[Secure-testing-commits] r16543 - data/CVE

Joey Hess joeyh at alioth.debian.org
Mon Apr 18 21:15:33 UTC 2011 

Author: joeyh
Date: 2011-04-18 21:15:26 +0000 (Mon, 18 Apr 2011)
New Revision: 16543

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2011-04-18 21:03:15 UTC (rev 16542)
+++ data/CVE/list	2011-04-18 21:15:26 UTC (rev 16543)
@@ -1,3 +1,47 @@
+CVE-2011-1713 (Microsoft msxml.dll, as used in Internet Explorer 8 on Windows 7, ...)
+	TODO: check
+CVE-2011-1712 (The txXPathNodeUtils::getXSLTId function in ...)
+	TODO: check
+CVE-2011-1711
+	RESERVED
+CVE-2011-1710
+	RESERVED
+CVE-2011-1709
+	RESERVED
+CVE-2011-1708
+	RESERVED
+CVE-2011-1707
+	RESERVED
+CVE-2011-1706
+	RESERVED
+CVE-2011-1705
+	RESERVED
+CVE-2011-1704
+	RESERVED
+CVE-2011-1703
+	RESERVED
+CVE-2011-1702
+	RESERVED
+CVE-2011-1701
+	RESERVED
+CVE-2011-1700
+	RESERVED
+CVE-2011-1699
+	RESERVED
+CVE-2011-1698
+	RESERVED
+CVE-2011-1697
+	RESERVED
+CVE-2011-1696
+	RESERVED
+CVE-2011-1695
+	RESERVED
+CVE-2011-1694
+	RESERVED
+CVE-2011-1693
+	RESERVED
+CVE-2011-1692
+	RESERVED
 CVE-2011-XXXX [mediawiki XSS specific to IE6]
 	- mediawiki <unfixed> 
 CVE-2011-XXXX [mediawiki CSS validation error]
@@ -102,12 +146,12 @@
 	RESERVED
 CVE-2011-1656
 	RESERVED
-CVE-2011-1655
-	RESERVED
-CVE-2011-1654
-	RESERVED
-CVE-2011-1653
-	RESERVED
+CVE-2011-1655 (The management.asmx module in the Management Web Service in the ...)
+	TODO: check
+CVE-2011-1654 (Directory traversal vulnerability in the Heartbeat Web Service in ...)
+	TODO: check
+CVE-2011-1653 (Multiple SQL injection vulnerabilities in the Unified Network Control ...)
+	TODO: check
 CVE-2011-1652 (** DISPUTED ** The default configuration of Microsoft Windows 7 ...)
 	NOT-FOR-US: Microsoft Windows 7
 CVE-2010-4784 (Multiple SQL injection vulnerabilities in member.php in PHP Web ...)
@@ -745,6 +789,7 @@
 CVE-2011-1426
 	RESERVED
 CVE-2011-1425 (xslt.c in XML Security Library (aka xmlsec) before 1.2.17, as used in ...)
+	{DSA-2219-1}
 	- xmlsec1 1.2.14-1.1 (bug #620560)
 	NOTE: http://www.aleksey.com/xmlsec/news.html
 CVE-2011-1424
@@ -914,7 +959,7 @@
 	NOT-FOR-US: Internet Explorer
 CVE-2011-1345 (Microsoft Internet Explorer 6, 7, and 8 does not properly handle ...)
 	NOT-FOR-US: Internet Explorer
-CVE-2011-1344 (Unspecified vulnerability in WebKit, as used in Apple Safari before ...)
+CVE-2011-1344 (Use-after-free vulnerability in WebKit, as used in Apple Safari before ...)
 	- chromium-browser <undetermined>
 	- webkit <undetermined>
 CVE-2011-1343 (SQL injection vulnerability in the Web GUI in IBM Tivoli ...)
@@ -1005,16 +1050,14 @@
 	RESERVED
 CVE-2011-1303
 	RESERVED
-CVE-2011-1302
-	RESERVED
+CVE-2011-1302 (Heap-based buffer overflow in the GPU process in Google Chrome before ...)
 	- chromium-browser 10.0.648.205~r81283-1
 	- webkit <undetermined>
-CVE-2011-1301
-	RESERVED
+CVE-2011-1301 (Use-after-free vulnerability in the GPU process in Google Chrome ...)
 	- chromium-browser 10.0.648.205~r81283-1
 	- webkit <undetermined>
-CVE-2011-1300
-	RESERVED
+CVE-2011-1300 (The GPU process in Google Chrome before 10.0.648.205 on Windows allows ...)
+	TODO: check
 CVE-2011-1299
 	RESERVED
 CVE-2011-1298
@@ -2278,7 +2321,7 @@
 	NOT-FOR-US: HP Network Node Manager
 CVE-2011-0896 (Unspecified vulnerability in HP NFS/ONCplus B.11.31.10 and earlier on ...)
 	NOT-FOR-US: HP-UX
-CVE-2011-0895 (Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x ...)
+CVE-2011-0895 (Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x and ...)
 	NOT-FOR-US: HP Network Node Manager
 CVE-2011-0894 (Unspecified vulnerability in HP Operations 9.10 on UNIX platforms ...)
 	NOT-FOR-US: HP Operations
@@ -3065,7 +3108,7 @@
 	RESERVED
 CVE-2011-0612
 	RESERVED
-CVE-2011-0611 (Unspecified vulnerability in Adobe Flash Player 10.2.154.25 and ...)
+CVE-2011-0611 (Adobe Flash Player 10.2.153.1 and earlier for Windows, Macintosh, ...)
 	NOT-FOR-US: Adobe Flash Player / Acrobat Reader
 CVE-2011-0610
 	RESERVED
@@ -4315,8 +4358,8 @@
 	RESERVED
 CVE-2011-0196
 	RESERVED
-CVE-2011-0195
-	RESERVED
+CVE-2011-0195 (The generate-id XPath function in libxslt in Apple iOS 4.3.x before ...)
+	TODO: check
 CVE-2011-0194 (Integer overflow in ImageIO in Apple Mac OS X 10.6 before 10.6.7 ...)
 	NOT-FOR-US: Apple Mac OS
 CVE-2011-0193 (Multiple buffer overflows in Image RAW in Apple Mac OS X before 10.6.7 ...)
@@ -4324,7 +4367,7 @@
 CVE-2011-0192 (Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other ...)
 	{DSA-2210-1}
 	- tiff 3.9.4-7
-CVE-2011-0191 (Buffer overflow in LibTIFF in ImageIO in Apple iTunes before 10.2 on ...)
+CVE-2011-0191 (Buffer overflow in LibTIFF 3.9.4 and possibly other versions, as used ...)
 	{DSA-2210-1}
 	- tiff 3.9.4-1
 	NOTE: This might've been fixed earlier even
@@ -4584,7 +4627,7 @@
 	RESERVED
 CVE-2011-0099
 	RESERVED
-CVE-2011-0098 (Heap-based buffer overflow in Microsoft Excel 2002 SP3, 2003 SP3, 2007 ...)
+CVE-2011-0098 (Integer signedness error in Microsoft Excel 2002 SP3, 2003 SP3, 2007 ...)
 	NOT-FOR-US: Microsoft Excel
 CVE-2011-0097 (Integer overflow in Microsoft Excel 2002 SP3, 2003 SP3, 2007 SP2, and ...)
 	NOT-FOR-US: Microsoft Excel

More information about the Secure-testing-commits mailing list