thr3ads.net - Secure testing commits - [Secure-testing-commits] r16562

If this information is useful, please help other people find it:
Share via:
Joey Hess
2011-Apr-20 21:16 UTC
[Secure-testing-commits] r16562 - data/CVE

Author: joeyh
Date: 2011-04-20 21:16:01 +0000 (Wed, 20 Apr 2011)
New Revision: 16562

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2011-04-20 19:33:53 UTC (rev 16561)
+++ data/CVE/list	2011-04-20 21:16:01 UTC (rev 16562)
@@ -1,10 +1,158 @@
+CVE-2011-1789
+	RESERVED
+CVE-2011-1788
+	RESERVED
+CVE-2011-1787
+	RESERVED
+CVE-2011-1786
+	RESERVED
+CVE-2011-1785
+	RESERVED
+CVE-2011-1784
+	RESERVED
+CVE-2011-1783
+	RESERVED
+CVE-2011-1782
+	RESERVED
+CVE-2011-1781
+	RESERVED
+CVE-2011-1780
+	RESERVED
+CVE-2011-1779
+	RESERVED
+CVE-2011-1778
+	RESERVED
+CVE-2011-1777
+	RESERVED
+CVE-2011-1776
+	RESERVED
+CVE-2011-1775
+	RESERVED
+CVE-2011-1774
+	RESERVED
+CVE-2011-1773
+	RESERVED
+CVE-2011-1772
+	RESERVED
+CVE-2011-1771
+	RESERVED
+CVE-2011-1770
+	RESERVED
+CVE-2011-1769
+	RESERVED
+CVE-2011-1768
+	RESERVED
+CVE-2011-1767
+	RESERVED
+CVE-2011-1766
+	RESERVED
+CVE-2011-1765
+	RESERVED
+CVE-2011-1764
+	RESERVED
+CVE-2011-1763
+	RESERVED
+CVE-2011-1762
+	RESERVED
+CVE-2011-1761
+	RESERVED
+CVE-2011-1760
+	RESERVED
+CVE-2011-1759
+	RESERVED
+CVE-2011-1758
+	RESERVED
+CVE-2011-1757
+	RESERVED
+CVE-2011-1756
+	RESERVED
+CVE-2011-1755
+	RESERVED
+CVE-2011-1754
+	RESERVED
+CVE-2011-1753
+	RESERVED
+CVE-2011-1752
+	RESERVED
+CVE-2011-1751
+	RESERVED
+CVE-2011-1750
+	RESERVED
+CVE-2011-1749
+	RESERVED
+CVE-2011-1748
+	RESERVED
+CVE-2011-1747
+	RESERVED
+CVE-2011-1746
+	RESERVED
+CVE-2011-1745
+	RESERVED
+CVE-2011-1744
+	RESERVED
+CVE-2011-1743
+	RESERVED
+CVE-2011-1742
+	RESERVED
+CVE-2011-1741
+	RESERVED
+CVE-2011-1740
+	RESERVED
+CVE-2011-1739
+	RESERVED
+CVE-2011-1738
+	RESERVED
+CVE-2011-1737
+	RESERVED
+CVE-2011-1736
+	RESERVED
+CVE-2011-1735
+	RESERVED
+CVE-2011-1734
+	RESERVED
+CVE-2011-1733
+	RESERVED
+CVE-2011-1732
+	RESERVED
+CVE-2011-1731
+	RESERVED
+CVE-2011-1730
+	RESERVED
+CVE-2011-1729
+	RESERVED
+CVE-2011-1728
+	RESERVED
+CVE-2011-1727
+	RESERVED
+CVE-2011-1726
+	RESERVED
+CVE-2011-1725
+	RESERVED
+CVE-2011-1724
+	RESERVED
+CVE-2011-1723 (Cross-site scripting (XSS) vulnerability in ...)
+	TODO: check
+CVE-2011-1722 (Multiple SQL injection vulnerabilities in WEC Discussion Forum
...)
+	TODO: check
+CVE-2011-1721 (Cross-site request forgery (CSRF) vulnerability in ...)
