[Secure-testing-commits] r14885 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Fri Jun 18 21:14:22 UTC 2010
Author: joeyh
Date: 2010-06-18 21:14:21 +0000 (Fri, 18 Jun 2010)
New Revision: 14885
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-06-17 21:14:34 UTC (rev 14884)
+++ data/CVE/list 2010-06-18 21:14:21 UTC (rev 14885)
@@ -1,3 +1,19 @@
+CVE-2010-2320
+ RESERVED
+CVE-2010-2319 (SQL injection vulnerability in index.php in IDevSpot TextAds 2.08 ...)
+ TODO: check
+CVE-2010-2318 (Cross-site scripting (XSS) vulnerability in cms_data.php in ...)
+ TODO: check
+CVE-2010-2317 (Multiple SQL injection vulnerabilities in WmsCms 2.0 and earlier allow ...)
+ TODO: check
+CVE-2010-2316 (Multiple cross-site scripting (XSS) vulnerabilities in default.asp in ...)
+ TODO: check
+CVE-2010-2315 (PHP remote file inclusion vulnerability in picturelib.php in ...)
+ TODO: check
+CVE-2010-2314 (PHP remote file inclusion vulnerability in ...)
+ TODO: check
+CVE-2010-2313 (Directory traversal vulnerability in index.php in Anodyne Productions ...)
+ TODO: check
CVE-2010-2312 (SQL injection vulnerability in index.php in HauntmAx Haunted House ...)
TODO: check
CVE-2010-2311 (Stack-based buffer overflow in Power Tab Editor 1.7 build 80 allows ...)
@@ -605,8 +621,7 @@
TODO: check
CVE-2010-2064
RESERVED
-CVE-2010-2063 [samba arbitrary write on chained packet processing]
- RESERVED
+CVE-2010-2063 (Buffer overflow in the SMB1 packet chaining implementation in the ...)
{DSA-2061-1}
- samba 2:3.4.0~pre1-1 (high)
NOTE: the affected code has been completely rewritten since 3.4.x
@@ -845,8 +860,8 @@
RESERVED
CVE-2010-1965
RESERVED
-CVE-2010-1964
- RESERVED
+CVE-2010-1964 (Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) ...)
+ TODO: check
CVE-2010-1963 (Cross-site scripting (XSS) vulnerability in HP ServiceCenter allows ...)
NOT-FOR-US: HP ServiceCenter
CVE-2010-1962 (Unspecified vulnerability in HP StorageWorks Storage Mirroring 5 ...)
@@ -1399,8 +1414,8 @@
NOTE: https://bugs.webkit.org/show_bug.cgi?id=27193
NOTE: https://bugs.webkit.org/show_bug.cgi?id=38625
NOTE: http://trac.webkit.org/changeset/45941
-CVE-2010-1748
- RESERVED
+CVE-2010-1748 (The web interface in CUPS in Apple Mac OS X 10.5.8, and 10.6 before ...)
+ TODO: check
CVE-2010-1747
RESERVED
CVE-2010-1746 (Multiple cross-site scripting (XSS) vulnerabilities in the Table JX ...)
@@ -1639,8 +1654,7 @@
RESERVED
CVE-2010-1643 (mm/shmem.c in the Linux kernel before 2.6.28-rc3, when strict ...)
- linux-2.6 2.6.28-1
-CVE-2010-1642
- RESERVED
+CVE-2010-1642 (The reply_sesssetup_and_X_spnego function in sesssetup.c in smbd in ...)
- samba <unfixed> (unimportant)
NOTE: Only crashes a single connection, not the entire smbd
CVE-2010-1641 (The do_gfs2_set_flags function in fs/gfs2/file.c in the Linux kernel ...)
@@ -1658,8 +1672,7 @@
CVE-2010-1636 (The btrfs_ioctl_clone function in fs/btrfs/ioctl.c in the btrfs ...)
- linux-2.6 2.6.32-14
[lenny] - linux-2.6 <not-affected> (brtfs introduced in 2.6.32)
-CVE-2010-1635
- RESERVED
+CVE-2010-1635 (The chain_reply function in process.c in smbd in Samba before 3.4.8 ...)
- samba <unfixed> (unimportant)
NOTE: Only crashes a single connection, not the entire smbd
CVE-2010-1634 (Multiple integer overflows in audioop.c in the audioop module in ...)
@@ -2371,8 +2384,7 @@
NOTE: https://bugs.webkit.org/show_bug.cgi?id=29635
NOTE: http://trac.webkit.org/changeset/57759
NOTE: http://trac.webkit.org/changeset/57817
-CVE-2010-1411 [tiff heap overflow]
- RESERVED
+CVE-2010-1411 (Multiple integer overflows in ImageIO in Apple Mac OS X 10.5.8, and ...)
