[Secure-testing-commits] r15585 - data/CVE

Joey Hess joeyh at alioth.debian.org
Mon Nov 15 21:14:38 UTC 2010 

Author: joeyh
Date: 2010-11-15 21:14:37 +0000 (Mon, 15 Nov 2010)
New Revision: 15585

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2010-11-15 18:36:33 UTC (rev 15584)
+++ data/CVE/list	2010-11-15 21:14:37 UTC (rev 15585)
@@ -1,3 +1,37 @@
+CVE-2010-4236 (Untrusted search path vulnerability in estaskwrapper in IBM OmniFind ...)
+	TODO: check
+CVE-2010-4235
+	RESERVED
+CVE-2010-4234
+	RESERVED
+CVE-2010-4233
+	RESERVED
+CVE-2010-4232
+	RESERVED
+CVE-2010-4231
+	RESERVED
+CVE-2010-4230
+	RESERVED
+CVE-2010-4229
+	RESERVED
+CVE-2010-4228
+	RESERVED
+CVE-2010-4227
+	RESERVED
+CVE-2010-4226
+	RESERVED
+CVE-2010-4225
+	RESERVED
+CVE-2010-4224
+	RESERVED
+CVE-2010-4223
+	RESERVED
+CVE-2010-4222
+	RESERVED
+CVE-2009-5017 (Mozilla Firefox before 3.6 Beta 3 does not properly handle overlong ...)
+	TODO: check
+CVE-2009-5016 (Integer overflow in the xml_utf8_decode function in ext/xml/xml.c in ...)
+	TODO: check
 CVE-2010-4221 (Multiple stack-based buffer overflows in the pr_netio_telnet_gets ...)
 	- proftpd-dfsg 1.3.3a-5 (bug #603511; bug #602279)
 CVE-2010-XXXX [imagemagick reads config files from cwd]
@@ -732,26 +766,26 @@
 CVE-2010-3900 (Midori before 0.2.5, when WebKitGTK+ before 1.1.14 or LibSoup before ...)
 	- midori 0.2.7-1.1 (unimportant)
 	NOTE: Current Midori SSL support is very limited
-CVE-2010-3899
-	RESERVED
-CVE-2010-3898
-	RESERVED
-CVE-2010-3897
-	RESERVED
-CVE-2010-3896
-	RESERVED
-CVE-2010-3895
-	RESERVED
-CVE-2010-3894
-	RESERVED
-CVE-2010-3893
-	RESERVED
-CVE-2010-3892
-	RESERVED
-CVE-2010-3891
-	RESERVED
-CVE-2010-3890
-	RESERVED
+CVE-2010-3899 (IBM OmniFind Enterprise Edition 8.x and 9.x performs web crawls with ...)
+	TODO: check
+CVE-2010-3898 (IBM OmniFind Enterprise Edition 8.x and 9.x does not properly restrict ...)
+	TODO: check
+CVE-2010-3897 (ESSearchApplication/palette.do in IBM OmniFind Enterprise Edition 8.x ...)
+	TODO: check
+CVE-2010-3896 (The ESSearchApplication directory tree in IBM OmniFind Enterprise ...)
+	TODO: check
+CVE-2010-3895 (esRunCommand in IBM OmniFind Enterprise Edition before 9.1 allows ...)
+	TODO: check
+CVE-2010-3894 (Stack-based buffer overflow in the ...)
+	TODO: check
+CVE-2010-3893 (The administrator interface in IBM OmniFind Enterprise Edition 8.x and ...)
+	TODO: check
+CVE-2010-3892 (Session fixation vulnerability in the login form in the administrator ...)
+	TODO: check
+CVE-2010-3891 (Cross-site request forgery (CSRF) vulnerability in ESAdmin/security.do ...)
+	TODO: check
+CVE-2010-3890 (Cross-site scripting (XSS) vulnerability in IBM OmniFind Enterprise ...)
+	TODO: check
 CVE-2010-3889 (Unspecified vulnerability in Microsoft Windows on 32-bit platforms ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2010-3888 (Unspecified vulnerability in Microsoft Windows on 32-bit platforms ...)
@@ -797,8 +831,8 @@
 	RESERVED
 CVE-2010-3871 (Cross-site scripting (XSS) vulnerability in ...)
 	TODO: check
-CVE-2010-3870
-	RESERVED
+CVE-2010-3870 (The utf8_decode function in PHP before 5.3.4 does not properly handle ...)
+	TODO: check
 CVE-2010-3869
 	RESERVED
 CVE-2010-3868
@@ -4124,8 +4158,8 @@
 	RESERVED
 CVE-2010-2638
 	RESERVED
-CVE-2010-2637
-	RESERVED
+CVE-2010-2637 (IBM WebSphere MQ 6.0 before 6.0.2.9 and 7.0 before 7.0.1.1 does not ...)
+	TODO: check
 CVE-2010-2636 (Multiple cross-site scripting (XSS) vulnerabilities in sample store ...)
 	TODO: check
 CVE-2010-2635 (SQL injection vulnerability in IBM WebSphere Commerce 6.0 before ...)

More information about the Secure-testing-commits mailing list