[Secure-testing-commits] r16263 - data/CVE
Moritz Muehlenhoff
jmm at alioth.debian.org
Mon Feb 28 16:35:59 UTC 2011
Author: jmm
Date: 2011-02-28 16:35:54 +0000 (Mon, 28 Feb 2011)
New Revision: 16263
Modified:
data/CVE/list
Log:
- pinged maintainer for lilo status
- NFUs
- new potential webkit/chromium issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2011-02-27 22:49:29 UTC (rev 16262)
+++ data/CVE/list 2011-02-28 16:35:54 UTC (rev 16263)
@@ -9,7 +9,7 @@
TODO: are other python versions affected?
CVE-2011-XXXX [lilo: lilo.conf world-readable]
- lilo <unfixed> (low; bug #615103)
- TODO: bug report says older version unaffected, check that
+ NOTE: pinged maintainer about oldstable/stable status
CVE-2011-1099
RESERVED
CVE-2011-1098
@@ -73,27 +73,28 @@
CVE-2011-1069
RESERVED
CVE-2011-1068 (Microsoft Windows Azure Software Development Kit (SDK) 1.3.x before ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows Azure SDK
CVE-2011-1067 (slapd (aka ns-slapd) in 389 Directory Server before 1.2.8.a2 does not ...)
- TODO: check
+ NOT-FOR-US: s389 LDAP server
CVE-2011-1066 (Cross-site scripting (XSS) vulnerability in the Messaging module ...)
- TODO: check
+ NOT-FOR-US: Messaging module for Drupal
CVE-2011-1065 (Multiple stack-based buffer overflows in the PIPIWebPlayer ActiveX ...)
- TODO: check
+ NOT-FOR-US: PIPI Player
CVE-2011-1064 (SQL injection vulnerability in member/list.php in qibosoft Qi Bo CMS 7 ...)
- TODO: check
+ NOT-FOR-US: Qi Bo CMS
CVE-2011-1063 (Multiple cross-site scripting (XSS) vulnerabilities in Cherry-Design ...)
- TODO: check
+ NOT-FOR-US: Cherry-Design Photopad
CVE-2011-1062 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
- TODO: check
+ NOT-FOR-US: TaskFreak!
CVE-2011-1061 (SQL injection vulnerability in memberlist.php in WSN Guest 1.24 allows ...)
- TODO: check
+ NOT-FOR-US: WSN Guest
CVE-2011-1060 (SQL injection vulnerability in the member function in ...)
- TODO: check
+ NOT-FOR-US: WSN Guest
CVE-2011-1059 (Use-after-free vulnerability in WebCore in WebKit before r77705, as ...)
- TODO: check
+ - chromium-browser <undetermined>
+ - webkit <undetermined>
CVE-2010-4746 (Multiple memory leaks in the normalization functionality in 389 ...)
- TODO: check
+ NOT-FOR-US: s389 LDAP server
CVE-2011-XXXX [ADC path traversal]
- gitolite <unfixed>
NOTE: https://github.com/sitaramc/gitolite/commit/a33f0f85047834212ff4baf5b479c6cf3d2a6075
@@ -102,23 +103,23 @@
- moin <unfixed>
TODO: check
CVE-2011-1057 (The installer for Metasploit Framework 3.5.1, when running on Windows, ...)
- TODO: check
+ NOT-FOR-US: Metasploit Framework
CVE-2011-1056 (The installer for Metasploit Framework 3.5.1, when running on Windows, ...)
- TODO: check
+ NOT-FOR-US: Metasploit Framework
CVE-2011-1055 (SQL injection vulnerability in api/ice_media.cfc in Lingxia I.C.E CMS ...)
- TODO: check
+ NOT-FOR-US: Lingxia I.C.E CMS
CVE-2011-1054 (Unspecified vulnerability in the PEF input file loader in Hex-Rays IDA ...)
- TODO: check
+ NOT-FOR-US: IDA Pro
CVE-2011-1053 (Unspecified vulnerability in the Mach-O input file loader in Hex-Rays ...)
- TODO: check
+ NOT-FOR-US: IDA Pro
CVE-2011-1052 (Integer overflow in the PSX/GEOS input file loaders in Hex-Rays IDA ...)
- TODO: check
+ NOT-FOR-US: IDA Pro
CVE-2011-1051 (Integer overflow in the COFF/EPOC/EXPLOAD input file loaders in ...)
- TODO: check
+ NOT-FOR-US: IDA Pro
CVE-2011-1050 (Unspecified vulnerability in Hex-Rays IDA Pro 5.7 and 6.0 has unknown ...)
- TODO: check
+ NOT-FOR-US: IDA Pro
CVE-2011-1049 (Buffer overflow in the Mach-O input file loader in Hex-Rays IDA Pro ...)
- TODO: check
+ NOT-FOR-US: IDA Pro
CVE-2011-1048 (SQL injection vulnerability in product.php in MihanTools 1.33 allows ...)
TODO: check
CVE-2011-1047 (Multiple SQL injection vulnerabilities in VastHTML Forum Server (aka ...)
More information about the Secure-testing-commits
mailing list