[Secure-testing-commits] r15321 - data/CVE
Moritz Muehlenhoff
jmm-guest at alioth.debian.org
Mon Sep 13 21:27:45 UTC 2010
Author: jmm-guest
Date: 2010-09-13 21:27:44 +0000 (Mon, 13 Sep 2010)
New Revision: 15321
Modified:
data/CVE/list
Log:
- new potential webkit/chromium issues (vague information, announced by apple,
could very well all be Safari/Apple specific)
- NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-09-13 21:24:28 UTC (rev 15320)
+++ data/CVE/list 2010-09-13 21:27:44 UTC (rev 15321)
@@ -177,7 +177,7 @@
CVE-2010-3212 (SQL injection vulnerability in index.php in Seagull 0.6.7 and earlier ...)
NOT-FOR-US: Seagull
CVE-2010-3211 (Multiple SQL injection vulnerabilities in the JE FAQ Pro ...)
- TODO: check
+ NOT-FOR-US: Joomla addon
CVE-2010-3210 (Multiple PHP remote file inclusion vulnerabilities in Multi-lingual ...)
NOT-FOR-US: Multi-lingual E-Commerce System
CVE-2010-3209 (Multiple PHP remote file inclusion vulnerabilities in Seagull 0.6.7 ...)
@@ -189,11 +189,11 @@
CVE-2010-3206 (Multiple PHP remote file inclusion vulnerabilities in DiY-CMS 1.0 ...)
NOT-FOR-US: DiY-CMS
CVE-2010-3205 (PHP remote file inclusion vulnerability in index.php in Textpattern ...)
- TODO: check
+ NOT-FOR-US: Textpattern CMS
CVE-2010-3204 (Multiple PHP remote file inclusion vulnerabilities in Pecio CMS 2.0.5 ...)
NOT-FOR-US: Pecio CMS
CVE-2010-3203 (Directory traversal vulnerability in the PicSell (com_picsell) ...)
- TODO: check
+ NOT-FOR-US: PicSell
CVE-2010-XXXX [vlc stack overflow]
- vlc <undetermined> (low; bug #595686)
NOTE: poc didn't work. may be windows-only
@@ -205,7 +205,7 @@
CVE-2010-3200
RESERVED
CVE-2010-3199 (Untrusted search path vulnerability in TortoiseSVN 1.6.10, Build 19898 ...)
- TODO: check
+ NOT-FOR-US: TortoiseSVN
CVE-2010-3198 (ZServer in Zope 2.10.x before 2.10.12 and 2.11.x before 2.11.7 allows ...)
- zope2.10 <removed>
- zope2.11 <removed>
@@ -657,9 +657,9 @@
CVE-2010-3035 (Cisco IOS XR 3.4.0 through 3.9.1, when BGP is enabled, does not ...)
NOT-FOR-US: Cisco IOS XR
CVE-2010-3034 (Cisco Wireless LAN Controller (WLC) software, possibly 6.0.x or ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2010-3033 (Cisco Wireless LAN Controller (WLC) software, possibly 4.2 through ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2010-3032 (Integer overflow in the OBGIOPServerWorker::extractHeader function in ...)
NOT-FOR-US: SAP Crystal Reports 2008
CVE-2010-3031 (Buffer overflow in Wyse ThinOS HF 4.4.079i, and possibly other ...)
@@ -689,9 +689,9 @@
CVE-2010-3019 (Heap-based buffer overflow in Opera before 10.61 allows remote ...)
NOT-FOR-US: Opera
CVE-2010-3018 (RSA Access Manager Server 5.5.3 before 5.5.3.172, 6.0.4 before ...)
- TODO: check
+ NOT-FOR-US: RSA Access Manager
CVE-2010-3017 (Unspecified vulnerability in RSA Access Manager Agent 4.7.1 before ...)
- TODO: check
+ NOT-FOR-US: RSA Access Manager
CVE-2010-3016
REJECTED
CVE-2010-3013 (SQL injection vulnerability in groupadmin.php in Pligg before 1.1.1 ...)
@@ -1141,11 +1141,11 @@
CVE-2010-2844 (Cross-site scripting (XSS) vulnerability in news_show.php in Newanz ...)
NOT-FOR-US: Newanz NewsOffice
CVE-2010-2843 (Cisco Wireless LAN Controller (WLC) software, possibly 4.2 through ...)
