thr3ads.net - Secure testing commits - [Secure-testing-commits] r15715

If this information is useful, please help other people find it:
Share via:
Joey Hess
2010-Dec-17 21:14 UTC
[Secure-testing-commits] r15715 - data/CVE

Author: joeyh
Date: 2010-12-17 21:14:38 +0000 (Fri, 17 Dec 2010)
New Revision: 15715

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2010-12-17 14:59:29 UTC (rev 15714)
+++ data/CVE/list	2010-12-17 21:14:38 UTC (rev 15715)
@@ -1,3 +1,37 @@
+CVE-2010-4555
+	RESERVED
+CVE-2010-4554
+	RESERVED
+CVE-2010-4553 (An unspecified Domino API in IBM Lotus Notes Traveler before
8.5.1.1 ...)
+	TODO: check
+CVE-2010-4552 (Memory leak in IBM Lotus Notes Traveler before 8.5.1.1 allows
remote ...)
+	TODO: check
+CVE-2010-4551 (IBM Lotus Notes Traveler before 8.5.1.2 allows remote
authenticated ...)
+	TODO: check
+CVE-2010-4550 (IBM Lotus Notes Traveler before 8.5.1.3 allows remote attackers
to ...)
+	TODO: check
+CVE-2010-4549 (IBM Lotus Notes Traveler before 8.5.1.3 on the Nokia s60 device
...)
+	TODO: check
+CVE-2010-4548 (IBM Lotus Notes Traveler before 8.5.1.2 allows remote
authenticated ...)
+	TODO: check
+CVE-2010-4547 (IBM Lotus Notes Traveler before 8.5.1.3, when a multidomain ...)
+	TODO: check
+CVE-2010-4546 (IBM Lotus Notes Traveler before 8.5.1.2 does not reject an
attachment ...)
+	TODO: check
+CVE-2010-4545 (IBM Lotus Notes Traveler before 8.5.1.2 allows remote
authenticated ...)
+	TODO: check
+CVE-2010-4544 (Cross-site scripting (XSS) vulnerability in the servlet in IBM
Lotus ...)
+	TODO: check
+CVE-2009-5036 (traveler.exe in IBM Lotus Notes Traveler before 8.0.1.3 CF1
allows ...)
+	TODO: check
+CVE-2009-5035 (The Nokia client in IBM Lotus Notes Traveler before 8.5.0.2 does
not ...)
+	TODO: check
+CVE-2009-5034 (IBM Lotus Notes Traveler before 8.5.0.2 allows remote
authenticated ...)
+	TODO: check
+CVE-2009-5033 (IBM Lotus Notes Traveler before 8.5.0.2 does not properly handle
a &quot;* ...)
+	TODO: check
+CVE-2009-5032 (The encrypted e-mail feature in IBM Lotus Notes Traveler before
...)
+	TODO: check
 CVE-2010-XXXX [TYPO3-SA-2010-022]
 	- typo3-src 4.3.9+dfsg1-1
 CVE-2011-0045
@@ -262,7 +296,7 @@
 	RESERVED
 	- phpmyadmin <unfixed>
 	TODO: check
-CVE-2010-4480 (error.php in PhpMyAdmin 3.3.8.1 and earlier allows remote
attackers to ...)
+CVE-2010-4480 (error.php in PhpMyAdmin 3.3.8.1, and other versions before ...)
 	- phpmyadmin <unfixed>
 	TODO: check
 CVE-2010-4510
@@ -1528,68 +1562,68 @@
 	RESERVED
 CVE-2010-3968
 	RESERVED
-CVE-2010-3967
-	RESERVED
-CVE-2010-3966
-	RESERVED
-CVE-2010-3965
-	RESERVED
-CVE-2010-3964
-	RESERVED
-CVE-2010-3963
-	RESERVED
+CVE-2010-3967 (Untrusted search path vulnerability in Microsoft Windows Movie
Maker ...)
+	TODO: check
+CVE-2010-3966 (Untrusted search path vulnerability in Microsoft Windows Server
2008 ...)
+	TODO: check
+CVE-2010-3965 (Untrusted search path vulnerability in Windows Media Encoder 9
on ...)
+	TODO: check
+CVE-2010-3964 (Unrestricted file upload vulnerability in the Document
Conversions ...)
+	TODO: check
+CVE-2010-3963 (Buffer overflow in the Routing and Remote Access NDProxy
component in ...)
+	TODO: check
 CVE-2010-3962 (Use-after-free vulnerability in Microsoft Internet Explorer 6,
7, and ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2010-3961
-	RESERVED
-CVE-2010-3960
-	RESERVED
-CVE-2010-3959
-	RESERVED
+CVE-2010-3961 (The Consent User Interface (UI) in Microsoft Windows Vista SP1
and ...)
