thr3ads.net - Secure testing commits - [Secure-testing-commits] r17076

If this information is useful, please help other people find it:
Share via:
Joey Hess
2011-Aug-11 21:14 UTC
[Secure-testing-commits] r17076 - data/CVE

Author: joeyh
Date: 2011-08-11 21:14:18 +0000 (Thu, 11 Aug 2011)
New Revision: 17076

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2011-08-11 09:14:22 UTC (rev 17075)
+++ data/CVE/list	2011-08-11 21:14:18 UTC (rev 17076)
@@ -1,3 +1,23 @@
+CVE-2011-3130 (wp-includes/taxonomy.php in WordPress 3.1 before 3.1.3 and 3.2
before ...)
+	TODO: check
+CVE-2011-3129 (The file upload functionality WordPress 3.1 before 3.1.3 and 3.2
...)
+	TODO: check
+CVE-2011-3128 (WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 treats
unattached ...)
+	TODO: check
+CVE-2011-3127 (WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 does not
prevent ...)
+	TODO: check
+CVE-2011-3126 (WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 allows remote
...)
+	TODO: check
+CVE-2011-3125 (Unspecified vulnerability in WordPress 3.1 before 3.1.3 and 3.2
before ...)
+	TODO: check
+CVE-2011-3124 (IBM InfoSphere Information Server 8.5 and 8.5.0.1 on Unix and
Linux, ...)
+	TODO: check
+CVE-2011-3123 (IBM InfoSphere Information Server 8.5 and 8.5.0.1 on Unix and
Linux, ...)
+	TODO: check
+CVE-2011-3122 (Unspecified vulnerability in WordPress 3.1 before 3.1.3 and 3.2
before ...)
+	TODO: check
+CVE-2011-3121
+	RESERVED
 CVE-2011-3120
 	RESERVED
 CVE-2011-3119
@@ -240,10 +260,10 @@
 	TODO: check
 CVE-2011-XXXX [libencode-perl unspecified issue]
 	- libencode-perl 2.44-1
-CVE-2011-3007
-	RESERVED
-CVE-2011-3006
-	RESERVED
+CVE-2011-3007 (The myCIOScn ActiveX control (myCIOScn.dll) in McAfee SaaS
Endpoint ...)
+	TODO: check
+CVE-2011-3006 (The MyAsUtil ActiveX control in MyAsUtil5.2.0.603.dll in McAfee
SaaS ...)
+	TODO: check
 CVE-2011-3005
 	RESERVED
 CVE-2011-3004
@@ -1417,8 +1437,7 @@
 	- qemu-kvm 0.14.1+dfsg-2 (bug #631975)
 	- kvm <removed>
 	[lenny] - kvm <not-affected> (Vulnerability not present)
-CVE-2011-2511
-	RESERVED
+CVE-2011-2511 (Integer overflow in libvirt before 0.9.3 allows remote
authenticated ...)
 	{DSA-2280-1}
 	- libvirt 0.9.2-7 (bug #633630)
 CVE-2011-2510 (Cross-site scripting (XSS) vulnerability in the RSS embedding
feature ...)
@@ -1617,8 +1636,7 @@
 	RESERVED
 CVE-2011-2426
 	RESERVED
-CVE-2011-2425
-	RESERVED
+CVE-2011-2425 (Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X,
Linux, and ...)
 	NOT-FOR-US: Adobe Flash Player
 CVE-2011-2424
 	RESERVED
@@ -1634,16 +1652,13 @@
 	RESERVED
 CVE-2011-2418
 	RESERVED
-CVE-2011-2417
-	RESERVED
-CVE-2011-2416
-	RESERVED
+CVE-2011-2417 (Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X,
Linux, and ...)
+	TODO: check
+CVE-2011-2416 (Integer overflow in Adobe Flash Player before 10.3.183.5 on
Windows, ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-2415
-	RESERVED
+CVE-2011-2415 (Buffer overflow in Adobe Flash Player before 10.3.183.5 on
Windows, ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-2414
-	RESERVED
+CVE-2011-2414 (Buffer overflow in Adobe Flash Player before 10.3.183.5 on
Windows, ...)
