[Secure-testing-commits] r16119 - data/CVE
Raphael Geissert
geissert at alioth.debian.org
Sun Feb 13 00:54:34 UTC 2011
Author: geissert
Date: 2011-02-13 00:54:32 +0000 (Sun, 13 Feb 2011)
New Revision: 16119
Modified:
data/CVE/list
Log:
new issues: tsclient (2), wireshark (1)
NFUs: adobe and ibm stuff, zikula
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2011-02-13 00:04:22 UTC (rev 16118)
+++ data/CVE/list 2011-02-13 00:54:32 UTC (rev 16119)
@@ -132,33 +132,33 @@
CVE-2011-0925
RESERVED
CVE-2011-0924 (The client in HP Data Protector does not verify the contents of files ...)
- TODO: check
+ NOT-FOR-US: HP Data Protector
CVE-2011-0923 (The client in HP Data Protector does not properly validate EXEC_CMD ...)
- TODO: check
+ NOT-FOR-US: HP Data Protector
CVE-2011-0922 (The client in HP Data Protector allows remote attackers to execute ...)
- TODO: check
+ NOT-FOR-US: HP Data Protector
CVE-2011-0921 (crs.exe in the Cell Manager Service in the client in HP Data Protector ...)
- TODO: check
+ NOT-FOR-US: HP Data Protector
CVE-2011-0920 (The Remote Console in IBM Lotus Domino, when a certain unsupported ...)
- TODO: check
+ NOT-FOR-US: IBM Lotus Domino
CVE-2011-0919 (Multiple stack-based buffer overflows in the (1) POP3 and (2) IMAP ...)
- TODO: check
+ NOT-FOR-US: IBM Lotus Domino
CVE-2011-0918 (Stack-based buffer overflow in the NRouter (aka Router) service in IBM ...)
- TODO: check
+ NOT-FOR-US: IBM Lotus Domino
CVE-2011-0917 (Buffer overflow in nLDAP.exe in IBM Lotus Domino allows remote ...)
- TODO: check
+ NOT-FOR-US: IBM Lotus Domino
CVE-2011-0916 (Stack-based buffer overflow in the SMTP service in IBM Lotus Domino ...)
- TODO: check
+ NOT-FOR-US: IBM Lotus Domino
CVE-2011-0915 (Stack-based buffer overflow in nrouter.exe in IBM Lotus Domino before ...)
- TODO: check
+ NOT-FOR-US: IBM Lotus Domino
CVE-2011-0914 (Integer signedness error in ndiiop.exe in the DIIOP implementation in ...)
- TODO: check
+ NOT-FOR-US: IBM Lotus Domino
CVE-2011-0913 (Stack-based buffer overflow in ndiiop.exe in the DIIOP implementation ...)
- TODO: check
+ NOT-FOR-US: IBM Lotus Domino
CVE-2011-0912 (IBM Lotus Notes 8.0.x before 8.0.2 FP6 and 8.5.x before 8.5.1 FP5 ...)
- TODO: check
+ NOT-FOR-US: IBM Lotus Notes
CVE-2011-0911 (Cross-site scripting (XSS) vulnerability in the Users module in Zikula ...)
- TODO: check
+ NOT-FOR-US: zikula
CVE-2011-0910 (The cookie implementation in Vanilla Forums before 2.0.17.6 makes it ...)
TODO: check
CVE-2011-0909 (Cross-site scripting (XSS) vulnerability in Vanilla Forums before ...)
@@ -178,8 +178,10 @@
CVE-2011-0902 (Multiple untrusted search path vulnerabilities in the Java Service in ...)
TODO: check
CVE-2011-0901 (Multiple stack-based buffer overflows in the tsc_launch_remote ...)
+ - tsclient <unfixed>
TODO: check
CVE-2011-0900 (Stack-based buffer overflow in the tsc_launch_remote function ...)
+ - tsclient <unfixed>
TODO: check
CVE-2011-0899 (The AES encryption module 7.x-1.4 for Drupal leaves certain debugging ...)
