diff options
author | security tracker role <sectracker@soriano.debian.org> | 2019-11-19 20:10:27 +0000 |
---|---|---|
committer | security tracker role <sectracker@soriano.debian.org> | 2019-11-19 20:10:27 +0000 |
commit | 09e023f93ee361390f89c5cde63a81987fb2e302 (patch) | |
tree | 7ea1e6f571b6b4d0456049c33ef05c04f1c584b1 /data/CVE/2011.list | |
parent | 486a6b04838b86698c845b5efbc62afc9853bb1c (diff) |
automatic update
Diffstat (limited to 'data/CVE/2011.list')
-rw-r--r-- | data/CVE/2011.list | 23 |
1 files changed, 8 insertions, 15 deletions
diff --git a/data/CVE/2011.list b/data/CVE/2011.list index 67944ef46a..331330521c 100644 --- a/data/CVE/2011.list +++ b/data/CVE/2011.list @@ -814,16 +814,14 @@ CVE-2011-4969 (Cross-site scripting (XSS) vulnerability in jQuery before 1.6.3, [squeeze] - jquery <no-dsa> (Minor issue) NOTE: http://blog.jquery.com/2011/09/01/jquery-1-6-3-released/ NOTE: https://github.com/jquery/jquery/commit/db9e023e62c1ff5d8f21ed9868ab6878da2005e9 -CVE-2011-4968 [nginx http proxy module does not verify peer identity of https origin server] - RESERVED +CVE-2011-4968 (nginx http proxy module does not verify peer identity of https origin ...) - nginx 1.9.1-1 (low; bug #697940) [jessie] - nginx <no-dsa> (Minor issue) [squeeze] - nginx <no-dsa> (Minor issue) [wheezy] - nginx <no-dsa> (Minor issue) NOTE: http://trac.nginx.org/nginx/ticket/13 NOTE: Upstream commit: http://trac.nginx.org/nginx/changeset/060c2e692b96a150b584b8e30d596be1f2defa9c/nginx -CVE-2011-4967 - RESERVED +CVE-2011-4967 (tog-Pegasus has a package hash collision DoS vulnerability ...) NOT-FOR-US: OpenPegasus CVE-2011-4966 (modules/rlm_unix/rlm_unix.c in FreeRADIUS before 2.2.0, when unix mode ...) - freeradius 2.1.12+dfsg-1.2 (low; bug #694407) @@ -857,13 +855,11 @@ CVE-2011-4956 (Cross-site scripting (XSS) vulnerability in WordPress before 3.1. - wordpress 3.2.1+dfsg-1 CVE-2011-4955 (Multiple cross-site scripting (XSS) vulnerabilities in ui_stats.php in ...) NOT-FOR-US: wordpress bsuite plugin -CVE-2011-4954 - RESERVED +CVE-2011-4954 (cobbler has local privilege escalation via the use of insecure locatio ...) - cobbler <not-affected> (Fixed before initial upload) CVE-2011-4953 (The set_mgmt_parameters function in item.py in cobbler before 2.2.2 al ...) - cobbler <not-affected> (Fixed before initial upload) -CVE-2011-4952 - RESERVED +CVE-2011-4952 (cobbler: Web interface lacks CSRF protection when using Django framewo ...) - cobbler <not-affected> (Fixed before initial upload) CVE-2011-4951 (Open redirect vulnerability in phpgwapi/ntlm/index.php in EGroupware E ...) NOT-FOR-US: EGroupware @@ -961,8 +957,7 @@ CVE-2011-4921 (SQL injection vulnerability in usersettings.php in e107 0.7.26, a NOT-FOR-US: e107 CVE-2011-4920 (Multiple cross-site scripting (XSS) vulnerabilities in e107 0.7.26, an ...) NOT-FOR-US: e107 -CVE-2011-4919 [mpack info disclosure] - RESERVED +CVE-2011-4919 (mpack 1.6 has information disclosure via eavesdropping on mails sent b ...) - mpack 1.6-8 (low; bug #655971) [squeeze] - mpack <no-dsa> (Minor issue) NOTE: http://openwall.com/lists/oss-security/2011/12/31/1 @@ -6289,11 +6284,9 @@ CVE-2011-2923 RESERVED - foomatic-filters <unfixed> (unimportant) NOTE: debug mode-only -CVE-2011-2922 - RESERVED +CVE-2011-2922 (ktsuss versions 1.4 and prior spawns the GTK interface to run as root. ...) - ktsuss <removed> -CVE-2011-2921 - RESERVED +CVE-2011-2921 (ktsuss versions 1.4 and prior has the uid set to root and does not dro ...) - ktsuss <removed> CVE-2011-2920 (Multiple cross-site scripting (XSS) vulnerabilities in Spacewalk 1.6, ...) NOT-FOR-US: Red Hat Network Satellite server @@ -9888,7 +9881,7 @@ CVE-2011-1590 (The X.509if dissector in Wireshark 1.2.x before 1.2.16 and 1.4.x CVE-2011-1589 (Directory traversal vulnerability in Path.pm in Mojolicious before 1.1 ...) {DSA-2221-1} - libmojolicious-perl 1.16-1 -CVE-2011-1588 (Thunar 1.2 through 1.2.1 could crash when copy and pasting a file name ...) +CVE-2011-1588 (Thunar before 1.3.1 could crash when copy and pasting a file name with ...) - thunar <not-affected> (Introduced in 1.2, only in experimental) NOTE: http://git.xfce.org/xfce/thunar/diff/?id=03dd312e157d4fa8a11d5fa402706ae5b05806fa CVE-2011-1587 (Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.4, w ...) |