Author: joeyh
Date: 2011-10-28 21:14:19 +0000 (Fri, 28 Oct 2011)
New Revision: 17519
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2011-10-28 19:43:33 UTC (rev 17518)
+++ data/CVE/list 2011-10-28 21:14:19 UTC (rev 17519)
@@ -1,3 +1,27 @@
+CVE-2011-4208
+ RESERVED
+CVE-2011-4207
+ RESERVED
+CVE-2011-4206
+ RESERVED
+CVE-2011-4205
+ RESERVED
+CVE-2011-4204
+ RESERVED
+CVE-2011-4203
+ RESERVED
+CVE-2011-4202
+ RESERVED
+CVE-2011-4201
+ RESERVED
+CVE-2011-4200
+ RESERVED
+CVE-2011-4199
+ RESERVED
+CVE-2011-4198
+ RESERVED
+CVE-2011-4197
+ RESERVED
CVE-2011-XXXX [backuppc xss issue]
- backuppc <unfixed> (bug #646865)
CVE-2011-XXXX [simplesamlphp xml encryption issues]
@@ -263,8 +287,8 @@
- linux-2.6 2.6.39-1
[lenny] - linux-2.6 <not-affected> (introduced in 2.6.37 with
eaf06b241b091357e72b76863ba16e89610d31bd)
[squeeze] - linux-2.6 <not-affected> (introduced in 2.6.37 with
eaf06b241b091357e72b76863ba16e89610d31bd)
-CVE-2011-4079
- RESERVED
+CVE-2011-4079 (Off-by-one error in the UTF8StringNormalize function in OpenLDAP
...)
+ TODO: check
CVE-2011-4078
RESERVED
CVE-2011-4077
@@ -644,8 +668,8 @@
RESERVED
CVE-2011-4005
RESERVED
-CVE-2011-4004
- RESERVED
+CVE-2011-4004 (Buffer overflow in the ATAS32 processing functionality in the
Cisco ...)
+ TODO: check
CVE-2011-4003
RESERVED
CVE-2011-4002
@@ -961,19 +985,15 @@
[squeeze] - puppet 2.6.2-5+squeeze1
NOTE: Only exploitable during build/test suite run
NOTE: DSA-2314-1
-CVE-2011-3872
- RESERVED
+CVE-2011-3872 (Puppet 2.6.x before 2.6.12 and 2.7.x before 2.7.6, and Puppet
...)
- puppet 2.7.6-1
-CVE-2011-3871
- RESERVED
+CVE-2011-3871 (Puppet 2.7.x before 2.7.5, 2.6.x before 2.6.11, and 0.25.x, when
...)
{DSA-2314-1}
- puppet 2.7.3-3
-CVE-2011-3870
- RESERVED
+CVE-2011-3870 (Puppet 2.7.x before 2.7.5, 2.6.x before 2.6.11, and 0.25.x
allows ...)
{DSA-2314-1}
- puppet 2.7.3-3
-CVE-2011-3869
- RESERVED
+CVE-2011-3869 (Puppet 2.7.x before 2.7.5, 2.6.x before 2.6.11, and 0.25.x
allows ...)
{DSA-2314-1}
- puppet 2.7.3-3
CVE-2011-3868 (Buffer overflow in VMware Workstation 7.x before 7.1.5, VMware
Player ...)
@@ -1020,8 +1040,7 @@
NOT-FOR-US: Wordpress theme
CVE-2011-3849
RESERVED
-CVE-2011-3848
- RESERVED
+CVE-2011-3848 (Directory traversal vulnerability in Puppet 2.6.x before 2.6.10
and ...)
{DSA-2314-1}
- puppet 2.7.3-2
CVE-2011-3847
@@ -1469,8 +1488,8 @@
RESERVED
CVE-2011-3641
RESERVED
-CVE-2011-3640
- RESERVED
+CVE-2011-3640 (** DISPUTED ** Untrusted search path vulnerability in Mozilla
Network ...)
+ TODO: check
CVE-2011-3639
RESERVED
CVE-2011-3638
@@ -2375,16 +2394,16 @@
NOT-FOR-US: SIMATIC WinCC
CVE-2011-3320
RESERVED
-CVE-2011-3319
- RESERVED
-CVE-2011-3318
- RESERVED
+CVE-2011-3319 (Buffer overflow in the WRF parsing functionality in the Cisco
WebEx ...)
