Author: joeyh
Date: 2011-02-11 21:18:31 +0000 (Fri, 11 Feb 2011)
New Revision: 16109
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2011-02-11 20:23:33 UTC (rev 16108)
+++ data/CVE/list 2011-02-11 21:18:31 UTC (rev 16109)
@@ -1,3 +1,427 @@
+CVE-2011-0985 (Google Chrome before 9.0.597.94 does not properly perform
process ...)
+ TODO: check
+CVE-2011-0984 (Google Chrome before 9.0.597.94 does not properly handle
plug-ins, ...)
+ TODO: check
+CVE-2011-0983 (Google Chrome before 9.0.597.94 does not properly handle
anonymous ...)
+ TODO: check
+CVE-2011-0982 (Use-after-free vulnerability in Google Chrome before 9.0.597.94
allows ...)
+ TODO: check
+CVE-2011-0981 (Google Chrome before 9.0.597.94 does not properly perform event
...)
+ TODO: check
+CVE-2011-0980 (Microsoft Office Excel 2003 does not properly parse Office Art
...)
+ TODO: check
+CVE-2011-0979 (Microsoft Office Excel does not properly handle errors during
the ...)
+ TODO: check
+CVE-2011-0978 (Stack-based buffer overflow in Microsoft Office Excel allows
remote ...)
+ TODO: check
+CVE-2011-0977 (Use-after-free vulnerability in Microsoft Excel 2007 allows
remote ...)
+ TODO: check
+CVE-2011-0976 (Microsoft Office PowerPoint 2007 does not properly handle
Office Art ...)
+ TODO: check
+CVE-2011-0975 (Stack-based buffer overflow in BMC PATROL Agent Service Daemon
for in ...)
+ TODO: check
+CVE-2011-0974
+ RESERVED
+CVE-2011-0973
+ RESERVED
+CVE-2011-0972
+ RESERVED
+CVE-2011-0971
+ RESERVED
+CVE-2011-0970
+ RESERVED
+CVE-2011-0969
+ RESERVED
+CVE-2011-0968
+ RESERVED
+CVE-2011-0967
+ RESERVED
+CVE-2011-0966
+ RESERVED
+CVE-2011-0965
+ RESERVED
+CVE-2011-0964
+ RESERVED
+CVE-2011-0963
+ RESERVED
+CVE-2011-0962
+ RESERVED
+CVE-2011-0961
+ RESERVED
+CVE-2011-0960
+ RESERVED
+CVE-2011-0959
+ RESERVED
+CVE-2011-0958
+ RESERVED
+CVE-2011-0957
+ RESERVED
+CVE-2011-0956
+ RESERVED
+CVE-2011-0955
+ RESERVED
+CVE-2011-0954
+ RESERVED
+CVE-2011-0953
+ RESERVED
+CVE-2011-0952
+ RESERVED
+CVE-2011-0951
+ RESERVED
+CVE-2011-0950
+ RESERVED
+CVE-2011-0949
+ RESERVED
+CVE-2011-0948
+ RESERVED
+CVE-2011-0947
+ RESERVED
+CVE-2011-0946
+ RESERVED
+CVE-2011-0945
+ RESERVED
+CVE-2011-0944
+ RESERVED
+CVE-2011-0943
+ RESERVED
+CVE-2011-0942
+ RESERVED
+CVE-2011-0941
+ RESERVED
+CVE-2011-0940
+ RESERVED
+CVE-2011-0939
+ RESERVED
+CVE-2011-0938
+ RESERVED
+CVE-2011-0937
+ RESERVED
+CVE-2011-0936
+ RESERVED
+CVE-2011-0935
+ RESERVED
+CVE-2011-0934
+ RESERVED
+CVE-2011-0933
+ RESERVED
+CVE-2011-0932
+ RESERVED
+CVE-2011-0931
+ RESERVED
+CVE-2011-0930
+ RESERVED
+CVE-2011-0929
+ RESERVED
+CVE-2011-0928
+ RESERVED
+CVE-2011-0927
+ RESERVED
+CVE-2011-0926
+ RESERVED
+CVE-2011-0925
+ RESERVED
+CVE-2011-0924 (The client in HP Data Protector does not verify the contents of
files ...)
+ TODO: check
+CVE-2011-0923 (The client in HP Data Protector does not properly validate
EXEC_CMD ...)
+ TODO: check
+CVE-2011-0922 (The client in HP Data Protector allows remote attackers to
execute ...)
+ TODO: check
+CVE-2011-0921 (crs.exe in the Cell Manager Service in the client in HP Data
Protector ...)
+ TODO: check
+CVE-2011-0920 (The Remote Console in IBM Lotus Domino, when a certain
unsupported ...)
+ TODO: check
+CVE-2011-0919 (Multiple stack-based buffer overflows in the (1) POP3 and (2)
IMAP ...)
+ TODO: check
+CVE-2011-0918 (Stack-based buffer overflow in the NRouter (aka Router) service
in IBM ...)
+ TODO: check
+CVE-2011-0917 (Buffer overflow in nLDAP.exe in IBM Lotus Domino allows remote
...)
+ TODO: check
+CVE-2011-0916 (Stack-based buffer overflow in the SMTP service in IBM Lotus
Domino ...)