 	NOT-FOR-US: Adobe Flash Player
 CVE-2011-2413
 	RESERVED
@@ -2331,8 +2346,7 @@
 	[squeeze] - icinga <not-affected> (Affected feature got introduced in
1.3.1)
 	[lenny] - icinga <not-affected> (Affected feature got introduced in
1.3.1)
 	NOTE: http://tracker.nagios.org/view.php?id=224
-CVE-2011-2178 [libvirt regression]
-	RESERVED
+CVE-2011-2178 (The virSecurityManagerGetPrivateData function in ...)
 	- libvirt 0.9.1-2 (bug #629128)
 	[squeeze] - libvirt <not-affected> (Introduced in 0.8.8)
 	[lenny] - libvirt <not-affected> (Introduced in 0.8.8)
@@ -2448,26 +2462,19 @@
 	NOT-FOR-US: IBM Datacap Taskmaster Capture
 CVE-2011-2141 (SQL injection vulnerability in TMWeb in IBM Datacap Taskmaster
Capture ...)
 	NOT-FOR-US: IBM Datacap Taskmaster Capture
-CVE-2011-2140
-	RESERVED
+CVE-2011-2140 (Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X,
Linux, and ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-2139
-	RESERVED
+CVE-2011-2139 (Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X,
Linux, and ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-2138
-	RESERVED
+CVE-2011-2138 (Integer overflow in Adobe Flash Player before 10.3.183.5 on
Windows, ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-2137
-	RESERVED
+CVE-2011-2137 (Buffer overflow in Adobe Flash Player before 10.3.183.5 on
Windows, ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-2136
-	RESERVED
+CVE-2011-2136 (Integer overflow in Adobe Flash Player before 10.3.183.5 on
Windows, ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-2135
-	RESERVED
+CVE-2011-2135 (Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X,
Linux, and ...)
 	NOT-FOR-US: Adobe Flash Player
-CVE-2011-2134
-	RESERVED
+CVE-2011-2134 (Buffer overflow in Adobe Flash Player before 10.3.183.5 on
Windows, ...)
 	NOT-FOR-US: Adobe Flash Player
 CVE-2011-2133
 	RESERVED
@@ -2475,8 +2482,7 @@
 	RESERVED
 CVE-2011-2131
 	RESERVED
-CVE-2011-2130
-	RESERVED
+CVE-2011-2130 (Buffer overflow in Adobe Flash Player before 10.3.183.5 on
Windows, ...)
 	NOT-FOR-US: Adobe Flash Player
 CVE-2011-2129
 	RESERVED
@@ -2781,46 +2787,46 @@
 	RESERVED
 CVE-2011-1980
 	RESERVED
-CVE-2011-1979
-	RESERVED
-CVE-2011-1978
-	RESERVED
-CVE-2011-1977
-	RESERVED
-CVE-2011-1976
-	RESERVED
-CVE-2011-1975
-	RESERVED
-CVE-2011-1974
-	RESERVED
+CVE-2011-1979 (Microsoft Visio 2003 SP3 and 2007 SP2 does not properly validate
...)
+	TODO: check
+CVE-2011-1978 (Microsoft .NET Framework 2.0 SP2, 3.5.1, and 4 does not properly
...)
+	TODO: check
+CVE-2011-1977 (The ASP.NET Chart controls in Microsoft .NET Framework 4, and
Chart ...)
+	TODO: check
+CVE-2011-1976 (Cross-site scripting (XSS) vulnerability in the Report Viewer
Control ...)
+	TODO: check
+CVE-2011-1975 (Untrusted search path vulnerability in the Data Access Tracing
...)
+	TODO: check
+CVE-2011-1974 (NDISTAPI.sys in the NDISTAPI driver in Remote Access Service
(RAS) in ...)
+	TODO: check
 CVE-2011-1973
 	RESERVED
-CVE-2011-1972
-	RESERVED
-CVE-2011-1971
-	RESERVED
-CVE-2011-1970
-	RESERVED
+CVE-2011-1972 (Microsoft Visio 2003 SP3, 2007 SP2, and 2010 Gold and SP1 does
not ...)
