Author: joeyh
Date: 2011-10-14 21:14:17 +0000 (Fri, 14 Oct 2011)
New Revision: 17425
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2011-10-14 16:38:23 UTC (rev 17424)
+++ data/CVE/list 2011-10-14 21:14:17 UTC (rev 17425)
@@ -1,3 +1,55 @@
+CVE-2011-4057
+ RESERVED
+CVE-2011-4056
+ RESERVED
+CVE-2011-4055
+ RESERVED
+CVE-2011-4054
+ RESERVED
+CVE-2011-4053
+ RESERVED
+CVE-2011-4052
+ RESERVED
+CVE-2011-4051
+ RESERVED
+CVE-2011-4050
+ RESERVED
+CVE-2011-4049
+ RESERVED
+CVE-2011-4048
+ RESERVED
+CVE-2011-4047
+ RESERVED
+CVE-2011-4046
+ RESERVED
+CVE-2011-4045
+ RESERVED
+CVE-2011-4044
+ RESERVED
+CVE-2011-4043
+ RESERVED
+CVE-2011-4042
+ RESERVED
+CVE-2011-4041
+ RESERVED
+CVE-2011-4040
+ RESERVED
+CVE-2011-4039
+ RESERVED
+CVE-2011-4038
+ RESERVED
+CVE-2011-4037
+ RESERVED
+CVE-2011-4036
+ RESERVED
+CVE-2011-4035
+ RESERVED
+CVE-2011-4034
+ RESERVED
+CVE-2011-4033
+ RESERVED
+CVE-2011-4032
+ RESERVED
CVE-2011-XXXX [Ruby 1.9.2-p290 WEBrick::HTTPRequest X-Forwarded-*]
TODO: check
NOTE: http://www.openwall.com/lists/oss-security/2011/10/12/5
@@ -1556,30 +1608,30 @@
RESERVED
CVE-2011-3438
RESERVED
-CVE-2011-3437
- RESERVED
-CVE-2011-3436
- RESERVED
-CVE-2011-3435
- RESERVED
-CVE-2011-3434
- RESERVED
+CVE-2011-3437 (Integer signedness error in Apple Type Services (ATS) in Apple
Mac OS ...)
+ TODO: check
+CVE-2011-3436 (Open Directory in Apple Mac OS X 10.7 before 10.7.2 does not
require a ...)
+ TODO: check
+CVE-2011-3435 (Open Directory in Apple Mac OS X 10.7 before 10.7.2 allows local
users ...)
+ TODO: check
+CVE-2011-3434 (The WiFi component in Apple iOS before 5 stores WiFi credentials
in an ...)
+ TODO: check
CVE-2011-3433
RESERVED
-CVE-2011-3432
- RESERVED
-CVE-2011-3431
- RESERVED
-CVE-2011-3430
- RESERVED
-CVE-2011-3429
- RESERVED
+CVE-2011-3432 (The UIKit Alerts component in Apple iOS before 5 allows remote
...)
+ TODO: check
+CVE-2011-3431 (The Home screen component in Apple iOS before 5 does not
properly ...)
+ TODO: check
+CVE-2011-3430 (The Settings component in Apple iOS before 5, when a
configuration ...)
+ TODO: check
+CVE-2011-3429 (The Settings component in Apple iOS before 5 stores a cleartext
...)
+ TODO: check
CVE-2011-3428
RESERVED
-CVE-2011-3427
- RESERVED
-CVE-2011-3426
- RESERVED
+CVE-2011-3427 (The Data Security component in Apple iOS before 5 and Apple TV
before ...)
+ TODO: check
+CVE-2011-3426 (Cross-site scripting (XSS) vulnerability in Safari in Apple iOS
before ...)
+ TODO: check
CVE-2011-3425
RESERVED
CVE-2011-3424 (Session fixation vulnerability in the Managed File Transfer
server in ...)
@@ -2066,24 +2118,24 @@
CVE-2011-3262 (tools/libxc/xc_dom_bzimageloader.c in Xen 3.2, 3.3, 4.0, and 4.1
...)
- xen 4.1.1-1
- xen-3 <removed>
-CVE-2011-3261
- RESERVED
-CVE-2011-3260
- RESERVED
-CVE-2011-3259
- RESERVED
+CVE-2011-3261 (Double free vulnerability in OfficeImport in Apple iOS before 5
allows ...)
+ TODO: check
+CVE-2011-3260 (Buffer overflow in OfficeImport in Apple iOS before 5 allows
remote ...)
+ TODO: check
+CVE-2011-3259 (The kernel in Apple iOS before 5 and Apple TV before 4.4 does
not ...)
