Author: joeyh
Date: 2011-03-23 21:14:58 +0000 (Wed, 23 Mar 2011)
New Revision: 16423
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2011-03-23 16:32:06 UTC (rev 16422)
+++ data/CVE/list 2011-03-23 21:14:58 UTC (rev 16423)
@@ -1,3 +1,89 @@
+CVE-2011-1506 (The STARTTLS implementation in Kerio Connect 7.1.4 build 2985
and ...)
+ TODO: check
+CVE-2011-1505 (Unspecified vulnerability in IBM Lotus Quickr 8.1 before
8.1.0.27 ...)
+ TODO: check
+CVE-2011-1504
+ RESERVED
+CVE-2011-1503
+ RESERVED
+CVE-2011-1502
+ RESERVED
+CVE-2011-1501
+ RESERVED
+CVE-2011-1500
+ RESERVED
+CVE-2011-1499
+ RESERVED
+CVE-2011-1498
+ RESERVED
+CVE-2011-1497
+ RESERVED
+CVE-2011-1496
+ RESERVED
+CVE-2011-1495
+ RESERVED
+CVE-2011-1494
+ RESERVED
+CVE-2011-1493
+ RESERVED
+CVE-2011-1492
+ RESERVED
+CVE-2011-1491
+ RESERVED
+CVE-2011-1490
+ RESERVED
+CVE-2011-1489
+ RESERVED
+CVE-2011-1488
+ RESERVED
+CVE-2011-1487
+ RESERVED
+CVE-2011-1486
+ RESERVED
+CVE-2011-1485
+ RESERVED
+CVE-2011-1484
+ RESERVED
+CVE-2011-1483
+ RESERVED
+CVE-2011-1482
+ RESERVED
+CVE-2011-1481
+ RESERVED
+CVE-2011-1480
+ RESERVED
+CVE-2011-1479
+ RESERVED
+CVE-2011-1478
+ RESERVED
+CVE-2011-1477
+ RESERVED
+CVE-2011-1476
+ RESERVED
+CVE-2011-1475
+ RESERVED
+CVE-2011-1474
+ RESERVED
+CVE-2011-1473
+ RESERVED
+CVE-2011-1472
+ RESERVED
+CVE-2009-5062 (IBM Lotus Quickr 8.1 before 8.1.0.15 services for Lotus Domino
on AIX ...)
+ TODO: check
+CVE-2009-5061 (Unspecified vulnerability in IBM Lotus Quickr 8.1 before
8.1.0.14 ...)
+ TODO: check
+CVE-2009-5060 (Unspecified vulnerability in IBM Lotus Quickr 8.1 before
8.1.0.11 ...)
+ TODO: check
+CVE-2009-5059 (Unspecified vulnerability in IBM Lotus Quickr 8.1 before
8.1.0.10 ...)
+ TODO: check
+CVE-2009-5058 (Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.5
...)
+ TODO: check
+CVE-2008-7286 (IBM Lotus Quickr 8.1 before 8.1.0.2 services for Lotus Domino
does not ...)
+ TODO: check
+CVE-2008-7285 (Unspecified vulnerability in the docnote string handling ...)
+ TODO: check
+CVE-2008-7284 (IBM Lotus Quickr 8.1 before 8100.003 services for Lotus Domino
allows ...)
+ TODO: check
CVE-2011-1471 (Integer signedness error in zip_stream.c in the Zip extension in
PHP ...)
- php5 5.3.6-1
CVE-2011-1470 (The Zip extension in PHP before 5.3.6 allows context-dependent
...)
@@ -160,7 +246,7 @@
TODO: check
CVE-2011-1418 (The stateless address autoconfiguration (aka SLAAC)
functionality in ...)
TODO: check
-CVE-2011-1417 (Unspecified vulnerability in MobileSafari in Apple iOS 4.2.1 on
the ...)
+CVE-2011-1417 (QuickLook, as used in Apple Mac OS X before 10.6.7 and
MobileSafari in ...)
