Author: joeyh
Date: 2011-12-06 21:14:27 +0000 (Tue, 06 Dec 2011)
New Revision: 17758
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2011-12-06 21:04:42 UTC (rev 17757)
+++ data/CVE/list 2011-12-06 21:14:27 UTC (rev 17758)
@@ -1,3 +1,7 @@
+CVE-2011-4678 (The password reset feature in One Click Orgs before 1.2.3
generates ...)
+ TODO: check
+CVE-2011-4677 (One Click Orgs before 1.2.3 does not have an off autocomplete
...)
+ TODO: check
CVE-2011-4676
RESERVED
CVE-2011-4675 (The pathname canonicalization functionality in ...)
@@ -256,14 +260,14 @@
RESERVED
CVE-2011-4556
RESERVED
-CVE-2011-4555
- RESERVED
-CVE-2011-4554
- RESERVED
-CVE-2011-4553
- RESERVED
-CVE-2011-4552
- RESERVED
+CVE-2011-4555 (One Click Orgs before 1.2.3 does not require unique e-mail
addresses ...)
+ TODO: check
+CVE-2011-4554 (One Click Orgs before 1.2.3 allows remote authenticated users to
...)
+ TODO: check
+CVE-2011-4553 (Multiple open redirect vulnerabilities in One Click Orgs before
1.2.3 ...)
+ TODO: check
+CVE-2011-4552 (Multiple cross-site scripting (XSS) vulnerabilities in One Click
Orgs ...)
+ TODO: check
CVE-2011-4551
RESERVED
CVE-2011-4550
@@ -762,6 +766,7 @@
NOT-FOR-US: Apache MyFaces
CVE-2011-4358 [Mojarra - includeViewParameters re-evaluates param/model values
as EL expressions]
RESERVED
+ {DSA-2359-1}
- mojarra 2.0.3-2 (bug #650430)
CVE-2011-4357 [clearsilver format string issue]
RESERVED
@@ -1499,8 +1504,7 @@
CVE-2011-4131
RESERVED
- linux-2.6 <unfixed>
-CVE-2011-4130 [Response pool use-after-free memory corruption error]
- RESERVED
+CVE-2011-4130 (Use-after-free vulnerability in the Response API in ProFTPD
before ...)
{DSA-2346-2 DSA-2346-1}
- proftpd-dfsg 1.3.4~rc3-2 (high; bug #648373)
[lenny] - proftpd-dfsg <not-affected> (vulnerable functionality not
present)