+	TODO: check
+CVE-2011-1720
+	RESERVED
+CVE-2011-1719
+	RESERVED
+CVE-2011-1718
+	RESERVED
+CVE-2011-1716 (Multiple cross-site scripting (XSS) vulnerabilities in the Web
UI in ...)
+	TODO: check
+CVE-2009-5071 (Unspecified vulnerability in Palm Pre WebOS before 1.2.1 has
unknown ...)
+	TODO: check
 CVE-2011-XXXX
 	- libjifty-dbi-perl 0.68-1 (bug #622919)
-CVE-2011-1717
+CVE-2011-1717 (Skype for Android stores sensitive user data without encryption
in ...)
 	NOT-FOR-US: Skype for Android
-CVE-2011-1715
+CVE-2011-1715 (Directory traversal vulnerability in ...)
 	NOT-FOR-US: QooxDoo
-CVE-2011-1714
+CVE-2011-1714 (Cross-site scripting (XSS) vulnerability in ...)
 	NOT-FOR-US: QooxDoo
 CVE-2011-1713 (Microsoft msxml.dll, as used in Internet Explorer 8 on Windows
7, ...)
 	NOT-FOR-US: Microsoft
@@ -296,6 +444,7 @@
 	- wireshark 1.4.5-1 (unimportant)
 CVE-2011-1589 [mojoicous directory traversal]
 	RESERVED
+	{DSA-2221-1}
 	- libmojolicious-perl 1.16-1
 CVE-2011-1588
 	RESERVED
@@ -463,7 +612,7 @@
 	RESERVED
 CVE-2011-1526
 	RESERVED
-CVE-2011-1525 (Heap-based buffer overflow in rvrender.dll in RealPlayer
14.0.1.633 ...)
+CVE-2011-1525 (Heap-based buffer overflow in rvrender.dll in RealNetworks
RealPlayer ...)
 	NOT-FOR-US: RealPlayer
 CVE-2011-1524 (Cross-site scripting (XSS) vulnerability in the management login
GUI ...)
 	NOT-FOR-US: Symantec LiveUpdate Administrator 
@@ -471,6 +620,7 @@
 	RESERVED
 CVE-2011-1522
 	RESERVED
+	{DSA-2223-1}
 	- doctrine <unfixed> (bug #622674)
 CVE-2010-4777
 	RESERVED
@@ -484,8 +634,8 @@
 	NOT-FOR-US: Lotus Domino
 CVE-2011-1519 (The remote console in the Server Controller in IBM Lotus Domino
7.x ...)
 	NOT-FOR-US: Lotus Domino
-CVE-2011-1518
-	RESERVED
+CVE-2011-1518 (Multiple cross-site scripting (XSS) vulnerabilities in Open
Ticket ...)
+	TODO: check
 CVE-2011-1521 [python urllib]
 	RESERVED
 	- python2.7 <unfixed>
@@ -559,14 +709,14 @@
 	- pithos 0.3.8-1 (low)
 CVE-2011-1499
 	RESERVED
+	{DSA-2222-1}
 	- tinyproxy 1.8.2-2 (bug #621493)
 	[lenny] - tinyproxy <not-affected> (Vulnerable code not present)
 CVE-2011-1498
 	RESERVED
 CVE-2011-1497
 	RESERVED
-CVE-2011-1496 [tmux not properly dropping privileges]
-	RESERVED
+CVE-2011-1496 (tmux 1.3 and 1.4 does not properly drop group privileges, which
allows ...)
 	{DSA-2212-1}
 	- tmux 1.4-6 (bug #620304)
 	NOTE: CVE id requested
@@ -818,8 +968,7 @@
 	NOT-FOR-US: WeeChat
 CVE-2011-1427 (Multiple cross-site scripting (XSS) vulnerabilities in Kodak
InSite ...)
 	NOT-FOR-US: Kodak InSite
-CVE-2011-1426
-	RESERVED
+CVE-2011-1426 (The OpenURLInDefaultBrowser method in RealNetworks RealPlayer
11.0 ...)
