[Secure-testing-commits] r15605 - data/CVE

Fri Nov 19 09:15:01 UTC 2010

Author: joeyh
Date: 2010-11-19 09:14:59 +0000 (Fri, 19 Nov 2010)
New Revision: 15605

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2010-11-18 21:15:11 UTC (rev 15604)
+++ data/CVE/list	2010-11-19 09:14:59 UTC (rev 15605)
@@ -1,3 +1,41 @@
+CVE-2010-4293
+	RESERVED
+CVE-2010-4292
+	RESERVED
+CVE-2010-4291
+	RESERVED
+CVE-2010-4290
+	RESERVED
+CVE-2010-4289
+	RESERVED
+CVE-2010-4288
+	RESERVED
+CVE-2010-4287
+	RESERVED
+CVE-2010-4286
+	RESERVED
+CVE-2010-4285
+	RESERVED
+CVE-2010-4284
+	RESERVED
+CVE-2010-4283
+	RESERVED
+CVE-2010-4282
+	RESERVED
+CVE-2010-4281
+	RESERVED
+CVE-2010-4280
+	RESERVED
+CVE-2010-4279
+	RESERVED
+CVE-2010-4278
+	RESERVED
+CVE-2010-4277
+	RESERVED
+CVE-2010-4276
+	RESERVED
+CVE-2010-4275
+	RESERVED
 CVE-2010-4274 (reset_diragent_keys in the Common agent in IBM Systems Director 6.2.0 ...)
 	TODO: check
 CVE-2010-4273 (SQL injection vulnerability in imoveis.php in DescargarVista ACC ...)
@@ -217,8 +255,7 @@
 	- systemtap <unfixed> (bug #603946)
 CVE-2010-4169
 	RESERVED
-CVE-2010-4168
-	RESERVED
+CVE-2010-4168 (Multiple use-after-free vulnerabilities in OpenTTD 1.0.x before 1.0.5 ...)
 	- openttd <unfixed> (bug #603752)
 	[lenny] - openttd <not-affected> (Introduced in 1.0)
 CVE-2010-4167
@@ -237,8 +274,8 @@
 	RESERVED
 CVE-2010-4161
 	RESERVED
-CVE-2010-4159
-	RESERVED
+CVE-2010-4159 (Untrusted search path vulnerability in metadata/loader.c in Mono 2.8 ...)
+	TODO: check
 CVE-2010-4156 (The mb_strcut function in Libmbfl 1.1.0, as used in PHP 5.3.x through ...)
 	- php5 5.3.3-4 (bug #603751)
 	[lenny] - php5 <not-affected> (Only affects 5.3.x)
@@ -359,8 +396,8 @@
 	RESERVED
 CVE-2010-4108
 	RESERVED
-CVE-2010-4107
-	RESERVED
+CVE-2010-4107 (The default configuration of the PJL Access value in the File System ...)
+	TODO: check
 CVE-2010-4106 (Cross-site request forgery (CSRF) vulnerability in HP Insight Control ...)
 	NOT-FOR-US: HP Insight Orchestration
 CVE-2010-4105 (Unspecified vulnerability in HP Insight Orchestration before 6.2 ...)
@@ -680,8 +717,8 @@
 	NOT-FOR-US: SAP BusinessObjects Enterprise
 CVE-2010-3979 (Dswsbobje in SAP BusinessObjects Enterprise XI 3.2 generates different ...)
 	NOT-FOR-US: SAP BusinessObjects Enterprise
-CVE-2010-3978
-	RESERVED
+CVE-2010-3978 (Spree 0.11.x before 0.11.2 and 0.30.x before 0.30.0 exchanges data ...)
+	TODO: check
 CVE-2010-3977 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
 	NOT-FOR-US: cForm wordpress plugin
 CVE-2010-3976 (Untrusted search path vulnerability in Adobe Flash Player before ...)
@@ -910,10 +947,10 @@
 	TODO: File was introduced after 1.2.6, so check that next sid version is at least 1.3.3 or higher
 CVE-2010-3870 (The utf8_decode function in PHP before 5.3.4 does not properly handle ...)
 	- php5 5.3.3-4 (bug #603751)
-CVE-2010-3869
-	RESERVED
-CVE-2010-3868
-	RESERVED
+CVE-2010-3869 (Red Hat Certificate System (RHCS) 7.3 and 8 and Dogtag Certificate ...)
+	TODO: check
+CVE-2010-3868 (Red Hat Certificate System (RHCS) 7.3 and 8 and Dogtag Certificate ...)
+	TODO: check
 CVE-2010-3867 (Multiple directory traversal vulnerabilities in the mod_site_misc ...)
 	- proftpd-dfsg 1.3.3a-4
 	[lenny] - proftpd-dfsg <no-dsa> (Minor issue)
@@ -923,8 +960,7 @@
 	RESERVED
 	- linux-2.6 <unfixed>
 	[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.30)
-CVE-2010-3864
-	RESERVED
+CVE-2010-3864 (Multiple race conditions in ssl/t1_lib.c in OpenSSL 0.9.8f through ...)
 	- openssl 0.9.8o-3
 CVE-2010-3863 (Apache Shiro before 1.1.0, and JSecurity 0.9.x, does not canonicalize ...)
 	NOT-FOR-US: Apache Shiro / JSecurity


