thr3ads.net - Secure testing commits - [Secure-testing-commits] r15240

If this information is useful, please help other people find it:
Share via:
Joey Hess
2010-Aug-30 21:15 UTC
[Secure-testing-commits] r15240 - data/CVE

Author: joeyh
Date: 2010-08-30 21:15:22 +0000 (Mon, 30 Aug 2010)
New Revision: 15240

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2010-08-30 18:49:30 UTC (rev 15239)
+++ data/CVE/list	2010-08-30 21:15:22 UTC (rev 15240)
@@ -1,104 +1,170 @@
-CVE-2010-3155
+CVE-2010-3185
+	RESERVED
+CVE-2010-3184
+	RESERVED
+CVE-2010-3183
+	RESERVED
+CVE-2010-3182
+	RESERVED
+CVE-2010-3181
+	RESERVED
+CVE-2010-3180
+	RESERVED
+CVE-2010-3179
+	RESERVED
+CVE-2010-3178
+	RESERVED
+CVE-2010-3177
+	RESERVED
+CVE-2010-3176
+	RESERVED
+CVE-2010-3175
+	RESERVED
+CVE-2010-3174
+	RESERVED
+CVE-2010-3173
+	RESERVED
+CVE-2010-3172
+	RESERVED
+CVE-2010-3171
+	RESERVED
+CVE-2010-3170
+	RESERVED
+CVE-2010-3169
+	RESERVED
+CVE-2010-3168
+	RESERVED
+CVE-2010-3167
+	RESERVED
+CVE-2010-3166
+	RESERVED
+CVE-2010-3165
+	RESERVED
+CVE-2010-3164
+	RESERVED
+CVE-2010-3163
+	RESERVED
+CVE-2010-3162
+	RESERVED
+CVE-2010-3161
+	RESERVED
+CVE-2010-3160
+	RESERVED
+CVE-2010-3159
+	RESERVED
+CVE-2010-3158
+	RESERVED
+CVE-2010-3157
+	RESERVED
+CVE-2010-3156
+	RESERVED
+CVE-2010-3133 (Untrusted search path vulnerability in Wireshark 1.2.10 and
earlier ...)
+	TODO: check
+CVE-2010-3131 (Untrusted search path vulnerability in Mozilla Firefox 3.6.8 and
...)
+	TODO: check
+CVE-2010-3123
+	RESERVED
+CVE-2010-3155 (Untrusted search path vulnerability in Adobe ExtendScript
Toolkit ...)
 	NOT-FOR-US: Adobe ExtendedScript Toolkit
-CVE-2010-3154
+CVE-2010-3154 (Untrusted search path vulnerability in Adobe Extension Manager
CS5 ...)
 	NOT-FOR-US: Adobe Extension Manager
-CVE-2010-3153
+CVE-2010-3153 (Untrusted search path vulnerability in Adobe InDesign CS4 6.0
allows ...)
 	NOT-FOR-US: Adobe InDesign
-CVE-2010-3152
+CVE-2010-3152 (Untrusted search path vulnerability in Adobe Illustrator CS4
14.0.0, ...)
 	NOT-FOR-US: Adobe Illustrator
-CVE-2010-3151
+CVE-2010-3151 (Untrusted search path vulnerability in Adobe On Location CS4
Build 315 ...)
 	NOT-FOR-US: Adobe On Location
-CVE-2010-3150
+CVE-2010-3150 (Untrusted search path vulnerability in Adobe Premier Pro CS4
4.0.0 ...)
 	NOT-FOR-US: Adobe Premier Pro
-CVE-2010-3149
+CVE-2010-3149 (Untrusted search path vulnerability in Adobe Device Central CS5
...)
 	NOT-FOR-US: Adobe Device Central
-CVE-2010-3148
+CVE-2010-3148 (Untrusted search path vulnerability in Microsoft Visio 2003
allows ...)
 	NOT-FOR-US: Microsoft Visio
-CVE-2010-3147
+CVE-2010-3147 (Untrusted search path vulnerability in Microsoft Address Book
...)
 	NOT-FOR-US: Microsoft Address Book
-CVE-2010-3146
+CVE-2010-3146 (Untrusted search path vulnerability in Microsoft Office Groove
2007 ...)
 	NOT-FOR-US: Microsoft Office Groove
-CVE-2010-3145
+CVE-2010-3145 (Untrusted search path vulnerability in the Microsoft Vista
BitLocker ...)
