thr3ads.net - Secure testing commits - [Secure-testing-commits] r15337

If this information is useful, please help other people find it:
Share via:
Joey Hess
2010-Sep-16 21:14 UTC
[Secure-testing-commits] r15337 - data/CVE

Author: joeyh
Date: 2010-09-16 21:14:45 +0000 (Thu, 16 Sep 2010)
New Revision: 15337

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2010-09-16 20:07:39 UTC (rev 15336)
+++ data/CVE/list	2010-09-16 21:14:45 UTC (rev 15337)
@@ -1,3 +1,107 @@
+CVE-2010-3400 (The js_InitRandom function in the JavaScript implementation in
Mozilla ...)
+	TODO: check
+CVE-2010-3399 (The js_InitRandom function in the JavaScript implementation in
Mozilla ...)
+	TODO: check
+CVE-2010-3398 (Unspecified vulnerability in the webcontainer implementation in
IBM ...)
+	TODO: check
+CVE-2010-3397 (Untrusted search path vulnerability in PGP Desktop 9.9.0 Build
397, ...)
+	TODO: check
+CVE-2010-3396 (Buffer overflow in kavfm.sys in Kingsoft Antivirus
2010.04.26.648 and ...)
+	TODO: check
+CVE-2010-3395
+	RESERVED
+CVE-2010-3394
+	RESERVED
+CVE-2010-3393
+	RESERVED
+CVE-2010-3392
+	RESERVED
+CVE-2010-3391
+	RESERVED
+CVE-2010-3390
+	RESERVED
+CVE-2010-3389
+	RESERVED
+CVE-2010-3388
+	RESERVED
+CVE-2010-3387
+	RESERVED
+CVE-2010-3386
+	RESERVED
+CVE-2010-3385
+	RESERVED
+CVE-2010-3384
+	RESERVED
+CVE-2010-3383
+	RESERVED
+CVE-2010-3382
+	RESERVED
+CVE-2010-3381
+	RESERVED
+CVE-2010-3380
+	RESERVED
+CVE-2010-3379
+	RESERVED
+CVE-2010-3378
+	RESERVED
+CVE-2010-3377
+	RESERVED
+CVE-2010-3376
+	RESERVED
+CVE-2010-3375
+	RESERVED
+CVE-2010-3374
+	RESERVED
+CVE-2010-3373
+	RESERVED
+CVE-2010-3372
+	RESERVED
+CVE-2010-3371
+	RESERVED
+CVE-2010-3370
+	RESERVED
+CVE-2010-3369
+	RESERVED
+CVE-2010-3368
+	RESERVED
+CVE-2010-3367
+	RESERVED
+CVE-2010-3366
+	RESERVED
+CVE-2010-3365
+	RESERVED
+CVE-2010-3364
+	RESERVED
+CVE-2010-3363
+	RESERVED
+CVE-2010-3362
+	RESERVED
+CVE-2010-3361
+	RESERVED
+CVE-2010-3360
+	RESERVED
+CVE-2010-3359
+	RESERVED
+CVE-2010-3358
+	RESERVED
+CVE-2010-3357
+	RESERVED
+CVE-2010-3356
+	RESERVED
+CVE-2010-3355
+	RESERVED
+CVE-2010-3354
+	RESERVED
+CVE-2010-3353
+	RESERVED
+CVE-2010-3352
+	RESERVED
+CVE-2010-3351
+	RESERVED
+CVE-2010-3350
+	RESERVED
+CVE-2010-3349
+	RESERVED
 CVE-2010-3348
 	RESERVED
 CVE-2010-3347
@@ -407,8 +511,8 @@
 	RESERVED
 CVE-2010-3172
 	RESERVED
-CVE-2010-3171
-	RESERVED
+CVE-2010-3171 (The Math.random function in the JavaScript implementation in
Mozilla ...)
+	TODO: check
 CVE-2010-3170
 	RESERVED
 CVE-2010-3169 (Multiple unspecified vulnerabilities in the browser engine in
Mozilla ...)
@@ -674,8 +778,7 @@
 	- drupal6 6.18-1 (low; bug #592716)
 CVE-2010-3090 [mailman, will be rejected]
 	RESERVED
-CVE-2010-3089 [mailman XSS]
-	RESERVED
+CVE-2010-3089 (Multiple cross-site scripting (XSS) vulnerabilities in GNU
Mailman ...)
