Author: geissert Date: 2010-01-15 03:32:08 +0000 (Fri, 15 Jan 2010) New Revision: 13821 Modified: data/CVE/list Log: lib3ds issue Modified: data/CVE/list ==================================================================--- data/CVE/list 2010-01-14 21:41:13 UTC (rev 13820) +++ data/CVE/list 2010-01-15 03:32:08 UTC (rev 13821) @@ -71,8 +71,13 @@ RESERVED CVE-2010-0281 RESERVED -CVE-2010-0280 +CVE-2010-0280 [lib3ds memory corruption] RESERVED + - lib3ds <unfixed> (medium) + NOTE: http://www.coresecurity.com/content/google-sketchup-vulnerability + TODO: check affected versions and file bug + NOTE: issue was published saying it affects google sketchup, + NOTE: but the vulnerable code is in lib3ds CVE-2010-0279 (Unrestricted file upload vulnerability in upload.php in BTS-GI Read ...) NOT-FOR-US: BTS-GI Read excel CVE-2010-0278 (A certain ActiveX control in msgsc.14.0.8089.726.dll in Microsoft ...)