[Secure-testing-commits] r15337 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Thu Sep 16 21:14:48 UTC 2010
Author: joeyh
Date: 2010-09-16 21:14:45 +0000 (Thu, 16 Sep 2010)
New Revision: 15337
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-09-16 20:07:39 UTC (rev 15336)
+++ data/CVE/list 2010-09-16 21:14:45 UTC (rev 15337)
@@ -1,3 +1,107 @@
+CVE-2010-3400 (The js_InitRandom function in the JavaScript implementation in Mozilla ...)
+ TODO: check
+CVE-2010-3399 (The js_InitRandom function in the JavaScript implementation in Mozilla ...)
+ TODO: check
+CVE-2010-3398 (Unspecified vulnerability in the webcontainer implementation in IBM ...)
+ TODO: check
+CVE-2010-3397 (Untrusted search path vulnerability in PGP Desktop 9.9.0 Build 397, ...)
+ TODO: check
+CVE-2010-3396 (Buffer overflow in kavfm.sys in Kingsoft Antivirus 2010.04.26.648 and ...)
+ TODO: check
+CVE-2010-3395
+ RESERVED
+CVE-2010-3394
+ RESERVED
+CVE-2010-3393
+ RESERVED
+CVE-2010-3392
+ RESERVED
+CVE-2010-3391
+ RESERVED
+CVE-2010-3390
+ RESERVED
+CVE-2010-3389
+ RESERVED
+CVE-2010-3388
+ RESERVED
+CVE-2010-3387
+ RESERVED
+CVE-2010-3386
+ RESERVED
+CVE-2010-3385
+ RESERVED
+CVE-2010-3384
+ RESERVED
+CVE-2010-3383
+ RESERVED
+CVE-2010-3382
+ RESERVED
+CVE-2010-3381
+ RESERVED
+CVE-2010-3380
+ RESERVED
+CVE-2010-3379
+ RESERVED
+CVE-2010-3378
+ RESERVED
+CVE-2010-3377
+ RESERVED
+CVE-2010-3376
+ RESERVED
+CVE-2010-3375
+ RESERVED
+CVE-2010-3374
+ RESERVED
+CVE-2010-3373
+ RESERVED
+CVE-2010-3372
+ RESERVED
+CVE-2010-3371
+ RESERVED
+CVE-2010-3370
+ RESERVED
+CVE-2010-3369
+ RESERVED
+CVE-2010-3368
+ RESERVED
+CVE-2010-3367
+ RESERVED
+CVE-2010-3366
+ RESERVED
+CVE-2010-3365
+ RESERVED
+CVE-2010-3364
+ RESERVED
+CVE-2010-3363
+ RESERVED
+CVE-2010-3362
+ RESERVED
+CVE-2010-3361
+ RESERVED
+CVE-2010-3360
+ RESERVED
+CVE-2010-3359
+ RESERVED
+CVE-2010-3358
+ RESERVED
+CVE-2010-3357
+ RESERVED
+CVE-2010-3356
+ RESERVED
+CVE-2010-3355
+ RESERVED
+CVE-2010-3354
+ RESERVED
+CVE-2010-3353
+ RESERVED
+CVE-2010-3352
+ RESERVED
+CVE-2010-3351
+ RESERVED
+CVE-2010-3350
+ RESERVED
+CVE-2010-3349
+ RESERVED
CVE-2010-3348
RESERVED
CVE-2010-3347
@@ -407,8 +511,8 @@
RESERVED
CVE-2010-3172
RESERVED
-CVE-2010-3171
- RESERVED
+CVE-2010-3171 (The Math.random function in the JavaScript implementation in Mozilla ...)
+ TODO: check
CVE-2010-3170
RESERVED
CVE-2010-3169 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
@@ -674,8 +778,7 @@
- drupal6 6.18-1 (low; bug #592716)
CVE-2010-3090 [mailman, will be rejected]
RESERVED
-CVE-2010-3089 [mailman XSS]
- RESERVED
+CVE-2010-3089 (Multiple cross-site scripting (XSS) vulnerabilities in GNU Mailman ...)
