[Secure-testing-commits] r16624 - data/CVE

Joey Hess joeyh at alioth.debian.org
Wed May 4 21:15:20 UTC 2011 

Author: joeyh
Date: 2011-05-04 21:15:14 +0000 (Wed, 04 May 2011)
New Revision: 16624

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2011-05-04 06:35:03 UTC (rev 16623)
+++ data/CVE/list	2011-05-04 21:15:14 UTC (rev 16624)
@@ -1,3 +1,51 @@
+CVE-2011-1867
+	RESERVED
+CVE-2011-1866
+	RESERVED
+CVE-2011-1865
+	RESERVED
+CVE-2011-1864
+	RESERVED
+CVE-2011-1863
+	RESERVED
+CVE-2011-1862
+	RESERVED
+CVE-2011-1861
+	RESERVED
+CVE-2011-1860
+	RESERVED
+CVE-2011-1859
+	RESERVED
+CVE-2011-1858
+	RESERVED
+CVE-2011-1857
+	RESERVED
+CVE-2011-1856
+	RESERVED
+CVE-2011-1855
+	RESERVED
+CVE-2011-1854
+	RESERVED
+CVE-2011-1853
+	RESERVED
+CVE-2011-1852
+	RESERVED
+CVE-2011-1851
+	RESERVED
+CVE-2011-1850
+	RESERVED
+CVE-2011-1849
+	RESERVED
+CVE-2011-1848
+	RESERVED
+CVE-2011-1847 (IBM DB2 9.5 before FP7 and 9.7 before FP4 on Linux, UNIX, and Windows ...)
+	TODO: check
+CVE-2011-1846 (IBM DB2 9.5 before FP7 and 9.7 before FP4 on Linux, UNIX, and Windows ...)
+	TODO: check
+CVE-2011-1845 (Multiple memory leaks in the DataGrid control implementation in ...)
+	TODO: check
+CVE-2011-1844 (Memory leak in Microsoft Silverlight 4 before 4.0.60310.0 allows ...)
+	TODO: check
 CVE-2011-1843 (Integer overflow in conf.c in Tinyproxy before 1.8.3 might allow ...)
 	TODO: check
 CVE-2011-1842 (dbus_backend/lsd.py in the D-Bus backend in language-selector before ...)
@@ -185,10 +233,10 @@
 	RESERVED
 CVE-2011-1787
 	RESERVED
-CVE-2011-1786
-	RESERVED
-CVE-2011-1785
-	RESERVED
+CVE-2011-1786 (lsassd in Likewise Open, as distributed in VMware ESXi 4.1 and ESX ...)
+	TODO: check
+CVE-2011-1785 (VMware ESXi 4.0 and 4.1 and ESX 4.0 and 4.1 allow remote attackers to ...)
+	TODO: check
 CVE-2011-1784
 	RESERVED
 CVE-2011-1783
@@ -288,8 +336,8 @@
 	RESERVED
 CVE-2011-1740
 	RESERVED
-CVE-2011-1739
-	RESERVED
+CVE-2011-1739 (The makemask function in mountd.c in mountd in FreeBSD 7.4 through 8.2 ...)
+	TODO: check
 CVE-2011-1738
 	RESERVED
 CVE-2011-1737
@@ -312,14 +360,14 @@
 	RESERVED
 CVE-2011-1728
 	RESERVED
-CVE-2011-1727
-	RESERVED
-CVE-2011-1726
-	RESERVED
+CVE-2011-1727 (Cross-site scripting (XSS) vulnerability in HP SiteScope 9.54, 10.13, ...)
+	TODO: check
+CVE-2011-1726 (Cross-site scripting (XSS) vulnerability in HP SiteScope 9.54, 10.13, ...)
+	TODO: check
 CVE-2011-1725 (Unspecified vulnerability in HP Network Automation 7.2x, 7.5x, 7.6x, ...)
 	NOT-FOR-US: HP Network Automation
-CVE-2011-1724
-	RESERVED
+CVE-2011-1724 (Unspecified vulnerability in HP Virtual Server Environment before 6.3 ...)
+	TODO: check
 CVE-2011-1723 (Cross-site scripting (XSS) vulnerability in ...)
 	TODO: check
 CVE-2011-1722 (Multiple SQL injection vulnerabilities in WEC Discussion Forum ...)
@@ -418,8 +466,7 @@
 	NOT-FOR-US: IBM WebSphere Application Server
 CVE-2011-1682 (Multiple cross-site request forgery (CSRF) vulnerabilities in phpList ...)