+ TODO: check
+CVE-2011-0915 (Stack-based buffer overflow in nrouter.exe in IBM Lotus Domino
before ...)
+ TODO: check
+CVE-2011-0914 (Integer signedness error in ndiiop.exe in the DIIOP
implementation in ...)
+ TODO: check
+CVE-2011-0913 (Stack-based buffer overflow in ndiiop.exe in the DIIOP
implementation ...)
+ TODO: check
+CVE-2011-0912 (IBM Lotus Notes 8.0.x before 8.0.2 FP6 and 8.5.x before 8.5.1
FP5 ...)
+ TODO: check
+CVE-2011-0911 (Cross-site scripting (XSS) vulnerability in the Users module in
Zikula ...)
+ TODO: check
+CVE-2011-0910 (The cookie implementation in Vanilla Forums before 2.0.17.6
makes it ...)
+ TODO: check
+CVE-2011-0909 (Cross-site scripting (XSS) vulnerability in Vanilla Forums
before ...)
+ TODO: check
+CVE-2011-0908 (Open redirect vulnerability in Vanilla Forums before 2.0.17.6
allows ...)
+ TODO: check
+CVE-2011-0907
+ RESERVED
+CVE-2011-0906
+ RESERVED
+CVE-2011-0905
+ RESERVED
+CVE-2011-0904
+ RESERVED
+CVE-2011-0903 (Multiple directory traversal vulnerabilities in AR Web Content
Manager ...)
+ TODO: check
+CVE-2011-0902 (Multiple untrusted search path vulnerabilities in the Java
Service in ...)
+ TODO: check
+CVE-2011-0901 (Multiple stack-based buffer overflows in the tsc_launch_remote
...)
+ TODO: check
+CVE-2011-0900 (Stack-based buffer overflow in the tsc_launch_remote function
...)
+ TODO: check
+CVE-2011-0899 (The AES encryption module 7.x-1.4 for Drupal leaves certain
debugging ...)
+ TODO: check
+CVE-2011-0898
+ RESERVED
+CVE-2011-0897
+ RESERVED
+CVE-2011-0896
+ RESERVED
+CVE-2011-0895
+ RESERVED
+CVE-2011-0894
+ RESERVED
+CVE-2011-0893
+ RESERVED
+CVE-2011-0892
+ RESERVED
+CVE-2011-0891
+ RESERVED
+CVE-2011-0890
+ RESERVED
+CVE-2011-0889
+ RESERVED
+CVE-2011-0888
+ RESERVED
+CVE-2011-0887 (The web management portal on the SMC SMCD3G-CCR (aka Comcast
Business ...)
+ TODO: check
+CVE-2011-0886 (Multiple cross-site request forgery (CSRF) vulnerabilities in
the web ...)
+ TODO: check
+CVE-2011-0885 (A certain Comcast Business Gateway configuration of the SMC
SMCD3G-CCR ...)
+ TODO: check
+CVE-2011-0884
+ RESERVED
+CVE-2011-0883
+ RESERVED
+CVE-2011-0882
+ RESERVED
+CVE-2011-0881
+ RESERVED
+CVE-2011-0880
+ RESERVED
+CVE-2011-0879
+ RESERVED
+CVE-2011-0878
+ RESERVED
+CVE-2011-0877
+ RESERVED
+CVE-2011-0876
+ RESERVED
+CVE-2011-0875
+ RESERVED
+CVE-2011-0874
+ RESERVED
+CVE-2011-0873
+ RESERVED
+CVE-2011-0872
+ RESERVED
+CVE-2011-0871
+ RESERVED
+CVE-2011-0870
+ RESERVED
+CVE-2011-0869
+ RESERVED
+CVE-2011-0868
+ RESERVED
+CVE-2011-0867
+ RESERVED
+CVE-2011-0866
+ RESERVED
+CVE-2011-0865
+ RESERVED
+CVE-2011-0864
+ RESERVED
+CVE-2011-0863
+ RESERVED
+CVE-2011-0862
+ RESERVED
+CVE-2011-0861
+ RESERVED
+CVE-2011-0860
+ RESERVED
+CVE-2011-0859
+ RESERVED
+CVE-2011-0858
+ RESERVED
+CVE-2011-0857
+ RESERVED
+CVE-2011-0856
+ RESERVED
+CVE-2011-0855
+ RESERVED
+CVE-2011-0854
+ RESERVED
+CVE-2011-0853
+ RESERVED
+CVE-2011-0852
+ RESERVED
+CVE-2011-0851
+ RESERVED
+CVE-2011-0850
+ RESERVED
+CVE-2011-0849
+ RESERVED
+CVE-2011-0848
+ RESERVED
+CVE-2011-0847
+ RESERVED
+CVE-2011-0846
+ RESERVED
+CVE-2011-0845
+ RESERVED
+CVE-2011-0844
+ RESERVED
+CVE-2011-0843
+ RESERVED
+CVE-2011-0842
+ RESERVED
+CVE-2011-0841
+ RESERVED
+CVE-2011-0840
+ RESERVED
+CVE-2011-0839
+ RESERVED
+CVE-2011-0838
+ RESERVED
+CVE-2011-0837
+ RESERVED
+CVE-2011-0836
+ RESERVED
+CVE-2011-0835
+ RESERVED
+CVE-2011-0834