 	NOT-FOR-US: Microsoft Vista BitLocker
-CVE-2010-3144
+CVE-2010-3144 (Untrusted search path vulnerability in Microsoft Internet
Connection ...)
 	NOT-FOR-US: Microsoft Internet Connection Signup Wizard
-CVE-2010-3143
+CVE-2010-3143 (Untrusted search path vulnerability in Microsoft Windows
Contacts ...)
 	NOT-FOR-US: Microsoft Windows Contacts
-CVE-2010-3142
+CVE-2010-3142 (Untrusted search path vulnerability in Microsoft Office
PowerPoint ...)
 	NOT-FOR-US: Microsoft Office PowerPoint
-CVE-2010-3141
+CVE-2010-3141 (Untrusted search path vulnerability in Microsoft Power Point
2010 ...)
 	NOT-FOR-US: Microsoft Power Point
-CVE-2010-3140
+CVE-2010-3140 (Untrusted search path vulnerability in Microsoft Windows
Internet ...)
 	NOT-FOR-US: Microsoft Windows Internet Communication Settings
-CVE-2010-3139
+CVE-2010-3139 (Untrusted search path vulnerability in Microsoft Windows Progman
Group ...)
 	NOT-FOR-US: Microsoft Windows Progman Group Converter
-CVE-2010-3138
+CVE-2010-3138 (Untrusted search path vulnerability in the Indeo filter
(iac25_32.ax) ...)
 	NOT-FOR-US: Microsoft Windows Media Player
-CVE-2010-3137
+CVE-2010-3137 (Untrusted search path vulnerability in Nullsoft Winamp 5.581,
and ...)
 	NOT-FOR-US: Nullsoft Winamp
-CVE-2010-3136
+CVE-2010-3136 (Untrusted search path vulnerability in Skype 4.2.0.169 and
earlier ...)
 	NOT-FOR-US: Skype
-CVE-2010-3135
+CVE-2010-3135 (Untrusted search path vulnerability in Cisco Packet Tracer 5.2
allows ...)
 	NOT-FOR-US: Cisco Packet Tracer
-CVE-2010-3134
+CVE-2010-3134 (Untrusted search path vulnerability in Google Earth
5.1.3535.3218 ...)
 	NOT-FOR-US: Google Earth
-CVE-2010-3132
+CVE-2010-3132 (Untrusted search path vulnerability in Adobe Dreamweaver CS5
11.0 ...)
 	NOT-FOR-US: Adobe Dreamweaver
-CVE-2010-3130
+CVE-2010-3130 (Untrusted search path vulnerability in TechSmith Snagit 10
(Build 788) ...)
 	NOT-FOR-US: TechSmith Snagit
-CVE-2010-3129
+CVE-2010-3129 (Untrusted search path vulnerability in uTorrent 2.0.3 and
earlier ...)
 	NOT-FOR-US: uTorrent
-CVE-2010-3128
+CVE-2010-3128 (Untrusted search path vulnerability in TeamViewer 5.0.8703 and
earlier ...)
 	NOT-FOR-US: TeamViewer
-CVE-2010-3127
+CVE-2010-3127 (Untrusted search path vulnerability in Adobe PhotoShop CS2
through CS5 ...)
 	NOT-FOR-US: Adobe PhotoShop
-CVE-2010-3126
+CVE-2010-3126 (Untrusted search path vulnerability in avast! Free Antivirus
version ...)
 	NOT-FOR-US: avast! Free Antivirus version
-CVE-2010-3125
+CVE-2010-3125 (Untrusted search path vulnerability in TeamMate Audit Management
...)
 	NOT-FOR-US: TeamMate Audit Management Software Suite
-CVE-2010-3122
+CVE-2010-3122 (The DevonIT thin-client management tool relies on a shared
secret for ...)
 	NOT-FOR-US: DevonIT thin-client management tool
-CVE-2010-3121
+CVE-2010-3121 (Buffer overflow in tm-console-bin in the DevonIT thin-client
...)
 	NOT-FOR-US: DevonIT thin-client management tool
-CVE-2009-4995
+CVE-2009-4995 (Cross-site scripting (XSS) vulnerability in frmTickets.aspx in
...)
 	NOT-FOR-US: SmarterTools SmarterTrack
-CVE-2009-4994
+CVE-2009-4994 (Cross-site scripting (XSS) vulnerability in frmKBSearch.aspx in
...)
