[Secure-testing-commits] r16423 - data/CVE

Joey Hess joeyh at alioth.debian.org
Wed Mar 23 21:15:01 UTC 2011


Author: joeyh
Date: 2011-03-23 21:14:58 +0000 (Wed, 23 Mar 2011)
New Revision: 16423

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2011-03-23 16:32:06 UTC (rev 16422)
+++ data/CVE/list	2011-03-23 21:14:58 UTC (rev 16423)
@@ -1,3 +1,89 @@
+CVE-2011-1506 (The STARTTLS implementation in Kerio Connect 7.1.4 build 2985 and ...)
+	TODO: check
+CVE-2011-1505 (Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.27 ...)
+	TODO: check
+CVE-2011-1504
+	RESERVED
+CVE-2011-1503
+	RESERVED
+CVE-2011-1502
+	RESERVED
+CVE-2011-1501
+	RESERVED
+CVE-2011-1500
+	RESERVED
+CVE-2011-1499
+	RESERVED
+CVE-2011-1498
+	RESERVED
+CVE-2011-1497
+	RESERVED
+CVE-2011-1496
+	RESERVED
+CVE-2011-1495
+	RESERVED
+CVE-2011-1494
+	RESERVED
+CVE-2011-1493
+	RESERVED
+CVE-2011-1492
+	RESERVED
+CVE-2011-1491
+	RESERVED
+CVE-2011-1490
+	RESERVED
+CVE-2011-1489
+	RESERVED
+CVE-2011-1488
+	RESERVED
+CVE-2011-1487
+	RESERVED
+CVE-2011-1486
+	RESERVED
+CVE-2011-1485
+	RESERVED
+CVE-2011-1484
+	RESERVED
+CVE-2011-1483
+	RESERVED
+CVE-2011-1482
+	RESERVED
+CVE-2011-1481
+	RESERVED
+CVE-2011-1480
+	RESERVED
+CVE-2011-1479
+	RESERVED
+CVE-2011-1478
+	RESERVED
+CVE-2011-1477
+	RESERVED
+CVE-2011-1476
+	RESERVED
+CVE-2011-1475
+	RESERVED
+CVE-2011-1474
+	RESERVED
+CVE-2011-1473
+	RESERVED
+CVE-2011-1472
+	RESERVED
+CVE-2009-5062 (IBM Lotus Quickr 8.1 before 8.1.0.15 services for Lotus Domino on AIX ...)
+	TODO: check
+CVE-2009-5061 (Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.14 ...)
+	TODO: check
+CVE-2009-5060 (Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.11 ...)
+	TODO: check
+CVE-2009-5059 (Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.10 ...)
+	TODO: check
+CVE-2009-5058 (Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.5 ...)
+	TODO: check
+CVE-2008-7286 (IBM Lotus Quickr 8.1 before 8.1.0.2 services for Lotus Domino does not ...)
+	TODO: check
+CVE-2008-7285 (Unspecified vulnerability in the docnote string handling ...)
+	TODO: check
+CVE-2008-7284 (IBM Lotus Quickr 8.1 before 8100.003 services for Lotus Domino allows ...)
+	TODO: check
 CVE-2011-1471 (Integer signedness error in zip_stream.c in the Zip extension in PHP ...)
 	- php5 5.3.6-1
 CVE-2011-1470 (The Zip extension in PHP before 5.3.6 allows context-dependent ...)
@@ -160,7 +246,7 @@
 	TODO: check
 CVE-2011-1418 (The stateless address autoconfiguration (aka SLAAC) functionality in ...)
 	TODO: check
-CVE-2011-1417 (Unspecified vulnerability in MobileSafari in Apple iOS 4.2.1 on the ...)
+CVE-2011-1417 (QuickLook, as used in Apple Mac OS X before 10.6.7 and MobileSafari in ...)
 	TODO: check
 CVE-2011-1416 (The Research In Motion (RIM) BlackBerry Torch 9800 with firmware ...)