+ RESERVED
+CVE-2011-0833
+ RESERVED
+CVE-2011-0832
+ RESERVED
+CVE-2011-0831
+ RESERVED
+CVE-2011-0830
+ RESERVED
+CVE-2011-0829
+ RESERVED
+CVE-2011-0828
+ RESERVED
+CVE-2011-0827
+ RESERVED
+CVE-2011-0826
+ RESERVED
+CVE-2011-0825
+ RESERVED
+CVE-2011-0824
+ RESERVED
+CVE-2011-0823
+ RESERVED
+CVE-2011-0822
+ RESERVED
+CVE-2011-0821
+ RESERVED
+CVE-2011-0820
+ RESERVED
+CVE-2011-0819
+ RESERVED
+CVE-2011-0818
+ RESERVED
+CVE-2011-0817
+ RESERVED
+CVE-2011-0816
+ RESERVED
+CVE-2011-0815
+ RESERVED
+CVE-2011-0814
+ RESERVED
+CVE-2011-0813
+ RESERVED
+CVE-2011-0812
+ RESERVED
+CVE-2011-0811
+ RESERVED
+CVE-2011-0810
+ RESERVED
+CVE-2011-0809
+ RESERVED
+CVE-2011-0808
+ RESERVED
+CVE-2011-0807
+ RESERVED
+CVE-2011-0806
+ RESERVED
+CVE-2011-0805
+ RESERVED
+CVE-2011-0804
+ RESERVED
+CVE-2011-0803
+ RESERVED
+CVE-2011-0802
+ RESERVED
+CVE-2011-0801
+ RESERVED
+CVE-2011-0800
+ RESERVED
+CVE-2011-0799
+ RESERVED
+CVE-2011-0798
+ RESERVED
+CVE-2011-0797
+ RESERVED
+CVE-2011-0796
+ RESERVED
+CVE-2011-0795
+ RESERVED
+CVE-2011-0794
+ RESERVED
+CVE-2011-0793
+ RESERVED
+CVE-2011-0792
+ RESERVED
+CVE-2011-0791
+ RESERVED
+CVE-2011-0790
+ RESERVED
+CVE-2011-0789
+ RESERVED
+CVE-2011-0788
+ RESERVED
+CVE-2011-0787
+ RESERVED
+CVE-2011-0786
+ RESERVED
+CVE-2011-0785
+ RESERVED
+CVE-2011-0784 (Race condition in Google Chrome before 9.0.597.84 allows remote
...)
+ TODO: check
+CVE-2011-0783 (Unspecified vulnerability in Google Chrome before 9.0.597.84
allows ...)
+ TODO: check
+CVE-2011-0782 (Google Chrome before 9.0.597.84 on Mac OS X does not properly
mitigate ...)
+ TODO: check
+CVE-2011-0781 (Google Chrome before 9.0.597.84 does not properly handle
autofill ...)
+ TODO: check
+CVE-2011-0780 (The PDF event handler in Google Chrome before 9.0.597.84 does
not ...)
+ TODO: check
+CVE-2011-0779 (Google Chrome before 9.0.597.84 does not properly handle a
missing key ...)
+ TODO: check
+CVE-2011-0778 (Google Chrome before 9.0.597.84 does not properly restrict drag
and ...)
+ TODO: check
+CVE-2011-0777 (Use-after-free vulnerability in Google Chrome before 9.0.597.84
allows ...)
+ TODO: check
+CVE-2011-0776 (The sandbox implementation in Google Chrome before 9.0.597.84
on Mac ...)
+ TODO: check
+CVE-2010-4729 (Zikula before 1.2.3 does not use the authid protection
mechanism for ...)
+ TODO: check
+CVE-2010-4728 (Zikula before 1.3.1 uses the rand and srand PHP functions for
random ...)
+ TODO: check
CVE-2011-XXXX [evince segfault]
- evince <unfixed> (bug #612668)
TODO: check
@@ -99,8 +523,8 @@
- smarty3 <unfixed>
- smarty <unfixed>
TODO: check
-CVE-2011-0758
- RESERVED
+CVE-2011-0758 (The CA ETrust Secure Content Manager Common Services Transport
...)
+ TODO: check
CVE-2011-0757 (IBM DB2 9.1 before FP10, 9.5 before FP6a, and 9.7 before FP2 on
Linux, ...)
NOT-FOR-US: IBM DB2
CVE-2011-0756
@@ -363,8 +787,8 @@
NOT-FOR-US: TIBCO Rendezvous
CVE-2011-0648
RESERVED
-CVE-2011-0647
- RESERVED
+CVE-2011-0647 (The irccd.exe service in EMC Replication Manager Client before
5.3 and ...)
+ TODO: check
CVE-2011-0646 (SQL injection vulnerability in viewfaqs.php in PHP LOW BIDS
allows ...)
NOT-FOR-US: PHPLOWBIDS
CVE-2011-0645 (SQL injection vulnerability in data.php in PHPCMS 2008 V2
allows ...)
@@ -469,127 +893,114 @@
RESERVED
CVE-2011-0609
RESERVED
-CVE-2011-0608
- RESERVED
+CVE-2011-0608 (Adobe Flash Player before 10.2.152.26 allows attackers to
execute ...)
