[Secure-testing-commits] r17111 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Mon Aug 22 21:14:19 UTC 2011
Author: joeyh
Date: 2011-08-22 21:14:19 +0000 (Mon, 22 Aug 2011)
New Revision: 17111
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2011-08-22 16:42:51 UTC (rev 17110)
+++ data/CVE/list 2011-08-22 21:14:19 UTC (rev 17111)
@@ -1,3 +1,215 @@
+CVE-2011-3265 (popup.php in Zabbix before 1.8.7 allows remote attackers to read the ...)
+ TODO: check
+CVE-2011-3264 (Zabbix before 1.8.6 allows remote attackers to obtain sensitive ...)
+ TODO: check
+CVE-2011-3263 (zabbix_agentd in Zabbix before 1.8.6 and 1.9.x before 1.9.4 allows ...)
+ TODO: check
+CVE-2011-3262 (tools/libxc/xc_dom_bzimageloader.c in Xen 3.2, 3.3, 4.0, and 4.1 ...)
+ TODO: check
+CVE-2011-3261
+ RESERVED
+CVE-2011-3260
+ RESERVED
+CVE-2011-3259
+ RESERVED
+CVE-2011-3258
+ RESERVED
+CVE-2011-3257
+ RESERVED
+CVE-2011-3256
+ RESERVED
+CVE-2011-3255
+ RESERVED
+CVE-2011-3254
+ RESERVED
+CVE-2011-3253
+ RESERVED
+CVE-2011-3252
+ RESERVED
+CVE-2011-3251
+ RESERVED
+CVE-2011-3250
+ RESERVED
+CVE-2011-3249
+ RESERVED
+CVE-2011-3248
+ RESERVED
+CVE-2011-3247
+ RESERVED
+CVE-2011-3246
+ RESERVED
+CVE-2011-3245
+ RESERVED
+CVE-2011-3244
+ RESERVED
+CVE-2011-3243
+ RESERVED
+CVE-2011-3242
+ RESERVED
+CVE-2011-3241
+ RESERVED
+CVE-2011-3240
+ RESERVED
+CVE-2011-3239
+ RESERVED
+CVE-2011-3238
+ RESERVED
+CVE-2011-3237
+ RESERVED
+CVE-2011-3236
+ RESERVED
+CVE-2011-3235
+ RESERVED
+CVE-2011-3234
+ RESERVED
+CVE-2011-3233
+ RESERVED
+CVE-2011-3232
+ RESERVED
+CVE-2011-3231
+ RESERVED
+CVE-2011-3230
+ RESERVED
+CVE-2011-3229
+ RESERVED
+CVE-2011-3228
+ RESERVED
+CVE-2011-3227
+ RESERVED
+CVE-2011-3226
+ RESERVED
+CVE-2011-3225
+ RESERVED
+CVE-2011-3224
+ RESERVED
+CVE-2011-3223
+ RESERVED
+CVE-2011-3222
+ RESERVED
+CVE-2011-3221
+ RESERVED
+CVE-2011-3220
+ RESERVED
+CVE-2011-3219
+ RESERVED
+CVE-2011-3218
+ RESERVED
+CVE-2011-3217
+ RESERVED
+CVE-2011-3216
+ RESERVED
+CVE-2011-3215
+ RESERVED
+CVE-2011-3214
+ RESERVED
+CVE-2011-3213
+ RESERVED
+CVE-2011-3212
+ RESERVED
+CVE-2011-3211
+ RESERVED
+CVE-2011-3210
+ RESERVED
+CVE-2011-3209
+ RESERVED
+CVE-2011-3208
+ RESERVED
+CVE-2011-3207
+ RESERVED
+CVE-2011-3206
+ RESERVED
+CVE-2011-3205
+ RESERVED
+CVE-2011-3204
+ RESERVED
+CVE-2011-3203
+ RESERVED
+CVE-2011-3202
+ RESERVED
+CVE-2011-3201
+ RESERVED
+CVE-2011-3200
+ RESERVED
+CVE-2011-3199
+ RESERVED
+CVE-2011-3198
+ RESERVED
+CVE-2011-3197
+ RESERVED
+CVE-2011-3196
+ RESERVED
+CVE-2011-3195
+ RESERVED
+CVE-2011-3194
+ RESERVED
