[Secure-testing-commits] r17265 - data/CVE

Joey Hess Wed, 21 Sep 2011 14:14:37 -0700

Author: joeyh
Date: 2011-09-21 21:14:23 +0000 (Wed, 21 Sep 2011)
New Revision: 17265


Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2011-09-21 15:51:34 UTC (rev 17264)
+++ data/CVE/list       2011-09-21 21:14:23 UTC (rev 17265)
@@ -1,3 +1,5 @@
+CVE-2011-3577 (IBM WebSphere Commerce 6.x through 6.0.0.11 and 7.x through 
7.0.0.3 ...)
+       TODO: check
 CVE-2011-3576 (Cross-site scripting (XSS) vulnerability in IBM Lotus Domino 
8.5.2 ...)
        TODO: check
 CVE-2011-3575 (Stack-based buffer overflow in the NSFComputeEvaluateExt 
function in ...)
@@ -335,20 +337,17 @@
        NOTE: 
https://www.djangoproject.com/weblog/2011/sep/09/security-releases-issued/
        NOTE: https://www.djangoproject.com/weblog/2011/sep/10/127/
        NOTE: CVE id requested on oss-security
-CVE-2011-3482 [Wireshark CSN.1 dissector vulnerability]
-       RESERVED
+CVE-2011-3482 (The csnStreamDissector function in 
epan/dissectors/packet-csn1.c in ...)
        - wireshark <unfixed>
        [squeeze] - wireshark <not-affected> (Affects only 1.6.0 and 1.6.1)
        [lenny] - wireshark <not-affected> (Affects only 1.6.0 and 1.6.1)
        NOTE: http://www.wireshark.org/security/wnpa-sec-2011-16.html
-CVE-2011-3483 [Wireshark buffer exception handling vulnerability]
-       RESERVED
+CVE-2011-3483 (Wireshark 1.6.x before 1.6.2 allows remote attackers to cause a 
denial ...)
        - wireshark <unfixed>
        [squeeze] - wireshark <not-affected> (Affects only 1.6.0 and 1.6.1)
        [lenny] - wireshark <not-affected> (Affects only 1.6.0 and 1.6.1)
        NOTE: http://www.wireshark.org/security/wnpa-sec-2011-14.html
-CVE-2011-3484 [Wireshark OpenSafety dissector vulnerability]
-       RESERVED
+CVE-2011-3484 (The unxorFrame function in epan/dissectors/packet-opensafety.c 
in the ...)
        - wireshark <unfixed>
        [squeeze] - wireshark <not-affected> (Affects only 1.6.0 and 1.6.1)
        [lenny] - wireshark <not-affected> (Affects only 1.6.0 and 1.6.1)
@@ -519,8 +518,7 @@
        - backuppc 3.2.1-1 (bug #641450)
        NOTE: 
http://sourceforge.net/mailarchive/forum.php?thread_name=f1f1ef74-716d-4af8-b1bf-c1ba6d9a98a1%40SC1EXHC-02.global.atheros.com&forum_name=backuppc-devel
        NOTE: 
http://backuppc.cvs.sourceforge.net/viewvc/backuppc/BackupPC/lib/BackupPC/CGI/Browse.pm?r1=1.23&r2=1.24
-CVE-2011-3360 [Wireshark Lua script execution vulnerability]
-       RESERVED
+CVE-2011-3360 (Untrusted search path vulnerability in Wireshark 1.4.x before 
1.4.9 ...)
        - wireshark <unfixed> (low)
        NOTE: http://www.wireshark.org/security/wnpa-sec-2011-15.html
 CVE-2011-3359
@@ -558,8 +556,7 @@
 CVE-2011-3349 [lightdm denial of service]
        RESERVED
        - lightdm 0.9.6-1 (bug #639151)
-CVE-2011-3348 [mod_proxy_ajp when combined with mod_proxy_balancer: DoS]
-       RESERVED
+CVE-2011-3348 (The mod_proxy_ajp module in the Apache HTTP Server before 
2.2.21, when ...)
        - apache2 <unfixed>
        [lenny] - apache2 <not-affected> (introduced in 2.2.12)
 CVE-2011-3347
@@ -1626,8 +1623,8 @@
        RESERVED
 CVE-2011-2926
        RESERVED
-CVE-2011-2925
-       RESERVED
+CVE-2011-2925 (Cumin in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 
2.0 ...)
+       TODO: check
 CVE-2011-2924
        RESERVED
 CVE-2011-2923
@@ -2337,8 +2334,8 @@
        RESERVED
 CVE-2011-2673
        RESERVED
-CVE-2011-2672
-       RESERVED
+CVE-2011-2672 (Cross-site scripting (XSS) vulnerability in SemanticScuttle 
before ...)
+       TODO: check
 CVE-2011-2671 (Unspecified vulnerability in Megalith 12th edition through 27th 
...)
        NOT-FOR-US: Megalith
 CVE-2011-2670
@@ -4298,8 +4295,8 @@
        RESERVED
 CVE-2011-1912
        RESERVED
-CVE-2011-1911
-       RESERVED
+CVE-2011-1911 (JasperServer in JasperReports Server Community Project 3.7.0 
and 3.7.1 ...)
+       TODO: check
 CVE-2011-1910 (Off-by-one error in named in ISC BIND 9.x before 9.7.3-P1, 
9.8.x ...)
        {DSA-2244-1}
        - bind9 <unfixed> (high)
@@ -5430,10 +5427,10 @@
        NOT-FOR-US: Autonomy KeyView
 CVE-2011-1511 (Unspecified vulnerability in the Oracle GlassFish Server 
component in ...)
        NOT-FOR-US: Oracle Sun Products Suite
-CVE-2011-1510
-       RESERVED
-CVE-2011-1509
-       RESERVED
+CVE-2011-1510 (Cross-site scripting (XSS) vulnerability in SolutionSearch.do 
in ...)
+       TODO: check
+CVE-2011-1509 (The encryptPassword function in Login.js in ManageEngine 
ServiceDesk ...)
+       TODO: check
 CVE-2011-1508
        RESERVED
 CVE-2011-1507 (Asterisk Open Source 1.4.x before 1.4.40.1, 1.6.1.x before 
1.6.1.25, ...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r17265 - data/CVE

Reply via email to