[Secure-testing-commits] r15344 - data/CVE

Joey Hess joeyh at alioth.debian.org
Fri Sep 17 21:14:54 UTC 2010 

Author: joeyh
Date: 2010-09-17 21:14:53 +0000 (Fri, 17 Sep 2010)
New Revision: 15344

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2010-09-17 18:55:47 UTC (rev 15343)
+++ data/CVE/list	2010-09-17 21:14:53 UTC (rev 15344)
@@ -1,3 +1,59 @@
+CVE-2010-3428 (SQL injection vulnerability in modules/notes/json.php in Intermesh ...)
+	TODO: check
+CVE-2010-3427 (Multiple cross-site scripting (XSS) vulnerabilities in Open ...)
+	TODO: check
+CVE-2010-3426 (Directory traversal vulnerability in jphone.php in the JPhone ...)
+	TODO: check
+CVE-2010-3425 (Cross-site scripting (XSS) vulnerability in ...)
+	TODO: check
+CVE-2010-3424 (Cross-site scripting (XSS) vulnerability in ...)
+	TODO: check
+CVE-2010-3423 (SQL injection vulnerability in the Yr Weatherdata module for Drupal ...)
+	TODO: check
+CVE-2010-3422 (SQL injection vulnerability in the JGen (com_jgen) component 0.9.33 ...)
+	TODO: check
+CVE-2010-3421 (Cross-site scripting (XSS) vulnerability in AffiliateLogin.asp in ...)
+	TODO: check
+CVE-2010-3420 (Cross-site scripting (XSS) vulnerability in Products_Results.php in ...)
+	TODO: check
+CVE-2010-3419 (Multiple PHP remote file inclusion vulnerabilities in Haudenschilt ...)
+	TODO: check
+CVE-2010-3418 (Multiple cross-site scripting (XSS) vulnerabilities in NetArt Media ...)
+	TODO: check
+CVE-2010-3417 (Google Chrome before 6.0.472.59 does not prompt the user before ...)
+	TODO: check
+CVE-2010-3416 (Google Chrome before 6.0.472.59 on Linux does not properly implement ...)
+	TODO: check
+CVE-2010-3415 (Google Chrome before 6.0.472.59 does not properly implement ...)
+	TODO: check
+CVE-2010-3414 (Google Chrome before 6.0.472.59 on Mac OS X does not properly ...)
+	TODO: check
+CVE-2010-3413 (Unspecified vulnerability in the pop-up blocking functionality in ...)
+	TODO: check
+CVE-2010-3412 (Race condition in the console implementation in Google Chrome before ...)
+	TODO: check
+CVE-2010-3411 (Google Chrome before 6.0.472.59 on Linux does not properly handle ...)
+	TODO: check
+CVE-2010-3410 (Use-after-free vulnerability in Google Chrome before 6.0.472.59 allows ...)
+	TODO: check
+CVE-2010-3409 (Use-after-free vulnerability in Google Chrome before 6.0.472.59 allows ...)
+	TODO: check
+CVE-2010-3408 (Use-after-free vulnerability in Google Chrome before 6.0.472.59 allows ...)
+	TODO: check
+CVE-2010-3407 (Stack-based buffer overflow in the MailCheck821Address function in ...)
+	TODO: check
+CVE-2010-3406 (Unspecified vulnerability in sa_snap in the bos.esagent fileset in IBM ...)
+	TODO: check
+CVE-2010-3405 (Buffer overflow in sa_snap in the bos.esagent fileset in IBM AIX 6.1, ...)
+	TODO: check
+CVE-2010-3404 (Multiple SQL injection vulnerabilities in eshtery CMS (aka ...)
+	TODO: check
+CVE-2010-3403 (Untrusted search path vulnerability in Qualcomm eXtensible Diagnostic ...)
+	TODO: check
+CVE-2010-3402 (Untrusted search path vulnerability in IDM Computer Solutions ...)
+	TODO: check
+CVE-2010-3401
+	RESERVED
 CVE-2010-XXXX [python accept() implementation in async core is broken]
 	- python2.7 <unfixed>
 	- python3.1 <unfixed>
@@ -387,6 +443,7 @@
 	- gnome-power-manager <unfixed>
 	TODO: check
 CVE-2010-3306 [weborf directory traversal]
+	RESERVED
 	- weborf 0.12.3-1
 	NOTE: http://www.exploit-db.com/exploits/14925/
 CVE-2010-3243
@@ -828,14 +885,17 @@
 	NOTE: http://www.djangoproject.com/weblog/2010/sep/08/security-release/
 CVE-2010-3081 [64-bit Compatibility Mode Stack Pointer Underflow]
 	RESERVED
+	{DSA-2110-1}
 	- linux-2.6 2.6.32-23 (high)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-3081
 CVE-2010-3080
 	RESERVED
+	{DSA-2110-1}
 CVE-2010-3079
 	RESERVED
 CVE-2010-3078 [linux: xfs: XFS_IOC_FSGETXATTR ioctl memory leak]
 	RESERVED
+	{DSA-2110-1}
 	- linux-2.6 <unfixed>
 	NOTE: see RH's bugzilla
 CVE-2010-3077 [horde XSS in icon_browser.php]
@@ -1129,6 +1189,7 @@
 CVE-2010-2955 (The cfg80211_wext_giwessid function in net/wireless/wext-compat.c in ...)
 	- linux-2.6 2.6.32-23
 CVE-2010-2954 (The irda_bind function in net/irda/af_irda.c in the Linux kernel ...)
+	{DSA-2110-1}
 	- linux-2.6 2.6.32-22
 CVE-2010-2953 (Untrusted search path vulnerability in a certain Debian GNU/Linux ...)
 	{DSA-2107-1}
@@ -2417,6 +2478,7 @@
 CVE-2010-2493 (The default configuration of the deployment descriptor (aka web.xml) ...)
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
 CVE-2010-2492 (Buffer overflow in the ecryptfs_uid_hash macro in ...)
+	{DSA-2110-1}
 	- linux-2.6 2.6.32-19 
 CVE-2010-2491 [roundup XSS]
 	RESERVED

More information about the Secure-testing-commits mailing list