Author: joeyh
Date: 2011-11-07 21:14:20 +0000 (Mon, 07 Nov 2011)
New Revision: 17569
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2011-11-07 19:47:40 UTC (rev 17568)
+++ data/CVE/list 2011-11-07 21:14:20 UTC (rev 17569)
@@ -1,3 +1,255 @@
+CVE-2011-4403
+ RESERVED
+CVE-2011-4402
+ RESERVED
+CVE-2011-4401
+ RESERVED
+CVE-2011-4400
+ RESERVED
+CVE-2011-4399
+ RESERVED
+CVE-2011-4398
+ RESERVED
+CVE-2011-4397
+ RESERVED
+CVE-2011-4396
+ RESERVED
+CVE-2011-4395
+ RESERVED
+CVE-2011-4394
+ RESERVED
+CVE-2011-4393
+ RESERVED
+CVE-2011-4392
+ RESERVED
+CVE-2011-4391
+ RESERVED
+CVE-2011-4390
+ RESERVED
+CVE-2011-4389
+ RESERVED
+CVE-2011-4388
+ RESERVED
+CVE-2011-4387
+ RESERVED
+CVE-2011-4386
+ RESERVED
+CVE-2011-4385
+ RESERVED
+CVE-2011-4384
+ RESERVED
+CVE-2011-4383
+ RESERVED
+CVE-2011-4382
+ RESERVED
+CVE-2011-4381
+ RESERVED
+CVE-2011-4380
+ RESERVED
+CVE-2011-4379
+ RESERVED
+CVE-2011-4378
+ RESERVED
+CVE-2011-4377
+ RESERVED
+CVE-2011-4376
+ RESERVED
+CVE-2011-4375
+ RESERVED
+CVE-2011-4374
+ RESERVED
+CVE-2011-4373
+ RESERVED
+CVE-2011-4372
+ RESERVED
+CVE-2011-4371
+ RESERVED
+CVE-2011-4370
+ RESERVED
+CVE-2011-4369
+ RESERVED
+CVE-2011-4368
+ RESERVED
+CVE-2011-4367
+ RESERVED
+CVE-2011-4366
+ RESERVED
+CVE-2011-4365
+ RESERVED
+CVE-2011-4364
+ RESERVED
+CVE-2011-4363
+ RESERVED
+CVE-2011-4362
+ RESERVED
+CVE-2011-4361
+ RESERVED
+CVE-2011-4360
+ RESERVED
+CVE-2011-4359
+ RESERVED
+CVE-2011-4358
+ RESERVED
+CVE-2011-4357
+ RESERVED
+CVE-2011-4356
+ RESERVED
+CVE-2011-4355
+ RESERVED
+CVE-2011-4354
+ RESERVED
+CVE-2011-4353
+ RESERVED
+CVE-2011-4352
+ RESERVED
+CVE-2011-4351
+ RESERVED
+CVE-2011-4350
+ RESERVED
+CVE-2011-4349
+ RESERVED
+CVE-2011-4348
+ RESERVED
+CVE-2011-4347
+ RESERVED
+CVE-2011-4346
+ RESERVED
+CVE-2011-4345
+ RESERVED
+CVE-2011-4344
+ RESERVED
+CVE-2011-4343
+ RESERVED
+CVE-2011-4342
+ RESERVED
+CVE-2011-4341
+ RESERVED
+CVE-2011-4340
+ RESERVED
+CVE-2011-4339
+ RESERVED
+CVE-2011-4338
+ RESERVED
+CVE-2011-4337
+ RESERVED
+CVE-2011-4336
+ RESERVED
+CVE-2011-4335
+ RESERVED
+CVE-2011-4334
+ RESERVED
+CVE-2011-4333
+ RESERVED
+CVE-2011-4332
+ RESERVED
+CVE-2011-4331
+ RESERVED
+CVE-2011-4330
+ RESERVED
+CVE-2011-4329
+ RESERVED
+CVE-2011-4328
+ RESERVED
+CVE-2011-4327
+ RESERVED
+CVE-2011-4326
+ RESERVED
+CVE-2011-4325
+ RESERVED
+CVE-2011-4324
+ RESERVED
+CVE-2011-4323
+ RESERVED
+CVE-2011-4322
+ RESERVED
+CVE-2011-4321
+ RESERVED
+CVE-2011-4320
+ RESERVED
+CVE-2011-4319
+ RESERVED
+CVE-2011-4318
+ RESERVED
+CVE-2011-4317
+ RESERVED
+CVE-2011-4316
+ RESERVED
+CVE-2011-4315
+ RESERVED
+CVE-2011-4314
+ RESERVED
+CVE-2011-4313
+ RESERVED
+CVE-2011-4312
+ RESERVED
+CVE-2011-4311
+ RESERVED
+CVE-2011-4310
+ RESERVED
+CVE-2011-4309
+ RESERVED
+CVE-2011-4308
+ RESERVED
+CVE-2011-4307
+ RESERVED
+CVE-2011-4306
+ RESERVED
+CVE-2011-4305
+ RESERVED
+CVE-2011-4304
+ RESERVED
+CVE-2011-4303
+ RESERVED
+CVE-2011-4302
+ RESERVED
+CVE-2011-4301
+ RESERVED
+CVE-2011-4300
+ RESERVED
+CVE-2011-4299
+ RESERVED
+CVE-2011-4298
+ RESERVED
+CVE-2011-4297
+ RESERVED
+CVE-2011-4296
+ RESERVED
+CVE-2011-4295
+ RESERVED
+CVE-2011-4294
+ RESERVED
+CVE-2011-4293
+ RESERVED
+CVE-2011-4292
+ RESERVED
+CVE-2011-4291
+ RESERVED
+CVE-2011-4290
+ RESERVED
+CVE-2011-4289
+ RESERVED
+CVE-2011-4288
+ RESERVED
+CVE-2011-4287
+ RESERVED
+CVE-2011-4286
+ RESERVED
+CVE-2011-4285
+ RESERVED
+CVE-2011-4284
+ RESERVED
+CVE-2011-4283
+ RESERVED
+CVE-2011-4282
+ RESERVED
+CVE-2011-4281
+ RESERVED
+CVE-2011-4280
+ RESERVED
+CVE-2011-4279
+ RESERVED
+CVE-2011-4278
+ RESERVED
CVE-2011-4277 (Cross-site scripting (XSS) vulnerability in CourseForum
ProjectForum ...)