+	TODO: check
+CVE-2011-1971 (The kernel in Microsoft Windows Vista SP2, Windows Server 2008
SP2, ...)
+	TODO: check
+CVE-2011-1970 (The DNS server in Microsoft Windows Server 2003 SP2 and Windows
Server ...)
+	TODO: check
 CVE-2011-1969
 	RESERVED
-CVE-2011-1968
-	RESERVED
-CVE-2011-1967
-	RESERVED
-CVE-2011-1966
-	RESERVED
-CVE-2011-1965
-	RESERVED
-CVE-2011-1964
-	RESERVED
-CVE-2011-1963
-	RESERVED
-CVE-2011-1962
-	RESERVED
-CVE-2011-1961
-	RESERVED
-CVE-2011-1960
-	RESERVED
+CVE-2011-1968 (The Remote Desktop Protocol (RDP) implementation in Microsoft
Windows ...)
+	TODO: check
+CVE-2011-1967 (Winsrv.dll in the Client/Server Run-time Subsystem (aka CSRSS)
in the ...)
+	TODO: check
+CVE-2011-1966 (The DNS server in Microsoft Windows Server 2008 SP2, R2, and R2
SP1 ...)
+	TODO: check
+CVE-2011-1965 (Tcpip.sys in the TCP/IP stack in Microsoft Windows 7 Gold and
SP1 and ...)
+	TODO: check
+CVE-2011-1964 (Microsoft Internet Explorer 6 through 9 does not properly handle
...)
+	TODO: check
+CVE-2011-1963 (Microsoft Internet Explorer 7 through 9 does not properly handle
...)
+	TODO: check
+CVE-2011-1962 (Microsoft Internet Explorer 6 through 9 does not properly handle
...)
+	TODO: check
+CVE-2011-1961 (The telnet URI handler in Microsoft Internet Explorer 6 through
9 does ...)
+	TODO: check
+CVE-2011-1960 (Microsoft Internet Explorer 6 through 9 does not properly
implement ...)
+	TODO: check
 CVE-2011-1959 (The snoop_read function in wiretap/snoop.c in Wireshark 1.2.x
before ...)
 	{DSA-2274-1}
 	- wireshark 1.6.0-1 (unimportant; bug #630159)
@@ -3055,8 +3061,8 @@
 	NOT-FOR-US: Microsoft Windows
 CVE-2011-1872 (Hyper-V in Microsoft Windows Server 2008 Gold, SP2, R2, and R2
SP1 ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1871
-	RESERVED
+CVE-2011-1871 (Tcpip.sys in the TCP/IP stack in Microsoft Windows Vista SP2,
Windows ...)
+	TODO: check
 CVE-2011-1870 (Integer overflow in the Client/Server Run-time Subsystem (aka
CSRSS) ...)
 	NOT-FOR-US: MS Windows
 CVE-2011-1869 (The Distributed File System (DFS) implementation in Microsoft
Windows ...)
@@ -4846,8 +4852,8 @@
 	NOT-FOR-US: MS Windows
 CVE-2011-1264 (Cross-site scripting (XSS) vulnerability in Active Directory
...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2011-1263
-	RESERVED
+CVE-2011-1263 (Cross-site scripting (XSS) vulnerability in the logon page in
Remote ...)
+	TODO: check
 CVE-2011-1262 (Microsoft Internet Explorer 7 through 9 does not properly handle
...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2011-1261 (Microsoft Internet Explorer 6 through 9 does not properly handle
...)
@@ -4858,8 +4864,8 @@
 	RESERVED
 CVE-2011-1258 (Microsoft Internet Explorer 6 through 8 does not properly
restrict web ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2011-1257
-	RESERVED
+CVE-2011-1257 (Race condition in Microsoft Internet Explorer 6 through 8 allows
...)
+	TODO: check
 CVE-2011-1256 (Microsoft Internet Explorer 6 through 8 does not properly handle
...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2011-1255 (The Timed Interactive Multimedia Extensions (aka HTML+TIME) ...)
Secure testing commits - Aug 2011 - r17076 - data/CVE

[Secure-testing-commits] r17076 - data/CVE
