[Secure-testing-commits] r16197 - data/CVE

Joey Hess joeyh at alioth.debian.org
Fri Feb 18 21:15:37 UTC 2011 

Author: joeyh
Date: 2011-02-18 21:15:26 +0000 (Fri, 18 Feb 2011)
New Revision: 16197

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2011-02-18 17:00:40 UTC (rev 16196)
+++ data/CVE/list	2011-02-18 21:15:26 UTC (rev 16197)
@@ -1270,8 +1270,7 @@
 	- tomcat5.5 <not-affected> (Vulnerable code not present)
 	- tomcat6 6.0.28-10 (bug #612257)
 	[lenny] - tomcat6 <not-affected> (Only ships the servlet package)
-CVE-2011-0533
-	RESERVED
+CVE-2011-0533 (Cross-site scripting (XSS) vulnerability in Apache Continuum 1.1 ...)
 	NOT-FOR-US: Apache Continuum
 CVE-2011-0532
 	RESERVED
@@ -1722,8 +1721,8 @@
 	RESERVED
 CVE-2011-0356
 	RESERVED
-CVE-2011-0355
-	RESERVED
+CVE-2011-0355 (Cisco Nexus 1000V Virtual Ethernet Module (VEM) 4.0(4) SV1(1) through ...)
+	TODO: check
 CVE-2011-0354 (The default configuration of Cisco Tandberg C Series Endpoints, and ...)
 	NOT-FOR-US: Cisco
 CVE-2011-0353
@@ -3106,66 +3105,52 @@
 	- openssh <not-affected> (J-PAKE not activated, see bug #606922)
 CVE-2010-4477
 	RESERVED
-CVE-2010-4476 [trivial DoS when parsing strings into Java Double objects]
-	RESERVED
+CVE-2010-4476 (Unspecified vulnerability in the Java Runtime Environment (JRE) in ...)
 	{DSA-2161-2 DSA-2161-1}
 	- openjdk-6 <unfixed> (bug #612660)
 	- sun-java6 6.24-1
 	NOTE: Patch http://mail.openjdk.java.net/pipermail/core-libs-dev/2011-February/005795.html
 	NOTE: Oracle http://www.oracle.com/technetwork/topics/security/alert-cve-2010-4476-305811.html
 	NOTE: Original report http://www.exploringbinary.com/java-hangs-when-converting-2-2250738585072012e-308/
-CVE-2010-4475
-	RESERVED
+CVE-2010-4475 (Unspecified vulnerability in the Java Runtime Environment (JRE) in ...)
 	- sun-java6 6.24-1
 	- openjdk-6 <unfixed>
-CVE-2010-4474
-	RESERVED
+CVE-2010-4474 (Unspecified vulnerability in the Java DB component in Oracle Java SE ...)
 	- sun-java6 6.24-1
 	- openjdk-6 <unfixed>
-CVE-2010-4473
-	RESERVED
+CVE-2010-4473 (Unspecified vulnerability in the Java Runtime Environment (JRE) in ...)
 	- sun-java6 6.24-1
 	- openjdk-6 <unfixed>
-CVE-2010-4472
-	RESERVED
+CVE-2010-4472 (Unspecified vulnerability in the Java Runtime Environment (JRE) in ...)
 	- sun-java6 6.24-1
 	- openjdk-6 <unfixed>
-CVE-2010-4471
-	RESERVED
+CVE-2010-4471 (Unspecified vulnerability in the Java Runtime Environment (JRE) in ...)
 	- sun-java6 6.24-1
 	- openjdk-6 <unfixed>
-CVE-2010-4470
-	RESERVED
+CVE-2010-4470 (Unspecified vulnerability in the Java Runtime Environment (JRE) in ...)
 	- sun-java6 6.24-1
 	- openjdk-6 <unfixed>
-CVE-2010-4469
-	RESERVED
+CVE-2010-4469 (Unspecified vulnerability in the Java Runtime Environment (JRE) in ...)
 	- sun-java6 6.24-1
 	- openjdk-6 <unfixed>
-CVE-2010-4468
-	RESERVED
+CVE-2010-4468 (Unspecified vulnerability in the Java Runtime Environment (JRE) in ...)
 	- sun-java6 6.24-1
 	- openjdk-6 <unfixed>
-CVE-2010-4467
-	RESERVED
+CVE-2010-4467 (Unspecified vulnerability in the Java Runtime Environment (JRE) in ...)
 	- sun-java6 6.24-1
 	- openjdk-6 <unfixed>
-CVE-2010-4466
-	RESERVED
+CVE-2010-4466 (Unspecified vulnerability in the Java Runtime Environment (JRE) in ...)
