE-2011-2450 (Adobe Flash Player before 10.3.183.11 and 11.x before
11.1.102.55 on ...)
NOT-FOR-US: Adobe Flash Player
CVE-2011-2449 (The TextXtra module in Adobe Shockwave Player before 11.6.3.633
allows ...)
TODO: check
@@ -5635,8 +5706,7 @@
TODO: check
CVE-2011-2446 (The DIRapi library in Adobe Shockwave Player before 11.6.3.633
allows ...)
TODO: check
-CVE-2011-2445
- RESERVED
+CVE-2011-2445 (Adobe Flash Player before 10.3.183.11 and 11.x before
11.1.102.55 on ...)
NOT-FOR-US: Adobe Flash Player
CVE-2011-2444 (Cross-site scripting (XSS) vulnerability in Adobe Flash Player
before ...)
NOT-FOR-US: Adobe Flash Player
@@ -8710,12 +8780,12 @@
RESERVED
CVE-2011-1376
RESERVED
-CVE-2011-1375
- RESERVED
+CVE-2011-1375 (IBM AIX 6.1 and 7.1 does not restrict the wpar_limits_config
and ...)
+ TODO: check
CVE-2011-1374
RESERVED
-CVE-2011-1373
- RESERVED
+CVE-2011-1373 (Unspecified vulnerability in IBM DB2 9.7 before FP5 on UNIX,
when the ...)
+ TODO: check
CVE-2011-1372
RESERVED
CVE-2011-1371 (Cross-site scripting (XSS) vulnerability in content/error.jsp
in IBM ...)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
