[Secure-testing-commits] r17924 - data/CVE

Joey Hess joeyh at alioth.debian.org
Fri Dec 30 21:14:18 UTC 2011 

Author: joeyh
Date: 2011-12-30 21:14:17 +0000 (Fri, 30 Dec 2011)
New Revision: 17924

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2011-12-30 18:59:52 UTC (rev 17923)
+++ data/CVE/list	2011-12-30 21:14:17 UTC (rev 17924)
@@ -1,3 +1,25 @@
+CVE-2011-5037 (Google V8 computes hash values for form parameters without restricting ...)
+	TODO: check
+CVE-2011-5036 (Rack before 1.1.3, 1.2.x before 1.2.5, and 1.3.x before 1.3.6 computes ...)
+	TODO: check
+CVE-2011-5035 (Oracle Glassfish 3.1.1 and earlier computes hash values for form ...)
+	TODO: check
+CVE-2011-5034 (Apache Geronimo 2.2.1 and earlier computes hash values for form ...)
+	TODO: check
+CVE-2011-5033 (Stack-based buffer overflow in CFS.c in ConfigServer Security & ...)
+	TODO: check
+CVE-2011-5032 (WMDrive.sys 3.4.181.224 in WinMount 3.5.1018 allows local users to ...)
+	TODO: check
+CVE-2011-5031 (Multiple SQL injection vulnerabilities in ...)
+	TODO: check
+CVE-2011-5030 (Cross-site scripting (XSS) vulnerability in the Meta tags quick module ...)
+	TODO: check
+CVE-2011-5029 (Multiple cross-site scripting (XSS) vulnerabilities in Simple PHP Blog ...)
+	TODO: check
+CVE-2011-5028 (Directory traversal vulnerability in novelllogmanager/FileDownload in ...)
+	TODO: check
+CVE-2011-5027 (Cross-site scripting (XSS) vulnerability in ZABBIX before 1.8.10 ...)
+	TODO: check
 CVE-2011-5026 (Cross-site scripting (XSS) vulnerability in Winn GuestBook before ...)
 	TODO: check
 CVE-2011-5025 (Multiple cross-site scripting (XSS) vulnerabilities in the wiki ...)
@@ -390,8 +412,8 @@
 	RESERVED
 CVE-2011-4886
 	RESERVED
-CVE-2011-4885
-	RESERVED
+CVE-2011-4885 (PHP before 5.3.9 computes hash values for form parameters without ...)
+	TODO: check
 CVE-2011-4884
 	RESERVED
 CVE-2011-4883
@@ -548,8 +570,8 @@
 	RESERVED
 CVE-2011-4839
 	RESERVED
-CVE-2011-4838
-	RESERVED
+CVE-2011-4838 (JRuby before 1.6.5.1 computes hash values without restricting the ...)
+	TODO: check
 CVE-2012-0220
 	RESERVED
 CVE-2012-0219
@@ -664,8 +686,8 @@
 	RESERVED
 CVE-2011-4816
 	RESERVED
-CVE-2011-4815
-	RESERVED
+CVE-2011-4815 (Ruby (aka CRuby) before 1.8.7-p357 computes hash values without ...)
+	TODO: check
 CVE-2012-0185
 	RESERVED
 CVE-2012-0184
@@ -1452,8 +1474,7 @@
 	RESERVED
 	- libhtml-template-pro-perl 0.9507-1 (low; bug #652587)
 	[squeeze] - libhtml-template-pro-perl <no-dsa> (Minor issue)
-CVE-2011-4615
-	RESERVED
+CVE-2011-4615 (Multiple cross-site scripting (XSS) vulnerabilities in Zabbix before ...)
 	- zabbix <unfixed> (bug #652664)
 CVE-2011-4614 [TYPO3-SA-2011-004]
 	RESERVED
@@ -1856,10 +1877,10 @@
 	RESERVED
 CVE-2011-4463
 	RESERVED
-CVE-2011-4462
-	RESERVED
-CVE-2011-4461
-	RESERVED
+CVE-2011-4462 (Plone 4.1.3 and earlier computes hash values for form parameters ...)
+	TODO: check
+CVE-2011-4461 (Jetty 8.1.0.RC2 and earlier computes hash values for form parameters ...)
+	TODO: check
 CVE-2011-4460
 	RESERVED
 CVE-2011-4459
@@ -2787,12 +2808,12 @@
 	TODO: check
 CVE-2011-4166 (Directory traversal vulnerability in the ...)
 	TODO: check
-CVE-2011-4165
-	RESERVED
-CVE-2011-4164
-	RESERVED
-CVE-2011-4163
-	RESERVED
+CVE-2011-4165 (Unspecified vulnerability in HP Database Archiving Software 6.31 ...)
+	TODO: check
+CVE-2011-4164 (Unspecified vulnerability in HP Database Archiving Software 6.31 ...)
+	TODO: check
+CVE-2011-4163 (Unspecified vulnerability in HP Database Archiving Software 6.31 ...)
+	TODO: check
 CVE-2011-4162 (The (1) AddUser, (2) AddUserEx, (3) RemoveUser, (4) RemoveUserByGuide, ...)
 	NOT-FOR-US: HP Protect Tools Device Access Manager
 CVE-2011-4161 (The default configuration of the HP CM8060 Color MFP with Edgeline; ...)
@@ -3019,8 +3040,8 @@
 	RESERVED
 CVE-2011-4085
 	RESERVED
-CVE-2011-4084
-	RESERVED
+CVE-2011-4084 (Apache Tomcat before 5.5.35, 6.x before 6.0.35, and 7.x before 7.0.23 ...)
+	TODO: check
 CVE-2011-4083
 	RESERVED
 CVE-2011-4082
@@ -5009,14 +5030,14 @@
 	RESERVED
 CVE-2011-3418
 	RESERVED
-CVE-2011-3417
-	RESERVED
-CVE-2011-3416
-	RESERVED
-CVE-2011-3415
-	RESERVED
-CVE-2011-3414
-	RESERVED
+CVE-2011-3417 (The Forms Authentication feature in the ASP.NET subsystem in Microsoft ...)
+	TODO: check
+CVE-2011-3416 (The Forms Authentication feature in the ASP.NET subsystem in Microsoft ...)
+	TODO: check
+CVE-2011-3415 (Open redirect vulnerability in the Forms Authentication feature in the ...)
+	TODO: check
+CVE-2011-3414 (The CaseInsensitiveHashProvider.getHashCode function in the HashTable ...)
+	TODO: check
 CVE-2011-3413 (Microsoft PowerPoint 2007 SP2; Office 2008 for Mac; Office ...)
 	NOT-FOR-US: Microsoft PowerPoint
 CVE-2011-3412 (Microsoft Publisher 2003 SP3, and 2007 SP2 and SP3, allows remote ...)

More information about the Secure-testing-commits mailing list