Author: joeyh
Date: 2011-04-14 21:15:25 +0000 (Thu, 14 Apr 2011)
New Revision: 16530
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2011-04-14 09:15:02 UTC (rev 16529)
+++ data/CVE/list 2011-04-14 21:15:25 UTC (rev 16530)
@@ -1,4 +1,21 @@
+CVE-2011-1690
+ RESERVED
+CVE-2011-1689
+ RESERVED
+CVE-2011-1688
+ RESERVED
+CVE-2011-1687
+ RESERVED
+CVE-2011-1686
+ RESERVED
+CVE-2011-1685
+ RESERVED
+CVE-2011-1683 (IBM WebSphere Application Server (WAS) 6.0.x through 6.0.2.43,
6.1.x ...)
+ TODO: check
+CVE-2011-1682 (Multiple cross-site request forgery (CSRF) vulnerabilities in
phpList ...)
+ TODO: check
CVE-2011-1684 [VideoLAN-SA-1103]
+ RESERVED
{DSA-2218-1}
- vlc 1.1.8-3 (medium)
[lenny] - vlc <not-affected> (Vulnerable code not present)
@@ -449,8 +466,7 @@
RESERVED
CVE-2011-1501
RESERVED
-CVE-2011-1500
- RESERVED
+CVE-2011-1500 (PreferencesPithosDialog.py in Pithos 0.3.7 does not properly
restrict ...)
- pithos 0.3.8-1 (low)
CVE-2011-1499
RESERVED
@@ -852,7 +868,7 @@
NOT-FOR-US: Internet Explorer
CVE-2011-1346 (Unspecified vulnerability in Microsoft Internet Explorer 8 on
Windows ...)
NOT-FOR-US: Internet Explorer
-CVE-2011-1345 (Unspecified vulnerability in Microsoft Internet Explorer 8 on
Windows ...)
+CVE-2011-1345 (Microsoft Internet Explorer 6, 7, and 8 does not properly
handle ...)
NOT-FOR-US: Internet Explorer
CVE-2011-1344 (Unspecified vulnerability in WebKit, as used in Apple Safari
5.0.4 on ...)
- chromium-browser <undetermined>
@@ -1075,48 +1091,48 @@
RESERVED
CVE-2011-1246
RESERVED
-CVE-2011-1245
- RESERVED
-CVE-2011-1244
- RESERVED
-CVE-2011-1243
- RESERVED
-CVE-2011-1242
- RESERVED
-CVE-2011-1241
- RESERVED
-CVE-2011-1240
- RESERVED
-CVE-2011-1239
- RESERVED
-CVE-2011-1238
- RESERVED
-CVE-2011-1237
- RESERVED
-CVE-2011-1236
- RESERVED
-CVE-2011-1235
- RESERVED
-CVE-2011-1234
- RESERVED
-CVE-2011-1233
- RESERVED
-CVE-2011-1232
- RESERVED
-CVE-2011-1231
- RESERVED
-CVE-2011-1230
- RESERVED
-CVE-2011-1229
- RESERVED
-CVE-2011-1228
- RESERVED
-CVE-2011-1227
- RESERVED
-CVE-2011-1226
- RESERVED
-CVE-2011-1225
- RESERVED
+CVE-2011-1245 (Microsoft Internet Explorer 6 and 7 does not properly restrict
script ...)
+ TODO: check
+CVE-2011-1244 (Microsoft Internet Explorer 6, 7, and 8 does not enforce
intended ...)
+ TODO: check
+CVE-2011-1243 (The Windows Messenger ActiveX control in msgsc.dll in Microsoft
...)
+ TODO: check
+CVE-2011-1242 (Use-after-free vulnerability in win32k.sys in the kernel-mode
drivers ...)
+ TODO: check
+CVE-2011-1241 (Use-after-free vulnerability in win32k.sys in the kernel-mode
drivers ...)
+ TODO: check
+CVE-2011-1240 (Use-after-free vulnerability in win32k.sys in the kernel-mode
drivers ...)
+ TODO: check
+CVE-2011-1239 (Use-after-free vulnerability in win32k.sys in the kernel-mode
drivers ...)
