diff options
| author | security tracker role <sectracker@soriano.debian.org> | 2019-11-12 20:10:38 +0000 |
|---|---|---|
| committer | security tracker role <sectracker@soriano.debian.org> | 2019-11-12 20:10:38 +0000 |
| commit | 7787f3d7e640e348f8e63bbc6eb03cd60ee6d584 (patch) | |
| tree | ac0ef6ab6d1fb35957e652705e6038ebaf5dc47f /data/CVE/2011.list | |
| parent | 5e696d4e49c0814248f812682484d2ea2853a1af (diff) | |
automatic update
Diffstat (limited to 'data/CVE/2011.list')
| -rw-r--r-- | data/CVE/2011.list | 18 |
1 files changed, 6 insertions, 12 deletions
diff --git a/data/CVE/2011.list b/data/CVE/2011.list index 20610afb31..8b4a764a4f 100644 --- a/data/CVE/2011.list +++ b/data/CVE/2011.list @@ -140,8 +140,7 @@ CVE-2011-5273 (Directory traversal vulnerability in shared/package-installer in - dtc 0.34.1-1 CVE-2011-5272 (SQL injection vulnerability in Domain Technologie Control (DTC) before ...) - dtc 0.34.1-1 -CVE-2011-5271 [configure creates temp files insecurely] - RESERVED +CVE-2011-5271 (Pacemaker before 1.1.6 configure script creates temporary files insecu ...) - pacemaker 1.1.6-1 (unimportant; bug #633964) NOTE: https://github.com/ClusterLabs/pacemaker/commit/23ad834 NOTE: Only exploitable at build time @@ -4227,8 +4226,7 @@ CVE-2011-3619 (The apparmor_setprocattr function in security/apparmor/lsm.c in t - linux-2.6 3.0.0-1 [squeeze] - linux-2.6 <not-affected> (Introduced in 2.6.36) [lenny] - linux-2.6 <not-affected> (Introduced in 2.6.36) -CVE-2011-3618 [atop insecure tempfile handling] - RESERVED +CVE-2011-3618 (atop: symlink attack possible due to insecure tempfile handling ...) - atop 1.23-1.1 (low; bug #622794) [lenny] - atop 1.23-1+lenny1 (bug #622794) [squeeze] - atop 1.23-1+squeeze1 (bug #622794) @@ -4963,8 +4961,7 @@ CVE-2011-3372 (imap/nntpd.c in the NNTP server (nntpd) for Cyrus IMAPd 2.4.x bef [squeeze] - kolab-cyrus-imapd <end-of-life> (Unsupported in squeeze-lts) CVE-2011-3371 (Multiple cross-site scripting (XSS) vulnerabilities in include/functio ...) NOT-FOR-US: PunBB -CVE-2011-3370 - RESERVED +CVE-2011-3370 (statusnet before 0.9.9 has XSS ...) - statusnet <itp> (bug #491723) CVE-2011-3369 (The add_conversation function in conversations.c in EtherApe before 0. ...) - etherape 0.9.12-1 (low; bug #645324) @@ -6252,11 +6249,9 @@ CVE-2011-2938 (Multiple cross-site scripting (XSS) vulnerabilities in filter_api CVE-2011-2937 (Cross-site scripting (XSS) vulnerability in the UI messages functional ...) - roundcube 0.5.4+dfsg-1 (low; bug #641996) [squeeze] - roundcube <no-dsa> (Minor issue) -CVE-2011-2936 - RESERVED +CVE-2011-2936 (Elgg through 1.7.10 has a SQL injection vulnerability ...) - elgg <itp> (bug #526197) -CVE-2011-2935 - RESERVED +CVE-2011-2935 (Elgg through 1.7.10 has XSS ...) - elgg <itp> (bug #526197) CVE-2011-2934 RESERVED @@ -6370,8 +6365,7 @@ CVE-2011-2898 (net/packet/af_packet.c in the Linux kernel before 2.6.39.3 does n {DSA-2389-1} - linux-2.6 3.0.0-1 [lenny] - linux-2.6 <not-affected> (introduced in 2.6.27) -CVE-2011-2897 - RESERVED +CVE-2011-2897 (gdk-pixbuf through 2.31.1 has GIF loader buffer overflow when initiali ...) - gdk-pixbuf <not-affected> (This only applies to the old standalone copy shipped until Lenny) CVE-2011-2896 (The LZW decompressor in the LWZReadByte function in giftoppm.c in the ...) {DSA-2426-1 DSA-2354-1} |