[Secure-testing-commits] r15474 - data/CVE

Joey Hess joeyh at alioth.debian.org
Thu Oct 14 21:14:57 UTC 2010 

Author: joeyh
Date: 2010-10-14 21:14:51 +0000 (Thu, 14 Oct 2010)
New Revision: 15474

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2010-10-14 20:56:33 UTC (rev 15473)
+++ data/CVE/list	2010-10-14 21:14:51 UTC (rev 15474)
@@ -1087,50 +1087,50 @@
 	RESERVED
 CVE-2010-3522
 	RESERVED
-CVE-2010-3521
-	RESERVED
-CVE-2010-3520
-	RESERVED
-CVE-2010-3519
-	RESERVED
-CVE-2010-3518
-	RESERVED
-CVE-2010-3517
-	RESERVED
-CVE-2010-3516
-	RESERVED
-CVE-2010-3515
-	RESERVED
-CVE-2010-3514
-	RESERVED
-CVE-2010-3513
-	RESERVED
-CVE-2010-3512
-	RESERVED
-CVE-2010-3511
-	RESERVED
+CVE-2010-3521 (Unspecified vulnerability in the PeopleSoft Enterprise HCM ePay ...)
+	TODO: check
+CVE-2010-3520 (Unspecified vulnerability in the PeopleSoft Enterprise HCM - GP France ...)
+	TODO: check
+CVE-2010-3519 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+	TODO: check
+CVE-2010-3518 (Unspecified vulnerability in the PeopleSoft Enterprise HCM GP - Japan ...)
+	TODO: check
+CVE-2010-3517 (Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows ...)
+	TODO: check
+CVE-2010-3516 (Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows ...)
+	TODO: check
+CVE-2010-3515 (Unspecified vulnerability in the Solaris component in Oracle Solaris 9 ...)
+	TODO: check
+CVE-2010-3514 (Unspecified vulnerability in the Oracle iPlanet Web Server (Sun Java ...)
+	TODO: check
+CVE-2010-3513 (Unspecified vulnerability in Oracle Solaris 9 and 10, and OpenSolaris, ...)
+	TODO: check
+CVE-2010-3512 (Unspecified vulnerability in the Oracle iPlanet Web Server (Sun Java ...)
+	TODO: check
+CVE-2010-3511 (Unspecified vulnerability in Oracle OpenSolaris allows local users to ...)
+	TODO: check
 CVE-2010-3510
 	RESERVED
-CVE-2010-3509
-	RESERVED
-CVE-2010-3508
-	RESERVED
-CVE-2010-3507
-	RESERVED
-CVE-2010-3506
-	RESERVED
+CVE-2010-3509 (Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows remote ...)
+	TODO: check
+CVE-2010-3508 (Unspecified vulnerability in Oracle Solaris 10 allows local users to ...)
+	TODO: check
+CVE-2010-3507 (Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows local ...)
+	TODO: check
+CVE-2010-3506 (Unspecified vulnerability in the Oracle Explorer (Sun Explorer) ...)
+	TODO: check
 CVE-2010-3505
 	RESERVED
-CVE-2010-3504
-	RESERVED
-CVE-2010-3503
-	RESERVED
-CVE-2010-3502
-	RESERVED
-CVE-2010-3501
-	RESERVED
-CVE-2010-3500
-	RESERVED
+CVE-2010-3504 (Unspecified vulnerability in the Oracle Applications Technology Stack ...)
+	TODO: check
+CVE-2010-3503 (Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows ...)
+	TODO: check
+CVE-2010-3502 (Unspecified vulnerability in the Siebel Core component in Oracle ...)
+	TODO: check
+CVE-2010-3501 (Unspecified vulnerability in the OID component in Oracle Fusion ...)
+	TODO: check
+CVE-2010-3500 (Unspecified vulnerability in the Siebel Core - Highly Interactive ...)
+	TODO: check
 CVE-2010-3476 (Open Ticket Request System (OTRS) 2.3.x before 2.3.6 and 2.4.x before ...)
 	- otrs2 2.4.8+dfsg1-1
 CVE-2010-3475 (IBM DB2 9.7 before FP3 does not properly enforce privilege ...)