+ TODO: check
+CVE-2011-1238 (Use-after-free vulnerability in win32k.sys in the kernel-mode
drivers ...)
+ TODO: check
+CVE-2011-1237 (Use-after-free vulnerability in win32k.sys in the kernel-mode
drivers ...)
+ TODO: check
+CVE-2011-1236 (Use-after-free vulnerability in win32k.sys in the kernel-mode
drivers ...)
+ TODO: check
+CVE-2011-1235 (Use-after-free vulnerability in win32k.sys in the kernel-mode
drivers ...)
+ TODO: check
+CVE-2011-1234 (Use-after-free vulnerability in win32k.sys in the kernel-mode
drivers ...)
+ TODO: check
+CVE-2011-1233 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP
SP2 and ...)
+ TODO: check
+CVE-2011-1232 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP
SP2 and ...)
+ TODO: check
+CVE-2011-1231 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP
SP2 and ...)
+ TODO: check
+CVE-2011-1230 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP
SP2 and ...)
+ TODO: check
+CVE-2011-1229 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP
SP2 and ...)
+ TODO: check
+CVE-2011-1228 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP
SP2 and ...)
+ TODO: check
+CVE-2011-1227 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP
SP2 and ...)
+ TODO: check
+CVE-2011-1226 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP
SP2 and ...)
+ TODO: check
+CVE-2011-1225 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP
SP2 and ...)
+ TODO: check
CVE-2011-XXXX [dokuwiki ACL bypass]
- dokuwiki 0.0.20101107a-1 (low)
[squeeze] - dokuwiki <no-dsa> (Minor issue)
@@ -1930,22 +1946,22 @@
- dhcp3 <not-affected> (only affects 4.2.0)
NOTE: http://thread.gmane.org/gmane.comp.security.oss.general/4820
NOTE: inrodroduced in 4.2.0 and fixed in 4.2.1
-CVE-2011-0996
- RESERVED
+CVE-2011-0996 (dhcpcd before 5.2.12 allows remote attackers to execute
arbitrary ...)
+ TODO: check
CVE-2011-0995
RESERVED
CVE-2011-0994 (Stack-based buffer overflow in NFRAgent.exe in Novell File
Reporter ...)
NOT-FOR-US: Novell File Reporter
CVE-2011-0993
RESERVED
-CVE-2011-0992
- RESERVED
-CVE-2011-0991
- RESERVED
-CVE-2011-0990
- RESERVED
-CVE-2011-0989
- RESERVED
+CVE-2011-0992 (Use-after-free vulnerability in Mono, when Moonlight 2.x before
2.4.1 ...)
+ TODO: check
+CVE-2011-0991 (Use-after-free vulnerability in Mono, when Moonlight 2.x before
2.4.1 ...)
+ TODO: check
+CVE-2011-0990 (Race condition in the FastCopy optimization in the Array.Copy
method ...)
+ TODO: check
+CVE-2011-0989 (The RuntimeHelpers.InitializeArray method in metadata/icall.c
in Mono, ...)
+ TODO: check
CVE-2011-0988
RESERVED
CVE-2010-4733 (WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP
Gateway ...)
@@ -2035,15 +2051,15 @@
[wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
- webkit <unfixed>
NOTE: http://trac.webkit.org/changeset/76708
-CVE-2011-0980 (Microsoft Office Excel 2003 does not properly parse Office Art
...)
+CVE-2011-0980 (Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for
Mac, ...)
NOT-FOR-US: Microsoft Office Excel 2003
-CVE-2011-0979 (Microsoft Office Excel does not properly handle errors during
the ...)
+CVE-2011-0979 (Microsoft Excel 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office
2004, ...)
NOT-FOR-US: Microsoft Office Excel
-CVE-2011-0978 (Stack-based buffer overflow in Microsoft Office Excel allows
remote ...)
+CVE-2011-0978 (Stack-based buffer overflow in Microsoft Excel 2002 SP3, 2003
SP3, and ...)
NOT-FOR-US: Microsoft Office Excel
-CVE-2011-0977 (Use-after-free vulnerability in Microsoft Excel 2007 allows
remote ...)
+CVE-2011-0977 (Use-after-free vulnerability in Microsoft Office XP SP3, Office
2003 ...)
