thr3ads.net - Secure testing commits - [Secure-testing-commits] r16879

If this information is useful, please help other people find it:
Share via:
Joey Hess
2011-Jul-01 21:14 UTC
[Secure-testing-commits] r16879 - data/CVE

Author: joeyh
Date: 2011-07-01 21:14:18 +0000 (Fri, 01 Jul 2011)
New Revision: 16879

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2011-07-01 20:51:39 UTC (rev 16878)
+++ data/CVE/list	2011-07-01 21:14:18 UTC (rev 16879)
@@ -1,3 +1,101 @@
+CVE-2011-2641 (Opera 11.11 allows remote attackers to cause a denial of service
...)
+	TODO: check
+CVE-2011-2640 (Opera before 11.10 allows remote attackers to cause a denial of
...)
+	TODO: check
+CVE-2011-2639 (Opera before 11.10 does not properly handle hidden animated GIF
...)
+	TODO: check
+CVE-2011-2638 (Unspecified vulnerability in Opera before 11.10 allows remote
...)
+	TODO: check
+CVE-2011-2637 (Unspecified vulnerability in Opera before 11.10 allows remote
...)
+	TODO: check
+CVE-2011-2636 (Unspecified vulnerability in Opera before 11.10 allows remote
...)
+	TODO: check
+CVE-2011-2635 (The Cascading Style Sheets (CSS) implementation in Opera before
11.10 ...)
+	TODO: check
+CVE-2011-2634 (Opera before 11.10 allows remote attackers to hijack (1)
searches and ...)
+	TODO: check
+CVE-2011-2633 (Unspecified vulnerability in Opera before 11.11 allows remote
...)
+	TODO: check
+CVE-2011-2632 (Opera before 11.11 does not properly handle destruction of a
...)
+	TODO: check
+CVE-2011-2631 (The Cascading Style Sheets (CSS) implementation in Opera before
11.11 ...)
+	TODO: check
+CVE-2011-2630 (Opera before 11.11 allows user-assisted remote attackers to
cause a ...)
+	TODO: check
+CVE-2011-2629 (Unspecified vulnerability in Opera before 11.11 allows remote
...)
+	TODO: check
+CVE-2011-2628 (Opera before 11.11 does not properly implement FRAMESET
elements, ...)
+	TODO: check
+CVE-2011-2627 (Unspecified vulnerability in the DOM implementation in Opera
before ...)
+	TODO: check
+CVE-2011-2626 (Opera before 11.50 allows remote attackers to cause a denial of
...)
+	TODO: check
+CVE-2011-2625 (Opera before 11.50 allows remote attackers to cause a denial of
...)
+	TODO: check
+CVE-2011-2624 (Opera before 11.50 allows user-assisted remote attackers to
cause a ...)
+	TODO: check
+CVE-2011-2623 (Unspecified vulnerability in the SVG BiDi implementation in
Opera ...)
+	TODO: check
+CVE-2011-2622 (Unspecified vulnerability in the Web Workers implementation in
Opera ...)
+	TODO: check
+CVE-2011-2621 (Unspecified vulnerability in Opera before 11.50 allows remote
...)
+	TODO: check
+CVE-2011-2620 (Unspecified vulnerability in Opera before 11.50 allows remote
...)
+	TODO: check
+CVE-2011-2619 (Opera before 11.50 allows remote attackers to cause a denial of
...)
+	TODO: check
+CVE-2011-2618 (Opera before 11.50 allows remote attackers to cause a denial of
...)
+	TODO: check
+CVE-2011-2617 (Unspecified vulnerability in Opera before 11.50 allows remote
...)
+	TODO: check
+CVE-2011-2616 (Unspecified vulnerability in Opera before 11.50 allows remote
...)
+	TODO: check
+CVE-2011-2615 (Unspecified vulnerability in Opera before 11.50 allows remote
...)
+	TODO: check
+CVE-2011-2614 (The SVG implementation in Opera before 11.50 allows remote
attackers ...)
+	TODO: check
+CVE-2011-2613 (The Array.prototype.join method in Opera before 11.50 allows
remote ...)
+	TODO: check
+CVE-2011-2612 (Unspecified vulnerability in Opera before 11.50 allows remote
...)
+	TODO: check
+CVE-2011-2611 (Unspecified vulnerability in the printing functionality in Opera
...)
+	TODO: check
+CVE-2011-2610 (Unspecified vulnerability in Opera before 11.50 has unknown
impact and ...)
