thr3ads.net - Secure testing commits - [Secure-testing-commits] r16543

If this information is useful, please help other people find it:
Share via:
Joey Hess
2011-Apr-18 21:15 UTC
[Secure-testing-commits] r16543 - data/CVE

Author: joeyh
Date: 2011-04-18 21:15:26 +0000 (Mon, 18 Apr 2011)
New Revision: 16543

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2011-04-18 21:03:15 UTC (rev 16542)
+++ data/CVE/list	2011-04-18 21:15:26 UTC (rev 16543)
@@ -1,3 +1,47 @@
+CVE-2011-1713 (Microsoft msxml.dll, as used in Internet Explorer 8 on Windows
7, ...)
+	TODO: check
+CVE-2011-1712 (The txXPathNodeUtils::getXSLTId function in ...)
+	TODO: check
+CVE-2011-1711
+	RESERVED
+CVE-2011-1710
+	RESERVED
+CVE-2011-1709
+	RESERVED
+CVE-2011-1708
+	RESERVED
+CVE-2011-1707
+	RESERVED
+CVE-2011-1706
+	RESERVED
+CVE-2011-1705
+	RESERVED
+CVE-2011-1704
+	RESERVED
+CVE-2011-1703
+	RESERVED
+CVE-2011-1702
+	RESERVED
+CVE-2011-1701
+	RESERVED
+CVE-2011-1700
+	RESERVED
+CVE-2011-1699
+	RESERVED
+CVE-2011-1698
+	RESERVED
+CVE-2011-1697
+	RESERVED
+CVE-2011-1696
+	RESERVED
+CVE-2011-1695
+	RESERVED
+CVE-2011-1694
+	RESERVED
+CVE-2011-1693
+	RESERVED
+CVE-2011-1692
+	RESERVED
 CVE-2011-XXXX [mediawiki XSS specific to IE6]
 	- mediawiki <unfixed> 
 CVE-2011-XXXX [mediawiki CSS validation error]
@@ -102,12 +146,12 @@
 	RESERVED
 CVE-2011-1656
 	RESERVED
-CVE-2011-1655
-	RESERVED
-CVE-2011-1654
-	RESERVED
-CVE-2011-1653
-	RESERVED
+CVE-2011-1655 (The management.asmx module in the Management Web Service in the
...)
+	TODO: check
+CVE-2011-1654 (Directory traversal vulnerability in the Heartbeat Web Service
in ...)
+	TODO: check
+CVE-2011-1653 (Multiple SQL injection vulnerabilities in the Unified Network
Control ...)
+	TODO: check
 CVE-2011-1652 (** DISPUTED ** The default configuration of Microsoft Windows 7
...)
 	NOT-FOR-US: Microsoft Windows 7
 CVE-2010-4784 (Multiple SQL injection vulnerabilities in member.php in PHP Web
...)
@@ -745,6 +789,7 @@
 CVE-2011-1426
 	RESERVED
 CVE-2011-1425 (xslt.c in XML Security Library (aka xmlsec) before 1.2.17, as
used in ...)
+	{DSA-2219-1}
 	- xmlsec1 1.2.14-1.1 (bug #620560)
 	NOTE: http://www.aleksey.com/xmlsec/news.html
 CVE-2011-1424
@@ -914,7 +959,7 @@
 	NOT-FOR-US: Internet Explorer
 CVE-2011-1345 (Microsoft Internet Explorer 6, 7, and 8 does not properly handle
...)
 	NOT-FOR-US: Internet Explorer
-CVE-2011-1344 (Unspecified vulnerability in WebKit, as used in Apple Safari
before ...)
+CVE-2011-1344 (Use-after-free vulnerability in WebKit, as used in Apple Safari
before ...)
 	- chromium-browser <undetermined>
 	- webkit <undetermined>
 CVE-2011-1343 (SQL injection vulnerability in the Web GUI in IBM Tivoli ...)
