[Secure-testing-commits] r17258 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Mon Sep 19 21:14:17 UTC 2011
Author: joeyh
Date: 2011-09-19 21:14:17 +0000 (Mon, 19 Sep 2011)
New Revision: 17258
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2011-09-19 00:20:20 UTC (rev 17257)
+++ data/CVE/list 2011-09-19 21:14:17 UTC (rev 17258)
@@ -1,3 +1,185 @@
+CVE-2011-3576 (Cross-site scripting (XSS) vulnerability in IBM Lotus Domino 8.5.2 ...)
+ TODO: check
+CVE-2011-3575 (Stack-based buffer overflow in the NSFComputeEvaluateExt function in ...)
+ TODO: check
+CVE-2011-3574
+ RESERVED
+CVE-2011-3573
+ RESERVED
+CVE-2011-3572
+ RESERVED
+CVE-2011-3571
+ RESERVED
+CVE-2011-3570
+ RESERVED
+CVE-2011-3569
+ RESERVED
+CVE-2011-3568
+ RESERVED
+CVE-2011-3567
+ RESERVED
+CVE-2011-3566
+ RESERVED
+CVE-2011-3565
+ RESERVED
+CVE-2011-3564
+ RESERVED
+CVE-2011-3563
+ RESERVED
+CVE-2011-3562
+ RESERVED
+CVE-2011-3561
+ RESERVED
+CVE-2011-3560
+ RESERVED
+CVE-2011-3559
+ RESERVED
+CVE-2011-3558
+ RESERVED
+CVE-2011-3557
+ RESERVED
+CVE-2011-3556
+ RESERVED
+CVE-2011-3555
+ RESERVED
+CVE-2011-3554
+ RESERVED
+CVE-2011-3553
+ RESERVED
+CVE-2011-3552
+ RESERVED
+CVE-2011-3551
+ RESERVED
+CVE-2011-3550
+ RESERVED
+CVE-2011-3549
+ RESERVED
+CVE-2011-3548
+ RESERVED
+CVE-2011-3547
+ RESERVED
+CVE-2011-3546
+ RESERVED
+CVE-2011-3545
+ RESERVED
+CVE-2011-3544
+ RESERVED
+CVE-2011-3543
+ RESERVED
+CVE-2011-3542
+ RESERVED
+CVE-2011-3541
+ RESERVED
+CVE-2011-3540
+ RESERVED
+CVE-2011-3539
+ RESERVED
+CVE-2011-3538
+ RESERVED
+CVE-2011-3537
+ RESERVED
+CVE-2011-3536
+ RESERVED
+CVE-2011-3535
+ RESERVED
+CVE-2011-3534
+ RESERVED
+CVE-2011-3533
+ RESERVED
+CVE-2011-3532
+ RESERVED
+CVE-2011-3531
+ RESERVED
+CVE-2011-3530
+ RESERVED
+CVE-2011-3529
+ RESERVED
+CVE-2011-3528
+ RESERVED
+CVE-2011-3527
+ RESERVED
+CVE-2011-3526
+ RESERVED
+CVE-2011-3525
+ RESERVED
+CVE-2011-3524
+ RESERVED
+CVE-2011-3523
+ RESERVED
+CVE-2011-3522
+ RESERVED
+CVE-2011-3521
+ RESERVED
+CVE-2011-3520
+ RESERVED
+CVE-2011-3519
+ RESERVED
+CVE-2011-3518
+ RESERVED
+CVE-2011-3517
+ RESERVED
+CVE-2011-3516
+ RESERVED
+CVE-2011-3515
+ RESERVED
+CVE-2011-3514
+ RESERVED
+CVE-2011-3513
+ RESERVED
+CVE-2011-3512
+ RESERVED
+CVE-2011-3511
+ RESERVED
+CVE-2011-3510
+ RESERVED
+CVE-2011-3509
+ RESERVED
+CVE-2011-3508
+ RESERVED
+CVE-2011-3507
+ RESERVED
+CVE-2011-3506
+ RESERVED
+CVE-2011-3505
+ RESERVED
+CVE-2011-3504
+ RESERVED
+CVE-2011-3503 (Untrusted search path vulnerability in eSignal 10.6.2425.1208, and ...)
+ TODO: check
+CVE-2011-3502 (The web server in Cogent DataHub 7.1.1.63 and earlier allows remote ...)
