[Secure-testing-commits] r14074 - data/CVE

Wed Feb 10 21:14:28 UTC 2010

Author: joeyh
Date: 2010-02-10 21:14:24 +0000 (Wed, 10 Feb 2010)
New Revision: 14074

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2010-02-10 15:50:23 UTC (rev 14073)
+++ data/CVE/list	2010-02-10 21:14:24 UTC (rev 14074)
@@ -1,3 +1,25 @@
+CVE-2010-0564 (Buffer overflow in Trend Micro URL Filtering Engine (TMUFE) in ...)
+	TODO: check
+CVE-2009-4640 (Array index error in vorbis_dec.c in FFmpeg 0.5 allows remote ...)
+	TODO: check
+CVE-2009-4639 (The av_rescale_rnd function in the AVI demuxer in FFmpeg 0.5 allows ...)
+	TODO: check
+CVE-2009-4638 (Integer overflow in FFmpeg 0.5 allows remote attackers to cause a ...)
+	TODO: check
+CVE-2009-4637 (FFmpeg 0.5 allows remote attackers to cause a denial of service ...)
+	TODO: check
+CVE-2009-4636 (FFmpeg 0.5 allows remote attackers to cause a denial of service (hang) ...)
+	TODO: check
+CVE-2009-4635 (FFmpeg 0.5 allows remote attackers to cause a denial of service and ...)
+	TODO: check
+CVE-2009-4634 (Multiple integer underflows in FFmpeg 0.5 allow remote attackers to ...)
+	TODO: check
+CVE-2009-4633 (vorbis_dec.c in FFmpeg 0.5 uses an assignment operator when a ...)
+	TODO: check
+CVE-2009-4632 (oggparsevorbis.c in FFmpeg 0.5 does not properly perform certain ...)
+	TODO: check
+CVE-2009-4631 (Off-by-one error in the VP3 decoder (vp3.c) in FFmpeg 0.5 allows ...)
+	TODO: check
 CVE-2010-0563 (The Single Sign-on (SSO) functionality in IBM WebSphere Application ...)
 	TODO: check
 CVE-2010-0562 (The sdump function in sdump.c in fetchmail 6.3.11, 6.3.12, and 6.3.13, ...)
@@ -280,8 +302,8 @@
 	RESERVED
 CVE-2010-0445
 	RESERVED
-CVE-2010-0444
-	RESERVED
+CVE-2010-0444 (HP Operations Agent 8.51, 8.52, 8.53, and 8.60 on Solaris 10 uses a ...)
+	TODO: check
 CVE-2010-0443 (Unspecified vulnerability in Record Management Services (RMS) before ...)
 	NOT-FOR-US: HP OpenVMS
 CVE-2010-0441 (Asterisk Open Source 1.6.0.x before 1.6.0.22, 1.6.1.x before 1.6.1.14, ...)
@@ -292,8 +314,7 @@
 	NOT-FOR-US: Cisco Secure Desktop
 CVE-2010-0439
 	RESERVED
-CVE-2010-0438 [OTRS SQL injection]
-	RESERVED
+CVE-2010-0438 (Multiple SQL injection vulnerabilities in Kernel/System/Ticket.pm in ...)
 	- otrs <not-affected> (vulnerable code not present)
 	[etch] - otrs2 <not-affected> (vulnerable code not present)
 	- otrs2 2.4.7-1 (medium)
@@ -395,8 +416,7 @@
 	RESERVED
 CVE-2010-0395
 	RESERVED
-CVE-2010-0394 [Debian-specific shell command injection in trac-git]
-	RESERVED
+CVE-2010-0394 (PyGIT.py in the Trac Git plugin (trac-git) before ...)
 	{DSA-1990-2 DSA-1990-1}
 	- trac-git 0.0.20090320-1 (high; bug #567039)
 CVE-2010-0393
@@ -41905,7 +41925,7 @@
 	- linux-2.6 2.6.22-1
 	NOTE: Fixed in commit 202a03acf9994076055df40ae093a5c5474ad0bd in
 	NOTE: Linus' tree.
-CVE-2007-2524 (Cross-site scripting (XSS) vulnerability in index.pl in OTRS (Open ...)
+CVE-2007-2524 (Cross-site scripting (XSS) vulnerability in index.pl in Open Ticket ...)
 	{DSA-1298-1}
 	- otrs2 2.1.1-1 (bug #423524)
 	NOTE: 2.1 and 2.2 are not affected, so recording earliest 2.1 version as fix


