Author: joeyh
Date: 2011-10-25 21:14:18 +0000 (Tue, 25 Oct 2011)
New Revision: 17499
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2011-10-25 21:06:42 UTC (rev 17498)
+++ data/CVE/list 2011-10-25 21:14:18 UTC (rev 17499)
@@ -1,3 +1,61 @@
+CVE-2011-4180
+ RESERVED
+CVE-2011-4179
+ RESERVED
+CVE-2011-4178
+ RESERVED
+CVE-2011-4177
+ RESERVED
+CVE-2011-4176
+ RESERVED
+CVE-2011-4175
+ RESERVED
+CVE-2011-4174
+ RESERVED
+CVE-2011-4173 (Cross-site request forgery (CSRF) vulnerability in Simple
Machines ...)
+ TODO: check
+CVE-2011-4172 (Multiple cross-site scripting (XSS) vulnerabilities in KENT-WEB
WEB ...)
+ TODO: check
+CVE-2011-4171 (Cross-site scripting (XSS) vulnerability in content/error.jsp in
IBM ...)
+ TODO: check
+CVE-2011-4170 (Cross-site scripting (XSS) vulnerability in the ...)
+ TODO: check
+CVE-2011-4169
+ RESERVED
+CVE-2011-4168
+ RESERVED
+CVE-2011-4167
+ RESERVED
+CVE-2011-4166
+ RESERVED
+CVE-2011-4165
+ RESERVED
+CVE-2011-4164
+ RESERVED
+CVE-2011-4163
+ RESERVED
+CVE-2011-4162
+ RESERVED
+CVE-2011-4161
+ RESERVED
+CVE-2011-4160
+ RESERVED
+CVE-2011-4159
+ RESERVED
+CVE-2011-4158
+ RESERVED
+CVE-2011-4157
+ RESERVED
+CVE-2011-4156
+ RESERVED
+CVE-2011-4155
+ RESERVED
+CVE-2011-4154
+ RESERVED
+CVE-2011-4153
+ RESERVED
+CVE-2011-4152
+ RESERVED
CVE-2011-XXXX [nss: Did honour /pkcs11.txt and /secmod.db files by
initializatio]
- nss <unfixed>
[lenny] - nss <no-dsa> (Minor issue)
@@ -285,8 +343,8 @@
NOTE:
http://cgit.freedesktop.org/xorg/xserver/commit/?id=6ba44b91e37622ef8c146d8f2ac92d708a18ed34
CVE-2011-4027
RESERVED
-CVE-2011-4026
- RESERVED
+CVE-2011-4026 (SQL injection vulnerability in thanks.php in NexusPHP 1.5 allows
...)
+ TODO: check
CVE-2010-4963 (SQL injection vulnerability in folder/list in Hulihan BXR 0.6.8
allows ...)
NOT-FOR-US: Hulihan BXR
CVE-2010-4962 (Unspecified vulnerability in the Webkit PDFs (webkitpdf)
extension ...)
@@ -489,8 +547,8 @@
TODO: check
CVE-2010-4870 (SQL injection vulnerability in index.php in BloofoxCMS 0.3.5
allows ...)
TODO: check
-CVE-2011-4024
- RESERVED
+CVE-2011-4024 (Cross-site scripting (XSS) vulnerability in ocsinventory in OCS
...)
+ TODO: check
CVE-2011-4023
RESERVED
CVE-2011-4022
@@ -561,18 +619,18 @@
RESERVED
CVE-2011-3989
RESERVED
-CVE-2011-3988
- RESERVED
+CVE-2011-3988 (SQL injection vulnerability in data/class/SC_Query.php in
EC-CUBE ...)
+ TODO: check
CVE-2011-3987
RESERVED
CVE-2011-3986
RESERVED
CVE-2011-3985
RESERVED
-CVE-2011-3984
- RESERVED
-CVE-2011-3983
- RESERVED
+CVE-2011-3984 (Cross-site scripting (XSS) vulnerability in KENT-WEB WEB FORUM
5.1 and ...)
