Author: jmm Date: 2011-09-30 05:49:31 +0000 (Fri, 30 Sep 2011) New Revision: 17335 Modified: data/CVE/list Log: one mozilla issue CVEfied another one is duped Modified: data/CVE/list ==================================================================--- data/CVE/list 2011-09-29 21:14:22 UTC (rev 17334) +++ data/CVE/list 2011-09-30 05:49:31 UTC (rev 17335) @@ -1,7 +1,11 @@ CVE-2011-3867 (Integer underflow in Mozilla Firefox 3.6.x before 3.6.23 allows remote ...) - TODO: check + NOTE: Duplicate of CVE-2011-2998, contacted MITRE and oss-sec for revocation CVE-2011-3866 (Mozilla Firefox before 7.0 and SeaMonkey before 2.4 do not properly ...) - TODO: check + - xulrunner <not-affected> (Only affects Firefox >= 4) + - iceweasel 7.0-1 + [lenny] - iceweasel <not-affected> (Only affects Firefox >= 4) + [squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4) + - iceape <not-affected> (Only affects Firefox >= 4) CVE-2011-3865 (Cross-site scripting (XSS) vulnerability in the Black-LetterHead theme ...) TODO: check CVE-2011-3864 (Cross-site scripting (XSS) vulnerability in the The Erudite theme ...) @@ -103,13 +107,6 @@ TODO: check CVE-2010-4842 (SQL injection vulnerability in admin/login.php in MHP DownloadScript ...) TODO: check -CVE-2011-XXXX [http://www.mozilla.org/security/announce/2011/mfsa2011-45.html] - - xulrunner <not-affected> (Only affects Firefox >= 4) - - iceweasel 7.0-1 - [lenny] - iceweasel <not-affected> (Only affects Firefox >= 4) - [squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4) - - iceape <not-affected> (Only affects Firefox >= 4) - TODO: Request CVE ID on oss-sec CVE-2011-3826 (Zikula 1.2.4 allows remote attackers to obtain sensitive information ...) TODO: check CVE-2011-3825 (Zend Framework 1.11.3 in Zend Server CE 5.1.0 allows remote attackers ...)