Author: joeyh
Date: 2011-11-18 21:14:58 +0000 (Fri, 18 Nov 2011)
New Revision: 17637
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2011-11-18 21:13:45 UTC (rev 17636)
+++ data/CVE/list 2011-11-18 21:14:58 UTC (rev 17637)
@@ -1,3 +1,7 @@
+CVE-2011-4464
+ RESERVED
+CVE-2011-4463
+ RESERVED
CVE-2011-4462
RESERVED
CVE-2011-4461
@@ -8,8 +12,8 @@
RESERVED
CVE-2011-4458
RESERVED
-CVE-2011-4457
- RESERVED
+CVE-2011-4457 (OWASP HTML Sanitizer (aka owasp-java-html-sanitizer) before 88,
when ...)
+ TODO: check
CVE-2011-4456
REJECTED
CVE-2011-4455
@@ -391,18 +395,21 @@
- moodle <not-affected> (Only affects 2.x)
CVE-2011-4290 [MSA-11-0015]
RESERVED
+ {DSA-2262-1}
- moodle 1.9.9.dfsg2-3
CVE-2011-4289 [MSA-11-0014]
RESERVED
- moodle <not-affected> (Only affects 2.x)
CVE-2011-4288 [MSA-11-0013]
RESERVED
+ {DSA-2262-1}
- moodle 1.9.9.dfsg2-3
CVE-2011-4287 [MSA-11-0012]
RESERVED
- moodle <not-affected> (Only affects 2.x)
CVE-2011-4286 [MSA-11-0011]
RESERVED
+ {DSA-2262-1}
- moodle 1.9.9.dfsg2-3
CVE-2011-4285 [MSA-11-0010]
RESERVED
@@ -412,6 +419,7 @@
- moodle <not-affected> (Only affects 2.x)
CVE-2011-4283 [MSA-11-0008]
RESERVED
+ {DSA-2262-1}
- moodle 1.9.9.dfsg2-3
CVE-2011-4282 [MSA-11-0007]
RESERVED
@@ -427,6 +435,7 @@
- moodle <not-affected> (Only affects 2.x)
CVE-2011-4278 [MSA-11-0003]
RESERVED
+ {DSA-2262-1}
- moodle 1.9.9.dfsg2-3
CVE-2011-4277 (Cross-site scripting (XSS) vulnerability in CourseForum
ProjectForum ...)
NOT-FOR-US: CourseForum
@@ -939,6 +948,7 @@
RESERVED
CVE-2011-4133 [MSA-11-0002]
RESERVED
+ {DSA-2262-1}
- moodle 1.9.9.dfsg2-3
CVE-2011-4132
RESERVED
@@ -968,8 +978,7 @@
RESERVED
CVE-2011-4123
RESERVED
-CVE-2011-4122
- RESERVED
+CVE-2011-4122 (kcheckpass, as used in OpenPAM in FreeBSD 8.1 and possibly other
...)
NOT-FOR-US: OpenPAM
CVE-2011-4121
RESERVED
@@ -1000,8 +1009,7 @@
RESERVED
CVE-2011-4108
RESERVED
-CVE-2011-4107 [phpmyadmin xml local file inclusion]
- RESERVED
+CVE-2011-4107 (The simplexml_load_string function in the XML import plug-in
...)
- phpmyadmin 4:3.4.7.1-1
[lenny] - phpmyadmin <not-affected> (Vulerable code not present)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=751112
@@ -1040,8 +1048,8 @@
- linux-2.6 3.0.0-6
[squeeze] - linux-2.6 <not-affected> (Introduced in 2.6.39)
[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.39)
-CVE-2011-4096
- RESERVED
+CVE-2011-4096 (The idnsGrokReply function in Squid before 3.1.16 does not
properly ...)
+ TODO: check
CVE-2011-4095
RESERVED
CVE-2011-4094
@@ -1110,8 +1118,8 @@
CVE-2011-4074 (Cross-site scripting (XSS) vulnerability in cmd.php in
phpLDAPadmin ...)
{DSA-2333-1}
- phpldapadmin 1.2.0.5-2.1 (bug #646769)
-CVE-2011-4073
- RESERVED
+CVE-2011-4073 (Use-after-free vulnerability in the cryptographic helper handler
...)
+ TODO: check
CVE-2007-6744
RESERVED
CVE-2006-7246
@@ -1730,8 +1738,8 @@
RESERVED
CVE-2011-3901
RESERVED
-CVE-2011-3900
- RESERVED
+CVE-2011-3900 (Google V8, as used in Google Chrome before 15.0.874.121, allows
remote ...)
+ TODO: check
CVE-2011-3899
RESERVED
CVE-2011-3898 (Google Chrome before 15.0.874.120, when Java Runtime Environment
(JRE) ...)
@@ -2340,8 +2348,7 @@
[lenny] - iceweasel <not-affected> (Lenny''s iceweasel uses
Xulrunner from the xulrunner source pkg)
- iceape 2.0.14-9
[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2011-3646 [PMASA-2011-15]
- RESERVED
+CVE-2011-3646 (phpmyadmin.css.php in phpMyAdmin 3.4.x before 3.4.6 allows
remote ...)
- phpmyadmin 4:3.4.6-1 (unimportant)
CVE-2011-3645 (Newgen OmniDocs allows remote attackers to bypass intended
access ...)
NOT-FOR-US: Newgen OmniDocs
@@ -2405,8 +2412,7 @@
- pam <unfixed> (low)
[squeeze] - pam <no-dsa> (Minor issue)
[lenny] - pam <no-dsa> (Minor issue)
-CVE-2011-3627
- RESERVED
+CVE-2011-3627 (The bytecode engine in ClamAV before 0.97.3 allows remote
attackers to ...)
- clamav 0.97.3+dfsg-1 (low)
CVE-2011-3626
RESERVED
@@ -3085,8 +3091,8 @@
NOT-FOR-US: Phorum
CVE-2011-3381 (Cross-site request forgery (CSRF) vulnerability in Phorum before
...)
NOT-FOR-US: Phorum
-CVE-2011-3380
- RESERVED
+CVE-2011-3380 (Openswan 2.6.29 through 2.6.35 allows remote attackers to cause
a ...)
+ TODO: check
CVE-2011-3379 (The is_a function in PHP 5.3.7 and 5.3.8 triggers a call to the
...)
- php5 <unfixed>
[squeeze] - php5 <not-affected> (Introduced in 5.3.7)
@@ -4906,8 +4912,7 @@
CVE-2011-2771 (Multiple cross-site scripting (XSS) vulnerabilities in Mahara
before ...)
{DSA-2334-1}
- mahara 1.4.1-1
-CVE-2011-2770 [man2html XSS]
- RESERVED
+CVE-2011-2770 (Cross-site scripting (XSS) vulnerability in man2html.cgi.c in
man2html ...)
{DSA-2335-1}
- man2html 1.6g-6
CVE-2011-2769