[Secure-testing-commits] r17223 - data/CVE

Mon Sep 12 21:14:18 UTC 2011

Author: joeyh
Date: 2011-09-12 21:14:18 +0000 (Mon, 12 Sep 2011)
New Revision: 17223

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2011-09-12 17:21:49 UTC (rev 17222)
+++ data/CVE/list	2011-09-12 21:14:18 UTC (rev 17223)
@@ -1,3 +1,81 @@
+CVE-2011-3422 (The Keychain implementation in Apple Mac OS X 10.6.8 and earlier does ...)
+	TODO: check
+CVE-2011-3421 (Multiple unspecified vulnerabilities in Google Chrome before ...)
+	TODO: check
+CVE-2011-3420 (Multiple unspecified vulnerabilities in Google Chrome before ...)
+	TODO: check
+CVE-2011-3419
+	RESERVED
+CVE-2011-3418
+	RESERVED
+CVE-2011-3417
+	RESERVED
+CVE-2011-3416
+	RESERVED
+CVE-2011-3415
+	RESERVED
+CVE-2011-3414
+	RESERVED
+CVE-2011-3413
+	RESERVED
+CVE-2011-3412
+	RESERVED
+CVE-2011-3411
+	RESERVED
+CVE-2011-3410
+	RESERVED
+CVE-2011-3409
+	RESERVED
+CVE-2011-3408
+	RESERVED
+CVE-2011-3407
+	RESERVED
+CVE-2011-3406
+	RESERVED
+CVE-2011-3405
+	RESERVED
+CVE-2011-3404
+	RESERVED
+CVE-2011-3403
+	RESERVED
+CVE-2011-3402
+	RESERVED
+CVE-2011-3401
+	RESERVED
+CVE-2011-3400
+	RESERVED
+CVE-2011-3399
+	RESERVED
+CVE-2011-3398
+	RESERVED
+CVE-2011-3397
+	RESERVED
+CVE-2011-3396
+	RESERVED
+CVE-2011-3395
+	RESERVED
+CVE-2011-3394
+	RESERVED
+CVE-2011-3393
+	RESERVED
+CVE-2009-5095 (PHP remote file inclusion vulnerability in index_inc.php in ea gBook ...)
+	TODO: check
+CVE-2009-5094 (SQL injection vulnerability in info.php in CMS Faethon 2.2.0 Ultimate ...)
+	TODO: check
+CVE-2009-5093 (Directory traversal vulnerability in gastbuch.php in Gästebuch ...)
+	TODO: check
+CVE-2009-5092 (Cross-site scripting (XSS) vulnerability in the management interface ...)
+	TODO: check
+CVE-2009-5091 (SQL injection vulnerability in page.php in Vlinks 1.0.3 and 1.1.6 ...)
+	TODO: check
+CVE-2009-5090 (SQL injection vulnerability in editcomments.php in Bloggeruniverse ...)
+	TODO: check
+CVE-2009-5089 (Directory traversal vulnerability in index.php in IdeaCart 0.02 and ...)
+	TODO: check
+CVE-2009-5088 (SQL injection vulnerability in secure/index.php in IdeaCart 0.02 ...)
+	TODO: check
+CVE-2009-5087 (Directory traversal vulnerability in geohttpserver in Geovision ...)
+	TODO: check
 CVE-2011-3392 (Cross-site scripting (XSS) vulnerability in control.php in the ...)
 	NOT-FOR-US: Phorum
 CVE-2011-3391 (IBM Rational Build Forge 7.1.2 relies on client-side JavaScript code ...)
@@ -80,10 +158,12 @@
 	RESERVED
 CVE-2011-3358 [XSS issues with unescaped os, os_build and platform]
 	RESERVED
+	{DSA-2308-1}
 	- mantis 1.2.7-1 (low; bug #640297)
 	[squeeze] - mantis <not-affected> (Vulnerable code not present)
 CVE-2011-3357 [LFI and XSS via bug_actiongroup_ext_page.php]
 	RESERVED
+	{DSA-2308-1}
 	- mantis 1.2.7-1 (medium; bug #640297)
 CVE-2011-3356 [XSS injection via PHP_SELF]
 	RESERVED
@@ -3219,6 +3299,7 @@
 	- ffmpeg-debian <removed>
 	NOTE: duplicate of CVE-2011-1198
 CVE-2011-2161 (The ape_read_header function in ape.c in libavformat in FFmpeg before ...)
+	{DSA-2306-1}
 	- libav 4:0.6-1 (bug #628448)
 	- ffmpeg <removed>
 	- ffmpeg-debian <removed>
@@ -12265,7 +12346,7 @@
 CVE-2010-3685 (The OpenID module in Drupal 6.x before 6.18, and the OpenID module 5.x ...)
 	{DSA-2113-1}
 	- drupal6 6.18-1 (low; bug #592716)
-CVE-2010-4340 [libcloud doesn't verify SSL certificate]
+CVE-2010-4340 (libcloud before 0.4.1 does not verify SSL certificates for HTTPS ...)
 	- libcloud <unfixed> (low; bug #598463)
 CVE-2010-3688 (Directory traversal vulnerability in ADMIN/login.php in NetArtMEDIA ...)
 	NOT-FOR-US: NetArtMEDIA WebSiteAdmin


