[Secure-testing-commits] r15240 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Mon Aug 30 21:15:26 UTC 2010
Author: joeyh
Date: 2010-08-30 21:15:22 +0000 (Mon, 30 Aug 2010)
New Revision: 15240
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-08-30 18:49:30 UTC (rev 15239)
+++ data/CVE/list 2010-08-30 21:15:22 UTC (rev 15240)
@@ -1,104 +1,170 @@
-CVE-2010-3155
+CVE-2010-3185
+ RESERVED
+CVE-2010-3184
+ RESERVED
+CVE-2010-3183
+ RESERVED
+CVE-2010-3182
+ RESERVED
+CVE-2010-3181
+ RESERVED
+CVE-2010-3180
+ RESERVED
+CVE-2010-3179
+ RESERVED
+CVE-2010-3178
+ RESERVED
+CVE-2010-3177
+ RESERVED
+CVE-2010-3176
+ RESERVED
+CVE-2010-3175
+ RESERVED
+CVE-2010-3174
+ RESERVED
+CVE-2010-3173
+ RESERVED
+CVE-2010-3172
+ RESERVED
+CVE-2010-3171
+ RESERVED
+CVE-2010-3170
+ RESERVED
+CVE-2010-3169
+ RESERVED
+CVE-2010-3168
+ RESERVED
+CVE-2010-3167
+ RESERVED
+CVE-2010-3166
+ RESERVED
+CVE-2010-3165
+ RESERVED
+CVE-2010-3164
+ RESERVED
+CVE-2010-3163
+ RESERVED
+CVE-2010-3162
+ RESERVED
+CVE-2010-3161
+ RESERVED
+CVE-2010-3160
+ RESERVED
+CVE-2010-3159
+ RESERVED
+CVE-2010-3158
+ RESERVED
+CVE-2010-3157
+ RESERVED
+CVE-2010-3156
+ RESERVED
+CVE-2010-3133 (Untrusted search path vulnerability in Wireshark 1.2.10 and earlier ...)
+ TODO: check
+CVE-2010-3131 (Untrusted search path vulnerability in Mozilla Firefox 3.6.8 and ...)
+ TODO: check
+CVE-2010-3123
+ RESERVED
+CVE-2010-3155 (Untrusted search path vulnerability in Adobe ExtendScript Toolkit ...)
NOT-FOR-US: Adobe ExtendedScript Toolkit
-CVE-2010-3154
+CVE-2010-3154 (Untrusted search path vulnerability in Adobe Extension Manager CS5 ...)
NOT-FOR-US: Adobe Extension Manager
-CVE-2010-3153
+CVE-2010-3153 (Untrusted search path vulnerability in Adobe InDesign CS4 6.0 allows ...)
NOT-FOR-US: Adobe InDesign
-CVE-2010-3152
+CVE-2010-3152 (Untrusted search path vulnerability in Adobe Illustrator CS4 14.0.0, ...)
NOT-FOR-US: Adobe Illustrator
-CVE-2010-3151
+CVE-2010-3151 (Untrusted search path vulnerability in Adobe On Location CS4 Build 315 ...)
NOT-FOR-US: Adobe On Location
-CVE-2010-3150
+CVE-2010-3150 (Untrusted search path vulnerability in Adobe Premier Pro CS4 4.0.0 ...)
NOT-FOR-US: Adobe Premier Pro
-CVE-2010-3149
+CVE-2010-3149 (Untrusted search path vulnerability in Adobe Device Central CS5 ...)
NOT-FOR-US: Adobe Device Central
-CVE-2010-3148
+CVE-2010-3148 (Untrusted search path vulnerability in Microsoft Visio 2003 allows ...)
NOT-FOR-US: Microsoft Visio
-CVE-2010-3147
+CVE-2010-3147 (Untrusted search path vulnerability in Microsoft Address Book ...)
NOT-FOR-US: Microsoft Address Book
-CVE-2010-3146
+CVE-2010-3146 (Untrusted search path vulnerability in Microsoft Office Groove 2007 ...)
NOT-FOR-US: Microsoft Office Groove
-CVE-2010-3145
+CVE-2010-3145 (Untrusted search path vulnerability in the Microsoft Vista BitLocker ...)