+	TODO: check
+CVE-2011-2609 (Opera before 11.50 does not properly restrict data: URIs, which
makes ...)
+	TODO: check
+CVE-2011-2608 (ovbbccb.exe 6.20.50.0 and earlier in HP OpenView Performance
Agent ...)
+	TODO: check
+CVE-2011-2607 (Cross-site scripting (XSS) vulnerability in IBM Rational Team
Concert ...)
+	TODO: check
+CVE-2011-2606 (Cross-site scripting (XSS) vulnerability in the Web UI in IBM
Rational ...)
+	TODO: check
+CVE-2011-2605 (CRLF injection vulnerability in the ...)
+	TODO: check
+CVE-2011-2604 (The Intel G41 driver 6.14.10.5355 on Windows XP SP3 allows
remote ...)
+	TODO: check
+CVE-2011-2603 (The NVIDIA 9400M driver 6.2.6 on Mac OS X 10.6.7 allows remote
...)
+	TODO: check
+CVE-2011-2602 (The NVIDIA Geforce 310 driver 6.14.12.7061 on Windows XP SP3
allows ...)
+	TODO: check
+CVE-2011-2601 (The GPU support functionality in Mac OS X does not properly
restrict ...)
+	TODO: check
+CVE-2011-2600 (The GPU support functionality in Windows XP does not properly
restrict ...)
+	TODO: check
+CVE-2011-2599 (Google Chrome 11 does not block use of a cross-domain image as a
WebGL ...)
+	TODO: check
+CVE-2011-2598 (The WebGL implementation in Mozilla Firefox 4.x allows remote
...)
+	TODO: check
+CVE-2009-5082 (The (1) configure and (2) config.guess scripts in GNU troff (aka
...)
+	TODO: check
+CVE-2009-5081 (The (1) config.guess, (2) contrib/groffer/perl/groffer.pl, and
(3) ...)
+	TODO: check
+CVE-2009-5080 (The (1) contrib/eqn2graph/eqn2graph.sh, (2) ...)
+	TODO: check
+CVE-2009-5079 (The (1) gendef.sh, (2) doc/fixinfo.sh, and (3) ...)
+	TODO: check
+CVE-2009-5078 (contrib/pdfmark/pdfroff.sh in GNU troff (aka groff) before 1.21
...)
+	TODO: check
 CVE-2011-2597
 	RESERVED
 CVE-2011-2596
@@ -192,6 +290,7 @@
 	RESERVED
 CVE-2011-2512 [qemu-kvm: OOB memory access caused by negative vq notifies]
 	RESERVED
+	{DSA-2270-1}
 	- qemu-kvm 0.14.1+dfsg-2 (bug #631975)
 	- kvm <removed>
 	[lenny] - kvm <not-affected> (Vulnerability not present)
@@ -467,14 +566,13 @@
 	RESERVED
 CVE-2011-2378
 	RESERVED
-CVE-2011-2377
-	RESERVED
+CVE-2011-2377 (Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, Thunderbird
...)
 	- xulrunner <not-affected> (Was already fixed as CVE-2010-1201 for
Firefox < 3.6)
 	- iceweasel <not-affected> (Was already fixed as CVE-2010-1201 for
Firefox < 3.6)
 	- iceape <not-affected> (Was already fixed as CVE-2010-1201 for Firefox
< 3.6)
 	- icedove 3.1.11-1
-CVE-2011-2376
-	RESERVED
+CVE-2011-2376 (Multiple unspecified vulnerabilities in the browser engine in
Mozilla ...)
+	{DSA-2269-1 DSA-2268-1}
 	- xulrunner <removed>
 	[lenny] - xulrunner 1.9.0.19-12
 	- iceweasel 3.5.19-3
@@ -482,12 +580,11 @@
 	- iceape 2.0.14-3
 	[lenny] - iceape <not-affected> (Only a stub package)
 	- icedove 3.1.11-1
-CVE-2011-2375
-	RESERVED
+CVE-2011-2375 (Multiple unspecified vulnerabilities in the browser engine in
Mozilla ...)
 	- xulrunner <not-affected> (Only affects Firefox 5.0, not yet in
unstable)
 	- iceweasel <not-affected> (Only affects Firefox 5.0, not yet in
unstable)
-CVE-2011-2374
-	RESERVED
+CVE-2011-2374 (Multiple unspecified vulnerabilities in the browser engine in
Mozilla ...)
