[Secure-testing-commits] r13885 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Fri Jan 22 21:15:07 UTC 2010
Author: joeyh
Date: 2010-01-22 21:15:00 +0000 (Fri, 22 Jan 2010)
New Revision: 13885
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-01-22 16:40:56 UTC (rev 13884)
+++ data/CVE/list 2010-01-22 21:15:00 UTC (rev 13885)
@@ -1,3 +1,35 @@
+CVE-2010-0379 (Multiple unspecified vuilnerabilities in the Macromedia Flash ActiveX ...)
+ TODO: check
+CVE-2010-0378 (Use-after-free vulnerability in Adobe Flash Player 6.0.79, as ...)
+ TODO: check
+CVE-2010-0377 (SQL injection vulnerability in modules/arcade/index.php in PHP MySpace ...)
+ TODO: check
+CVE-2010-0376 (Cross-site scripting (XSS) vulnerability in product_list.php in ...)
+ TODO: check
+CVE-2010-0375 (SQL injection vulnerability in product_list.php in JCE-Tech PHP ...)
+ TODO: check
+CVE-2010-0374 (Cross-site scripting (XSS) vulnerability in the Marketplace ...)
+ TODO: check
+CVE-2010-0373 (SQL injection vulnerability in the libros (com_libros) component for ...)
+ TODO: check
+CVE-2010-0372 (SQL injection vulnerability in the Articlemanager (com_articlemanager) ...)
+ TODO: check
+CVE-2010-0371 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+ TODO: check
+CVE-2010-0370 (Cross-site scripting (XSS) vulnerability in the Node Blocks module ...)
+ TODO: check
+CVE-2010-0369
+ RESERVED
+CVE-2010-0368
+ RESERVED
+CVE-2010-0367 (Multiple PHP remote file inclusion vulnerabilities in BitScripts Bits ...)
+ TODO: check
+CVE-2010-0366 (Multiple unrestricted file upload vulnerabilities in (1) register.php ...)
+ TODO: check
+CVE-2010-0365 (Cross-site scripting (XSS) vulnerability in search.php in BitScripts ...)
+ TODO: check
+CVE-2010-0364 (Stack-based buffer overflow in VideoLAN VLC Media Player 0.8.6 allows ...)
+ TODO: check
CVE-2010-0363 (Cross-site scripting (XSS) vulnerability in Zeus Web Server before ...)
NOT-FOR-US: Zeus Web Server
CVE-2010-0362 (Zeus Web Server before 4.3r5 does not use random transaction IDs for ...)
@@ -230,17 +262,20 @@
RESERVED
CVE-2010-0289 [dokuwiki CSRF]
RESERVED
+ {DSA-1976-1}
- dokuwiki 0.0.20090214b-3.1 (low)
[etch] - dokuwiki <not-affected> (Vulnerable code not present)
NOTE: http://secunia.com/advisories/38205/
CVE-2010-0288 [dokuwiki insufficient permissions checks, allowing attacker to change ACLs]
RESERVED
+ {DSA-1976-1}
- dokuwiki 0.0.20090214b-3.1 (medium; bug #565406)
[etch] - dokuwiki <not-affected> (Vulnerable code not present)
NOTE: http://bugs.splitbrain.org/index.php?do=details&task_id=1847
NOTE: issue being exploited
CVE-2010-0287 [dokuwiki directory structure information leak]
RESERVED
+ {DSA-1976-1}
- dokuwiki 0.0.20090214b-3.1 (low)
[etch] - dokuwiki <not-affected> (Vulnerable code not present)
NOTE: http://secunia.com/advisories/38205/
@@ -390,8 +425,8 @@
RESERVED
CVE-2010-0233
RESERVED
-CVE-2010-0232
- RESERVED
+CVE-2010-0232 (The kernel in Microsoft Windows NT 3.1 through Windows 7, including ...)
+ TODO: check
CVE-2010-0231
RESERVED
CVE-2010-0230
@@ -605,10 +640,10 @@
RESERVED
CVE-2010-0139
RESERVED
-CVE-2010-0138
- RESERVED
-CVE-2010-0137
- RESERVED
+CVE-2010-0138 (Buffer overflow in Cisco CiscoWorks Internetwork Performance Monitor ...)
+ TODO: check
+CVE-2010-0137 (Unspecified vulnerability in the sshd_child_handler process in the SSH ...)
+ TODO: check
CVE-2010-0136
RESERVED
CVE-2010-0135
@@ -1457,7 +1492,7 @@
RESERVED
CVE-2010-0019
RESERVED
-CVE-2010-0018 (Integer overflow in the Embedded OpenType (EOT) Font Engine in ...)
+CVE-2010-0018 (Integer overflow in the Embedded OpenType (EOT) Font Engine ...)
NOT-FOR-US: Microsoft Windows
CVE-2010-0017
RESERVED
@@ -2355,10 +2390,10 @@
CVE-2009-4005 (The collect_rx_frame function in drivers/isdn/hisax/hfc_usb.c in the ...)
- linux-2.6 2.6.32-1 (low)
- linux-2.6.24 <removed> (low)
-CVE-2009-4003
- RESERVED
-CVE-2009-4002
- RESERVED
+CVE-2009-4003 (Multiple integer overflows in Adobe Shockwave Player before 11.5.6.606 ...)
+ TODO: check
+CVE-2009-4002 (Heap-based buffer overflow in Adobe Shockwave Player before 11.5.6.606 ...)
+ TODO: check
CVE-2009-4001
RESERVED
CVE-2009-4000 (Directory traversal vulnerability in goform/formExportDataLogs in HP ...)
@@ -2658,8 +2693,8 @@
NOTE: All Debian kernels have MMU support enabled
CVE-2009-3887 [evolution path traversal]
RESERVED
- - evolution <unfixed>
- NOTE: http://www.ocert.org/advisories/ocert-2009-013.html
+ - evolution <unfixed>
+ NOTE: http://www.ocert.org/advisories/ocert-2009-013.html
CVE-2009-3886 (The Java Web Start implementation in Sun Java SE 6 before Update 17 ...)
- openjdk-6 <unfixed> (medium; bug #560908)
- sun-java6 6-17-1
@@ -3184,8 +3219,8 @@
NOTE: http://git.kernel.org/linus/0a79b009525b160081d75cef5dbf45817956acf2
CVE-2009-3721 [evolution buffer overflow]
RESERVED
- - evolution <unfixed>
- NOTE: http://www.ocert.org/advisories/ocert-2009-013.html
+ - evolution <unfixed>
+ NOTE: http://www.ocert.org/advisories/ocert-2009-013.html
CVE-2009-3720 (The updatePosition function in lib/xmltok_impl.c in libexpat in Expat ...)
{DSA-1921-1}
- expat 2.0.1-5 (low; bug #551936)
More information about the Secure-testing-commits
mailing list