[Secure-testing-commits] r16543 - data/CVE

Joey Hess Mon, 18 Apr 2011 14:16:37 -0700

Author: joeyh
Date: 2011-04-18 21:15:26 +0000 (Mon, 18 Apr 2011)
New Revision: 16543


Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2011-04-18 21:03:15 UTC (rev 16542)
+++ data/CVE/list       2011-04-18 21:15:26 UTC (rev 16543)
@@ -1,3 +1,47 @@
+CVE-2011-1713 (Microsoft msxml.dll, as used in Internet Explorer 8 on Windows 
7, ...)
+       TODO: check
+CVE-2011-1712 (The txXPathNodeUtils::getXSLTId function in ...)
+       TODO: check
+CVE-2011-1711
+       RESERVED
+CVE-2011-1710
+       RESERVED
+CVE-2011-1709
+       RESERVED
+CVE-2011-1708
+       RESERVED
+CVE-2011-1707
+       RESERVED
+CVE-2011-1706
+       RESERVED
+CVE-2011-1705
+       RESERVED
+CVE-2011-1704
+       RESERVED
+CVE-2011-1703
+       RESERVED
+CVE-2011-1702
+       RESERVED
+CVE-2011-1701
+       RESERVED
+CVE-2011-1700
+       RESERVED
+CVE-2011-1699
+       RESERVED
+CVE-2011-1698
+       RESERVED
+CVE-2011-1697
+       RESERVED
+CVE-2011-1696
+       RESERVED
+CVE-2011-1695
+       RESERVED
+CVE-2011-1694
+       RESERVED
+CVE-2011-1693
+       RESERVED
+CVE-2011-1692
+       RESERVED
 CVE-2011-XXXX [mediawiki XSS specific to IE6]
        - mediawiki <unfixed> 
 CVE-2011-XXXX [mediawiki CSS validation error]
@@ -102,12 +146,12 @@
        RESERVED
 CVE-2011-1656
        RESERVED
-CVE-2011-1655
-       RESERVED
-CVE-2011-1654
-       RESERVED
-CVE-2011-1653
-       RESERVED
+CVE-2011-1655 (The management.asmx module in the Management Web Service in the 
...)
+       TODO: check
+CVE-2011-1654 (Directory traversal vulnerability in the Heartbeat Web Service 
in ...)
+       TODO: check
+CVE-2011-1653 (Multiple SQL injection vulnerabilities in the Unified Network 
Control ...)
+       TODO: check
 CVE-2011-1652 (** DISPUTED ** The default configuration of Microsoft Windows 7 
...)
        NOT-FOR-US: Microsoft Windows 7
 CVE-2010-4784 (Multiple SQL injection vulnerabilities in member.php in PHP Web 
...)
@@ -745,6 +789,7 @@
 CVE-2011-1426
        RESERVED
 CVE-2011-1425 (xslt.c in XML Security Library (aka xmlsec) before 1.2.17, as 
used in ...)
+       {DSA-2219-1}
        - xmlsec1 1.2.14-1.1 (bug #620560)
        NOTE: http://www.aleksey.com/xmlsec/news.html
 CVE-2011-1424
@@ -914,7 +959,7 @@
        NOT-FOR-US: Internet Explorer
 CVE-2011-1345 (Microsoft Internet Explorer 6, 7, and 8 does not properly 
handle ...)
        NOT-FOR-US: Internet Explorer
-CVE-2011-1344 (Unspecified vulnerability in WebKit, as used in Apple Safari 
before ...)
+CVE-2011-1344 (Use-after-free vulnerability in WebKit, as used in Apple Safari 
before ...)
        - chromium-browser <undetermined>
        - webkit <undetermined>
 CVE-2011-1343 (SQL injection vulnerability in the Web GUI in IBM Tivoli ...)
@@ -1005,16 +1050,14 @@
        RESERVED
 CVE-2011-1303
        RESERVED
-CVE-2011-1302
-       RESERVED
+CVE-2011-1302 (Heap-based buffer overflow in the GPU process in Google Chrome 
before ...)
        - chromium-browser 10.0.648.205~r81283-1
        - webkit <undetermined>
-CVE-2011-1301
-       RESERVED
+CVE-2011-1301 (Use-after-free vulnerability in the GPU process in Google 
Chrome ...)
        - chromium-browser 10.0.648.205~r81283-1
        - webkit <undetermined>
-CVE-2011-1300
-       RESERVED
+CVE-2011-1300 (The GPU process in Google Chrome before 10.0.648.205 on Windows 
allows ...)
+       TODO: check
 CVE-2011-1299
        RESERVED
 CVE-2011-1298
@@ -2278,7 +2321,7 @@
        NOT-FOR-US: HP Network Node Manager
 CVE-2011-0896 (Unspecified vulnerability in HP NFS/ONCplus B.11.31.10 and 
earlier on ...)
        NOT-FOR-US: HP-UX
-CVE-2011-0895 (Unspecified vulnerability in HP Network Node Manager i (NNMi) 
9.0x ...)
+CVE-2011-0895 (Unspecified vulnerability in HP Network Node Manager i (NNMi) 
9.0x and ...)
        NOT-FOR-US: HP Network Node Manager
 CVE-2011-0894 (Unspecified vulnerability in HP Operations 9.10 on UNIX 
platforms ...)
        NOT-FOR-US: HP Operations
@@ -3065,7 +3108,7 @@
        RESERVED
 CVE-2011-0612
        RESERVED
-CVE-2011-0611 (Unspecified vulnerability in Adobe Flash Player 10.2.154.25 and 
...)
+CVE-2011-0611 (Adobe Flash Player 10.2.153.1 and earlier for Windows, 
Macintosh, ...)
        NOT-FOR-US: Adobe Flash Player / Acrobat Reader
 CVE-2011-0610
        RESERVED
@@ -4315,8 +4358,8 @@
        RESERVED
 CVE-2011-0196
        RESERVED
-CVE-2011-0195
-       RESERVED
+CVE-2011-0195 (The generate-id XPath function in libxslt in Apple iOS 4.3.x 
before ...)
+       TODO: check
 CVE-2011-0194 (Integer overflow in ImageIO in Apple Mac OS X 10.6 before 
10.6.7 ...)
        NOT-FOR-US: Apple Mac OS
 CVE-2011-0193 (Multiple buffer overflows in Image RAW in Apple Mac OS X before 
10.6.7 ...)
@@ -4324,7 +4367,7 @@
 CVE-2011-0192 (Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly 
other ...)
        {DSA-2210-1}
        - tiff 3.9.4-7
-CVE-2011-0191 (Buffer overflow in LibTIFF in ImageIO in Apple iTunes before 
10.2 on ...)
+CVE-2011-0191 (Buffer overflow in LibTIFF 3.9.4 and possibly other versions, 
as used ...)
        {DSA-2210-1}
        - tiff 3.9.4-1
        NOTE: This might've been fixed earlier even
@@ -4584,7 +4627,7 @@
        RESERVED
 CVE-2011-0099
        RESERVED
-CVE-2011-0098 (Heap-based buffer overflow in Microsoft Excel 2002 SP3, 2003 
SP3, 2007 ...)
+CVE-2011-0098 (Integer signedness error in Microsoft Excel 2002 SP3, 2003 SP3, 
2007 ...)
        NOT-FOR-US: Microsoft Excel
 CVE-2011-0097 (Integer overflow in Microsoft Excel 2002 SP3, 2003 SP3, 2007 
SP2, and ...)
        NOT-FOR-US: Microsoft Excel


_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r16543 - data/CVE

Reply via email to