[Secure-testing-commits] r14370 - data/CVE

Joey Hess joeyh at alioth.debian.org
Wed Mar 31 21:14:43 UTC 2010


Author: joeyh
Date: 2010-03-31 21:14:42 +0000 (Wed, 31 Mar 2010)
New Revision: 14370

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2010-03-31 19:14:35 UTC (rev 14369)
+++ data/CVE/list	2010-03-31 21:14:42 UTC (rev 14370)
@@ -1,6 +1,64 @@
+CVE-2010-1219 (Directory traversal vulnerability in the JA News (com_janews) ...)
+	TODO: check
+CVE-2010-1218 (Cross-site scripting (XSS) vulnerability in the mm_forum extension ...)
+	TODO: check
+CVE-2010-1217 (Directory traversal vulnerability in the JE Form Creator ...)
+	TODO: check
+CVE-2010-1216 (PHP remote file inclusion vulnerability in templates/template.php in ...)
+	TODO: check
+CVE-2010-1215
+	RESERVED
+CVE-2010-1214
+	RESERVED
+CVE-2010-1213
+	RESERVED
+CVE-2010-1212
+	RESERVED
+CVE-2010-1211
+	RESERVED
+CVE-2010-1210
+	RESERVED
+CVE-2010-1209
+	RESERVED
+CVE-2010-1208
+	RESERVED
+CVE-2010-1207
+	RESERVED
+CVE-2010-1206
+	RESERVED
+CVE-2010-1205
+	RESERVED
+CVE-2010-1204
+	RESERVED
+CVE-2010-1203
+	RESERVED
+CVE-2010-1202
+	RESERVED
+CVE-2010-1201
+	RESERVED
+CVE-2010-1200
+	RESERVED
+CVE-2010-1199
+	RESERVED
+CVE-2010-1198
+	RESERVED
+CVE-2010-1197
+	RESERVED
+CVE-2010-1196
+	RESERVED
+CVE-2010-1194
+	RESERVED
+CVE-2010-1191
+	RESERVED
+CVE-2010-1186
+	RESERVED
+CVE-2009-4763 (Unspecified vulnerability in the ClickHeat plugin, as used in ...)
+	TODO: check
 CVE-2010-1188 [linux-2.6: ipv6 skb unexpectedly freed]
+	RESERVED
 	- linux-2.6 2.6.20-1
 CVE-2010-1187 [linux-2.6: ticp oops]
+	RESERVED
 	- linux-2.6 <unfixed>
 CVE-2010-1185 (Stack-based buffer overflow in serv.exe in SAP MaxDB 7.4.3.32, and ...)
 	NOT-FOR-US: SAP MaxDB
@@ -567,6 +625,7 @@
 CVE-2007-6733 (The nfs_lock function in fs/nfs/file.c in the Linux kernel 2.6.9 does ...)
 	- linux-2.6 2.6.10-1
 CVE-2010-1195 [ikiwiki htmlscrubber XSS via svg images]
+	RESERVED
 	{DSA-2020-1}
 	- ikiwiki 3.20100312 (low)
 	[lenny] - ikwiki 2.53.5
@@ -700,11 +759,13 @@
 	- spamass-milter 0.3.1-9 (bug #573228)
 	[lenny] - spamass-milter 0.3.1-8+lenny1
 CVE-2010-1189 [mediawiki CSS validation]
+	RESERVED
 	{DSA-2022-1}
 	- mediawiki 1:1.15.2-1 (low)
 	NOTE: http://lists.wikimedia.org/pipermail/mediawiki-announce/2010-March/000088.html
 	[lenny] - mediawiki 1:1.12.0-2lenny4
 CVE-2010-1190 [mediawiki data leak in thumb.php]
+	RESERVED
 	{DSA-2022-1}
 	- mediawiki 1:1.15.2-1 (low)
 	[lenny] - mediawiki 1:1.12.0-2lenny4
@@ -1006,7 +1067,7 @@
 	- openjdk-6 <undetermined>
 	- sun-java6 <unfixed>
 	[lenny] - sun-java6 <no-dsa> (Non-free not supported)
-CVE-2010-0840  
+CVE-2010-0840
 	RESERVED
 	- openjdk-6 <undetermined>
 	- sun-java6 <unfixed>
@@ -1092,9 +1153,11 @@
 	[lenny] - shibboleth-sp2 <no-dsa> (Minor issue)
 	- shibboleth-sp <not-affected> (Vulnerable code not present)
 CVE-2010-1192 [libesmtp doesn't handle null bytes in commonname]
+	RESERVED
 	- libesmtp <unfixed> (bug #572960)
 	NOTE: http://www.openwall.com/lists/oss-security/2010/03/03/6
 CVE-2010-1193 [libesmtp wildcard handling]
+	RESERVED
 	- libesmtp <undetermined>
 	NOTE: http://www.openwall.com/lists/oss-security/2010/03/30/10
 	TODO: check
@@ -1919,16 +1982,16 @@
 	RESERVED
 CVE-2010-0538
 	RESERVED
-CVE-2010-0537
-	RESERVED
+CVE-2010-0537 (DesktopServices in Apple Mac OS X 10.6 before 10.6.3 does not properly ...)