NOT-FOR-US: Adobe Flash Player
-CVE-2011-0607
- RESERVED
+CVE-2011-0607 (Adobe Flash Player before 10.2.152.26 allows attackers to
execute ...)
NOT-FOR-US: Adobe Flash Player
-CVE-2011-0606
- RESERVED
-CVE-2011-0605
- RESERVED
-CVE-2011-0604
- RESERVED
-CVE-2011-0603
- RESERVED
-CVE-2011-0602
- RESERVED
+CVE-2011-0606 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2,
and 8.x ...)
+ TODO: check
+CVE-2011-0605 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2,
and 8.x ...)
+ TODO: check
+CVE-2011-0604 (Cross-site scripting (XSS) vulnerability in Adobe Reader and
Acrobat ...)
+ TODO: check
+CVE-2011-0603 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2,
and 8.x ...)
+ TODO: check
+CVE-2011-0602 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2,
and 8.x ...)
+ TODO: check
CVE-2011-0601
RESERVED
-CVE-2011-0600
- RESERVED
-CVE-2011-0599
- RESERVED
-CVE-2011-0598
- RESERVED
+CVE-2011-0600 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2,
and 8.x ...)
+ TODO: check
+CVE-2011-0599 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2,
and 8.x ...)
+ TODO: check
+CVE-2011-0598 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2,
and 8.x ...)
+ TODO: check
CVE-2011-0597
RESERVED
-CVE-2011-0596
- RESERVED
-CVE-2011-0595
- RESERVED
-CVE-2011-0594
- RESERVED
-CVE-2011-0593
- RESERVED
-CVE-2011-0592
- RESERVED
-CVE-2011-0591
- RESERVED
-CVE-2011-0590
- RESERVED
-CVE-2011-0589
- RESERVED
-CVE-2011-0588
- RESERVED
-CVE-2011-0587
- RESERVED
-CVE-2011-0586
- RESERVED
-CVE-2011-0585
- RESERVED
-CVE-2011-0584
- RESERVED
-CVE-2011-0583
- RESERVED
-CVE-2011-0582
- RESERVED
-CVE-2011-0581
- RESERVED
-CVE-2011-0580
- RESERVED
+CVE-2011-0596 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2,
and 8.x ...)
+ TODO: check
+CVE-2011-0595 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2,
and 8.x ...)
+ TODO: check
+CVE-2011-0594 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2,
and 8.x ...)
+ TODO: check
+CVE-2011-0593 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2,
and 8.x ...)
+ TODO: check
+CVE-2011-0592 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2,
and 8.x ...)
+ TODO: check
+CVE-2011-0591 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2,
and 8.x ...)
+ TODO: check
+CVE-2011-0590 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2,
and 8.x ...)
+ TODO: check
+CVE-2011-0589 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2,
and 8.x ...)
+ TODO: check
+CVE-2011-0588 (Untrusted search path vulnerability in Adobe Reader and Acrobat
10.x ...)
+ TODO: check
+CVE-2011-0587 (Cross-site scripting (XSS) vulnerability in Adobe Reader and
Acrobat ...)
+ TODO: check
+CVE-2011-0586 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2,
and 8.x ...)
+ TODO: check
+CVE-2011-0585 (Unspecified vulnerability in Adobe Reader and Acrobat 10.x
before ...)
+ TODO: check
+CVE-2011-0584 (Session fixation vulnerability in Adobe ColdFusion 8.0 through
9.0.1 ...)
+ TODO: check
+CVE-2011-0583 (Cross-site scripting (XSS) vulnerability in Adobe ColdFusion
8.0 ...)
+ TODO: check
+CVE-2011-0582 (Unspecified vulnerability in the administrator console in Adobe
...)
+ TODO: check
+CVE-2011-0581 (Multiple CRLF injection vulnerabilities in Adobe ColdFusion 8.0
...)
+ TODO: check
+CVE-2011-0580 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+ TODO: check
CVE-2011-0579
RESERVED
-CVE-2011-0578
- RESERVED
+CVE-2011-0578 (Adobe Flash Player before 10.2.152.26 allows attackers to
execute ...)
NOT-FOR-US: Adobe Flash Player
-CVE-2011-0577
- RESERVED
+CVE-2011-0577 (Unspecified vulnerability in Adobe Flash Player before
10.2.152.26 ...)
NOT-FOR-US: Adobe Flash Player
CVE-2011-0576
RESERVED
-CVE-2011-0575
- RESERVED
+CVE-2011-0575 (Untrusted search path vulnerability in Adobe Flash Player
before ...)
NOT-FOR-US: Adobe Flash Player
-CVE-2011-0574
- RESERVED
+CVE-2011-0574 (Adobe Flash Player before 10.2.152.26 allows attackers to
execute ...)
NOT-FOR-US: Adobe Flash Player
-CVE-2011-0573
- RESERVED
+CVE-2011-0573 (Adobe Flash Player before 10.2.152.26 allows attackers to
execute ...)
NOT-FOR-US: Adobe Flash Player
-CVE-2011-0572
- RESERVED
+CVE-2011-0572 (Adobe Flash Player before 10.2.152.26 allows attackers to
execute ...)