+	{DSA-2269-1 DSA-2268-1}
 	- xulrunner <removed>
 	[lenny] - xulrunner 1.9.0.19-12
 	- iceweasel 3.5.19-3
@@ -495,8 +592,8 @@
 	- iceape 2.0.14-3
 	[lenny] - iceape <not-affected> (Only a stub package)
 	- icedove 3.1.11-1
-CVE-2011-2373
-	RESERVED
+CVE-2011-2373 (Use-after-free vulnerability in Mozilla Firefox before 3.6.18
and 4.x ...)
+	{DSA-2269-1 DSA-2268-1}
 	- xulrunner <removed>
 	- iceweasel 3.5.19-3
 	[lenny] - xulrunner 1.9.0.19-12
@@ -506,8 +603,8 @@
 	- icedove 3.1.11-1
 CVE-2011-2372
 	RESERVED
-CVE-2011-2371
-	RESERVED
+CVE-2011-2371 (Integer overflow in the Array.reduceRight method in Mozilla
Firefox ...)
+	{DSA-2269-1 DSA-2268-1}
 	- xulrunner <removed>
 	- iceweasel 3.5.19-3
 	[lenny] - xulrunner 1.9.0.19-12
@@ -515,32 +612,27 @@
 	- iceape 2.0.14-3
 	[lenny] - iceape <not-affected> (Only a stub package)
 	- icedove 3.1.11-1
-CVE-2011-2370
-	RESERVED
+CVE-2011-2370 (Mozilla Firefox before 5.0 does not properly enforce the
whitelist for ...)
 	- xulrunner <removed>
 	- iceweasel <unfixed>
 	[lenny] - iceweasel <not-affected> (Lenny''s iceweasel uses
Xulrunner from the xulrunner source pkg)
 	- iceape <unfixed>
 	[lenny] - iceape <not-affected> (Only a stub package)
 	- icedove <unfixed>
-CVE-2011-2369
-	RESERVED
+CVE-2011-2369 (Cross-site scripting (XSS) vulnerability in Mozilla Firefox 4.x
...)
 	- xulrunner <not-affected> (Only affects Firefox >= 4.0, not yet in
unstable)
 	- iceweasel <not-affected> (Only affects Firefox >= 4.0, not yet in
unstable)
-CVE-2011-2368
-	RESERVED
+CVE-2011-2368 (The WebGL implementation in Mozilla Firefox 4.x through 4.0.1
does not ...)
 	- xulrunner <not-affected> (Only affects Firefox >= 4.0, not yet in
unstable)
 	- iceweasel <not-affected> (Only affects Firefox >= 4.0, not yet in
unstable)
-CVE-2011-2367
-	RESERVED
+CVE-2011-2367 (The WebGL implementation in Mozilla Firefox 4.x through 4.0.1
does not ...)
 	- xulrunner <not-affected> (Only affects Firefox >= 4.0, not yet in
unstable)
 	- iceweasel <not-affected> (Only affects Firefox >= 4.0, not yet in
unstable)
-CVE-2011-2366
-	RESERVED
+CVE-2011-2366 (Mozilla Gecko before 5.0, as used in Firefox before 5.0 and ...)
 	- xulrunner <not-affected> (Only affects Firefox >= 4.0, not yet in
unstable)
 	- iceweasel <not-affected> (Only affects Firefox >= 4.0, not yet in
unstable)
-CVE-2011-2365
-	RESERVED
+CVE-2011-2365 (Unspecified vulnerability in the browser engine in Mozilla
Firefox ...)
+	{DSA-2269-1 DSA-2268-1}
 	- xulrunner <not-affected> (Vulnerable code not present)
 	- iceweasel 3.5.19-3
 	[lenny] - xulrunner 1.9.0.19-12
@@ -548,14 +640,13 @@
 	- iceape 2.0.14-3
 	[lenny] - iceape <not-affected> (Only a stub package)
 	- icedove 3.1.11-1
-CVE-2011-2364
-	RESERVED
+CVE-2011-2364 (Unspecified vulnerability in the browser engine in Mozilla
Firefox ...)
 	- xulrunner <not-affected> (Only affects Firefox >= 3.6)
 	- iceweasel <not-affected> (Only affects Firefox >= 3.6)
 	- iceape <not-affected> (Only affects Firefox >= 3.6)
 	- icedove 3.1.11-1
-CVE-2011-2363
-	RESERVED
+CVE-2011-2363 (Use-after-free vulnerability in the
nsSVGPointList::AppendElement ...)
