[Secure-testing-commits] r14366 - data/CVE

[Moritz Muehlenhoff]

Author: jmm-guest
Date: 2010-03-31 09:28:06 +0000 (Wed, 31 Mar 2010)
New Revision: 14366

Modified:
   data/CVE/list
Log:
new firefox issues


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2010-03-31 09:15:04 UTC (rev 14365)
+++ data/CVE/list	2010-03-31 09:28:06 UTC (rev 14366)
@@ -2907,24 +2907,32 @@
 	RESERVED
 CVE-2010-0182
 	RESERVED
-CVE-2010-0181
+CVE-2010-0181 [Image src redirect to mailto: URL opens email editor]
 	RESERVED
+	- xulrunner <unfixed> (unimportant)
 CVE-2010-0180
 	RESERVED
 CVE-2010-0179
 	RESERVED
-CVE-2010-0178
+CVE-2010-0178 [Chrome privilege escalation via forced URL drag and drop]
 	RESERVED
-CVE-2010-0177
+	- xulrunner <unfixed>
+CVE-2010-0177 [Dangling pointer vulnerability in nsPluginArray]
 	RESERVED
-CVE-2010-0176
+	- xulrunner <unfixed>
+CVE-2010-0176 [Dangling pointer vulnerability in nsTreeContentView]
 	RESERVED
-CVE-2010-0175
+	- xulrunner <unfixed>
+CVE-2010-0175 [Remote code execution with use-after-free in nsTreeSelection]
 	RESERVED
-CVE-2010-0174
+	- xulrunner <unfixed>
+CVE-2010-0174 [crashes in the browser engine]
 	RESERVED
-CVE-2010-0173
+	- xulrunner <unfixed>
+CVE-2010-0173 [crashes in the browser engine]
 	RESERVED
+	- xulrunner <unfixed>
+	[lenny] - xulrunner <not-affected> (Only affects Firefox >= 3.5)
 CVE-2010-0172 (toolkit/components/passwordmgr/src/nsLoginManagerPrompter.js in the ...)
 	TODO: check
 CVE-2010-0171 (Mozilla Firefox 3.0.x before 3.0.18, 3.5.x before 3.5.8, and 3.6.x ...)
@@ -3024,9 +3032,9 @@
 	RESERVED
 CVE-2010-0132 [viewvc regular expression xss]
 	RESERVED
-	- viewvc <undetermined>
+	- viewvc <unfixed>
 	NOTE: http://www.openwall.com/lists/oss-security/2010/03/30/2
-	TODO: check
+	TODO: file bug
 CVE-2010-0131
 	RESERVED
 CVE-2010-0130