@@ -1563,21 +1563,21 @@
 	RESERVED
 CVE-2010-3332 (Microsoft .NET Framework 1.1 SP1, 2.0 SP1 and SP2, 3.5, 3.5 SP1, ...)
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2010-3331
-	RESERVED
-CVE-2010-3330
-	RESERVED
-CVE-2010-3329
-	RESERVED
-CVE-2010-3328
-	RESERVED
-CVE-2010-3327
-	RESERVED
-CVE-2010-3326
-	RESERVED
-CVE-2010-3325
-	RESERVED
-CVE-2010-3324 (The toStaticHTML function in Microsoft Internet Explorer 8 allows ...)
+CVE-2010-3331 (Microsoft Internet Explorer 6 through 8 does not properly handle ...)
+	TODO: check
+CVE-2010-3330 (Microsoft Internet Explorer 6 through 8 does not properly restrict ...)
+	TODO: check
+CVE-2010-3329 (Microsoft Internet Explorer 7 and 8 does not properly handle objects ...)
+	TODO: check
+CVE-2010-3328 (Microsoft Internet Explorer 6 through 8 does not properly handle ...)
+	TODO: check
+CVE-2010-3327 (The implementation of HTML content creation in Microsoft Internet ...)
+	TODO: check
+CVE-2010-3326 (Microsoft Internet Explorer 6 does not properly handle objects in ...)
+	TODO: check
+CVE-2010-3325 (Microsoft Internet Explorer 6 through 8 does not properly handle ...)
+	TODO: check
+CVE-2010-3324 (The toStaticHTML function in Microsoft Internet Explorer 8, and the ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2010-3323 (Splunk 4.0.0 through 4.1.4 allows remote attackers to conduct session ...)
 	NOT-FOR-US: Splunk
@@ -1807,66 +1807,66 @@
 	- gnome-power-manager 2.28.0-1 (unimportant)
 CVE-2010-3306 (Directory traversal vulnerability in the modURL function in instance.c ...)
 	- weborf 0.12.3-1 (bug #596112)
-CVE-2010-3243
-	RESERVED
-CVE-2010-3242
-	RESERVED
-CVE-2010-3241
-	RESERVED
-CVE-2010-3240
-	RESERVED
-CVE-2010-3239
-	RESERVED
-CVE-2010-3238
-	RESERVED
-CVE-2010-3237
-	RESERVED
-CVE-2010-3236
-	RESERVED
-CVE-2010-3235
-	RESERVED
-CVE-2010-3234
-	RESERVED
-CVE-2010-3233
-	RESERVED
-CVE-2010-3232
-	RESERVED
-CVE-2010-3231
-	RESERVED
-CVE-2010-3230
-	RESERVED
-CVE-2010-3229
-	RESERVED
-CVE-2010-3228
-	RESERVED
+CVE-2010-3243 (Cross-site scripting (XSS) vulnerability in the toStaticHTML function ...)
+	TODO: check
+CVE-2010-3242 (Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML ...)
+	TODO: check
+CVE-2010-3241 (Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML ...)
+	TODO: check
+CVE-2010-3240 (Microsoft Excel 2002 SP3 and 2007 SP2; Excel Viewer SP2; and Office ...)
+	TODO: check
+CVE-2010-3239 (Microsoft Excel 2002 SP3 does not properly validate record ...)
+	TODO: check
+CVE-2010-3238 (Microsoft Excel 2002 SP3 and 2003 SP3, and Office 2004 for Mac, does ...)
+	TODO: check
+CVE-2010-3237 (Microsoft Excel 2002 SP3 and Office 2004 for Mac do not properly ...)
+	TODO: check
+CVE-2010-3236 (Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, ...)
+	TODO: check
+CVE-2010-3235 (Microsoft Excel 2002 SP3 does not properly validate formula ...)
+	TODO: check
+CVE-2010-3234 (Microsoft Excel 2002 SP3 does not properly validate formula ...)
+	TODO: check
+CVE-2010-3233 (Microsoft Excel 2002 SP3 and 2003 SP3 does not properly validate ...)