NOT-FOR-US: Microsoft Office Excel
-CVE-2011-0976 (Microsoft Office PowerPoint 2007 does not properly handle
Office Art ...)
+CVE-2011-0976 (Microsoft PowerPoint 2002 SP3, 2003 SP3, and 2007 SP2; Office
2004 and ...)
NOT-FOR-US: Microsoft Office
CVE-2011-0975 (Stack-based buffer overflow in BMC PATROL Agent Service Daemon
for in ...)
NOT-FOR-US: BMC PATROL
@@ -2600,12 +2616,12 @@
RESERVED
CVE-2011-0749
RESERVED
-CVE-2011-0748
- RESERVED
+CVE-2011-0748 (Multiple cross-site request forgery (CSRF) vulnerabilities in
phpList ...)
+ TODO: check
CVE-2011-0747
RESERVED
-CVE-2011-0746
- RESERVED
+CVE-2011-0746 (Cross-site request forgery (CSRF) vulnerability in ...)
+ TODO: check
CVE-2011-0745 (SugarCRM before 6.1.3 does not properly handle reloads and
direct ...)
TODO: check
CVE-2011-0744
@@ -2820,52 +2836,52 @@
NOT-FOR-US: IBM WebSphere Portal
CVE-2011-0678 (Unrestricted file upload vulnerability in the EasyEdit module
in ...)
NOT-FOR-US: Lomtec ActiveWeb Professional
-CVE-2011-0677
- RESERVED
-CVE-2011-0676
- RESERVED
-CVE-2011-0675
- RESERVED
-CVE-2011-0674
- RESERVED
-CVE-2011-0673
- RESERVED
-CVE-2011-0672
- RESERVED
-CVE-2011-0671
- RESERVED
-CVE-2011-0670
- RESERVED
+CVE-2011-0677 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP
SP2 and ...)
+ TODO: check
+CVE-2011-0676 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP
SP2 and ...)
+ TODO: check
+CVE-2011-0675 (Use-after-free vulnerability in win32k.sys in the kernel-mode
drivers ...)
+ TODO: check
+CVE-2011-0674 (Use-after-free vulnerability in win32k.sys in the kernel-mode
drivers ...)
+ TODO: check
+CVE-2011-0673 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP
SP3 ...)
+ TODO: check
+CVE-2011-0672 (Use-after-free vulnerability in win32k.sys in the kernel-mode
drivers ...)
+ TODO: check
+CVE-2011-0671 (Use-after-free vulnerability in win32k.sys in the kernel-mode
drivers ...)
+ TODO: check
+CVE-2011-0670 (Use-after-free vulnerability in win32k.sys in the kernel-mode
drivers ...)
+ TODO: check
CVE-2011-0669
RESERVED
CVE-2011-0668
RESERVED
-CVE-2011-0667
- RESERVED
-CVE-2011-0666
- RESERVED
-CVE-2011-0665
- RESERVED
+CVE-2011-0667 (Use-after-free vulnerability in win32k.sys in the kernel-mode
drivers ...)
+ TODO: check
+CVE-2011-0666 (Use-after-free vulnerability in win32k.sys in the kernel-mode
drivers ...)
+ TODO: check
+CVE-2011-0665 (Use-after-free vulnerability in win32k.sys in the kernel-mode
drivers ...)
+ TODO: check
CVE-2011-0664
RESERVED
-CVE-2011-0663
- RESERVED
-CVE-2011-0662
- RESERVED
-CVE-2011-0661
- RESERVED
-CVE-2011-0660
- RESERVED
+CVE-2011-0663 (Multiple integer overflows in the Microsoft (1) JScript 5.6
through ...)
+ TODO: check
+CVE-2011-0662 (Use-after-free vulnerability in win32k.sys in the kernel-mode
drivers ...)
+ TODO: check
+CVE-2011-0661 (The SMB Server service in Microsoft Windows XP SP2 and SP3,
Windows ...)
+ TODO: check
+CVE-2011-0660 (The SMB client in Microsoft Windows XP SP2 and SP3, Windows
Server ...)