 	NOT-FOR-US: RealNetworks RealPlayer
 CVE-2011-1425 (xslt.c in XML Security Library (aka xmlsec) before 1.2.17, as
used in ...)
 	{DSA-2219-1}
@@ -839,7 +988,7 @@
 	- tomcat6 <not-affected> (Only affects Tomcat 7)
 CVE-2011-1418 (The stateless address autoconfiguration (aka SLAAC)
functionality in ...)
 	NOT-FOR-US: Apple iOS
-CVE-2011-1417 (QuickLook, as used in Apple Mac OS X before 10.6.7 and
MobileSafari in ...)
+CVE-2011-1417 (Integer overflow in QuickLook, as used in Apple Mac OS X before
10.6.7 ...)
 	NOT-FOR-US: QuickLook,
 CVE-2011-1416 (The Research In Motion (RIM) BlackBerry Torch 9800 with firmware
...)
 	NOT-FOR-US: BlackBerry
@@ -1427,8 +1576,7 @@
 CVE-2011-1180
 	RESERVED
 	- linux-2.6 <unfixed>
-CVE-2011-1179
-	RESERVED
+CVE-2011-1179 (The SPICE Firefox plug-in (spice-xpi) 2.4, 2.3, 2.2, and
possibly ...)
 	NOT-FOR-US: SPICE Firefox plug-in
 CVE-2011-1178
 	RESERVED
@@ -1460,8 +1608,7 @@
 	- linux-2.6 <unfixed>
 	[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.35)
 	[squeeze] - linux-2.6 <not-affected> (Introduced in 2.6.35)
-CVE-2011-1168
-	RESERVED
+CVE-2011-1168 (Cross-site scripting (XSS) vulnerability in the
KHTMLPart::htmlError ...)
 	- kde4libs 4:4.4.5-4 (low)
 	[squeeze] - kde4libs <no-dsa> (Minor issue)
 	[lenny] - kde4libs <no-dsa> (Minor issue)
@@ -2093,8 +2240,8 @@
 	TODO: check
 CVE-2011-0989 (The RuntimeHelpers.InitializeArray method in metadata/icall.c in
Mono, ...)
 	TODO: check
-CVE-2011-0988
-	RESERVED
+CVE-2011-0988 (pure-ftpd 1.0.22, as used in SUSE Linux Enterprise Server 10 SP3
and ...)
+	TODO: check
 CVE-2010-4733 (WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP
Gateway ...)
 	NOT-FOR-US: WebSCADA
 CVE-2010-4732 (cgi-bin/read.cgi in WebSCADA WS100 and WS200, Easy Connect
EC150, ...)
@@ -2424,94 +2571,94 @@
 	RESERVED
 CVE-2011-0862
 	RESERVED
-CVE-2011-0861
-	RESERVED
-CVE-2011-0860
-	RESERVED
-CVE-2011-0859
-	RESERVED
-CVE-2011-0858
-	RESERVED
-CVE-2011-0857
-	RESERVED
-CVE-2011-0856
-	RESERVED
-CVE-2011-0855
-	RESERVED
-CVE-2011-0854
-	RESERVED
-CVE-2011-0853
-	RESERVED
+CVE-2011-0861 (Unspecified vulnerability in Oracle PeopleSoft Enterprise HRMS
9.0 ...)
+	TODO: check
+CVE-2011-0860 (Unspecified vulnerability in Oracle PeopleSoft Enterprise HRMS
9.0 ...)
+	TODO: check
+CVE-2011-0859 (Unspecified vulnerability in Oracle PeopleSoft Enterprise HRMS
9.0 Tax ...)
+	TODO: check
+CVE-2011-0858 (Unspecified vulnerability in Oracle PeopleSoft Enterprise HRMS
9.0 ...)
+	TODO: check
+CVE-2011-0857 (Unspecified vulnerability in Oracle PeopleSoft Enterprise HRMS
9.0 ...)
+	TODO: check
+CVE-2011-0856 (Unspecified vulnerability in Oracle PeopleSoft Enterprise 8.49
GA ...)
+	TODO: check
+CVE-2011-0855 (Unspecified vulnerability in the InForm component in Oracle
Industry ...)