+ TODO: check
+CVE-2011-3501 (Integer overflow in Cogent DataHub 7.1.1.63 and earlier allows remote ...)
+ TODO: check
+CVE-2011-3500 (Directory traversal vulnerability in the web server in Cogent DataHub ...)
+ TODO: check
+CVE-2011-3499 (Progea Movicon / PowerHMI 11.2.1085 and earlier allows remote ...)
+ TODO: check
+CVE-2011-3498 (Heap-based buffer overflow in Progea Movicon / PowerHMI 11.2.1085 and ...)
+ TODO: check
+CVE-2011-3497 (service.exe in Measuresoft ScadaPro 4.0.0 and earlier allows remote ...)
+ TODO: check
+CVE-2011-3496 (service.exe in Measuresoft ScadaPro 4.0.0 and earlier allows remote ...)
+ TODO: check
+CVE-2011-3495 (Multiple directory traversal vulnerabilities in service.exe in ...)
+ TODO: check
+CVE-2011-3494 (WinSig.exe in eSignal 10.6.2425 and earlier allows remote attackers to ...)
+ TODO: check
+CVE-2011-3493 (Multiple stack-based buffer overflows in the DH_OneSecondTick function ...)
+ TODO: check
+CVE-2011-3492 (Stack-based buffer overflow in Azeotech DAQFactory 5.85 build 1853 and ...)
+ TODO: check
+CVE-2011-3491 (Heap-based buffer overflow in Progea Movicon / PowerHMI 11.2.1085 and ...)
+ TODO: check
+CVE-2011-3490 (Multiple stack-based buffer overflows in service.exe in Measuresoft ...)
+ TODO: check
+CVE-2011-3489 (RnaUtility.dll in RsvcHost.exe 2.30.0.23 in Rockwell RSLogix 19 and ...)
+ TODO: check
+CVE-2011-3488 (Use-after-free vulnerability in Equis MetaStock 11 and earlier allows ...)
+ TODO: check
+CVE-2011-3487 (Directory traversal vulnerability in CarelDataServer.exe in Carel ...)
+ TODO: check
+CVE-2011-3486 (Beckhoff TwinCAT 2.11.0.2004 and earlier allows remote attackers to ...)
+ TODO: check
CVE-2011-3485
RESERVED
CVE-2011-3481 (The index_get_ids function in index.c in imapd in Cyrus IMAP Server ...)
@@ -116,10 +298,10 @@
RESERVED
CVE-2011-3425
RESERVED
-CVE-2011-3424
- RESERVED
-CVE-2011-3423
- RESERVED
+CVE-2011-3424 (Session fixation vulnerability in the Managed File Transfer server in ...)
+ TODO: check
+CVE-2011-3423 (Cross-site scripting (XSS) vulnerability in the Managed File Transfer ...)
+ TODO: check
CVE-2010-4839 (SQL injection vulnerability in the Event Registration plugin 5.32 and ...)
TODO: check
CVE-2010-4838 (SQL injection vulnerability in the JSupport (com_jsupport) component ...)
@@ -384,8 +566,7 @@
RESERVED
CVE-2011-3346
RESERVED
-CVE-2011-3345
- RESERVED
+CVE-2011-3345 (ulp/sdp/sdp_proc.c in the ib_sdp module (aka ib_sdp.ko) in the ...)
- ofa-kernel <itp> (bug #541849)
CVE-2011-3344
RESERVED
@@ -638,8 +819,8 @@
RESERVED
CVE-2011-3235
RESERVED
-CVE-2011-3234
- RESERVED
+CVE-2011-3234 (Google Chrome before 14.0.835.163 does not properly handle boxes, ...)
+ TODO: check
CVE-2011-3233
RESERVED
CVE-2011-3232
@@ -1578,10 +1759,10 @@
RESERVED
CVE-2011-2876
RESERVED
-CVE-2011-2875
- RESERVED
-CVE-2011-2874
- RESERVED
+CVE-2011-2875 (Google V8, as used in Google Chrome before 14.0.835.163, does not ...)
+ TODO: check
+CVE-2011-2874 (Google Chrome before 14.0.835.163 does not perform an expected pin ...)
+ TODO: check
CVE-2011-2873
RESERVED
CVE-2011-2872
@@ -1600,68 +1781,68 @@
RESERVED
CVE-2011-2865
RESERVED
-CVE-2011-2864
- RESERVED
+CVE-2011-2864 (Google Chrome before 14.0.835.163 does not properly handle Tibetan ...)