 	- mailman <unfixed>
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id={631881,631859}
 CVE-2010-3088
@@ -732,8 +835,8 @@
 CVE-2010-3070 [nusoap xss]
 	RESERVED
 	- nusoap 0.7.3-4 (low; bug #595248)
-CVE-2010-3069
-	RESERVED
+CVE-2010-3069 (Stack-based buffer overflow in the (1) sid_parse and (2)
dom_sid_parse ...)
+	{DSA-2109-1}
 	- samba 2:3.5.5~dfsg-1 (bug #596891)
 CVE-2010-3068
 	RESERVED
@@ -858,10 +961,10 @@
 	RESERVED
 CVE-2010-3011
 	RESERVED
-CVE-2010-3010
-	RESERVED
-CVE-2010-3009
-	RESERVED
+CVE-2010-3010 (Cross-site scripting (XSS) vulnerability on the HP 3Com
OfficeConnect ...)
+	TODO: check
+CVE-2010-3009 (Unspecified vulnerability in HP System Management Homepage (SMH)
for ...)
+	TODO: check
 CVE-2010-3008 (Unspecified vulnerability in HP Data Protector Express, and Data
...)
 	TODO: check
 CVE-2010-3007 (Unspecified vulnerability in HP Data Protector Express, and Data
...)
@@ -1177,8 +1280,8 @@
 	RESERVED
 CVE-2010-2885
 	RESERVED
-CVE-2010-2884
-	RESERVED
+CVE-2010-2884 (Unspecified vulnerability in Adobe Flash Player 10.1.82.76 and
earlier ...)
+	TODO: check
 CVE-2010-2883 (Stack-based buffer overflow in CoolType.dll in Adobe Reader and
...)
 	NOT-FOR-US: Adobe Reader
 CVE-2010-2882 (DIRAPI.dll in Adobe Shockwave Player before 11.5.8.612 does not
...)
@@ -1667,8 +1770,8 @@
 	RESERVED
 CVE-2010-2739 (Buffer overflow in the CreateDIBPalette function in win32k.sys
in ...)
 	NOT-FOR-US: Windows
-CVE-2010-2738
-	RESERVED
+CVE-2010-2738 (The Uniscribe (aka new Unicode Script Processor) implementation
in ...)
+	TODO: check
 CVE-2010-2737
 	RESERVED
 CVE-2010-2736
@@ -1681,14 +1784,14 @@
 	RESERVED
 CVE-2010-2732
 	RESERVED
-CVE-2010-2731
-	RESERVED
-CVE-2010-2730
-	RESERVED
-CVE-2010-2729
-	RESERVED
-CVE-2010-2728
-	RESERVED
+CVE-2010-2731 (Unspecified vulnerability in Microsoft Internet Information
Services ...)
+	TODO: check
+CVE-2010-2730 (Buffer overflow in Microsoft Internet Information Services (IIS)
7.5, ...)
+	TODO: check
+CVE-2010-2729 (The Print Spooler service in Microsoft Windows XP SP2 and SP3,
Windows ...)
+	TODO: check
+CVE-2010-2728 (Heap-based buffer overflow in Microsoft Outlook 2002 SP3, 2003
SP3, ...)
+	TODO: check
 CVE-2010-2727
 	RESERVED
 CVE-2010-2726
@@ -2012,8 +2115,8 @@
 	RESERVED
 CVE-2010-2601
 	RESERVED
-CVE-2010-2600
-	RESERVED
+CVE-2010-2600 (Untrusted search path vulnerability in BlackBerry Desktop
Software ...)
+	TODO: check
 CVE-2010-2599
 	RESERVED
 CVE-2010-2594 (Multiple cross-site request forgery (CSRF) vulnerabilities in
the web ...)
@@ -2044,8 +2147,8 @@
 	RESERVED
 CVE-2010-2581
 	RESERVED
-CVE-2010-2580
-	RESERVED
+CVE-2010-2580 (The SMTP service (MESMTPC.exe) in MailEnable 3.x and 4.25 does
not ...)
+	TODO: check
 CVE-2010-2579
 	RESERVED
 CVE-2010-2578
@@ -2083,16 +2186,16 @@
 	RESERVED
 CVE-2010-2568 (Windows Shell in Microsoft Windows XP SP3, Server 2003 SP2,
Vista SP1 ...)