+	TODO: check
+CVE-2011-0854 (Unspecified vulnerability in Oracle PeopleSoft Enterprise HRMS
9.1 ...)
+	TODO: check
+CVE-2011-0853 (Unspecified vulnerability in Oracle PeopleSoft Enterprise HRMS
9.0 ...)
+	TODO: check
 CVE-2011-0852
 	RESERVED
-CVE-2011-0851
-	RESERVED
-CVE-2011-0850
-	RESERVED
-CVE-2011-0849
-	RESERVED
+CVE-2011-0851 (Unspecified vulnerability in Oracle PeopleSoft Enterprise ELS
9.0 ...)
+	TODO: check
+CVE-2011-0850 (Unspecified vulnerability in Oracle PeopleSoft Enterprise CRM
8.9 ...)
+	TODO: check
+CVE-2011-0849 (Unspecified vulnerability in Oracle Java Dynamic Management Kit
5.1 ...)
+	TODO: check
 CVE-2011-0848
 	RESERVED
-CVE-2011-0847
-	RESERVED
-CVE-2011-0846
-	RESERVED
+CVE-2011-0847 (Unspecified vulnerability in the OpenSSO Enterprise and Sun Java
...)
+	TODO: check
+CVE-2011-0846 (Unspecified vulnerability in the Oracle Sun Java System Access
Manager ...)
+	TODO: check
 CVE-2011-0845
 	RESERVED
-CVE-2011-0844
-	RESERVED
-CVE-2011-0843
-	RESERVED
+CVE-2011-0844 (Unspecified vulnerability in the OpenSSO Enterprise and Sun Java
...)
+	TODO: check
+CVE-2011-0843 (Unspecified vulnerability in the Siebel CRM Core component in
Oracle ...)
+	TODO: check
 CVE-2011-0842
 	RESERVED
-CVE-2011-0841
-	RESERVED
-CVE-2011-0840
-	RESERVED
-CVE-2011-0839
-	RESERVED
+CVE-2011-0841 (Unspecified vulnerability in Oracle Solaris 11 Express allows
remote ...)
+	TODO: check
+CVE-2011-0840 (Unspecified vulnerability in Oracle PeopleSoft Enterprise
PeopleTools ...)
+	TODO: check
+CVE-2011-0839 (Unspecified vulnerability in Oracle Solaris 9, 10, and 11
Express ...)
+	TODO: check
 CVE-2011-0838
 	RESERVED
-CVE-2011-0837
-	RESERVED
-CVE-2011-0836
-	RESERVED
+CVE-2011-0837 (Unspecified vulnerability in the Agile Technology Platform
component ...)
+	TODO: check
+CVE-2011-0836 (Unspecified vulnerability in Oracle JD Edwards EnterpriseOne
Tools 8.9 ...)
+	TODO: check
 CVE-2011-0835
 	RESERVED
-CVE-2011-0834
-	RESERVED
-CVE-2011-0833
-	RESERVED
+CVE-2011-0834 (Unspecified vulnerability in the Siebel CRM Core component in
Oracle ...)
+	TODO: check
+CVE-2011-0833 (Unspecified vulnerability in the Siebel CRM Core component in
Oracle ...)
+	TODO: check
 CVE-2011-0832
 	RESERVED
 CVE-2011-0831
 	RESERVED
 CVE-2011-0830
 	RESERVED
-CVE-2011-0829
-	RESERVED
-CVE-2011-0828
-	RESERVED
-CVE-2011-0827
-	RESERVED
-CVE-2011-0826
-	RESERVED
-CVE-2011-0825
-	RESERVED
-CVE-2011-0824
-	RESERVED
-CVE-2011-0823
-	RESERVED
+CVE-2011-0829 (Unspecified vulnerability in Oracle Solaris 10 and 11 Express
allows ...)
+	TODO: check
+CVE-2011-0828 (Unspecified vulnerability in Oracle PeopleSoft Enterprise 8.8
Bundle ...)
+	TODO: check
+CVE-2011-0827 (Unspecified vulnerability in the PeopleSoft Enterprise component
in ...)