NOT-FOR-US: Microsoft Vista BitLocker
-CVE-2010-3144
+CVE-2010-3144 (Untrusted search path vulnerability in Microsoft Internet Connection ...)
NOT-FOR-US: Microsoft Internet Connection Signup Wizard
-CVE-2010-3143
+CVE-2010-3143 (Untrusted search path vulnerability in Microsoft Windows Contacts ...)
NOT-FOR-US: Microsoft Windows Contacts
-CVE-2010-3142
+CVE-2010-3142 (Untrusted search path vulnerability in Microsoft Office PowerPoint ...)
NOT-FOR-US: Microsoft Office PowerPoint
-CVE-2010-3141
+CVE-2010-3141 (Untrusted search path vulnerability in Microsoft Power Point 2010 ...)
NOT-FOR-US: Microsoft Power Point
-CVE-2010-3140
+CVE-2010-3140 (Untrusted search path vulnerability in Microsoft Windows Internet ...)
NOT-FOR-US: Microsoft Windows Internet Communication Settings
-CVE-2010-3139
+CVE-2010-3139 (Untrusted search path vulnerability in Microsoft Windows Progman Group ...)
NOT-FOR-US: Microsoft Windows Progman Group Converter
-CVE-2010-3138
+CVE-2010-3138 (Untrusted search path vulnerability in the Indeo filter (iac25_32.ax) ...)
NOT-FOR-US: Microsoft Windows Media Player
-CVE-2010-3137
+CVE-2010-3137 (Untrusted search path vulnerability in Nullsoft Winamp 5.581, and ...)
NOT-FOR-US: Nullsoft Winamp
-CVE-2010-3136
+CVE-2010-3136 (Untrusted search path vulnerability in Skype 4.2.0.169 and earlier ...)
NOT-FOR-US: Skype
-CVE-2010-3135
+CVE-2010-3135 (Untrusted search path vulnerability in Cisco Packet Tracer 5.2 allows ...)
NOT-FOR-US: Cisco Packet Tracer
-CVE-2010-3134
+CVE-2010-3134 (Untrusted search path vulnerability in Google Earth 5.1.3535.3218 ...)
NOT-FOR-US: Google Earth
-CVE-2010-3132
+CVE-2010-3132 (Untrusted search path vulnerability in Adobe Dreamweaver CS5 11.0 ...)
NOT-FOR-US: Adobe Dreamweaver
-CVE-2010-3130
+CVE-2010-3130 (Untrusted search path vulnerability in TechSmith Snagit 10 (Build 788) ...)
NOT-FOR-US: TechSmith Snagit
-CVE-2010-3129
+CVE-2010-3129 (Untrusted search path vulnerability in uTorrent 2.0.3 and earlier ...)
NOT-FOR-US: uTorrent
-CVE-2010-3128
+CVE-2010-3128 (Untrusted search path vulnerability in TeamViewer 5.0.8703 and earlier ...)
NOT-FOR-US: TeamViewer
-CVE-2010-3127
+CVE-2010-3127 (Untrusted search path vulnerability in Adobe PhotoShop CS2 through CS5 ...)
NOT-FOR-US: Adobe PhotoShop
-CVE-2010-3126
+CVE-2010-3126 (Untrusted search path vulnerability in avast! Free Antivirus version ...)
NOT-FOR-US: avast! Free Antivirus version
-CVE-2010-3125
+CVE-2010-3125 (Untrusted search path vulnerability in TeamMate Audit Management ...)
NOT-FOR-US: TeamMate Audit Management Software Suite
-CVE-2010-3122
+CVE-2010-3122 (The DevonIT thin-client management tool relies on a shared secret for ...)
NOT-FOR-US: DevonIT thin-client management tool
-CVE-2010-3121
+CVE-2010-3121 (Buffer overflow in tm-console-bin in the DevonIT thin-client ...)
NOT-FOR-US: DevonIT thin-client management tool
-CVE-2009-4995
+CVE-2009-4995 (Cross-site scripting (XSS) vulnerability in frmTickets.aspx in ...)
NOT-FOR-US: SmarterTools SmarterTrack
-CVE-2009-4994
+CVE-2009-4994 (Cross-site scripting (XSS) vulnerability in frmKBSearch.aspx in ...)