+	TODO: check
+CVE-2010-3232 (Microsoft Excel 2003 SP3 and 2007 SP2; Office 2004 and 2008 for Mac; ...)
+	TODO: check
+CVE-2010-3231 (Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML ...)
+	TODO: check
+CVE-2010-3230 (Integer overflow in Microsoft Excel 2002 SP3 allows remote attackers ...)
+	TODO: check
+CVE-2010-3229 (The Secure Channel (aka SChannel) security package in Microsoft ...)
+	TODO: check
+CVE-2010-3228 (The JIT compiler in Microsoft .NET Framework 4.0 on 64-bit platforms ...)
+	TODO: check
 CVE-2010-3227
 	RESERVED
 CVE-2010-3226
 	RESERVED
-CVE-2010-3225
-	RESERVED
+CVE-2010-3225 (Use-after-free vulnerability in the Media Player Network Sharing ...)
+	TODO: check
 CVE-2010-3224
 	RESERVED
-CVE-2010-3223
-	RESERVED
-CVE-2010-3222
-	RESERVED
-CVE-2010-3221
-	RESERVED
-CVE-2010-3220
-	RESERVED
-CVE-2010-3219
-	RESERVED
-CVE-2010-3218
-	RESERVED
-CVE-2010-3217
-	RESERVED
-CVE-2010-3216
-	RESERVED
-CVE-2010-3215
-	RESERVED
-CVE-2010-3214
-	RESERVED
+CVE-2010-3223 (The user interface in Microsoft Cluster Service (MSCS) in Microsoft ...)
+	TODO: check
+CVE-2010-3222 (Stack-based buffer overflow in the Remote Procedure Call Subsystem ...)
+	TODO: check
+CVE-2010-3221 (Microsoft Word 2002 SP3 and 2003 SP3, Office 2004 for Mac, and Word ...)
+	TODO: check
+CVE-2010-3220 (Unspecified vulnerability in Microsoft Word 2002 SP3 and Office 2004 ...)
+	TODO: check
+CVE-2010-3219 (Microsoft Word 2002 SP3 does not properly handle indexes during ...)
+	TODO: check
+CVE-2010-3218 (Heap-based buffer overflow in Microsoft Word 2002 SP3 allows remote ...)
+	TODO: check
+CVE-2010-3217 (Microsoft Word 2002 SP3 does not properly handle pointers during ...)
+	TODO: check
+CVE-2010-3216 (Microsoft Word 2002 SP3 and Office 2004 for Mac do not properly handle ...)
+	TODO: check
+CVE-2010-3215 (Microsoft Word 2002 SP3 and Office 2004 for Mac do not properly handle ...)
+	TODO: check
+CVE-2010-3214 (Stack-based buffer overflow in Microsoft Word 2002 SP3, 2003 SP3, 2007 ...)
+	TODO: check
 CVE-2010-3213 (Cross-site request forgery (CSRF) vulnerability in Microsoft Outlook ...)
 	NOT-FOR-US: Microsoft Outlook Web Access
 CVE-2010-3212 (SQL injection vulnerability in index.php in Seagull 0.6.7 and earlier ...)
@@ -3172,28 +3172,28 @@
 	[lenny] - iceweasel <not-affected> (Iceweasel in Lenny links against xulrunner)
 	- iceape 2.0.6-1
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2010-2750
-	RESERVED
+CVE-2010-2750 (Microsoft Word 2002 SP3 and Office 2004 for Mac do not properly handle ...)
+	TODO: check
 CVE-2010-2749
 	RESERVED
-CVE-2010-2748
-	RESERVED
-CVE-2010-2747
-	RESERVED
-CVE-2010-2746
-	RESERVED
-CVE-2010-2745
-	RESERVED
-CVE-2010-2744
-	RESERVED
+CVE-2010-2748 (Microsoft Word 2002 SP3 and Office 2004 for Mac do not properly check ...)
+	TODO: check
+CVE-2010-2747 (Microsoft Word 2002 SP3 and Office 2004 for Mac do not properly handle ...)
+	TODO: check
+CVE-2010-2746 (Heap-based buffer overflow in Comctl32.dll (aka the common control ...)
+	TODO: check
+CVE-2010-2745 (Microsoft Windows Media Player (WMP) 9 through 12 does not properly ...)
