[Secure-testing-commits] r15785 - data/CVE

Tue Jan 4 21:15:39 UTC 2011

Author: joeyh
Date: 2011-01-04 21:15:31 +0000 (Tue, 04 Jan 2011)
New Revision: 15785

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2011-01-04 17:24:03 UTC (rev 15784)
+++ data/CVE/list	2011-01-04 21:15:31 UTC (rev 15785)
@@ -1,3 +1,65 @@
+CVE-2011-0285
+	RESERVED
+CVE-2011-0284
+	RESERVED
+CVE-2011-0283
+	RESERVED
+CVE-2011-0282
+	RESERVED
+CVE-2011-0281
+	RESERVED
+CVE-2010-4668 (The blk_rq_map_user_iov function in block/blk-map.c in the Linux ...)
+	TODO: check
+CVE-2010-4667
+	RESERVED
+CVE-2010-4666
+	RESERVED
+CVE-2010-4665
+	RESERVED
+CVE-2010-4664
+	RESERVED
+CVE-2010-4663
+	RESERVED
+CVE-2010-4662
+	RESERVED
+CVE-2010-4661
+	RESERVED
+CVE-2010-4660
+	RESERVED
+CVE-2010-4659
+	RESERVED
+CVE-2010-4658
+	RESERVED
+CVE-2010-4657
+	RESERVED
+CVE-2010-4656
+	RESERVED
+CVE-2010-4655
+	RESERVED
+CVE-2010-4654
+	RESERVED
+CVE-2010-4653
+	RESERVED
+CVE-2010-4652
+	RESERVED
+CVE-2010-4651
+	RESERVED
+CVE-2010-4650
+	RESERVED
+CVE-2010-4649
+	RESERVED
+CVE-2010-4648
+	RESERVED
+CVE-2010-4647
+	RESERVED
+CVE-2010-4646
+	RESERVED
+CVE-2010-4645
+	RESERVED
+CVE-2010-4644
+	RESERVED
+CVE-2010-4643
+	RESERVED
 CVE-2010-4642 (Cross-site scripting (XSS) vulnerability in XWiki Enterprise before ...)
 	NOT-FOR-US: XWiki
 CVE-2010-4641 (SQL injection vulnerability in XWiki Enterprise before 2.5 allows ...)
@@ -769,8 +831,7 @@
 	RESERVED
 CVE-2010-4537
 	RESERVED
-CVE-2010-4536
-	RESERVED
+CVE-2010-4536 (Multiple cross-site scripting (XSS) vulnerabilities in KSES, as used ...)
 	- wordpress 3.0.4+dfsg-1
 	NOTE: http://wordpress.org/news/2010/12/3-0-4-update/
 CVE-2010-4535
@@ -801,6 +862,7 @@
 	RESERVED
 	- linux-2.6 2.6.32-30
 CVE-2010-4528 [pidgin msn issue]
+	RESERVED
 	- pidgin 2.7.9-1 (bug #608331; medium)
 CVE-2010-4527
 	RESERVED
@@ -809,8 +871,7 @@
 	RESERVED
 CVE-2010-4525
 	RESERVED
-CVE-2010-4524 [mhonarc XSS]
-	RESERVED
+CVE-2010-4524 (Cross-site scripting (XSS) vulnerability in lib/mhtxthtml.pl in ...)
 	- mhonarc <unfixed> (bug #607693)
 CVE-2010-4522 (Multiple cross-site scripting (XSS) vulnerabilities in MyBB (aka ...)
 	NOT-FOR-US: MyBB
@@ -1312,14 +1373,11 @@
 	- dbus 1.2.24-4
 CVE-2010-4351
 	RESERVED
-CVE-2010-4350 [mantisbt local file inclusion]
-	RESERVED
+CVE-2010-4350 (Directory traversal vulnerability in admin/upgrade_unattended.php in ...)
 	- mantis <not-affected> (admin dir procected in Apache config, see #607159)
-CVE-2010-4349 [mantisbt path disclosure]
-	RESERVED
+CVE-2010-4349 (admin/upgrade_unattended.php in MantisBT before 1.2.4 allows remote ...)
 	- mantis <not-affected> (admin dir procected in Apache config, see #607159)
-CVE-2010-4348 [mantisbt XSS]
-	RESERVED
+CVE-2010-4348 (Cross-site scripting (XSS) vulnerability in ...)
 	- mantis <not-affected> (admin dir procected in Apache config, see #607159)
 CVE-2010-4347 (The ACPI subsystem in the Linux kernel before 2.6.36.2 uses 0222 ...)
