Author: thijs
Date: 2011-07-13 06:55:49 +0000 (Wed, 13 Jul 2011)
New Revision: 16929
Modified:
data/CVE/list
Log:
new squirrelmail issues
Modified: data/CVE/list
==================================================================---
data/CVE/list 2011-07-13 06:54:48 UTC (rev 16928)
+++ data/CVE/list 2011-07-13 06:55:49 UTC (rev 16929)
@@ -1775,8 +1775,9 @@
RESERVED
CVE-2011-2024 (Cisco Network Registrar before 7.2 has a default administrative
...)
NOT-FOR-US: Cisco
-CVE-2011-2023
+CVE-2011-2023 [XSS in HTML email style elt]
RESERVED
+ - squirrelmail <unfixed>
CVE-2011-2022 (The agp_generic_remove_memory function in
drivers/char/agp/generic.c ...)
{DSA-2264-1 DSA-2240-1}
- linux-2.6 2.6.38-5
@@ -7854,10 +7855,13 @@
CVE-2010-4523 (Multiple stack-based buffer overflows in libopensc in OpenSC
0.11.13 ...)
- opensc 0.11.13-1.1 (low; bug #607427)
[lenny] - opensc 0.11.4-5+lenny1.1
-CVE-2010-4555
+CVE-2010-4555 [squirrelmail xss]
RESERVED
-CVE-2010-4554
+ - squirrelmail <unfixed> (low)
+ NOTE: difficult to exploit
+CVE-2010-4554 [squirrelmail clickjacking]
RESERVED
+ - squirrelmail <unfixed>
CVE-2010-4553 (An unspecified Domino API in IBM Lotus Notes Traveler before
8.5.1.1 ...)
NOT-FOR-US: IBM Lotus Notes Traveler
CVE-2010-4552 (Memory leak in IBM Lotus Notes Traveler before 8.5.1.1 allows
remote ...)