+ TODO: check
CVE-2011-0659
RESERVED
CVE-2011-0658
RESERVED
-CVE-2011-0657
- RESERVED
-CVE-2011-0656
- RESERVED
-CVE-2011-0655
- RESERVED
+CVE-2011-0657 (DNSAPI.dll in the DNS client in Microsoft Windows XP SP2 and
SP3, ...)
+ TODO: check
+CVE-2011-0656 (Microsoft PowerPoint 2002 SP3, 2003 SP3, 2007 SP2, and 2010;
Office ...)
+ TODO: check
+CVE-2011-0655 (Microsoft PowerPoint 2007 SP2 and 2010; Office 2004, 2008, and
2011 ...)
+ TODO: check
CVE-2011-0654 (Integer underflow in the BowserWriteErrorLogEntry function in
the ...)
NOT-FOR-US: Windows 2003
CVE-2011-0653
@@ -2988,8 +3004,7 @@
RESERVED
CVE-2011-0612
RESERVED
-CVE-2011-0611
- RESERVED
+CVE-2011-0611 (Unspecified vulnerability in Adobe Flash Player 10.2.154.25 and
...)
NOT-FOR-US: Adobe Flash Player / Acrobat Reader
CVE-2011-0610
RESERVED
@@ -4485,34 +4500,34 @@
RESERVED
CVE-2011-0108
RESERVED
-CVE-2011-0107
- RESERVED
+CVE-2011-0107 (Untrusted search path vulnerability in Microsoft Office XP SP3,
Office ...)
+ TODO: check
CVE-2011-0106
RESERVED
-CVE-2011-0105
- RESERVED
-CVE-2011-0104
- RESERVED
-CVE-2011-0103
- RESERVED
+CVE-2011-0105 (Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and
Open XML ...)
+ TODO: check
+CVE-2011-0104 (Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for
Mac, ...)
+ TODO: check
+CVE-2011-0103 (Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for
Mac, ...)
+ TODO: check
CVE-2011-0102
RESERVED
-CVE-2011-0101
- RESERVED
+CVE-2011-0101 (Microsoft Excel 2002 SP3 allows remote attackers to execute
arbitrary ...)
+ TODO: check
CVE-2011-0100
RESERVED
CVE-2011-0099
RESERVED
-CVE-2011-0098
- RESERVED
-CVE-2011-0097
- RESERVED
-CVE-2011-0096 (The MHTML implementation in Microsoft Windows XP SP2 and SP3,
Windows ...)
+CVE-2011-0098 (Heap-based buffer overflow in Microsoft Excel 2002 SP3, 2003
SP3, 2007 ...)
+ TODO: check
+CVE-2011-0097 (Integer overflow in Microsoft Excel 2002 SP3, 2003 SP3, 2007
SP2, and ...)
+ TODO: check
+CVE-2011-0096 (The MHTML protocol handler in Microsoft Windows XP SP2 and SP3,
...)
NOT-FOR-US: Microsoft mhtml
CVE-2011-0095
RESERVED
-CVE-2011-0094
- RESERVED
+CVE-2011-0094 (Microsoft Internet Explorer 6 and 7 does not properly handle
objects ...)
+ TODO: check
CVE-2011-0093 (ELEMENTS.DLL in Microsoft Visio 2002 SP2, 2003 SP3, and 2007
SP2 does ...)
NOT-FOR-US: Microsoft Visio
CVE-2011-0092 (The LZW stream decompression functionality in ORMELEMS.DLL in
...)
@@ -4822,8 +4837,8 @@
NOT-FOR-US: Microsoft Windows
CVE-2011-0042 (SBE.dll in the Stream Buffer Engine in Windows Media Player and
...)
NOT-FOR-US: Microsoft Windows
-CVE-2011-0041
- RESERVED
+CVE-2011-0041 (Integer overflow in gdiplus.dll in GDI+ in Microsoft Windows XP
SP2 ...)
+ TODO: check
CVE-2011-0040 (The server in Microsoft Active Directory on Windows Server 2003
SP2 ...)
NOT-FOR-US: Microsoft Windows
CVE-2011-0039 (The Local Security Authority Subsystem Service (LSASS) in
Microsoft ...)