+ TODO: check
+CVE-2011-3318 (Cisco Video Surveillance 2421 and 2500 series cameras with
software ...)
+ TODO: check
CVE-2011-3317
RESERVED
CVE-2011-3316
RESERVED
-CVE-2011-3315
- RESERVED
+CVE-2011-3315 (Directory traversal vulnerability in Cisco Unified
Communications ...)
+ TODO: check
CVE-2011-3314
RESERVED
CVE-2011-3313
@@ -2531,16 +2550,16 @@
NOT-FOR-US: Apple iOS
CVE-2011-3252 (Buffer overflow in CoreAudio, as used in Apple iTunes before
10.5, ...)
NOT-FOR-US: Apple iTunes
-CVE-2011-3251
- RESERVED
-CVE-2011-3250
- RESERVED
-CVE-2011-3249
- RESERVED
-CVE-2011-3248
- RESERVED
-CVE-2011-3247
- RESERVED
+CVE-2011-3251 (Apple QuickTime before 7.7.1 on Windows allows remote attackers
to ...)
+ TODO: check
+CVE-2011-3250 (Integer overflow in Apple QuickTime before 7.7.1 allows remote
...)
+ TODO: check
+CVE-2011-3249 (Buffer overflow in Apple QuickTime before 7.7.1 allows remote
...)
+ TODO: check
+CVE-2011-3248 (Integer signedness error in Apple QuickTime before 7.7.1 allows
remote ...)
+ TODO: check
+CVE-2011-3247 (Integer overflow in Apple QuickTime before 7.7.1 on Windows
allows ...)
+ TODO: check
CVE-2011-3246 (CFNetwork in Apple iOS before 5 and Mac OS X 10.7 before 10.7.2
does ...)
NOT-FOR-US: Apple iOS
CVE-2011-3245 (The Keyboards component in Apple iOS before 5 displays the final
...)
@@ -3769,8 +3788,8 @@
CVE-2011-2831 (WebKit, as used in Apple iTunes before 10.5, allows
man-in-the-middle ...)
- chromium-browser <undetermined>
- webkit <undetermined>
-CVE-2011-2830
- RESERVED
+CVE-2011-2830 (Google V8, as used in Google Chrome before 14.0.835.163, does
not ...)
+ TODO: check
CVE-2011-2829 (Integer overflow in Google Chrome before 13.0.782.215 on 32-bit
...)
- chromium-browser 13.0.782.215~r97094-1
- webkit <undetermined>
@@ -3988,8 +4007,10 @@
RESERVED
CVE-2011-2769
RESERVED
+ {DSA-2331-1}
CVE-2011-2768
RESERVED
+ {DSA-2331-1}
CVE-2011-2767
RESERVED
CVE-2011-2766 (The FCGI (aka Fast CGI) module 0.70 through 0.73 for Perl, as
used by ...)
@@ -4524,8 +4545,8 @@
RESERVED
CVE-2011-2570
RESERVED
-CVE-2011-2569
- RESERVED
+CVE-2011-2569 (Cisco Nexus OS (aka NX-OS) 4.2 and 5.0 and Cisco Unified
Computing ...)
+ TODO: check
CVE-2011-2568
RESERVED
CVE-2011-2567
@@ -7925,8 +7946,8 @@
RESERVED
CVE-2011-1372
RESERVED
-CVE-2011-1371
- RESERVED
+CVE-2011-1371 (Cross-site scripting (XSS) vulnerability in content/error.jsp in
IBM ...)
+ TODO: check
CVE-2011-1370
RESERVED
CVE-2011-1369
@@ -7947,8 +7968,8 @@
RESERVED
CVE-2011-1361
RESERVED
-CVE-2011-1360
- RESERVED
+CVE-2011-1360 (Multiple cross-site scripting (XSS) vulnerabilities in IBM HTTP
Server ...)
+ TODO: check
CVE-2011-1359 (Directory traversal vulnerability in the administration console
in IBM ...)
NOT-FOR-US: IBM WebSphere
CVE-2011-1358