[Secure-testing-commits] r13821 - data/CVE
Raphael Geissert
geissert at alioth.debian.org
Fri Jan 15 03:32:11 UTC 2010
Author: geissert
Date: 2010-01-15 03:32:08 +0000 (Fri, 15 Jan 2010)
New Revision: 13821
Modified:
data/CVE/list
Log:
lib3ds issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-01-14 21:41:13 UTC (rev 13820)
+++ data/CVE/list 2010-01-15 03:32:08 UTC (rev 13821)
@@ -71,8 +71,13 @@
RESERVED
CVE-2010-0281
RESERVED
-CVE-2010-0280
+CVE-2010-0280 [lib3ds memory corruption]
RESERVED
+ - lib3ds <unfixed> (medium)
+ NOTE: http://www.coresecurity.com/content/google-sketchup-vulnerability
+ TODO: check affected versions and file bug
+ NOTE: issue was published saying it affects google sketchup,
+ NOTE: but the vulnerable code is in lib3ds
CVE-2010-0279 (Unrestricted file upload vulnerability in upload.php in BTS-GI Read ...)
NOT-FOR-US: BTS-GI Read excel
CVE-2010-0278 (A certain ActiveX control in msgsc.14.0.8089.726.dll in Microsoft ...)
More information about the Secure-testing-commits
mailing list