+CVE-2011-3193
+ RESERVED
+CVE-2011-3192
+ RESERVED
+CVE-2011-3191
+ RESERVED
+CVE-2011-3190
+ RESERVED
+CVE-2011-3189
+ RESERVED
+CVE-2011-3188
+ RESERVED
+CVE-2011-3187
+ RESERVED
+CVE-2011-3186
+ RESERVED
+CVE-2011-3185
+ RESERVED
+CVE-2011-3184
+ RESERVED
+CVE-2011-3183
+ RESERVED
+CVE-2011-3182
+ RESERVED
+CVE-2011-3181
+ RESERVED
+CVE-2011-3180
+ RESERVED
+CVE-2011-3179
+ RESERVED
+CVE-2011-3178
+ RESERVED
+CVE-2011-3177
+ RESERVED
+CVE-2011-3176
+ RESERVED
+CVE-2011-3175
+ RESERVED
+CVE-2011-3174
+ RESERVED
+CVE-2011-3173
+ RESERVED
+CVE-2011-3172
+ RESERVED
+CVE-2011-3171
+ RESERVED
+CVE-2011-3170 (The gif_read_lzw function in filter/image-gif.c in CUPS 1.4.8 and ...)
+ TODO: check
+CVE-2010-4824
+ RESERVED
+CVE-2010-4823
+ RESERVED
+CVE-2010-4822
+ RESERVED
+CVE-2010-4821
+ RESERVED
+CVE-2010-4820
+ RESERVED
+CVE-2010-4819
+ RESERVED
+CVE-2010-4818
+ RESERVED
+CVE-2010-4817
+ RESERVED
+CVE-2010-4816
+ RESERVED
+CVE-2010-4815
+ RESERVED
CVE-2011-XXXX [pidgin MSN DoS]
- pidgin 2.10.0-1
CVE-2011-XXXX [mantis XSS]
@@ -442,7 +654,7 @@
[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
- iceape <not-affected> (Only affects Firefox >= 4)
- icedove <not-affected> (Only affects Thunderbird 5)
-CVE-2011-2984 (Mozilla Firefox before 3.6.20 does not properly handle the dropping of ...)
+CVE-2011-2984 (Mozilla Firefox before 3.6.20, SeaMonkey 2.x, and possibly other ...)
{DSA-2297-1 DSA-2296-1 DSA-2295-1}
- icedove 3.1.12-1
- xulrunner <removed>
@@ -451,7 +663,7 @@
[lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner from the xulrunner source pkg)
- iceape 2.0.14-5
[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2011-2983 (Mozilla Firefox before 3.6.20 does not properly handle the ...)
+CVE-2011-2983 (Mozilla Firefox before 3.6.20, Thunderbird 2.x, SeaMonkey 1.x and 2.x, ...)
{DSA-2297-1 DSA-2296-1 DSA-2295-1}
- icedove 3.1.12-1
- xulrunner <removed>
@@ -469,7 +681,7 @@
[lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner from the xulrunner source pkg)
- iceape 2.0.14-5
[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2011-2981 (The event-management implementation in Mozilla Firefox before 3.6.20 ...)
+CVE-2011-2981 (The event-management implementation in Mozilla Firefox before 3.6.20, ...)
{DSA-2297-1 DSA-2296-1 DSA-2295-1}
- icedove 3.1.12-1
- xulrunner <removed>
@@ -656,8 +868,8 @@
RESERVED
- linux-2.6 3.0.0-2
[lenny] - linux-2.6 <not-affected> (perf not yet present)
-CVE-2011-2904
- RESERVED
+CVE-2011-2904 (Cross-site scripting (XSS) vulnerability in acknow.php in Zabbix ...)