+ TODO: check
+CVE-2011-3983 (Cross-site scripting (XSS) vulnerability in KENT-WEB WEB FORUM
5.1 and ...)
+ TODO: check
CVE-2011-3982 (The Fibre Channel driver for QLogic adapters in IBM AIX 6.1 and
7.1 ...)
NOT-FOR-US: IBM AIX driver
CVE-2010-4869 (SQL injection vulnerability in index.php in DBHcms 1.1.4 allows
remote ...)
@@ -1365,8 +1423,8 @@
RESERVED
CVE-2011-3636
RESERVED
-CVE-2011-3635
- RESERVED
+CVE-2011-3635 (Cross-site scripting (XSS) vulnerability in the ...)
+ TODO: check
CVE-2011-3634
RESERVED
CVE-2011-3633
@@ -1433,8 +1491,7 @@
- conky 1.8.0-1.1 (low; bug #612033)
[squeeze] - conky 1.8.0-1+squeeze1
[lenny] - conky 1.6.0-2+lenny1
-CVE-2011-3615 [unknown security issue in simple machines forum]
- RESERVED
+CVE-2011-3615 (Multiple SQL injection vulnerabilities in Simple Machines Forum
(SMF) ...)
NOT-FOR-US: Simple Machines Forum
CVE-2011-3614 [vanilla plugin access control]
RESERVED
@@ -2063,8 +2120,8 @@
NOT-FOR-US: WebsiteBaker
CVE-2011-3384 (Cross-site scripting (XSS) vulnerability in the Sage add-on
1.3.10 and ...)
NOT-FOR-US: Sage
-CVE-2011-3383
- RESERVED
+CVE-2011-3383 (Cross-site scripting (XSS) vulnerability in KENT-WEB WEB FORUM
5.1 and ...)
+ TODO: check
CVE-2011-3382 (Cross-site scripting (XSS) vulnerability in Phorum before 5.2.16
...)
NOT-FOR-US: Phorum
CVE-2011-3381 (Cross-site request forgery (CSRF) vulnerability in Phorum before
...)
@@ -2401,7 +2458,7 @@
RESERVED
CVE-2011-3257 (The Data Access component in Apple iOS before 5 does not
properly ...)
NOT-FOR-US: Apple iOS
-CVE-2011-3256 (FreeType in CoreGraphics in Apple iOS before 5 allows remote
attackers ...)
+CVE-2011-3256 (FreeType 2 before 2.4.7, as used in CoreGraphics in Apple iOS
before ...)
{DSA-2328-1}
- freetype 2.4.7-1 (bug #646120)
CVE-2011-3255 (CFNetwork in Apple iOS before 5 stores AppleID credentials in an
...)
@@ -2680,8 +2737,8 @@
RESERVED
CVE-2011-3164
RESERVED
-CVE-2011-3163
- RESERVED
+CVE-2011-3163 (HP MFP Digital Sending Software 4.9x through 4.91.21 allows
local ...)
+ TODO: check
CVE-2011-3162 (Unspecified vulnerability in HP Data Protector Notebook
Extension 6.20 ...)
NOT-FOR-US: HP Data Protector
CVE-2011-3161 (Unspecified vulnerability in HP Data Protector Notebook
Extension 6.20 ...)
@@ -4021,8 +4078,7 @@
CVE-2011-2714
RESERVED
NOT-FOR-US: Drupal data module
-CVE-2011-2713
- RESERVED
+CVE-2011-2713 (oowriter in OpenOffice.org 3.3.0 and LibreOffice before 3.4.3
allows ...)
{DSA-2315-1}
- libreoffice 1:3.4.3-1
- openoffice.org 1:3.3.0-1
@@ -4152,8 +4208,8 @@
NOT-FOR-US: IBM Rational DOORS Web Access
CVE-2011-2678 (The Cisco VPN Client 5.0.7.0240 and 5.0.7.0290 on 64-bit Windows
...)
