[Secure-testing-commits] r17252 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Thu Sep 15 21:14:23 UTC 2011
Author: joeyh
Date: 2011-09-15 21:14:23 +0000 (Thu, 15 Sep 2011)
New Revision: 17252
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2011-09-15 15:02:00 UTC (rev 17251)
+++ data/CVE/list 2011-09-15 21:14:23 UTC (rev 17252)
@@ -1,3 +1,15 @@
+CVE-2011-3481 (The index_get_ids function in index.c in imapd in Cyrus IMAP Server ...)
+ TODO: check
+CVE-2011-3480
+ RESERVED
+CVE-2011-3479
+ RESERVED
+CVE-2011-3478
+ RESERVED
+CVE-2011-3477
+ RESERVED
+CVE-2011-3476
+ RESERVED
CVE-2011-XXXX
- tahoe-lafs 1.8.3-1 (bug #641540)
CVE-2011-3475
@@ -140,16 +152,19 @@
NOTE: https://www.djangoproject.com/weblog/2011/sep/10/127/
NOTE: CVE id requested on oss-security
CVE-2011-3482 [Wireshark CSN.1 dissector vulnerability]
+ RESERVED
- wireshark <unfixed>
[squeeze] - wireshark <not-affected> (Affects only 1.6.0 and 1.6.1)
[lenny] - wireshark <not-affected> (Affects only 1.6.0 and 1.6.1)
NOTE: http://www.wireshark.org/security/wnpa-sec-2011-16.html
CVE-2011-3483 [Wireshark buffer exception handling vulnerability]
+ RESERVED
- wireshark <unfixed>
[squeeze] - wireshark <not-affected> (Affects only 1.6.0 and 1.6.1)
[lenny] - wireshark <not-affected> (Affects only 1.6.0 and 1.6.1)
NOTE: http://www.wireshark.org/security/wnpa-sec-2011-14.html
CVE-2011-3484 [Wireshark OpenSafety dissector vulnerability]
+ RESERVED
- wireshark <unfixed>
[squeeze] - wireshark <not-affected> (Affects only 1.6.0 and 1.6.1)
[lenny] - wireshark <not-affected> (Affects only 1.6.0 and 1.6.1)
@@ -675,8 +690,7 @@
[squeeze] - openssl <no-dsa> (Minor issue)
CVE-2011-3209
RESERVED
-CVE-2011-3208
- RESERVED
+CVE-2011-3208 (Stack-based buffer overflow in the split_wildmats function in nntpd.c ...)
- cyrus-imapd-2.2 <unfixed> (medium)
- cyrus-imapd-2.4 <unfixed> (medium)
- kolab-cyrus-imapd <unfixed> (medium)
@@ -2326,8 +2340,8 @@
NOTE: no code injection, not treated as a security issue, see README.Debian.security
CVE-2011-2596
RESERVED
-CVE-2011-2595
- RESERVED
+CVE-2011-2595 (Multiple stack-based buffer overflows in ACDSee FotoSlate 4.0 Build ...)
+ TODO: check
CVE-2011-2594 (Heap-based buffer overflow in KMPlayer 3.0.0.1441, and possibly other ...)
TODO: check
CVE-2011-2593
@@ -2354,8 +2368,8 @@
RESERVED
CVE-2011-2582
RESERVED
-CVE-2011-2581
- RESERVED
+CVE-2011-2581 (The ACL implementation in Cisco NX-OS 5.0(2) and 5.0(3) before ...)
+ TODO: check
CVE-2011-2580
RESERVED
CVE-2011-2579
@@ -2704,41 +2718,29 @@
RESERVED
CVE-2011-2443
RESERVED
-CVE-2011-2442
- RESERVED
+CVE-2011-2442 (Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x ...)
NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2441
- RESERVED
+CVE-2011-2441 (Multiple stack-based buffer overflows in CoolType.dll in Adobe Reader ...)
NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2440
- RESERVED
+CVE-2011-2440 (Use-after-free vulnerability in Adobe Reader and Acrobat 8.x before ...)
NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2439
- RESERVED
+CVE-2011-2439 (Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x ...)
NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2438
- RESERVED
+CVE-2011-2438 (Multiple stack-based buffer overflows in the image-parsing library in ...)
NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2437
- RESERVED
+CVE-2011-2437 (Heap-based buffer overflow in Adobe Reader and Acrobat 8.x before ...)
NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2436
- RESERVED
+CVE-2011-2436 (Heap-based buffer overflow in the image-parsing library in Adobe ...)
NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2435
- RESERVED
+CVE-2011-2435 (Buffer overflow in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x ...)
NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2434
- RESERVED
+CVE-2011-2434 (Heap-based buffer overflow in Adobe Reader and Acrobat 8.x before ...)
NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2433
- RESERVED
+CVE-2011-2433 (Heap-based buffer overflow in Adobe Reader and Acrobat 8.x before ...)
NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2432
- RESERVED
+CVE-2011-2432 (Buffer overflow in the U3D TIFF Resource in Adobe Reader and Acrobat ...)
NOT-FOR-US: Adobe Reader and Acrobat
-CVE-2011-2431
- RESERVED
+CVE-2011-2431 (Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x ...)
NOT-FOR-US: Adobe Reader and Acrobat
CVE-2011-2430
RESERVED
@@ -3274,8 +3276,8 @@
[lenny] - tomcat6 <no-dsa> (Minor issue)
[squeeze] - tomcat6 <no-dsa> (Minor issue)
- tomcat7 7.0.16-3 (low; bug #632882)
-CVE-2011-2201
- RESERVED
+CVE-2011-2201 (The Data::FormValidator module 4.66 and earlier for Perl, when ...)
