Author: jmm Date: 2011-12-09 20:46:06 +0000 (Fri, 09 Dec 2011) New Revision: 17768 Modified: data/CVE/list Log: new asterisk issues Modified: data/CVE/list ==================================================================--- data/CVE/list 2011-12-09 20:41:00 UTC (rev 17767) +++ data/CVE/list 2011-12-09 20:46:06 UTC (rev 17768) @@ -101,33 +101,33 @@ CVE-2011-4695 (Unspecified vulnerability in Microsoft Windows 7 SP1, when Java is ...) TODO: check CVE-2011-4694 (Unspecified vulnerability in Adobe Flash Player 11.1.102.55 on Windows ...) - TODO: check + NOT-FOR-US: Adobe Flash Player CVE-2011-4693 (Unspecified vulnerability in Adobe Flash Player 11.1.102.55 on Windows ...) - TODO: check + NOT-FOR-US: Adobe Flash Player CVE-2011-4692 (WebKit, as used in Apple Safari 5.1.1 and earlier and Google Chrome 15 ...) TODO: check CVE-2011-4691 (Google Chrome 15.0.874.121 and earlier does not prevent capture of ...) TODO: check CVE-2011-4690 (Opera 11.60 and earlier does not prevent capture of data about the ...) - TODO: check + NOT-FOR-US: Opera CVE-2011-4689 (Microsoft Internet Explorer 6 through 9 does not prevent capture of ...) - TODO: check + NOT-FOR-US: Microsoft Internet Explorer CVE-2011-4688 (Mozilla Firefox 8.0.1 and earlier does not prevent capture of data ...) TODO: check CVE-2011-4687 (Opera before 11.60 allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Opera CVE-2011-4686 (Unspecified vulnerability in the Web Workers implementation in Opera ...) - TODO: check + NOT-FOR-US: Opera CVE-2011-4685 (Dragonfly in Opera before 11.60 allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: Opera CVE-2011-4684 (Opera before 11.60 does not properly handle certificate revocation, ...) - TODO: check + NOT-FOR-US: Opera CVE-2011-4683 (Unspecified vulnerability in Opera before 11.60 has unknown impact and ...) - TODO: check + NOT-FOR-US: Opera CVE-2011-4682 (The JavaScript engine in Opera before 11.60 does not properly ...) - TODO: check + NOT-FOR-US: Opera CVE-2011-4681 (Opera before 11.60 does not properly consider the number of . (dot) ...) - TODO: check + NOT-FOR-US: Opera CVE-2011-4680 (Multiple cross-site scripting (XSS) vulnerabilities in the customer ...) TODO: check CVE-2011-4679 (vtiger CRM before 5.3.0 does not properly recognize the disabled ...) @@ -137,9 +137,9 @@ CVE-2010-5073 (The JavaScript implementation in Google Chrome 4 does not properly ...) TODO: check CVE-2010-5072 (The JavaScript implementation in Opera 10.5 does not properly restrict ...) - TODO: check + NOT-FOR-US: Opera CVE-2010-5071 (The JavaScript implementation in Microsoft Internet Explorer 8.0 and ...) - TODO: check + NOT-FOR-US: Microsoft Internet Explorer CVE-2010-5070 (The JavaScript implementation in Apple Safari 4 does not properly ...) TODO: check CVE-2010-5069 (The Cascading Style Sheets (CSS) implementation in Google Chrome 4 ...) @@ -319,10 +319,13 @@ RESERVED CVE-2011-4599 RESERVED -CVE-2011-4598 +CVE-2011-4598 [http://downloads.asterisk.org/pub/security/AST-2011-014.html] RESERVED -CVE-2011-4597 + - asterisk <unfixed> +CVE-2011-4597 [http://downloads.asterisk.org/pub/security/AST-2011-013.html] RESERVED + - asterisk <unfixed> (unimportant) + NOTE: This is mostly a design limitation and has very little impact CVE-2011-4596 RESERVED CVE-2011-4595