Author: joeyh
Date: 2011-09-22 21:14:21 +0000 (Thu, 22 Sep 2011)
New Revision: 17271
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2011-09-22 17:54:18 UTC (rev 17270)
+++ data/CVE/list 2011-09-22 21:14:21 UTC (rev 17271)
@@ -1,3 +1,131 @@
+CVE-2011-3640
+ RESERVED
+CVE-2011-3639
+ RESERVED
+CVE-2011-3638
+ RESERVED
+CVE-2011-3637
+ RESERVED
+CVE-2011-3636
+ RESERVED
+CVE-2011-3635
+ RESERVED
+CVE-2011-3634
+ RESERVED
+CVE-2011-3633
+ RESERVED
+CVE-2011-3632
+ RESERVED
+CVE-2011-3631
+ RESERVED
+CVE-2011-3630
+ RESERVED
+CVE-2011-3629
+ RESERVED
+CVE-2011-3628
+ RESERVED
+CVE-2011-3627
+ RESERVED
+CVE-2011-3626
+ RESERVED
+CVE-2011-3625
+ RESERVED
+CVE-2011-3624
+ RESERVED
+CVE-2011-3623
+ RESERVED
+CVE-2011-3622
+ RESERVED
+CVE-2011-3621
+ RESERVED
+CVE-2011-3620
+ RESERVED
+CVE-2011-3619
+ RESERVED
+CVE-2011-3618
+ RESERVED
+CVE-2011-3617
+ RESERVED
+CVE-2011-3616
+ RESERVED
+CVE-2011-3615
+ RESERVED
+CVE-2011-3614
+ RESERVED
+CVE-2011-3613
+ RESERVED
+CVE-2011-3612
+ RESERVED
+CVE-2011-3611
+ RESERVED
+CVE-2011-3610
+ RESERVED
+CVE-2011-3609
+ RESERVED
+CVE-2011-3608
+ RESERVED
+CVE-2011-3607
+ RESERVED
+CVE-2011-3606
+ RESERVED
+CVE-2011-3605
+ RESERVED
+CVE-2011-3604
+ RESERVED
+CVE-2011-3603
+ RESERVED
+CVE-2011-3602
+ RESERVED
+CVE-2011-3601
+ RESERVED
+CVE-2011-3600
+ RESERVED
+CVE-2011-3599
+ RESERVED
+CVE-2011-3598
+ RESERVED
+CVE-2011-3597
+ RESERVED
+CVE-2011-3596
+ RESERVED
+CVE-2011-3595
+ RESERVED
+CVE-2011-3594
+ RESERVED
+CVE-2011-3593
+ RESERVED
+CVE-2011-3592
+ RESERVED
+CVE-2011-3591
+ RESERVED
+CVE-2011-3590
+ RESERVED
+CVE-2011-3589
+ RESERVED
+CVE-2011-3588
+ RESERVED
+CVE-2011-3587
+ RESERVED
+CVE-2011-3586
+ RESERVED
+CVE-2011-3585
+ RESERVED
+CVE-2011-3584
+ RESERVED
+CVE-2011-3583
+ RESERVED
+CVE-2011-3582
+ RESERVED
+CVE-2011-3581
+ RESERVED
+CVE-2011-3580
+ RESERVED
+CVE-2011-3579
+ RESERVED
+CVE-2011-3578 (Cross-site scripting (XSS) vulnerability in ...)
+ TODO: check
+CVE-2004-2770
+ RESERVED
CVE-2011-3577 (IBM WebSphere Commerce 6.x through 6.0.0.11 and 7.x through
7.0.0.3 ...)
TODO: check
CVE-2011-3576 (Cross-site scripting (XSS) vulnerability in IBM Lotus Domino
8.5.2 ...)
@@ -526,17 +654,14 @@
- linux-2.6 2.6.39-1
[squeeze] - linux-2.6 2.6.32-34
[lenny] - linux-2.6 <not-affected> (b43 allocate recieve buffer is 2404
bytes, which is already larger than the upstream fix of increasing it to 2382
bytes)
-CVE-2011-3358 [XSS issues with unescaped os, os_build and platform]
- RESERVED
+CVE-2011-3358 (Multiple cross-site scripting (XSS) vulnerabilities in MantisBT
before ...)
{DSA-2308-1}
- mantis 1.2.7-1 (low; bug #640297)
[squeeze] - mantis <not-affected> (Vulnerable code not present)
-CVE-2011-3357 [LFI and XSS via bug_actiongroup_ext_page.php]
- RESERVED
+CVE-2011-3357 (Directory traversal vulnerability in
bug_actiongroup_ext_page.php in ...)
{DSA-2308-1}
- mantis 1.2.7-1 (medium; bug #640297)
-CVE-2011-3356 [XSS injection via PHP_SELF]
- RESERVED
+CVE-2011-3356 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
- mantis 1.2.7-1 (low; bug #640297)
[squeeze] - mantis <not-affected> (Vulnerable code not present)
[lenny] - mantis <not-affected> (Vulnerable code not present)
@@ -689,8 +814,8 @@
RESERVED
CVE-2011-3291
RESERVED
-CVE-2011-3290
- RESERVED
+CVE-2011-3290 (Cisco Identity Services Engine (ISE) before 1.0.4.MR2 has
default ...)