+	TODO: check
+CVE-2011-0826 (Unspecified vulnerability in Oracle PeopleSoft Enterprise 8.8
Bundle ...)
+	TODO: check
+CVE-2011-0825 (Unspecified vulnerability in Oracle JD Edwards EnterpriseOne
Tools 8.9 ...)
+	TODO: check
+CVE-2011-0824 (Unspecified vulnerability in Oracle JD Edwards EnterpriseOne
Tools 8.9 ...)
+	TODO: check
+CVE-2011-0823 (Unspecified vulnerability in Oracle JD Edwards EnterpriseOne
Tools 8.9 ...)
+	TODO: check
 CVE-2011-0822
 	RESERVED
-CVE-2011-0821
-	RESERVED
-CVE-2011-0820
-	RESERVED
-CVE-2011-0819
-	RESERVED
-CVE-2011-0818
-	RESERVED
+CVE-2011-0821 (Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows
local ...)
+	TODO: check
+CVE-2011-0820 (Unspecified vulnerability in Oracle Solaris 10, and 11 Express
allows ...)
+	TODO: check
+CVE-2011-0819 (Unspecified vulnerability in Oracle JD Edwards EnterpriseOne
Tools 8.9 ...)
+	TODO: check
+CVE-2011-0818 (Unspecified vulnerability in Oracle JD Edwards EnterpriseOne
Tools 8.9 ...)
+	TODO: check
 CVE-2011-0817
 	RESERVED
 CVE-2011-0816
@@ -2520,64 +2667,64 @@
 	RESERVED
 CVE-2011-0814
 	RESERVED
-CVE-2011-0813
-	RESERVED
-CVE-2011-0812
-	RESERVED
+CVE-2011-0813 (Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11
Express ...)
+	TODO: check
+CVE-2011-0812 (Unspecified vulnerability in the Solaris component in Oracle
Solaris ...)
+	TODO: check
 CVE-2011-0811
 	RESERVED
-CVE-2011-0810
-	RESERVED
-CVE-2011-0809
-	RESERVED
-CVE-2011-0808
-	RESERVED
-CVE-2011-0807
-	RESERVED
-CVE-2011-0806
-	RESERVED
-CVE-2011-0805
-	RESERVED
-CVE-2011-0804
-	RESERVED
-CVE-2011-0803
-	RESERVED
+CVE-2011-0810 (Unspecified vulnerability Oracle JD Edwards EnterpriseOne Tools
8.9 GA ...)
+	TODO: check
+CVE-2011-0809 (Unspecified vulnerability in the Web ADI component in Oracle
...)
+	TODO: check
+CVE-2011-0808 (Unspecified vulnerability in the Oracle Outside In Technology
...)
+	TODO: check
+CVE-2011-0807 (Unspecified vulnerability in Oracle Sun GlassFish Enterprise
Server ...)
+	TODO: check
+CVE-2011-0806 (Unspecified vulnerability in the Network Foundation component in
...)
+	TODO: check
+CVE-2011-0805 (Unspecified vulnerability in the UIX component in Oracle
Database ...)
+	TODO: check
+CVE-2011-0804 (Unspecified vulnerability in the Database Vault component in
Oracle ...)
+	TODO: check
+CVE-2011-0803 (Unspecified vulnerability in the JD Edwards EnterpriseOne Tools
...)
+	TODO: check
 CVE-2011-0802
 	RESERVED
-CVE-2011-0801
-	RESERVED
-CVE-2011-0800
-	RESERVED
-CVE-2011-0799
-	RESERVED
-CVE-2011-0798
-	RESERVED
-CVE-2011-0797
-	RESERVED
-CVE-2011-0796
-	RESERVED
-CVE-2011-0795
-	RESERVED
-CVE-2011-0794
-	RESERVED
-CVE-2011-0793
-	RESERVED
-CVE-2011-0792
-	RESERVED
-CVE-2011-0791
-	RESERVED
-CVE-2011-0790
-	RESERVED
-CVE-2011-0789
-	RESERVED
+CVE-2011-0801 (Unspecified vulnerability in Oracle Solaris 10 and 11 Express
allows ...)
