Author: joeyh Date: 2011-08-10 21:14:21 +0000 (Wed, 10 Aug 2011) New Revision: 17073 Modified: data/CVE/list Log: automatic update Modified: data/CVE/list ==================================================================--- data/CVE/list 2011-08-10 09:52:20 UTC (rev 17072) +++ data/CVE/list 2011-08-10 21:14:21 UTC (rev 17073) @@ -1,3 +1,243 @@ +CVE-2011-3120 + RESERVED +CVE-2011-3119 + RESERVED +CVE-2011-3118 + RESERVED +CVE-2011-3117 + RESERVED +CVE-2011-3116 + RESERVED +CVE-2011-3115 + RESERVED +CVE-2011-3114 + RESERVED +CVE-2011-3113 + RESERVED +CVE-2011-3112 + RESERVED +CVE-2011-3111 + RESERVED +CVE-2011-3110 + RESERVED +CVE-2011-3109 + RESERVED +CVE-2011-3108 + RESERVED +CVE-2011-3107 + RESERVED +CVE-2011-3106 + RESERVED +CVE-2011-3105 + RESERVED +CVE-2011-3104 + RESERVED +CVE-2011-3103 + RESERVED +CVE-2011-3102 + RESERVED +CVE-2011-3101 + RESERVED +CVE-2011-3100 + RESERVED +CVE-2011-3099 + RESERVED +CVE-2011-3098 + RESERVED +CVE-2011-3097 + RESERVED +CVE-2011-3096 + RESERVED +CVE-2011-3095 + RESERVED +CVE-2011-3094 + RESERVED +CVE-2011-3093 + RESERVED +CVE-2011-3092 + RESERVED +CVE-2011-3091 + RESERVED +CVE-2011-3090 + RESERVED +CVE-2011-3089 + RESERVED +CVE-2011-3088 + RESERVED +CVE-2011-3087 + RESERVED +CVE-2011-3086 + RESERVED +CVE-2011-3085 + RESERVED +CVE-2011-3084 + RESERVED +CVE-2011-3083 + RESERVED +CVE-2011-3082 + RESERVED +CVE-2011-3081 + RESERVED +CVE-2011-3080 + RESERVED +CVE-2011-3079 + RESERVED +CVE-2011-3078 + RESERVED +CVE-2011-3077 + RESERVED +CVE-2011-3076 + RESERVED +CVE-2011-3075 + RESERVED +CVE-2011-3074 + RESERVED +CVE-2011-3073 + RESERVED +CVE-2011-3072 + RESERVED +CVE-2011-3071 + RESERVED +CVE-2011-3070 + RESERVED +CVE-2011-3069 + RESERVED +CVE-2011-3068 + RESERVED +CVE-2011-3067 + RESERVED +CVE-2011-3066 + RESERVED +CVE-2011-3065 + RESERVED +CVE-2011-3064 + RESERVED +CVE-2011-3063 + RESERVED +CVE-2011-3062 + RESERVED +CVE-2011-3061 + RESERVED +CVE-2011-3060 + RESERVED +CVE-2011-3059 + RESERVED +CVE-2011-3058 + RESERVED +CVE-2011-3057 + RESERVED +CVE-2011-3056 + RESERVED +CVE-2011-3055 + RESERVED +CVE-2011-3054 + RESERVED +CVE-2011-3053 + RESERVED +CVE-2011-3052 + RESERVED +CVE-2011-3051 + RESERVED +CVE-2011-3050 + RESERVED +CVE-2011-3049 + RESERVED +CVE-2011-3048 + RESERVED +CVE-2011-3047 + RESERVED +CVE-2011-3046 + RESERVED +CVE-2011-3045 + RESERVED +CVE-2011-3044 + RESERVED +CVE-2011-3043 + RESERVED +CVE-2011-3042 + RESERVED +CVE-2011-3041 + RESERVED +CVE-2011-3040 + RESERVED +CVE-2011-3039 + RESERVED +CVE-2011-3038 + RESERVED +CVE-2011-3037 + RESERVED +CVE-2011-3036 + RESERVED +CVE-2011-3035 + RESERVED +CVE-2011-3034 + RESERVED +CVE-2011-3033 + RESERVED +CVE-2011-3032 + RESERVED +CVE-2011-3031 + RESERVED +CVE-2011-3030 + RESERVED +CVE-2011-3029 + RESERVED +CVE-2011-3028 + RESERVED +CVE-2011-3027 + RESERVED +CVE-2011-3026 + RESERVED +CVE-2011-3025 + RESERVED +CVE-2011-3024 + RESERVED +CVE-2011-3023 + RESERVED +CVE-2011-3022 + RESERVED +CVE-2011-3021 + RESERVED +CVE-2011-3020 + RESERVED +CVE-2011-3019 + RESERVED +CVE-2011-3018 + RESERVED +CVE-2011-3017 + RESERVED +CVE-2011-3016 + RESERVED +CVE-2011-3015 + RESERVED +CVE-2011-3014 (The Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through ...) + TODO: check +CVE-2011-3013 (WebAdmin in the Mobility Pack before 1.2 in Novell Data Synchronizer ...) + TODO: check +CVE-2011-3012 (The ioQuake3 engine, as used in World of Padman 1.2 and earlier, ...) + TODO: check +CVE-2011-3011 + RESERVED +CVE-2011-3010 + RESERVED +CVE-2011-3009 (Ruby before 1.8.6-p114 does not reset the random seed upon forking, ...) + TODO: check +CVE-2011-3008 (The default configuration of Avaya Secure Access Link (SAL) Gateway ...) + TODO: check +CVE-2008-7298 (The Android browser in Android cannot properly restrict modifications ...) + TODO: check +CVE-2008-7297 (Opera cannot properly restrict modifications to cookies established in ...) + TODO: check +CVE-2008-7296 (Apple Safari cannot properly restrict modifications to cookies ...) + TODO: check +CVE-2008-7295 (Microsoft Internet Explorer cannot properly restrict modifications to ...) + TODO: check +CVE-2008-7294 (Google Chrome before 4.0.211.0 cannot properly restrict modifications ...) + TODO: check +CVE-2008-7293 (Mozilla Firefox before 4 cannot properly restrict modifications to ...) + TODO: check +CVE-2008-7292 (Bugzilla 2.20.x before 2.20.5, 2.22.x before 2.22.3, and 3.0.x before ...) + TODO: check CVE-2011-XXXX [libencode-perl unspecified issue] - libencode-perl 2.44-1 CVE-2011-3007 @@ -56,14 +296,14 @@ RESERVED CVE-2011-2980 RESERVED -CVE-2011-2979 - RESERVED -CVE-2011-2978 - RESERVED -CVE-2011-2977 - RESERVED -CVE-2011-2976 - RESERVED +CVE-2011-2979 (Bugzilla 4.1.x before 4.1.3 generates different responses for certain ...) + TODO: check +CVE-2011-2978 (Bugzilla 2.16rc1 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before ...) + TODO: check +CVE-2011-2977 (Bugzilla 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x ...) + TODO: check +CVE-2011-2976 (Cross-site scripting (XSS) vulnerability in Bugzilla 2.16rc1 through ...) + TODO: check CVE-2011-2975 (Double free vulnerability in the msAddImageSymbol function in ...) TODO: check CVE-2011-2974 @@ -229,8 +469,8 @@ [squeeze] - xpdf <no-dsa> (zxpdf script is indeed affected, but it''s not associated with pdf handling by default, so not a concern for remote abuse) CVE-2011-2901 RESERVED -CVE-2011-2900 - RESERVED +CVE-2011-2900 (Stack-based buffer overflow in the (1) put_dir function in mongoose.c ...) + TODO: check CVE-2011-2899 RESERVED - foomatic-gui 0.7.9.5 (low) @@ -626,11 +866,9 @@ CVE-2011-2722 RESERVED - hplip <unfixed> (bug #635549; low) -CVE-2011-2721 [clamav: off-by-one] - RESERVED +CVE-2011-2721 (Off-by-one error in the cli_hm_scan function in matcher-hash.c in ...) - clamav 0.97.2+dfsg-1 (bug #635599) -CVE-2011-2720 [glpi: Insufficient blacklist] - RESERVED +CVE-2011-2720 (The autocompletion functionality in GLPI before 0.80.2 does not ...) - glpi 0.80.2-1 (bug #635544; unimportant) NOTE: Only supported behind an authenticated HTTP zone CVE-2011-2719 (libraries/auth/swekey/swekey.auth.lib.php in phpMyAdmin 3.x before ...) @@ -670,8 +908,7 @@ - linux-2.6 <not-affected> (xtensa arch not used in Debian) CVE-2011-2706 RESERVED -CVE-2011-2705 - RESERVED +CVE-2011-2705 (The SecureRandom.random_bytes function in lib/securerandom.rb in Ruby ...) - ruby1.8 <unfixed> (low; bug #635878) - ruby1.9 <unfixed> (low) - ruby1.9.1 <unfixed> (low) @@ -730,8 +967,7 @@ CVE-2011-2687 (Drupal 7.x before 7.3 allows remote attackers to bypass intended ...) - drupal7 7.4-1 (bug #633385) - drupal6 <not-affected> -CVE-2011-2686 - RESERVED +CVE-2011-2686 (Ruby before 1.8.7-p352 does not reset the random seed upon forking, ...) - ruby1.8 <unfixed> (low; bug #635878) - ruby1.9 <unfixed> (low) - ruby1.9.1 <unfixed> (low) @@ -923,7 +1159,7 @@ NOT-FOR-US: Opera CVE-2011-2609 (Opera before 11.50 does not properly restrict data: URIs, which makes ...) NOT-FOR-US: Opera -CVE-2011-2608 (ovbbccb.exe 6.20.50.0 and earlier in HP OpenView Performance Agent ...) +CVE-2011-2608 (ovbbccb.exe 6.20.50.0 and other versions in HP OpenView Performance ...) NOT-FOR-US: HP OpenView CVE-2011-2607 (Cross-site scripting (XSS) vulnerability in IBM Rational Team Concert ...) NOT-FOR-US: IBM Rational Team Concert @@ -982,12 +1218,12 @@ RESERVED CVE-2011-2592 RESERVED -CVE-2011-2591 - RESERVED -CVE-2011-2590 - RESERVED -CVE-2011-2589 - RESERVED +CVE-2011-2591 (Multiple buffer overflows in the Provideo ActiveX controls allow ...) + TODO: check +CVE-2011-2590 (The Play method in the UUPlayer ActiveX control 6.0.0.1 in UUSee 2010 ...) + TODO: check +CVE-2011-2589 (Heap-based buffer overflow in the SendLogAction method in the UUPlayer ...) + TODO: check CVE-2011-2588 (Heap-based buffer overflow in the AVI_ChunkRead_strf function in ...) - vlc 1.1.11-1 (bug #633675) CVE-2011-2587 (Heap-based buffer overflow in the DemuxAudioSipr function in real.c in ...) @@ -1465,12 +1701,12 @@ TODO: check CVE-2011-2384 RESERVED -CVE-2011-2381 - RESERVED -CVE-2011-2380 - RESERVED -CVE-2011-2379 - RESERVED +CVE-2011-2381 (CRLF injection vulnerability in Bugzilla 2.17.1 through 2.22.7, 3.0.x ...) + TODO: check +CVE-2011-2380 (Bugzilla 2.23.3 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before ...) + TODO: check +CVE-2011-2379 (Cross-site scripting (XSS) vulnerability in Bugzilla 2.4 through ...) + TODO: check CVE-2011-2378 RESERVED CVE-2011-2377 (Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, Thunderbird ...) @@ -1858,14 +2094,14 @@ RESERVED CVE-2011-2225 RESERVED -CVE-2011-2224 - RESERVED -CVE-2011-2223 - RESERVED -CVE-2011-2222 - RESERVED -CVE-2011-2221 - RESERVED +CVE-2011-2224 (The Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through ...) + TODO: check +CVE-2011-2223 (The Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through ...) + TODO: check +CVE-2011-2222 (Session fixation vulnerability in WebAdmin in the Mobility Pack before ...) + TODO: check +CVE-2011-2221 (The Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through ...) + TODO: check CVE-2011-2220 (Stack-based buffer overflow in NFREngine.exe in Novell File Reporter ...) NOT-FOR-US: Novell File Reporter CVE-2011-2219 @@ -4418,8 +4654,8 @@ RESERVED CVE-2011-1341 RESERVED -CVE-2011-1340 - RESERVED +CVE-2011-1340 (Cross-site scripting (XSS) vulnerability in ...) + TODO: check CVE-2011-1339 (Cross-site scripting (XSS) vulnerability in Google Search Appliance ...) NOT-FOR-US: Google Search Appliance CVE-2011-1338 (Untrusted search path vulnerability in XnView before 1.98.1 allows ...)