NOT-FOR-US: SmarterTools SmarterTrack
-CVE-2009-4993
+CVE-2009-4993 (PHP remote file inclusion vulnerability in home.php in LM Starmail ...)
NOT-FOR-US: LM Starmail Paidmail
-CVE-2009-4992
+CVE-2009-4992 (SQL injection vulnerability in paidbanner.php in LM Starmail Paidmail ...)
NOT-FOR-US: LM Starmail Paidmail
-CVE-2009-4991
+CVE-2009-4991 (Cross-site scripting (XSS) vulnerability in users/resume_register.php ...)
NOT-FOR-US: Omnistar Recruiting
-CVE-2009-4990
+CVE-2009-4990 (Cross-site scripting (XSS) vulnerability in the Webform report module ...)
NOT-FOR-US: Webform report module for Drupal
-CVE-2009-4989
+CVE-2009-4989 (Cross-site scripting (XSS) vulnerability in index.php in AJ Auction ...)
NOT-FOR-US: AJ Auction Pro OOPD
-CVE-2009-4988
+CVE-2009-4988 (Stack-based buffer overflow in NT_Naming_Service.exe in SAP Business ...)
NOT-FOR-US: SAP Business One
-CVE-2009-4987
+CVE-2009-4987 (admin/header.php in Scripteen Free Image Hosting Script 2.3 allows ...)
NOT-FOR-US: Scripteen Free Image Hosting Script
-CVE-2009-4986
+CVE-2009-4986 (Directory traversal vulnerability in index.php in In-Portal 4.3.1, ...)
NOT-FOR-US: In-Portal
-CVE-2009-4985
+CVE-2009-4985 (SQL injection vulnerability in browse.php in Accessories Me PHP ...)
NOT-FOR-US: Accessories Me PHP Affiliate Script
-CVE-2009-4984
+CVE-2009-4984 (Multiple cross-site scripting (XSS) vulnerabilities in Accessories Me ...)
NOT-FOR-US: Accessories Me PHP Affiliate Script
-CVE-2009-4983
+CVE-2009-4983 (Multiple cross-site scripting (XSS) vulnerabilities in Silurus ...)
NOT-FOR-US: Silurus Classifieds
-CVE-2009-4982
+CVE-2009-4982 (SQL injection vulnerability in the select function in Irokez CMS ...)
NOT-FOR-US: Irokez CMS
-CVE-2009-4981
+CVE-2009-4981 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
NOT-FOR-US: Photokorn Gallery
-CVE-2009-4980
+CVE-2009-4980 (Multiple cross-site scripting (XSS) vulnerabilities in Photokorn ...)
NOT-FOR-US: Photokorn Gallery
-CVE-2009-4979
+CVE-2009-4979 (Multiple SQL injection vulnerabilities in search.php in Photokorn ...)
NOT-FOR-US: Photokorn Gallery
-CVE-2009-4978
+CVE-2009-4978 (Directory traversal vulnerability in down.php in MyBackup 1.4.0 allows ...)
NOT-FOR-US: MyBackup
-CVE-2009-4977
+CVE-2009-4977 (PHP remote file inclusion vulnerability in index.php in MyBackup 1.4.0 ...)
NOT-FOR-US: MyBackup
-CVE-2010-3124 [DLL issue and VLC]
+CVE-2010-3124 (Untrusted search path vulnerability in bin/winvlc.c in VLC Media ...)
- vlc <not-affected> (Windows specific vulnerability)
CVE-2010-3120 (Google Chrome before 5.0.375.127 does not properly implement the ...)
- chromium-browser 5.0.375.127~r55887-1
@@ -526,16 +592,15 @@
RESERVED
- sssd 1.2.1-4 (bug #594413)
CVE-2010-2939 (Double free vulnerability in the ssl3_get_key_exchange function in the ...)
+ {DSA-2100-1}
- openssl 0.9.8o-2 (low; bug #594415)
CVE-2010-2938
RESERVED
CVE-2010-2937 (The ReadMetaFromId3v2 function in taglib.cpp in the TagLib plugin in ...)
- vlc 1.1.3-1
-CVE-2010-2936 [buffer overflow in impress]
- RESERVED
+CVE-2010-2936 (Integer overflow in simpress.bin in the Impress module in ...)
