[Secure-testing-commits] r16955 - data/CVE

Joey Hess joeyh at alioth.debian.org
Tue Jul 19 21:15:04 UTC 2011


Author: joeyh
Date: 2011-07-19 21:15:04 +0000 (Tue, 19 Jul 2011)
New Revision: 16955

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2011-07-19 09:32:44 UTC (rev 16954)
+++ data/CVE/list	2011-07-19 21:15:04 UTC (rev 16955)
@@ -1,3 +1,5 @@
+CVE-2011-2761 (Google Chrome 14.0.794.0 does not properly handle a reload of a page ...)
+	TODO: check
 CVE-2011-2760 (Brocade BigIron RX switches allow remote attackers to bypass ACL rules ...)
 	TODO: check
 CVE-2011-2759 (The login page of IDSWebApp in the Web Administration Tool in IBM ...)
@@ -1658,7 +1660,7 @@
 	NOT-FOR-US: Adobe Shockwave Player
 CVE-2011-2116 (IML32.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2011-2115 (IML32.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers ...)
+CVE-2011-2115 (IML32.dll in Adobe Shockwave Player before 11.6.0.626 allows remote ...)
 	NOT-FOR-US: Adobe Shockwave Player
 CVE-2011-2114 (Adobe Shockwave Player before 11.6.0.626 allows attackers to execute ...)
 	NOT-FOR-US: Adobe Shockwave Player
@@ -3818,8 +3820,8 @@
 	NOT-FOR-US: Cybozu
 CVE-2011-1332 (Cross-site scripting (XSS) vulnerability in Cybozu Garoon 2.0.0 ...)
 	NOT-FOR-US: Cybozu Garoon
-CVE-2011-1331
-	RESERVED
+CVE-2011-1331 (JustSystems Ichitaro 2005 through 2011, Ichitaro Government 6, ...)
+	TODO: check
 CVE-2011-1330 (Cross-site scripting (XSS) vulnerability in WeblyGo 5.0 Pro/LE, 5.02 ...)
 	NOT-FOR-US: WeblyGo
 CVE-2011-1329 (WalRack 1.x before 1.1.9 and 2.x before 2.0.7 does not properly ...)
@@ -4568,8 +4570,7 @@
 	[lenny] - kde4libs <no-dsa> (Minor issue)
 	- kdelibs <undetermined>
 	NOTE: http://seclists.org/oss-sec/2011/q1/434
-CVE-2011-1093
-	RESERVED
+CVE-2011-1093 (The dccp_rcv_state_process function in net/dccp/input.c in the ...)
 	{DSA-2264-1}
 	- linux-2.6 2.6.38-1 (low)
 	[squeeze] - linux-2.6 2.6.32-31
@@ -5677,8 +5678,7 @@
 	{DSA-2205-1}
 	- gdm3 2.30.5-9
 	- gdm <not-affected> (Affected code was introduced in 2.28)
-CVE-2011-0726
-	RESERVED
+CVE-2011-0726 (The do_task_stat function in fs/proc/array.c in the Linux kernel ...)
 	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.38-2
 	[lenny] - linux-2.6 2.6.26-26lenny3
@@ -6150,8 +6150,8 @@
 	RESERVED
 CVE-2011-0549 (SQL injection vulnerability in forget.php in the management GUI in ...)
 	TODO: check
-CVE-2011-0548
-	RESERVED
+CVE-2011-0548 (Buffer overflow in the Lotus Freelance Graphics PRZ file viewer in ...)
+	TODO: check
 CVE-2011-0547
 	RESERVED
 CVE-2011-0546 (Symantec Backup Exec 11.0, 12.0, 12.5, 13.0, and 13.0 R2 does not ...)
@@ -6967,14 +6967,12 @@
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=631551
 	NOTE: This was initially reported to be a bug in libxml2, but it later showed that PHP
 	NOTE: is using the libxml2 API in an incorrect manner
-CVE-2010-4656 [iowarrior usb device heap overflow]
-	RESERVED
+CVE-2010-4656 (The iowarrior_write function in drivers/usb/misc/iowarrior.c in the ...)
 	{DSA-2153-1}
 	- linux-2.6 2.6.37-1
 	[wheezy] - linux-2.6 2.6.32-31
 	[squeeze] - linux-2.6 2.6.32-31
-CVE-2010-4655 [heap contents leak for CAP_NET_ADMIN via ethtool ioctl]
-	RESERVED
+CVE-2010-4655 (net/core/ethtool.c in the Linux kernel before 2.6.36 does not ...)
 	{DSA-2264-1}
 	- linux-2.6 2.6.32-27
 CVE-2010-4654 [Malformed commands may cause corruption of the internal stack]
@@ -11601,8 +11599,8 @@
 	NOT-FOR-US: ZOHO ManageEngine
 CVE-2010-3272 (accounts/ValidateAnswers in the security-questions implementation in ...)
 	NOT-FOR-US: ZOHO ManageEngine
-CVE-2010-3271
-	RESERVED
+CVE-2010-3271 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+	TODO: check
 CVE-2010-3270 (Stack-based buffer overflow in Cisco WebEx Meeting Center T27LB before ...)
 	NOT-FOR-US: Cisco WebEx Meeting Center
 CVE-2010-3269 (Multiple stack-based buffer overflows in the Cisco WebEx Recording ...)




More information about the Secure-testing-commits mailing list