+	TODO: check
+CVE-2010-3960 (Hyper-V in Microsoft Windows Server 2008 Gold, SP2, and R2
allows ...)
+	TODO: check
+CVE-2010-3959 (The OpenType Font (OTF) driver in Microsoft Windows XP SP2 and
SP3, ...)
+	TODO: check
 CVE-2010-3958
 	RESERVED
-CVE-2010-3957
-	RESERVED
-CVE-2010-3956
-	RESERVED
-CVE-2010-3955
-	RESERVED
-CVE-2010-3954
-	RESERVED
+CVE-2010-3957 (Double free vulnerability in the OpenType Font (OTF) driver in
...)
+	TODO: check
+CVE-2010-3956 (The OpenType Font (OTF) driver in Microsoft Windows XP SP2 and
SP3, ...)
+	TODO: check
+CVE-2010-3955 (pubconv.dll (aka the Publisher Converter DLL) in Microsoft
Publisher ...)
+	TODO: check
+CVE-2010-3954 (Microsoft Publisher 2002 SP3, 2003 SP3, and 2010 allows remote
...)
+	TODO: check
 CVE-2010-3953
 	RESERVED
-CVE-2010-3952
-	RESERVED
-CVE-2010-3951
-	RESERVED
-CVE-2010-3950
-	RESERVED
-CVE-2010-3949
-	RESERVED
+CVE-2010-3952 (The FlashPix image converter in the graphics filters in
Microsoft ...)
+	TODO: check
+CVE-2010-3951 (Buffer overflow in the FlashPix image converter in the graphics
...)
+	TODO: check
+CVE-2010-3950 (The TIFF image converter in the graphics filters in Microsoft
Office ...)
+	TODO: check
+CVE-2010-3949 (Buffer overflow in the TIFF image converter in the graphics
filters in ...)
+	TODO: check
 CVE-2010-3948
 	RESERVED
-CVE-2010-3947
-	RESERVED
-CVE-2010-3946
-	RESERVED
-CVE-2010-3945
-	RESERVED
-CVE-2010-3944
-	RESERVED
-CVE-2010-3943
-	RESERVED
-CVE-2010-3942
-	RESERVED
-CVE-2010-3941
-	RESERVED
-CVE-2010-3940
-	RESERVED
-CVE-2010-3939
-	RESERVED
+CVE-2010-3947 (Heap-based buffer overflow in the TIFF image converter in the
graphics ...)
+	TODO: check
+CVE-2010-3946 (Integer overflow in the PICT image converter in the graphics
filters ...)
+	TODO: check
+CVE-2010-3945 (Buffer overflow in the CGM image converter in the graphics
filters in ...)
+	TODO: check
+CVE-2010-3944 (win32k.sys in the kernel-mode drivers in Microsoft Windows
Server 2008 ...)
+	TODO: check
+CVE-2010-3943 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP
SP2 and ...)
+	TODO: check
+CVE-2010-3942 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP
SP2 and ...)
+	TODO: check
+CVE-2010-3941 (Double free vulnerability in win32k.sys in the kernel-mode
drivers in ...)
+	TODO: check
+CVE-2010-3940 (Double free vulnerability in win32k.sys in the kernel-mode
drivers in ...)
+	TODO: check
+CVE-2010-3939 (Buffer overflow in win32k.sys in the kernel-mode drivers in
Microsoft ...)
+	TODO: check
 CVE-2010-3938
 	RESERVED
-CVE-2010-3937
-	RESERVED
+CVE-2010-3937 (Microsoft Exchange Server 2007 SP2 on the x64 platform allows
remote ...)
+	TODO: check
 CVE-2010-3936 (Cross-site scripting (XSS) vulnerability in Signurl.asp in
Microsoft ...)
 	NOT-FOR-US: Forefront Unified Access Gateway
 CVE-2010-3935
@@ -3217,28 +3251,28 @@
 	- bareftp 0.3.4-1.1 (bug #598284)
 CVE-2010-3349 (Ardour 2.8.11 places a zero-length directory name in the ...)
 	- ardour 1:2.8.11-2 (low; bug #598282)
-CVE-2010-3348
-	RESERVED
+CVE-2010-3348 (Microsoft Internet Explorer 6, 7, and 8 does not prevent
rendering of ...)
+	TODO: check
 CVE-2010-3347
 	RESERVED
-CVE-2010-3346
-	RESERVED
-CVE-2010-3345
-	RESERVED
+CVE-2010-3346 (Microsoft Internet Explorer 6, 7, and 8 does not properly handle
...)
