Author: joeyh
Date: 2010-12-15 21:14:46 +0000 (Wed, 15 Dec 2010)
New Revision: 15710
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2010-12-14 19:44:57 UTC (rev 15709)
+++ data/CVE/list 2010-12-15 21:14:46 UTC (rev 15710)
@@ -459,52 +459,52 @@
NOT-FOR-US: DynPG
CVE-2010-4398 (Stack-based buffer overflow in the RtlQueryRegistryValues
function in ...)
NOT-FOR-US: Microsoft Windows
-CVE-2010-4397
- RESERVED
-CVE-2010-4396
- RESERVED
-CVE-2010-4395
- RESERVED
-CVE-2010-4394
- RESERVED
+CVE-2010-4397 (Integer overflow in the pnen3260.dll module in RealNetworks
RealPlayer ...)
+ TODO: check
+CVE-2010-4396 (Cross-zone scripting vulnerability in the HandleAction method in
a ...)
+ TODO: check
+CVE-2010-4395 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0
through ...)
+ TODO: check
+CVE-2010-4394 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0
through ...)
+ TODO: check
CVE-2010-4393
RESERVED
-CVE-2010-4392
- RESERVED
-CVE-2010-4391
- RESERVED
-CVE-2010-4390
- RESERVED
-CVE-2010-4389
- RESERVED
-CVE-2010-4388
- RESERVED
-CVE-2010-4387
- RESERVED
-CVE-2010-4386
- RESERVED
-CVE-2010-4385
- RESERVED
-CVE-2010-4384
- RESERVED
-CVE-2010-4383
- RESERVED
-CVE-2010-4382
- RESERVED
-CVE-2010-4381
- RESERVED
-CVE-2010-4380
- RESERVED
-CVE-2010-4379
- RESERVED
-CVE-2010-4378
- RESERVED
-CVE-2010-4377
- RESERVED
-CVE-2010-4376
- RESERVED
-CVE-2010-4375
- RESERVED
+CVE-2010-4392 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0
through ...)
+ TODO: check
+CVE-2010-4391 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0
through ...)
+ TODO: check
+CVE-2010-4390 (Multiple heap-based buffer overflows in RealNetworks RealPlayer
11.0 ...)
+ TODO: check
+CVE-2010-4389 (Heap-based buffer overflow in the cook codec in RealNetworks
...)
+ TODO: check
+CVE-2010-4388 (The (1) Upsell.htm, (2) Main.html, and (3) Custsupport.html
components ...)
+ TODO: check
+CVE-2010-4387 (The RealAudio codec in RealNetworks RealPlayer 11.0 through
11.1, ...)
+ TODO: check
+CVE-2010-4386 (RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0
through ...)
+ TODO: check
+CVE-2010-4385 (Integer overflow in RealNetworks RealPlayer 11.0 through 11.1,
...)
+ TODO: check
+CVE-2010-4384 (Array index error in RealNetworks RealPlayer 11.0 through 11.1,
...)
+ TODO: check
+CVE-2010-4383 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0
through ...)
+ TODO: check
+CVE-2010-4382 (Multiple heap-based buffer overflows in RealNetworks RealPlayer
11.0 ...)
+ TODO: check
+CVE-2010-4381 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0
through ...)
+ TODO: check
+CVE-2010-4380 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0
through ...)
+ TODO: check
+CVE-2010-4379 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0
through ...)
+ TODO: check
+CVE-2010-4378 (The drv2.dll (aka RV20 decompression) module in RealNetworks
...)
+ TODO: check
+CVE-2010-4377 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0
through ...)
+ TODO: check
+CVE-2010-4376 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0
through ...)
+ TODO: check
+CVE-2010-4375 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0
through ...)
+ TODO: check
CVE-2010-4374 (The in_mkv plugin in Winamp before 5.6 allows remote attackers
to ...)
NOT-FOR-US: Winamp
CVE-2010-4373 (The in_mp4 plugin in Winamp before 5.6 allows remote attackers
to ...)
@@ -586,11 +586,9 @@
CVE-2010-4346 [linux: install_special_mapping skips security_file_mmap check]
RESERVED
- linux-2.6 <unfixed>
-CVE-2010-4345
- RESERVED
+CVE-2010-4345 (Exim 4.72 and earlier allows local users to gain privileges by
...)
- exim4 <unfixed> (bug #606612)
-CVE-2010-4344
- RESERVED
+CVE-2010-4344 (Heap-based buffer overflow in the string_vformat function in
string.c ...)
{DSA-2131-1}
- exim4 4.70-1 (bug #606612)
CVE-2010-4343 [linux: bfa driver sysfs crash]
@@ -4165,12 +4163,12 @@
NOT-FOR-US: Internet Explorer
CVE-2010-3000 (Multiple integer overflows in the ParseKnownType function in
...)
NOT-FOR-US: RealPlayer
-CVE-2010-2999
- RESERVED
+CVE-2010-2999 (Integer overflow in RealNetworks RealPlayer 11.0 through 11.1,
...)
+ TODO: check
CVE-2010-2998 (Array index error in RealNetworks RealPlayer 11.0 through 11.1
and ...)
NOT-FOR-US: RealNetworks RealPlayer
-CVE-2010-2997
- RESERVED
+CVE-2010-2997 (Use-after-free vulnerability in RealNetworks RealPlayer 11.0
through ...)
+ TODO: check
CVE-2010-2996 (Array index error in RealNetworks RealPlayer 11.0 through 11.1
on ...)
NOT-FOR-US: RealPlayer
CVE-2010-2991 (The IICAClient interface in the ICAClient library in the ICA
Client ...)
@@ -5316,8 +5314,8 @@
NOT-FOR-US: Adobe Shockwave Player
CVE-2010-2580 (The SMTP service (MESMTPC.exe) in MailEnable 3.x and 4.25 does
not ...)
NOT-FOR-US: MailEnable
-CVE-2010-2579
- RESERVED
+CVE-2010-2579 (The cook codec in RealNetworks RealPlayer 11.0 through 11.1,
...)
+ TODO: check
CVE-2010-2578 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0
through ...)
NOT-FOR-US: RealNetworks RealPlayer
CVE-2010-2577 (Multiple SQL injection vulnerabilities in Pligg before 1.1.1
allow ...)
@@ -12526,16 +12524,16 @@
NOT-FOR-US: Adobe Shockwave Player
CVE-2010-0126 (Heap-based buffer overflow in an unspecified library in Autonomy
...)
NOT-FOR-US: Autonomy KeyView
-CVE-2010-0125
- RESERVED
+CVE-2010-0125 (RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0
through ...)
+ TODO: check
CVE-2010-0124 (Employee Timeclock Software 0.99 places the database password on
the ...)
NOT-FOR-US: Employee Timeclock Software
CVE-2010-0123 (The database backup implementation in Employee Timeclock
Software 0.99 ...)
NOT-FOR-US: Employee Timeclock Software
CVE-2010-0122 (Multiple SQL injection vulnerabilities in Employee Timeclock
Software ...)
NOT-FOR-US: Employee Timeclock Software
-CVE-2010-0121
- RESERVED
+CVE-2010-0121 (The cook codec in RealNetworks RealPlayer 11.0 through 11.1,
...)
+ TODO: check
CVE-2010-0120 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0
through ...)
NOT-FOR-US: RealPlayer
CVE-2010-0119 (Bournal before 1.4.1 on FreeBSD 8.0, when the -K option is used,
...)