 	NOT-FOR-US: phpList
-CVE-2011-1684 [VideoLAN-SA-1103]
-	RESERVED
+CVE-2011-1684 (Heap-based buffer overflow in the MP4_ReadBox_skcr function in ...)
 	{DSA-2218-1}
 	- vlc 1.1.8-3 (medium)
 	[lenny] - vlc <not-affected> (Vulnerable code not present)
@@ -575,26 +622,26 @@
 	RESERVED
 CVE-2011-1614
 	RESERVED
-CVE-2011-1613
-	RESERVED
+CVE-2011-1613 (Unspecified vulnerability in Cisco Wireless LAN Controller (WLC) ...)
+	TODO: check
 CVE-2011-1612
 	RESERVED
 CVE-2011-1611
 	RESERVED
-CVE-2011-1610
-	RESERVED
-CVE-2011-1609
-	RESERVED
+CVE-2011-1610 (Multiple SQL injection vulnerabilities in xmldirectorylist.jsp in the ...)
+	TODO: check
+CVE-2011-1609 (SQL injection vulnerability in Cisco Unified Communications Manager ...)
+	TODO: check
 CVE-2011-1608
 	RESERVED
-CVE-2011-1607
-	RESERVED
-CVE-2011-1606
-	RESERVED
-CVE-2011-1605
-	RESERVED
-CVE-2011-1604
-	RESERVED
+CVE-2011-1607 (Directory traversal vulnerability in Cisco Unified Communications ...)
+	TODO: check
+CVE-2011-1606 (Unspecified vulnerability in Cisco Unified Communications Manager (aka ...)
+	TODO: check
+CVE-2011-1605 (Unspecified vulnerability in Cisco Unified Communications Manager (aka ...)
+	TODO: check
+CVE-2011-1604 (Memory leak in Cisco Unified Communications Manager (aka CUCM, ...)
+	TODO: check
 CVE-2011-1603
 	RESERVED
 CVE-2011-1602
@@ -621,8 +668,8 @@
 	[lenny] - rdesktop <no-dsa> (Minor issue)
 CVE-2011-1594
 	RESERVED
-CVE-2011-1593
-	RESERVED
+CVE-2011-1593 (Multiple integer overflows in the next_pidmap function in kernel/pid.c ...)
+	TODO: check
 CVE-2011-1592 (The NFS dissector in epan/dissectors/packet-nfs.c in Wireshark 1.4.x ...)
 	- wireshark <not-affected> (Windows-specific)
 CVE-2011-1591 (Stack-based buffer overflow in the DECT dissector in ...)
@@ -662,8 +709,7 @@
 	- mediawiki <unfixed> 
 CVE-2011-1578 (Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.3, ...)
 	- mediawiki <unfixed> 
-CVE-2011-1577
-	RESERVED
+CVE-2011-1577 (Heap-based buffer overflow in the is_gpt_valid function in ...)
 	- linux-2.6 <unfixed> (low)
 CVE-2011-1576
 	RESERVED
@@ -757,10 +803,10 @@
 	RESERVED
 CVE-2011-1546 (Multiple SQL injection vulnerabilities in Andy's PHP Knowledgebase ...)
 	NOT-FOR-US: Aphpkb
-CVE-2011-1545
-	RESERVED
-CVE-2011-1544
-	RESERVED
+CVE-2011-1545 (Cross-site request forgery (CSRF) vulnerability in HP Insight Control ...)
+	TODO: check
+CVE-2011-1544 (Unspecified vulnerability in HP Insight Control Performance Management ...)
+	TODO: check
 CVE-2011-1543 (Cross-site request forgery (CSRF) vulnerability in HP Systems Insight ...)
 	TODO: check
 CVE-2011-1542 (Cross-site scripting (XSS) vulnerability in HP Systems Insight Manager ...)
@@ -769,12 +815,12 @@
 	TODO: check
 CVE-2011-1540 (Unspecified vulnerability in HP System Management Homepage (SMH) ...)
 	TODO: check
-CVE-2011-1539
-	RESERVED
-CVE-2011-1538
-	RESERVED
-CVE-2011-1537
-	RESERVED
+CVE-2011-1539 (Unspecified vulnerability in HP Proliant Support Pack (PSP) before 8.7 ...)
+	TODO: check
+CVE-2011-1538 (Open redirect vulnerability in HP Proliant Support Pack (PSP) before ...)
+	TODO: check
+CVE-2011-1537 (Cross-site scripting (XSS) vulnerability in HP Proliant Support Pack ...)
+	TODO: check
 CVE-2011-1536 (Unspecified vulnerability in HP Performance Insight 5.0, 5.1x. 5.2x, ...)