NOT-FOR-US: Adobe Flash Player
-CVE-2011-0571
- RESERVED
+CVE-2011-0571 (Adobe Flash Player before 10.2.152.26 allows attackers to
execute ...)
NOT-FOR-US: Adobe Flash Player
-CVE-2011-0570
- RESERVED
-CVE-2011-0569
- RESERVED
-CVE-2011-0568
- RESERVED
-CVE-2011-0567
- RESERVED
-CVE-2011-0566
- RESERVED
-CVE-2011-0565
- RESERVED
-CVE-2011-0564
- RESERVED
-CVE-2011-0563
- RESERVED
-CVE-2011-0562
- RESERVED
-CVE-2011-0561
- RESERVED
+CVE-2011-0570 (Untrusted search path vulnerability in Adobe Reader and Acrobat
10.x ...)
+ TODO: check
+CVE-2011-0569 (The Font Xtra.x32 module in Adobe Shockwave Player before
11.5.9.620 ...)
+ TODO: check
+CVE-2011-0568 (Unspecified vulnerability in Adobe Reader and Acrobat 10.x
before ...)
+ TODO: check
+CVE-2011-0567 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2,
and 8.x ...)
+ TODO: check
+CVE-2011-0566 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2,
and 8.x ...)
+ TODO: check
+CVE-2011-0565 (Unspecified vulnerability in Adobe Reader and Acrobat 10.x
before ...)
+ TODO: check
+CVE-2011-0564 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2,
and 8.x ...)
+ TODO: check
+CVE-2011-0563 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2,
and 8.x ...)
+ TODO: check
+CVE-2011-0562 (Untrusted search path vulnerability in Adobe Reader and Acrobat
10.x ...)
+ TODO: check
+CVE-2011-0561 (Adobe Flash Player before 10.2.152.26 allows attackers to
execute ...)
NOT-FOR-US: Adobe Flash Player
-CVE-2011-0560
- RESERVED
+CVE-2011-0560 (Adobe Flash Player before 10.2.152.26 allows attackers to
execute ...)
NOT-FOR-US: Adobe Flash Player
-CVE-2011-0559
- RESERVED
+CVE-2011-0559 (Adobe Flash Player before 10.2.152.26 allows attackers to
execute ...)
NOT-FOR-US: Adobe Flash Player
-CVE-2011-0558
- RESERVED
+CVE-2011-0558 (Integer overflow in Adobe Flash Player before 10.2.152.26
allows ...)
NOT-FOR-US: Adobe Flash Player
-CVE-2011-0557
- RESERVED
-CVE-2011-0556
- RESERVED
-CVE-2011-0555
- RESERVED
+CVE-2011-0557 (Integer overflow in Adobe Shockwave Player before 11.5.9.620
allows ...)
+ TODO: check
+CVE-2011-0556 (The Font Xtra.x32 module in Adobe Shockwave Player before
11.5.9.620 ...)
+ TODO: check
+CVE-2011-0555 (Adobe Shockwave Player before 11.5.9.620 allows attackers to
execute ...)
+ TODO: check
CVE-2011-0554
RESERVED
CVE-2011-0553
@@ -620,23 +1031,21 @@
RESERVED
CVE-2011-0540
RESERVED
-CVE-2011-0539 [Legacy certificates stack disclosure]
- RESERVED
+CVE-2011-0539 (The key_certify function in usr.bin/ssh/key.c in OpenSSH 5.6
and 5.7, ...)
- openssh 1:5.8p1-2
[squeeze] - openssh <not-affected> (Only affects OpenSSH 5.6 and 5.7)
[lenny] - openssh <not-affected> (Only affects OpenSSH 5.6 and 5.7)
-CVE-2011-0538
- RESERVED
+CVE-2011-0538 (Wireshark 1.5.0, 1.4.3, and earlier frees an uninitialized
pointer ...)
+ TODO: check
CVE-2011-0537 (Multiple directory traversal vulnerabilities in (1) ...)
- mediawiki <unfixed> (bug #611787)
CVE-2011-0536 [CVE-2010-3847 opens new vulnerability]
RESERVED
- eglibc <unfixed> (bug #600667)
- glibc <removed>
-CVE-2011-0535
- RESERVED
-CVE-2011-0534 [remote DoS via NIO connector]
- RESERVED
+CVE-2011-0535 (Cross-site request forgery (CSRF) vulnerability in the Users
module in ...)
+ TODO: check
+CVE-2011-0534 (Apache Tomcat 7.0.0 through 7.0.6 and 6.0.0 through 6.0.30 does
not ...)
- tomcat5.5 <not-affected> (Vulnerable code not present)
- tomcat6 6.0.28-10
[lenny] - tomcat6 <not-affected> (Only ships the servlet package)
@@ -644,8 +1053,7 @@
RESERVED
CVE-2011-0532
RESERVED
-CVE-2011-0531 [vlc mkv memory corruption]
- RESERVED
+CVE-2011-0531 (demux/mkv/mkv.hpp in the MKV demuxer plugin in VideoLAN VLC
media ...)
- vlc 1.1.7-1 (medium)
CVE-2011-0530
RESERVED
@@ -659,8 +1067,8 @@
[lenny] - puppet <not-affected> (Only affects 2.6.x)
CVE-2011-0527
RESERVED
-CVE-2011-0526
- RESERVED
+CVE-2011-0526 (Cross-site scripting (XSS) vulnerability in index.php in
Vanilla ...)
