[Secure-testing-commits] r16452 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Tue Mar 29 21:15:32 UTC 2011
Author: joeyh
Date: 2011-03-29 21:15:26 +0000 (Tue, 29 Mar 2011)
New Revision: 16452
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2011-03-28 23:30:33 UTC (rev 16451)
+++ data/CVE/list 2011-03-29 21:15:26 UTC (rev 16452)
@@ -1,3 +1,15 @@
+CVE-2011-1524 (Cross-site scripting (XSS) vulnerability in the management login GUI ...)
+ TODO: check
+CVE-2011-1523
+ RESERVED
+CVE-2011-1522
+ RESERVED
+CVE-2010-4777
+ RESERVED
+CVE-2009-5063
+ RESERVED
+CVE-2006-7244
+ RESERVED
CVE-2011-1520 (The default configuration of the server console in IBM Lotus Domino ...)
TODO: check
CVE-2011-1519 (The remote console in the Server Controller in IBM Lotus Domino 7.x ...)
@@ -5,6 +17,7 @@
CVE-2011-1518
RESERVED
CVE-2011-1521 [python urllib]
+ RESERVED
- python2.7 <unfixed>
- python2.6 <unfixed>
- python2.5 <unfixed>
@@ -305,8 +318,8 @@
RESERVED
CVE-2011-1421
RESERVED
-CVE-2011-1420
- RESERVED
+CVE-2011-1420 (EMC Data Protection Advisor Collector 5.7 and 5.7.1 on Solaris SPARC ...)
+ TODO: check
CVE-2011-1419 (Apache Tomcat 7.x before 7.0.11, when web.xml has no security ...)
- tomcat6 <not-affected> (Only affects Tomcat 7)
CVE-2011-1418 (The stateless address autoconfiguration (aka SLAAC) functionality in ...)
@@ -930,8 +943,7 @@
[squeeze] - linux-2.6 <not-affected> (Introduced in 2.6.35)
CVE-2011-1168
RESERVED
-CVE-2011-1167
- RESERVED
+CVE-2011-1167 (Heap-based buffer overflow in the thunder (aka ThunderScan) decoder in ...)
- tiff <unfixed> (bug filed)
CVE-2011-1166
RESERVED
@@ -2141,8 +2153,8 @@
TODO: check
CVE-2011-0761
RESERVED
-CVE-2011-0760
- RESERVED
+CVE-2011-0760 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+ TODO: check
CVE-2011-0759 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
TODO: check
CVE-2010-4727 (Smarty before 3.0.0 beta 7 does not properly handle the <?php and ?> ...)
@@ -2725,8 +2737,8 @@
RESERVED
CVE-2011-0546
RESERVED
-CVE-2011-0545
- RESERVED
+CVE-2011-0545 (Cross-site request forgery (CSRF) vulnerability in adduser.do in ...)
+ TODO: check
CVE-2011-0544
RESERVED
CVE-2011-0543
@@ -2987,8 +2999,8 @@
RESERVED
CVE-2011-0459
RESERVED
-CVE-2011-0458
- RESERVED
+CVE-2011-0458 (Untrusted search path vulnerability in the Locate on Disk feature in ...)
+ TODO: check
CVE-2011-0457 (Cross-site scripting (XSS) vulnerability in e107 0.7.22 and earlier ...)
TODO: check
CVE-2011-0456 (Open Ticket Request System (OTRS) 2.3.4 and earlier allows remote ...)
@@ -3039,11 +3051,9 @@
{DSA-2195-1}
- php5 5.3.6-1 (bug #618489)
NOTE: Debian-specific
-CVE-2011-0440
- RESERVED
+CVE-2011-0440 (Cross-site request forgery (CSRF) vulnerability in Mahara 1.2.x before ...)
- mahara 1.2.7-1
-CVE-2011-0439
- RESERVED
+CVE-2011-0439 (Cross-site scripting (XSS) vulnerability in Mahara 1.2.x before 1.2.7 ...)
- mahara 1.2.7-1
CVE-2011-0438 (nslcd/pam.c in nss-pam-ldapd 0.8.0 PAM module returns a success code ...)
- nss-pam-ldapd <not-affected> (Only affects 0.8.0, which was only uploaded to experimental)
@@ -4592,8 +4602,8 @@
- openjdk-6 6b18-1.8.5-1
[squeeze] - openjdk-6 <no-dsa> (bug #614151)
[lenny] - openjdk-6 <no-dsa> (bug #614151)
-CVE-2011-0024
- RESERVED
+CVE-2011-0024 (Heap-based buffer overflow in wiretap/pcapng.c in Wireshark before 1.2 ...)
+ TODO: check
CVE-2011-0023
RESERVED
CVE-2011-0022 (The setup scripts in 389 Directory Server 1.2.x (aka Red Hat Directory ...)
@@ -8024,11 +8034,9 @@
REJECTED
CVE-2010-3277 (The installer in VMware Workstation 7.x before 7.1.2 build 301548 and ...)
NOT-FOR-US: VMware Workstation
-CVE-2010-3276
- RESERVED
+CVE-2010-3276 (libdirectx_plugin.dll in VideoLAN VLC Media Player before 1.1.8 allows ...)
- vlc <unfixed>
-CVE-2010-3275
- RESERVED
+CVE-2010-3275 (libdirectx_plugin.dll in VideoLAN VLC Media Player before 1.1.8 allows ...)
- vlc <unfixed>
CVE-2010-3274 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
NOT-FOR-US: ZOHO ManageEngine
More information about the Secure-testing-commits
mailing list