Author: joeyh
Date: 2011-10-04 21:14:31 +0000 (Tue, 04 Oct 2011)
New Revision: 17367
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2011-10-04 20:19:16 UTC (rev 17366)
+++ data/CVE/list 2011-10-04 21:14:31 UTC (rev 17367)
@@ -1,3 +1,17 @@
+CVE-2011-3981 (PHP remote file inclusion vulnerability in actions.php in the
...)
+ TODO: check
+CVE-2011-3980 (Unspecified vulnerability in the Drag Drop Mass Upload ...)
+ TODO: check
+CVE-2011-3979 (Cross-site scripting (XSS) vulnerability in ...)
+ TODO: check
+CVE-2011-3978 (Multiple cross-site scripting (XSS) vulnerabilities in
LightNEasy.php ...)
+ TODO: check
+CVE-2011-3977 (Unspecified vulnerability in nxconfigure.sh in NoMachine NX Node
3.x ...)
+ TODO: check
+CVE-2011-3976 (Stack-based buffer overflow in AmmSoft ScriptFTP 3.3 allows
remote FTP ...)
+ TODO: check
+CVE-2011-3975 (A certain HTC update for Android 2.3.4 build GRJ22, when the
Sense ...)
+ TODO: check
CVE-2011-3974 (Integer signedness error in the decode_residual_inter function
in ...)
- libav 4:0.7.1-7 (bug #641478)
- ffmpeg <removed>
@@ -361,7 +375,7 @@
TODO: check
CVE-2011-3815 (WeBid 1.0.0 allows remote attackers to obtain sensitive
information ...)
TODO: check
-CVE-2011-3814 (WebCaLendar 1.2.3 allows remote attackers to obtain sensitive
...)
+CVE-2011-3814 (WebCalendar 1.2.3 allows remote attackers to obtain sensitive
...)
- webcalendar <removed> (unimportant)
CVE-2011-3813 (Virtual War (aka VWar) 1.5.0r15 allows remote attackers to
obtain ...)
TODO: check
@@ -1307,8 +1321,7 @@
NOT-FOR-US: Phorum
CVE-2011-3391 (IBM Rational Build Forge 7.1.2 relies on client-side JavaScript
code ...)
NOT-FOR-US: IBM Rational Build Forge
-CVE-2011-3354 [quassel ctcp DoS]
- RESERVED
+CVE-2011-3354 (The CtcpParser::packedReply method in core/ctcpparser.cpp in
Quassel ...)
- quassel 0.7.3-1 (low; bug #640960)
[squeeze] - quassel <no-dsa> (Minor issue)
NOTE:
http://git.quassel-irc.org/?p=quassel.git;a=commit;h=da215fcb9cd3096a3e223c87577d5d4ab8f8518b
@@ -1583,32 +1596,32 @@
RESERVED
CVE-2011-3283
RESERVED
-CVE-2011-3282
- RESERVED
-CVE-2011-3281
- RESERVED
-CVE-2011-3280
- RESERVED
-CVE-2011-3279
- RESERVED
-CVE-2011-3278
- RESERVED
-CVE-2011-3277
- RESERVED
-CVE-2011-3276
- RESERVED
-CVE-2011-3275
- RESERVED
-CVE-2011-3274
- RESERVED
-CVE-2011-3273
- RESERVED
-CVE-2011-3272
- RESERVED
-CVE-2011-3271
- RESERVED
-CVE-2011-3270
- RESERVED
+CVE-2011-3282 (Unspecified vulnerability in Cisco IOS 12.2SRE before
12.2(33)SRE4, ...)
+ TODO: check
+CVE-2011-3281 (Unspecified vulnerability in Cisco IOS 15.0 through 15.1, in
certain ...)
+ TODO: check
+CVE-2011-3280 (Memory leak in the NAT implementation in Cisco IOS 12.1 through
12.4 ...)
+ TODO: check
+CVE-2011-3279 (The provider-edge MPLS NAT implementation in Cisco IOS 12.1
through ...)
+ TODO: check
+CVE-2011-3278 (Unspecified vulnerability in the NAT implementation in Cisco IOS
12.1 ...)