 	TODO: check
@@ -168,8 +254,8 @@
 	REJECTED
 CVE-2010-4757 (Cross-site scripting (XSS) vulnerability in submitnews.php in e107 ...)
 	TODO: check
-CVE-2011-1414
-	RESERVED
+CVE-2011-1414 (Cross-site scripting (XSS) vulnerability in the tibbr web server, as ...)
+	TODO: check
 CVE-2011-1413 (Google Chrome before 10.0.648.127 on Linux does not properly mitigate ...)
 	- chromium-browser 10.0.648.127~r76697-1
 	[squeeze] - chromium-browser <not-affected>
@@ -1233,8 +1319,7 @@
 	- linux-2.6 <unfixed>
 	[squeeze] - linux-2.6 <not-affected> (Introduced in 2.6.35)
 	[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.35)
-CVE-2011-1022 [failure to verify netlink messages]
-	RESERVED
+CVE-2011-1022 (The cgre_receive_netlink_msg function in daemon/cgrulesengd.c in ...)
 	{DSA-2193-1}
 	- libcgroup <unfixed> (bug #615987)
 CVE-2011-1021
@@ -1290,8 +1375,7 @@
 CVE-2011-1007 (Best Practical Solutions RT before 3.8.9 does not perform certain ...)
 	- request-tracker3.6 <removed>
 	- request-tracker3.8 <unfixed>
-CVE-2011-1006 [cgroup privilege escalation]
-	RESERVED
+CVE-2011-1006 (Heap-based buffer overflow in the parse_cgroup_spec function in ...)
 	{DSA-2193-1}
 	- libcgroup <unfixed>
 CVE-2011-1005 (The safe-level feature in Ruby 1.8.6 through 1.8.6-420, 1.8.7 through ...)
@@ -1925,8 +2009,8 @@
 	RESERVED
 CVE-2011-0760
 	RESERVED
-CVE-2011-0759
-	RESERVED
+CVE-2011-0759 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+	TODO: check
 CVE-2010-4727 (Smarty before 3.0.0 beta 7 does not properly handle the &lt;?php and ?&gt; ...)
 	- smarty3 <unfixed>
 	- smarty <unfixed>
@@ -3062,8 +3146,8 @@
 	RESERVED
 CVE-2011-0332 (Integer overflow in Foxit Reader before 4.3.1.0218 and Foxit Phantom ...)
 	NOT-FOR-US: Foxit Reader
-CVE-2011-0331
-	RESERVED
+CVE-2011-0331 (Use-after-free vulnerability in the addOSPLext method in the Honeywell ...)
+	TODO: check
 CVE-2011-0330 (The Dell DellSystemLite.Scanner ActiveX control in DellSystemLite.ocx ...)
 	NOT-FOR-US: Dell System Lite
 CVE-2011-0329 (Directory traversal vulnerability in the GetData method in the Dell ...)
@@ -3605,53 +3689,53 @@
 	RESERVED
 CVE-2011-0195
 	RESERVED
-CVE-2011-0194
-	RESERVED
-CVE-2011-0193
-	RESERVED
+CVE-2011-0194 (Integer overflow in ImageIO in Apple Mac OS X 10.6 before 10.6.7 ...)
+	TODO: check
+CVE-2011-0193 (Multiple buffer overflows in Image RAW in Apple Mac OS X before 10.6.7 ...)
+	TODO: check
 CVE-2011-0192 (Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other ...)
 	- tiff 3.9.4-7
 CVE-2011-0191 (Buffer overflow in LibTIFF in ImageIO in Apple iTunes before 10.2 on ...)
 	- tiff 3.9.4-1
 	NOTE: This might've been fixed earlier even
-CVE-2011-0190
-	RESERVED
-CVE-2011-0189
-	RESERVED
-CVE-2011-0188
-	RESERVED
-CVE-2011-0187
-	RESERVED
-CVE-2011-0186
-	RESERVED
+CVE-2011-0190 (Install Helper in Installer in Apple Mac OS X before 10.6.7 does not ...)