 	NOT-FOR-US: SmarterTools SmarterTrack
-CVE-2009-4993
+CVE-2009-4993 (PHP remote file inclusion vulnerability in home.php in LM
Starmail ...)
 	NOT-FOR-US: LM Starmail Paidmail
-CVE-2009-4992
+CVE-2009-4992 (SQL injection vulnerability in paidbanner.php in LM Starmail
Paidmail ...)
 	NOT-FOR-US: LM Starmail Paidmail
-CVE-2009-4991
+CVE-2009-4991 (Cross-site scripting (XSS) vulnerability in
users/resume_register.php ...)
 	NOT-FOR-US: Omnistar Recruiting
-CVE-2009-4990
+CVE-2009-4990 (Cross-site scripting (XSS) vulnerability in the Webform report
module ...)
 	NOT-FOR-US: Webform report module for Drupal
-CVE-2009-4989
+CVE-2009-4989 (Cross-site scripting (XSS) vulnerability in index.php in AJ
Auction ...)
 	NOT-FOR-US: AJ Auction Pro OOPD
-CVE-2009-4988
+CVE-2009-4988 (Stack-based buffer overflow in NT_Naming_Service.exe in SAP
Business ...)
 	NOT-FOR-US: SAP Business One
-CVE-2009-4987
+CVE-2009-4987 (admin/header.php in Scripteen Free Image Hosting Script 2.3
allows ...)
 	NOT-FOR-US: Scripteen Free Image Hosting Script
-CVE-2009-4986
+CVE-2009-4986 (Directory traversal vulnerability in index.php in In-Portal
4.3.1, ...)
 	NOT-FOR-US: In-Portal
-CVE-2009-4985
+CVE-2009-4985 (SQL injection vulnerability in browse.php in Accessories Me PHP
...)
 	NOT-FOR-US: Accessories Me PHP Affiliate Script
-CVE-2009-4984
+CVE-2009-4984 (Multiple cross-site scripting (XSS) vulnerabilities in
Accessories Me ...)
 	NOT-FOR-US: Accessories Me PHP Affiliate Script
-CVE-2009-4983
+CVE-2009-4983 (Multiple cross-site scripting (XSS) vulnerabilities in Silurus
...)
 	NOT-FOR-US: Silurus Classifieds
-CVE-2009-4982
+CVE-2009-4982 (SQL injection vulnerability in the select function in Irokez CMS
...)
 	NOT-FOR-US: Irokez CMS
-CVE-2009-4981
+CVE-2009-4981 (Multiple cross-site request forgery (CSRF) vulnerabilities in
...)
 	NOT-FOR-US: Photokorn Gallery
-CVE-2009-4980
+CVE-2009-4980 (Multiple cross-site scripting (XSS) vulnerabilities in Photokorn
...)
 	NOT-FOR-US: Photokorn Gallery
-CVE-2009-4979
+CVE-2009-4979 (Multiple SQL injection vulnerabilities in search.php in
Photokorn ...)
 	NOT-FOR-US: Photokorn Gallery
-CVE-2009-4978
+CVE-2009-4978 (Directory traversal vulnerability in down.php in MyBackup 1.4.0
allows ...)
 	NOT-FOR-US: MyBackup
-CVE-2009-4977
+CVE-2009-4977 (PHP remote file inclusion vulnerability in index.php in MyBackup
1.4.0 ...)
 	NOT-FOR-US: MyBackup
-CVE-2010-3124 [DLL issue and VLC]
+CVE-2010-3124 (Untrusted search path vulnerability in bin/winvlc.c in VLC Media
...)
 	- vlc <not-affected> (Windows specific vulnerability)
 CVE-2010-3120 (Google Chrome before 5.0.375.127 does not properly implement the
...)
 	- chromium-browser 5.0.375.127~r55887-1
@@ -526,16 +592,15 @@
 	RESERVED
 	- sssd 1.2.1-4 (bug #594413)
 CVE-2010-2939 (Double free vulnerability in the ssl3_get_key_exchange function
in the ...)
+	{DSA-2100-1}
 	- openssl 0.9.8o-2 (low; bug #594415)
 CVE-2010-2938
 	RESERVED
 CVE-2010-2937 (The ReadMetaFromId3v2 function in taglib.cpp in the TagLib
plugin in ...)
