[Secure-testing-commits] r15253 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Wed Sep 1 21:14:39 UTC 2010
Author: joeyh
Date: 2010-09-01 21:14:36 +0000 (Wed, 01 Sep 2010)
New Revision: 15253
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-09-01 16:55:35 UTC (rev 15252)
+++ data/CVE/list 2010-09-01 21:14:36 UTC (rev 15253)
@@ -1,3 +1,37 @@
+CVE-2010-3202
+ RESERVED
+CVE-2010-3201
+ RESERVED
+CVE-2010-3200
+ RESERVED
+CVE-2010-3199
+ RESERVED
+CVE-2010-3198
+ RESERVED
+CVE-2010-3197 (IBM DB2 9.7 before FP2 does not perform the expected access control on ...)
+ TODO: check
+CVE-2010-3196 (IBM DB2 9.7 before FP2, when AUTO_REVAL is IMMEDIATE, allows remote ...)
+ TODO: check
+CVE-2010-3195 (Unspecified vulnerability in IBM DB2 9.1 before FP9, 9.5 before FP6, ...)
+ TODO: check
+CVE-2010-3194 (The DB2DART program in IBM DB2 9.1 before FP9, 9.5 before FP6, and 9.7 ...)
+ TODO: check
+CVE-2010-3193 (Unspecified vulnerability in the DB2STST program in IBM DB2 9.1 before ...)
+ TODO: check
+CVE-2010-3192
+ RESERVED
+CVE-2010-3191 (Untrusted search path vulnerability in Adobe Captivate 5.0.0.596, and ...)
+ TODO: check
+CVE-2010-3190 (Untrusted search path vulnerability in ATL MFC Trace Tool ...)
+ TODO: check
+CVE-2010-3189 (The extSetOwner function in the UfProxyBrowserCtrl ActiveX control ...)
+ TODO: check
+CVE-2010-3188 (SQL injection vulnerability in search.aspx in BugTracker.NET 3.4.3 and ...)
+ TODO: check
+CVE-2010-3187 (Buffer overflow in ftpd in IBM AIX 5.3 and earlier allows remote ...)
+ TODO: check
+CVE-2010-3186 (IBM WebSphere Application Server (WAS) 7.x before 7.0.0.13, and ...)
+ TODO: check
CVE-2010-3185
RESERVED
CVE-2010-3184
@@ -379,8 +413,8 @@
RESERVED
CVE-2010-3036
RESERVED
-CVE-2010-3035
- RESERVED
+CVE-2010-3035 (Cisco IOS XR 3.4.0 through 3.9.1, when BGP is enabled, does not ...)
+ TODO: check
CVE-2010-3034
RESERVED
CVE-2010-3033
@@ -441,20 +475,20 @@
RESERVED
CVE-2010-3003
RESERVED
-CVE-2010-3002
- RESERVED
-CVE-2010-3001
- RESERVED
-CVE-2010-3000
- RESERVED
+CVE-2010-3002 (Unspecified vulnerability in RealNetworks RealPlayer 11.0 through 11.1 ...)
+ TODO: check
+CVE-2010-3001 (Unspecified vulnerability in an ActiveX control in the Internet ...)
+ TODO: check
+CVE-2010-3000 (Multiple integer overflows in the ParseKnownType function in ...)
+ TODO: check
CVE-2010-2999
RESERVED
CVE-2010-2998
RESERVED
CVE-2010-2997
RESERVED
-CVE-2010-2996
- RESERVED
+CVE-2010-2996 (Array index error in RealNetworks RealPlayer 11.0 through 11.1 on ...)
+ TODO: check
CVE-2010-2991 (The IICAClient interface in the ICAClient library in the ICA Client ...)
NOT-FOR-US: Citrix ICA Client
CVE-2010-2990 (Citrix Online Plug-in for Windows for XenApp & XenDesktop before 11.2, ...)
@@ -578,8 +612,7 @@
CVE-2010-2946 [jfs issue]
RESERVED
- linux-2.6 2.6.32-21
-CVE-2010-2945
- RESERVED
+CVE-2010-2945 (The default configuration of SLiM before 1.3.2 places ./ (dot slash) ...)
- slim 1.3.1-7 (low; bug #594414)
[lenny] - slim <no-dsa> (Maintainer will fix through stable point update)
CVE-2010-2944 (The authenticate function in LDAPUserFolder/LDAPUserFolder.py in ...)
@@ -593,8 +626,7 @@
- linux-2.6 <unfixed>
CVE-2010-2941
RESERVED
-CVE-2010-2940
- RESERVED
+CVE-2010-2940 (The auth_send function in providers/ldap/ldap_auth.c in System ...)
- sssd 1.2.1-4 (bug #594413)
CVE-2010-2939 (Double free vulnerability in the ssl3_get_key_exchange function in the ...)
{DSA-2100-1}
@@ -973,12 +1005,12 @@
NOTE: Only supported behind an authenticated HTTP zone
- moodle <unfixed>
TODO: check embedders
-CVE-2010-2794
- RESERVED
+CVE-2010-2794 (The SPICE (aka spice-xpi) plug-in 2.2 for Firefox allows local users ...)
+ TODO: check
CVE-2010-2793
RESERVED
-CVE-2010-2792
- RESERVED
+CVE-2010-2792 (Race condition in the SPICE (aka spice-xpi) plug-in 2.2 for Firefox ...)
