Author: jmm Date: 2011-09-12 07:48:28 +0000 (Mon, 12 Sep 2011) New Revision: 17215 Modified: data/CVE/list Log: mantis CVEfied Modified: data/CVE/list ==================================================================--- data/CVE/list 2011-09-12 07:45:36 UTC (rev 17214) +++ data/CVE/list 2011-09-12 07:48:28 UTC (rev 17215) @@ -11,11 +11,6 @@ NOT-FOR-US: IBM OpenAdmin Too CVE-2010-4833 (Untrusted search path vulnerability in ...) TODO: check -CVE-2011-XXXX [mantis multiple issues] - - mantis 1.2.7-1 (medium; bug #640297) - TODO: split into individual CVE ids after assignment - NOTE: requested CVE ids - NOTE: medium due to LFI CVE-2011-3350 [masqmail improper privilege dropping] RESERVED - masqmail <unfixed> (low; bug #638002) @@ -83,12 +78,15 @@ RESERVED CVE-2011-3359 RESERVED -CVE-2011-3358 +CVE-2011-3358 [XSS issues with unescaped os, os_build and platform] RESERVED -CVE-2011-3357 + - mantis 1.2.7-1 (low; bug #640297) +CVE-2011-3357 [LFI and XSS via bug_actiongroup_ext_page.php] RESERVED -CVE-2011-3356 + - mantis 1.2.7-1 (medium; bug #640297) +CVE-2011-3356 [XSS injection via PHP_SELF] RESERVED + - mantis 1.2.7-1 (low; bug #640297) CVE-2011-3355 RESERVED - evolution-data-server3 <unfixed>