 	TODO: check
 CVE-2011-1535 (Unspecified vulnerability in HP Insight Control for Linux (aka ...)
@@ -801,10 +847,9 @@
 	NOT-FOR-US: RealPlayer
 CVE-2011-1524 (Cross-site scripting (XSS) vulnerability in the management login GUI ...)
 	NOT-FOR-US: Symantec LiveUpdate Administrator 
-CVE-2011-1523
-	RESERVED
-CVE-2011-1522
-	RESERVED
+CVE-2011-1523 (Cross-site scripting (XSS) vulnerability in statusmap.c in ...)
+	TODO: check
+CVE-2011-1522 (Multiple SQL injection vulnerabilities in the ...)
 	{DSA-2223-1}
 	- doctrine <unfixed> (bug #622674)
 CVE-2010-4777
@@ -905,11 +950,9 @@
 	{DSA-2212-1}
 	- tmux 1.4-6 (bug #620304)
 	NOTE: CVE id requested
-CVE-2011-1495
-	RESERVED
+CVE-2011-1495 (drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Linux kernel 2.6.38 and ...)
 	- linux-2.6 <unfixed> (unimportant)
-CVE-2011-1494
-	RESERVED
+CVE-2011-1494 (Integer overflow in the _ctl_do_mpt_command function in ...)
 	- linux-2.6 <unfixed> (unimportant)
 CVE-2011-1493
 	RESERVED
@@ -1027,52 +1070,52 @@
 	RESERVED
 CVE-2011-1457
 	RESERVED
-CVE-2011-1456
-	RESERVED
-CVE-2011-1455
-	RESERVED
-CVE-2011-1454
-	RESERVED
+CVE-2011-1456 (Google Chrome before 11.0.696.57 does not properly handle PDF forms, ...)
+	TODO: check
+CVE-2011-1455 (Google Chrome before 11.0.696.57 does not properly handle PDF ...)
+	TODO: check
+CVE-2011-1454 (Use-after-free vulnerability in the DOM id handling functionality in ...)
+	TODO: check
 CVE-2011-1453
 	RESERVED
-CVE-2011-1452
-	RESERVED
-CVE-2011-1451
-	RESERVED
-CVE-2011-1450
-	RESERVED
-CVE-2011-1449
-	RESERVED
-CVE-2011-1448
-	RESERVED
-CVE-2011-1447
-	RESERVED
-CVE-2011-1446
-	RESERVED
-CVE-2011-1445
-	RESERVED
-CVE-2011-1444
-	RESERVED
-CVE-2011-1443
-	RESERVED
-CVE-2011-1442
-	RESERVED
-CVE-2011-1441
-	RESERVED
-CVE-2011-1440
-	RESERVED
-CVE-2011-1439
-	RESERVED
-CVE-2011-1438
-	RESERVED
-CVE-2011-1437
-	RESERVED
-CVE-2011-1436
-	RESERVED
-CVE-2011-1435
-	RESERVED
-CVE-2011-1434
-	RESERVED
+CVE-2011-1452 (Google Chrome before 11.0.696.57 allows user-assisted remote attackers ...)
+	TODO: check
+CVE-2011-1451 (Google Chrome before 11.0.696.57 does not properly handle DOM id maps, ...)
+	TODO: check
+CVE-2011-1450 (Google Chrome before 11.0.696.57 does not properly present file ...)
+	TODO: check
+CVE-2011-1449 (Use-after-free vulnerability in the WebSockets implementation in ...)
+	TODO: check
+CVE-2011-1448 (Google Chrome before 11.0.696.57 does not properly perform height ...)
+	TODO: check
+CVE-2011-1447 (Google Chrome before 11.0.696.57 does not properly handle drop-down ...)
+	TODO: check
+CVE-2011-1446 (Google Chrome before 11.0.696.57 allows remote attackers to spoof the ...)
+	TODO: check
+CVE-2011-1445 (Google Chrome before 11.0.696.57 does not properly handle SVG ...)
+	TODO: check
+CVE-2011-1444 (Race condition in the sandbox launcher implementation in Google Chrome ...)
+	TODO: check
+CVE-2011-1443 (Google Chrome before 11.0.696.57 does not properly implement layering, ...)
+	TODO: check
+CVE-2011-1442 (Google Chrome before 11.0.696.57 does not properly handle mutation ...)
+	TODO: check
+CVE-2011-1441 (Google Chrome before 11.0.696.57 does not properly perform a cast of ...)
+	TODO: check
+CVE-2011-1440 (Use-after-free vulnerability in Google Chrome before 11.0.696.57 ...)
