Author: joeyh Date: 2011-09-28 21:14:21 +0000 (Wed, 28 Sep 2011) New Revision: 17325 Modified: data/CVE/list Log: automatic update Modified: data/CVE/list ==================================================================--- data/CVE/list 2011-09-28 19:45:44 UTC (rev 17324) +++ data/CVE/list 2011-09-28 21:14:21 UTC (rev 17325) @@ -1,3 +1,103 @@ +CVE-2011-3865 (Cross-site scripting (XSS) vulnerability in the Black-LetterHead theme ...) + TODO: check +CVE-2011-3864 (Cross-site scripting (XSS) vulnerability in the The Erudite theme ...) + TODO: check +CVE-2011-3863 (Cross-site scripting (XSS) vulnerability in the RedLine theme before ...) + TODO: check +CVE-2011-3862 (Cross-site scripting (XSS) vulnerability in the Morning Coffee theme ...) + TODO: check +CVE-2011-3861 (Cross-site scripting (XSS) vulnerability in the Web Minimalist 200901 ...) + TODO: check +CVE-2011-3860 (Cross-site scripting (XSS) vulnerability in the Cover WP theme before ...) + TODO: check +CVE-2011-3859 (Cross-site scripting (XSS) vulnerability in the Trending theme before ...) + TODO: check +CVE-2011-3858 (Cross-site scripting (XSS) vulnerability in the Pixiv Custom theme ...) + TODO: check +CVE-2011-3857 (Cross-site scripting (XSS) vulnerability in the Antisnews theme before ...) + TODO: check +CVE-2011-3856 (Cross-site scripting (XSS) vulnerability in the Elegant Grunge theme ...) + TODO: check +CVE-2011-3855 (Cross-site scripting (XSS) vulnerability in the F8 Lite theme before ...) + TODO: check +CVE-2011-3854 (Cross-site scripting (XSS) vulnerability in the ZenLite theme before ...) + TODO: check +CVE-2011-3853 (Cross-site scripting (XSS) vulnerability in the Hybrid theme before ...) + TODO: check +CVE-2011-3852 (Cross-site scripting (XSS) vulnerability in the EvoLve theme before ...) + TODO: check +CVE-2011-3851 (Cross-site scripting (XSS) vulnerability in the News theme before 0.2 ...) + TODO: check +CVE-2011-3850 (Cross-site scripting (XSS) vulnerability in the Atahualpa theme before ...) + TODO: check +CVE-2011-3849 + RESERVED +CVE-2011-3848 + RESERVED +CVE-2011-3847 + RESERVED +CVE-2011-3846 + RESERVED +CVE-2011-3845 + RESERVED +CVE-2011-3844 + RESERVED +CVE-2011-3843 + RESERVED +CVE-2011-3842 + RESERVED +CVE-2011-3841 + RESERVED +CVE-2011-3840 + RESERVED +CVE-2011-3839 + RESERVED +CVE-2011-3838 + RESERVED +CVE-2011-3837 + RESERVED +CVE-2011-3836 + RESERVED +CVE-2011-3835 + RESERVED +CVE-2011-3834 + RESERVED +CVE-2011-3833 + RESERVED +CVE-2011-3832 + RESERVED +CVE-2011-3831 + RESERVED +CVE-2011-3830 + RESERVED +CVE-2011-3829 + RESERVED +CVE-2011-3828 + RESERVED +CVE-2011-3827 + RESERVED +CVE-2010-4852 (Cross-site scripting (XSS) vulnerability in login.php in Eclime 1.1.2b ...) + TODO: check +CVE-2010-4851 (Multiple SQL injection vulnerabilities in Eclime 1.1.2b allow remote ...) + TODO: check +CVE-2010-4850 (Multiple cross-site scripting (XSS) vulnerabilities in Diferior 8.03 ...) + TODO: check +CVE-2010-4849 (SQL injection vulnerability in countrydetails.php in Alibaba Clone B2B ...) + TODO: check +CVE-2010-4848 (Multiple cross-site scripting (XSS) vulnerabilities in addlink.php in ...) + TODO: check +CVE-2010-4847 (SQL injection vulnerability in view_item.php in MH Products MHP ...) + TODO: check +CVE-2010-4846 (SQL injection vulnerability in view_item.php in MH Products Pay Pal ...) + TODO: check +CVE-2010-4845 (Multiple SQL injection vulnerabilities in MH Products