[Secure-testing-commits] r16879 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Fri Jul 1 21:14:19 UTC 2011
Author: joeyh
Date: 2011-07-01 21:14:18 +0000 (Fri, 01 Jul 2011)
New Revision: 16879
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2011-07-01 20:51:39 UTC (rev 16878)
+++ data/CVE/list 2011-07-01 21:14:18 UTC (rev 16879)
@@ -1,3 +1,101 @@
+CVE-2011-2641 (Opera 11.11 allows remote attackers to cause a denial of service ...)
+ TODO: check
+CVE-2011-2640 (Opera before 11.10 allows remote attackers to cause a denial of ...)
+ TODO: check
+CVE-2011-2639 (Opera before 11.10 does not properly handle hidden animated GIF ...)
+ TODO: check
+CVE-2011-2638 (Unspecified vulnerability in Opera before 11.10 allows remote ...)
+ TODO: check
+CVE-2011-2637 (Unspecified vulnerability in Opera before 11.10 allows remote ...)
+ TODO: check
+CVE-2011-2636 (Unspecified vulnerability in Opera before 11.10 allows remote ...)
+ TODO: check
+CVE-2011-2635 (The Cascading Style Sheets (CSS) implementation in Opera before 11.10 ...)
+ TODO: check
+CVE-2011-2634 (Opera before 11.10 allows remote attackers to hijack (1) searches and ...)
+ TODO: check
+CVE-2011-2633 (Unspecified vulnerability in Opera before 11.11 allows remote ...)
+ TODO: check
+CVE-2011-2632 (Opera before 11.11 does not properly handle destruction of a ...)
+ TODO: check
+CVE-2011-2631 (The Cascading Style Sheets (CSS) implementation in Opera before 11.11 ...)
+ TODO: check
+CVE-2011-2630 (Opera before 11.11 allows user-assisted remote attackers to cause a ...)
+ TODO: check
+CVE-2011-2629 (Unspecified vulnerability in Opera before 11.11 allows remote ...)
+ TODO: check
+CVE-2011-2628 (Opera before 11.11 does not properly implement FRAMESET elements, ...)
+ TODO: check
+CVE-2011-2627 (Unspecified vulnerability in the DOM implementation in Opera before ...)
+ TODO: check
+CVE-2011-2626 (Opera before 11.50 allows remote attackers to cause a denial of ...)
+ TODO: check
+CVE-2011-2625 (Opera before 11.50 allows remote attackers to cause a denial of ...)
+ TODO: check
+CVE-2011-2624 (Opera before 11.50 allows user-assisted remote attackers to cause a ...)
+ TODO: check
+CVE-2011-2623 (Unspecified vulnerability in the SVG BiDi implementation in Opera ...)
+ TODO: check
+CVE-2011-2622 (Unspecified vulnerability in the Web Workers implementation in Opera ...)
+ TODO: check
+CVE-2011-2621 (Unspecified vulnerability in Opera before 11.50 allows remote ...)
+ TODO: check
+CVE-2011-2620 (Unspecified vulnerability in Opera before 11.50 allows remote ...)
+ TODO: check
+CVE-2011-2619 (Opera before 11.50 allows remote attackers to cause a denial of ...)
+ TODO: check
+CVE-2011-2618 (Opera before 11.50 allows remote attackers to cause a denial of ...)
+ TODO: check
+CVE-2011-2617 (Unspecified vulnerability in Opera before 11.50 allows remote ...)
+ TODO: check
+CVE-2011-2616 (Unspecified vulnerability in Opera before 11.50 allows remote ...)
+ TODO: check
+CVE-2011-2615 (Unspecified vulnerability in Opera before 11.50 allows remote ...)
+ TODO: check
+CVE-2011-2614 (The SVG implementation in Opera before 11.50 allows remote attackers ...)
+ TODO: check
+CVE-2011-2613 (The Array.prototype.join method in Opera before 11.50 allows remote ...)
+ TODO: check
+CVE-2011-2612 (Unspecified vulnerability in Opera before 11.50 allows remote ...)
+ TODO: check
+CVE-2011-2611 (Unspecified vulnerability in the printing functionality in Opera ...)