@@ -1005,16 +1050,14 @@
 	RESERVED
 CVE-2011-1303
 	RESERVED
-CVE-2011-1302
-	RESERVED
+CVE-2011-1302 (Heap-based buffer overflow in the GPU process in Google Chrome
before ...)
 	- chromium-browser 10.0.648.205~r81283-1
 	- webkit <undetermined>
-CVE-2011-1301
-	RESERVED
+CVE-2011-1301 (Use-after-free vulnerability in the GPU process in Google Chrome
...)
 	- chromium-browser 10.0.648.205~r81283-1
 	- webkit <undetermined>
-CVE-2011-1300
-	RESERVED
+CVE-2011-1300 (The GPU process in Google Chrome before 10.0.648.205 on Windows
allows ...)
+	TODO: check
 CVE-2011-1299
 	RESERVED
 CVE-2011-1298
@@ -2278,7 +2321,7 @@
 	NOT-FOR-US: HP Network Node Manager
 CVE-2011-0896 (Unspecified vulnerability in HP NFS/ONCplus B.11.31.10 and
earlier on ...)
 	NOT-FOR-US: HP-UX
-CVE-2011-0895 (Unspecified vulnerability in HP Network Node Manager i (NNMi)
9.0x ...)
+CVE-2011-0895 (Unspecified vulnerability in HP Network Node Manager i (NNMi)
9.0x and ...)
 	NOT-FOR-US: HP Network Node Manager
 CVE-2011-0894 (Unspecified vulnerability in HP Operations 9.10 on UNIX
platforms ...)
 	NOT-FOR-US: HP Operations
@@ -3065,7 +3108,7 @@
 	RESERVED
 CVE-2011-0612
 	RESERVED
-CVE-2011-0611 (Unspecified vulnerability in Adobe Flash Player 10.2.154.25 and
...)
+CVE-2011-0611 (Adobe Flash Player 10.2.153.1 and earlier for Windows,
Macintosh, ...)
 	NOT-FOR-US: Adobe Flash Player / Acrobat Reader
 CVE-2011-0610
 	RESERVED
@@ -4315,8 +4358,8 @@
 	RESERVED
 CVE-2011-0196
 	RESERVED
-CVE-2011-0195
-	RESERVED
+CVE-2011-0195 (The generate-id XPath function in libxslt in Apple iOS 4.3.x
before ...)
+	TODO: check
 CVE-2011-0194 (Integer overflow in ImageIO in Apple Mac OS X 10.6 before 10.6.7
...)
 	NOT-FOR-US: Apple Mac OS
 CVE-2011-0193 (Multiple buffer overflows in Image RAW in Apple Mac OS X before
10.6.7 ...)
@@ -4324,7 +4367,7 @@
 CVE-2011-0192 (Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly
other ...)
 	{DSA-2210-1}
 	- tiff 3.9.4-7
-CVE-2011-0191 (Buffer overflow in LibTIFF in ImageIO in Apple iTunes before
10.2 on ...)
+CVE-2011-0191 (Buffer overflow in LibTIFF 3.9.4 and possibly other versions, as
used ...)
 	{DSA-2210-1}
 	- tiff 3.9.4-1
 	NOTE: This might''ve been fixed earlier even
@@ -4584,7 +4627,7 @@
 	RESERVED
 CVE-2011-0099
 	RESERVED
-CVE-2011-0098 (Heap-based buffer overflow in Microsoft Excel 2002 SP3, 2003
SP3, 2007 ...)
+CVE-2011-0098 (Integer signedness error in Microsoft Excel 2002 SP3, 2003 SP3,
2007 ...)
 	NOT-FOR-US: Microsoft Excel
 CVE-2011-0097 (Integer overflow in Microsoft Excel 2002 SP3, 2003 SP3, 2007
SP2, and ...)
 	NOT-FOR-US: Microsoft Excel
Secure testing commits - Apr 2011 - r16543 - data/CVE

[Secure-testing-commits] r16543 - data/CVE