+ TODO: check
CVE-2011-2863
RESERVED
-CVE-2011-2862
- RESERVED
-CVE-2011-2861
- RESERVED
-CVE-2011-2860
- RESERVED
-CVE-2011-2859
- RESERVED
-CVE-2011-2858
- RESERVED
-CVE-2011-2857
- RESERVED
-CVE-2011-2856
- RESERVED
-CVE-2011-2855
- RESERVED
-CVE-2011-2854
- RESERVED
-CVE-2011-2853
- RESERVED
-CVE-2011-2852
- RESERVED
-CVE-2011-2851
- RESERVED
-CVE-2011-2850
- RESERVED
-CVE-2011-2849
- RESERVED
-CVE-2011-2848
- RESERVED
-CVE-2011-2847
- RESERVED
-CVE-2011-2846
- RESERVED
+CVE-2011-2862 (Google V8, as used in Google Chrome before 14.0.835.163, does not ...)
+ TODO: check
+CVE-2011-2861 (Google Chrome before 14.0.835.163 does not properly handle strings in ...)
+ TODO: check
+CVE-2011-2860 (Use-after-free vulnerability in Google Chrome before 14.0.835.163 ...)
+ TODO: check
+CVE-2011-2859 (Google Chrome before 14.0.835.163 uses incorrect permissions for ...)
+ TODO: check
+CVE-2011-2858 (Google Chrome before 14.0.835.163 does not properly handle triangle ...)
+ TODO: check
+CVE-2011-2857 (Use-after-free vulnerability in Google Chrome before 14.0.835.163 ...)
+ TODO: check
+CVE-2011-2856 (Google V8, as used in Google Chrome before 14.0.835.163, allows remote ...)
+ TODO: check
+CVE-2011-2855 (Google Chrome before 14.0.835.163 does not properly handle Cascading ...)
+ TODO: check
+CVE-2011-2854 (Use-after-free vulnerability in Google Chrome before 14.0.835.163 ...)
+ TODO: check
+CVE-2011-2853 (Use-after-free vulnerability in Google Chrome before 14.0.835.163 ...)
+ TODO: check
+CVE-2011-2852 (Off-by-one error in Google V8, as used in Google Chrome before ...)
+ TODO: check
+CVE-2011-2851 (Google Chrome before 14.0.835.163 does not properly handle video, ...)
+ TODO: check
+CVE-2011-2850 (Google Chrome before 14.0.835.163 does not properly handle Khmer ...)
+ TODO: check
+CVE-2011-2849 (The WebSockets implementation in Google Chrome before 14.0.835.163 ...)
+ TODO: check
+CVE-2011-2848 (Google Chrome before 14.0.835.163 allows user-assisted remote ...)
+ TODO: check
+CVE-2011-2847 (Use-after-free vulnerability in the document loader in Google Chrome ...)
+ TODO: check
+CVE-2011-2846 (Use-after-free vulnerability in Google Chrome before 14.0.835.163 ...)
+ TODO: check
CVE-2011-2845
RESERVED
-CVE-2011-2844
- RESERVED
-CVE-2011-2843
- RESERVED
-CVE-2011-2842
- RESERVED
-CVE-2011-2841
- RESERVED
-CVE-2011-2840
- RESERVED
+CVE-2011-2844 (Google Chrome before 14.0.835.163 does not properly process MP3 files, ...)
+ TODO: check
+CVE-2011-2843 (Google Chrome before 14.0.835.163 does not properly handle media ...)
+ TODO: check
+CVE-2011-2842 (The installer in Google Chrome before 14.0.835.163 on Mac OS X does ...)
+ TODO: check
+CVE-2011-2841 (Google Chrome before 14.0.835.163 does not properly perform garbage ...)
+ TODO: check
+CVE-2011-2840 (Google Chrome before 14.0.835.163 allows user-assisted remote ...)
+ TODO: check
CVE-2011-2839 (The PDF implementation in Google Chrome before 13.0.782.215 on Linux ...)
- chromium-browser <not-affected> (Pdf plugin)
-CVE-2011-2838
- RESERVED
-CVE-2011-2837
- RESERVED
-CVE-2011-2836
- RESERVED
-CVE-2011-2835
- RESERVED
-CVE-2011-2834
- RESERVED
+CVE-2011-2838 (Google Chrome before 14.0.835.163 does not properly consider the MIME ...)
