[Secure-testing-commits] r17758 - data/CVE

Tue, 06 Dec 2011 13:14:38 -0800 

Author: joeyh
Date: 2011-12-06 21:14:27 +0000 (Tue, 06 Dec 2011)
New Revision: 17758

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2011-12-06 21:04:42 UTC (rev 17757)
+++ data/CVE/list       2011-12-06 21:14:27 UTC (rev 17758)
@@ -1,3 +1,7 @@
+CVE-2011-4678 (The password reset feature in One Click Orgs before 1.2.3 
generates ...)
+       TODO: check
+CVE-2011-4677 (One Click Orgs before 1.2.3 does not have an off autocomplete 
...)
+       TODO: check
 CVE-2011-4676
        RESERVED
 CVE-2011-4675 (The pathname canonicalization functionality in ...)
@@ -256,14 +260,14 @@
        RESERVED
 CVE-2011-4556
        RESERVED
-CVE-2011-4555
-       RESERVED
-CVE-2011-4554
-       RESERVED
-CVE-2011-4553
-       RESERVED
-CVE-2011-4552
-       RESERVED
+CVE-2011-4555 (One Click Orgs before 1.2.3 does not require unique e-mail 
addresses ...)
+       TODO: check
+CVE-2011-4554 (One Click Orgs before 1.2.3 allows remote authenticated users 
to ...)
+       TODO: check
+CVE-2011-4553 (Multiple open redirect vulnerabilities in One Click Orgs before 
1.2.3 ...)
+       TODO: check
+CVE-2011-4552 (Multiple cross-site scripting (XSS) vulnerabilities in One 
Click Orgs ...)
+       TODO: check
 CVE-2011-4551
        RESERVED
 CVE-2011-4550
@@ -762,6 +766,7 @@
        NOT-FOR-US: Apache MyFaces
 CVE-2011-4358 [Mojarra - includeViewParameters re-evaluates param/model values 
as EL expressions]
        RESERVED
+       {DSA-2359-1}
        - mojarra 2.0.3-2 (bug #650430)
 CVE-2011-4357 [clearsilver format string issue]
        RESERVED
@@ -1499,8 +1504,7 @@
 CVE-2011-4131
        RESERVED
        - linux-2.6 <unfixed>
-CVE-2011-4130 [Response pool use-after-free memory corruption error]
-       RESERVED
+CVE-2011-4130 (Use-after-free vulnerability in the Response API in ProFTPD 
before ...)
        {DSA-2346-2 DSA-2346-1}
        - proftpd-dfsg 1.3.4~rc3-2 (high; bug #648373)
        [lenny] - proftpd-dfsg <not-affected> (vulnerable functionality not 
present)


_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to