thr3ads.net - Secure testing commits - [Secure-testing-commits] r14074

If this information is useful, please help other people find it:
Share via:
Joey Hess
2010-Feb-10 21:14 UTC
[Secure-testing-commits] r14074 - data/CVE

Author: joeyh
Date: 2010-02-10 21:14:24 +0000 (Wed, 10 Feb 2010)
New Revision: 14074

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2010-02-10 15:50:23 UTC (rev 14073)
+++ data/CVE/list	2010-02-10 21:14:24 UTC (rev 14074)
@@ -1,3 +1,25 @@
+CVE-2010-0564 (Buffer overflow in Trend Micro URL Filtering Engine (TMUFE) in
...)
+	TODO: check
+CVE-2009-4640 (Array index error in vorbis_dec.c in FFmpeg 0.5 allows remote
...)
+	TODO: check
+CVE-2009-4639 (The av_rescale_rnd function in the AVI demuxer in FFmpeg 0.5
allows ...)
+	TODO: check
+CVE-2009-4638 (Integer overflow in FFmpeg 0.5 allows remote attackers to cause
a ...)
+	TODO: check
+CVE-2009-4637 (FFmpeg 0.5 allows remote attackers to cause a denial of service
...)
+	TODO: check
+CVE-2009-4636 (FFmpeg 0.5 allows remote attackers to cause a denial of service
(hang) ...)
+	TODO: check
+CVE-2009-4635 (FFmpeg 0.5 allows remote attackers to cause a denial of service
and ...)
+	TODO: check
+CVE-2009-4634 (Multiple integer underflows in FFmpeg 0.5 allow remote attackers
to ...)
+	TODO: check
+CVE-2009-4633 (vorbis_dec.c in FFmpeg 0.5 uses an assignment operator when a
...)
+	TODO: check
+CVE-2009-4632 (oggparsevorbis.c in FFmpeg 0.5 does not properly perform certain
...)
+	TODO: check
+CVE-2009-4631 (Off-by-one error in the VP3 decoder (vp3.c) in FFmpeg 0.5 allows
...)
+	TODO: check
 CVE-2010-0563 (The Single Sign-on (SSO) functionality in IBM WebSphere
Application ...)
 	TODO: check
 CVE-2010-0562 (The sdump function in sdump.c in fetchmail 6.3.11, 6.3.12, and
6.3.13, ...)
@@ -280,8 +302,8 @@
 	RESERVED
 CVE-2010-0445
 	RESERVED
-CVE-2010-0444
-	RESERVED
+CVE-2010-0444 (HP Operations Agent 8.51, 8.52, 8.53, and 8.60 on Solaris 10
uses a ...)
+	TODO: check
 CVE-2010-0443 (Unspecified vulnerability in Record Management Services (RMS)
before ...)
 	NOT-FOR-US: HP OpenVMS
 CVE-2010-0441 (Asterisk Open Source 1.6.0.x before 1.6.0.22, 1.6.1.x before
1.6.1.14, ...)
@@ -292,8 +314,7 @@
 	NOT-FOR-US: Cisco Secure Desktop
 CVE-2010-0439
 	RESERVED
-CVE-2010-0438 [OTRS SQL injection]
-	RESERVED
+CVE-2010-0438 (Multiple SQL injection vulnerabilities in
Kernel/System/Ticket.pm in ...)
 	- otrs <not-affected> (vulnerable code not present)
 	[etch] - otrs2 <not-affected> (vulnerable code not present)
 	- otrs2 2.4.7-1 (medium)
@@ -395,8 +416,7 @@
 	RESERVED
 CVE-2010-0395
 	RESERVED
-CVE-2010-0394 [Debian-specific shell command injection in trac-git]
-	RESERVED
+CVE-2010-0394 (PyGIT.py in the Trac Git plugin (trac-git) before ...)
 	{DSA-1990-2 DSA-1990-1}
 	- trac-git 0.0.20090320-1 (high; bug #567039)
 CVE-2010-0393
@@ -41905,7 +41925,7 @@
 	- linux-2.6 2.6.22-1
 	NOTE: Fixed in commit 202a03acf9994076055df40ae093a5c5474ad0bd in
 	NOTE: Linus'' tree.
-CVE-2007-2524 (Cross-site scripting (XSS) vulnerability in index.pl in OTRS
(Open ...)
+CVE-2007-2524 (Cross-site scripting (XSS) vulnerability in index.pl in Open
Ticket ...)
 	{DSA-1298-1}
 	- otrs2 2.1.1-1 (bug #423524)
 	NOTE: 2.1 and 2.2 are not affected, so recording earliest 2.1 version as fix
Secure testing commits - Feb 2010 - r14074 - data/CVE

[Secure-testing-commits] r14074 - data/CVE