+ TODO: check
+CVE-2011-2837 (Google Chrome before 14.0.835.163 on Linux does not use the PIC and ...)
+ TODO: check
+CVE-2011-2836 (Google Chrome before 14.0.835.163 does not require Infobar interaction ...)
+ TODO: check
+CVE-2011-2835 (Race condition in Google Chrome before 14.0.835.163 allows attackers ...)
+ TODO: check
+CVE-2011-2834 (Double free vulnerability in libxml2, as used in Google Chrome before ...)
+ TODO: check
CVE-2011-2833
RESERVED
CVE-2011-2832
@@ -1957,8 +2138,8 @@
RESERVED
CVE-2011-2739
RESERVED
-CVE-2011-2738
- RESERVED
+CVE-2011-2738 (Multiple unspecified vulnerabilities in Cisco Unified Service Monitor ...)
+ TODO: check
CVE-2011-2737 (RSA enVision 3.x and 4.x before 4 SP4 P3 allows remote attackers to ...)
NOT-FOR-US: RSA enVision
CVE-2011-2736 (RSA enVision 4.x before 4 SP4 P3 places cleartext administrative ...)
@@ -4655,8 +4836,8 @@
NOT-FOR-US: EMC
CVE-2011-1741 (Stack-based buffer overflow in ftserver.exe in the OpenText ...)
NOT-FOR-US: OpenText Hummingbird Client Connector
-CVE-2011-1740
- RESERVED
+CVE-2011-1740 (EMC Avamar 4.x, 5.0.x, and 6.0.x before 6.0.0-592 allows remote ...)
+ TODO: check
CVE-2011-1739 (The makemask function in mountd.c in mountd in FreeBSD 7.4 through 8.2 ...)
NOT-FOR-US: FreeBSD mountd
CVE-2011-1738 (HP Palm webOS 1.4.5 and 1.4.5.1 does not properly restrict Plug-in ...)
@@ -5967,7 +6148,7 @@
NOT-FOR-US: MS Windows
CVE-2011-1280 (The XML Editor in Microsoft InfoPath 2007 SP2 and 2010; SQL Server ...)
NOT-FOR-US: Microsoft InfoPath, SQL Server, SQL Server Management Studio Express, Visual Studio
-CVE-2011-1279 (Microsoft Excel 2002 SP3 and 2003 SP3; Office 2004 and 2008 for Mac, ...)
+CVE-2011-1279 (Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, ...)
NOT-FOR-US: Microsoft Excel, Office, Open XML File Format Converter
CVE-2011-1278 (Microsoft Excel 2002 SP3 and Office 2004 for Mac do not properly ...)
NOT-FOR-US: Microsoft Excel, Office
@@ -22103,7 +22284,7 @@
NOTE: http://lists.debian.org/debian-release/2010/01/msg00181.html
CVE-2010-XXXX [sudosh3: many security weaknesses]
- sudosh3 <removed> (high; bug #566142)
-CVE-2010-0379 (Multiple unspecified vuilnerabilities in the Macromedia Flash ActiveX ...)
+CVE-2010-0379 (Multiple unspecified vulnerabilities in the Macromedia Flash ActiveX ...)
NOT-FOR-US: Macromedia Flash ActiveX
CVE-2010-0378 (Use-after-free vulnerability in Adobe Flash Player 6.0.79, as ...)
NOT-FOR-US: Adobe Flash
@@ -47900,7 +48081,7 @@
NOTE: closely related to CVE-2008-2108
CVE-2008-2106 (Call of Duty 4 (CoD4) 1.5 and earlier allows remote authenticated ...)
NOT-FOR-US: Call of Duty
-CVE-2008-2105 (email_in.pl in Bugzilla 2.23.4, 3.0.x before 3.0.3, and 3.1.x before ...)
+CVE-2008-2105 (email_in.pl in Bugzilla 2.23.4, 3.0.x before 3.0.4, and 3.1.x before ...)
- bugzilla 3.0.4-1 (low)
[etch] - bugzilla <not-affected> (vulnerable code introduced in 2.23.4)
CVE-2008-2104 (The WebService in Bugzilla 3.1.3 allows remote authenticated users ...)
More information about the Secure-testing-commits
mailing list