[Secure-testing-commits] r14469 - data/CVE

Joey Hess joeyh at alioth.debian.org
Tue Apr 13 21:14:48 UTC 2010 

Author: joeyh
Date: 2010-04-13 21:14:45 +0000 (Tue, 13 Apr 2010)
New Revision: 14469

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2010-04-13 02:21:28 UTC (rev 14468)
+++ data/CVE/list	2010-04-13 21:14:45 UTC (rev 14469)
@@ -1,3 +1,19 @@
+CVE-2010-1354 (Directory traversal vulnerability in the VJDEO (com_vjdeo) component ...)
+	TODO: check
+CVE-2010-1353 (Directory traversal vulnerability in the LoginBox Pro (com_loginbox) ...)
+	TODO: check
+CVE-2010-1352 (Directory traversal vulnerability in the JOOFORGE Jutebox ...)
+	TODO: check
+CVE-2010-1351 (Multiple PHP remote file inclusion vulnerabilities in Nodesforum 1.033 ...)
+	TODO: check
+CVE-2010-1350 (SQL injection vulnerability in the JP Jobs (com_jp_jobs) component ...)
+	TODO: check
+CVE-2010-1349 (Integer overflow in Opera 10.10 through 10.50 allows remote attackers ...)
+	TODO: check
+CVE-2010-1348 (Unspecified vulnerability in the login process in IBM WebSphere Portal ...)
+	TODO: check
+CVE-2010-1347 (Director Agent 6.1 before 6.1.2.3 in IBM Systems Director on AIX and ...)
+	TODO: check
 CVE-2010-1346 (SQL injection vulnerability in admin/login.php in Mini CMS RibaFS 1.0, ...)
 	NOT-FOR-US: Mini CMS RibaFS
 CVE-2010-1345 (Directory traversal vulnerability in the Cookex Agency CKForms ...)
@@ -483,25 +499,22 @@
 	RESERVED
 CVE-2010-1153
 	RESERVED
-CVE-2010-1152
-	RESERVED
+CVE-2010-1152 (memcached.c in memcached before 1.4.3 allows remote attackers to cause ...)
+	TODO: check
 CVE-2010-1151
 	RESERVED
 CVE-2010-1150 [mediawiki CRSF]
 	RESERVED
 	- mediawiki <unfixed> (low)
 	NOTE: Maintainer is aware: http://blog.rastageeks.org/spip.php?article62
-CVE-2010-1149 [udisks information disclosure]
-	RESERVED
+CVE-2010-1149 (probers/udisks-dm-export.c in udisks before 1.0.1 exports ...)
 	- udisks 1.0.1-1 (medium; bug #576687)
-CVE-2010-1148 [linux-2.6: cifs null ptr dereference]
-	RESERVED
+CVE-2010-1148 (The cifs_create function in fs/cifs/dir.c in the Linux kernel 2.6.33.2 ...)
 	- linux-2.6 <unfixed>
 	[lenny] - linux-2.6 <not-affected> (vulnerable code not yet present)
 CVE-2010-1147 (Stack-based buffer overflow in Open Direct Connect Hub (aka Open DC ...)
 	- opendchub <unfixed> (bug #576308)
-CVE-2010-1146 [linux-2.6: reiserfs privilege escalation]
-	RESERVED
+CVE-2010-1146 (The Linux kernel 2.6.33.2 and earlier, when a ReiserFS filesystem ...)
 	- linux-2.6 <unfixed>
 	[lenny] - linux-2.6 <not-affected> (vulnerability introduced in 2.6.30)
 CVE-2010-1145
@@ -512,16 +525,16 @@
 	NOTE: dsniff is the only software in Debian using this lib so the impact is pretty minor
 CVE-2010-1143
 	RESERVED
-CVE-2010-1142
-	RESERVED
-CVE-2010-1141
-	RESERVED
-CVE-2010-1140