+ TODO: check
+CVE-2011-3277 (Unspecified vulnerability in the NAT implementation in Cisco IOS
12.1 ...)
+ TODO: check
+CVE-2011-3276 (Unspecified vulnerability in the NAT implementation in Cisco IOS
12.1 ...)
+ TODO: check
+CVE-2011-3275 (Memory leak in Cisco IOS 12.4, 15.0, and 15.1, and IOS XE 2.5.x
...)
+ TODO: check
+CVE-2011-3274 (Unspecified vulnerability in Cisco IOS 12.2SRE before
12.2(33)SRE4, ...)
+ TODO: check
+CVE-2011-3273 (Memory leak in Cisco IOS 15.0 through 15.1, when IPS or
Zone-Based ...)
+ TODO: check
+CVE-2011-3272 (The IP Service Level Agreement (IP SLA) functionality in Cisco
IOS ...)
+ TODO: check
+CVE-2011-3271 (Unspecified vulnerability in the Smart Install functionality in
Cisco ...)
+ TODO: check
+CVE-2011-3270 (Unspecified vulnerability in Cisco IOS 12.2SB before
12.2(33)SB10 and ...)
+ TODO: check
CVE-2011-3269
RESERVED
CVE-2011-3268 (Buffer overflow in the crypt function in PHP before 5.3.7 allows
...)
@@ -2661,8 +2674,8 @@
CVE-2011-2895 (The LZW decompressor in (1) the BufCompressedFill function in
...)
{DSA-2293-1}
- libxfont 1:1.4.4-1
-CVE-2011-2894
- RESERVED
+CVE-2011-2894 (Spring Framework 3.0.0 through 3.0.5, Spring Security 3.0.0
through ...)
+ TODO: check
CVE-2011-2893 (The DataPilot feature in IBM Lotus Symphony 3 before FP3 allows
...)
NOT-FOR-US: IBM Lotus Symphony
CVE-2011-2892 (Joomla! 1.6.x before 1.6.2 does not prevent page rendering
inside a ...)
@@ -4927,8 +4940,8 @@
NOT-FOR-US: Skype
CVE-2011-2073
RESERVED
-CVE-2011-2072
- RESERVED
+CVE-2011-2072 (Memory leak in Cisco IOS 12.4, 15.0, and 15.1, Cisco IOS XE
2.5.x ...)
+ TODO: check
CVE-2011-2071
RESERVED
CVE-2011-2070
@@ -6255,8 +6268,7 @@
- libmodplug 1:0.8.8.2-1 (low; bug #622091)
CVE-2011-1573
RESERVED
-CVE-2011-1572 [ADC path traversal]
- RESERVED
+CVE-2011-1572 (Directory traversal vulnerability in the Admin Defined Commands
(ADC) ...)
{DSA-2215-1}
- gitolite 1.5.7-2
NOTE:
https://github.com/sitaramc/gitolite/commit/a33f0f85047834212ff4baf5b479c6cf3d2a6075
@@ -8281,12 +8293,12 @@
RESERVED
CVE-2011-0947
RESERVED
-CVE-2011-0946
- RESERVED
-CVE-2011-0945
- RESERVED
-CVE-2011-0944
- RESERVED
+CVE-2011-0946 (The NAT implementation in Cisco IOS 12.1 through 12.4 and 15.0
through ...)
+ TODO: check
+CVE-2011-0945 (Memory leak in the Data-link switching (aka DLSw) feature in
Cisco IOS ...)
+ TODO: check
+CVE-2011-0944 (Cisco IOS 12.4, 15.0, and 15.1 allows remote attackers to cause
a ...)
+ TODO: check
CVE-2011-0943 (Cisco IOS XR 3.8.3, 3.8.4, and 3.9.1 allows remote attackers to
cause ...)
NOT-FOR-US: Cisco
CVE-2011-0942
@@ -8295,8 +8307,8 @@
RESERVED
CVE-2011-0940
RESERVED
-CVE-2011-0939
- RESERVED
+CVE-2011-0939 (Unspecified vulnerability in Cisco IOS 12.4, 15.0, and 15.1, and
IOS ...)
+ TODO: check
CVE-2011-0938
RESERVED
CVE-2011-0937