+ TODO: check
CVE-2011-0525
RESERVED
CVE-2011-0524
@@ -1143,10 +1551,10 @@
RESERVED
CVE-2011-0325
RESERVED
-CVE-2011-0324
- RESERVED
-CVE-2011-0323
- RESERVED
+CVE-2011-0324 (Multiple heap-based buffer overflows in Topaz Systems SigPlus
Pro ...)
+ TODO: check
+CVE-2011-0323 (Topaz Systems SigPlus Pro ActiveX Control 3.95, and possibly
other ...)
+ TODO: check
CVE-2011-0322
RESERVED
CVE-2011-0321 (librpc.dll in nsrexecd in EMC NetWorker before 7.5 SP4, 7.5.3.x
before ...)
@@ -1305,18 +1713,15 @@
RESERVED
CVE-2011-0284
RESERVED
-CVE-2011-0283 [http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2011-002.txt
#3]
- RESERVED
+CVE-2011-0283 (The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5)
1.9 ...)
- krb5 <unfixed> (low)
[etch] - krb5 <not-affected> (Only affects 1.9.x)
[lenny] - krb5 <not-affected> (Only affects 1.9.x)
[squeeze] - krb5 <not-affected> (Only affects 1.9.x)
[sid] - krb5 <not-affected> (Only affects 1.9.x)
-CVE-2011-0282 [http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2011-002.txt
#2]
- RESERVED
+CVE-2011-0282 (The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5)
1.6.x ...)
- krb5 <unfixed>
-CVE-2011-0281 [http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2011-002.txt
#1]
- RESERVED
+CVE-2011-0281 (The unparse implementation in the Key Distribution Center (KDC)
in MIT ...)
- krb5 <unfixed>
CVE-2010-4668 (The blk_rq_map_user_iov function in block/blk-map.c in the
Linux ...)
{DSA-2153-1}
@@ -1499,8 +1904,8 @@
RESERVED
CVE-2011-0278
RESERVED
-CVE-2011-0277
- RESERVED
+CVE-2011-0277 (Cross-site request forgery (CSRF) vulnerability in HP Power
Manager ...)
+ TODO: check
CVE-2011-0276 (HP OpenView Performance Insight Server 5.2, 5.3, 5.31, 5.4, and
5.41 ...)
NOT-FOR-US: HP OpenView Performance Insight Server
CVE-2011-0275 (Unspecified vulnerability in HP OpenView Storage Data Protector
6.0, ...)
@@ -1891,22 +2296,22 @@
RESERVED
CVE-2011-0094
RESERVED
-CVE-2011-0093
- RESERVED
-CVE-2011-0092
- RESERVED
-CVE-2011-0091
- RESERVED
-CVE-2011-0090
- RESERVED
-CVE-2011-0089
- RESERVED
-CVE-2011-0088
- RESERVED
-CVE-2011-0087
- RESERVED
-CVE-2011-0086
- RESERVED
+CVE-2011-0093 (ELEMENTS.DLL in Microsoft Visio 2002 SP2, 2003 SP3, and 2007
SP2 does ...)
+ TODO: check
+CVE-2011-0092 (ORMELEMS.DLL in Microsoft Visio 2002 SP2, 2003 SP3, and 2007
SP2 does ...)
+ TODO: check
+CVE-2011-0091 (Kerberos in Microsoft Windows Server 2008 R2 and Windows 7 does
not ...)
+ TODO: check
+CVE-2011-0090 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP
SP2 and ...)
+ TODO: check
+CVE-2011-0089 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP
SP2 and ...)
+ TODO: check
+CVE-2011-0088 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP
SP2 and ...)
+ TODO: check
+CVE-2011-0087 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP
SP2 and ...)
+ TODO: check
+CVE-2011-0086 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP
SP2 and ...)
+ TODO: check
CVE-2011-0085
RESERVED
CVE-2011-0084
@@ -2129,38 +2534,38 @@
CVE-2010-XXXX [TYPO3-SA-2010-022]
- typo3-src 4.3.9+dfsg1-1 (bug #607286)
NOTE: CVE ID requested
-CVE-2011-0045
- RESERVED
+CVE-2011-0045 (The kernel in Microsoft Windows XP SP3 performs memory
allocation ...)
+ TODO: check
CVE-2011-0044
RESERVED
-CVE-2011-0043
- RESERVED
+CVE-2011-0043 (Kerberos in Microsoft Windows XP SP2 and SP3 and Server 2003
SP2 ...)
+ TODO: check
CVE-2011-0042
RESERVED
CVE-2011-0041
RESERVED
-CVE-2011-0040
- RESERVED
-CVE-2011-0039
- RESERVED
-CVE-2011-0038
- RESERVED
+CVE-2011-0040 (The server in Microsoft Active Directory on Windows Server 2003
SP2 ...)
+ TODO: check
+CVE-2011-0039 (The Local Security Authority Subsystem Service (LSASS) in
Microsoft ...)
+ TODO: check
+CVE-2011-0038 (Untrusted search path vulnerability in Microsoft Internet
Explorer 8 ...)