+	TODO: check
+CVE-2010-2744 (The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows ...)
+	TODO: check
 CVE-2010-2743
 	RESERVED
 CVE-2010-2742
 	RESERVED
-CVE-2010-2741
-	RESERVED
-CVE-2010-2740
-	RESERVED
+CVE-2010-2741 (The OpenType Font (OTF) format driver in Microsoft Windows XP SP2 and ...)
+	TODO: check
+CVE-2010-2740 (The OpenType Font (OTF) format driver in Microsoft Windows XP SP2 and ...)
+	TODO: check
 CVE-2010-2739 (Buffer overflow in the CreateDIBPalette function in win32k.sys in ...)
 	NOT-FOR-US: Windows
 CVE-2010-2738 (The Uniscribe (aka new Unicode Script Processor) implementation in ...)
@@ -3648,7 +3648,7 @@
 	NOT-FOR-US: Microsoft
 CVE-2010-2550 (The SMB Server in Microsoft Windows XP SP2 and SP3, Windows Server ...)
 	NOT-FOR-US: Microsoft
-CVE-2010-2549 (Use-after-free vulnerability in Microsoft Windows Vista and Server ...)
+CVE-2010-2549 (Use-after-free vulnerability in the kernel-mode drivers in Microsoft ...)
 	NOT-FOR-US: Microsoft
 CVE-2010-2548
 	RESERVED
@@ -3987,38 +3987,38 @@
 	[lenny] - moodle <not-affected> (doesn't ship/use htmlpurifier)
 	- knowledgeroot 0.9.9.5-5
 	[lenny] - knowledgeroot <no-dsa> (low)
-CVE-2010-2419
-	RESERVED
-CVE-2010-2418
-	RESERVED
-CVE-2010-2417
-	RESERVED
-CVE-2010-2416
-	RESERVED
-CVE-2010-2415
-	RESERVED
-CVE-2010-2414
-	RESERVED
-CVE-2010-2413
-	RESERVED
-CVE-2010-2412
-	RESERVED
-CVE-2010-2411
-	RESERVED
-CVE-2010-2410
-	RESERVED
-CVE-2010-2409
-	RESERVED
-CVE-2010-2408
-	RESERVED
-CVE-2010-2407
-	RESERVED
-CVE-2010-2406
-	RESERVED
-CVE-2010-2405
-	RESERVED
-CVE-2010-2404
-	RESERVED
+CVE-2010-2419 (Unspecified vulnerability in the Java Virtual Machine component in ...)
+	TODO: check
+CVE-2010-2418 (Unspecified vulnerability in the Oracle Territory Management component ...)
+	TODO: check
+CVE-2010-2417 (Unspecified vulnerability in the Agile PLM component in Oracle Supply ...)
+	TODO: check
+CVE-2010-2416 (Unspecified vulnerability in the Oracle E-Business Intelligence ...)
+	TODO: check
+CVE-2010-2415 (Unspecified vulnerability in the Change Data Capture component in ...)
+	TODO: check
+CVE-2010-2414 (Unspecified vulnerability in the (1) Sun Convergence 1 and (2) Sun ...)
+	TODO: check
+CVE-2010-2413 (Unspecified vulnerability in the BI Publisher component in Oracle ...)
+	TODO: check
+CVE-2010-2412 (Unspecified vulnerability in the OLAP component in Oracle Database ...)
+	TODO: check
+CVE-2010-2411 (Unspecified vulnerability in the Job Queue component in Oracle ...)
+	TODO: check
+CVE-2010-2410 (Unspecified vulnerability in the Cabo/UIX component in Oracle Fusion ...)
+	TODO: check
+CVE-2010-2409 (Unspecified vulnerability in the Cabo/UIX component in Oracle Fusion ...)
+	TODO: check
+CVE-2010-2408 (Unspecified vulnerability in the Oracle iRecruitment component in ...)
+	TODO: check
+CVE-2010-2407 (Unspecified vulnerability in the XDK component in Oracle Database ...)
+	TODO: check
+CVE-2010-2406 (Unspecified vulnerability in the Siebel Core - Highly Interactive ...)
