thr3ads.net - Secure testing commits - [Secure-testing-commits] r17271

If this information is useful, please help other people find it:
Share via:
Joey Hess
2011-Sep-22 21:14 UTC
[Secure-testing-commits] r17271 - data/CVE

Author: joeyh
Date: 2011-09-22 21:14:21 +0000 (Thu, 22 Sep 2011)
New Revision: 17271

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2011-09-22 17:54:18 UTC (rev 17270)
+++ data/CVE/list	2011-09-22 21:14:21 UTC (rev 17271)
@@ -1,3 +1,131 @@
+CVE-2011-3640
+	RESERVED
+CVE-2011-3639
+	RESERVED
+CVE-2011-3638
+	RESERVED
+CVE-2011-3637
+	RESERVED
+CVE-2011-3636
+	RESERVED
+CVE-2011-3635
+	RESERVED
+CVE-2011-3634
+	RESERVED
+CVE-2011-3633
+	RESERVED
+CVE-2011-3632
+	RESERVED
+CVE-2011-3631
+	RESERVED
+CVE-2011-3630
+	RESERVED
+CVE-2011-3629
+	RESERVED
+CVE-2011-3628
+	RESERVED
+CVE-2011-3627
+	RESERVED
+CVE-2011-3626
+	RESERVED
+CVE-2011-3625
+	RESERVED
+CVE-2011-3624
+	RESERVED
+CVE-2011-3623
+	RESERVED
+CVE-2011-3622
+	RESERVED
+CVE-2011-3621
+	RESERVED
+CVE-2011-3620
+	RESERVED
+CVE-2011-3619
+	RESERVED
+CVE-2011-3618
+	RESERVED
+CVE-2011-3617
+	RESERVED
+CVE-2011-3616
+	RESERVED
+CVE-2011-3615
+	RESERVED
+CVE-2011-3614
+	RESERVED
+CVE-2011-3613
+	RESERVED
+CVE-2011-3612
+	RESERVED
+CVE-2011-3611
+	RESERVED
+CVE-2011-3610
+	RESERVED
+CVE-2011-3609
+	RESERVED
+CVE-2011-3608
+	RESERVED
+CVE-2011-3607
+	RESERVED
+CVE-2011-3606
+	RESERVED
+CVE-2011-3605
+	RESERVED
+CVE-2011-3604
+	RESERVED
+CVE-2011-3603
+	RESERVED
+CVE-2011-3602
+	RESERVED
+CVE-2011-3601
+	RESERVED
+CVE-2011-3600
+	RESERVED
+CVE-2011-3599
+	RESERVED
+CVE-2011-3598
+	RESERVED
+CVE-2011-3597
+	RESERVED
+CVE-2011-3596
+	RESERVED
+CVE-2011-3595
+	RESERVED
+CVE-2011-3594
+	RESERVED
+CVE-2011-3593
+	RESERVED
+CVE-2011-3592
+	RESERVED
+CVE-2011-3591
+	RESERVED
+CVE-2011-3590
+	RESERVED
+CVE-2011-3589
+	RESERVED
+CVE-2011-3588
+	RESERVED
+CVE-2011-3587
+	RESERVED
+CVE-2011-3586
+	RESERVED
+CVE-2011-3585
+	RESERVED
+CVE-2011-3584
+	RESERVED
+CVE-2011-3583
+	RESERVED
+CVE-2011-3582
+	RESERVED
+CVE-2011-3581
+	RESERVED
+CVE-2011-3580
+	RESERVED
+CVE-2011-3579
+	RESERVED
+CVE-2011-3578 (Cross-site scripting (XSS) vulnerability in ...)
+	TODO: check
+CVE-2004-2770
+	RESERVED
 CVE-2011-3577 (IBM WebSphere Commerce 6.x through 6.0.0.11 and 7.x through
7.0.0.3 ...)
 	TODO: check
 CVE-2011-3576 (Cross-site scripting (XSS) vulnerability in IBM Lotus Domino
8.5.2 ...)
@@ -526,17 +654,14 @@
 	- linux-2.6 2.6.39-1
 	[squeeze] - linux-2.6 2.6.32-34
 	[lenny] - linux-2.6 <not-affected> (b43 allocate recieve buffer is 2404
bytes, which is already larger than the upstream fix of increasing it to 2382
bytes)
-CVE-2011-3358 [XSS issues with unescaped os, os_build and platform]
-	RESERVED
+CVE-2011-3358 (Multiple cross-site scripting (XSS) vulnerabilities in MantisBT
before ...)
 	{DSA-2308-1}
 	- mantis 1.2.7-1 (low; bug #640297)
 	[squeeze] - mantis <not-affected> (Vulnerable code not present)
-CVE-2011-3357 [LFI and XSS via bug_actiongroup_ext_page.php]
-	RESERVED
+CVE-2011-3357 (Directory traversal vulnerability in
bug_actiongroup_ext_page.php in ...)
 	{DSA-2308-1}
 	- mantis 1.2.7-1 (medium; bug #640297)
-CVE-2011-3356 [XSS injection via PHP_SELF]
-	RESERVED
+CVE-2011-3356 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
 	- mantis 1.2.7-1 (low; bug #640297)
 	[squeeze] - mantis <not-affected> (Vulnerable code not present)
 	[lenny] - mantis <not-affected> (Vulnerable code not present)
@@ -689,8 +814,8 @@
 	RESERVED
 CVE-2011-3291
 	RESERVED
-CVE-2011-3290
-	RESERVED
+CVE-2011-3290 (Cisco Identity Services Engine (ISE) before 1.0.4.MR2 has
default ...)
+	TODO: check
 CVE-2011-3289
 	RESERVED
 CVE-2011-3288
@@ -737,7 +862,7 @@
 	- php5 <undetermined>
 CVE-2011-3267 (PHP before 5.3.7 does not properly implement the error_log
function, ...)
 	- php5 <undetermined>