NOT-FOR-US: Cisco VPN Client
-CVE-2011-2677
- RESERVED
+CVE-2011-2677 (Cybozu Office before 8.0.0 allows remote authenticated users to
bypass ...)
+ TODO: check
CVE-2011-2676
RESERVED
CVE-2011-2675 (Cross-site scripting (XSS) vulnerability in Enkai-kun before
110916 ...)
@@ -4197,10 +4253,10 @@
RESERVED
CVE-2011-2657
RESERVED
-CVE-2011-2656
- RESERVED
-CVE-2011-2655
- RESERVED
+CVE-2011-2656 (Unspecified vulnerability in ZfHSrvr.exe in Novell ZENworks
Handheld ...)
+ TODO: check
+CVE-2011-2655 (Unspecified vulnerability in ZfHSrvr.exe in Novell ZENworks
Handheld ...)
+ TODO: check
CVE-2011-2654 (The RPC implementation in the server in Novell Cloud Manager
1.1.2 ...)
NOT-FOR-US: Novell Cloud Manager
CVE-2011-2653
@@ -5800,14 +5856,14 @@
RESERVED
CVE-2011-2061
RESERVED
-CVE-2011-2060
- RESERVED
-CVE-2011-2059
- RESERVED
-CVE-2011-2058
- RESERVED
-CVE-2011-2057
- RESERVED
+CVE-2011-2060 (The platform-sw component on Cisco Adaptive Security Appliances
(ASA) ...)
+ TODO: check
+CVE-2011-2059 (The ipv6 component in Cisco IOS before 15.1(4)M1.3 allows remote
...)
+ TODO: check
+CVE-2011-2058 (The cat6000-dot1x component in Cisco IOS 12.2 before
12.2(33)SXI7 does ...)
+ TODO: check
+CVE-2011-2057 (The cat6000-dot1x component in Cisco IOS 12.2 before
12.2(33)SXI7 does ...)
+ TODO: check
CVE-2011-2056
RESERVED
CVE-2011-2055
@@ -5836,8 +5892,8 @@
RESERVED
CVE-2011-2043
RESERVED
-CVE-2011-2042
- RESERVED
+CVE-2011-2042 (The Sybase SQL Anywhere database component in Cisco CiscoWorks
Common ...)
+ TODO: check
CVE-2011-2041 (The Start Before Logon (SBL) functionality in Cisco AnyConnect
Secure ...)
NOT-FOR-US: Cisco
CVE-2011-2040 (The helper application in Cisco AnyConnect Secure Mobility
Client ...)
@@ -6947,8 +7003,8 @@
RESERVED
CVE-2011-1641
RESERVED
-CVE-2011-1640
- RESERVED
+CVE-2011-1640 (The ethernet-lldp component in Cisco IOS 12.2 before
12.2(33)SXJ1 does ...)
+ TODO: check
CVE-2011-1639
RESERVED
CVE-2011-1638
@@ -7098,7 +7154,7 @@
{DSA-2264-1}
- linux-2.6 2.6.39-3 (low)
[squeeze] - linux-2.6 2.6.32-35
-CVE-2011-1576 (Red Hat Enterprise Virtualization (RHEV) Hypervisor allows
remote ...)
+CVE-2011-1576 (The Generic Receive Offload (GRO) implementation in the Linux
kernel ...)
{DSA-2303-1}
- linux-2.6 3.0.0-5
[lenny] - linux-2.6 <not-affected> (Code not present)
@@ -7417,8 +7473,7 @@
- linux-2.6 2.6.38-4
[lenny] - linux-2.6 <not-affected> (Only affected 2.6.37 and 2.6.38)
[squeeze] - linux-2.6 <not-affected> (Only affected 2.6.37 and 2.6.38)
-CVE-2011-1478
- RESERVED
+CVE-2011-1478 (The napi_reuse_skb function in net/core/dev.c in the Generic
Receive ...)
{DSA-2240-1}
- linux-2.6 2.6.38-1
[lenny] - linux-2.6 <not-affected> (Vulnerable code not present)