TODO: check
CVE-2011-4276
@@ -703,8 +955,8 @@
RESERVED
CVE-2011-4067
RESERVED
-CVE-2011-4066
- RESERVED
+CVE-2011-4066 (SQL injection vulnerability in bbs/tb.php in Gnuboard 4.33.02
and ...)
+ TODO: check
CVE-2011-4065
RESERVED
CVE-2011-4063 (chan_sip.c in the SIP channel driver in Asterisk Open Source
1.8.x ...)
@@ -1072,12 +1324,12 @@
TODO: check
CVE-2011-3992 (Buffer overflow in the SSH server functionality on the D-Link
DES-3800 ...)
TODO: check
-CVE-2011-3991
- RESERVED
+CVE-2011-3991 (Untrusted search path vulnerability in FFFTP 1.98a and earlier
allows ...)
+ TODO: check
CVE-2011-3990
RESERVED
-CVE-2011-3989
- RESERVED
+CVE-2011-3989 (SQL injection vulnerability in DBD::mysqlPP 0.04 and earlier
allows ...)
+ TODO: check
CVE-2011-3988 (SQL injection vulnerability in data/class/SC_Query.php in
EC-CUBE ...)
TODO: check
CVE-2011-3987 (dtsoftbus01.sys in DAEMON Tools Lite before 4.41.3, Pro Standard
...)
@@ -1886,6 +2138,7 @@
CVE-2011-3641
RESERVED
CVE-2011-3640 (** DISPUTED ** Untrusted search path vulnerability in Mozilla
Network ...)
+ {DSA-2339-1}
- nss <unfixed> (low; bug #647614)
[lenny] - nss <no-dsa> (Minor issue)
[squeeze] - nss <no-dsa> (Minor issue)
@@ -1969,8 +2222,7 @@
CVE-2011-3617 [tahoe-lafs: an unauthorized user can delete files]
RESERVED
- tahoe-lafs 1.8.3-1 (bug #641540)
-CVE-2011-3616 [conky tempfile]
- RESERVED
+CVE-2011-3616 (The getSkillname function in the eve module in Conky 1.8.1 and
earlier ...)
- conky 1.8.0-1.1 (low; bug #612033)
[squeeze] - conky 1.8.0-1+squeeze1
[lenny] - conky 1.6.0-2+lenny1
@@ -2052,8 +2304,7 @@
CVE-2011-3595
RESERVED
- joomla <itp> (bug #571794)
-CVE-2011-3594
- RESERVED
+CVE-2011-3594 (The g_markup_escape_text function in the SILC protocol plug-in
in ...)
- pidgin <unfixed> (unimportant)
NOTE: http://developer.pidgin.im/ticket/14636
NOTE: relatively obscure client crash
@@ -2103,8 +2354,7 @@
[lenny] - typo3-src <not-affected> (Only affects 4.5.x)
CVE-2011-3582
RESERVED
-CVE-2011-3581
- RESERVED
+CVE-2011-3581 (Heap-based buffer overflow in the ldns_rr_new_frm_str_internal
...)
- ldns <unfixed> (bug #647297)
NOTE: http://www.nlnetlabs.nl/bugs-script/show_bug.cgi?id=403
NOTE: https://secunia.com/advisories/46153/
@@ -2534,8 +2784,8 @@
RESERVED
CVE-2011-3403
RESERVED
-CVE-2011-3402
- RESERVED
+CVE-2011-3402 (Unspecified vulnerability in the Win32k TrueType font parsing
engine ...)
