Author: joeyh
Date: 2011-04-15 21:15:15 +0000 (Fri, 15 Apr 2011)
New Revision: 16531
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2011-04-14 21:15:25 UTC (rev 16530)
+++ data/CVE/list 2011-04-15 21:15:15 UTC (rev 16531)
@@ -1,3 +1,5 @@
+CVE-2011-1691 (The counterToCSSValue function in
CSSComputedStyleDeclaration.cpp in ...)
+ TODO: check
CVE-2011-1690
RESERVED
CVE-2011-1689
@@ -358,12 +360,12 @@
RESERVED
CVE-2011-1534
RESERVED
-CVE-2011-1533
- RESERVED
-CVE-2011-1532
- RESERVED
-CVE-2011-1531
- RESERVED
+CVE-2011-1533 (Cross-site scripting (XSS) vulnerability on the HP Photosmart
D110 and ...)
+ TODO: check
+CVE-2011-1532 (Unspecified vulnerability in the SNMP component on the HP
Photosmart ...)
+ TODO: check
+CVE-2011-1531 (The webscan component in the Embedded Web Server (EWS) on the
HP ...)
+ TODO: check
CVE-2011-1530
RESERVED
CVE-2011-1529
@@ -870,7 +872,7 @@
NOT-FOR-US: Internet Explorer
CVE-2011-1345 (Microsoft Internet Explorer 6, 7, and 8 does not properly
handle ...)
NOT-FOR-US: Internet Explorer
-CVE-2011-1344 (Unspecified vulnerability in WebKit, as used in Apple Safari
5.0.4 on ...)
+CVE-2011-1344 (Unspecified vulnerability in WebKit, as used in Apple Safari
before ...)
- chromium-browser <undetermined>
- webkit <undetermined>
CVE-2011-1343 (SQL injection vulnerability in the Web GUI in IBM Tivoli ...)
@@ -1189,7 +1191,7 @@
[wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
- webkit <unfixed>
NOTE: http://trac.webkit.org/changeset/79476
-CVE-2011-1202 (Unspecified vulnerability in the XSLT implementation in Google
Chrome ...)
+CVE-2011-1202 (The xsltGenerateIdFunction function in functions.c in libxslt
1.1.26 ...)
- libxslt 1.1.26-7 (bug #617413)
NOTE:
http://scarybeastsecurity.blogspot.com/2011/03/multi-browser-heap-address-leak-in-xslt.html
[squeeze] - libxslt <no-dsa> (minor issue)
@@ -2141,8 +2143,8 @@
RESERVED
CVE-2011-0936
RESERVED
-CVE-2011-0935
- RESERVED
+CVE-2011-0935 (The PKI functionality in Cisco IOS 15.0 and 15.1 does not
prevent ...)
+ TODO: check
CVE-2011-0934
RESERVED
CVE-2011-0933
@@ -2219,12 +2221,12 @@
[squeeze] - tsclient <no-dsa> (Minor issue)
CVE-2011-0899 (The AES encryption module 7.x-1.4 for Drupal leaves certain
debugging ...)
NOT-FOR-US: AES module for Drupal
-CVE-2011-0898
- RESERVED
-CVE-2011-0897
- RESERVED
-CVE-2011-0896
- RESERVED
+CVE-2011-0898 (Cross-site scripting (XSS) vulnerability in HP Network Node
Manager i ...)
+ TODO: check
+CVE-2011-0897 (Unspecified vulnerability in HP Network Node Manager i (NNMi)
9.00 ...)
+ TODO: check
+CVE-2011-0896 (Unspecified vulnerability in HP NFS/ONCplus B.11.31.10 and
earlier on ...)
+ TODO: check
CVE-2011-0895 (Unspecified vulnerability in HP Network Node Manager i (NNMi)
9.0x ...)
NOT-FOR-US: HP Network Node Manager
CVE-2011-0894 (Unspecified vulnerability in HP Operations 9.10 on UNIX
platforms ...)
@@ -3878,8 +3880,7 @@
[squeeze] - ftpcopy <no-dsa> (Minor issue)
[lenny] - ftpcopy <no-dsa> (Minor issue)
NOTE: CVE ID requested
-CVE-2011-0285 [kadmind double free]
- RESERVED
+CVE-2011-0285 (The process_chpw_request function in schpw.c in the
password-changing ...)
- krb5 <unfixed> (bug #622681)
NOTE: advisory says only 1.7 and greater are affected, but it looks to
me like the vulnerable code is in fact present in lenny's 1.6
CVE-2011-0284 (Double free vulnerability in the prepare_error_as function in
...)
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