+ TODO: check
+CVE-2011-2610 (Unspecified vulnerability in Opera before 11.50 has unknown impact and ...)
+ TODO: check
+CVE-2011-2609 (Opera before 11.50 does not properly restrict data: URIs, which makes ...)
+ TODO: check
+CVE-2011-2608 (ovbbccb.exe 6.20.50.0 and earlier in HP OpenView Performance Agent ...)
+ TODO: check
+CVE-2011-2607 (Cross-site scripting (XSS) vulnerability in IBM Rational Team Concert ...)
+ TODO: check
+CVE-2011-2606 (Cross-site scripting (XSS) vulnerability in the Web UI in IBM Rational ...)
+ TODO: check
+CVE-2011-2605 (CRLF injection vulnerability in the ...)
+ TODO: check
+CVE-2011-2604 (The Intel G41 driver 6.14.10.5355 on Windows XP SP3 allows remote ...)
+ TODO: check
+CVE-2011-2603 (The NVIDIA 9400M driver 6.2.6 on Mac OS X 10.6.7 allows remote ...)
+ TODO: check
+CVE-2011-2602 (The NVIDIA Geforce 310 driver 6.14.12.7061 on Windows XP SP3 allows ...)
+ TODO: check
+CVE-2011-2601 (The GPU support functionality in Mac OS X does not properly restrict ...)
+ TODO: check
+CVE-2011-2600 (The GPU support functionality in Windows XP does not properly restrict ...)
+ TODO: check
+CVE-2011-2599 (Google Chrome 11 does not block use of a cross-domain image as a WebGL ...)
+ TODO: check
+CVE-2011-2598 (The WebGL implementation in Mozilla Firefox 4.x allows remote ...)
+ TODO: check
+CVE-2009-5082 (The (1) configure and (2) config.guess scripts in GNU troff (aka ...)
+ TODO: check
+CVE-2009-5081 (The (1) config.guess, (2) contrib/groffer/perl/groffer.pl, and (3) ...)
+ TODO: check
+CVE-2009-5080 (The (1) contrib/eqn2graph/eqn2graph.sh, (2) ...)
+ TODO: check
+CVE-2009-5079 (The (1) gendef.sh, (2) doc/fixinfo.sh, and (3) ...)
+ TODO: check
+CVE-2009-5078 (contrib/pdfmark/pdfroff.sh in GNU troff (aka groff) before 1.21 ...)
+ TODO: check
CVE-2011-2597
RESERVED
CVE-2011-2596
@@ -192,6 +290,7 @@
RESERVED
CVE-2011-2512 [qemu-kvm: OOB memory access caused by negative vq notifies]
RESERVED
+ {DSA-2270-1}
- qemu-kvm 0.14.1+dfsg-2 (bug #631975)
- kvm <removed>
[lenny] - kvm <not-affected> (Vulnerability not present)
@@ -467,14 +566,13 @@
RESERVED
CVE-2011-2378
RESERVED
-CVE-2011-2377
- RESERVED
+CVE-2011-2377 (Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, Thunderbird ...)
- xulrunner <not-affected> (Was already fixed as CVE-2010-1201 for Firefox < 3.6)
- iceweasel <not-affected> (Was already fixed as CVE-2010-1201 for Firefox < 3.6)
- iceape <not-affected> (Was already fixed as CVE-2010-1201 for Firefox < 3.6)
- icedove 3.1.11-1
-CVE-2011-2376
- RESERVED
+CVE-2011-2376 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+ {DSA-2269-1 DSA-2268-1}
- xulrunner <removed>
[lenny] - xulrunner 1.9.0.19-12
- iceweasel 3.5.19-3
@@ -482,12 +580,11 @@
- iceape 2.0.14-3
[lenny] - iceape <not-affected> (Only a stub package)
- icedove 3.1.11-1
-CVE-2011-2375
- RESERVED
+CVE-2011-2375 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
- xulrunner <not-affected> (Only affects Firefox 5.0, not yet in unstable)
- iceweasel <not-affected> (Only affects Firefox 5.0, not yet in unstable)
-CVE-2011-2374
- RESERVED
+CVE-2011-2374 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+ {DSA-2269-1 DSA-2268-1}
- xulrunner <removed>
[lenny] - xulrunner 1.9.0.19-12
- iceweasel 3.5.19-3
@@ -495,8 +592,8 @@
- iceape 2.0.14-3
[lenny] - iceape <not-affected> (Only a stub package)
- icedove 3.1.11-1
-CVE-2011-2373
- RESERVED
+CVE-2011-2373 (Use-after-free vulnerability in Mozilla Firefox before 3.6.18 and 4.x ...)
