Author: geissert Date: 2011-02-06 19:17:26 +0000 (Sun, 06 Feb 2011) New Revision: 16073 Modified: data/CVE/list Log: smarty, php5, plone, and tomcat issues Modified: data/CVE/list ==================================================================--- data/CVE/list 2011-02-06 18:51:52 UTC (rev 16072) +++ data/CVE/list 2011-02-06 19:17:26 UTC (rev 16073) @@ -49,22 +49,40 @@ CVE-2011-0759 RESERVED CVE-2010-4727 (Smarty before 3.0.0 beta 7 does not properly handle the <?php and ?> ...) + - smarty3 <unfixed> + - smarty <unfixed> TODO: check CVE-2010-4726 (Unspecified vulnerability in the math plugin in Smarty before 3.0.0 ...) + - smarty3 <unfixed> + - smarty <unfixed> TODO: check CVE-2010-4725 (Smarty before 3.0.0 RC3 does not properly handle an on value of the ...) + - smarty3 <unfixed> + - smarty <unfixed> TODO: check CVE-2010-4724 (Multiple unspecified vulnerabilities in the parser implementation in ...) + - smarty3 <unfixed> + - smarty <unfixed> TODO: check CVE-2010-4723 (Smarty before 3.0.0, when security is enabled, does not prevent access ...) + - smarty3 <unfixed> + - smarty <unfixed> TODO: check CVE-2010-4722 (Unspecified vulnerability in the fetch plugin in Smarty before 3.0.2 ...) + - smarty3 <unfixed> + - smarty <unfixed> TODO: check CVE-2009-5054 (Smarty before 3.0.0 beta 4 does not consider the umask value when ...) + - smarty3 <unfixed> + - smarty <unfixed> TODO: check CVE-2009-5053 (Unspecified vulnerability in Smarty before 3.0.0 beta 6 allows remote ...) + - smarty3 <unfixed> + - smarty <unfixed> TODO: check CVE-2009-5052 (Multiple unspecified vulnerabilities in Smarty before 3.0.0 beta 6 ...) + - smarty3 <unfixed> + - smarty <unfixed> TODO: check CVE-2011-0758 RESERVED @@ -77,9 +95,9 @@ CVE-2011-0754 (The SplFileInfo::getType function in the Standard PHP Library (SPL) ...) - php5 <not-affected> (Only affects PHP on Windows) CVE-2011-0753 (Race condition in the PCNTL extension in PHP before 5.3.4, when a ...) - TODO: check + - php5 <unfixed> (unimportant) CVE-2011-0752 (The extract function in PHP before 5.2.15 does not prevent use of the ...) - TODO: check + - php5 5.3.3-7 (low) CVE-2011-0751 RESERVED CVE-2011-0750 @@ -151,6 +169,7 @@ CVE-2010-4718 (Multiple cross-site scripting (XSS) vulnerabilities in the ...) NOT-FOR-US: Joomla Lyftenbloggie addon CVE-2011-0720 (Unspecified vulnerability in Plone 2.5 through 4.0 allows remote ...) + - plone3 <removed> TODO: check CVE-2011-0719 RESERVED @@ -572,8 +591,10 @@ - glibc <removed> CVE-2011-0535 RESERVED -CVE-2011-0534 +CVE-2011-0534 [remote DoS via NIO connector] RESERVED + - tomcat6 <unfixed> + TODO: check CVE-2011-0533 RESERVED CVE-2011-0532