+	{DSA-2269-1 DSA-2268-1}
 	- iceweasel 3.5.19-3
 	- xulrunner <removed>
 	[lenny] - xulrunner 1.9.0.19-12
@@ -563,8 +654,8 @@
 	- iceape 2.0.14-3
 	[lenny] - iceape <not-affected> (Only a stub package)
 	- icedove <unfixed>
-CVE-2011-2362
-	RESERVED
+CVE-2011-2362 (Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and
...)
+	{DSA-2269-1 DSA-2268-1}
 	- iceweasel 3.5.19-3
 	- xulrunner <removed>
 	[lenny] - xulrunner 1.9.0.19-12
@@ -889,8 +980,8 @@
 	RESERVED
 CVE-2011-2200 (The _dbus_header_byteswap function in dbus-marshal-header.c in
D-Bus ...)
 	TODO: check
-CVE-2011-2197
-	RESERVED
+CVE-2011-2197 (The cross-site scripting (XSS) prevention feature in Ruby on
Rails 2.x ...)
+	TODO: check
 CVE-2011-2196
 	RESERVED
 CVE-2011-2195
@@ -1818,10 +1909,10 @@
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=28534
 CVE-2011-1867
 	RESERVED
-CVE-2011-1866
-	RESERVED
-CVE-2011-1865
-	RESERVED
+CVE-2011-1866 (Buffer overflow in omniinet.exe in the inet service in HP
OpenView ...)
+	TODO: check
+CVE-2011-1865 (Multiple stack-based buffer overflows in the inet service in HP
...)
+	TODO: check
 CVE-2011-1864 (Unspecified vulnerability in HP OpenView Storage Data Protector
6.0, ...)
 	NOT-FOR-US: HP OpenView Storage Data Protector
 CVE-2011-1863 (HP Service Manager 7.02, 7.11, 9.20, and 9.21 and Service Center
6.2.8 ...)
@@ -2811,10 +2902,10 @@
 	RESERVED
 CVE-2011-1516
 	RESERVED
-CVE-2011-1515
-	RESERVED
-CVE-2011-1514
-	RESERVED
+CVE-2011-1515 (The inet service in HP OpenView Storage Data Protector 6.00
through ...)
+	TODO: check
+CVE-2011-1514 (The inet service in HP OpenView Storage Data Protector 6.00
through ...)
+	TODO: check
 CVE-2011-1513
 	RESERVED
 CVE-2011-1512 (Heap-based buffer overflow in xlssr.dll in Autonomy KeyView, as
used ...)
@@ -3383,8 +3474,8 @@
 	RESERVED
 CVE-2011-1338
 	RESERVED
-CVE-2011-1337
-	RESERVED
+CVE-2011-1337 (Opera before 11.50 allows remote attackers to cause a denial of
...)
+	TODO: check
 CVE-2011-1336
 	RESERVED
 CVE-2011-1335 (Cross-site scripting (XSS) vulnerability in Cybozu Office 6, 7,
and 8 ...)
@@ -7159,8 +7250,8 @@
 	NOT-FOR-US: Microsoft Windows
 CVE-2011-0086 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP
SP2 and ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-0085
-	RESERVED
+CVE-2011-0085 (Use-after-free vulnerability in the nsXULCommandDispatcher
function in ...)
+	{DSA-2269-1 DSA-2268-1}
 	- iceweasel 3.5.19-3
 	- xulrunner <removed>
 	[lenny] - xulrunner 1.9.0.19-12
@@ -7170,8 +7261,8 @@
 	- icedove <unfixed>
 CVE-2011-0084
 	RESERVED
-CVE-2011-0083
-	RESERVED
+CVE-2011-0083 (Use-after-free vulnerability in the
nsSVGPathSegList::ReplaceItem ...)
+	{DSA-2269-1 DSA-2268-1}
 	- iceweasel 3.5.19-3
 	- xulrunner <removed>
 	[lenny] - xulrunner 1.9.0.19-12
@@ -16314,7 +16405,7 @@
 	- lxr-cvs 0.9.5+cvs20071020-1.1 (low; bug #588036)
 	NOTE: seems to be a dupe of CVE-2010-1738
 CVE-2010-1447 (The Safe (aka Safe.pm) module 2.26, and certain earlier
versions, for ...)
-	{DSA-2051-1}
+	{DSA-2267-1 DSA-2051-1}
 	- postgresql-8.4 8.4.4-1
 	- postgresql-8.3 <removed>
 	- perl 5.12.3-1
Secure testing commits - Jul 2011 - r16879 - data/CVE

[Secure-testing-commits] r16879 - data/CVE