TODO: check
CVE-2011-1416 (The Research In Motion (RIM) BlackBerry Torch 9800 with firmware
...)
TODO: check
@@ -168,8 +254,8 @@
REJECTED
CVE-2010-4757 (Cross-site scripting (XSS) vulnerability in submitnews.php in
e107 ...)
TODO: check
-CVE-2011-1414
- RESERVED
+CVE-2011-1414 (Cross-site scripting (XSS) vulnerability in the tibbr web
server, as ...)
+ TODO: check
CVE-2011-1413 (Google Chrome before 10.0.648.127 on Linux does not properly
mitigate ...)
- chromium-browser 10.0.648.127~r76697-1
[squeeze] - chromium-browser <not-affected>
@@ -1233,8 +1319,7 @@
- linux-2.6 <unfixed>
[squeeze] - linux-2.6 <not-affected> (Introduced in 2.6.35)
[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.35)
-CVE-2011-1022 [failure to verify netlink messages]
- RESERVED
+CVE-2011-1022 (The cgre_receive_netlink_msg function in daemon/cgrulesengd.c in
...)
{DSA-2193-1}
- libcgroup <unfixed> (bug #615987)
CVE-2011-1021
@@ -1290,8 +1375,7 @@
CVE-2011-1007 (Best Practical Solutions RT before 3.8.9 does not perform
certain ...)
- request-tracker3.6 <removed>
- request-tracker3.8 <unfixed>
-CVE-2011-1006 [cgroup privilege escalation]
- RESERVED
+CVE-2011-1006 (Heap-based buffer overflow in the parse_cgroup_spec function in
...)
{DSA-2193-1}
- libcgroup <unfixed>
CVE-2011-1005 (The safe-level feature in Ruby 1.8.6 through 1.8.6-420, 1.8.7
through ...)
@@ -1925,8 +2009,8 @@
RESERVED
CVE-2011-0760
RESERVED
-CVE-2011-0759
- RESERVED
+CVE-2011-0759 (Multiple cross-site request forgery (CSRF) vulnerabilities in
the ...)
+ TODO: check
CVE-2010-4727 (Smarty before 3.0.0 beta 7 does not properly handle the
<?php and ?> ...)
- smarty3 <unfixed>
- smarty <unfixed>
@@ -3062,8 +3146,8 @@
RESERVED
CVE-2011-0332 (Integer overflow in Foxit Reader before 4.3.1.0218 and Foxit
Phantom ...)
NOT-FOR-US: Foxit Reader
-CVE-2011-0331
- RESERVED
+CVE-2011-0331 (Use-after-free vulnerability in the addOSPLext method in the
Honeywell ...)
+ TODO: check
CVE-2011-0330 (The Dell DellSystemLite.Scanner ActiveX control in
DellSystemLite.ocx ...)
NOT-FOR-US: Dell System Lite
CVE-2011-0329 (Directory traversal vulnerability in the GetData method in the
Dell ...)
@@ -3605,53 +3689,53 @@
RESERVED
CVE-2011-0195
RESERVED
-CVE-2011-0194
- RESERVED
-CVE-2011-0193
- RESERVED
+CVE-2011-0194 (Integer overflow in ImageIO in Apple Mac OS X 10.6 before 10.6.7
...)
+ TODO: check
+CVE-2011-0193 (Multiple buffer overflows in Image RAW in Apple Mac OS X before
10.6.7 ...)
+ TODO: check
CVE-2011-0192 (Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly
other ...)
- tiff 3.9.4-7
CVE-2011-0191 (Buffer overflow in LibTIFF in ImageIO in Apple iTunes before
10.2 on ...)
- tiff 3.9.4-1
NOTE: This might''ve been fixed earlier even
-CVE-2011-0190
- RESERVED
-CVE-2011-0189
- RESERVED
-CVE-2011-0188
- RESERVED
-CVE-2011-0187
- RESERVED
-CVE-2011-0186
- RESERVED
+CVE-2011-0190 (Install Helper in Installer in Apple Mac OS X before 10.6.7 does
not ...)