 	- vlc 1.1.3-1
-CVE-2010-2936 [buffer overflow in impress]
-	RESERVED
+CVE-2010-2936 (Integer overflow in simpress.bin in the Impress module in ...)
 	- openoffice.org 1:3.2.1-6
-CVE-2010-2935 [buffer overflow in impress]
-	RESERVED
+CVE-2010-2935 (simpress.bin in the Impress module in OpenOffice.org (OOo) 3.2.1
on ...)
 	- openoffice.org 1:3.2.1-6
 CVE-2010-2934 (Multiple unspecified vulnerabilities in ZNC 0.092 allow remote
...)
 	- znc <unfixed> (bug filed)
@@ -670,64 +735,45 @@
 	RESERVED
 CVE-2010-2883
 	RESERVED
-CVE-2010-2882
-	RESERVED
+CVE-2010-2882 (DIRAPI.dll in Adobe Shockwave Player before 11.5.8.612 does not
...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2881
-	RESERVED
+CVE-2010-2881 (IML32.dll in Adobe Shockwave Player before 11.5.8.612 does not
...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2880
-	RESERVED
+CVE-2010-2880 (DIRAPI.dll in Adobe Shockwave Player before 11.5.8.612 does not
...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2879
-	RESERVED
+CVE-2010-2879 (Multiple integer overflows in the allocator in the TextXtra.x32
module ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2878
-	RESERVED
+CVE-2010-2878 (DIRAPIX.dll in Adobe Shockwave Player before 11.5.8.612 does not
...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2877
-	RESERVED
+CVE-2010-2877 (Adobe Shockwave Player before 11.5.8.612 does not properly
validate a ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2876
-	RESERVED
+CVE-2010-2876 (Adobe Shockwave Player before 11.5.8.612 does not properly
validate ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2875
-	RESERVED
+CVE-2010-2875 (Integer signedness error in Adobe Shockwave Player before
11.5.8.612 ...)
 	NOT-FOR-US: Adobe Shockwave Player
 CVE-2010-2874
 	RESERVED
-CVE-2010-2873
-	RESERVED
+CVE-2010-2873 (Adobe Shockwave Player before 11.5.8.612 does not properly
validate ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2872
-	RESERVED
+CVE-2010-2872 (Adobe Shockwave Player before 11.5.8.612 does not properly
validate an ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2871
-	RESERVED
+CVE-2010-2871 (Integer overflow in the 3D object functionality in Adobe
Shockwave ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2870
-	RESERVED
+CVE-2010-2870 (DIRAPIX.dll in Adobe Shockwave Player before 11.5.8.612 does not
...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2869
-	RESERVED
+CVE-2010-2869 (IML32.dll in Adobe Shockwave Player before 11.5.8.612 does not
...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2868
-	RESERVED
+CVE-2010-2868 (IML32.dll in Adobe Shockwave Player before 11.5.8.612 does not
...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2867
-	RESERVED
+CVE-2010-2867 (DIRAPIX.dll in Adobe Shockwave Player before 11.5.8.612 does not
...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2866
-	RESERVED
+CVE-2010-2866 (Integer signedness error in the DIRAPI module in Adobe Shockwave
...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2865
-	RESERVED
+CVE-2010-2865 (Unspecified vulnerability in Adobe Shockwave Player before
11.5.8.612 ...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2864
-	RESERVED
+CVE-2010-2864 (IML32.dll in Adobe Shockwave Player before 11.5.8.612 does not
...)
 	NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-2863
-	RESERVED
+CVE-2010-2863 (Adobe Shockwave Player before 11.5.8.612 allows attackers to
cause a ...)
 	NOT-FOR-US: Adobe Shockwave Player
 CVE-2010-2862 (Integer overflow in CoolType.dll in Adobe Reader 8.2.3 and
9.3.3, and ...)
 	NOT-FOR-US: Adobe Reader
@@ -811,17 +857,13 @@
 	RESERVED
 CVE-2010-2841
 	RESERVED
-CVE-2010-2840
-	RESERVED
+CVE-2010-2840 (The Presence Engine (PE) service in Cisco Unified Presence 6.x
before ...)
 	NOT-FOR-US: Cisco
-CVE-2010-2839
-	RESERVED
+CVE-2010-2839 (SIPD in Cisco Unified Presence 6.x before 6.0(7) and 7.x before
7.0(8) ...)
 	NOT-FOR-US: Cisco
-CVE-2010-2838
-	RESERVED
+CVE-2010-2838 (The SendCombinedStatusInfo implementation in Cisco Unified ...)
