[Secure-testing-commits] r15674 - data/CVE

Joey Hess joeyh at alioth.debian.org
Thu Dec 9 21:14:28 UTC 2010 

Author: joeyh
Date: 2010-12-09 21:14:28 +0000 (Thu, 09 Dec 2010)
New Revision: 15674

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2010-12-09 19:45:30 UTC (rev 15673)
+++ data/CVE/list	2010-12-09 21:14:28 UTC (rev 15674)
@@ -1,3 +1,19 @@
+CVE-2010-4507
+	RESERVED
+CVE-2010-4506
+	RESERVED
+CVE-2010-4505 (Multiple SQL injection vulnerabilities in login.php in Injader 2.4.4, ...)
+	TODO: check
+CVE-2010-4504 (Multiple cross-site scripting (XSS) vulnerabilities in eSyndiCat ...)
+	TODO: check
+CVE-2010-4503 (SQL injection vulnerability in indexlight.php in Aigaion 1.3.4 allows ...)
+	TODO: check
+CVE-2010-4502 (Integer overflow in KmxSbx.sys 6.2.0.22 in CA Internet Security Suite ...)
+	TODO: check
+CVE-2010-4501 (IO::Socket::SSL Perl module 1.35, when verify_mode is not VERIFY_NONE, ...)
+	TODO: check
+CVE-2010-4500 (Multiple SQL injection vulnerabilities in contact.php in MRCGIGUY ...)
+	TODO: check
 CVE-2010-XXXX
 	- puppet 2.6.2-3
 CVE-2011-0025
@@ -101,8 +117,8 @@
 	- webkit <undetermined>
 CVE-2010-4481
 	RESERVED
-CVE-2010-4480
-	RESERVED
+CVE-2010-4480 (error.php in PhpMyAdmin 3.3.8.1 and earlier allows remote attackers to ...)
+	TODO: check
 CVE-2010-4510
 	REJECTED
 CVE-2010-4479 (Unspecified vulnerability in pdf.c in libclamav in ClamAV before ...)
@@ -1000,10 +1016,10 @@
 	RESERVED
 CVE-2010-4110
 	RESERVED
-CVE-2010-4109
-	RESERVED
-CVE-2010-4108
-	RESERVED
+CVE-2010-4109 (Cross-site scripting (XSS) vulnerability in the Contacts Application ...)
+	TODO: check
+CVE-2010-4108 (HP HP-UX B.11.11, B.11.23, and B.11.31 does not properly support ...)
+	TODO: check
 CVE-2010-4107 (The default configuration of the PJL Access value in the File System ...)
 	NOT-FOR-US: HP LaserJet
 CVE-2010-4106 (Cross-site request forgery (CSRF) vulnerability in HP Insight Control ...)
@@ -1230,8 +1246,8 @@
 	RESERVED
 CVE-2010-4013
 	RESERVED
-CVE-2010-4012
-	RESERVED
+CVE-2010-4012 (Race condition in Apple iOS 4.0 through 4.1 for iPhone 3G and later ...)
+	TODO: check
 CVE-2010-4011 (Dovecot in Apple Mac OS X 10.6.5 10H574 does not properly manage ...)
 	NOT-FOR-US: Dovecot in Apple Mac OS X
 CVE-2010-4010 (Integer signedness error in Apple Type Services (ATS) in Apple Mac OS ...)
@@ -1445,8 +1461,8 @@
 	RESERVED
 CVE-2010-3921
 	RESERVED
-CVE-2010-3920
-	RESERVED
+CVE-2010-3920 (The Seiko Epson printer driver installers for LP-S9000 before 4.1.11 ...)
+	TODO: check
 CVE-2010-3919
 	RESERVED
 CVE-2010-3918
@@ -1587,8 +1603,7 @@
 	RESERVED
 	- linux-2.6 2.6.32-29
 	[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.27)
-CVE-2010-3860
-	RESERVED
+CVE-2010-3860 (IcedTea before 1.9.2, as based on OpenJDK 6, declares multiple ...)
 	- openjdk-6 6b18-1.8.3-1
 CVE-2010-3859
 	RESERVED
@@ -2029,8 +2044,7 @@
 	NOT-FOR-US: Red Hat Enterprise MRG
 CVE-2010-3700 (VMware SpringSource Spring Security 2.x before 2.0.6 and 3.x before ...)
 	NOT-FOR-US: VMware SpringSource Spring Security
-CVE-2010-3699 [linux guest->host denial of service from invalid xenbus transitions]
-	RESERVED
+CVE-2010-3699 (The backend driver in Xen 3.x allows guest OS users to cause a denial ...)
 	- linux-2.6 <unfixed>
 CVE-2010-3698 (The KVM implementation in the Linux kernel before 2.6.36 does not ...)
 	- linux-2.6 2.6.32-28
@@ -2908,8 +2922,7 @@
 CVE-2010-3373
 	RESERVED
 	- paxtest 1:0.9.9-1 (unimportant; bug #598413)
-CVE-2010-3372 [nordugrid LD_LIBRARY_PATH]
-	RESERVED
+CVE-2010-3372 (Untrusted search path vulnerability in NorduGrid Advanced Resource ...)
 	- nordugrid-arc-nox <unfixed> (bug #606151)
 	NOTE: already fixed upstream; maintainer was aware already
 CVE-2010-3371
@@ -4431,8 +4444,8 @@
 	- moodle 1.9.9.dfsg2-2 (bug #601384)
 CVE-2010-2794 (The SPICE (aka spice-xpi) plug-in 2.2 for Firefox allows local users ...)
 	NOT-FOR-US: SPICE plugin for Firefox
-CVE-2010-2793
-	RESERVED
+CVE-2010-2793 (Race condition in the SPICE (aka spice-activex) plug-in for Internet ...)
+	TODO: check
 CVE-2010-2792 (Race condition in the SPICE (aka spice-xpi) plug-in 2.2 for Firefox ...)
 	NOT-FOR-US: SPICE plugin for Firefox
 CVE-2010-2791 (mod_proxy in httpd in Apache HTTP Server 2.2.9, when running on Unix, ...)

More information about the Secure-testing-commits mailing list