-	RESERVED
-CVE-2010-1139
-	RESERVED
-CVE-2010-1138
-	RESERVED
+CVE-2010-1142 (VMware Tools in VMware Workstation 6.5.x before 6.5.4 build 246459; ...)
+	TODO: check
+CVE-2010-1141 (VMware Tools in VMware Workstation 6.5.x before 6.5.4 build 246459; ...)
+	TODO: check
+CVE-2010-1140 (The USB service in VMware Workstation 7.0 before 7.0.1 build 227600 ...)
+	TODO: check
+CVE-2010-1139 (Format string vulnerability in vmrun in VMware VIX API 1.6.x, VMware ...)
+	TODO: check
+CVE-2010-1138 (The virtual networking stack in VMware Workstation 7.0 before 7.0.1 ...)
+	TODO: check
 CVE-2010-1137 (Cross-site scripting (XSS) vulnerability in WebAccess in VMware ...)
 	NOT-FOR-US: VMware Server
 CVE-2009-4762 (MoinMoin 1.7.x before 1.7.3 and 1.8.x before 1.8.3 checks parent ACLs ...)
@@ -1710,8 +1723,7 @@
 	- tgt <unfixed> (medium; bug #576086) 
 CVE-2010-0742
 	RESERVED
-CVE-2010-0741 [linux-2.6: virtio dos]
-	RESERVED
+CVE-2010-0741 (The virtio_net_bad_features function in hw/virtio-net.c in the ...)
 	- linux-2.6 2.6.26-1
 CVE-2010-0740 (The ssl3_get_record function in ssl/s3_pkt.c in OpenSSL 0.9.8f through ...)
 	- openssl 0.9.8n-1 (medium; bug #575607)
@@ -6160,8 +6172,8 @@
 	- mandos 1.0.13-1 (bug #551907)
 CVE-2009-3733 (Directory traversal vulnerability in VMware Server 1.x before 1.0.10 ...)
 	- vmware-package <removed>
-CVE-2009-3732
-	RESERVED
+CVE-2009-3732 (Format string vulnerability in vmware-vmrc.exe build 158248 in VMware ...)
+	TODO: check
 CVE-2009-3731 (Multiple cross-site scripting (XSS) vulnerabilities in WebWorks Help ...)
 	NOT-FOR-US: WebWorks Help
 CVE-2009-3730 (Multiple cross-site scripting (XSS) vulnerabilities in the ReqWeb Help ...)
@@ -6290,7 +6302,7 @@
 	NOT-FOR-US: Konae Technologies Alleycode HTML Editor
 CVE-2009-3708 (Stack-based buffer overflow in the Meta Content Optimizer in Konae ...)
 	NOT-FOR-US: Konae Technologies Alleycode HTML Editor
-CVE-2009-3707 (VMware Authentication Daemon 1.0 in vmware-authd.exe 6.5.3.8888 in the ...)
+CVE-2009-3707 (VMware Authentication Daemon 1.0 in vmware-authd.exe in the VMware ...)
 	NOT-FOR-US: VMware
 CVE-2009-3706 (Unspecified vulnerability in the ZFS filesystem in Sun Solaris 10, and ...)
 	NOT-FOR-US: ZFS filesystem in Sun Solaris
@@ -13097,10 +13109,10 @@
 	NOT-FOR-US: ActiveX
 CVE-2009-1566 (Integer overflow in Roxio Easy Media Creator 9.0.136, and Roxio ...)
 	NOT-FOR-US: Roxio Easy Media Creator
-CVE-2009-1565
-	RESERVED
-CVE-2009-1564
-	RESERVED
+CVE-2009-1565 (vmnc.dll in the VMnc media codec in VMware Movie Decoder before 6.5.4 ...)
+	TODO: check
+CVE-2009-1564 (Heap-based buffer overflow in vmnc.dll in the VMnc media codec in ...)
+	TODO: check
 CVE-2009-1563
 	REJECTED
 	NOTE: Tracked as CVE-2009-0689

More information about the Secure-testing-commits mailing list