+ {DSA-2269-1 DSA-2268-1}
- xulrunner <removed>
- iceweasel 3.5.19-3
[lenny] - xulrunner 1.9.0.19-12
@@ -506,8 +603,8 @@
- icedove 3.1.11-1
CVE-2011-2372
RESERVED
-CVE-2011-2371
- RESERVED
+CVE-2011-2371 (Integer overflow in the Array.reduceRight method in Mozilla Firefox ...)
+ {DSA-2269-1 DSA-2268-1}
- xulrunner <removed>
- iceweasel 3.5.19-3
[lenny] - xulrunner 1.9.0.19-12
@@ -515,32 +612,27 @@
- iceape 2.0.14-3
[lenny] - iceape <not-affected> (Only a stub package)
- icedove 3.1.11-1
-CVE-2011-2370
- RESERVED
+CVE-2011-2370 (Mozilla Firefox before 5.0 does not properly enforce the whitelist for ...)
- xulrunner <removed>
- iceweasel <unfixed>
[lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner from the xulrunner source pkg)
- iceape <unfixed>
[lenny] - iceape <not-affected> (Only a stub package)
- icedove <unfixed>
-CVE-2011-2369
- RESERVED
+CVE-2011-2369 (Cross-site scripting (XSS) vulnerability in Mozilla Firefox 4.x ...)
- xulrunner <not-affected> (Only affects Firefox >= 4.0, not yet in unstable)
- iceweasel <not-affected> (Only affects Firefox >= 4.0, not yet in unstable)
-CVE-2011-2368
- RESERVED
+CVE-2011-2368 (The WebGL implementation in Mozilla Firefox 4.x through 4.0.1 does not ...)
- xulrunner <not-affected> (Only affects Firefox >= 4.0, not yet in unstable)
- iceweasel <not-affected> (Only affects Firefox >= 4.0, not yet in unstable)
-CVE-2011-2367
- RESERVED
+CVE-2011-2367 (The WebGL implementation in Mozilla Firefox 4.x through 4.0.1 does not ...)
- xulrunner <not-affected> (Only affects Firefox >= 4.0, not yet in unstable)
- iceweasel <not-affected> (Only affects Firefox >= 4.0, not yet in unstable)
-CVE-2011-2366
- RESERVED
+CVE-2011-2366 (Mozilla Gecko before 5.0, as used in Firefox before 5.0 and ...)
- xulrunner <not-affected> (Only affects Firefox >= 4.0, not yet in unstable)
- iceweasel <not-affected> (Only affects Firefox >= 4.0, not yet in unstable)
-CVE-2011-2365
- RESERVED
+CVE-2011-2365 (Unspecified vulnerability in the browser engine in Mozilla Firefox ...)
+ {DSA-2269-1 DSA-2268-1}
- xulrunner <not-affected> (Vulnerable code not present)
- iceweasel 3.5.19-3
[lenny] - xulrunner 1.9.0.19-12
@@ -548,14 +640,13 @@
- iceape 2.0.14-3
[lenny] - iceape <not-affected> (Only a stub package)
- icedove 3.1.11-1
-CVE-2011-2364
- RESERVED
+CVE-2011-2364 (Unspecified vulnerability in the browser engine in Mozilla Firefox ...)
- xulrunner <not-affected> (Only affects Firefox >= 3.6)
- iceweasel <not-affected> (Only affects Firefox >= 3.6)
- iceape <not-affected> (Only affects Firefox >= 3.6)
- icedove 3.1.11-1
-CVE-2011-2363
- RESERVED
+CVE-2011-2363 (Use-after-free vulnerability in the nsSVGPointList::AppendElement ...)
