[Secure-testing-commits] r17536 - data/CVE

Mon Oct 31 21:17:02 UTC 2011

Author: joeyh
Date: 2011-10-31 21:17:00 +0000 (Mon, 31 Oct 2011)
New Revision: 17536

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2011-10-31 19:33:36 UTC (rev 17535)
+++ data/CVE/list	2011-10-31 21:17:00 UTC (rev 17536)
@@ -1,3 +1,13 @@
+CVE-2011-4213 (The sandbox environment in the Google App Engine Python SDK before ...)
+	TODO: check
+CVE-2011-4212 (The sandbox environment in the Google App Engine Python SDK before ...)
+	TODO: check
+CVE-2011-4211 (The FakeFile implementation in the sandbox environment in the Google ...)
+	TODO: check
+CVE-2011-4210
+	RESERVED
+CVE-2011-4209
+	RESERVED
 CVE-2011-XXXX [MSA-11-0018]
 	- moodle <not-affected> (Only affects 2.x)
 CVE-2011-XXXX [MSA-11-0019]
@@ -8023,20 +8033,20 @@
 	RESERVED
 CVE-2011-1371 (Cross-site scripting (XSS) vulnerability in content/error.jsp in IBM ...)
 	TODO: check
-CVE-2011-1370
-	RESERVED
+CVE-2011-1370 (The default configuration of the Sametime configuration servlet (SCS) ...)
+	TODO: check
 CVE-2011-1369
 	RESERVED
-CVE-2011-1368
-	RESERVED
-CVE-2011-1367
-	RESERVED
-CVE-2011-1366
-	RESERVED
+CVE-2011-1368 (The JavaServer Faces (JSF) application functionality in IBM WebSphere ...)
+	TODO: check
+CVE-2011-1367 (Unspecified vulnerability in the File Load feature in IBM Rational ...)
+	TODO: check
+CVE-2011-1366 (Unspecified vulnerability in the Import feature in IBM Rational ...)
+	TODO: check
 CVE-2011-1365
 	RESERVED
-CVE-2011-1364
-	RESERVED
+CVE-2011-1364 (Cross-site request forgery (CSRF) vulnerability in ...)
+	TODO: check
 CVE-2011-1363
 	RESERVED
 CVE-2011-1362
@@ -23179,8 +23189,8 @@
 	NOT-FOR-US: IBM WebSphere
 CVE-2010-0781 (Unspecified vulnerability in the administrative console in IBM ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2010-0780
-	RESERVED
+CVE-2010-0780 (IBM WebSphere MQ 7.x before 7.0.1.4 allows remote attackers to cause a ...)
+	TODO: check
 CVE-2010-0779 (Cross-site scripting (XSS) vulnerability in the Administration Console ...)
 	NOT-FOR-US: IBM WebSphere
 CVE-2010-0778 (Cross-site scripting (XSS) vulnerability in the Administration Console ...)
@@ -31272,10 +31282,10 @@
 	NOT-FOR-US: IBM WebSphere Service Registry and Repository
 CVE-2009-2749 (Feature Pack for Communications Enabled Applications (CEA) before ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2009-2748
-	RESERVED
-CVE-2009-2747
-	RESERVED
+CVE-2009-2748 (Cross-site scripting (XSS) vulnerability in the Administration Console ...)
+	TODO: check
+CVE-2009-2747 (The Java Naming and Directory Interface (JNDI) implementation in IBM ...)
+	TODO: check
 CVE-2009-2746 (Cross-site request forgery (CSRF) vulnerability in the administrative ...)
 	NOT-FOR-US: IBM WebSphere Application Server
 CVE-2009-2745
@@ -37372,8 +37382,8 @@
 	REJECTED
 CVE-2009-0906 (The Service Component Architecture (SCA) feature pack for IBM ...)
 	NOT-FOR-US: IBM WebSphere 
-CVE-2009-0905
-	RESERVED
+CVE-2009-0905 (IBM WebSphere MQ 6.0 before 6.0.2.8 and 7.0 before 7.0.1.0 does not ...)
+	TODO: check
 CVE-2009-0904 (The IBM Stax XMLStreamWriter in the Web Services component in IBM ...)
 	NOT-FOR-US: IBM WebSphere Application Server
 CVE-2009-0903 (IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.3, and the ...)
@@ -37382,8 +37392,8 @@
 	RESERVED
 CVE-2009-0901 (The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 ...)
 	NOT-FOR-US: Microsoft Visual Studio .NET
-CVE-2009-0900
-	RESERVED
+CVE-2009-0900 (Heap-based buffer overflow in the client in IBM WebSphere MQ 6.0 ...)
+	TODO: check
 CVE-2009-0899 (IBM WebSphere Application Server (WAS) 6.1 through 6.1.0.24 and 7.0 ...)
 	NOT-FOR-US: IBM WebSphere
 CVE-2009-0898 (Stack-based buffer overflow in HP OpenView Network Node Manager (OV ...)