+ TODO: check
CVE-2011-2200 (The _dbus_header_byteswap function in dbus-marshal-header.c in D-Bus ...)
- dbus 1.4.12-1 (low; bug #629938)
[squeeze] - dbus 1.2.24-4+squeeze1
@@ -3888,30 +3890,30 @@
RESERVED
CVE-2011-1992
RESERVED
-CVE-2011-1991
- RESERVED
-CVE-2011-1990
- RESERVED
-CVE-2011-1989
- RESERVED
-CVE-2011-1988
- RESERVED
-CVE-2011-1987
- RESERVED
-CVE-2011-1986
- RESERVED
+CVE-2011-1991 (Multiple untrusted search path vulnerabilities in Microsoft Windows XP ...)
+ TODO: check
+CVE-2011-1990 (Microsoft Excel 2007 SP2; Excel in Office 2007 SP2; Excel Viewer SP2; ...)
+ TODO: check
+CVE-2011-1989 (Microsoft Excel 2003 SP3 and 2007 SP2; Excel in Office 2007 SP2; Excel ...)
+ TODO: check
+CVE-2011-1988 (Microsoft Excel 2003 SP3 and 2007 SP2; Excel in Office 2007 SP2; ...)
+ TODO: check
+CVE-2011-1987 (Array index error in Microsoft Excel 2003 SP3 and 2007 SP2; Excel in ...)
+ TODO: check
+CVE-2011-1986 (Use-after-free vulnerability in Microsoft Excel 2003 SP3 allows remote ...)
+ TODO: check
CVE-2011-1985
RESERVED
-CVE-2011-1984
- RESERVED
+CVE-2011-1984 (WINS in Microsoft Windows Server 2003 SP2 and Server 2008 SP2, R2, and ...)
+ TODO: check
CVE-2011-1983
RESERVED
-CVE-2011-1982
- RESERVED
+CVE-2011-1982 (Microsoft Office 2007 SP2, and 2010 Gold and SP1, does not initialize ...)
+ TODO: check
CVE-2011-1981
RESERVED
-CVE-2011-1980
- RESERVED
+CVE-2011-1980 (Untrusted search path vulnerability in Microsoft Office 2003 SP3 and ...)
+ TODO: check
CVE-2011-1979 (Microsoft Visio 2003 SP3 and 2007 SP2 does not properly validate ...)
NOT-FOR-US: Microsoft Visio
CVE-2011-1978 (Microsoft .NET Framework 2.0 SP2, 3.5.1, and 4 does not properly ...)
@@ -4146,14 +4148,14 @@
RESERVED
CVE-2011-1894 (The MHTML protocol handler in Microsoft Windows XP SP2 and SP3, ...)
NOT-FOR-US: Microsoft Windows
-CVE-2011-1893
- RESERVED
-CVE-2011-1892
- RESERVED
-CVE-2011-1891
- RESERVED
-CVE-2011-1890
- RESERVED
+CVE-2011-1893 (Cross-site scripting (XSS) vulnerability in Microsoft Office ...)
+ TODO: check
+CVE-2011-1892 (Microsoft Office Groove 2007 SP2, SharePoint Workspace 2010 Gold and ...)
+ TODO: check
+CVE-2011-1891 (Cross-site scripting (XSS) vulnerability in Microsoft Windows ...)
+ TODO: check
+CVE-2011-1890 (Cross-site scripting (XSS) vulnerability in EditForm.aspx in Microsoft ...)
+ TODO: check
CVE-2011-1889 (The NSPLookupServiceNext function in the client in Microsoft Forefront ...)
NOT-FOR-US: Microsoft Forefront Threat Management Gateway
CVE-2011-1888 (win32k.sys in the kernel-mode drivers in Microsoft Windows Vista SP1 ...)
@@ -5775,8 +5777,7 @@
NOT-FOR-US: IBM WebSphere Application Server
CVE-2011-1354
RESERVED
-CVE-2011-1353
- RESERVED
+CVE-2011-1353 (Unspecified vulnerability in Adobe Reader 10.x before 10.1.1 on ...)
NOT-FOR-US: Adobe Reader and Acrobat
CVE-2011-1352
RESERVED
@@ -6015,7 +6016,7 @@
NOT-FOR-US: Microsoft Internet Explorer
CVE-2011-1253
RESERVED
-CVE-2011-1252 (Cross-site scripting (XSS) vulnerability in the toStaticHTML API in ...)
+CVE-2011-1252 (Cross-site scripting (XSS) vulnerability in the SafeHTML function in ...)
NOT-FOR-US: Microsoft Internet Explorer
CVE-2011-1251 (Microsoft Internet Explorer 8 does not properly handle objects in ...)
NOT-FOR-US: Microsoft Internet Explorer
@@ -7908,8 +7909,8 @@
NOT-FOR-US: Microsoft
CVE-2011-0654 (Integer underflow in the BowserWriteErrorLogEntry function in the ...)
NOT-FOR-US: Windows 2003
-CVE-2011-0653
- RESERVED
+CVE-2011-0653 (Cross-site scripting (XSS) vulnerability in Microsoft Office ...)
+ TODO: check
CVE-2011-0652 (lnsfw1.sys 6.0.2900.5512 in Look 'n' Stop Firewall 2.06p4 and 2.07 ...)
NOT-FOR-US: Look 'n' Stop Firewall
CVE-2011-0651 (Buffer overflow in the key exchange functionality in Icon Labs ...)
More information about the Secure-testing-commits
mailing list