Projekt Shop ...) + TODO: check +CVE-2010-4844 (SQL injection vulnerability in content.php in MH Products Easy Online ...) + TODO: check +CVE-2010-4843 (SQL injection vulnerability in website-page.php in PHP Web Scripts Ad ...) + TODO: check +CVE-2010-4842 (SQL injection vulnerability in admin/login.php in MHP DownloadScript ...) + TODO: check CVE-2011-XXXX [http://www.mozilla.org/security/announce/2011/mfsa2011-45.html] - xulrunner <not-affected> (Only affects Firefox >= 4) - iceweasel 7.0-1 @@ -269,28 +369,28 @@ TODO: check CVE-2011-3695 (111WebCalendar 1.2.3 allows remote attackers to obtain sensitive ...) TODO: check -CVE-2011-3694 - RESERVED -CVE-2011-3693 - RESERVED -CVE-2011-3692 - RESERVED -CVE-2011-3691 - RESERVED -CVE-2011-3690 - RESERVED -CVE-2011-3689 - RESERVED -CVE-2011-3688 - RESERVED -CVE-2011-3687 - RESERVED -CVE-2011-3686 - RESERVED -CVE-2011-3685 - RESERVED -CVE-2011-3684 - RESERVED +CVE-2011-3694 (The Server Administration Console in NetSaro Enterprise Messenger ...) + TODO: check +CVE-2011-3693 (NetSaro Enterprise Messenger Server 2.0 allows local users to discover ...) + TODO: check +CVE-2011-3692 (NetSaro Enterprise Messenger Server 2.0 stores cleartext console ...) + TODO: check +CVE-2011-3691 (Untrusted search path vulnerability in Foxit Reader before 5.0.2.0718 ...) + TODO: check +CVE-2011-3690 (Untrusted search path vulnerability in PlotSoft PDFill PDF Editor 8.0 ...) + TODO: check +CVE-2011-3689 (Cross-site scripting (XSS) vulnerability in Licenses.html in ...) + TODO: check +CVE-2011-3688 (Multiple SQL injection vulnerabilities in Sonexis ConferenceManager ...) + TODO: check +CVE-2011-3687 (Multiple cross-site scripting (XSS) vulnerabilities in Sonexis ...) + TODO: check +CVE-2011-3686 (Multiple cross-site scripting (XSS) vulnerabilities in ...) + TODO: check +CVE-2011-3685 (Tembria Server Monitor before 6.0.5 Build 2252 uses a substitution ...) + TODO: check +CVE-2011-3684 (Multiple cross-site scripting (XSS) vulnerabilities in Tembria Server ...) + TODO: check CVE-2011-3683 RESERVED CVE-2011-3682 @@ -367,12 +467,12 @@ RESERVED CVE-2011-3646 RESERVED -CVE-2011-3645 - RESERVED -CVE-2010-4841 - RESERVED -CVE-2010-4840 - RESERVED +CVE-2011-3645 (Newgen OmniDocs allows remote attackers to bypass intended access ...) + TODO: check +CVE-2010-4841 (Multiple cross-site scripting (XSS) vulnerabilities in ManageEngine ...) + TODO: check +CVE-2010-4840 (Multiple buffer overflows in the Syslog server in ManageEngine ...) + TODO: check CVE-2011-XXXX [TYPO3-SA-2011-003] - typo3-src 4.5.6+dfsg1-1 (low; bug #641683) NOTE: CVE id requested on oss-security @@ -522,7 +622,8 @@ RESERVED CVE-2011-3578 (Cross-site scripting (XSS) vulnerability in ...) TODO: check -CVE-2004-2770 (The SSL protocol encrypts data by using CBC mode with chained ...) +CVE-2004-2770 + REJECTED TODO: check CVE-2011-3577 (IBM WebSphere Commerce 6.x through 6.0.0.11 and 7.x through 7.0.0.3 ...) TODO: check @@ -976,7 +1077,7 @@ - masqmail 0.2.30-1 (low; bug #638002) [lenny] - masqmail <no-dsa> (no security issue by itself) [squeeze] - masqmail <no-dsa> (no security issue by itself) -CVE-2011-3389 (Unspecified vulnerability in Opera before 11.51 has unknown attack ...) +CVE-2011-3389 (The SSL protocol encrypts data by using CBC mode with chained ...) NOT-FOR-US: Opera CVE-2011-3388 (Opera before 11.51 allows remote attackers to cause an insecure site ...) NOT-FOR-US: Opera