[Secure-testing-commits] r15710 - data/CVE

Joey Hess joeyh at alioth.debian.org
Wed Dec 15 21:14:47 UTC 2010 

Author: joeyh
Date: 2010-12-15 21:14:46 +0000 (Wed, 15 Dec 2010)
New Revision: 15710

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2010-12-14 19:44:57 UTC (rev 15709)
+++ data/CVE/list	2010-12-15 21:14:46 UTC (rev 15710)
@@ -459,52 +459,52 @@
 	NOT-FOR-US: DynPG
 CVE-2010-4398 (Stack-based buffer overflow in the RtlQueryRegistryValues function in ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-4397
-	RESERVED
-CVE-2010-4396
-	RESERVED
-CVE-2010-4395
-	RESERVED
-CVE-2010-4394
-	RESERVED
+CVE-2010-4397 (Integer overflow in the pnen3260.dll module in RealNetworks RealPlayer ...)
+	TODO: check
+CVE-2010-4396 (Cross-zone scripting vulnerability in the HandleAction method in a ...)
+	TODO: check
+CVE-2010-4395 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...)
+	TODO: check
+CVE-2010-4394 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...)
+	TODO: check
 CVE-2010-4393
 	RESERVED
-CVE-2010-4392
-	RESERVED
-CVE-2010-4391
-	RESERVED
-CVE-2010-4390
-	RESERVED
-CVE-2010-4389
-	RESERVED
-CVE-2010-4388
-	RESERVED
-CVE-2010-4387
-	RESERVED
-CVE-2010-4386
-	RESERVED
-CVE-2010-4385
-	RESERVED
-CVE-2010-4384
-	RESERVED
-CVE-2010-4383
-	RESERVED
-CVE-2010-4382
-	RESERVED
-CVE-2010-4381
-	RESERVED
-CVE-2010-4380
-	RESERVED
-CVE-2010-4379
-	RESERVED
-CVE-2010-4378
-	RESERVED
-CVE-2010-4377
-	RESERVED
-CVE-2010-4376
-	RESERVED
-CVE-2010-4375
-	RESERVED
+CVE-2010-4392 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...)
+	TODO: check
+CVE-2010-4391 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...)
+	TODO: check
+CVE-2010-4390 (Multiple heap-based buffer overflows in RealNetworks RealPlayer 11.0 ...)
+	TODO: check
+CVE-2010-4389 (Heap-based buffer overflow in the cook codec in RealNetworks ...)
+	TODO: check
+CVE-2010-4388 (The (1) Upsell.htm, (2) Main.html, and (3) Custsupport.html components ...)
+	TODO: check
+CVE-2010-4387 (The RealAudio codec in RealNetworks RealPlayer 11.0 through 11.1, ...)
+	TODO: check
+CVE-2010-4386 (RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through ...)
+	TODO: check
+CVE-2010-4385 (Integer overflow in RealNetworks RealPlayer 11.0 through 11.1, ...)
+	TODO: check
+CVE-2010-4384 (Array index error in RealNetworks RealPlayer 11.0 through 11.1, ...)
+	TODO: check
+CVE-2010-4383 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...)
+	TODO: check
+CVE-2010-4382 (Multiple heap-based buffer overflows in RealNetworks RealPlayer 11.0 ...)
+	TODO: check
+CVE-2010-4381 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...)
+	TODO: check
+CVE-2010-4380 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...)
+	TODO: check
+CVE-2010-4379 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...)
+	TODO: check
+CVE-2010-4378 (The drv2.dll (aka RV20 decompression) module in RealNetworks ...)
+	TODO: check
+CVE-2010-4377 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...)
+	TODO: check
+CVE-2010-4376 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...)
+	TODO: check
+CVE-2010-4375 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...)
+	TODO: check
 CVE-2010-4374 (The in_mkv plugin in Winamp before 5.6 allows remote attackers to ...)
 	NOT-FOR-US: Winamp
 CVE-2010-4373 (The in_mp4 plugin in Winamp before 5.6 allows remote attackers to ...)
@@ -586,11 +586,9 @@
 CVE-2010-4346 [linux: install_special_mapping skips security_file_mmap check]
 	RESERVED
 	- linux-2.6 <unfixed>
-CVE-2010-4345
-	RESERVED
+CVE-2010-4345 (Exim 4.72 and earlier allows local users to gain privileges by ...)
 	- exim4 <unfixed> (bug #606612)
-CVE-2010-4344
-	RESERVED
+CVE-2010-4344 (Heap-based buffer overflow in the string_vformat function in string.c ...)
 	{DSA-2131-1}
 	- exim4 4.70-1 (bug #606612)
 CVE-2010-4343 [linux: bfa driver sysfs crash]
@@ -4165,12 +4163,12 @@
 	NOT-FOR-US: Internet Explorer
 CVE-2010-3000 (Multiple integer overflows in the ParseKnownType function in ...)
 	NOT-FOR-US: RealPlayer
-CVE-2010-2999
-	RESERVED
+CVE-2010-2999 (Integer overflow in RealNetworks RealPlayer 11.0 through 11.1, ...)
+	TODO: check
 CVE-2010-2998 (Array index error in RealNetworks RealPlayer 11.0 through 11.1 and ...)
 	NOT-FOR-US: RealNetworks RealPlayer
-CVE-2010-2997
-	RESERVED
+CVE-2010-2997 (Use-after-free vulnerability in RealNetworks RealPlayer 11.0 through ...)
+	TODO: check
 CVE-2010-2996 (Array index error in RealNetworks RealPlayer 11.0 through 11.1 on ...)
 	NOT-FOR-US: RealPlayer
 CVE-2010-2991 (The IICAClient interface in the ICAClient library in the ICA Client ...)
@@ -5316,8 +5314,8 @@
 	NOT-FOR-US: Adobe Shockwave Player
 CVE-2010-2580 (The SMTP service (MESMTPC.exe) in MailEnable 3.x and 4.25 does not ...)
 	NOT-FOR-US: MailEnable
-CVE-2010-2579
-	RESERVED
+CVE-2010-2579 (The cook codec in RealNetworks RealPlayer 11.0 through 11.1, ...)
+	TODO: check
 CVE-2010-2578 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...)
 	NOT-FOR-US: RealNetworks RealPlayer
 CVE-2010-2577 (Multiple SQL injection vulnerabilities in Pligg before 1.1.1 allow ...)
@@ -12526,16 +12524,16 @@
 	NOT-FOR-US: Adobe Shockwave Player
 CVE-2010-0126 (Heap-based buffer overflow in an unspecified library in Autonomy ...)
 	NOT-FOR-US: Autonomy KeyView
-CVE-2010-0125
-	RESERVED
+CVE-2010-0125 (RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through ...)
+	TODO: check
 CVE-2010-0124 (Employee Timeclock Software 0.99 places the database password on the ...)
 	NOT-FOR-US: Employee Timeclock Software
 CVE-2010-0123 (The database backup implementation in Employee Timeclock Software 0.99 ...)
 	NOT-FOR-US: Employee Timeclock Software
 CVE-2010-0122 (Multiple SQL injection vulnerabilities in Employee Timeclock Software ...)
 	NOT-FOR-US: Employee Timeclock Software
-CVE-2010-0121
-	RESERVED
+CVE-2010-0121 (The cook codec in RealNetworks RealPlayer 11.0 through 11.1, ...)
+	TODO: check
 CVE-2010-0120 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...)
 	NOT-FOR-US: RealPlayer
 CVE-2010-0119 (Bournal before 1.4.1 on FreeBSD 8.0, when the -K option is used, ...)

More information about the Secure-testing-commits mailing list