Secure testing commits - Aug 2011 - r17086 - data/CVE

Author: joeyh
Date: 2011-08-15 21:14:19 +0000 (Mon, 15 Aug 2011)
New Revision: 17086

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2011-08-15 14:48:21 UTC (rev 17085)
+++ data/CVE/list	2011-08-15 21:14:19 UTC (rev 17086)
@@ -1,3 +1,19 @@
+CVE-2011-3138 (The LTPA STS module support implementation in IBM Tivoli
Federated ...)
+	TODO: check
+CVE-2011-3137 (Unspecified vulnerability in the Management Console in IBM
Tivoli ...)
+	TODO: check
+CVE-2011-3136 (Unspecified vulnerability in the Management Console in IBM
Tivoli ...)
+	TODO: check
+CVE-2011-3135 (Unspecified vulnerability in the Runtime in IBM Tivoli Federated
...)
+	TODO: check
+CVE-2009-5085 (IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before
6.2.0.2, ...)
+	TODO: check
+CVE-2009-5084 (IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before
6.2.0.2, ...)
+	TODO: check
+CVE-2009-5083 (IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before
6.2.0.2, ...)
+	TODO: check
+CVE-2008-7299 (IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before
6.2.0.2 uses ...)
+	TODO: check
 CVE-2011-XXXX [Fix decode_xs n-byte heap-overflow security bug in Unicode.xs]
 	- perl 5.12.4-4
 CVE-2011-3134
@@ -1570,7 +1586,7 @@
 	NOTE: http://openwall.com/lists/oss-security/2011/06/20/2
 CVE-2011-2482
 	RESERVED
-CVE-2011-2481 
+CVE-2011-2481
 	RESERVED
 	- tomcat7 7.0.19-1
 CVE-2011-2480 [kfreebsd info disclosure]
@@ -1879,8 +1895,8 @@
 CVE-2011-2358 (Google Chrome before 13.0.782.107 does not ensure that extension
...)
 	- chromium-browser 13.0.782.107~r94237-1
 	- webkit <undetermined>
-CVE-2011-2357
-	RESERVED
+CVE-2011-2357 (Cross-application scripting vulnerability in the Browser URL
loading ...)
+	TODO: check
 CVE-2011-2356
 	RESERVED
 CVE-2011-2355
@@ -3051,8 +3067,8 @@
 	NOT-FOR-US: InduSoft Web Studio
 CVE-2011-1899 (Multiple cross-site scripting (XSS) vulnerabilities in CA
eHealth ...)
 	NOT-FOR-US: CA eHealth
-CVE-2011-1898
-	RESERVED
+CVE-2011-1898 (Xen 4.1 before 4.1.1 and 4.0 before 4.0.2, when using PCI
passthrough ...)
+	TODO: check
 CVE-2011-1897
 	RESERVED
 CVE-2011-1896
@@ -3931,8 +3947,8 @@
 	NOTE: an exploitation requires the ability to run mount.cifs w/ root privs
 CVE-2011-1584 (The updateFile function in inc/core/class.dc.media.php in the
Media ...)
 	- dotclear <itp> (bug #570139)
-CVE-2011-1583
-	RESERVED
+CVE-2011-1583 (Multiple integer overflows in tools/libxc/xc_dom_bzimageloader.c
in ...)
+	TODO: check
 CVE-2011-1582 (Apache Tomcat 7.0.12 and 7.0.13 processes the first request to a
...)
 	- tomcat6 <not-affected> (Only affects Tomcat 7)
 CVE-2011-1581 (The bond_select_queue function in
drivers/net/bonding/bond_main.c in ...)