+ TODO: check
CVE-2011-3289
RESERVED
CVE-2011-3288
@@ -737,7 +862,7 @@
- php5 <undetermined>
CVE-2011-3267 (PHP before 5.3.7 does not properly implement the error_log
function, ...)
- php5 <undetermined>
-CVE-2011-3266 (The proto_tree_add_item function in Wireshark 1.6.1, when the
IKEv1 ...)
+CVE-2011-3266 (The proto_tree_add_item function in Wireshark 1.6.0 through
1.6.1 and ...)
- wireshark 1.6.2-1 (unimportant)
NOTE: no code injection, not treated as a security issue, see
README.Debian.security
CVE-2010-4830 (SQL injection vulnerability in Resumes/TD_RESUME_Indlist.asp in
Techno ...)
@@ -866,8 +991,7 @@
{DSA-2302-1}
- bcfg2 1.1.2-2 (bug #640028)
NOTE: information as reported by maintainer
-CVE-2011-3210
- RESERVED
+CVE-2011-3210 (The ephemeral ECDH ciphersuite functionality in OpenSSL 0.9.8
through ...)
- openssl 1.0.0e-1
[lenny] - openssl <no-dsa> (Minor issue)
[squeeze] - openssl <no-dsa> (Minor issue)
@@ -878,8 +1002,7 @@
- cyrus-imapd-2.4 <unfixed> (medium)
- kolab-cyrus-imapd <unfixed> (medium)
TODO: file bugs
-CVE-2011-3207 [openssl CRL verification vulnerability]
- RESERVED
+CVE-2011-3207 (crypto/x509/x509_vfy.c in OpenSSL 1.0.x before 1.0.0e does not
...)
- openssl 1.0.0e-1
[squeeze] - openssl <not-affected> (only affects 1.0.0 through 1.0.0d)
[lenny] - openssl <not-affected> (only affects 1.0.0 through 1.0.0d)
@@ -1591,13 +1714,12 @@
[lenny] - stunnel4 <not-affected> (Only 4.4x affected)
CVE-2011-2939
RESERVED
-CVE-2011-2938 [mantis XSS]
- RESERVED
+CVE-2011-2938 (Multiple cross-site scripting (XSS) vulnerabilities in
filter_api.php ...)
- mantis 1.2.6-1 (bug #638321)
[squeeze] - mantis <not-affected> (Only affects Mantis 1.1)
[lenny] - mantis <not-affected> (Only affects Mantis 1.1)
-CVE-2011-2937
- RESERVED
+CVE-2011-2937 (Cross-site scripting (XSS) vulnerability in the UI messages ...)
+ TODO: check
CVE-2011-2936
RESERVED
CVE-2011-2935
@@ -2897,8 +3019,8 @@
RESERVED
CVE-2011-2445
RESERVED
-CVE-2011-2444
- RESERVED
+CVE-2011-2444 (Cross-site scripting (XSS) vulnerability in Adobe Flash Player
before ...)
+ TODO: check
CVE-2011-2443
RESERVED
CVE-2011-2442 (Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6,
and 10.x ...)
@@ -2925,16 +3047,16 @@
NOT-FOR-US: Adobe Reader and Acrobat
CVE-2011-2431 (Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6,
and 10.x ...)
NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2430
- RESERVED
-CVE-2011-2429
- RESERVED
-CVE-2011-2428
- RESERVED
-CVE-2011-2427
- RESERVED
-CVE-2011-2426
- RESERVED
+CVE-2011-2430 (Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X,
Linux, and ...)
+ TODO: check
+CVE-2011-2429 (Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X,
Linux, and ...)
+ TODO: check
+CVE-2011-2428 (Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X,
Linux, and ...)
+ TODO: check
+CVE-2011-2427 (Stack-based buffer overflow in the ActionScript Virtual Machine
(AVM) ...)
+ TODO: check
+CVE-2011-2426 (Stack-based buffer overflow in the ActionScript Virtual Machine
(AVM) ...)
+ TODO: check
CVE-2011-2425 (Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X,
Linux, and ...)
NOT-FOR-US: Adobe Flash Player
CVE-2011-2424 (Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X,
Linux, and ...)
@@ -2961,8 +3083,8 @@
NOT-FOR-US: Adobe Flash Player
CVE-2011-2413
RESERVED
-CVE-2011-2412
- RESERVED
+CVE-2011-2412 (Unspecified vulnerability in HP Business Service Automation
(BSA) ...)
+ TODO: check
CVE-2011-2411
RESERVED
CVE-2011-2410 (Cross-site scripting (XSS) vulnerability in HP OpenView
Performance ...)
@@ -4297,8 +4419,8 @@
RESERVED
CVE-2011-1914
RESERVED
-CVE-2011-1913
- RESERVED
+CVE-2011-1913 (SQL injection vulnerability in the login form in the web
interface in ...)
+ TODO: check
CVE-2011-1912
RESERVED
CVE-2011-1911 (JasperServer in JasperReports Server Community Project 3.7.0
and 3.7.1 ...)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