+	TODO: check
+CVE-2011-0189 (The default configuration of Terminal in Apple Mac OS X 10.6 before ...)
+	TODO: check
+CVE-2011-0188 (The VpMemAlloc function in bigdecimal.c in the BigDecimal class in ...)
+	TODO: check
+CVE-2011-0187 (The plug-in in QuickTime in Apple Mac OS X before 10.6.7 allows remote ...)
+	TODO: check
+CVE-2011-0186 (QuickTime in Apple Mac OS X before 10.6.7 allows remote attackers to ...)
+	TODO: check
 CVE-2011-0185
 	RESERVED
-CVE-2011-0184
-	RESERVED
-CVE-2011-0183
-	RESERVED
-CVE-2011-0182
-	RESERVED
-CVE-2011-0181
-	RESERVED
-CVE-2011-0180
-	RESERVED
-CVE-2011-0179
-	RESERVED
-CVE-2011-0178
-	RESERVED
-CVE-2011-0177
-	RESERVED
-CVE-2011-0176
-	RESERVED
-CVE-2011-0175
-	RESERVED
-CVE-2011-0174
-	RESERVED
-CVE-2011-0173
-	RESERVED
-CVE-2011-0172
-	RESERVED
+CVE-2011-0184 (QuickLook in Apple Mac OS X 10.6 before 10.6.7 allows remote attackers ...)
+	TODO: check
+CVE-2011-0183 (Libinfo in Apple Mac OS X before 10.6.7 does not properly handle an ...)
+	TODO: check
+CVE-2011-0182 (The i386_set_ldt system call in the kernel in Apple Mac OS X before ...)
+	TODO: check
+CVE-2011-0181 (Integer overflow in ImageIO in Apple Mac OS X before 10.6.7 allows ...)
+	TODO: check
+CVE-2011-0180 (Integer overflow in HFS in Apple Mac OS X before 10.6.7 allows local ...)
+	TODO: check
+CVE-2011-0179 (CoreText in Apple Mac OS X before 10.6.7 allows remote attackers to ...)
+	TODO: check
+CVE-2011-0178 (The FSFindFolder API in CarbonCore in Apple Mac OS X before 10.6.7 ...)
+	TODO: check
+CVE-2011-0177 (Multiple buffer overflows in Apple Type Services (ATS) in Apple Mac OS ...)
+	TODO: check
+CVE-2011-0176 (Multiple buffer overflows in Apple Type Services (ATS) in Apple Mac OS ...)
+	TODO: check
+CVE-2011-0175 (Multiple buffer overflows in Apple Type Services (ATS) in Apple Mac OS ...)
+	TODO: check
+CVE-2011-0174 (Heap-based buffer overflow in Apple Type Services (ATS) in Apple Mac ...)
+	TODO: check
+CVE-2011-0173 (Multiple format string vulnerabilities in AppleScript in Apple Mac OS ...)
+	TODO: check
+CVE-2011-0172 (AirPort in Apple Mac OS X 10.6 before 10.6.7 allows remote attackers ...)
+	TODO: check
 CVE-2011-0171
 	RESERVED
 CVE-2011-0170 (Heap-based buffer overflow in ImageIO in CoreGraphics in Apple iTunes ...)
@@ -5196,8 +5280,8 @@
 	NOT-FOR-US: Camtron, TecVoz
 CVE-2010-4229
 	RESERVED
-CVE-2010-4228
-	RESERVED
+CVE-2010-4228 (Stack-based buffer overflow in NWFTPD.NLM before 5.10.02 in the FTP ...)
+	TODO: check
 CVE-2010-4227 (The xdrDecodeString function in XNFS.NLM in Novell Netware 6.5 before ...)
 	NOT-FOR-US: Novell Netware
 CVE-2010-4226




More information about the Secure-testing-commits mailing list