+ TODO: check
CVE-2011-3258
RESERVED
-CVE-2011-3257
- RESERVED
-CVE-2011-3256
- RESERVED
-CVE-2011-3255
- RESERVED
-CVE-2011-3254
- RESERVED
-CVE-2011-3253
- RESERVED
+CVE-2011-3257 (The Data Access component in Apple iOS before 5 does not
properly ...)
+ TODO: check
+CVE-2011-3256 (FreeType in CoreGraphics in Apple iOS before 5 allows remote
attackers ...)
+ TODO: check
+CVE-2011-3255 (CFNetwork in Apple iOS before 5 stores AppleID credentials in an
...)
+ TODO: check
+CVE-2011-3254 (Cross-site scripting (XSS) vulnerability in Calendar in Apple
iOS ...)
+ TODO: check
+CVE-2011-3253 (CalDAV in Apple iOS before 5 does not validate X.509
certificates for ...)
+ TODO: check
CVE-2011-3252 (Buffer overflow in CoreAudio, as used in Apple iTunes before
10.5, ...)
TODO: check
CVE-2011-3251
@@ -2096,17 +2148,17 @@
RESERVED
CVE-2011-3247
RESERVED
-CVE-2011-3246
- RESERVED
-CVE-2011-3245
- RESERVED
+CVE-2011-3246 (CFNetwork in Apple iOS before 5 and Mac OS X 10.7 before 10.7.2
does ...)
+ TODO: check
+CVE-2011-3245 (The Keyboards component in Apple iOS before 5 displays the final
...)
+ TODO: check
CVE-2011-3244 (WebKit, as used in Apple iTunes before 10.5, allows
man-in-the-middle ...)
- chromium-browser <undetermined>
- webkit <undetermined>
-CVE-2011-3243
- RESERVED
-CVE-2011-3242
- RESERVED
+CVE-2011-3243 (Cross-site scripting (XSS) vulnerability in WebKit, as used in
Apple ...)
+ TODO: check
+CVE-2011-3242 (The Private Browsing feature in Apple Safari before 5.1.1 on Mac
OS X ...)
+ TODO: check
CVE-2011-3241 (WebKit, as used in Apple iTunes before 10.5, allows
man-in-the-middle ...)
- chromium-browser <undetermined>
- webkit <undetermined>
@@ -2142,46 +2194,46 @@
[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
- iceape <not-affected> (Only affects Firefox >= 4)
- icedove <not-affected> (Only affects Thunderbird 5)
-CVE-2011-3231
- RESERVED
-CVE-2011-3230
- RESERVED
-CVE-2011-3229
- RESERVED
-CVE-2011-3228
- RESERVED
-CVE-2011-3227
- RESERVED
-CVE-2011-3226
- RESERVED
-CVE-2011-3225
- RESERVED
-CVE-2011-3224
- RESERVED
-CVE-2011-3223
- RESERVED
-CVE-2011-3222
- RESERVED
-CVE-2011-3221
- RESERVED
-CVE-2011-3220
- RESERVED
+CVE-2011-3231 (The SSL implementation in Apple Safari before 5.1.1 on Mac OS X
before ...)
+ TODO: check
+CVE-2011-3230 (Apple Safari before 5.1.1 on Mac OS X does not enforce an
intended ...)
+ TODO: check
+CVE-2011-3229 (Directory traversal vulnerability in Apple Safari before 5.1.1
allows ...)
+ TODO: check
+CVE-2011-3228 (QuickTime in Apple Mac OS X before 10.7.2 allows remote
attackers to ...)
+ TODO: check
+CVE-2011-3227 (libsecurity in Apple Mac OS X before 10.7.2 does not properly
handle ...)
+ TODO: check
+CVE-2011-3226 (Open Directory in Apple Mac OS X 10.7 before 10.7.2, when an
LDAPv3 ...)
+ TODO: check
+CVE-2011-3225 (The SMB File Server component in Apple Mac OS X 10.7 before
10.7.2 ...)
+ TODO: check
+CVE-2011-3224 (The User Documentation component in Apple Mac OS X through
10.6.8 uses ...)
+ TODO: check
+CVE-2011-3223 (Buffer overflow in QuickTime in Apple Mac OS X before 10.7.2
allows ...)
+ TODO: check
+CVE-2011-3222 (Buffer overflow in QuickTime in Apple Mac OS X before 10.7.2
allows ...)
+ TODO: check
+CVE-2011-3221 (QuickTime in Apple Mac OS X before 10.7.2 does not properly
handle the ...)
+ TODO: check
+CVE-2011-3220 (QuickTime in Apple Mac OS X before 10.7.2 does not properly
process ...)