+ TODO: check
CVE-2011-0037
RESERVED
-CVE-2011-0036
- RESERVED
-CVE-2011-0035
- RESERVED
+CVE-2011-0036 (Microsoft Internet Explorer 6, 7, and 8 does not properly
handle ...)
+ TODO: check
+CVE-2011-0035 (Microsoft Internet Explorer 6, 7, and 8 does not properly
handle ...)
+ TODO: check
CVE-2011-0034
RESERVED
-CVE-2011-0033
- RESERVED
+CVE-2011-0033 (The OpenType Compact Font Format (CFF) driver in Microsoft
Windows XP ...)
+ TODO: check
CVE-2011-0032
RESERVED
-CVE-2011-0031
- RESERVED
-CVE-2011-0030
- RESERVED
+CVE-2011-0031 (The (1) JScript 5.8 and (2) VBScript 5.8 scripting engines in
...)
+ TODO: check
+CVE-2011-0030 (The Client/Server Run-time Subsystem (CSRSS) in Microsoft
Windows XP ...)
+ TODO: check
CVE-2011-0029
RESERVED
CVE-2011-0028
@@ -2290,8 +2695,8 @@
- cobbler <itp> (bug #545583)
CVE-2010-4507 (Multiple cross-site request forgery (CSRF) vulnerabilities on
the ...)
NOT-FOR-US: iSpot/ClearSpot hardware devices
-CVE-2010-4506
- RESERVED
+CVE-2010-4506 (Passlogix v-GO Self-Service Password Reset (SSPR) and OEM
before 7.0A ...)
+ TODO: check
CVE-2010-4505 (Multiple SQL injection vulnerabilities in login.php in Injader
2.4.4, ...)
NOT-FOR-US: Injader
CVE-2010-4504 (Multiple cross-site scripting (XSS) vulnerabilities in
eSyndiCat ...)
@@ -2305,8 +2710,7 @@
NOTE: Dupe of CVE-2010-4334
CVE-2010-4500 (Multiple SQL injection vulnerabilities in contact.php in
MRCGIGUY ...)
NOT-FOR-US: MRCGIGUY FreeTicket
-CVE-2011-0025
- RESERVED
+CVE-2011-0025 (IcedTea 1.7 before 1.7.8, 1.8 before 1.8.5, and 1.9 before
1.9.5 does ...)
- openjdk-6 6b18-1.8.5-1
CVE-2011-0024
RESERVED
@@ -2314,8 +2718,7 @@
RESERVED
CVE-2011-0022
RESERVED
-CVE-2011-0522 [VLC heap corruption in subtitle decoder]
- RESERVED
+CVE-2011-0522 (The StripTags function in (1) the USF decoder ...)
- vlc 1.1.3-1squeeze2
CVE-2011-0021 (Multiple heap-based buffer overflows in cdg.c in the CDG
decoder in ...)
- vlc 1.1.3-1squeeze2
@@ -2821,8 +3224,8 @@
- phpmyadmin 4:3.3.7-2
CVE-2010-4328
RESERVED
-CVE-2010-4327
- RESERVED
+CVE-2010-4327 (Unspecified vulnerability in the NCP service in Novell
eDirectory ...)
+ TODO: check
CVE-2010-4326 (Multiple buffer overflows in gwwww1.dll in GroupWise Internet
Agent ...)
NOT-FOR-US: Groupwise
CVE-2010-4325 (Buffer overflow in gwwww1.dll in GroupWise Internet Agent
(GWIA) in ...)
@@ -2862,10 +3265,10 @@
RESERVED
CVE-2010-4308
RESERVED
-CVE-2010-4307
- RESERVED
-CVE-2010-4306
- RESERVED
+CVE-2010-4307 (Buffer overflow in Adobe Shockwave Player before 11.5.9.620
allows ...)
+ TODO: check
+CVE-2010-4306 (Adobe Shockwave Player before 11.5.9.620 allows attackers to
execute ...)
+ TODO: check
CVE-2010-4305 (Cisco Unified Videoconferencing (UVC) System 3545, 5110, 5115,
and ...)
NOT-FOR-US: Cisco Unified Videoconferencing
CVE-2010-4304 (The web interface in Cisco Unified Videoconferencing (UVC)
System ...)
@@ -3178,26 +3581,26 @@
[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe
apps)
- chromium-browser 6.0.472.63~r59945-2
NOTE: http://trac.webkit.org/changeset/70594
-CVE-2010-4196
- RESERVED
-CVE-2010-4195
- RESERVED
-CVE-2010-4194
- RESERVED
-CVE-2010-4193
- RESERVED
-CVE-2010-4192
- RESERVED
-CVE-2010-4191
- RESERVED
-CVE-2010-4190
- RESERVED
-CVE-2010-4189
- RESERVED
-CVE-2010-4188
- RESERVED
-CVE-2010-4187
- RESERVED
+CVE-2010-4196 (The Shockwave 3d Asset module in Adobe Shockwave Player before
...)
+ TODO: check
+CVE-2010-4195 (The TextXtra module in Adobe Shockwave Player before 11.5.9.620
does ...)
+ TODO: check
+CVE-2010-4194 (The dirapi.dll module in Adobe Shockwave Player before
11.5.9.620 does ...)
