[Secure-testing-commits] r17390 - data/CVE

Joey Hess joeyh at alioth.debian.org
Fri Oct 7 21:14:18 UTC 2011 

Author: joeyh
Date: 2011-10-07 21:14:18 +0000 (Fri, 07 Oct 2011)
New Revision: 17390

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2011-10-07 18:04:16 UTC (rev 17389)
+++ data/CVE/list	2011-10-07 21:14:18 UTC (rev 17390)
@@ -1,3 +1,51 @@
+CVE-2011-4025
+	RESERVED
+CVE-2010-4892 (Cross-site scripting (XSS) vulnerability in the powermail extension ...)
+	TODO: check
+CVE-2010-4891 (SQL injection vulnerability in the Yet Another Calendar (ke_yac) ...)
+	TODO: check
+CVE-2010-4890 (Cross-site scripting (XSS) vulnerability in the Yet Another Calendar ...)
+	TODO: check
+CVE-2010-4889 (Unspecified vulnerability in the Tiny Market (hm_tinymarket) extension ...)
+	TODO: check
+CVE-2010-4888 (SQL injection vulnerability in the Tiny Market (hm_tinymarket) ...)
+	TODO: check
+CVE-2010-4887 (SQL injection vulnerability in the Commenting system Backend Module ...)
+	TODO: check
+CVE-2010-4886 (Cross-site scripting (XSS) vulnerability in the "official twitter ...)
+	TODO: check
+CVE-2010-4885 (Cross-site scripting (XSS) vulnerability in the XING Button (xing) ...)
+	TODO: check
+CVE-2010-4884 (PHP remote file inclusion vulnerability in guestbook/gbook.php in ...)
+	TODO: check
+CVE-2010-4883 (Cross-site scripting (XSS) vulnerability in manager/index.php in MODx ...)
+	TODO: check
+CVE-2010-4882 (Cross-site scripting (XSS) vulnerability in autocms.php in Auto CMS ...)
+	TODO: check
+CVE-2010-4881 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+	TODO: check
+CVE-2010-4880 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+	TODO: check
+CVE-2010-4879 (PHP remote file inclusion vulnerability in dompdf.php in dompdf 0.6.0 ...)
+	TODO: check
+CVE-2010-4878 (PHP remote file inclusion vulnerability in formmailer.php in Kontakt ...)
+	TODO: check
+CVE-2010-4877 (Cross-site scripting (XSS) vulnerability in index.php in OneCMS 2.6.1 ...)
+	TODO: check
+CVE-2010-4876 (SQL injection vulnerability in viewpost.php in mBlogger 1.0.04 allows ...)
+	TODO: check
+CVE-2010-4875 (Cross-site scripting (XSS) vulnerability in ...)
+	TODO: check
+CVE-2010-4874 (Multiple cross-site scripting (XSS) vulnerabilities in users.php in ...)
+	TODO: check
+CVE-2010-4873 (Cross-site scripting (XSS) vulnerability in confirm.php in WeBid 0.8.5 ...)
+	TODO: check
+CVE-2010-4872 (SQL injection vulnerability in newsroom.asp in ASPilot Pilot Cart 7.3 ...)
+	TODO: check
+CVE-2010-4871 (Unspecified vulnerability in SmartFTP before 4.0 Build 1142 allows ...)
+	TODO: check
+CVE-2010-4870 (SQL injection vulnerability in index.php in BloofoxCMS 0.3.5 allows ...)
+	TODO: check
 CVE-2011-4024
 	RESERVED
 CVE-2011-4023
@@ -931,18 +979,23 @@
 CVE-2011-3606
 	RESERVED
 CVE-2011-3605
+	RESERVED
 	- radvd <unfixed> (bug #644614)
 	NOTE: http://seclists.org/oss-sec/2011/q4/30
 CVE-2011-3604
+	RESERVED
 	- radvd <unfixed> (bug #644614)
 	NOTE: http://seclists.org/oss-sec/2011/q4/30
 CVE-2011-3603
+	RESERVED
 	- radvd <unfixed> (bug #644614)
 	NOTE: http://seclists.org/oss-sec/2011/q4/30
 CVE-2011-3602
+	RESERVED
 	- radvd <unfixed> (bug #644614)
 	NOTE: http://seclists.org/oss-sec/2011/q4/30
 CVE-2011-3601
+	RESERVED
 	- radvd <unfixed> (bug #644614)
 	[squeeze] - radvd <not-affected> (No support for ND_OPT_DNSSL_INFORMATION)
 	[lenny] - radvd <not-affected> (No support for ND_OPT_DNSSL_INFORMATION)
@@ -1647,8 +1700,8 @@
 	RESERVED
 CVE-2011-3333
 	RESERVED
-CVE-2011-3332
-	RESERVED
+CVE-2011-3332 (Stack-based buffer overflow in Iceni Argus 6.20 and earlier and Infix ...)
+	TODO: check
 CVE-2011-3331
 	RESERVED
 CVE-2011-3330
@@ -4686,8 +4739,8 @@
 CVE-2011-2192 (The Curl_input_negotiate function in http_negotiate.c in libcurl ...)
 	{DSA-2271-1}
 	- curl 7.21.6-2 (high; bug #631615)
-CVE-2011-2191
-	RESERVED
+CVE-2011-2191 (Cross-site request forgery (CSRF) vulnerability in Cherokee-admin in ...)
+	TODO: check
 CVE-2011-2189
 	RESERVED
 	- linux-2.6 2.6.35-1 (low)
@@ -4805,8 +4858,7 @@
 	- vlc 1.1.10-1
 	[lenny] - vlc <not-affected> (Vulnerable code not present)
 	NOTE: http://repo.or.cz/w/vlc.git/commitdiff/cd929923ff49175a501bb3e9553a683bc42ff61c
-CVE-2011-2190 [cherokee csrf]
-	RESERVED
+CVE-2011-2190 (The generate_admin_password function in Cherokee before 1.2.99 uses ...)
 	- cherokee <unfixed> (low)
 	[squeeze] - cherokee <no-dsa> (Minor issue)
 	[lenny] - cherokee <no-dsa> (Minor issue)

More information about the Secure-testing-commits mailing list