+ TODO: check
CVE-2011-3219 (Buffer overflow in CoreMedia, as used in Apple iTunes before
10.5, ...)
NOT-FOR-US: Apple CoreMedia
-CVE-2011-3218
- RESERVED
-CVE-2011-3217
- RESERVED
-CVE-2011-3216
- RESERVED
-CVE-2011-3215
- RESERVED
-CVE-2011-3214
- RESERVED
-CVE-2011-3213
- RESERVED
-CVE-2011-3212
- RESERVED
+CVE-2011-3218 (The "Save for Web" selection in QuickTime
Player in Apple Mac OS X ...)
+ TODO: check
+CVE-2011-3217 (MediaKit in Apple Mac OS X through 10.6.8 allows remote
attackers to ...)
+ TODO: check
+CVE-2011-3216 (The kernel in Apple Mac OS X before 10.7.2 does not properly
implement ...)
+ TODO: check
+CVE-2011-3215 (The kernel in Apple Mac OS X before 10.7.2 does not properly
prevent ...)
+ TODO: check
+CVE-2011-3214 (IOGraphics in Apple Mac OS X through 10.6.8 does not properly
handle a ...)
+ TODO: check
+CVE-2011-3213 (The File Systems component in Apple Mac OS X before 10.7.2 does
not ...)
+ TODO: check
+CVE-2011-3212 (CoreStorage in Apple Mac OS X 10.7 before 10.7.2 does not ensure
that ...)
+ TODO: check
CVE-2011-3211 (The server in Bcfg2 1.1.2 and earlier, and 1.2 prerelease,
allows ...)
{DSA-2302-1}
- bcfg2 1.1.2-2 (bug #640028)
@@ -10825,8 +10877,8 @@
NOT-FOR-US: HP OpenView
CVE-2011-0261 (Unspecified vulnerability in jovgraph.exe in jovgraph in HP
OpenView ...)
NOT-FOR-US: HP OpenView
-CVE-2011-0260
- RESERVED
+CVE-2011-0260 (The CoreProcesses component in Apple Mac OS X 10.7 before 10.7.2
does ...)
+ TODO: check
CVE-2011-0259 (CoreFoundation, as used in Apple iTunes before 10.5, does not
properly ...)
TODO: check
CVE-2011-0258 (Apple QuickTime before 7.7 on Windows allows remote attackers to
...)
@@ -10895,12 +10947,12 @@
CVE-2011-0232 (WebKit, as used in Apple Safari before 5.0.6, allows remote
attackers ...)
- chromium-browser <undetermined>
- webkit <undetermined>
-CVE-2011-0231
- RESERVED
-CVE-2011-0230
- RESERVED
-CVE-2011-0229
- RESERVED
+CVE-2011-0231 (CFNetwork in Apple Mac OS X before 10.7.2 does not properly
follow an ...)
+ TODO: check
+CVE-2011-0230 (Buffer overflow in the ATSFontDeactivate API in Apple Type
Services ...)
+ TODO: check
+CVE-2011-0229 (Apple Type Services (ATS) in Apple Mac OS X through 10.6.8 does
not ...)
+ TODO: check
CVE-2011-0228 (The Data Security component in Apple iOS before 4.2.10 and 4.3.x
...)
NOT-FOR-US: Apple iOS
CVE-2011-0227 (The queueing primitives in IOMobileFrameBuffer in Apple iOS
before ...)
@@ -10911,8 +10963,8 @@
CVE-2011-0225 (WebKit, as used in Apple Safari before 5.0.6, allows remote
attackers ...)
- chromium-browser <undetermined>
- webkit <undetermined>
-CVE-2011-0224
- RESERVED
+CVE-2011-0224 (CoreMedia in Apple Mac OS X through 10.6.8 allows remote
attackers to ...)
+ TODO: check
CVE-2011-0223 (WebKit, as used in Apple Safari before 5.0.6, allows remote
attackers ...)
- chromium-browser <undetermined>
- webkit <undetermined>
@@ -11003,8 +11055,8 @@
NOT-FOR-US: Apple Mac OS
CVE-2011-0186 (QuickTime in Apple Mac OS X before 10.6.7 allows remote
attackers to ...)
NOT-FOR-US: Apple Mac OS
-CVE-2011-0185
- RESERVED
+CVE-2011-0185 (Format string vulnerability in the debug-logging feature in ...)
+ TODO: check
CVE-2011-0184 (QuickLook in Apple Mac OS X 10.6 before 10.6.7 allows remote
attackers ...)
NOT-FOR-US: Apple Mac OS
CVE-2011-0183 (Libinfo in Apple Mac OS X before 10.6.7 does not properly handle
an ...)