+	TODO: check
 CVE-2010-0536
 	RESERVED
-CVE-2010-0535
-	RESERVED
-CVE-2010-0534
-	RESERVED
-CVE-2010-0533
-	RESERVED
+CVE-2010-0535 (Dovecot in Apple Mac OS X 10.6 before 10.6.3, when Kerberos is ...)
+	TODO: check
+CVE-2010-0534 (Wiki Server in Apple Mac OS X 10.6 before 10.6.3 does not enforce the ...)
+	TODO: check
+CVE-2010-0533 (Directory traversal vulnerability in AFP Server in Apple Mac OS X ...)
+	TODO: check
 CVE-2010-0532
 	RESERVED
 CVE-2010-0531
@@ -1941,66 +2004,66 @@
 	RESERVED
 CVE-2010-0527
 	RESERVED
-CVE-2010-0526
-	RESERVED
-CVE-2010-0525
-	RESERVED
-CVE-2010-0524
-	RESERVED
-CVE-2010-0523
-	RESERVED
-CVE-2010-0522
-	RESERVED
-CVE-2010-0521
-	RESERVED
-CVE-2010-0520
-	RESERVED
-CVE-2010-0519
-	RESERVED
-CVE-2010-0518
-	RESERVED
-CVE-2010-0517
-	RESERVED
-CVE-2010-0516
-	RESERVED
-CVE-2010-0515
-	RESERVED
-CVE-2010-0514
-	RESERVED
-CVE-2010-0513
-	RESERVED
-CVE-2010-0512
-	RESERVED
-CVE-2010-0511
-	RESERVED
-CVE-2010-0510
-	RESERVED
-CVE-2010-0509
-	RESERVED
-CVE-2010-0508
-	RESERVED
-CVE-2010-0507
-	RESERVED
-CVE-2010-0506
-	RESERVED
-CVE-2010-0505
-	RESERVED
-CVE-2010-0504
-	RESERVED
-CVE-2010-0503
-	RESERVED
-CVE-2010-0502
-	RESERVED
-CVE-2010-0501
-	RESERVED
-CVE-2010-0500
-	RESERVED
+CVE-2010-0526 (Heap-based buffer overflow in QuickTime in Apple Mac OS X before ...)
+	TODO: check
+CVE-2010-0525 (Mail in Apple Mac OS X before 10.6.3 does not properly enforce the key ...)
+	TODO: check
+CVE-2010-0524 (The default configuration of the FreeRADIUS server in Apple Mac OS X ...)
+	TODO: check
+CVE-2010-0523 (Wiki Server in Apple Mac OS X 10.5.8 does not restrict the file types ...)
+	TODO: check
+CVE-2010-0522 (Server Admin in Apple Mac OS X Server 10.5.8 does not properly ...)
+	TODO: check
+CVE-2010-0521 (Server Admin in Apple Mac OS X Server before 10.6.3 does not properly ...)
+	TODO: check
+CVE-2010-0520 (Heap-based buffer overflow in QuickTime in Apple Mac OS X before ...)
+	TODO: check
+CVE-2010-0519 (Integer overflow in QuickTime in Apple Mac OS X before 10.6.3 allows ...)
+	TODO: check
+CVE-2010-0518 (QuickTime in Apple Mac OS X before 10.6.3 allows remote attackers to ...)
+	TODO: check
+CVE-2010-0517 (Heap-based buffer overflow in QuickTime in Apple Mac OS X before ...)
+	TODO: check
+CVE-2010-0516 (Heap-based buffer overflow in QuickTime in Apple Mac OS X before ...)
+	TODO: check
+CVE-2010-0515 (QuickTime in Apple Mac OS X before 10.6.3 allows remote attackers to ...)
+	TODO: check
+CVE-2010-0514 (Heap-based buffer overflow in QuickTime in Apple Mac OS X before ...)
+	TODO: check
+CVE-2010-0513 (Stack-based buffer overflow in PS Normalizer in Apple Mac OS X before ...)
+	TODO: check
+CVE-2010-0512 (The Accounts Preferences implementation in Apple Mac OS X 10.6 before ...)
+	TODO: check
+CVE-2010-0511 (Podcast Producer in Apple Mac OS X 10.6 before 10.6.3 deletes the ...)
+	TODO: check
+CVE-2010-0510 (Password Server in Apple Mac OS X Server before 10.6.3 does not ...)
+	TODO: check
+CVE-2010-0509 (SFLServer in OS Services in Apple Mac OS X before 10.6.3 allows local ...)