+	TODO: check
+CVE-2011-1439 (Google Chrome before 11.0.696.57 on Linux does not properly isolate ...)
+	TODO: check
+CVE-2011-1438 (Google Chrome before 11.0.696.57 allows remote attackers to bypass the ...)
+	TODO: check
+CVE-2011-1437 (Multiple integer overflows in Google Chrome before 11.0.696.57 allow ...)
+	TODO: check
+CVE-2011-1436 (Google Chrome before 11.0.696.57 on Linux does not properly interact ...)
+	TODO: check
+CVE-2011-1435 (Google Chrome before 11.0.696.57 does not properly implement the tabs ...)
+	TODO: check
+CVE-2011-1434 (Google Chrome before 11.0.696.57 does not ensure thread safety during ...)
+	TODO: check
 CVE-2011-1433 (The (1) AgentInterface and (2) CustomerInterface components in Open ...)
 	- otrs2 <unfixed>
 	TODO: check, whether otrs2 is really affected
@@ -1411,12 +1454,12 @@
 	- widelands 1:15-3 (low; bug #617960)
 	[squeeze] - widelands <no-dsa> (Minor issue)
 	[lenny] - widelands <no-dsa> (Minor issue)
-CVE-2011-1305
-	RESERVED
-CVE-2011-1304
-	RESERVED
-CVE-2011-1303
-	RESERVED
+CVE-2011-1305 (Race condition in Google Chrome before 11.0.696.57 on Linux and Mac OS ...)
+	TODO: check
+CVE-2011-1304 (Unspecified vulnerability in Google Chrome before 11.0.696.57 allows ...)
+	TODO: check
+CVE-2011-1303 (Google Chrome before 11.0.696.57 does not properly handle floating ...)
+	TODO: check
 CVE-2011-1302 (Heap-based buffer overflow in the GPU process in Google Chrome before ...)
 	- chromium-browser 10.0.648.205~r81283-1
 	- webkit <undetermined>
@@ -1799,8 +1842,7 @@
 CVE-2011-1170
 	RESERVED
 	- linux-2.6 2.6.38-4 (low)
-CVE-2011-1169
-	RESERVED
+CVE-2011-1169 (Array index error in the asihpi_hpi_ioctl function in ...)
 	- linux-2.6 <unfixed>
 	[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.35)
 	[squeeze] - linux-2.6 <not-affected> (Introduced in 2.6.35)
@@ -2122,8 +2164,7 @@
 	NOTE: http://seclists.org/oss-sec/2011/q1/368
 CVE-2011-1088 (Apache Tomcat 7.x before 7.0.10 does not follow ServletSecurity ...)
 	- tomcat6 <not-affected> (Only affects Tomcat 7)
-CVE-2011-1087 [vlc bookmarks memory corruption]
-	RESERVED
+CVE-2011-1087 (Buffer overflow in VideoLAN VLC media player 1.0.5 allows ...)
 	- vlc <unfixed> (low; bug #616156)
 	[squeeze] - vlc <no-dsa> (Minor issue)
 	[lenny] - vlc <no-dsa> (Minor issue)
@@ -3489,8 +3530,8 @@
 	RESERVED
 CVE-2011-0611 (Adobe Flash Player before 10.2.154.27 on Windows, Mac OS X, Linux, and ...)
 	NOT-FOR-US: Adobe Flash Player / Acrobat Reader
-CVE-2011-0610
-	RESERVED
+CVE-2011-0610 (The CoolType library in Adobe Reader 9.x before 9.4.4 and 10.x through ...)
+	TODO: check
 CVE-2011-0609 (Unspecified vulnerability in Adobe Flash Player 10.2.154.13 and ...)
 	NOT-FOR-US: Adobe Flash Player
 CVE-2011-0608 (Adobe Flash Player before 10.2.152.26 allows attackers to execute ...)
@@ -4396,8 +4437,8 @@
 	RESERVED
 CVE-2010-4666
 	RESERVED
-CVE-2010-4665
-	RESERVED
+CVE-2010-4665 (Integer overflow in the ReadDirectory function in tiffdump.c in ...)
+	TODO: check
 CVE-2010-4664
 	RESERVED
 CVE-2010-4663
@@ -5565,8 +5606,7 @@
 	RESERVED
 CVE-2009-5023
 	RESERVED
-CVE-2009-5022
-	RESERVED
+CVE-2009-5022 (Heap-based buffer overflow in tif_ojpeg.c in the OJPEG decoder in ...)
 	- tiff <unfixed> (bug #624287)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=1999
 CVE-2009-5021 (Cobbler before 1.6.1 does not properly determine whether an ...)

More information about the Secure-testing-commits mailing list