[Secure-testing-commits] r17569 - data/CVE

Mon Nov 7 21:14:21 UTC 2011

Author: joeyh
Date: 2011-11-07 21:14:20 +0000 (Mon, 07 Nov 2011)
New Revision: 17569

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2011-11-07 19:47:40 UTC (rev 17568)
+++ data/CVE/list	2011-11-07 21:14:20 UTC (rev 17569)
@@ -1,3 +1,255 @@
+CVE-2011-4403
+	RESERVED
+CVE-2011-4402
+	RESERVED
+CVE-2011-4401
+	RESERVED
+CVE-2011-4400
+	RESERVED
+CVE-2011-4399
+	RESERVED
+CVE-2011-4398
+	RESERVED
+CVE-2011-4397
+	RESERVED
+CVE-2011-4396
+	RESERVED
+CVE-2011-4395
+	RESERVED
+CVE-2011-4394
+	RESERVED
+CVE-2011-4393
+	RESERVED
+CVE-2011-4392
+	RESERVED
+CVE-2011-4391
+	RESERVED
+CVE-2011-4390
+	RESERVED
+CVE-2011-4389
+	RESERVED
+CVE-2011-4388
+	RESERVED
+CVE-2011-4387
+	RESERVED
+CVE-2011-4386
+	RESERVED
+CVE-2011-4385
+	RESERVED
+CVE-2011-4384
+	RESERVED
+CVE-2011-4383
+	RESERVED
+CVE-2011-4382
+	RESERVED
+CVE-2011-4381
+	RESERVED
+CVE-2011-4380
+	RESERVED
+CVE-2011-4379
+	RESERVED
+CVE-2011-4378
+	RESERVED
+CVE-2011-4377
+	RESERVED
+CVE-2011-4376
+	RESERVED
+CVE-2011-4375
+	RESERVED
+CVE-2011-4374
+	RESERVED
+CVE-2011-4373
+	RESERVED
+CVE-2011-4372
+	RESERVED
+CVE-2011-4371
+	RESERVED
+CVE-2011-4370
+	RESERVED
+CVE-2011-4369
+	RESERVED
+CVE-2011-4368
+	RESERVED
+CVE-2011-4367
+	RESERVED
+CVE-2011-4366
+	RESERVED
+CVE-2011-4365
+	RESERVED
+CVE-2011-4364
+	RESERVED
+CVE-2011-4363
+	RESERVED
+CVE-2011-4362
+	RESERVED
+CVE-2011-4361
+	RESERVED
+CVE-2011-4360
+	RESERVED
+CVE-2011-4359
+	RESERVED
+CVE-2011-4358
+	RESERVED
+CVE-2011-4357
+	RESERVED
+CVE-2011-4356
+	RESERVED
+CVE-2011-4355
+	RESERVED
+CVE-2011-4354
+	RESERVED
+CVE-2011-4353
+	RESERVED
+CVE-2011-4352
+	RESERVED
+CVE-2011-4351
+	RESERVED
+CVE-2011-4350
+	RESERVED
+CVE-2011-4349
+	RESERVED
+CVE-2011-4348
+	RESERVED
+CVE-2011-4347
+	RESERVED
+CVE-2011-4346
+	RESERVED
+CVE-2011-4345
+	RESERVED
+CVE-2011-4344
+	RESERVED
+CVE-2011-4343
+	RESERVED
+CVE-2011-4342
+	RESERVED
+CVE-2011-4341
+	RESERVED
+CVE-2011-4340
+	RESERVED
+CVE-2011-4339
+	RESERVED
+CVE-2011-4338
+	RESERVED
+CVE-2011-4337
+	RESERVED
+CVE-2011-4336
+	RESERVED
+CVE-2011-4335
+	RESERVED
+CVE-2011-4334
+	RESERVED
+CVE-2011-4333
+	RESERVED
+CVE-2011-4332
+	RESERVED
+CVE-2011-4331
+	RESERVED
+CVE-2011-4330
+	RESERVED
+CVE-2011-4329
+	RESERVED
+CVE-2011-4328
+	RESERVED
+CVE-2011-4327
+	RESERVED
+CVE-2011-4326
+	RESERVED
+CVE-2011-4325
+	RESERVED
+CVE-2011-4324
+	RESERVED
+CVE-2011-4323
+	RESERVED
+CVE-2011-4322
+	RESERVED
+CVE-2011-4321
+	RESERVED
+CVE-2011-4320
+	RESERVED
+CVE-2011-4319
+	RESERVED
+CVE-2011-4318
+	RESERVED
+CVE-2011-4317
+	RESERVED
+CVE-2011-4316
+	RESERVED
+CVE-2011-4315
+	RESERVED
+CVE-2011-4314
+	RESERVED
+CVE-2011-4313
+	RESERVED
+CVE-2011-4312
+	RESERVED
+CVE-2011-4311
+	RESERVED
+CVE-2011-4310
+	RESERVED
+CVE-2011-4309
+	RESERVED
+CVE-2011-4308
+	RESERVED
+CVE-2011-4307
+	RESERVED
+CVE-2011-4306
+	RESERVED
+CVE-2011-4305
+	RESERVED
+CVE-2011-4304
+	RESERVED
+CVE-2011-4303
+	RESERVED
+CVE-2011-4302
+	RESERVED
+CVE-2011-4301
+	RESERVED
+CVE-2011-4300
+	RESERVED
+CVE-2011-4299
+	RESERVED
+CVE-2011-4298
+	RESERVED
+CVE-2011-4297
+	RESERVED
+CVE-2011-4296
+	RESERVED
+CVE-2011-4295
+	RESERVED
+CVE-2011-4294
+	RESERVED
+CVE-2011-4293
+	RESERVED
+CVE-2011-4292
+	RESERVED
+CVE-2011-4291
+	RESERVED
+CVE-2011-4290
+	RESERVED
+CVE-2011-4289
+	RESERVED
+CVE-2011-4288
+	RESERVED
+CVE-2011-4287
+	RESERVED
+CVE-2011-4286
+	RESERVED
+CVE-2011-4285
+	RESERVED
+CVE-2011-4284
+	RESERVED
+CVE-2011-4283
+	RESERVED
+CVE-2011-4282
+	RESERVED
+CVE-2011-4281
+	RESERVED
+CVE-2011-4280
+	RESERVED
+CVE-2011-4279
+	RESERVED
+CVE-2011-4278
+	RESERVED
 CVE-2011-4277 (Cross-site scripting (XSS) vulnerability in CourseForum ProjectForum ...)