- tiff <undetermined>
TODO: check
CVE-2010-1410 (WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and ...)
@@ -2495,26 +2507,26 @@
- webkit <undetermined>
CVE-2010-1383
RESERVED
-CVE-2010-1382
- RESERVED
-CVE-2010-1381
- RESERVED
-CVE-2010-1380
- RESERVED
-CVE-2010-1379
- RESERVED
+CVE-2010-1382 (Cross-site scripting (XSS) vulnerability in Wiki Server in Apple Mac ...)
+ TODO: check
+CVE-2010-1381 (The default configuration of SMB File Server in Apple Mac OS X 10.5.8, ...)
+ TODO: check
+CVE-2010-1380 (Integer overflow in the cgtexttops CUPS filter in Printing in Apple ...)
+ TODO: check
+CVE-2010-1379 (Printer Setup in Apple Mac OS X 10.6 before 10.6.4 does not properly ...)
+ TODO: check
CVE-2010-1378
RESERVED
-CVE-2010-1377
- RESERVED
-CVE-2010-1376
- RESERVED
-CVE-2010-1375
- RESERVED
-CVE-2010-1374
- RESERVED
-CVE-2010-1373
- RESERVED
+CVE-2010-1377 (Open Directory in Apple Mac OS X 10.6 before 10.6.4 creates an ...)
+ TODO: check
+CVE-2010-1376 (Multiple format string vulnerabilities in Network Authorization in ...)
+ TODO: check
+CVE-2010-1375 (NetAuthSysAgent in Network Authorization in Apple Mac OS X 10.5.8 does ...)
+ TODO: check
+CVE-2010-1374 (Directory traversal vulnerability in iChat in Apple Mac OS X 10.5.8, ...)
+ TODO: check
+CVE-2010-1373 (Cross-site scripting (XSS) vulnerability in Help Viewer in Apple Mac ...)
+ TODO: check
CVE-2010-1423 (Argument injection vulnerability in the URI handler in (a) Java NPAPI ...)
- sun-java6 6.20-1 (high)
[lenny] - sun-java6 <no-dsa> (Non-free not supported)
@@ -4962,23 +4974,23 @@
CVE-2010-0547 (client/mount.cifs.c in mount.cifs in smbfs in Samba 3.4.5 and earlier ...)
{DSA-2004-1}
- samba 2:3.4.5~dfsg-2 (bug #568942; medium)
-CVE-2010-0546
- RESERVED
-CVE-2010-0545
- RESERVED
+CVE-2010-0546 (Folder Manager in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, ...)
+ TODO: check
+CVE-2010-0545 (The Finder in DesktopServices in Apple Mac OS X 10.5.8, and 10.6 ...)
+ TODO: check
CVE-2010-0544 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari ...)
- webkit <undetermined>
NOTE: https://bugs.webkit.org/show_bug.cgi?id=37662
NOTE: http://trac.webkit.org/changeset/58792
NOTE: http://trac.webkit.org/changeset/58796
-CVE-2010-0543
- RESERVED
+CVE-2010-0543 (ImageIO in Apple Mac OS X 10.5.8, and 10.6 before 10.6.2, allows ...)
+ TODO: check
CVE-2010-0542
RESERVED
-CVE-2010-0541
- RESERVED
-CVE-2010-0540
- RESERVED
+CVE-2010-0541 (Cross-site scripting (XSS) vulnerability in the WEBrick HTTP server in ...)
+ TODO: check
+CVE-2010-0540 (Cross-site request forgery (CSRF) vulnerability in the web interface ...)
+ TODO: check
CVE-2010-0539 (Integer signedness error in the window drawing implementation in Apple ...)
NOT-FOR-US: Apple Java
CVE-2010-0538 (Apple Java for Mac OS X 10.5 before Update 7 and Java for Mac OS X ...)
@@ -25532,8 +25544,8 @@
NOT-FOR-US: Cisco Linksys WVC54GC
CVE-2008-4390 (The Cisco Linksys WVC54GC wireless video camera before firmware 1.25 ...)
NOT-FOR-US: Cisco Linksys WVC54GC
-CVE-2008-4389
- RESERVED
+CVE-2008-4389 (Symantec AppStream 5.2.x and Symantec Workspace Streaming (SWS) 6.1.x ...)
+ TODO: check
CVE-2008-4388 (The LaunchObj ActiveX control before 5.2.2.865 in launcher.dll in ...)
NOT-FOR-US: LaunchObj ActiveX
CVE-2008-4387 (Unspecified vulnerability in the Simba MDrmSap ActiveX control in ...)
More information about the Secure-testing-commits
mailing list