 	NOT-FOR-US: Cisco
-CVE-2010-2837
-	RESERVED
+CVE-2010-2837 (The SIPStationInit implementation in Cisco Unified
Communications ...)
 	NOT-FOR-US: Cisco
 CVE-2010-2836
 	RESERVED
@@ -1166,8 +1208,7 @@
 	NOTE:
http://git.gnome.org/browse/vte/commit/?id=8b971a7b2c59902914ecbbc3915c45dd21530a91
 CVE-2010-2712
 	RESERVED
-CVE-2010-2711
-	RESERVED
+CVE-2010-2711 (Unspecified vulnerability in the HP MagCloud app before 1.0.5
for the ...)
 	NOT-FOR-US: HP MagCloud app
 CVE-2010-2710 (Unspecified vulnerability in HP OpenView Network Node Manager
(OV NNM) ...)
 	NOT-FOR-US: HP OpenView 
@@ -2012,14 +2053,11 @@
 	RESERVED
 CVE-2010-2363
 	RESERVED
-CVE-2010-2362
-	RESERVED
+CVE-2010-2362 (Winny 2.0b7.1 and earlier does not properly process node
information, ...)
 	NOT-FOR-US: Winny
-CVE-2010-2361
-	RESERVED
+CVE-2010-2361 (Winny 2.0b7.1 and earlier does not properly process BBS
information, ...)
 	NOT-FOR-US: Winny
-CVE-2010-2360
-	RESERVED
+CVE-2010-2360 (Multiple buffer overflows in Winny 2.0b7.1 and earlier might
allow ...)
 	NOT-FOR-US: Winny
 CVE-2010-2359 (SQL injection vulnerability in eWebQuiz.asp in
ActiveWebSoftwares.com ...)
 	NOT-FOR-US: eWebquiz
@@ -3449,8 +3487,7 @@
 	RESERVED
 CVE-2010-1809
 	RESERVED
-CVE-2010-1808
-	RESERVED
+CVE-2010-1808 (Stack-based buffer overflow in Apple Type Services (ATS) in
Apple Mac ...)
 	NOT-FOR-US: Apple Mac OS X
 CVE-2010-1807
 	RESERVED
@@ -3462,14 +3499,11 @@
 	RESERVED
 CVE-2010-1803
 	RESERVED
-CVE-2010-1802
-	RESERVED
+CVE-2010-1802 (libsecurity in Apple Mac OS X 10.5.8 and 10.6.4 does not
properly ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2010-1801
-	RESERVED
+CVE-2010-1801 (Heap-based buffer overflow in CoreGraphics in Apple Mac OS X
10.5.8 ...)
 	NOT-FOR-US: CoreGraphics
-CVE-2010-1800
-	RESERVED
+CVE-2010-1800 (CFNetwork in Apple Mac OS X 10.6.3 and 10.6.4 supports anonymous
SSL ...)
 	NOT-FOR-US: CFNetwork
 CVE-2010-1799 (Stack-based buffer overflow in the error-logging functionality
in ...)
 	NOT-FOR-US: Apple QuickTime on Windows
@@ -11087,8 +11121,8 @@
 	NOT-FOR-US: IBM Rational AppScan Enterprise Edition
 CVE-2009-3744 (rep_serv.exe 6.3.1.3 in the server in EMC RepliStor allows
remote ...)
 	NOT-FOR-US: EMC RepliStor
-CVE-2009-3743
-	RESERVED
+CVE-2009-3743 (Off-by-one error in the TrueType bytecode interpreter in
Ghostscript ...)
+	TODO: check
 CVE-2009-3742 (Cross-site scripting (XSS) vulnerability in Liferay Portal
before ...)
 	NOT-FOR-US: Liferay Portal
 CVE-2009-3741
@@ -13859,7 +13893,7 @@
 CVE-2009-2942 (The mysql-ocaml bindings 1.0.4 for MySQL do not properly support
the ...)
 	{DSA-1910-1}
 	- mysql-ocaml 1.0.4-7 (low)
-CVE-2009-2941 
+CVE-2009-2941
 	RESERVED
 CVE-2009-2940 (The pygresql module 3.8.1 and 4.0 for Python does not properly
support ...)
 	{DSA-1911-1}
Secure testing commits - Aug 2010 - r15240 - data/CVE

[Secure-testing-commits] r15240 - data/CVE