 	NOT-FOR-US: Microsoft
-CVE-2010-2567
-	RESERVED
+CVE-2010-2567 (The RPC client implementation in Microsoft Windows XP SP2 and
SP3 and ...)
+	TODO: check
 CVE-2010-2566 (The Secure Channel (aka SChannel) security package in Microsoft
...)
 	NOT-FOR-US: Microsoft
 CVE-2010-2565
 	RESERVED
 CVE-2010-2564 (Buffer overflow in Microsoft Windows Movie Maker (WMM) 2.1, 2.6,
and ...)
 	NOT-FOR-US: Microsoft
-CVE-2010-2563
-	RESERVED
+CVE-2010-2563 (The Word 97 text converter in the WordPad Text Converters in
Microsoft ...)
+	TODO: check
 CVE-2010-2562 (Microsoft Office Excel 2002 SP3 and 2003 SP3, Office 2004 and
2008 for ...)
 	NOT-FOR-US: Microsoft
 CVE-2010-2561 (Microsoft XML Core Services (aka MSXML) 3.0 does not properly
handle ...)
@@ -3733,8 +3836,8 @@
 	NOT-FOR-US: Microsoft Word
 CVE-2010-1900 (Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP2;
Microsoft ...)
 	NOT-FOR-US: Microsoft Office Word
-CVE-2010-1899
-	RESERVED
+CVE-2010-1899 (Stack consumption vulnerability in the ASP implementation in
Microsoft ...)
+	TODO: check
 CVE-2010-1898 (The Common Language Runtime (CLR) in Microsoft .NET Framework
2.0 SP1, ...)
 	NOT-FOR-US: Microsoft .NET Framework
 CVE-2010-1897 (The Windows kernel-mode drivers in win32k.sys in Microsoft
Windows XP ...)
@@ -3749,8 +3852,8 @@
 	NOT-FOR-US: Microsoft Windows
 CVE-2010-1892 (The TCP/IP stack in Microsoft Windows Vista SP1 and SP2, Windows
...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2010-1891
-	RESERVED
+CVE-2010-1891 (The Client/Server Runtime Subsystem (aka CSRSS) in the Win32
subsystem ...)
+	TODO: check
 CVE-2010-1890 (The kernel in Microsoft Windows Vista SP1 and SP2, Windows
Server 2008 ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2010-1889 (Double free vulnerability in the kernel in Microsoft Windows
Vista SP1 ...)
@@ -5544,8 +5647,7 @@
 	NOT-FOR-US: TornadoStore
 CVE-2010-1327 (Multiple SQL injection vulnerabilities in TornadoStore 1.4.3 and
...)
 	NOT-FOR-US: TornadoStore
-CVE-2010-1326 [Bug in branch ACLs allows a remote attacker to execute arbitrary
code]
-	RESERVED
+CVE-2010-1326 (perms.cpp in March Hare Software CVSNT 2.0.58, 2.5.01, 2.5.02,
2.5.03 ...)
 	{DSA-2108-1}
 	- cvsnt 2.5.04.3236-1.2 (medium; bug #593884)
 	NOTE: http://march-hare.com/cvspro/vuln.htm
@@ -7148,12 +7250,12 @@
 	NOT-FOR-US: Microsoft
 CVE-2010-0821 (Unspecified vulnerability in Microsoft Office Excel 2002 SP3,
2003 ...)
 	NOT-FOR-US: Microsoft
-CVE-2010-0820
-	RESERVED
+CVE-2010-0820 (Heap-based buffer overflow in the Local Security Authority
Subsystem ...)
+	TODO: check
 CVE-2010-0819 (Unspecified vulnerability in the Windows OpenType Compact Font
Format ...)
 	NOT-FOR-US: Microsoft
-CVE-2010-0818
-	RESERVED
+CVE-2010-0818 (The MPEG-4 codec in the Windows Media codecs in Microsoft
Windows XP ...)
+	TODO: check
 CVE-2010-0817 (Cross-site scripting (XSS) vulnerability in _layouts/help.aspx
in ...)
 	NOT-FOR-US: Microsoft SharePoint Server
 CVE-2010-0816 (Integer overflow in inetcomm.dll in Microsoft Outlook Express
5.5 SP2, ...)
Secure testing commits - Sep 2010 - r15337 - data/CVE

[Secure-testing-commits] r15337 - data/CVE