@@ -4836,8 +4851,8 @@
NOT-FOR-US: Microsoft Internet Explorer
CVE-2011-0035 (Microsoft Internet Explorer 6, 7, and 8 does not properly
handle ...)
NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-0034
- RESERVED
+CVE-2011-0034 (Stack-based buffer overflow in the OpenType Compact Font Format
(aka ...)
+ TODO: check
CVE-2011-0033 (The OpenType Compact Font Format (CFF) driver in Microsoft
Windows XP ...)
NOT-FOR-US: Microsoft Windows
CVE-2011-0032 (Untrusted search path vulnerability in DirectShow in Microsoft
Windows ...)
@@ -4848,8 +4863,8 @@
NOT-FOR-US: Microsoft Windows
CVE-2011-0029 (Untrusted search path vulnerability in the client in Microsoft
Remote ...)
NOT-FOR-US: Microsoft
-CVE-2011-0028
- RESERVED
+CVE-2011-0028 (WordPad in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2
does ...)
+ TODO: check
CVE-2011-0027 (Microsoft Data Access Components (MDAC) 2.8 SP1 and SP2, and
Windows ...)
NOT-FOR-US: Microsoft Data Access Components
CVE-2011-0026 (Integer signedness error in the SQLConnectW function in an ODBC
API ...)
@@ -6508,9 +6523,9 @@
NOT-FOR-US: Adobe Flash Player
CVE-2010-3975 (Untrusted search path vulnerability in Adobe Flash Player 9
allows ...)
NOT-FOR-US: Adobe Flash Player
-CVE-2010-3974
- RESERVED
-CVE-2010-3973 (The WBEMSingleView.ocx ActiveX control 1.50.1131.0 in Microsoft
WMI ...)
+CVE-2010-3974 (fxscover.exe in the Fax Cover Page Editor in Microsoft Windows
XP SP2 ...)
+ TODO: check
+CVE-2010-3973 (The WMITools ActiveX control in WBEMSingleView.ocx 1.50.1131.0
in ...)
NOT-FOR-US: Microsoft
CVE-2010-3972 (Heap-based buffer overflow in the
TELNET_STREAM_CONTEXT::OnSendData ...)
NOT-FOR-US: Microsoft Internet Information Services
@@ -6540,8 +6555,8 @@
NOT-FOR-US: Microsoft Windows
CVE-2010-3959 (The OpenType Font (OTF) driver in Microsoft Windows XP SP2 and
SP3, ...)
NOT-FOR-US: Microsoft Windows
-CVE-2010-3958
- RESERVED
+CVE-2010-3958 (The x86 JIT compiler in Microsoft .NET Framework 2.0 SP2, 3.5
SP1, ...)
+ TODO: check
CVE-2010-3957 (Double free vulnerability in the OpenType Font (OTF) driver in
...)
NOT-FOR-US: Microsoft Windows
CVE-2010-3956 (The OpenType Font (OTF) driver in Microsoft Windows XP SP2 and
SP3, ...)
@@ -8654,7 +8669,7 @@
NOTE: Minor information leak
CVE-2010-3191 (Untrusted search path vulnerability in Adobe Captivate
5.0.0.596, and ...)
NOT-FOR-US: Adobe Captivate
-CVE-2010-3190 (Untrusted search path vulnerability in ATL MFC Trace Tool ...)
+CVE-2010-3190 (Untrusted search path vulnerability in the Microsoft Foundation
Class ...)
NOT-FOR-US: ATL MFC Trace Tool
CVE-2010-3189 (The extSetOwner function in the UfProxyBrowserCtrl ActiveX
control ...)
NOT-FOR-US: Trend Micro Internet Security Pro
@@ -15614,7 +15629,7 @@
RESERVED
CVE-2010-0812 (Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista Gold,
SP1, ...)
NOT-FOR-US: Microsoft Windows
-CVE-2010-0811 (Unspecified vulnerability in the Microsoft Internet Explorer 8
...)
+CVE-2010-0811 (Multiple unspecified vulnerabilities in the Microsoft Internet
...)
NOT-FOR-US: Microsoft
CVE-2010-0810 (The kernel in Microsoft Windows Vista Gold, SP1, and SP2, and
Windows ...)
NOT-FOR-US: Microsoft Windows
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