 	TODO: check
 CVE-2011-4276
@@ -703,8 +955,8 @@
 	RESERVED
 CVE-2011-4067
 	RESERVED
-CVE-2011-4066
-	RESERVED
+CVE-2011-4066 (SQL injection vulnerability in bbs/tb.php in Gnuboard 4.33.02 and ...)
+	TODO: check
 CVE-2011-4065
 	RESERVED
 CVE-2011-4063 (chan_sip.c in the SIP channel driver in Asterisk Open Source 1.8.x ...)
@@ -1072,12 +1324,12 @@
 	TODO: check
 CVE-2011-3992 (Buffer overflow in the SSH server functionality on the D-Link DES-3800 ...)
 	TODO: check
-CVE-2011-3991
-	RESERVED
+CVE-2011-3991 (Untrusted search path vulnerability in FFFTP 1.98a and earlier allows ...)
+	TODO: check
 CVE-2011-3990
 	RESERVED
-CVE-2011-3989
-	RESERVED
+CVE-2011-3989 (SQL injection vulnerability in DBD::mysqlPP 0.04 and earlier allows ...)
+	TODO: check
 CVE-2011-3988 (SQL injection vulnerability in data/class/SC_Query.php in EC-CUBE ...)
 	TODO: check
 CVE-2011-3987 (dtsoftbus01.sys in DAEMON Tools Lite before 4.41.3, Pro Standard ...)
@@ -1886,6 +2138,7 @@
 CVE-2011-3641
 	RESERVED
 CVE-2011-3640 (** DISPUTED ** Untrusted search path vulnerability in Mozilla Network ...)
+	{DSA-2339-1}
 	- nss <unfixed> (low; bug #647614)
 	[lenny] - nss <no-dsa> (Minor issue)
 	[squeeze] - nss <no-dsa> (Minor issue)
@@ -1969,8 +2222,7 @@
 CVE-2011-3617 [tahoe-lafs: an unauthorized user can delete files]
 	RESERVED
 	- tahoe-lafs 1.8.3-1 (bug #641540)
-CVE-2011-3616 [conky tempfile]
-	RESERVED
+CVE-2011-3616 (The getSkillname function in the eve module in Conky 1.8.1 and earlier ...)
 	- conky 1.8.0-1.1 (low; bug #612033)
 	[squeeze] - conky 1.8.0-1+squeeze1
 	[lenny] - conky 1.6.0-2+lenny1
@@ -2052,8 +2304,7 @@
 CVE-2011-3595
 	RESERVED
 	- joomla <itp> (bug #571794)
-CVE-2011-3594
-	RESERVED
+CVE-2011-3594 (The g_markup_escape_text function in the SILC protocol plug-in in ...)
 	- pidgin <unfixed> (unimportant)
 	NOTE: http://developer.pidgin.im/ticket/14636
 	NOTE: relatively obscure client crash
@@ -2103,8 +2354,7 @@
 	[lenny] - typo3-src <not-affected> (Only affects 4.5.x)
 CVE-2011-3582
 	RESERVED
-CVE-2011-3581
-	RESERVED
+CVE-2011-3581 (Heap-based buffer overflow in the ldns_rr_new_frm_str_internal ...)
 	- ldns <unfixed> (bug #647297)
 	NOTE: http://www.nlnetlabs.nl/bugs-script/show_bug.cgi?id=403
 	NOTE: https://secunia.com/advisories/46153/
@@ -2534,8 +2784,8 @@
 	RESERVED
 CVE-2011-3403
 	RESERVED
-CVE-2011-3402
-	RESERVED
+CVE-2011-3402 (Unspecified vulnerability in the Win32k TrueType font parsing engine ...)