+	TODO: check
+CVE-2011-0800 (Unspecified vulnerability in the Solaris component in Oracle
Solaris ...)
+	TODO: check
+CVE-2011-0799 (Unspecified vulnerability in the Oracle Warehouse Builder
component in ...)
+	TODO: check
+CVE-2011-0798 (Unspecified vulnerability in the Portal component in Oracle
Fusion ...)
+	TODO: check
+CVE-2011-0797 (Unspecified vulnerability in the Applications Install component
in ...)
+	TODO: check
+CVE-2011-0796 (Unspecified vulnerability in the Applications Install component
in ...)
+	TODO: check
+CVE-2011-0795 (Unspecified vulnerability in the Single Sign On component in
Oracle ...)
+	TODO: check
+CVE-2011-0794 (Unspecified vulnerability in the Oracle Outside In Technology
...)
+	TODO: check
+CVE-2011-0793 (Unspecified vulnerability in the Database Vault component in
Oracle ...)
+	TODO: check
+CVE-2011-0792 (Unspecified vulnerability in the Oracle Warehouse Builder
component in ...)
+	TODO: check
+CVE-2011-0791 (Unspecified vulnerability in the Application Object Library
component ...)
+	TODO: check
+CVE-2011-0790 (Unspecified vulnerability in Oracle Solaris 9 and 10 allows
local ...)
+	TODO: check
+CVE-2011-0789 (Unspecified vulnerability in the Oracle HTTP Server component in
...)
+	TODO: check
 CVE-2011-0788
 	RESERVED
-CVE-2011-0787
-	RESERVED
+CVE-2011-0787 (Unspecified vulnerability in the Application Service Level
Management ...)
+	TODO: check
 CVE-2011-0786
 	RESERVED
-CVE-2011-0785
-	RESERVED
+CVE-2011-0785 (Unspecified vulnerability in the Oracle Help component in Oracle
...)
+	TODO: check
 CVE-2011-0784 (Race condition in Google Chrome before 9.0.597.84 allows remote
...)
 	- chromium-browser 9.0.597.84~r72991-1
 	[squeeze] - chromium-browser <not-affected>
@@ -3543,7 +3690,7 @@
 	NOT-FOR-US: Google Picasa
 CVE-2011-0457 (Cross-site scripting (XSS) vulnerability in e107 0.7.22 and
earlier ...)
 	NOT-FOR-US: e107
-CVE-2011-0456 (Open Ticket Request System (OTRS) 2.3.4 and earlier allows
remote ...)
+CVE-2011-0456 (webscript.pl in Open Ticket Request System (OTRS) 2.3.4 and
earlier ...)
 	TODO: check
 CVE-2011-0455 (Cross-site scripting (XSS) vulnerability in Things BBS before
2.0.3 ...)
 	NOT-FOR-US: Things BBS
@@ -3675,8 +3822,8 @@
 	- dhcp <not-affected> (vuln code introduced in 4.0)
 	NOTE: maintainer is aware
 	NOTE: http://www.isc.org/software/dhcp/advisories/cve-2011-0413
-CVE-2011-0412
-	RESERVED
+CVE-2011-0412 (Oracle Solaris 8, 9, and 10 stores back-out patch files (undo.Z)
...)
+	TODO: check
 CVE-2011-0411 (The STARTTLS implementation in Postfix 2.4.x before 2.4.16,
2.5.x ...)
 	TODO: lots of various other packages potentially affected, need to check them,
see http://www.kb.cert.org/vuls/id/555316
 	- postfix 2.8.0-1
@@ -3933,8 +4080,7 @@
 	RESERVED
 CVE-2011-0287
 	RESERVED
-CVE-2011-0286
-	RESERVED
+CVE-2011-0286 (Cross-site scripting (XSS) vulnerability in webdesktop/app in
the ...)