TODO: check
@@ -430,9 +432,9 @@
CVE-2011-0776 (The sandbox implementation in Google Chrome before 9.0.597.84 on Mac ...)
TODO: check
CVE-2010-4729 (Zikula before 1.2.3 does not use the authid protection mechanism for ...)
- TODO: check
+ NOT-FOR-US: zikula
CVE-2010-4728 (Zikula before 1.3.1 uses the rand and srand PHP functions for random ...)
- TODO: check
+ NOT-FOR-US: zikula
CVE-2011-XXXX [evince segfault]
- evince <unfixed> (bug #612668)
TODO: check
@@ -906,57 +908,57 @@
CVE-2011-0607 (Adobe Flash Player before 10.2.152.26 allows attackers to execute ...)
NOT-FOR-US: Adobe Flash Player
CVE-2011-0606 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x ...)
- TODO: check
+ NOT-FOR-US: Adobe Reader
CVE-2011-0605 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x ...)
- TODO: check
+ NOT-FOR-US: Adobe Reader
CVE-2011-0604 (Cross-site scripting (XSS) vulnerability in Adobe Reader and Acrobat ...)
- TODO: check
+ NOT-FOR-US: Adobe Reader
CVE-2011-0603 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x ...)
- TODO: check
+ NOT-FOR-US: Adobe Reader
CVE-2011-0602 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x ...)
- TODO: check
+ NOT-FOR-US: Adobe Reader
CVE-2011-0601
RESERVED
CVE-2011-0600 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x ...)
- TODO: check
+ NOT-FOR-US: Adobe Reader
CVE-2011-0599 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x ...)
- TODO: check
+ NOT-FOR-US: Adobe Reader
CVE-2011-0598 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x ...)
- TODO: check
+ NOT-FOR-US: Adobe Reader
CVE-2011-0597
RESERVED
CVE-2011-0596 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x ...)
- TODO: check
+ NOT-FOR-US: Adobe Reader
CVE-2011-0595 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x ...)
- TODO: check
+ NOT-FOR-US: Adobe Reader
CVE-2011-0594 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x ...)
- TODO: check
+ NOT-FOR-US: Adobe Reader
CVE-2011-0593 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x ...)
- TODO: check
+ NOT-FOR-US: Adobe Reader
CVE-2011-0592 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x ...)
- TODO: check
+ NOT-FOR-US: Adobe Reader
CVE-2011-0591 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x ...)
- TODO: check
+ NOT-FOR-US: Adobe Reader
CVE-2011-0590 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x ...)
- TODO: check
+ NOT-FOR-US: Adobe Reader
CVE-2011-0589 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x ...)
- TODO: check
+ NOT-FOR-US: Adobe Reader
CVE-2011-0588 (Untrusted search path vulnerability in Adobe Reader and Acrobat 10.x ...)
- TODO: check
+ NOT-FOR-US: Adobe Reader
CVE-2011-0587 (Cross-site scripting (XSS) vulnerability in Adobe Reader and Acrobat ...)
- TODO: check
+ NOT-FOR-US: Adobe Reader
CVE-2011-0586 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x ...)
- TODO: check
+ NOT-FOR-US: Adobe Reader
CVE-2011-0585 (Unspecified vulnerability in Adobe Reader and Acrobat 10.x before ...)
- TODO: check
+ NOT-FOR-US: Adobe Reader
CVE-2011-0584 (Session fixation vulnerability in Adobe ColdFusion 8.0 through 9.0.1 ...)
- TODO: check
+ NOT-FOR-US: Adobe ColdFusion
CVE-2011-0583 (Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 8.0 ...)
- TODO: check
+ NOT-FOR-US: Adobe ColdFusion
CVE-2011-0582 (Unspecified vulnerability in the administrator console in Adobe ...)
TODO: check
CVE-2011-0581 (Multiple CRLF injection vulnerabilities in Adobe ColdFusion 8.0 ...)