+ TODO: check
CVE-2011-2903
RESERVED
- tcptrack <unfixed> (unimportant; bug #551092)
@@ -678,10 +890,9 @@
- linux-2.6 3.0.0-1
CVE-2011-2897
RESERVED
-CVE-2011-2896
- RESERVED
-CVE-2011-2895 [libxfont buffer overflow]
- RESERVED
+CVE-2011-2896 (The LZW decompressor in the LWZReadByte function in giftoppm.c in the ...)
+ TODO: check
+CVE-2011-2895 (The LZW decompressor in (1) the BufCompressedFill function in ...)
{DSA-2293-1}
- libxfont 1:1.4.4-1
CVE-2011-2894
@@ -857,7 +1068,7 @@
CVE-2011-2811
RESERVED
CVE-2011-2810
- RESERVED
+ REJECTED
CVE-2011-2809
RESERVED
CVE-2011-2808
@@ -1850,8 +2061,8 @@
RESERVED
CVE-2011-2411
RESERVED
-CVE-2011-2410
- RESERVED
+CVE-2011-2410 (Cross-site scripting (XSS) vulnerability in HP OpenView Performance ...)
+ TODO: check
CVE-2011-2409 (Cross-site scripting (XSS) vulnerability in the Calendar application ...)
NOT-FOR-US: HP Palm webOS 3.x
CVE-2011-2408 (Cross-site scripting (XSS) vulnerability in the Contacts application ...)
@@ -1908,7 +2119,7 @@
TODO: check
CVE-2011-2379 (Cross-site scripting (XSS) vulnerability in Bugzilla 2.4 through ...)
TODO: check
-CVE-2011-2378 (The appendChild function in Mozilla Firefox before 3.6.20 does not ...)
+CVE-2011-2378 (The appendChild function in Mozilla Firefox before 3.6.20, Thunderbird ...)
{DSA-2297-1 DSA-2296-1 DSA-2295-1}
- icedove 3.1.12-1
- xulrunner <removed>
@@ -4849,10 +5060,10 @@
- webkit <undetermined>
CVE-2011-1343 (SQL injection vulnerability in the Web GUI in IBM Tivoli ...)
NOT-FOR-US: Tivoli
-CVE-2011-1342
- RESERVED
-CVE-2011-1341
- RESERVED
+CVE-2011-1342 (SQL injection vulnerability in Aimluck Aipo before 5.1.1, and Aipo for ...)
+ TODO: check
+CVE-2011-1341 (Cross-site request forgery (CSRF) vulnerability in Aimluck Aipo before ...)
+ TODO: check
CVE-2011-1340 (Cross-site scripting (XSS) vulnerability in ...)
TODO: check
CVE-2011-1339 (Cross-site scripting (XSS) vulnerability in Google Search Appliance ...)
@@ -7202,8 +7413,8 @@
NOT-FOR-US: Symantec Web Gateway
CVE-2011-0548 (Buffer overflow in the Lotus Freelance Graphics PRZ file viewer in ...)
NOT-FOR-US: Lotus Freelance Graphics
-CVE-2011-0547
- RESERVED
+CVE-2011-0547 (Multiple integer overflows in vxsvc.exe in the Veritas Enterprise ...)
+ TODO: check
CVE-2011-0546 (Symantec Backup Exec 11.0, 12.0, 12.5, 13.0, and 13.0 R2 does not ...)
NOT-FOR-US: Symantec Backup Exec
CVE-2011-0545 (Cross-site request forgery (CSRF) vulnerability in adduser.do in ...)
@@ -29151,7 +29362,7 @@
NOT-FOR-US: Online Guestbook Pro
CVE-2009-2447 (Multiple cross-site scripting (XSS) vulnerabilities in ogp_show.php in ...)
NOT-FOR-US: Online Guestbook Pro
-CVE-2009-2445 (Sun Java System Web Server (aka Sun ONE Web Server) 6.1 before SP12, ...)
+CVE-2009-2445 (Oracle iPlanet Web Server (formerly Sun Java System Web Server or Sun ...)
NOT-FOR-US: Sun ONE Web Server
CVE-2009-2444 (Directory traversal vulnerability in maillinglist/setup/step1.php.inc ...)
NOT-FOR-US: ADbNewsSender
More information about the Secure-testing-commits
mailing list