+ TODO: check
CVE-2011-3401
RESERVED
CVE-2011-3400
@@ -2665,8 +2915,8 @@
- kde4libs <unfixed>
NOTE: http://www.kde.org/info/security/advisory-20111003-1.txt
TODO: File bugs
-CVE-2011-3364
- RESERVED
+CVE-2011-3364 (Incomplete blacklist vulnerability in the svEscape function in
...)
+ TODO: check
CVE-2011-3363
RESERVED
- linux-2.6 2.6.39-1
@@ -2775,8 +3025,8 @@
NOT-FOR-US: Iceni Argus
CVE-2011-3331
RESERVED
-CVE-2011-3330
- RESERVED
+CVE-2011-3330 (Buffer overflow in the UnitelWay Windows Device Driver, as used
in ...)
+ TODO: check
CVE-2011-3329
RESERVED
CVE-2011-3328
@@ -3180,8 +3430,8 @@
RESERVED
CVE-2011-3172
RESERVED
-CVE-2011-3171
- RESERVED
+CVE-2011-3171 (Directory traversal vulnerability in pure-FTPd 1.0.22 and
possibly ...)
+ TODO: check
CVE-2011-3170 (The gif_read_lzw function in filter/image-gif.c in CUPS 1.4.8
and ...)
- cups 1.5.0-8
NOTE: This ID is for an incomplete fix for CVE-2011-2896
@@ -3226,8 +3476,8 @@
TODO: check
CVE-2011-3165 (Unspecified vulnerability in HP OpenView Network Node Manager
(OV NNM) ...)
TODO: check
-CVE-2011-3164
- RESERVED
+CVE-2011-3164 (Unspecified vulnerability in HP-UX Containers (formerly HP-UX
Secure ...)
+ TODO: check
CVE-2011-3163 (HP MFP Digital Sending Software 4.9x through 4.91.21 allows
local ...)
NOT-FOR-US: HP MFP Digital Sending Software
CVE-2011-3162 (Unspecified vulnerability in HP Data Protector Notebook
Extension 6.20 ...)
@@ -5224,6 +5474,7 @@
{DSA-2310-1 DSA-2303-1}
- linux-2.6 2.6.39-3 (low)
CVE-2011-2483 (crypt_blowfish before 1.1, as used in PHP before 5.3.7 on
certain ...)
+ {DSA-2340-1}
- libcrypt-eksblowfish-perl <not-affected> (discovered and corrected in
initial release in 2007)
- php-suhosin <unfixed> (bug #631283)
- postgresql-8.4 8.4.9-1 (bug #631285)
@@ -7877,8 +8128,8 @@
NOT-FOR-US: HP OpenView
CVE-2011-1514 (The inet service in HP OpenView Storage Data Protector 6.00
through ...)
NOT-FOR-US: HP OpenView
-CVE-2011-1513
- RESERVED
+CVE-2011-1513 (Static code injection vulnerability in install_.php in e107 CMS
0.7.24 ...)
+ TODO: check
CVE-2011-1512 (Heap-based buffer overflow in xlssr.dll in Autonomy KeyView, as
used ...)
NOT-FOR-US: Autonomy KeyView
CVE-2011-1511 (Unspecified vulnerability in the Oracle GlassFish Server
component in ...)
@@ -10292,15 +10543,15 @@
NOT-FOR-US: Ruby mail gem
CVE-2011-0738 (MyProxy 5.0 through 5.2, as used in Globus Toolkit 5.0.0 through
...)
NOT-FOR-US: MyProxy
-CVE-2011-0737 (Adobe ColdFusion 9.0.1 CHF1 and earlier allows remote attackers
to ...)
+CVE-2011-0737 (** DISPUTED ** Adobe ColdFusion 9.0.1 CHF1 and earlier allows
remote ...)
NOT-FOR-US: Adobe Coldfusion
-CVE-2011-0736 (Adobe ColdFusion 9.0.1 CHF1 and earlier, when a web application
is ...)
+CVE-2011-0736 (** DISPUTED ** Adobe ColdFusion 9.0.1 CHF1 and earlier, when a
web ...)
NOT-FOR-US: Adobe ColdFusion
CVE-2011-0735 (Cross-site scripting (XSS) vulnerability in Adobe ColdFusion
before ...)
NOT-FOR-US: Adobe ColdFusion
-CVE-2011-0734 (Cross-site scripting (XSS) vulnerability in Adobe ColdFusion
9.0.1 ...)
+CVE-2011-0734 (Cross-site scripting (XSS) vulnerability in Adobe ColdFusion
before ...)
NOT-FOR-US: Adobe ColdFusion
-CVE-2011-0733 (Cross-site scripting (XSS) vulnerability in Adobe ColdFusion,
possibly ...)
+CVE-2011-0733 (Cross-site scripting (XSS) vulnerability in Adobe ColdFusion
before ...)
NOT-FOR-US: Adobe ColdFusion
CVE-2011-0732 (Multiple unspecified vulnerabilities in IBM Tivoli Integrated
Portal ...)
NOT-FOR-US: IBM Tivoli Integrated Portal