- TODO: check
+ NOT-FOR-US: Adobe ColdFusion
CVE-2011-0580 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
TODO: check
CVE-2011-0579
@@ -978,23 +980,23 @@
CVE-2011-0571 (Adobe Flash Player before 10.2.152.26 allows attackers to execute ...)
NOT-FOR-US: Adobe Flash Player
CVE-2011-0570 (Untrusted search path vulnerability in Adobe Reader and Acrobat 10.x ...)
- TODO: check
+ NOT-FOR-US: Adobe Reader
CVE-2011-0569 (The Font Xtra.x32 module in Adobe Shockwave Player before 11.5.9.620 ...)
- TODO: check
+ NOT-FOR-US: Adobe Shockwave Player
CVE-2011-0568 (Unspecified vulnerability in Adobe Reader and Acrobat 10.x before ...)
- TODO: check
+ NOT-FOR-US: Adobe Reader
CVE-2011-0567 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x ...)
- TODO: check
+ NOT-FOR-US: Adobe Reader
CVE-2011-0566 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x ...)
- TODO: check
+ NOT-FOR-US: Adobe Reader
CVE-2011-0565 (Unspecified vulnerability in Adobe Reader and Acrobat 10.x before ...)
- TODO: check
+ NOT-FOR-US: Adobe Reader
CVE-2011-0564 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x ...)
- TODO: check
+ NOT-FOR-US: Adobe Reader
CVE-2011-0563 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x ...)
- TODO: check
+ NOT-FOR-US: Adobe Reader
CVE-2011-0562 (Untrusted search path vulnerability in Adobe Reader and Acrobat 10.x ...)
- TODO: check
+ NOT-FOR-US: Adobe Reader
CVE-2011-0561 (Adobe Flash Player before 10.2.152.26 allows attackers to execute ...)
NOT-FOR-US: Adobe Flash Player
CVE-2011-0560 (Adobe Flash Player before 10.2.152.26 allows attackers to execute ...)
@@ -1004,11 +1006,11 @@
CVE-2011-0558 (Integer overflow in Adobe Flash Player before 10.2.152.26 allows ...)
NOT-FOR-US: Adobe Flash Player
CVE-2011-0557 (Integer overflow in Adobe Shockwave Player before 11.5.9.620 allows ...)
- TODO: check
+ NOT-FOR-US: Adobe Shockwave Player
CVE-2011-0556 (The Font Xtra.x32 module in Adobe Shockwave Player before 11.5.9.620 ...)
- TODO: check
+ NOT-FOR-US: Adobe Shockwave Player
CVE-2011-0555 (Adobe Shockwave Player before 11.5.9.620 allows attackers to execute ...)
- TODO: check
+ NOT-FOR-US: Adobe Shockwave Player
CVE-2011-0554
RESERVED
CVE-2011-0553
@@ -1044,6 +1046,7 @@
[squeeze] - openssh <not-affected> (Only affects OpenSSH 5.6 and 5.7)
[lenny] - openssh <not-affected> (Only affects OpenSSH 5.6 and 5.7)
CVE-2011-0538 (Wireshark 1.5.0, 1.4.3, and earlier frees an uninitialized pointer ...)
+ - wireshark <unfixed>
TODO: check
CVE-2011-0537 (Multiple directory traversal vulnerabilities in (1) ...)
- mediawiki <unfixed> (bug #611787)
@@ -1052,7 +1055,7 @@
- eglibc <unfixed> (bug #600667)
- glibc <removed>
CVE-2011-0535 (Cross-site request forgery (CSRF) vulnerability in the Users module in ...)
- TODO: check
+ NOT-FOR-US: zikula
CVE-2011-0534 (Apache Tomcat 7.0.0 through 7.0.6 and 6.0.0 through 6.0.30 does not ...)
- tomcat5.5 <not-affected> (Vulnerable code not present)
- tomcat6 6.0.28-10
More information about the Secure-testing-commits
mailing list