[Secure-testing-commits] r15525 - data/CVE

Tue Oct 26 21:14:39 UTC 2010

Author: joeyh
Date: 2010-10-26 21:14:36 +0000 (Tue, 26 Oct 2010)
New Revision: 15525

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2010-10-26 18:46:46 UTC (rev 15524)
+++ data/CVE/list	2010-10-26 21:14:36 UTC (rev 15525)
@@ -1,3 +1,55 @@
+CVE-2010-4093
+	RESERVED
+CVE-2010-4092
+	RESERVED
+CVE-2010-4091
+	RESERVED
+CVE-2010-4090
+	RESERVED
+CVE-2010-4089
+	RESERVED
+CVE-2010-4088
+	RESERVED
+CVE-2010-4087
+	RESERVED
+CVE-2010-4086
+	RESERVED
+CVE-2010-4085
+	RESERVED
+CVE-2010-4084
+	RESERVED
+CVE-2010-4083
+	RESERVED
+CVE-2010-4082
+	RESERVED
+CVE-2010-4081
+	RESERVED
+CVE-2010-4080
+	RESERVED
+CVE-2010-4079
+	RESERVED
+CVE-2010-4078
+	RESERVED
+CVE-2010-4077
+	RESERVED
+CVE-2010-4076
+	RESERVED
+CVE-2010-4075
+	RESERVED
+CVE-2010-4074
+	RESERVED
+CVE-2010-4073
+	RESERVED
+CVE-2010-4072
+	RESERVED
+CVE-2010-4071
+	RESERVED
+CVE-2010-4070 (Integer overflow in librpc.dll in portmap.exe (aka the ISM Portmapper ...)
+	TODO: check
+CVE-2010-4069 (Stack-based buffer overflow in IBM Informix Dynamic Server (IDS) 7.x ...)
+	TODO: check
+CVE-2010-4068 (Unspecified vulnerability in the Extension Manager in TYPO3 4.2.x ...)
+	TODO: check
 CVE-2010-4096
 	- monkeysphere 0.31-3 (bug #600304)
 	NOTE: micah requested this CVE from mitre, issue has been fixed in debian already
@@ -807,20 +859,16 @@
 	RESERVED
 CVE-2010-3718
 	RESERVED
-CVE-2010-3717
-	RESERVED
+CVE-2010-3717 (The t3lib_div::validEmail function in TYPO3 4.2.x before 4.2.15, 4.3.x ...)
 	{DSA-2121-1}
 	- typo3-src 4.3.7-1
-CVE-2010-3716
-	RESERVED
+CVE-2010-3716 (The be_user_creation task in TYPO3 4.2.x before 4.2.15 and 4.3.x ...)
 	{DSA-2121-1}
 	- typo3-src 4.3.7-1
-CVE-2010-3715
-	RESERVED
+CVE-2010-3715 (Multiple cross-site scripting (XSS) vulnerabilities in TYPO3 4.2.x ...)
 	{DSA-2121-1}
 	- typo3-src 4.3.7-1
-CVE-2010-3714
-	RESERVED
+CVE-2010-3714 (The jumpUrl (aka access tracking) implementation in ...)
 	{DSA-2121-1}
 	- typo3-src 4.3.7-1
 CVE-2010-3713
@@ -831,8 +879,8 @@
 	RESERVED
 	- pidgin 2.7.4-1
 	[squeeze] - pidgin 2.7.3-1+squeeze1
-CVE-2010-3710
-	RESERVED
+CVE-2010-3710 (Stack consumption vulnerability in the filter_var function in PHP ...)
+	TODO: check
 CVE-2010-3709
 	RESERVED
 CVE-2010-3708
@@ -2296,26 +2344,26 @@
 	[lenny] - icedove <not-affected> (Doesn't affect Xulrunner 1.9.0 code base)
 	- iceape 2.0.7-1
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2010-3165
-	RESERVED
-CVE-2010-3164
-	RESERVED
-CVE-2010-3163
-	RESERVED
-CVE-2010-3162
-	RESERVED
-CVE-2010-3161
-	RESERVED
-CVE-2010-3160
-	RESERVED
-CVE-2010-3159
-	RESERVED
+CVE-2010-3165 (Untrusted search path vulnerability in Yokka NoEditor 1.33.1.1 and ...)
+	TODO: check
+CVE-2010-3164 (Untrusted search path vulnerability in Fenrir Sleipnir 2.9.4 and ...)
+	TODO: check
+CVE-2010-3163 (Untrusted search path vulnerability in Fenrir Sleipnir before 2.9.5 ...)
+	TODO: check
+CVE-2010-3162 (Untrusted search path vulnerability in Apsaly before 3.74 allows local ...)
+	TODO: check
+CVE-2010-3161 (Untrusted search path vulnerability in TeraPad before 1.00 allows ...)
+	TODO: check
+CVE-2010-3160 (Untrusted search path vulnerability in Archive Decoder 1.23 and ...)
+	TODO: check
+CVE-2010-3159 (Untrusted search path vulnerability in Explzh 5.67 and earlier allows ...)
+	TODO: check
 CVE-2010-3158 (Untrusted search path vulnerability in Lhaplus before 1.58 allows ...)
 	NOT-FOR-US: Lhaplus
 CVE-2010-3157 (Untrusted search path vulnerability in XacRett before 50 allows ...)
 	NOT-FOR-US: XacRett
-CVE-2010-3156
-	RESERVED
+CVE-2010-3156 (Untrusted search path vulnerability in K2 K2Editor before 1.5.9 allows ...)
+	TODO: check
 CVE-2010-3133 (Untrusted search path vulnerability in Wireshark 0.8.4 through 1.0.15 ...)
 	- wireshark <not-affected> (Only affects Windows port)
 CVE-2010-3131 (Untrusted search path vulnerability in Mozilla Firefox before 3.5.12 ...)