+ TODO: check
+CVE-2011-0189 (The default configuration of Terminal in Apple Mac OS X 10.6
before ...)
+ TODO: check
+CVE-2011-0188 (The VpMemAlloc function in bigdecimal.c in the BigDecimal class
in ...)
+ TODO: check
+CVE-2011-0187 (The plug-in in QuickTime in Apple Mac OS X before 10.6.7 allows
remote ...)
+ TODO: check
+CVE-2011-0186 (QuickTime in Apple Mac OS X before 10.6.7 allows remote
attackers to ...)
+ TODO: check
CVE-2011-0185
RESERVED
-CVE-2011-0184
- RESERVED
-CVE-2011-0183
- RESERVED
-CVE-2011-0182
- RESERVED
-CVE-2011-0181
- RESERVED
-CVE-2011-0180
- RESERVED
-CVE-2011-0179
- RESERVED
-CVE-2011-0178
- RESERVED
-CVE-2011-0177
- RESERVED
-CVE-2011-0176
- RESERVED
-CVE-2011-0175
- RESERVED
-CVE-2011-0174
- RESERVED
-CVE-2011-0173
- RESERVED
-CVE-2011-0172
- RESERVED
+CVE-2011-0184 (QuickLook in Apple Mac OS X 10.6 before 10.6.7 allows remote
attackers ...)
+ TODO: check
+CVE-2011-0183 (Libinfo in Apple Mac OS X before 10.6.7 does not properly handle
an ...)
+ TODO: check
+CVE-2011-0182 (The i386_set_ldt system call in the kernel in Apple Mac OS X
before ...)
+ TODO: check
+CVE-2011-0181 (Integer overflow in ImageIO in Apple Mac OS X before 10.6.7
allows ...)
+ TODO: check
+CVE-2011-0180 (Integer overflow in HFS in Apple Mac OS X before 10.6.7 allows
local ...)
+ TODO: check
+CVE-2011-0179 (CoreText in Apple Mac OS X before 10.6.7 allows remote attackers
to ...)
+ TODO: check
+CVE-2011-0178 (The FSFindFolder API in CarbonCore in Apple Mac OS X before
10.6.7 ...)
+ TODO: check
+CVE-2011-0177 (Multiple buffer overflows in Apple Type Services (ATS) in Apple
Mac OS ...)
+ TODO: check
+CVE-2011-0176 (Multiple buffer overflows in Apple Type Services (ATS) in Apple
Mac OS ...)
+ TODO: check
+CVE-2011-0175 (Multiple buffer overflows in Apple Type Services (ATS) in Apple
Mac OS ...)
+ TODO: check
+CVE-2011-0174 (Heap-based buffer overflow in Apple Type Services (ATS) in Apple
Mac ...)
+ TODO: check
+CVE-2011-0173 (Multiple format string vulnerabilities in AppleScript in Apple
Mac OS ...)
+ TODO: check
+CVE-2011-0172 (AirPort in Apple Mac OS X 10.6 before 10.6.7 allows remote
attackers ...)
+ TODO: check
CVE-2011-0171
RESERVED
CVE-2011-0170 (Heap-based buffer overflow in ImageIO in CoreGraphics in Apple
iTunes ...)
@@ -5196,8 +5280,8 @@
NOT-FOR-US: Camtron, TecVoz
CVE-2010-4229
RESERVED
-CVE-2010-4228
- RESERVED
+CVE-2010-4228 (Stack-based buffer overflow in NWFTPD.NLM before 5.10.02 in the
FTP ...)
+ TODO: check
CVE-2010-4227 (The xdrDecodeString function in XNFS.NLM in Novell Netware 6.5
before ...)
NOT-FOR-US: Novell Netware
CVE-2010-4226