+	TODO: check
+CVE-2010-3345 (Microsoft Internet Explorer 8 does not properly handle objects
in ...)
+	TODO: check
 CVE-2010-3344
 	RESERVED
-CVE-2010-3343
-	RESERVED
-CVE-2010-3342
-	RESERVED
+CVE-2010-3343 (Microsoft Internet Explorer 6 does not properly handle objects
in ...)
+	TODO: check
+CVE-2010-3342 (Microsoft Internet Explorer 6, 7, and 8 does not prevent
rendering of ...)
+	TODO: check
 CVE-2010-3341
 	RESERVED
-CVE-2010-3340
-	RESERVED
+CVE-2010-3340 (Microsoft Internet Explorer 6 and 7 does not properly handle
objects ...)
+	TODO: check
 CVE-2010-3339
 	RESERVED
-CVE-2010-3338
-	RESERVED
+CVE-2010-3338 (The Windows Task Scheduler in Microsoft Windows Vista SP1 and
SP2, ...)
+	TODO: check
 CVE-2010-3337 (Untrusted search path vulnerability in Microsoft Office 2007 SP2
and ...)
 	NOT-FOR-US: Microsoft Office 2007 SP2 
 CVE-2010-3336 (Microsoft Office XP SP3, Office 2004 and 2008 for Mac, Office
for Mac ...)
@@ -3774,13 +3808,13 @@
 	NOT-FOR-US: Adobe Device Central
 CVE-2010-3148 (Untrusted search path vulnerability in Microsoft Visio 2003
allows ...)
 	NOT-FOR-US: Microsoft Visio
-CVE-2010-3147 (Untrusted search path vulnerability in Microsoft Address Book
...)
+CVE-2010-3147 (Untrusted search path vulnerability in wab.exe 6.00.2900.5512 in
...)
 	NOT-FOR-US: Microsoft Address Book
 CVE-2010-3146 (Untrusted search path vulnerability in Microsoft Office Groove
2007 ...)
 	NOT-FOR-US: Microsoft Office Groove
 CVE-2010-3145 (Untrusted search path vulnerability in the Microsoft Vista
BitLocker ...)
 	NOT-FOR-US: Microsoft Vista BitLocker
-CVE-2010-3144 (Untrusted search path vulnerability in Microsoft Internet
Connection ...)
+CVE-2010-3144 (Untrusted search path vulnerability in the Internet Connection
Signup ...)
 	NOT-FOR-US: Microsoft Internet Connection Signup Wizard
 CVE-2010-3143 (Untrusted search path vulnerability in Microsoft Windows
Contacts ...)
 	NOT-FOR-US: Microsoft Windows Contacts
@@ -4929,8 +4963,8 @@
 	NOT-FOR-US: Microsoft Windows
 CVE-2010-2743
 	RESERVED
-CVE-2010-2742
-	RESERVED
+CVE-2010-2742 (The Netlogon RPC Service in Microsoft Windows Server 2003 SP2
and ...)
+	TODO: check
 CVE-2010-2741 (The OpenType Font (OTF) format driver in Microsoft Windows XP
SP2 and ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2010-2740 (The OpenType Font (OTF) format driver in Microsoft Windows XP
SP2 and ...)
@@ -5345,12 +5379,12 @@
 	NOT-FOR-US: Microsoft PowerPoint
 CVE-2010-2572 (Buffer overflow in Microsoft PowerPoint 2002 SP3 and 2003 SP3
allows ...)
 	NOT-FOR-US: Microsoft PowerPoint
-CVE-2010-2571
-	RESERVED
-CVE-2010-2570
-	RESERVED
-CVE-2010-2569
-	RESERVED
+CVE-2010-2571 (Array index error in pubconv.dll (aka the Publisher Converter
DLL) in ...)
+	TODO: check
+CVE-2010-2570 (Heap-based buffer overflow in pubconv.dll (aka the Publisher
Converter ...)
+	TODO: check
+CVE-2010-2569 (pubconv.dll (aka the Publisher Converter DLL) in Microsoft
Publisher ...)
+	TODO: check
 CVE-2010-2568 (Windows Shell in Microsoft Windows XP SP3, Server 2003 SP2,
Vista SP1 ...)
 	NOT-FOR-US: Microsoft
 CVE-2010-2567 (The RPC client implementation in Microsoft Windows XP SP2 and
SP3 and ...)
Secure testing commits - Dec 2010 - r15715 - data/CVE

[Secure-testing-commits] r15715 - data/CVE