+ TODO: check
CVE-2010-2791 (mod_proxy in httpd in Apache HTTP Server 2.2.9, when running on Unix, ...)
- apache2 2.2.10-1 (low)
CVE-2010-2790 (Multiple cross-site scripting (XSS) vulnerabilities in the formatQuery ...)
@@ -1217,8 +1249,8 @@
- vte 1:0.24.3-1
NOTE: http://git.gnome.org/browse/vte/commit/?id=58bc3a942f198a1a8788553ca72c19d7c1702b74
NOTE: http://git.gnome.org/browse/vte/commit/?id=8b971a7b2c59902914ecbbc3915c45dd21530a91
-CVE-2010-2712
- RESERVED
+CVE-2010-2712 (Unspecified vulnerability in Software Distributor (sd) in HP HP-UX ...)
+ TODO: check
CVE-2010-2711 (Unspecified vulnerability in the HP MagCloud app before 1.0.5 for the ...)
NOT-FOR-US: HP MagCloud app
CVE-2010-2710 (Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) ...)
@@ -1545,8 +1577,7 @@
NOT-FOR-US: Pligg
CVE-2010-2576 (Opera before 10.61 does not properly suppress clicks on download ...)
NOT-FOR-US: Opera
-CVE-2010-2575
- RESERVED
+CVE-2010-2575 (Heap-based buffer overflow in the RLE decompression functionality in ...)
- okular <removed> (low)
[lenny] - okular <no-dsa> (Will be fixed in a stable point update)
- kdegraphics 4:4.4.5-2
@@ -2058,12 +2089,12 @@
RESERVED
CVE-2010-2366
RESERVED
-CVE-2010-2365
- RESERVED
-CVE-2010-2364
- RESERVED
-CVE-2010-2363
- RESERVED
+CVE-2010-2365 (Cross-site scripting (XSS) vulnerability in Free CGI Moo moobbs2 ...)
+ TODO: check
+CVE-2010-2364 (Cross-site scripting (XSS) vulnerability in Free CGI Moo moobbs before ...)
+ TODO: check
+CVE-2010-2363 (The IPv6 Unicast Reverse Path Forwarding (RPF) implementation on the ...)
+ TODO: check
CVE-2010-2362 (Winny 2.0b7.1 and earlier does not properly process node information, ...)
NOT-FOR-US: Winny
CVE-2010-2361 (Winny 2.0b7.1 and earlier does not properly process BBS information, ...)
@@ -3478,8 +3509,8 @@
RESERVED
CVE-2010-1819
RESERVED
-CVE-2010-1818
- RESERVED
+CVE-2010-1818 (The IPersistPropertyBag2::Read function in QTPlugin.ocx in Apple ...)
+ TODO: check
CVE-2010-1817
RESERVED
CVE-2010-1816
@@ -7565,7 +7596,7 @@
CVE-2010-0463 (Horde IMP 4.3.6 and earlier does not request that the web browser ...)
- imp4 4.3.7+debian0-2 (low; bug #569661)
[lenny] - imp4 <no-dsa> (Minor issue)
-CVE-2010-0462 (Heap-based buffer overflow in IBM DB2 9.7 and 9.7.1 on Linux allows ...)
+CVE-2010-0462 (Heap-based buffer overflow in IBM DB2 9.1 before FP9, 9.5 before FP6, ...)
NOT-FOR-US: IBM DB2
CVE-2010-0461 (SQL injection vulnerability in the casino (com_casino) component 1.0 ...)
NOT-FOR-US: Joomla!
@@ -8639,16 +8670,16 @@
NOT-FOR-US: Employee Timeclock Software
CVE-2010-0121
RESERVED
-CVE-2010-0120
- RESERVED
+CVE-2010-0120 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...)
+ TODO: check
CVE-2010-0119 (Bournal before 1.4.1 on FreeBSD 8.0, when the -K option is used, ...)
NOT-FOR-US: Bournal
CVE-2010-0118 (Bournal before 1.4.1 allows local users to overwrite arbitrary files ...)
NOT-FOR-US: Bournal
-CVE-2010-0117
- RESERVED
-CVE-2010-0116
- RESERVED
+CVE-2010-0117 (RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 ...)
+ TODO: check
+CVE-2010-0116 (Integer overflow in RealNetworks RealPlayer 11.0 through 11.1 and ...)
+ TODO: check
CVE-2009-4585 (UranyumSoft Listing Service stores sensitive information under the web ...)
NOT-FOR-US: UranyumSoft Listing Service
CVE-2009-4584 (admin.php in dB Masters Multimedia Links Directory 3.1.3 allows remote ...)
@@ -12072,7 +12103,7 @@
NOT-FOR-US: IBM DB2
CVE-2009-3472 (IBM DB2 8 before FP18, 9.1 before FP8, and 9.5 before FP4 allows ...)
NOT-FOR-US: IBM DB2
-CVE-2009-3471 (IBM DB2 8 before FP18, 9.1 before FP8, and 9.5 before FP4 does not ...)
+CVE-2009-3471 (IBM DB2 8 before FP18, 9.1 before FP8, 9.5 before FP4, and 9.7 before ...)
NOT-FOR-US: IBM DB2
CVE-2009-3470 (IBM Informix Dynamic Server (IDS) 10.00 before 10.00.xC11, 11.10 ...)
NOT-FOR-US: IBM Informix Dynamic Server (IDS)
More information about the Secure-testing-commits
mailing list