+	TODO: check
+CVE-2010-2405 (Unspecified vulnerability in the Siebel Core - Highly Interactive ...)
+	TODO: check
+CVE-2010-2404 (Unspecified vulnerability in the Oracle iRecruitment component in ...)
+	TODO: check
 CVE-2010-2403 (Unspecified vulnerability in the PeopleSoft Enterprise Campus ...)
 	NOT-FOR-US: PeopleSoft
 CVE-2010-2402 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
@@ -4033,24 +4033,24 @@
 	NOT-FOR-US: PeopleSoft
 CVE-2010-2397 (Unspecified vulnerability in Oracle Sun Java System Application Server ...)
 	NOT-FOR-US: Oracle Sun Java System Application Serve
-CVE-2010-2396
-	RESERVED
-CVE-2010-2395
-	RESERVED
+CVE-2010-2396 (Unspecified vulnerability in the Forms component in Oracle Fusion ...)
+	TODO: check
+CVE-2010-2395 (Unspecified vulnerability in the Cabo/UIX component in Oracle Fusion ...)
+	TODO: check
 CVE-2010-2394 (Unspecified vulnerability in Oracle Solaris 10 allows local users to ...)
 	NOT-FOR-US: Solaris
 CVE-2010-2393 (Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows ...)
 	NOT-FOR-US: Solaris
 CVE-2010-2392 (Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows ...)
 	NOT-FOR-US: Solaris
-CVE-2010-2391
-	RESERVED
-CVE-2010-2390
-	RESERVED
-CVE-2010-2389
-	RESERVED
-CVE-2010-2388
-	RESERVED
+CVE-2010-2391 (Unspecified vulnerability in the Core RDBMS component in Oracle ...)
+	TODO: check
+CVE-2010-2390 (Unspecified vulnerability in the Database Control component in EM ...)
+	TODO: check
+CVE-2010-2389 (Unspecified vulnerability in the Perl component in Oracle Database ...)
+	TODO: check
+CVE-2010-2388 (Unspecified vulnerability in the Oracle Applications Manager component ...)
+	TODO: check
 CVE-2010-2387
 	RESERVED
 CVE-2010-2386 (Unspecified vulnerability in Oracle Solaris 8, 9, and 10, and ...)
@@ -5304,8 +5304,8 @@
 	NOT-FOR-US: Microsoft Windows
 CVE-2010-1884
 	RESERVED
-CVE-2010-1883
-	RESERVED
+CVE-2010-1883 (Integer overflow in the Embedded OpenType (EOT) Font Engine in ...)
+	TODO: check
 CVE-2010-1882 (Multiple buffer overflows in the MPEG Layer-3 Audio Codec for ...)
 	NOT-FOR-US: MPEG Layer-3 Audio Codec for
 CVE-2010-1881 (The FieldList ActiveX control in the Microsoft Access Wizard Controls ...)
@@ -7246,7 +7246,7 @@
 	NOT-FOR-US: dcsFlashGames
 CVE-2010-1264 (Unspecified vulnerability in Microsoft Windows SharePoint Services 3.0 ...)
 	NOT-FOR-US: Microsoft
-CVE-2010-1263 (Unspecified vulnerability in Microsoft Office XP SP3, Office 2003 SP3, ...)
+CVE-2010-1263 (Windows Shell and WordPad in Microsoft Windows XP SP2 and SP3, Windows ...)
 	NOT-FOR-US: Microsoft
 CVE-2010-1262 (Microsoft Internet Explorer 6 SP1 and SP2, 7, and 8 allows remote ...)
 	NOT-FOR-US: Microsoft
@@ -8712,8 +8712,8 @@
 	NOT-FOR-US: Microsoft Windows
 CVE-2010-0809
 	RESERVED
-CVE-2010-0808
-	RESERVED
+CVE-2010-0808 (Microsoft Internet Explorer 6 and 7 on Windows XP and Vista does not ...)
+	TODO: check
 CVE-2010-0807 (Microsoft Internet Explorer 7 does not properly handle objects in ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2010-0806 (Use-after-free vulnerability in the Peer Objects component (aka ...)

More information about the Secure-testing-commits mailing list