- mailman <unfixed>
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id={631881,631859}
CVE-2010-3088
@@ -732,8 +835,8 @@
CVE-2010-3070 [nusoap xss]
RESERVED
- nusoap 0.7.3-4 (low; bug #595248)
-CVE-2010-3069
- RESERVED
+CVE-2010-3069 (Stack-based buffer overflow in the (1) sid_parse and (2) dom_sid_parse ...)
+ {DSA-2109-1}
- samba 2:3.5.5~dfsg-1 (bug #596891)
CVE-2010-3068
RESERVED
@@ -858,10 +961,10 @@
RESERVED
CVE-2010-3011
RESERVED
-CVE-2010-3010
- RESERVED
-CVE-2010-3009
- RESERVED
+CVE-2010-3010 (Cross-site scripting (XSS) vulnerability on the HP 3Com OfficeConnect ...)
+ TODO: check
+CVE-2010-3009 (Unspecified vulnerability in HP System Management Homepage (SMH) for ...)
+ TODO: check
CVE-2010-3008 (Unspecified vulnerability in HP Data Protector Express, and Data ...)
TODO: check
CVE-2010-3007 (Unspecified vulnerability in HP Data Protector Express, and Data ...)
@@ -1177,8 +1280,8 @@
RESERVED
CVE-2010-2885
RESERVED
-CVE-2010-2884
- RESERVED
+CVE-2010-2884 (Unspecified vulnerability in Adobe Flash Player 10.1.82.76 and earlier ...)
+ TODO: check
CVE-2010-2883 (Stack-based buffer overflow in CoolType.dll in Adobe Reader and ...)
NOT-FOR-US: Adobe Reader
CVE-2010-2882 (DIRAPI.dll in Adobe Shockwave Player before 11.5.8.612 does not ...)
@@ -1667,8 +1770,8 @@
RESERVED
CVE-2010-2739 (Buffer overflow in the CreateDIBPalette function in win32k.sys in ...)
NOT-FOR-US: Windows
-CVE-2010-2738
- RESERVED
+CVE-2010-2738 (The Uniscribe (aka new Unicode Script Processor) implementation in ...)
+ TODO: check
CVE-2010-2737
RESERVED
CVE-2010-2736
@@ -1681,14 +1784,14 @@
RESERVED
CVE-2010-2732
RESERVED
-CVE-2010-2731
- RESERVED
-CVE-2010-2730
- RESERVED
-CVE-2010-2729
- RESERVED
-CVE-2010-2728
- RESERVED
+CVE-2010-2731 (Unspecified vulnerability in Microsoft Internet Information Services ...)
+ TODO: check
+CVE-2010-2730 (Buffer overflow in Microsoft Internet Information Services (IIS) 7.5, ...)
+ TODO: check
+CVE-2010-2729 (The Print Spooler service in Microsoft Windows XP SP2 and SP3, Windows ...)
+ TODO: check
+CVE-2010-2728 (Heap-based buffer overflow in Microsoft Outlook 2002 SP3, 2003 SP3, ...)
+ TODO: check
CVE-2010-2727
RESERVED
CVE-2010-2726
@@ -2012,8 +2115,8 @@
RESERVED
CVE-2010-2601
RESERVED
-CVE-2010-2600
- RESERVED
+CVE-2010-2600 (Untrusted search path vulnerability in BlackBerry Desktop Software ...)
+ TODO: check
CVE-2010-2599
RESERVED
CVE-2010-2594 (Multiple cross-site request forgery (CSRF) vulnerabilities in the web ...)
@@ -2044,8 +2147,8 @@
RESERVED
CVE-2010-2581
RESERVED
-CVE-2010-2580
- RESERVED
+CVE-2010-2580 (The SMTP service (MESMTPC.exe) in MailEnable 3.x and 4.25 does not ...)
+ TODO: check
CVE-2010-2579
RESERVED
CVE-2010-2578
@@ -2083,16 +2186,16 @@
RESERVED
CVE-2010-2568 (Windows Shell in Microsoft Windows XP SP3, Server 2003 SP2, Vista SP1 ...)