- TODO: check
+ NOT-FOR-US: Cisco WLC
CVE-2010-2842 (Cisco Wireless LAN Controller (WLC) software, possibly 4.2 through ...)
- TODO: check
+ NOT-FOR-US: Cisco WLC
CVE-2010-2841 (Unspecified vulnerability in Cisco Wireless LAN Controller (WLC) ...)
- TODO: check
+ NOT-FOR-US: Cisco WLC
CVE-2010-2840 (The Presence Engine (PE) service in Cisco Unified Presence 6.x before ...)
NOT-FOR-US: Cisco
CVE-2010-2839 (SIPD in Cisco Unified Presence 6.x before 6.0(7) and 7.x before 7.0(8) ...)
@@ -3823,31 +3823,38 @@
CVE-2010-1818 (The IPersistPropertyBag2::Read function in QTPlugin.ocx in Apple ...)
NOT-FOR-US: QuickTime
CVE-2010-1817 (Buffer overflow in ImageIO in Apple iOS before 4.1 on the iPhone and ...)
- TODO: check
+ NOT-FOR-US: Apple iOS
CVE-2010-1816
RESERVED
CVE-2010-1815 (Use-after-free vulnerability in WebKit in Apple iOS before 4.1 on the ...)
- TODO: check
+ - webkit <undetermined>
+ - chromium-browser <undetermined>
CVE-2010-1814 (WebKit in Apple iOS before 4.1 on the iPhone and iPod touch allows ...)
- TODO: check
+ - webkit <undetermined>
+ - chromium-browser <undetermined>
CVE-2010-1813 (WebKit in Apple iOS before 4.1 on the iPhone and iPod touch allows ...)
- TODO: check
+ - webkit <undetermined>
+ - chromium-browser <undetermined>
CVE-2010-1812 (Use-after-free vulnerability in WebKit in Apple iOS before 4.1 on the ...)
- TODO: check
+ - webkit <undetermined>
+ - chromium-browser <undetermined>
CVE-2010-1811 (ImageIO in Apple iOS before 4.1 on the iPhone and iPod touch allows ...)
- TODO: check
+ NOT-FOR-US: Apple iOS
CVE-2010-1810 (FaceTime in Apple iOS before 4.1 on the iPhone and iPod touch does not ...)
- TODO: check
+ NOT-FOR-US: Apple iOS
CVE-2010-1809 (The Accessibility component in Apple iOS before 4.1 on the iPhone and ...)
- TODO: check
+ NOT-FOR-US: Apple iOS
CVE-2010-1808 (Stack-based buffer overflow in Apple Type Services (ATS) in Apple Mac ...)
NOT-FOR-US: Apple Mac OS X
CVE-2010-1807 (WebKit in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2 does not ...)
- TODO: check
+ - webkit <undetermined>
+ - chromium-browser <undetermined>
CVE-2010-1806 (Use-after-free vulnerability in Apple Safari 4.x before 4.1.2 and 5.x ...)
- TODO: check
+ - webkit <undetermined>
+ - chromium-browser <undetermined>
CVE-2010-1805 (Untrusted search path vulnerability in Apple Safari 4.x before 4.1.2 ...)
- TODO: check
+ - webkit <undetermined>
+ - chromium-browser <undetermined>
CVE-2010-1804
RESERVED
CVE-2010-1803
@@ -7599,9 +7606,9 @@
CVE-2010-0576 (Unspecified vulnerability in Cisco IOS 12.0 through 12.4, IOS XE 2.1.x ...)
NOT-FOR-US: Cisco IOS
CVE-2010-0575 (Cisco Wireless LAN Controller (WLC) software, possibly 6.0.x or ...)
- TODO: check
+ NOT-FOR-US: Cisco WLC
CVE-2010-0574 (Unspecified vulnerability in Cisco Wireless LAN Controller (WLC) ...)
- TODO: check
+ NOT-FOR-US: Cisco WLC
CVE-2010-0573 (Unspecified vulnerability on the Cisco Digital Media Player before 5.2 ...)
NOT-FOR-US: Cisco Digital Media Player
CVE-2010-0572 (Cisco Digital Media Manager (DMM) before 5.2 allows remote ...)
More information about the Secure-testing-commits
mailing list