[Secure-testing-commits] r15344 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Fri Sep 17 21:14:54 UTC 2010
Author: joeyh
Date: 2010-09-17 21:14:53 +0000 (Fri, 17 Sep 2010)
New Revision: 15344
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-09-17 18:55:47 UTC (rev 15343)
+++ data/CVE/list 2010-09-17 21:14:53 UTC (rev 15344)
@@ -1,3 +1,59 @@
+CVE-2010-3428 (SQL injection vulnerability in modules/notes/json.php in Intermesh ...)
+ TODO: check
+CVE-2010-3427 (Multiple cross-site scripting (XSS) vulnerabilities in Open ...)
+ TODO: check
+CVE-2010-3426 (Directory traversal vulnerability in jphone.php in the JPhone ...)
+ TODO: check
+CVE-2010-3425 (Cross-site scripting (XSS) vulnerability in ...)
+ TODO: check
+CVE-2010-3424 (Cross-site scripting (XSS) vulnerability in ...)
+ TODO: check
+CVE-2010-3423 (SQL injection vulnerability in the Yr Weatherdata module for Drupal ...)
+ TODO: check
+CVE-2010-3422 (SQL injection vulnerability in the JGen (com_jgen) component 0.9.33 ...)
+ TODO: check
+CVE-2010-3421 (Cross-site scripting (XSS) vulnerability in AffiliateLogin.asp in ...)
+ TODO: check
+CVE-2010-3420 (Cross-site scripting (XSS) vulnerability in Products_Results.php in ...)
+ TODO: check
+CVE-2010-3419 (Multiple PHP remote file inclusion vulnerabilities in Haudenschilt ...)
+ TODO: check
+CVE-2010-3418 (Multiple cross-site scripting (XSS) vulnerabilities in NetArt Media ...)
+ TODO: check
+CVE-2010-3417 (Google Chrome before 6.0.472.59 does not prompt the user before ...)
+ TODO: check
+CVE-2010-3416 (Google Chrome before 6.0.472.59 on Linux does not properly implement ...)
+ TODO: check
+CVE-2010-3415 (Google Chrome before 6.0.472.59 does not properly implement ...)
+ TODO: check
+CVE-2010-3414 (Google Chrome before 6.0.472.59 on Mac OS X does not properly ...)
+ TODO: check
+CVE-2010-3413 (Unspecified vulnerability in the pop-up blocking functionality in ...)
+ TODO: check
+CVE-2010-3412 (Race condition in the console implementation in Google Chrome before ...)
+ TODO: check
+CVE-2010-3411 (Google Chrome before 6.0.472.59 on Linux does not properly handle ...)
+ TODO: check
+CVE-2010-3410 (Use-after-free vulnerability in Google Chrome before 6.0.472.59 allows ...)
+ TODO: check
+CVE-2010-3409 (Use-after-free vulnerability in Google Chrome before 6.0.472.59 allows ...)
+ TODO: check
+CVE-2010-3408 (Use-after-free vulnerability in Google Chrome before 6.0.472.59 allows ...)
+ TODO: check
+CVE-2010-3407 (Stack-based buffer overflow in the MailCheck821Address function in ...)
+ TODO: check
+CVE-2010-3406 (Unspecified vulnerability in sa_snap in the bos.esagent fileset in IBM ...)
+ TODO: check
+CVE-2010-3405 (Buffer overflow in sa_snap in the bos.esagent fileset in IBM AIX 6.1, ...)
+ TODO: check
+CVE-2010-3404 (Multiple SQL injection vulnerabilities in eshtery CMS (aka ...)
+ TODO: check
+CVE-2010-3403 (Untrusted search path vulnerability in Qualcomm eXtensible Diagnostic ...)
+ TODO: check
+CVE-2010-3402 (Untrusted search path vulnerability in IDM Computer Solutions ...)
+ TODO: check
+CVE-2010-3401
+ RESERVED
CVE-2010-XXXX [python accept() implementation in async core is broken]
- python2.7 <unfixed>
- python3.1 <unfixed>
@@ -387,6 +443,7 @@
- gnome-power-manager <unfixed>
TODO: check
CVE-2010-3306 [weborf directory traversal]
+ RESERVED
- weborf 0.12.3-1
NOTE: http://www.exploit-db.com/exploits/14925/
CVE-2010-3243
@@ -828,14 +885,17 @@
NOTE: http://www.djangoproject.com/weblog/2010/sep/08/security-release/
CVE-2010-3081 [64-bit Compatibility Mode Stack Pointer Underflow]
RESERVED
+ {DSA-2110-1}
- linux-2.6 2.6.32-23 (high)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-3081
CVE-2010-3080
RESERVED
+ {DSA-2110-1}
CVE-2010-3079
RESERVED
CVE-2010-3078 [linux: xfs: XFS_IOC_FSGETXATTR ioctl memory leak]
RESERVED
+ {DSA-2110-1}
- linux-2.6 <unfixed>
NOTE: see RH's bugzilla
CVE-2010-3077 [horde XSS in icon_browser.php]
@@ -1129,6 +1189,7 @@
CVE-2010-2955 (The cfg80211_wext_giwessid function in net/wireless/wext-compat.c in ...)
- linux-2.6 2.6.32-23
CVE-2010-2954 (The irda_bind function in net/irda/af_irda.c in the Linux kernel ...)
+ {DSA-2110-1}
- linux-2.6 2.6.32-22
CVE-2010-2953 (Untrusted search path vulnerability in a certain Debian GNU/Linux ...)
{DSA-2107-1}
@@ -2417,6 +2478,7 @@
CVE-2010-2493 (The default configuration of the deployment descriptor (aka web.xml) ...)
- jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
CVE-2010-2492 (Buffer overflow in the ecryptfs_uid_hash macro in ...)
+ {DSA-2110-1}
- linux-2.6 2.6.32-19
CVE-2010-2491 [roundup XSS]
RESERVED
More information about the Secure-testing-commits
mailing list