[Secure-testing-commits] r15105 - data/CVE

Joey Hess joeyh at alioth.debian.org
Mon Aug 2 21:15:05 UTC 2010 

Author: joeyh
Date: 2010-08-02 21:15:04 +0000 (Mon, 02 Aug 2010)
New Revision: 15105

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2010-08-02 19:05:11 UTC (rev 15104)
+++ data/CVE/list	2010-08-02 21:15:04 UTC (rev 15105)
@@ -1,3 +1,29 @@
+CVE-2010-2926 (SQL injection vulnerability in index.php in sNews 1.7 allows remote ...)
+	TODO: check
+CVE-2010-2925 (SQL injection vulnerability in index.php in Freeway CMS 1.4.3.210 ...)
+	TODO: check
+CVE-2010-2924 (SQL injection vulnerability in myLDlinker.php in the myLinksDump ...)
+	TODO: check
+CVE-2010-2923 (SQL injection vulnerability in the YouTube (com_youtube) component 1.5 ...)
+	TODO: check
+CVE-2010-2922 (SQL injection vulnerability in default.asp in AKY Blog allows remote ...)
+	TODO: check
+CVE-2010-2921 (SQL injection vulnerability in the Golf Course Guide ...)
+	TODO: check
+CVE-2010-2920 (Directory traversal vulnerability in the Foobla Suggestions ...)
+	TODO: check
+CVE-2010-2919 (SQL injection vulnerability in the StaticXT (com_staticxt) component ...)
+	TODO: check
+CVE-2010-2918 (PHP remote file inclusion vulnerability in ...)
+	TODO: check
+CVE-2010-2917 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in AJ ...)
+	TODO: check
+CVE-2010-2916 (SQL injection vulnerability in news.php in AJ Square AJ HYIP MERIDIAN ...)
+	TODO: check
+CVE-2010-2915 (SQL injection vulnerability in welcome.php in AJ Square AJ HYIP PRIME ...)
+	TODO: check
+CVE-2010-2914 (Cross-site scripting (XSS) vulnerability in nessusd_www_server.nbin in ...)
+	TODO: check
 CVE-2010-2913 (The Citibank Citi Mobile app before 2.0.3 for iOS stores account data ...)
 	NOT-FOR-US: Citibank Citi Mobile app
 CVE-2010-2912 (SQL injection vulnerability in index.php in Kayako eSupport 3.70.02 ...)
@@ -433,20 +459,17 @@
 	- xulrunner 1.9.1.11-1
 	- iceape 2.0.6-1
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2010-2753
-	RESERVED
+CVE-2010-2753 (Integer overflow in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x ...)
 	{DSA-2075-1}
 	- xulrunner 1.9.1.11-1
 	- iceape 2.0.6-1
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2010-2752
-	RESERVED
+CVE-2010-2752 (Integer overflow in an array class in Mozilla Firefox 3.5.x before ...)
 	- xulrunner 1.9.1.11-1
 	[lenny] - xulrunner <not-affected> (Only affects 1.9.1 and above)
 	- iceape 2.0.6-1
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2010-2751
-	RESERVED
+CVE-2010-2751 (The nsDocShell::OnRedirectStateChange function in ...)
 	{DSA-2075-1}
 	- xulrunner 1.9.1.11-1
 	- iceape 2.0.6-1
@@ -1107,6 +1130,7 @@
 	- znc 0.090-2 (bug #584929)
 CVE-2010-2487 [moin XSS]
 	RESERVED
+	{DSA-2083-1}
 	- moin 1.9.3-1 (bug #584809)
 CVE-2010-2486
 	RESERVED
@@ -2830,44 +2854,44 @@
 	RESERVED
 CVE-2010-1797
 	RESERVED
-CVE-2010-1796
-	RESERVED
+CVE-2010-1796 (The AutoFill feature in Apple Safari before 5.0.1 on Mac OS X 10.5 ...)
+	TODO: check
 CVE-2010-1795
 	RESERVED
 CVE-2010-1794
 	RESERVED
-CVE-2010-1793
-	RESERVED
-CVE-2010-1792
-	RESERVED
-CVE-2010-1791
-	RESERVED
-CVE-2010-1790
-	RESERVED
-CVE-2010-1789
-	RESERVED
-CVE-2010-1788
-	RESERVED
-CVE-2010-1787
-	RESERVED
-CVE-2010-1786
-	RESERVED
-CVE-2010-1785
-	RESERVED
-CVE-2010-1784
-	RESERVED
-CVE-2010-1783
-	RESERVED
-CVE-2010-1782
-	RESERVED
+CVE-2010-1793 (Multiple use-after-free vulnerabilities in WebKit in Apple Safari ...)
+	TODO: check
+CVE-2010-1792 (WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and ...)
+	TODO: check
