[Secure-testing-commits] r14898 - data/CVE

Wed Jun 23 21:14:30 UTC 2010

Author: joeyh
Date: 2010-06-23 21:14:28 +0000 (Wed, 23 Jun 2010)
New Revision: 14898

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2010-06-23 20:29:12 UTC (rev 14897)
+++ data/CVE/list	2010-06-23 21:14:28 UTC (rev 14898)
@@ -1,3 +1,31 @@
+CVE-2010-2432 (The cupsDoAuthentication function in auth.c in the client in CUPS ...)
+	TODO: check
+CVE-2010-2431 (The cupsFileOpen function in CUPS before 1.4.4 allows local users, ...)
+	TODO: check
+CVE-2010-2430
+	RESERVED
+CVE-2010-2429
+	RESERVED
+CVE-2010-2428
+	RESERVED
+CVE-2010-2427
+	RESERVED
+CVE-2010-2426
+	RESERVED
+CVE-2010-2425
+	RESERVED
+CVE-2010-2424
+	RESERVED
+CVE-2010-2423
+	RESERVED
+CVE-2010-2422
+	RESERVED
+CVE-2010-2421 (Multiple unspecified vulnerabilities in Opera before 10.54 have ...)
+	TODO: check
+CVE-2010-2420 (Multiple unspecified vulnerabilities in Fenrir Inc. ActiveGeckoBrowser ...)
+	TODO: check
+CVE-2008-7257
+	RESERVED
 CVE-2010-XXXX [IE-specific XSS issue]
 	- php-htmlpurifier 4.1.1+dfsg1-1
 CVE-2010-2419
@@ -1553,8 +1581,8 @@
 	RESERVED
 CVE-2010-1776
 	RESERVED
-CVE-2010-1775
-	RESERVED
+CVE-2010-1775 (Race condition in Passcode Lock in Apple iOS before 4 on the iPhone ...)
+	TODO: check
 CVE-2010-1774 (WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and ...)
 	- webkit <undetermined>
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=38261
@@ -1577,7 +1605,7 @@
 	- webkit <undetermined>
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=38626
 	NOTE: http://trac.webkit.org/changeset/59795
-CVE-2010-1769 (Unspecified vulnerability in WebKit in Apple iTunes before 9.2 on ...)
+CVE-2010-1769 (WebKit in Apple iTunes before 9.2 on Windows, and Apple iOS before 4 ...)
 	- webkit <undetermined>
 CVE-2010-1768
 	RESERVED
@@ -1626,20 +1654,20 @@
 	- webkit <undetermined>
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=28697
 	NOTE: http://trac.webkit.org/changeset/59098
-CVE-2010-1757
-	RESERVED
-CVE-2010-1756
-	RESERVED
-CVE-2010-1755
-	RESERVED
-CVE-2010-1754
-	RESERVED
-CVE-2010-1753
-	RESERVED
-CVE-2010-1752
-	RESERVED
-CVE-2010-1751
-	RESERVED
+CVE-2010-1757 (WebKit in Apple iOS before 4 on the iPhone and iPod touch does not ...)
+	TODO: check
+CVE-2010-1756 (The Settings application in Apple iOS before 4 on the iPhone and iPod ...)
+	TODO: check
+CVE-2010-1755 (Safari in Apple iOS before 4 on the iPhone and iPod touch does not ...)
+	TODO: check
+CVE-2010-1754 (Passcode Lock in Apple iOS before 4 on the iPhone and iPod touch does ...)
+	TODO: check
+CVE-2010-1753 (ImageIO in Apple iOS before 4 on the iPhone and iPod touch allows ...)
+	TODO: check
+CVE-2010-1752 (Stack-based buffer overflow in CFNetwork in Apple iOS before 4 on the ...)
+	TODO: check
+CVE-2010-1751 (Application Sandbox in Apple iOS before 4 on the iPhone and iPod touch ...)
+	TODO: check
 CVE-2010-1750 (Use-after-free vulnerability in Apple Safari before 5.0 on Windows ...)
 	- webkit <undetermined>
 CVE-2010-1749 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on ...)
@@ -1647,7 +1675,7 @@
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=27193
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=38625
 	NOTE: http://trac.webkit.org/changeset/45941
-CVE-2010-1748 (The web interface in CUPS in Apple Mac OS X 10.5.8, and 10.6 before ...)
+CVE-2010-1748 (The cgi_initialize_string function in cgi-bin/var.c in the web ...)
 	TODO: check
 CVE-2010-1747
 	RESERVED
@@ -1898,10 +1926,9 @@
 CVE-2010-1639 (The cli_pdf function in libclamav/pdf.c in ClamAV before 0.96.1 allows ...)
 	- clamav 0.96.1+dfsg-1 (bug #584183)
 	[lenny] - clamav <end-of-life>
-CVE-2010-1638
-	RESERVED
-CVE-2010-1637
-	RESERVED
+CVE-2010-1638 (The IMP plugin in Horde allows remote attackers to bypass firewall ...)
+	TODO: check
+CVE-2010-1637 (The Mail Fetch plugin in SquirrelMail 1.4.20 and earlier allows remote ...)
 	- squirrelmail <unfixed> (unimportant)
 CVE-2010-1636 (The btrfs_ioctl_clone function in fs/btrfs/ioctl.c in the btrfs ...)
 	- linux-2.6 2.6.32-14 
@@ -1920,8 +1947,8 @@
 CVE-2010-1633 (RSA verification recovery in the EVP_PKEY_verify_recover function in ...)
 	- openssl <not-affected> (This bug is only present in OpenSSL 1.0.0)
 	TODO: recheck once >= 1.0.0 gets uploaded        
-CVE-2010-1632
-	RESERVED
+CVE-2010-1632 (Apache Axis2 before 1.5.2, as used in IBM WebSphere Application Server ...)
+	TODO: check
 CVE-2010-1631
 	RESERVED
 CVE-2010-1630 (Unspecified vulnerability in posting.php in phpBB before 3.0.5 has ...)
@@ -2632,8 +2659,7 @@
 	NOTE: http://trac.webkit.org/changeset/56489
 	NOTE: http://trac.webkit.org/changeset/56492
 	NOTE: http://trac.webkit.org/changeset/56879
-CVE-2010-1407
-	RESERVED
+CVE-2010-1407 (WebKit in Apple iOS before 4 on the iPhone and iPod touch does not ...)
 	- webkit <undetermined>
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=36435
 	NOTE: http://trac.webkit.org/changeset/56365
@@ -2720,7 +2746,7 @@
 	- webkit <undetermined>
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=28755
 	NOTE: http://trac.webkit.org/changeset/47829
-CVE-2010-1387 (Unspecified vulnerability in WebKit in Apple iTunes before 9.2 on ...)
+CVE-2010-1387 (Use-after-free vulnerability in JavaScriptCore in WebKit in Apple ...)
 	- webkit <undetermined>
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=34321
 	NOTE: http://trac.webkit.org/changeset/54129