-CVE-2011-3266 (The proto_tree_add_item function in Wireshark 1.6.1, when the
IKEv1 ...)
+CVE-2011-3266 (The proto_tree_add_item function in Wireshark 1.6.0 through
1.6.1 and ...)
 	- wireshark 1.6.2-1 (unimportant)
 	NOTE: no code injection, not treated as a security issue, see
README.Debian.security
 CVE-2010-4830 (SQL injection vulnerability in Resumes/TD_RESUME_Indlist.asp in
Techno ...)
@@ -866,8 +991,7 @@
 	{DSA-2302-1}
 	- bcfg2 1.1.2-2 (bug #640028)
 	NOTE: information as reported by maintainer
-CVE-2011-3210
-	RESERVED
+CVE-2011-3210 (The ephemeral ECDH ciphersuite functionality in OpenSSL 0.9.8
through ...)
 	- openssl 1.0.0e-1
 	[lenny] - openssl <no-dsa> (Minor issue)
 	[squeeze] - openssl <no-dsa> (Minor issue)
@@ -878,8 +1002,7 @@
 	- cyrus-imapd-2.4 <unfixed> (medium)
 	- kolab-cyrus-imapd <unfixed> (medium)
 	TODO: file bugs
-CVE-2011-3207 [openssl CRL verification vulnerability]
-	RESERVED
+CVE-2011-3207 (crypto/x509/x509_vfy.c in OpenSSL 1.0.x before 1.0.0e does not
...)
 	- openssl 1.0.0e-1
 	[squeeze] - openssl <not-affected> (only affects 1.0.0 through 1.0.0d)
 	[lenny] - openssl <not-affected> (only affects 1.0.0 through 1.0.0d)
@@ -1591,13 +1714,12 @@
 	[lenny] - stunnel4 <not-affected> (Only 4.4x affected)
 CVE-2011-2939
 	RESERVED
-CVE-2011-2938 [mantis XSS]
-	RESERVED
+CVE-2011-2938 (Multiple cross-site scripting (XSS) vulnerabilities in
filter_api.php ...)
 	- mantis 1.2.6-1 (bug #638321)
 	[squeeze] - mantis <not-affected> (Only affects Mantis 1.1)
 	[lenny] - mantis <not-affected> (Only affects Mantis 1.1)
-CVE-2011-2937
-	RESERVED
+CVE-2011-2937 (Cross-site scripting (XSS) vulnerability in the UI messages ...)
+	TODO: check
 CVE-2011-2936
 	RESERVED
 CVE-2011-2935
@@ -2897,8 +3019,8 @@
 	RESERVED
 CVE-2011-2445
 	RESERVED
-CVE-2011-2444
-	RESERVED
+CVE-2011-2444 (Cross-site scripting (XSS) vulnerability in Adobe Flash Player
before ...)
+	TODO: check
 CVE-2011-2443
 	RESERVED
 CVE-2011-2442 (Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and
10.x ...)
@@ -2925,16 +3047,16 @@
 	NOT-FOR-US: Adobe Reader and Acrobat
 CVE-2011-2431 (Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and
10.x ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2430
-	RESERVED
-CVE-2011-2429
-	RESERVED
-CVE-2011-2428
-	RESERVED
-CVE-2011-2427
-	RESERVED
-CVE-2011-2426
-	RESERVED
+CVE-2011-2430 (Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X,
Linux, and ...)
+	TODO: check
+CVE-2011-2429 (Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X,
Linux, and ...)
+	TODO: check
+CVE-2011-2428 (Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X,
Linux, and ...)
+	TODO: check
+CVE-2011-2427 (Stack-based buffer overflow in the ActionScript Virtual Machine
(AVM) ...)
+	TODO: check
+CVE-2011-2426 (Stack-based buffer overflow in the ActionScript Virtual Machine
(AVM) ...)
+	TODO: check
 CVE-2011-2425 (Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X,
Linux, and ...)
 	NOT-FOR-US: Adobe Flash Player
 CVE-2011-2424 (Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X,
Linux, and ...)
@@ -2961,8 +3083,8 @@
 	NOT-FOR-US: Adobe Flash Player
 CVE-2011-2413
 	RESERVED
-CVE-2011-2412
-	RESERVED
+CVE-2011-2412 (Unspecified vulnerability in HP Business Service Automation
(BSA) ...)
+	TODO: check
 CVE-2011-2411
 	RESERVED
 CVE-2011-2410 (Cross-site scripting (XSS) vulnerability in HP OpenView
Performance ...)
@@ -4297,8 +4419,8 @@
 	RESERVED
 CVE-2011-1914
 	RESERVED
-CVE-2011-1913
-	RESERVED
+CVE-2011-1913 (SQL injection vulnerability in the login form in the web
interface in ...)
+	TODO: check
 CVE-2011-1912
 	RESERVED
 CVE-2011-1911 (JasperServer in JasperReports Server Community Project 3.7.0 and
3.7.1 ...)
Secure testing commits - Sep 2011 - r17271 - data/CVE

[Secure-testing-commits] r17271 - data/CVE
