Author: jmm
Date: 2011-09-30 05:49:31 +0000 (Fri, 30 Sep 2011)
New Revision: 17335
Modified:
data/CVE/list
Log:
one mozilla issue CVEfied
another one is duped
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2011-09-29 21:14:22 UTC (rev 17334)
+++ data/CVE/list 2011-09-30 05:49:31 UTC (rev 17335)
@@ -1,7 +1,11 @@
CVE-2011-3867 (Integer underflow in Mozilla Firefox 3.6.x before 3.6.23 allows
remote ...)
- TODO: check
+ NOTE: Duplicate of CVE-2011-2998, contacted MITRE and oss-sec for
revocation
CVE-2011-3866 (Mozilla Firefox before 7.0 and SeaMonkey before 2.4 do not
properly ...)
- TODO: check
+ - xulrunner <not-affected> (Only affects Firefox >= 4)
+ - iceweasel 7.0-1
+ [lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
+ [squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
+ - iceape <not-affected> (Only affects Firefox >= 4)
CVE-2011-3865 (Cross-site scripting (XSS) vulnerability in the
Black-LetterHead theme ...)
TODO: check
CVE-2011-3864 (Cross-site scripting (XSS) vulnerability in the The Erudite
theme ...)
@@ -103,13 +107,6 @@
TODO: check
CVE-2010-4842 (SQL injection vulnerability in admin/login.php in MHP
DownloadScript ...)
TODO: check
-CVE-2011-XXXX [http://www.mozilla.org/security/announce/2011/mfsa2011-45.html]
- - xulrunner <not-affected> (Only affects Firefox >= 4)
- - iceweasel 7.0-1
- [lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
- [squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
- - iceape <not-affected> (Only affects Firefox >= 4)
- TODO: Request CVE ID on oss-sec
CVE-2011-3826 (Zikula 1.2.4 allows remote attackers to obtain sensitive
information ...)
TODO: check
CVE-2011-3825 (Zend Framework 1.11.3 in Zend Server CE 5.1.0 allows remote
attackers ...)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