 	- linux-2.6 <not-affected> (Introduced in 2.6.33 and fixed in 2.6.36.2, we never released an affected kernel)
@@ -1779,15 +1837,12 @@
 	RESERVED
 CVE-2010-4165 (The do_tcp_setsockopt function in net/ipv4/tcp.c in the Linux kernel ...)
 	- linux-2.6 2.6.32-28
-CVE-2010-4164
-	RESERVED
+CVE-2010-4164 (Multiple integer underflows in the x25_parse_facilities function in ...)
 	{DSA-2126-1}
 	- linux-2.6 2.6.32-28
-CVE-2010-4163
-	RESERVED
+CVE-2010-4163 (The blk_rq_map_user_iov function in block/blk-map.c in the Linux ...)
 	- linux-2.6 2.6.32-29
-CVE-2010-4162
-	RESERVED
+CVE-2010-4162 (Multiple integer overflows in fs/bio.c in the Linux kernel before ...)
 	- linux-2.6 2.6.32-29
 CVE-2010-4161 (The udp_queue_rcv_skb function in net/ipv4/udp.c in a certain Red Hat ...)
 	- linux-2.6 2.6.28-1 
@@ -2383,7 +2438,7 @@
 	NOT-FOR-US: vtiger CRM
 CVE-2010-3908
 	RESERVED
-CVE-2010-3907 [videolan SA 1007]
+CVE-2010-3907 (Multiple integer overflows in real.c in the Real demuxer plugin in ...)
 	- vlc 1.1.3-1squeeze1
 CVE-2010-3906 (Cross-site scripting (XSS) vulnerability in Gitweb 1.7.3.3 and earlier ...)
 	- git-core <removed>
@@ -2450,23 +2505,19 @@
 	- fuse <unfixed> (bug #602333)
 CVE-2010-3878 (Cross-site request forgery (CSRF) vulnerability in the JMX Console in ...)
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
-CVE-2010-3877
-	RESERVED
+CVE-2010-3877 (The get_name function in net/tipc/socket.c in the Linux kernel before ...)
 	{DSA-2126-1}
 	- linux-2.6 <unfixed> (low)
-CVE-2010-3876
-	RESERVED
+CVE-2010-3876 (net/packet/af_packet.c in the Linux kernel before 2.6.37-rc2 does not ...)
 	{DSA-2126-1}
 	- linux-2.6 <unfixed> (low)
-CVE-2010-3875
-	RESERVED
+CVE-2010-3875 (The ax25_getname function in net/ax25/af_ax25.c in the Linux kernel ...)
 	{DSA-2126-1}
 	- linux-2.6 <unfixed> (low)
 CVE-2010-3874 (Heap-based buffer overflow in the bcm_connect function in ...)
 	{DSA-2126-1}
 	- linux-2.6 <unfixed> (unimportant)
-CVE-2010-3873
-	RESERVED
+CVE-2010-3873 (The X.25 implementation in the Linux kernel before 2.6.36.2 does not ...)
 	{DSA-2126-1}
 	- linux-2.6 2.6.32-28 (low)
 CVE-2010-3872 (The apr_status_t fcgid_header_bucket_read function in fcgid_bucket.c ...)
@@ -3661,8 +3712,7 @@
 	RESERVED
 CVE-2010-3449 (Cross-site request forgery (CSRF) vulnerability in Redback before ...)
 	NOT-FOR-US: Redback
-CVE-2010-3448 [Linux ThinkPad video output status local DoS]
-	RESERVED
+CVE-2010-3448 (drivers/platform/x86/thinkpad_acpi.c in the Linux kernel before 2.6.34 ...)
 	{DSA-2126-1}
 	- linux-2.6 2.6.32-12 (bug #565790; unimportant)
 	NOTE: this is more of a hardware bug rather than a security issue
@@ -8433,8 +8483,8 @@
 	RESERVED
 CVE-2010-1678
 	RESERVED
-CVE-2010-1677
-	RESERVED
+CVE-2010-1677 (MHonArc 2.6.16 allows remote attackers to cause a denial of service ...)
+	TODO: check
 CVE-2010-1676 (Heap-based buffer overflow in Tor before 0.2.1.28 and 0.2.2.x before ...)
 	{DSA-2136-1}
 	- tor 0.2.1.26-6


