[Secure-testing-commits] r16061 - data/CVE

Joey Hess joeyh at alioth.debian.org
Fri Feb 4 21:14:36 UTC 2011 

Author: joeyh
Date: 2011-02-04 21:14:34 +0000 (Fri, 04 Feb 2011)
New Revision: 16061

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2011-02-04 20:55:37 UTC (rev 16060)
+++ data/CVE/list	2011-02-04 21:14:34 UTC (rev 16061)
@@ -1,3 +1,55 @@
+CVE-2011-0775 (pivotx/modules/module_image.php in PivotX 2.2.2 allows remote ...)
+	TODO: check
+CVE-2011-0774 (PivotX 2.2.2 allows remote attackers to obtain sensitive information ...)
+	TODO: check
+CVE-2011-0773 (Cross-site scripting (XSS) vulnerability in ...)
+	TODO: check
+CVE-2011-0772 (Multiple cross-site scripting (XSS) vulnerabilities in PivotX 2.2.0, ...)
+	TODO: check
+CVE-2011-0771 (Janrain Engage (formerly RPX) module 6.x-1.3 for Drupal does not ...)
+	TODO: check
+CVE-2011-0770
+	RESERVED
+CVE-2011-0769
+	RESERVED
+CVE-2011-0768
+	RESERVED
+CVE-2011-0767
+	RESERVED
+CVE-2011-0766
+	RESERVED
+CVE-2011-0765
+	RESERVED
+CVE-2011-0764
+	RESERVED
+CVE-2011-0763
+	RESERVED
+CVE-2011-0762
+	RESERVED
+CVE-2011-0761
+	RESERVED
+CVE-2011-0760
+	RESERVED
+CVE-2011-0759
+	RESERVED
+CVE-2010-4727 (Smarty before 3.0.0 beta 7 does not properly handle the <?php and ?> ...)
+	TODO: check
+CVE-2010-4726 (Unspecified vulnerability in the math plugin in Smarty before 3.0.0 ...)
+	TODO: check
+CVE-2010-4725 (Smarty before 3.0.0 RC3 does not properly handle an on value of the ...)
+	TODO: check
+CVE-2010-4724 (Multiple unspecified vulnerabilities in the parser implementation in ...)
+	TODO: check
+CVE-2010-4723 (Smarty before 3.0.0, when security is enabled, does not prevent access ...)
+	TODO: check
+CVE-2010-4722 (Unspecified vulnerability in the fetch plugin in Smarty before 3.0.2 ...)
+	TODO: check
+CVE-2009-5054 (Smarty before 3.0.0 beta 4 does not consider the umask value when ...)
+	TODO: check
+CVE-2009-5053 (Unspecified vulnerability in Smarty before 3.0.0 beta 6 allows remote ...)
+	TODO: check
+CVE-2009-5052 (Multiple unspecified vulnerabilities in Smarty before 3.0.0 beta 6 ...)
+	TODO: check
 CVE-2011-XXXX [Legacy certificates stack disclosure]
 	- openssh <not-affected> (Only affects OpenSSH 5.6 and 5.7)
 CVE-2011-0758
@@ -84,8 +136,8 @@
 	NOT-FOR-US: Joomla JRadio addon
 CVE-2010-4718 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
 	NOT-FOR-US: Joomla Lyftenbloggie addon
-CVE-2011-0720
-	RESERVED
+CVE-2011-0720 (Unspecified vulnerability in Plone 2.5 through 4.0 allows remote ...)
+	TODO: check
 CVE-2011-0719
 	RESERVED
 CVE-2011-0718
@@ -245,8 +297,8 @@
 	NOTE: Mostly a case of mis-documentation
 CVE-2010-4709 (Heap-based buffer overflow in Automated Solutions Modbus/TCP Master ...)
 	NOT-FOR-US: Automated Solutions Modbus/TCP Master
-CVE-2011-0649
-	RESERVED
+CVE-2011-0649 (Multiple unspecified vulnerabilities in TIBCO Rendezvous 8.2.1 through ...)
+	TODO: check
 CVE-2011-0648
 	RESERVED
 CVE-2011-0647
@@ -497,8 +549,7 @@
 	RESERVED
 CVE-2011-0538
 	RESERVED
-CVE-2011-0537 [mediawiki server-side arbitrary script inclusion vulnerability]
-	RESERVED
+CVE-2011-0537 (Multiple directory traversal vulnerabilities in (1) ...)
 	- mediawiki <unfixed> (bug #611787)
 CVE-2011-0536
 	RESERVED
@@ -732,8 +783,8 @@
 	RESERVED
 CVE-2011-0452
 	RESERVED
-CVE-2011-0451
-	RESERVED
+CVE-2011-0451 (Multiple cross-site scripting (XSS) vulnerabilities in (1) ...)
+	TODO: check
 CVE-2011-0450 (The downloads manager in Opera before 11.01 on Windows does not ...)
 	NOT-FOR-US: Opera
 CVE-2011-0449
@@ -950,8 +1001,8 @@
 	RESERVED
 CVE-2011-0355
 	RESERVED
-CVE-2011-0354
-	RESERVED
+CVE-2011-0354 (The default configuration of Cisco Tandberg C Series Endpoints, and ...)
+	TODO: check
 CVE-2011-0353
 	RESERVED
 CVE-2011-0352 (Buffer overflow in the web-based management interface on the Cisco ...)
@@ -1837,13 +1888,12 @@
 	RESERVED
 CVE-2011-0050
 	RESERVED
-CVE-2011-0049
-	RESERVED
+CVE-2011-0049 (Directory traversal vulnerability in the _list_file_get function in ...)
+	TODO: check
 CVE-2011-0048 (Bugzilla before 3.2.10, 3.4.x before 3.4.10, 3.6.x before 3.6.4, and ...)
 	- bugzilla <unfixed> (bug #611176)
 	NOTE: http://www.bugzilla.org/security/3.2.9/
-CVE-2011-0047 [mediawiki CSS injection]
-	RESERVED
+CVE-2011-0047 (Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.2 ...)
 	- mediawiki <unfixed> (bug #611787)
 CVE-2011-0046 (Multiple cross-site request forgery (CSRF) vulnerabilities in Bugzilla ...)
 	- bugzilla <unfixed> (bug #611176)
@@ -96231,8 +96281,7 @@
 	NOT-FOR-US: WebSTAR
 CVE-2004-0695 (Stack-based buffer overflow in the FTP service for 4D WebSTAR 5.3.2 ...)
 	NOT-FOR-US: WebSTAR
-CVE-2004-0694
-	RESERVED
+CVE-2004-0694 (Buffer overflow in LHA 1.14 and earlier allows remote attackers to ...)
 	- lha 1.14i-10 (bug #279870)
 CVE-2004-0693 (The GIF parser in the QT library (qt3) before 3.3.3 allows remote ...)
 	{DSA-542-1}

More information about the Secure-testing-commits mailing list