- openoffice.org 1:3.2.1-6
-CVE-2010-2935 [buffer overflow in impress]
- RESERVED
+CVE-2010-2935 (simpress.bin in the Impress module in OpenOffice.org (OOo) 3.2.1 on ...)
- openoffice.org 1:3.2.1-6
CVE-2010-2934 (Multiple unspecified vulnerabilities in ZNC 0.092 allow remote ...)
- znc <unfixed> (bug filed)
@@ -670,64 +735,45 @@
RESERVED
CVE-2010-2883
RESERVED
-CVE-2010-2882
- RESERVED
+CVE-2010-2882 (DIRAPI.dll in Adobe Shockwave Player before 11.5.8.612 does not ...)
NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2881
- RESERVED
+CVE-2010-2881 (IML32.dll in Adobe Shockwave Player before 11.5.8.612 does not ...)
NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2880
- RESERVED
+CVE-2010-2880 (DIRAPI.dll in Adobe Shockwave Player before 11.5.8.612 does not ...)
NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2879
- RESERVED
+CVE-2010-2879 (Multiple integer overflows in the allocator in the TextXtra.x32 module ...)
NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2878
- RESERVED
+CVE-2010-2878 (DIRAPIX.dll in Adobe Shockwave Player before 11.5.8.612 does not ...)
NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2877
- RESERVED
+CVE-2010-2877 (Adobe Shockwave Player before 11.5.8.612 does not properly validate a ...)
NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2876
- RESERVED
+CVE-2010-2876 (Adobe Shockwave Player before 11.5.8.612 does not properly validate ...)
NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2875
- RESERVED
+CVE-2010-2875 (Integer signedness error in Adobe Shockwave Player before 11.5.8.612 ...)
NOT-FOR-US: Adobe Shockwave Player
CVE-2010-2874
RESERVED
-CVE-2010-2873
- RESERVED
+CVE-2010-2873 (Adobe Shockwave Player before 11.5.8.612 does not properly validate ...)
NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2872
- RESERVED
+CVE-2010-2872 (Adobe Shockwave Player before 11.5.8.612 does not properly validate an ...)
NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2871
- RESERVED
+CVE-2010-2871 (Integer overflow in the 3D object functionality in Adobe Shockwave ...)
NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2870
- RESERVED
+CVE-2010-2870 (DIRAPIX.dll in Adobe Shockwave Player before 11.5.8.612 does not ...)
NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2869
- RESERVED
+CVE-2010-2869 (IML32.dll in Adobe Shockwave Player before 11.5.8.612 does not ...)
NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2868
- RESERVED
+CVE-2010-2868 (IML32.dll in Adobe Shockwave Player before 11.5.8.612 does not ...)
NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2867
- RESERVED
+CVE-2010-2867 (DIRAPIX.dll in Adobe Shockwave Player before 11.5.8.612 does not ...)
NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2866
- RESERVED
+CVE-2010-2866 (Integer signedness error in the DIRAPI module in Adobe Shockwave ...)
NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2865
- RESERVED
+CVE-2010-2865 (Unspecified vulnerability in Adobe Shockwave Player before 11.5.8.612 ...)
NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2864
- RESERVED
+CVE-2010-2864 (IML32.dll in Adobe Shockwave Player before 11.5.8.612 does not ...)
NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2863
- RESERVED
+CVE-2010-2863 (Adobe Shockwave Player before 11.5.8.612 allows attackers to cause a ...)
NOT-FOR-US: Adobe Shockwave Player
CVE-2010-2862 (Integer overflow in CoolType.dll in Adobe Reader 8.2.3 and 9.3.3, and ...)
NOT-FOR-US: Adobe Reader
@@ -811,17 +857,13 @@
RESERVED
CVE-2010-2841
RESERVED
-CVE-2010-2840
- RESERVED
+CVE-2010-2840 (The Presence Engine (PE) service in Cisco Unified Presence 6.x before ...)
NOT-FOR-US: Cisco
-CVE-2010-2839
- RESERVED
+CVE-2010-2839 (SIPD in Cisco Unified Presence 6.x before 6.0(7) and 7.x before 7.0(8) ...)
