automatic update

1 files changed, 10 insertions, 16 deletions

diff --git a/data/CVE/2011.list b/data/CVE/2011.list
index 2da4f58772..38c0c8f49d 100644
--- a/data/CVE/2011.list
+++ b/data/CVE/2011.list
@@ -9785,8 +9785,7 @@ CVE-2011-1599 (manager.c in the Manager Interface in Asterisk Open Source 1.4.x
 CVE-2011-1598 (The bcm_release function in net/can/bcm.c in the Linux kernel before 2 ...)
 	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.38-5
-CVE-2011-1597
-	RESERVED
+CVE-2011-1597 (OpenVAS Manager v2.0.3 allows plugin remote code execution. ...)
 	NOT-FOR-US: OpenVAS Manager
 CVE-2011-1596
 	RESERVED
@@ -10037,8 +10036,8 @@ CVE-2011-XXXX [htmlpurifier various]
 	NOTE: http://web.archive.org/web/20120515064303/http://htmlpurifier.org/news/2011/0327-4.3.0-released
 	NOTE: htmlpurifier only provides library functions, it's not vulnerable by itself
 	NOTE: If apps are vulnerable, this must be addressed there (as done for Mahara)
-CVE-2011-1517
-	RESERVED
+CVE-2011-1517 (SAP NetWeaver 7.0 allows Remote Code Execution and Denial of Service c ...)
+	TODO: check
 CVE-2011-1516 (The kSBXProfileNoNetwork and kSBXProfileNoInternet sandbox profiles in ...)
 	NOT-FOR-US: Apple Mac OS X
 CVE-2011-1515 (The inet service in HP OpenView Storage Data Protector 6.00 through 6. ...)
@@ -11054,11 +11053,9 @@ CVE-2011-1153 (Multiple format string vulnerabilities in phar_object.c in the ph
 	NOTE: only exploitable by malicious scripts
 CVE-2011-1152
 	REJECTED
-CVE-2011-1151
-	RESERVED
+CVE-2011-1151 (Joomla! 1.6.0 is vulnerable to SQL Injection via the filter_order and  ...)
 	NOT-FOR-US: Joomla!
-CVE-2011-1150
-	RESERVED
+CVE-2011-1150 (bbPress through 1.0.2 has XSS in /bb-login.php url via the re paramete ...)
 	NOT-FOR-US: bbPress
 CVE-2011-1149 (Android before 2.3 does not properly restrict access to the system pro ...)
 	NOT-FOR-US: Android
@@ -11328,8 +11325,7 @@ CVE-2011-1070 (v86d before 0.1.10 do not verify if received netlink messages are
 	- v86d 0.1.10-1 (low; bug #619404)
 	[squeeze] - v86d 0.1.9-1+squeeze1
 	[lenny] - v86d 0.1.5.2-1+lenny1
-CVE-2011-1069
-	RESERVED
+CVE-2011-1069 (PHPShop through 0.8.1 has XSS. ...)
 	NOT-FOR-US: PHPShop
 CVE-2011-1068 (Microsoft Windows Azure Software Development Kit (SDK) 1.3.x before 1. ...)
 	NOT-FOR-US: Microsoft Windows Azure SDK
@@ -11496,8 +11492,7 @@ CVE-2011-1010 (Buffer overflow in the mac_partition function in fs/partitions/ma
 	- linux-2.6 2.6.37-2
 	[wheezy] - linux-2.6 2.6.32-31
 	[squeeze] - linux-2.6 2.6.32-31
-CVE-2011-1009
-	RESERVED
+CVE-2011-1009 (Vanilla Forums 2.0.17.1 through 2.0.17.5 has XSS in /vanilla/index.php ...)
 	NOT-FOR-US: Vanilla Forums
 CVE-2011-1008 (Scrips_Overlay.pm in Best Practical Solutions RT before 3.8.9 does not ...)
 	- request-tracker3.8 3.8.10-1 (bug #614576)
@@ -12746,8 +12741,7 @@ CVE-2011-0527 (VMware vFabric tc Server (aka SpringSource tc Server) 2.0.x befor
 	NOT-FOR-US: VMware vFabric tc Server
 CVE-2011-0526 (Cross-site scripting (XSS) vulnerability in index.php in Vanilla Forum ...)
 	NOT-FOR-US: Vanilla Forums
-CVE-2011-0525
-	RESERVED
+CVE-2011-0525 (Batavi before 1.0 has CSRF. ...)
 	NOT-FOR-US: Batavi
 CVE-2011-0524 (Multiple buffer overflows in the NMEA parser (nmea-gen.c) in gypsy 0.8 ...)
 	- gypsy <itp> (bug #491723)
@@ -13492,8 +13486,8 @@ CVE-2011-0222 (WebKit, as used in Apple Safari before 5.0.6, allows remote attac
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2011-0221 (WebKit, as used in Apple Safari before 5.0.6, allows remote attackers  ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
-CVE-2011-0220
-	RESERVED
+CVE-2011-0220 (Apple Bonjour before 2011 allows a crash via a crafted multicast DNS p ...)
+	TODO: check
 CVE-2011-0219 (Apple Safari before 5.0.6 allows remote attackers to bypass the Same O ...)
 	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2011-0218 (WebKit, as used in Apple Safari before 5.0.6, allows remote attackers  ...)