[Secure-testing-commits] r15787 - data/CVE

Tue Jan 4 22:22:43 UTC 2011

Author: geissert
Date: 2011-01-04 22:22:43 +0000 (Tue, 04 Jan 2011)
New Revision: 15787

Modified:
   data/CVE/list
Log:
mhonarc issue accidentally disclosed
new ftpcopy and linux issues
salome already fixed


Modified: data/CVE/list
===================================================================

--- data/CVE/list	2011-01-04 21:26:39 UTC (rev 15786)
+++ data/CVE/list	2011-01-04 22:22:43 UTC (rev 15787)
@@ -1,3 +1,5 @@
+CVE-2010-XXXX [XSS in ftpls]
+	- ftpcopy <unfixed> (bug #607494)
 CVE-2011-0285
 	RESERVED
 CVE-2011-0284
@@ -9,6 +11,7 @@
 CVE-2011-0281
 	RESERVED
 CVE-2010-4668 (The blk_rq_map_user_iov function in block/blk-map.c in the Linux ...)
+	- linux-2.6 <unfixed>
 	TODO: check
 CVE-2010-4667
 	RESERVED
@@ -3927,7 +3930,7 @@
 	- scilab 5.2.2-8 (bug #598423; bug #598422)
 	[lenny] - scilab <no-dsa> (Non-free not supported)
 CVE-2010-3377 (The (1) runSalome, (2) runTestMedCorba, (3) runLightSalome, and (4) ...)
-	- salome <unfixed> (bug #598421)
+	- salome 5.1.3-11 (bug #598421)
 CVE-2010-3376 (The (1) proofserv, (2) xrdcp, (3) xrdpwdadmin, and (4) xrd scripts in ...)
 	- root-system <unfixed> (bug #598420; bug #598419)
 CVE-2010-3375
@@ -8480,7 +8483,7 @@
 CVE-2010-1678
 	RESERVED
 CVE-2010-1677 (MHonArc 2.6.16 allows remote attackers to cause a denial of service ...)
-	TODO: check
+	- mhonarc <unfixed>
 CVE-2010-1676 (Heap-based buffer overflow in Tor before 0.2.1.28 and 0.2.2.x before ...)
 	{DSA-2136-1}
 	- tor 0.2.1.26-6
@@ -15308,7 +15311,7 @@
 CVE-2009-3952 (Buffer overflow in Adobe Illustrator CS3 13.0.3 and earlier and ...)
 	NOT-FOR-US: Adobe Illustrator
 CVE-2009-3951 (Unspecified vulnerability in the Flash Player ActiveX control in Adobe ...)
-	NOT-FOR-US: ActiveX
+	NOT-FOR-US: Flash Player
 CVE-2009-3950 (Multiple cross-site scripting (XSS) vulnerabilities in Bractus ...)
 	NOT-FOR-US: Bractus SunTrack
 CVE-2009-3949 (cp/profile.php in VivaPrograms Infinity 2.0.5 and earlier does not ...)


