Author: joeyh
Date: 2011-07-08 21:14:16 +0000 (Fri, 08 Jul 2011)
New Revision: 16916
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2011-07-08 09:14:21 UTC (rev 16915)
+++ data/CVE/list 2011-07-08 21:14:16 UTC (rev 16916)
@@ -1,3 +1,33 @@
+CVE-2011-2682 (The Login component in IBM Rational DOORS Web Access 1.4.x
before ...)
+ TODO: check
+CVE-2011-2681 (IBM Rational DOORS Web Access 1.4.x before 1.4.0.4 does not
properly ...)
+ TODO: check
+CVE-2011-2680 (Unspecified vulnerability in IBM Rational DOORS Web Access 1.4.x
...)
+ TODO: check
+CVE-2011-2679 (Cross-site scripting (XSS) vulnerability in IBM Rational DOORS
Web ...)
+ TODO: check
+CVE-2011-2678 (The Cisco VPN Client 5.0.7.0240 and 5.0.7.0290 on 64-bit Windows
...)
+ TODO: check
+CVE-2011-2677
+ RESERVED
+CVE-2011-2676
+ RESERVED
+CVE-2011-2675
+ RESERVED
+CVE-2011-2674
+ RESERVED
+CVE-2011-2673
+ RESERVED
+CVE-2011-2672
+ RESERVED
+CVE-2011-2671
+ RESERVED
+CVE-2011-2670
+ RESERVED
+CVE-2011-2669
+ RESERVED
+CVE-2011-2668
+ RESERVED
CVE-2011-XXXX [libreoffice lotus word pro filter, wrong object id cast ]
- libreoffice 1:3.3.3-1
- openoffice.org 1:3.3.0-1
@@ -175,8 +205,8 @@
- groff 1.20.1-5 (low; bug #538338)
[etch] - groff <not-affected> (pdfroff not yet present)
[lenny] - groff <not-affected> (pdfroff not yet present)
-CVE-2011-2597
- RESERVED
+CVE-2011-2597 (The Lucent/Ascend file parser in Wireshark 1.2.x before 1.2.18,
1.4.x ...)
+ TODO: check
CVE-2011-2596
RESERVED
CVE-2011-2595
@@ -1087,8 +1117,7 @@
RESERVED
CVE-2011-2193 (Multiple buffer overflows in Terascale Open-Source Resource and
Queue ...)
- torque <unfixed>
-CVE-2011-2192 [libcurl inappropriate GSSAPI delegation]
- RESERVED
+CVE-2011-2192 (The Curl_input_negotiate function in http_negotiate.c in libcurl
...)
{DSA-2271-1}
- curl 7.21.6-2 (high; bug #631615)
CVE-2011-2191
@@ -1792,8 +1821,8 @@
CVE-2011-1947 (fetchmail 5.9.9 through 6.3.19 does not properly limit the wait
time ...)
- fetchmail <unfixed> (unimportant)
NOTE:
http://gitorious.org/fetchmail/fetchmail/blobs/legacy_63/fetchmail-SA-2011-01.txt
-CVE-2011-1946
- RESERVED
+CVE-2011-1946 (gnomesu-pam-backend in libgnomesu 1.0.0 prints an error message
but ...)
+ TODO: check
CVE-2011-1945 (The elliptic curve cryptography (ECC) subsystem in OpenSSL
1.0.0d and ...)
- openssl <unfixed> (low)
CVE-2011-1944
@@ -1841,8 +1870,7 @@
- widelands 1:15-3 (low; bug #617960)
[squeeze] - widelands 1:15-3squeeze1
[lenny] - widelands <no-dsa> (Minor issue)
-CVE-2011-1931 [ffmpeg AMV out of array write]
- RESERVED
+CVE-2011-1931 (sp5xdec.c in the Sunplus SP5X JPEG decoder in libavcodec in
FFmpeg ...)
- libav 4:0.6.2-3 (bug #624339)
- ffmpeg <unfixed>
- ffmpeg-debian <removed>
@@ -3067,8 +3095,7 @@
{DSA-2222-1}
- tinyproxy 1.8.2-2 (bug #621493)
[lenny] - tinyproxy <not-affected> (Vulnerable code not present)
-CVE-2011-1498
- RESERVED
+CVE-2011-1498 (Apache HttpClient 4.x before 4.1.1 in Apache HttpComponents,
when used ...)
- httpcomponents-client 4.1.1-1 (bug #628727)
[squeeze] - httpcomponents-client <no-dsa> (Minor issue)
NOTE: http://seclists.org/oss-sec/2011/q2/188
@@ -3588,8 +3615,8 @@
RESERVED
CVE-2011-1337 (Opera before 11.50 allows remote attackers to cause a denial of
...)
TODO: check
-CVE-2011-1336
- RESERVED
+CVE-2011-1336 (Buffer overflow in ALZip 8.21 and earlier allows remote
attackers to ...)
+ TODO: check
CVE-2011-1335 (Cross-site scripting (XSS) vulnerability in Cybozu Office 6, 7,
and 8 ...)
TODO: check
CVE-2011-1334 (Cross-site scripting (XSS) vulnerability in Cybozu Office 6,
Cybozu ...)
@@ -3851,8 +3878,8 @@
- dokuwiki 0.0.20101107a-1 (low)
[squeeze] - dokuwiki <no-dsa> (Minor issue)
[lenny] - dokuwiki <no-dsa> (Minor issue)
-CVE-2011-1224
- RESERVED
+CVE-2011-1224 (IBM WebSphere MQ 6.0 before 6.0.2.11 and 7.0 before 7.0.1.5 does
not ...)
+ TODO: check
CVE-2011-1223
RESERVED
CVE-2011-1222