Author: joeyh
Date: 2011-07-19 21:15:04 +0000 (Tue, 19 Jul 2011)
New Revision: 16955
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2011-07-19 09:32:44 UTC (rev 16954)
+++ data/CVE/list 2011-07-19 21:15:04 UTC (rev 16955)
@@ -1,3 +1,5 @@
+CVE-2011-2761 (Google Chrome 14.0.794.0 does not properly handle a reload of a
page ...)
+ TODO: check
CVE-2011-2760 (Brocade BigIron RX switches allow remote attackers to bypass ACL
rules ...)
TODO: check
CVE-2011-2759 (The login page of IDSWebApp in the Web Administration Tool in
IBM ...)
@@ -1658,7 +1660,7 @@
NOT-FOR-US: Adobe Shockwave Player
CVE-2011-2116 (IML32.dll in Adobe Shockwave Player before 11.6.0.626 allows
attackers ...)
NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-2115 (IML32.dll in Adobe Shockwave Player before 11.6.0.626 allows
attackers ...)
+CVE-2011-2115 (IML32.dll in Adobe Shockwave Player before 11.6.0.626 allows
remote ...)
NOT-FOR-US: Adobe Shockwave Player
CVE-2011-2114 (Adobe Shockwave Player before 11.6.0.626 allows attackers to
execute ...)
NOT-FOR-US: Adobe Shockwave Player
@@ -3818,8 +3820,8 @@
NOT-FOR-US: Cybozu
CVE-2011-1332 (Cross-site scripting (XSS) vulnerability in Cybozu Garoon 2.0.0
...)
NOT-FOR-US: Cybozu Garoon
-CVE-2011-1331
- RESERVED
+CVE-2011-1331 (JustSystems Ichitaro 2005 through 2011, Ichitaro Government 6,
...)
+ TODO: check
CVE-2011-1330 (Cross-site scripting (XSS) vulnerability in WeblyGo 5.0 Pro/LE,
5.02 ...)
NOT-FOR-US: WeblyGo
CVE-2011-1329 (WalRack 1.x before 1.1.9 and 2.x before 2.0.7 does not properly
...)
@@ -4568,8 +4570,7 @@
[lenny] - kde4libs <no-dsa> (Minor issue)
- kdelibs <undetermined>
NOTE: http://seclists.org/oss-sec/2011/q1/434
-CVE-2011-1093
- RESERVED
+CVE-2011-1093 (The dccp_rcv_state_process function in net/dccp/input.c in the
...)
{DSA-2264-1}
- linux-2.6 2.6.38-1 (low)
[squeeze] - linux-2.6 2.6.32-31
@@ -5677,8 +5678,7 @@
{DSA-2205-1}
- gdm3 2.30.5-9
- gdm <not-affected> (Affected code was introduced in 2.28)
-CVE-2011-0726
- RESERVED
+CVE-2011-0726 (The do_task_stat function in fs/proc/array.c in the Linux kernel
...)
{DSA-2264-1 DSA-2240-1}
- linux-2.6 2.6.38-2
[lenny] - linux-2.6 2.6.26-26lenny3
@@ -6150,8 +6150,8 @@
RESERVED
CVE-2011-0549 (SQL injection vulnerability in forget.php in the management GUI
in ...)
TODO: check
-CVE-2011-0548
- RESERVED
+CVE-2011-0548 (Buffer overflow in the Lotus Freelance Graphics PRZ file viewer
in ...)
+ TODO: check
CVE-2011-0547
RESERVED
CVE-2011-0546 (Symantec Backup Exec 11.0, 12.0, 12.5, 13.0, and 13.0 R2 does
not ...)
@@ -6967,14 +6967,12 @@
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=631551
NOTE: This was initially reported to be a bug in libxml2, but it later showed
that PHP
NOTE: is using the libxml2 API in an incorrect manner
-CVE-2010-4656 [iowarrior usb device heap overflow]
- RESERVED
+CVE-2010-4656 (The iowarrior_write function in drivers/usb/misc/iowarrior.c in
the ...)
{DSA-2153-1}
- linux-2.6 2.6.37-1
[wheezy] - linux-2.6 2.6.32-31
[squeeze] - linux-2.6 2.6.32-31
-CVE-2010-4655 [heap contents leak for CAP_NET_ADMIN via ethtool ioctl]
- RESERVED
+CVE-2010-4655 (net/core/ethtool.c in the Linux kernel before 2.6.36 does not
...)
{DSA-2264-1}
- linux-2.6 2.6.32-27
CVE-2010-4654 [Malformed commands may cause corruption of the internal stack]
@@ -11601,8 +11599,8 @@
NOT-FOR-US: ZOHO ManageEngine
CVE-2010-3272 (accounts/ValidateAnswers in the security-questions
implementation in ...)
NOT-FOR-US: ZOHO ManageEngine
-CVE-2010-3271
- RESERVED
+CVE-2010-3271 (Multiple cross-site request forgery (CSRF) vulnerabilities in
the ...)
+ TODO: check
CVE-2010-3270 (Stack-based buffer overflow in Cisco WebEx Meeting Center T27LB
before ...)
NOT-FOR-US: Cisco WebEx Meeting Center
CVE-2010-3269 (Multiple stack-based buffer overflows in the Cisco WebEx
Recording ...)