+ TODO: check
+CVE-2010-4193 (Adobe Shockwave Player before 11.5.9.620 does not properly
validate ...)
+ TODO: check
+CVE-2010-4192 (Adobe Shockwave Player before 11.5.9.620 allows attackers to
execute ...)
+ TODO: check
+CVE-2010-4191 (Adobe Shockwave Player before 11.5.9.620 allows attackers to
execute ...)
+ TODO: check
+CVE-2010-4190 (Adobe Shockwave Player before 11.5.9.620 allows attackers to
execute ...)
+ TODO: check
+CVE-2010-4189 (The IML32 module in Adobe Shockwave Player before 11.5.9.620
allows ...)
+ TODO: check
+CVE-2010-4188 (The dirapi.dll module in Adobe Shockwave Player before
11.5.9.620 ...)
+ TODO: check
+CVE-2010-4187 (Adobe Shockwave Player before 11.5.9.620 allows attackers to
execute ...)
+ TODO: check
CVE-2010-4186 (SQL injection vulnerability in process.asp in OnlineTechTools
Online ...)
NOT-FOR-US: OnlineTechTools
CVE-2010-4185 (SQL injection vulnerability in index.php in Energine, possibly
2.3.8 ...)
@@ -3415,11 +3818,11 @@
NOT-FOR-US: Serengeti Systems Incorporated Robo-FTP 3.7.3
CVE-2010-4094 (The Tomcat server in IBM Rational Quality Manager and Rational
Test ...)
NOT-FOR-US: IBM Rational Quality Manager
-CVE-2010-4093
- RESERVED
+CVE-2010-4093 (Adobe Shockwave Player before 11.5.9.620 allows attackers to
execute ...)
+ TODO: check
CVE-2010-4092 (Use-after-free vulnerability in an unspecified compatibility
component ...)
NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-4091 (The EScript.api plugin in Adobe Acrobat Reader 9.4.0, 8.1.7,
and ...)
+CVE-2010-4091 (The EScript.api plugin in Adobe Reader and Acrobat 10.x before
10.0.1, ...)
NOT-FOR-US: Adobe Acrobat Reader
CVE-2010-4090 (Adobe Shockwave Player before 11.5.9.615 allows attackers to
execute ...)
NOT-FOR-US: Adobe Shockwave Player
@@ -3602,8 +4005,7 @@
NOT-FOR-US: HP Insight Control Power Management
CVE-2010-4023 (Cross-site scripting (XSS) vulnerability in HP Insight Control
Power ...)
NOT-FOR-US: HP Insight Control Power Management
-CVE-2010-4022 [http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2011-001.txt]
- RESERVED
+CVE-2010-4022 (The do_standalone function in the MIT krb5 KDC database
propagation ...)
- krb5 <unfixed> (low)
[lenny] - krb5 <not-affected> (Only affects 1.7.x onwards)
[etch] - krb5 <not-affected> (Only affects 1.7.x onwards)
@@ -3741,7 +4143,7 @@
RESERVED
CVE-2010-3973 (The WBEMSingleView.ocx ActiveX control 1.50.1131.0 in Microsoft
WMI ...)
NOT-FOR-US: Microsoft
-CVE-2010-3972 (The TELNET_STREAM_CONTEXT::OnSendData function in the FTP
protocol ...)
+CVE-2010-3972 (Heap-based buffer overflow in the
TELNET_STREAM_CONTEXT::OnSendData ...)
NOT-FOR-US: Microsoft Internet Information Services
CVE-2010-3971 (Use-after-free vulnerability in the CSharedStyleSheet::Notify
function ...)
NOT-FOR-US: Microsoft Internet Explorer 7 and 8
@@ -4435,8 +4837,7 @@
RESERVED
CVE-2010-3719 (Eval injection vulnerability in IMAdminSchedTask.asp in the ...)
NOT-FOR-US: Symantec IM Manager
-CVE-2010-3718 [security manager permission bypas]
- RESERVED
+CVE-2010-3718 (Apache Tomcat 7.0.0 through 7.0.3, 6.0.x, and 5.5.x, when
running ...)
- tomcat5.5 <removed> (low)
[lenny] - tomcat5.5 <no-dsa> (Minor issue)
- tomcat6 6.0.28-10
@@ -7558,12 +7959,12 @@
RESERVED
CVE-2010-2590 (Heap-based buffer overflow in the ...)
NOT-FOR-US: ActiveX
-CVE-2010-2589
- RESERVED
-CVE-2010-2588
- RESERVED
-CVE-2010-2587
- RESERVED
+CVE-2010-2589 (Integer overflow in the dirapi.dll module in Adobe Shockwave
Player ...)
+ TODO: check
+CVE-2010-2588 (The dirapi.dll module in Adobe Shockwave Player before
11.5.9.620 ...)
+ TODO: check
+CVE-2010-2587 (The dirapi.dll module in Adobe Shockwave Player before
11.5.9.620 ...)
+ TODO: check
CVE-2010-2586 (Multiple integer overflows in in_nsv.dll in the in_nsv plugin
in ...)
NOT-FOR-US: Winamp
CVE-2010-2585 (Multiple buffer overflows in the RealPage Module Upload ActiveX
...)
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