NOT-FOR-US: Cisco
-CVE-2010-2838
- RESERVED
+CVE-2010-2838 (The SendCombinedStatusInfo implementation in Cisco Unified ...)
NOT-FOR-US: Cisco
-CVE-2010-2837
- RESERVED
+CVE-2010-2837 (The SIPStationInit implementation in Cisco Unified Communications ...)
NOT-FOR-US: Cisco
CVE-2010-2836
RESERVED
@@ -1166,8 +1208,7 @@
NOTE: http://git.gnome.org/browse/vte/commit/?id=8b971a7b2c59902914ecbbc3915c45dd21530a91
CVE-2010-2712
RESERVED
-CVE-2010-2711
- RESERVED
+CVE-2010-2711 (Unspecified vulnerability in the HP MagCloud app before 1.0.5 for the ...)
NOT-FOR-US: HP MagCloud app
CVE-2010-2710 (Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) ...)
NOT-FOR-US: HP OpenView
@@ -2012,14 +2053,11 @@
RESERVED
CVE-2010-2363
RESERVED
-CVE-2010-2362
- RESERVED
+CVE-2010-2362 (Winny 2.0b7.1 and earlier does not properly process node information, ...)
NOT-FOR-US: Winny
-CVE-2010-2361
- RESERVED
+CVE-2010-2361 (Winny 2.0b7.1 and earlier does not properly process BBS information, ...)
NOT-FOR-US: Winny
-CVE-2010-2360
- RESERVED
+CVE-2010-2360 (Multiple buffer overflows in Winny 2.0b7.1 and earlier might allow ...)
NOT-FOR-US: Winny
CVE-2010-2359 (SQL injection vulnerability in eWebQuiz.asp in ActiveWebSoftwares.com ...)
NOT-FOR-US: eWebquiz
@@ -3449,8 +3487,7 @@
RESERVED
CVE-2010-1809
RESERVED
-CVE-2010-1808
- RESERVED
+CVE-2010-1808 (Stack-based buffer overflow in Apple Type Services (ATS) in Apple Mac ...)
NOT-FOR-US: Apple Mac OS X
CVE-2010-1807
RESERVED
@@ -3462,14 +3499,11 @@
RESERVED
CVE-2010-1803
RESERVED
-CVE-2010-1802
- RESERVED
+CVE-2010-1802 (libsecurity in Apple Mac OS X 10.5.8 and 10.6.4 does not properly ...)
NOT-FOR-US: Apple Mac OS X
-CVE-2010-1801
- RESERVED
+CVE-2010-1801 (Heap-based buffer overflow in CoreGraphics in Apple Mac OS X 10.5.8 ...)
NOT-FOR-US: CoreGraphics
-CVE-2010-1800
- RESERVED
+CVE-2010-1800 (CFNetwork in Apple Mac OS X 10.6.3 and 10.6.4 supports anonymous SSL ...)
NOT-FOR-US: CFNetwork
CVE-2010-1799 (Stack-based buffer overflow in the error-logging functionality in ...)
NOT-FOR-US: Apple QuickTime on Windows
@@ -11087,8 +11121,8 @@
NOT-FOR-US: IBM Rational AppScan Enterprise Edition
CVE-2009-3744 (rep_serv.exe 6.3.1.3 in the server in EMC RepliStor allows remote ...)
NOT-FOR-US: EMC RepliStor
-CVE-2009-3743
- RESERVED
+CVE-2009-3743 (Off-by-one error in the TrueType bytecode interpreter in Ghostscript ...)
+ TODO: check
CVE-2009-3742 (Cross-site scripting (XSS) vulnerability in Liferay Portal before ...)
NOT-FOR-US: Liferay Portal
CVE-2009-3741
@@ -13859,7 +13893,7 @@
CVE-2009-2942 (The mysql-ocaml bindings 1.0.4 for MySQL do not properly support the ...)
{DSA-1910-1}
- mysql-ocaml 1.0.4-7 (low)
-CVE-2009-2941
+CVE-2009-2941
RESERVED
CVE-2009-2940 (The pygresql module 3.8.1 and 4.0 for Python does not properly support ...)
{DSA-1911-1}
More information about the Secure-testing-commits
mailing list