+ {DSA-2269-1 DSA-2268-1}
- iceweasel 3.5.19-3
- xulrunner <removed>
[lenny] - xulrunner 1.9.0.19-12
@@ -563,8 +654,8 @@
- iceape 2.0.14-3
[lenny] - iceape <not-affected> (Only a stub package)
- icedove <unfixed>
-CVE-2011-2362
- RESERVED
+CVE-2011-2362 (Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and ...)
+ {DSA-2269-1 DSA-2268-1}
- iceweasel 3.5.19-3
- xulrunner <removed>
[lenny] - xulrunner 1.9.0.19-12
@@ -889,8 +980,8 @@
RESERVED
CVE-2011-2200 (The _dbus_header_byteswap function in dbus-marshal-header.c in D-Bus ...)
TODO: check
-CVE-2011-2197
- RESERVED
+CVE-2011-2197 (The cross-site scripting (XSS) prevention feature in Ruby on Rails 2.x ...)
+ TODO: check
CVE-2011-2196
RESERVED
CVE-2011-2195
@@ -1818,10 +1909,10 @@
NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=28534
CVE-2011-1867
RESERVED
-CVE-2011-1866
- RESERVED
-CVE-2011-1865
- RESERVED
+CVE-2011-1866 (Buffer overflow in omniinet.exe in the inet service in HP OpenView ...)
+ TODO: check
+CVE-2011-1865 (Multiple stack-based buffer overflows in the inet service in HP ...)
+ TODO: check
CVE-2011-1864 (Unspecified vulnerability in HP OpenView Storage Data Protector 6.0, ...)
NOT-FOR-US: HP OpenView Storage Data Protector
CVE-2011-1863 (HP Service Manager 7.02, 7.11, 9.20, and 9.21 and Service Center 6.2.8 ...)
@@ -2811,10 +2902,10 @@
RESERVED
CVE-2011-1516
RESERVED
-CVE-2011-1515
- RESERVED
-CVE-2011-1514
- RESERVED
+CVE-2011-1515 (The inet service in HP OpenView Storage Data Protector 6.00 through ...)
+ TODO: check
+CVE-2011-1514 (The inet service in HP OpenView Storage Data Protector 6.00 through ...)
+ TODO: check
CVE-2011-1513
RESERVED
CVE-2011-1512 (Heap-based buffer overflow in xlssr.dll in Autonomy KeyView, as used ...)
@@ -3383,8 +3474,8 @@
RESERVED
CVE-2011-1338
RESERVED
-CVE-2011-1337
- RESERVED
+CVE-2011-1337 (Opera before 11.50 allows remote attackers to cause a denial of ...)
+ TODO: check
CVE-2011-1336
RESERVED
CVE-2011-1335 (Cross-site scripting (XSS) vulnerability in Cybozu Office 6, 7, and 8 ...)
@@ -7159,8 +7250,8 @@
NOT-FOR-US: Microsoft Windows
CVE-2011-0086 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
NOT-FOR-US: Microsoft Windows
-CVE-2011-0085
- RESERVED
+CVE-2011-0085 (Use-after-free vulnerability in the nsXULCommandDispatcher function in ...)
+ {DSA-2269-1 DSA-2268-1}
- iceweasel 3.5.19-3
- xulrunner <removed>
[lenny] - xulrunner 1.9.0.19-12
@@ -7170,8 +7261,8 @@
- icedove <unfixed>
CVE-2011-0084
RESERVED
-CVE-2011-0083
- RESERVED
+CVE-2011-0083 (Use-after-free vulnerability in the nsSVGPathSegList::ReplaceItem ...)
+ {DSA-2269-1 DSA-2268-1}
- iceweasel 3.5.19-3
- xulrunner <removed>
[lenny] - xulrunner 1.9.0.19-12
@@ -16314,7 +16405,7 @@
- lxr-cvs 0.9.5+cvs20071020-1.1 (low; bug #588036)
NOTE: seems to be a dupe of CVE-2010-1738
CVE-2010-1447 (The Safe (aka Safe.pm) module 2.26, and certain earlier versions, for ...)
- {DSA-2051-1}
+ {DSA-2267-1 DSA-2051-1}
- postgresql-8.4 8.4.4-1
- postgresql-8.3 <removed>
- perl 5.12.3-1
More information about the Secure-testing-commits
mailing list