+CVE-2010-1791 (Integer signedness error in WebKit in Apple Safari before 5.0.1 on Mac ...)
+	TODO: check
+CVE-2010-1790 (WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and ...)
+	TODO: check
+CVE-2010-1789 (Heap-based buffer overflow in WebKit in Apple Safari before 5.0.1 on ...)
+	TODO: check
+CVE-2010-1788 (WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and ...)
+	TODO: check
+CVE-2010-1787 (WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and ...)
+	TODO: check
+CVE-2010-1786 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0.1 on ...)
+	TODO: check
+CVE-2010-1785 (WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and ...)
+	TODO: check
+CVE-2010-1784 (The counters functionality in the Cascading Style Sheets (CSS) ...)
+	TODO: check
+CVE-2010-1783 (WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and ...)
+	TODO: check
+CVE-2010-1782 (WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and ...)
+	TODO: check
 CVE-2010-1781
 	RESERVED
-CVE-2010-1780
-	RESERVED
+CVE-2010-1780 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0.1 on ...)
+	TODO: check
 CVE-2010-1779
 	RESERVED
-CVE-2010-1778
-	RESERVED
+CVE-2010-1778 (Cross-site scripting (XSS) vulnerability in Apple Safari before 5.0.1 ...)
+	TODO: check
 CVE-2010-1777 (Buffer overflow in Apple iTunes before 9.2.1 allows remote attackers ...)
 	TODO: check
 CVE-2010-1776
@@ -4595,46 +4619,39 @@
 	NOT-FOR-US: com_jeformcr component for Joomla!
 CVE-2010-1216 (PHP remote file inclusion vulnerability in templates/template.php in ...)
 	NOT-FOR-US: notsoPureEdit
-CVE-2010-1215
-	RESERVED
+CVE-2010-1215 (Mozilla Firefox 3.6.x before 3.6.7 and Thunderbird 3.1.x before 3.1.1 ...)
 	- xulrunner <not-affected> (Only affects Firefox 3.6.x and above)
-CVE-2010-1214
-	RESERVED
+CVE-2010-1214 (Integer overflow in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x ...)
 	{DSA-2075-1}
 	- xulrunner 1.9.1.11-1
 	- iceape 2.0.6-1
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2010-1213
-	RESERVED
+CVE-2010-1213 (The importScripts Web Worker method in Mozilla Firefox 3.5.x before ...)
 	- xulrunner 1.9.1.11-1
 	[lenny] - xulrunner <not-affected> (Only affects 1.9.1 and above)
 	- iceape 2.0.6-1
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2010-1212
-	RESERVED
+CVE-2010-1212 (js/src/jstracer.cpp in the browser engine in Mozilla Firefox 3.6.x ...)
 	- xulrunner <not-affected> (Only affects Firefox 3.6.x and above)
-CVE-2010-1211
-	RESERVED
+CVE-2010-1211 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
 	{DSA-2075-1}
 	- xulrunner 1.9.1.11-1
 	- iceape 2.0.6-1
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2010-1210
-	RESERVED
-CVE-2010-1209
-	RESERVED
+CVE-2010-1210 (intl/uconv/util/nsUnicodeDecodeHelper.cpp in Mozilla Firefox before ...)
+	TODO: check
+CVE-2010-1209 (Use-after-free vulnerability in the NodeIterator implementation in ...)
 	- xulrunner 1.9.1.11-1
 	[lenny] - xulrunner <not-affected> (Only affects 1.9.1 and above)
 	- iceape 2.0.6-1
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2010-1208
-	RESERVED
+CVE-2010-1208 (The attribute-cloning functionality in the DOM implementation in ...)
 	{DSA-2075-1}
 	- xulrunner 1.9.1.11-1
 	- iceape 2.0.6-1
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2010-1207
-	RESERVED
+CVE-2010-1207 (Mozilla Firefox before 3.6.7 and Thunderbird before 3.1.1 do not ...)
+	TODO: check
 CVE-2010-1206 (The startDocumentLoad function in browser/base/content/browser.js in ...)
 	- iceweasel 3.5.11-1
 	[lenny] - iceweasel <not-affected> (Vulnerable code not present)

More information about the Secure-testing-commits mailing list