 	- sun-java6 6.24-1
 	- openjdk-6 <unfixed>
-CVE-2010-4465
-	RESERVED
+CVE-2010-4465 (Unspecified vulnerability in the Java Runtime Environment (JRE) in ...)
 	- sun-java6 6.24-1
 	- openjdk-6 <unfixed>
 CVE-2010-4464 (Unspecified vulnerability in Oracle Sun Convergence 1.0 allows remote ...)
 	NOT-FOR-US: Oracle Convergence
-CVE-2010-4463
-	RESERVED
+CVE-2010-4463 (Unspecified vulnerability in the Java Runtime Environment (JRE) in ...)
 	- sun-java6 6.24-1
 	- openjdk-6 <unfixed>
-CVE-2010-4462
-	RESERVED
+CVE-2010-4462 (Unspecified vulnerability in the Java Runtime Environment (JRE) in ...)
 	- sun-java6 6.24-1
 	- openjdk-6 <unfixed>
 CVE-2010-4461 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component ...)
@@ -3182,32 +3167,26 @@
 	NOT-FOR-US: Oracle Sun Java System Communications Express
 CVE-2010-4455 (Unspecified vulnerability in the Oracle HTTP Server component in ...)
 	NOT-FOR-US: Oracle Fusion
-CVE-2010-4454
-	RESERVED
+CVE-2010-4454 (Unspecified vulnerability in the Java Runtime Environment (JRE) in ...)
 	- sun-java6 6.24-1
 	- openjdk-6 <unfixed>
 CVE-2010-4453 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
 	NOT-FOR-US: Oracle WebLogic
-CVE-2010-4452
-	RESERVED
+CVE-2010-4452 (Unspecified vulnerability in the Deployment component in Java Runtime ...)
 	- sun-java6 6.24-1
 	- openjdk-6 <unfixed>
-CVE-2010-4451
-	RESERVED
+CVE-2010-4451 (Unspecified vulnerability in the Java Runtime Environment (JRE) in ...)
 	- sun-java6 6.24-1
 	- openjdk-6 <unfixed>
-CVE-2010-4450
-	RESERVED
+CVE-2010-4450 (Unspecified vulnerability in the Java Runtime Environment (JRE) in ...)
 	- sun-java6 6.24-1
 	- openjdk-6 <unfixed>
 CVE-2010-4449 (Unspecified vulnerability in the Audit Vault component in Oracle Audit ...)
 	NOT-FOR-US: Oracle Audit
-CVE-2010-4448
-	RESERVED
+CVE-2010-4448 (Unspecified vulnerability in the Java Runtime Environment (JRE) in ...)
 	- sun-java6 6.24-1
 	- openjdk-6 <unfixed>
-CVE-2010-4447
-	RESERVED
+CVE-2010-4447 (Unspecified vulnerability in the Java Runtime Environment (JRE) in ...)
 	- sun-java6 6.24-1
 	- openjdk-6 <unfixed>
 CVE-2010-4446 (Unspecified vulnerability in Oracle Solaris 11 Express allows local ...)
@@ -3258,8 +3237,7 @@
 	NOT-FOR-US: PeopleSoft 
 CVE-2010-4423 (Unspecified vulnerability in the Cluster Verify Utility component in ...)
 	NOT-FOR-US: Oracle Database
-CVE-2010-4422
-	RESERVED
+CVE-2010-4422 (Unspecified vulnerability in the Java Runtime Environment (JRE) in ...)
 	- sun-java6 6.24-1
 	- openjdk-6 <unfixed>
 CVE-2010-4421 (Unspecified vulnerability in the Database Vault component in Oracle ...)
@@ -6324,12 +6302,12 @@
 	RESERVED
 CVE-2010-3275
 	RESERVED
-CVE-2010-3274
-	RESERVED
-CVE-2010-3273
-	RESERVED
-CVE-2010-3272
-	RESERVED
+CVE-2010-3274 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+	TODO: check
+CVE-2010-3273 (ZOHO ManageEngine ADSelfService Plus before 4.5 Build 4500 allows ...)
+	TODO: check
+CVE-2010-3272 (accounts/ValidateAnswers in the security-questions implementation in ...)
+	TODO: check
 CVE-2010-3271
 	RESERVED
 CVE-2010-3270 (Stack-based buffer overflow in Cisco WebEx Meeting Center T27LB before ...)

More information about the Secure-testing-commits mailing list