NOT-FOR-US: Microsoft
-CVE-2010-2567
- RESERVED
+CVE-2010-2567 (The RPC client implementation in Microsoft Windows XP SP2 and SP3 and ...)
+ TODO: check
CVE-2010-2566 (The Secure Channel (aka SChannel) security package in Microsoft ...)
NOT-FOR-US: Microsoft
CVE-2010-2565
RESERVED
CVE-2010-2564 (Buffer overflow in Microsoft Windows Movie Maker (WMM) 2.1, 2.6, and ...)
NOT-FOR-US: Microsoft
-CVE-2010-2563
- RESERVED
+CVE-2010-2563 (The Word 97 text converter in the WordPad Text Converters in Microsoft ...)
+ TODO: check
CVE-2010-2562 (Microsoft Office Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for ...)
NOT-FOR-US: Microsoft
CVE-2010-2561 (Microsoft XML Core Services (aka MSXML) 3.0 does not properly handle ...)
@@ -3733,8 +3836,8 @@
NOT-FOR-US: Microsoft Word
CVE-2010-1900 (Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP2; Microsoft ...)
NOT-FOR-US: Microsoft Office Word
-CVE-2010-1899
- RESERVED
+CVE-2010-1899 (Stack consumption vulnerability in the ASP implementation in Microsoft ...)
+ TODO: check
CVE-2010-1898 (The Common Language Runtime (CLR) in Microsoft .NET Framework 2.0 SP1, ...)
NOT-FOR-US: Microsoft .NET Framework
CVE-2010-1897 (The Windows kernel-mode drivers in win32k.sys in Microsoft Windows XP ...)
@@ -3749,8 +3852,8 @@
NOT-FOR-US: Microsoft Windows
CVE-2010-1892 (The TCP/IP stack in Microsoft Windows Vista SP1 and SP2, Windows ...)
NOT-FOR-US: Microsoft Windows
-CVE-2010-1891
- RESERVED
+CVE-2010-1891 (The Client/Server Runtime Subsystem (aka CSRSS) in the Win32 subsystem ...)
+ TODO: check
CVE-2010-1890 (The kernel in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 ...)
NOT-FOR-US: Microsoft Windows
CVE-2010-1889 (Double free vulnerability in the kernel in Microsoft Windows Vista SP1 ...)
@@ -5544,8 +5647,7 @@
NOT-FOR-US: TornadoStore
CVE-2010-1327 (Multiple SQL injection vulnerabilities in TornadoStore 1.4.3 and ...)
NOT-FOR-US: TornadoStore
-CVE-2010-1326 [Bug in branch ACLs allows a remote attacker to execute arbitrary code]
- RESERVED
+CVE-2010-1326 (perms.cpp in March Hare Software CVSNT 2.0.58, 2.5.01, 2.5.02, 2.5.03 ...)
{DSA-2108-1}
- cvsnt 2.5.04.3236-1.2 (medium; bug #593884)
NOTE: http://march-hare.com/cvspro/vuln.htm
@@ -7148,12 +7250,12 @@
NOT-FOR-US: Microsoft
CVE-2010-0821 (Unspecified vulnerability in Microsoft Office Excel 2002 SP3, 2003 ...)
NOT-FOR-US: Microsoft
-CVE-2010-0820
- RESERVED
+CVE-2010-0820 (Heap-based buffer overflow in the Local Security Authority Subsystem ...)
+ TODO: check
CVE-2010-0819 (Unspecified vulnerability in the Windows OpenType Compact Font Format ...)
NOT-FOR-US: Microsoft
-CVE-2010-0818
- RESERVED
+CVE-2010-0818 (The MPEG-4 codec in the Windows Media codecs in Microsoft Windows XP ...)
+ TODO: check
CVE-2010-0817 (Cross-site scripting (XSS) vulnerability in _layouts/help.aspx in ...)
NOT-FOR-US: Microsoft SharePoint Server
CVE-2010-0816 (Integer overflow in inetcomm.dll in Microsoft Outlook Express 5.5 SP2, ...)
More information about the Secure-testing-commits
mailing list