thr3ads.net - Secure testing commits - [Secure-testing-commits] r14946

If this information is useful, please help other people find it:
Share via:
Joey Hess
2010-Jul-01 21:14 UTC
[Secure-testing-commits] r14946 - data/CVE

Author: joeyh
Date: 2010-07-01 21:14:27 +0000 (Thu, 01 Jul 2010)
New Revision: 14946

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2010-07-01 20:19:08 UTC (rev 14945)
+++ data/CVE/list	2010-07-01 21:14:27 UTC (rev 14946)
@@ -1,3 +1,117 @@
+CVE-2010-2573
+	RESERVED
+CVE-2010-2572
+	RESERVED
+CVE-2010-2571
+	RESERVED
+CVE-2010-2570
+	RESERVED
+CVE-2010-2569
+	RESERVED
+CVE-2010-2568
+	RESERVED
+CVE-2010-2567
+	RESERVED
+CVE-2010-2566
+	RESERVED
+CVE-2010-2565
+	RESERVED
+CVE-2010-2564
+	RESERVED
+CVE-2010-2563
+	RESERVED
+CVE-2010-2562
+	RESERVED
+CVE-2010-2561
+	RESERVED
+CVE-2010-2560
+	RESERVED
+CVE-2010-2559
+	RESERVED
+CVE-2010-2558
+	RESERVED
+CVE-2010-2557
+	RESERVED
+CVE-2010-2556
+	RESERVED
+CVE-2010-2555
+	RESERVED
+CVE-2010-2554
+	RESERVED
+CVE-2010-2553
+	RESERVED
+CVE-2010-2552
+	RESERVED
+CVE-2010-2551
+	RESERVED
+CVE-2010-2550
+	RESERVED
+CVE-2010-2549
+	RESERVED
+CVE-2010-2548
+	RESERVED
+CVE-2010-2547
+	RESERVED
+CVE-2010-2546
+	RESERVED
+CVE-2010-2545
+	RESERVED
+CVE-2010-2544
+	RESERVED
+CVE-2010-2543
+	RESERVED
+CVE-2010-2542
+	RESERVED
+CVE-2010-2541
+	RESERVED
+CVE-2010-2540
+	RESERVED
+CVE-2010-2539
+	RESERVED
+CVE-2010-2538
+	RESERVED
+CVE-2010-2537
+	RESERVED
+CVE-2010-2536
+	RESERVED
+CVE-2010-2535
+	RESERVED
+CVE-2010-2534
+	RESERVED
+CVE-2010-2533
+	RESERVED
+CVE-2010-2532
+	RESERVED
+CVE-2010-2531
+	RESERVED
+CVE-2010-2530
+	RESERVED
+CVE-2010-2529
+	RESERVED
+CVE-2010-2528
+	RESERVED
+CVE-2010-2527
+	RESERVED
+CVE-2010-2526
+	RESERVED
+CVE-2010-2525
+	RESERVED
+CVE-2010-2524
+	RESERVED
+CVE-2010-2523
+	RESERVED
+CVE-2010-2522
+	RESERVED
+CVE-2010-2521
+	RESERVED
+CVE-2010-2520
+	RESERVED
+CVE-2010-2519
+	RESERVED
+CVE-2010-2518 (Unspecified vulnerability in the P8 Content Engine (P8CE) 4.5.1
before ...)
+	TODO: check
+CVE-2010-2517 (Multiple unspecified vulnerabilities in IBM Rational ClearQuest
before ...)
+	TODO: check
 CVE-2010-XXXX [murmur DoS via malformed client query]
 	- mumble <unfixed> (low; bug #587713)
 	TODO: request id
@@ -622,14 +736,19 @@
 CVE-2009-4883 (SQL injection vulnerability in index.php in PHPRecipeBook 2.24
and ...)
 	NOT-FOR-US: PHPRecipeBook
 CVE-2010-2283 (The SMB dissector in Wireshark 0.99.6 through 1.0.13, and 1.2.0
...)
+	{DSA-2066-1}
 	- wireshark 1.2.9-1
 CVE-2010-2285 (The SMB PIPE dissector in Wireshark 0.8.20 through 1.0.13 and
1.2.0 ...)
+	{DSA-2066-1}
 	- wireshark 1.2.9-1
 CVE-2010-2284 (Buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13
...)
+	{DSA-2066-1}
 	- wireshark 1.2.9-1
 CVE-2010-2287 (Buffer overflow in the SigComp Universal Decompressor Virtual
Machine ...)
+	{DSA-2066-1}
 	- wireshark 1.2.9-1
 CVE-2010-2286 (The SigComp Universal Decompressor Virtual Machine dissector in
...)
+	{DSA-2066-1}
 	- wireshark 1.2.9-1
 CVE-2010-2262 (Galileo Students Team Weborf before 0.12.1 allows remote
attackers to ...)
 	NOT-FOR-US: Galileo Studens Team Weborf
@@ -661,8 +780,7 @@
 	- lftp 4.0.6-1 (low)
 	[lenny] - lftp <no-dsa> (Minor issue)
 	NOTE: http://www.ocert.org/advisories/ocert-2010-001.html
-CVE-2010-2249 [memory leak in libpng]
-	RESERVED
+CVE-2010-2249 (Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x
before ...)
 	- libpng 1.2.44-1 (low; bug #587670)
 	- freeimage <undetermined> (unimportant)
 	- tuxonice-userui <unfixed> (unimportant)
@@ -749,40 +867,29 @@
 	RESERVED
 CVE-2010-2213
 	RESERVED
-CVE-2010-2212
-	RESERVED
+CVE-2010-2212 (Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3
on ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2010-2211
-	RESERVED
+CVE-2010-2211 (Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3
on ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2010-2210
-	RESERVED
+CVE-2010-2210 (Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3
on ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2010-2209
-	RESERVED
+CVE-2010-2209 (Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3
on ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2010-2208
-	RESERVED
+CVE-2010-2208 (Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3
on ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2010-2207
-	RESERVED
+CVE-2010-2207 (Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3
on ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2010-2206
-	RESERVED
+CVE-2010-2206 (Array index error in Adobe Reader and Acrobat 9.x before 9.3.3,
and ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2010-2205
-	RESERVED
+CVE-2010-2205 (Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3
on ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2010-2204
-	RESERVED
-CVE-2010-2203
-	RESERVED
+CVE-2010-2204 (Unspecified vulnerability in Adobe Reader and Acrobat 9.x before
...)
+	TODO: check
+CVE-2010-2203 (Adobe Reader and Acrobat 9.x before 9.3.3 on UNIX allow
attackers to ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2010-2202
-	RESERVED
+CVE-2010-2202 (Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3
on ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2010-2201
-	RESERVED
+CVE-2010-2201 (Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3
on ...)
 	NOT-FOR-US: Adobe Reader
 CVE-2010-2200
 	RESERVED
@@ -862,8 +969,7 @@
 	NOT-FOR-US: Adobe Flash
 CVE-2010-2169 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64,
and ...)
 	NOT-FOR-US: Adobe Flash
-CVE-2010-2168
-	RESERVED
+CVE-2010-2168 (Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3
on ...)
 	NOT-FOR-US: Adobe Reader
 CVE-2010-2167 (Multiple heap-based buffer overflows in Adobe Flash Player
before ...)
 	NOT-FOR-US: Adobe Flash
@@ -2032,7 +2138,7 @@
 CVE-2009-4839 (Multiple cross-site scripting (XSS) vulnerabilities in Basic
Analysis ...)
 	- acidbase <unfixed> (bug filed)
 	[lenny] - acidbase <no-dsa> (Minor issue)
-CVE-2009-4838
+CVE-2009-4838 (SQL injection vulnerability in base_ag_common.php in Basic
Analysis ...)
 	- acidbase 1.4.4-1 (low)
 	[lenny] - acidbase <no-dsa> (Minor issue)
 CVE-2009-4837 (Multiple cross-site scripting (XSS) vulnerabilities in Basic
Analysis ...)
@@ -2547,10 +2653,10 @@
 	RESERVED
 CVE-2010-1522
 	RESERVED
-CVE-2010-1521
-	RESERVED
-CVE-2010-1520
-	RESERVED
+CVE-2010-1521 (SQL injection vulnerability in include/classes/tzn_user.php in
...)
+	TODO: check
+CVE-2010-1520 (Cross-site scripting (XSS) vulnerability in logout.php in
TaskFreak! ...)
+	TODO: check
 CVE-2010-1519
 	RESERVED
 CVE-2010-1518
@@ -3313,12 +3419,11 @@
 	NOT-FOR-US: Pepsi CMS
 CVE-2010-1298 (Directory traversal vulnerability in view.php in Pulse CMS 1.2.2
...)
 	NOT-FOR-US: Pulse CMS
-CVE-2010-1297 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64,
Adobe ...)
+CVE-2010-1297 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64;
Adobe ...)
 	NOT-FOR-US: Adobe Flash
 CVE-2010-1296 (Multiple buffer overflows in Adobe Photoshop CS4 before 11.0.2
allow ...)
 	NOT-FOR-US: Adobe Photoshop CS4
-CVE-2010-1295
-	RESERVED
+CVE-2010-1295 (Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3
on ...)
 	NOT-FOR-US: Adobe Reader
 CVE-2010-1294 (Unspecified vulnerability in Adobe ColdFusion 8.0, 8.0.1, and
9.0 ...)
 	NOT-FOR-US: Adobe ColdFusion
@@ -3338,8 +3443,7 @@
 	NOT-FOR-US: Adobe Shockwave Player
 CVE-2010-1286 (Adobe Shockwave Player before 11.5.7.609 allows attackers to
cause a ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-1285
-	RESERVED
+CVE-2010-1285 (Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3
on ...)
 	NOT-FOR-US: Adobe Reader
 CVE-2010-1284 (Adobe Shockwave Player before 11.5.7.609 allows attackers to
cause a ...)
 	NOT-FOR-US: Adobe Shockwave Player
@@ -3456,7 +3560,7 @@
 	NOT-FOR-US: IBM Web Interface for Content Management
 CVE-2010-1241 (Heap-based buffer overflow in the custom heap management system
in ...)
 	NOT-FOR-US: Acrobat Reader
-CVE-2010-1240 (Adobe Reader 9.3.1 on Windows does not restrict the contents of
one ...)
+CVE-2010-1240 (Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3
on ...)
 	NOT-FOR-US: Adobe Reader
 CVE-2010-1239 (Foxit Reader before 3.2.1.0401 allows remote attackers to (1)
execute ...)
 	NOT-FOR-US: Foxit Reader
@@ -3584,8 +3688,7 @@
 CVE-2010-1206 (The startDocumentLoad function in
browser/base/content/browser.js in ...)
 	- xulrunner <unfixed> (low)
 	NOTE: Scheduled for next round of Firefox updates (20th July)
-CVE-2010-1205 [memory write out of bounds]
-	RESERVED
+CVE-2010-1205 (Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x
before ...)
 	- libpng 1.2.44-1 (bug #587670)
 	- freeimage <undetermined> 
 	- tuxonice-userui <unfixed>
Secure testing commits - Jul 2010 - r14946 - data/CVE

[Secure-testing-commits] r14946 - data/CVE