 	NOT-FOR-US: BlackBerry Enterprise Server
 CVE-2010-4692 (Unspecified vulnerability on Cisco Adaptive Security Appliances
(ASA) ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliances
@@ -4665,13 +4811,13 @@
 	RESERVED
 CVE-2011-0098 (Integer signedness error in Microsoft Excel 2002 SP3, 2003 SP3,
2007 ...)
 	NOT-FOR-US: Microsoft Excel
-CVE-2011-0097 (Integer overflow in Microsoft Excel 2002 SP3, 2003 SP3, 2007
SP2, and ...)
+CVE-2011-0097 (Integer underflow in Microsoft Excel 2002 SP3, 2003 SP3, 2007
SP2, and ...)
 	NOT-FOR-US: Microsoft Excel
 CVE-2011-0096 (The MHTML protocol handler in Microsoft Windows XP SP2 and SP3,
...)
 	NOT-FOR-US: Microsoft mhtml
 CVE-2011-0095
 	RESERVED
-CVE-2011-0094 (Microsoft Internet Explorer 6 and 7 does not properly handle
objects ...)
+CVE-2011-0094 (Use-after-free vulnerability in Microsoft Internet Explorer 6
and 7 ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2011-0093 (ELEMENTS.DLL in Microsoft Visio 2002 SP2, 2003 SP3, and 2007 SP2
does ...)
 	NOT-FOR-US: Microsoft Visio
@@ -5194,8 +5340,7 @@
 	[lenny] - tomcat5.5 <no-dsa> (Minor issue)
 	- tomcat6 6.0.28-10 (bug #612257)
 	[lenny] - tomcat6 <not-affected> (Only ships the servlet package)
-CVE-2011-0012
-	RESERVED
+CVE-2011-0012 (The SPICE Firefox plug-in (spice-xpi) 2.4, 2.3, 2.2, and
possibly ...)
 	NOT-FOR-US: SPICE Firefox plug-in
 CVE-2011-0011 [qemu-kvm: Setting VNC password to empty string silently disables
all authentication]
 	RESERVED
@@ -5995,8 +6140,7 @@
 	NOT-FOR-US: Camtron, TecVoz
 CVE-2010-4230 (Stack-based buffer overflow in a certain ActiveX control for the
...)
 	NOT-FOR-US: Camtron, TecVoz
-CVE-2010-4229
-	RESERVED
+CVE-2010-4229 (Directory traversal vulnerability in an unspecified servlet in
the ...)
 	NOT-FOR-US: Novell ZENworks Configuration Management
 CVE-2010-4228 (Stack-based buffer overflow in NWFTPD.NLM before 5.10.02 in the
FTP ...)
 	NOT-FOR-US: Novell NetWare
@@ -14650,8 +14794,7 @@
 CVE-2010-1172 (DBus-GLib 0.73 disregards the access flag of exported GObject
...)
 	- dbus-glib 0.88-1 (low; bug #592753)
 	[lenny] - dbus-glib <no-dsa> (Minor issue)
-CVE-2010-1171
-	RESERVED
+CVE-2010-1171 (Red Hat Network (RHN) Satellite 5.3 and 5.4 exposes a dangerous,
...)
 	NOT-FOR-US: Red Hat Network Satellite Server
 CVE-2010-1170 (The PL/Tcl implementation in PostgreSQL 7.4 before 7.4.29, 8.0
before ...)
 	{DSA-2051-1}
@@ -30506,8 +30649,7 @@
 	- strongswan 4.2.14-1 (medium; bug #521950)
 CVE-2009-0789 (OpenSSL before 0.9.8k on WIN64 and certain other platforms does
not ...)
 	- openssl <not-affected> (only non-Debian architectures affected)
-CVE-2009-0788
-	RESERVED
+CVE-2009-0788 (Red Hat Network (RHN) Satellite Server 5.3 and 5.4 does not
properly ...)
 	NOT-FOR-US: Red Hat Network Satellite Server
 CVE-2009-0787 (The ecryptfs_write_metadata_to_contents function in the eCryptfs
...)
 	- linux-2.6 2.6.29-1 (medium; bug #529326)
Secure testing commits - Apr 2011 - r16562 - data/CVE

[Secure-testing-commits] r16562 - data/CVE
