Secure testing commits - Apr 2011 - r16498 - data/CVE

Author: joeyh
Date: 2011-04-08 21:16:11 +0000 (Fri, 08 Apr 2011)
New Revision: 16498

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2011-04-08 19:52:51 UTC (rev 16497)
+++ data/CVE/list	2011-04-08 21:16:11 UTC (rev 16498)
@@ -1,3 +1,27 @@
+CVE-2011-1657
+	RESERVED
+CVE-2011-1656
+	RESERVED
+CVE-2011-1655
+	RESERVED
+CVE-2011-1654
+	RESERVED
+CVE-2011-1653
+	RESERVED
+CVE-2011-1652 (** DISPUTED ** The default configuration of Microsoft Windows 7
...)
+	TODO: check
+CVE-2010-4784 (Multiple SQL injection vulnerabilities in member.php in PHP Web
...)
+	TODO: check
+CVE-2010-4783 (Multiple cross-site scripting (XSS) vulnerabilities in index.php
in ...)
+	TODO: check
+CVE-2010-4782 (Multiple SQL injection vulnerabilities in list.asp in Softwebs
Nepal ...)
+	TODO: check
+CVE-2010-4781 (index.php in Enano CMS 1.1.7pl1, and possibly other versions
before ...)
+	TODO: check
+CVE-2010-4780 (SQL injection vulnerability in the check_banlist function in
...)
+	TODO: check
+CVE-2010-4779 (Cross-site scripting (XSS) vulnerability in
lib/includes/auth.inc.php ...)
+	TODO: check
 CVE-2011-1651
 	RESERVED
 CVE-2011-1650
@@ -271,8 +295,8 @@
 	RESERVED
 CVE-2011-1526
 	RESERVED
-CVE-2011-1525
-	RESERVED
+CVE-2011-1525 (Heap-based buffer overflow in rvrender.dll in RealPlayer
14.0.1.633 ...)
+	TODO: check
 CVE-2011-1524 (Cross-site scripting (XSS) vulnerability in the management login
GUI ...)
 	NOT-FOR-US: Symantec LiveUpdate Administrator 
 CVE-2011-1523
@@ -642,6 +666,7 @@
 	RESERVED
 CVE-2011-1401
 	RESERVED
+	{DSA-2214-1}
 CVE-2011-1400 (The default configuration of the shell_escape_commands directive
in ...)
 	{DSA-2198-1}
 	- tex-common 2.09
@@ -2114,8 +2139,8 @@
 	RESERVED
 CVE-2011-0896
 	RESERVED
-CVE-2011-0895
-	RESERVED
+CVE-2011-0895 (Unspecified vulnerability in HP Network Node Manager i (NNMi)
9.0x ...)
+	TODO: check
 CVE-2011-0894 (Unspecified vulnerability in HP Operations 9.10 on UNIX
platforms ...)
 	NOT-FOR-US: HP Operations
 CVE-2011-0893 (Cross-site scripting (XSS) vulnerability in HP Operations 9.10
on UNIX ...)
@@ -3276,6 +3301,7 @@
 	RESERVED
 CVE-2011-0465 [xrdb code execution via crafted hostname]
 	RESERVED
+	{DSA-2213-1}
 	- x11-xserver-utils 7.6+2 (low; bug #621423)
 	NOTE:
http://cgit.freedesktop.org/xorg/app/xrdb/commit/?id=1027d5df07398c1507fb1fe3a9981aa6b4bc3a56
 	NOTE: low as this is not enabled in a standard setup