+	TODO: check
 CVE-2011-3401
 	RESERVED
 CVE-2011-3400
@@ -2665,8 +2915,8 @@
 	- kde4libs <unfixed>
 	NOTE: http://www.kde.org/info/security/advisory-20111003-1.txt
 	TODO: File bugs
-CVE-2011-3364
-	RESERVED
+CVE-2011-3364 (Incomplete blacklist vulnerability in the svEscape function in ...)
+	TODO: check
 CVE-2011-3363
 	RESERVED
 	- linux-2.6 2.6.39-1
@@ -2775,8 +3025,8 @@
 	NOT-FOR-US: Iceni Argus
 CVE-2011-3331
 	RESERVED
-CVE-2011-3330
-	RESERVED
+CVE-2011-3330 (Buffer overflow in the UnitelWay Windows Device Driver, as used in ...)
+	TODO: check
 CVE-2011-3329
 	RESERVED
 CVE-2011-3328
@@ -3180,8 +3430,8 @@
 	RESERVED
 CVE-2011-3172
 	RESERVED
-CVE-2011-3171
-	RESERVED
+CVE-2011-3171 (Directory traversal vulnerability in pure-FTPd 1.0.22 and possibly ...)
+	TODO: check
 CVE-2011-3170 (The gif_read_lzw function in filter/image-gif.c in CUPS 1.4.8 and ...)
 	- cups 1.5.0-8
 	NOTE: This ID is for an incomplete fix for CVE-2011-2896
@@ -3226,8 +3476,8 @@
 	TODO: check
 CVE-2011-3165 (Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) ...)
 	TODO: check
-CVE-2011-3164
-	RESERVED
+CVE-2011-3164 (Unspecified vulnerability in HP-UX Containers (formerly HP-UX Secure ...)
+	TODO: check
 CVE-2011-3163 (HP MFP Digital Sending Software 4.9x through 4.91.21 allows local ...)
 	NOT-FOR-US: HP MFP Digital Sending Software
 CVE-2011-3162 (Unspecified vulnerability in HP Data Protector Notebook Extension 6.20 ...)
@@ -5224,6 +5474,7 @@
 	{DSA-2310-1 DSA-2303-1}
 	- linux-2.6 2.6.39-3 (low)
 CVE-2011-2483 (crypt_blowfish before 1.1, as used in PHP before 5.3.7 on certain ...)
+	{DSA-2340-1}
 	- libcrypt-eksblowfish-perl <not-affected> (discovered and corrected in initial release in 2007)
 	- php-suhosin <unfixed> (bug #631283)
 	- postgresql-8.4 8.4.9-1 (bug #631285)
@@ -7877,8 +8128,8 @@
 	NOT-FOR-US: HP OpenView
 CVE-2011-1514 (The inet service in HP OpenView Storage Data Protector 6.00 through ...)
 	NOT-FOR-US: HP OpenView
-CVE-2011-1513
-	RESERVED
+CVE-2011-1513 (Static code injection vulnerability in install_.php in e107 CMS 0.7.24 ...)
+	TODO: check
 CVE-2011-1512 (Heap-based buffer overflow in xlssr.dll in Autonomy KeyView, as used ...)
 	NOT-FOR-US: Autonomy KeyView
 CVE-2011-1511 (Unspecified vulnerability in the Oracle GlassFish Server component in ...)
@@ -10292,15 +10543,15 @@
 	NOT-FOR-US: Ruby mail gem
 CVE-2011-0738 (MyProxy 5.0 through 5.2, as used in Globus Toolkit 5.0.0 through ...)
 	NOT-FOR-US: MyProxy
-CVE-2011-0737 (Adobe ColdFusion 9.0.1 CHF1 and earlier allows remote attackers to ...)
+CVE-2011-0737 (** DISPUTED ** Adobe ColdFusion 9.0.1 CHF1 and earlier allows remote ...)
 	NOT-FOR-US: Adobe Coldfusion
-CVE-2011-0736 (Adobe ColdFusion 9.0.1 CHF1 and earlier, when a web application is ...)
+CVE-2011-0736 (** DISPUTED ** Adobe ColdFusion 9.0.1 CHF1 and earlier, when a web ...)
 	NOT-FOR-US: Adobe ColdFusion
 CVE-2011-0735 (Cross-site scripting (XSS) vulnerability in Adobe ColdFusion before ...)
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2011-0734 (Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 9.0.1 ...)
+CVE-2011-0734 (Cross-site scripting (XSS) vulnerability in Adobe ColdFusion before ...)
 	NOT-FOR-US: Adobe ColdFusion
-CVE-2011-0733 (Cross-site scripting (XSS) vulnerability in Adobe ColdFusion, possibly ...)
+CVE-2011-0733 (Cross-site scripting (XSS) vulnerability in Adobe ColdFusion before ...)
 	NOT-FOR-US: Adobe ColdFusion
 CVE-2011-0732 (Multiple unspecified vulnerabilities in IBM Tivoli Integrated Portal ...)
 	NOT-FOR-US: IBM Tivoli Integrated Portal