+	TODO: check
+CVE-2010-0508 (Mail in Apple Mac OS X before 10.6.3 does not disable the filter rules ...)
+	TODO: check
+CVE-2010-0507 (Buffer overflow in Image RAW in Apple Mac OS X before 10.6.3 allows ...)
+	TODO: check
+CVE-2010-0506 (Buffer overflow in Image RAW in Apple Mac OS X 10.5.8 allows remote ...)
+	TODO: check
+CVE-2010-0505 (Heap-based buffer overflow in ImageIO in Apple Mac OS X before 10.6.3 ...)
+	TODO: check
+CVE-2010-0504 (Multiple stack-based buffer overflows in iChat Server in Apple Mac OS ...)
+	TODO: check
+CVE-2010-0503 (Use-after-free vulnerability in iChat Server in Apple Mac OS X Server ...)
+	TODO: check
+CVE-2010-0502 (iChat Server in Apple Mac OS X Server before 10.6.3, when group chat ...)
+	TODO: check
+CVE-2010-0501 (Directory traversal vulnerability in FTP Server in Apple Mac OS X ...)
+	TODO: check
+CVE-2010-0500 (Event Monitor in Apple Mac OS X before 10.6.3 does not properly ...)
+	TODO: check
 CVE-2010-0499
 	RESERVED
-CVE-2010-0498
-	RESERVED
-CVE-2010-0497
-	RESERVED
+CVE-2010-0498 (Directory Services in Apple Mac OS X before 10.6.3 does not properly ...)
+	TODO: check
+CVE-2010-0497 (Disk Images in Apple Mac OS X before 10.6.3 does not provide the ...)
+	TODO: check
 CVE-2010-0496 (FreeBit ServersMan 3.1.5 on Apple iPhone OS 3.1.2, and iPhone OS for ...)
 	NOT-FOR-US: Apple iPhone OS
 CVE-2010-0495
@@ -3864,28 +3927,27 @@
 	- php5 5.2.11.dfsg.1-1 (low)
 	NOTE: CVE requested
 	NOTE: from "Shocking News in PHP Exploitation" by Stefan Esser
-CVE-2010-0065
-	RESERVED
-CVE-2010-0064
-	RESERVED
-CVE-2010-0063
-	RESERVED
-CVE-2010-0062
-	RESERVED
+CVE-2010-0065 (Disk Images in Apple Mac OS X before 10.6.3 allows user-assisted ...)
+	TODO: check
+CVE-2010-0064 (DesktopServices in Apple Mac OS X 10.6 before 10.6.3 preserves file ...)
+	TODO: check
+CVE-2010-0063 (Incomplete blacklist vulnerability in CoreTypes in Apple Mac OS X ...)
+	TODO: check
+CVE-2010-0062 (Heap-based buffer overflow in CoreMedia and QuickTime in Apple Mac OS ...)
+	TODO: check
 CVE-2010-0061
 	RESERVED
-CVE-2010-0060
-	RESERVED
-CVE-2010-0059
-	RESERVED
-CVE-2010-0058
-	RESERVED
-CVE-2010-0057
-	RESERVED
-CVE-2010-0056
-	RESERVED
-CVE-2010-0055 [xar Signature verification bypass]
-	RESERVED
+CVE-2010-0060 (CoreAudio in Apple Mac OS X before 10.6.3 allows remote attackers to ...)
+	TODO: check
+CVE-2010-0059 (CoreAudio in Apple Mac OS X before 10.6.3 allows remote attackers to ...)
+	TODO: check
+CVE-2010-0058 (freshclam in ClamAV in Apple Mac OS X 10.5.8 with Security Update ...)
+	TODO: check
+CVE-2010-0057 (AFP Server in Apple Mac OS X before 10.6.3 does not prevent guest use ...)
+	TODO: check
+CVE-2010-0056 (Buffer overflow in Cocoa spell checking in AppKit in Apple Mac OS X ...)
+	TODO: check
+CVE-2010-0055 (xar in Apple Mac OS X 10.5.8 does not properly validate package ...)
 	- xar <removed> (bug #572556)
 	[lenny] - xar <no-dsa> (Minor issue)
 CVE-2010-0054 (Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 ...)
@@ -8820,8 +8882,8 @@
 	NOT-FOR-US: Apple Mac OS X
 CVE-2009-2802
 	RESERVED
-CVE-2009-2801
-	RESERVED
+CVE-2009-2801 (The Application Firewall in Apple Mac OS X 10.5.8 drops unspecified ...)
+	TODO: check
 CVE-2009-2800 (Buffer overflow in Alias Manager in Apple Mac OS X 10.4.11 and 10.5.8 ...)
 	NOT-FOR-US: Apple Mac OS X
 CVE-2009-2799 (Heap-based buffer overflow in Apple QuickTime before 7.6.4 allows ...)




More information about the Secure-testing-commits mailing list