Secure testing commits - Mar 2010 - r14194 - data/CVE

Author: joeyh
Date: 2010-03-05 21:14:40 +0000 (Fri, 05 Mar 2010)
New Revision: 14194

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2010-03-05 09:14:48 UTC (rev 14193)
+++ data/CVE/list	2010-03-05 21:14:40 UTC (rev 14194)
@@ -1,3 +1,223 @@
+CVE-2010-0925 (cfnetwork.dll 1.450.5.0 in CFNetwork, as used by safari.exe
531.21.10 ...)
+	TODO: check
+CVE-2010-0924 (cfnetwork.dll 1.450.5.0 in CFNetwork, as used by safari.exe
531.21.10 ...)
+	TODO: check
+CVE-2010-0923 (Race condition in workspace/krunner/lock/lockdlg.cc in the
KRunner ...)
+	TODO: check
+CVE-2010-0922 (Unspecified vulnerability in secldapclntd in IBM AIX 5.3 with SP
...)
+	TODO: check
+CVE-2010-0921 (Cross-site request forgery (CSRF) vulnerability in IBM Lotus
iNotes ...)
+	TODO: check
+CVE-2010-0920 (Cross-site scripting (XSS) vulnerability in IBM Lotus iNotes
(aka ...)
+	TODO: check
+CVE-2010-0919 (Stack-based buffer overflow in the Lotus Domino Web Access
ActiveX ...)
+	TODO: check
+CVE-2010-0918 (Multiple unspecified vulnerabilities in the UltraLite
functionality in ...)
+	TODO: check
+CVE-2010-0917 (Stack-based buffer overflow in VBScript in Microsoft Windows
2000 SP4, ...)
+	TODO: check
+CVE-2010-0916
+	RESERVED
+CVE-2010-0915
+	RESERVED
+CVE-2010-0914
+	RESERVED
+CVE-2010-0913
+	RESERVED
+CVE-2010-0912
+	RESERVED
+CVE-2010-0911
+	RESERVED
+CVE-2010-0910
+	RESERVED
+CVE-2010-0909
+	RESERVED
+CVE-2010-0908
+	RESERVED
+CVE-2010-0907
+	RESERVED
+CVE-2010-0906
+	RESERVED
+CVE-2010-0905
+	RESERVED
+CVE-2010-0904
+	RESERVED
+CVE-2010-0903
+	RESERVED
+CVE-2010-0902
+	RESERVED
+CVE-2010-0901
+	RESERVED
+CVE-2010-0900
+	RESERVED
+CVE-2010-0899
+	RESERVED
+CVE-2010-0898
+	RESERVED
+CVE-2010-0897
+	RESERVED
+CVE-2010-0896
+	RESERVED
+CVE-2010-0895
+	RESERVED
+CVE-2010-0894
+	RESERVED
+CVE-2010-0893
+	RESERVED
+CVE-2010-0892
+	RESERVED
+CVE-2010-0891
+	RESERVED
+CVE-2010-0890
+	RESERVED
+CVE-2010-0889
+	RESERVED
+CVE-2010-0888
+	RESERVED
+CVE-2010-0887
+	RESERVED
+CVE-2010-0886
+	RESERVED
+CVE-2010-0885
+	RESERVED
+CVE-2010-0884
+	RESERVED
+CVE-2010-0883
+	RESERVED
+CVE-2010-0882
+	RESERVED
+CVE-2010-0881
+	RESERVED
+CVE-2010-0880
+	RESERVED
+CVE-2010-0879
+	RESERVED
+CVE-2010-0878
+	RESERVED
+CVE-2010-0877
+	RESERVED
+CVE-2010-0876
+	RESERVED
+CVE-2010-0875
+	RESERVED
+CVE-2010-0874
+	RESERVED
+CVE-2010-0873
+	RESERVED
+CVE-2010-0872
+	RESERVED
+CVE-2010-0871
+	RESERVED
+CVE-2010-0870
+	RESERVED
+CVE-2010-0869
+	RESERVED
+CVE-2010-0868
+	RESERVED
+CVE-2010-0867
+	RESERVED
+CVE-2010-0866
+	RESERVED
+CVE-2010-0865
+	RESERVED
+CVE-2010-0864
+	RESERVED
+CVE-2010-0863
+	RESERVED
+CVE-2010-0862
+	RESERVED
+CVE-2010-0861
+	RESERVED
+CVE-2010-0860
+	RESERVED
+CVE-2010-0859
+	RESERVED
+CVE-2010-0858
+	RESERVED
+CVE-2010-0857
+	RESERVED
+CVE-2010-0856
+	RESERVED
+CVE-2010-0855
+	RESERVED
+CVE-2010-0854
+	RESERVED
+CVE-2010-0853
+	RESERVED
+CVE-2010-0852
+	RESERVED
+CVE-2010-0851
+	RESERVED
+CVE-2010-0850
+	RESERVED
+CVE-2010-0849
+	RESERVED
+CVE-2010-0848
+	RESERVED
+CVE-2010-0847
+	RESERVED
+CVE-2010-0846
+	RESERVED
+CVE-2010-0845
+	RESERVED
+CVE-2010-0844
+	RESERVED
+CVE-2010-0843
+	RESERVED
+CVE-2010-0842
+	RESERVED
+CVE-2010-0841
+	RESERVED
+CVE-2010-0840
+	RESERVED
+CVE-2010-0839
+	RESERVED
+CVE-2010-0838
+	RESERVED
+CVE-2010-0837
+	RESERVED
+CVE-2010-0836
+	RESERVED
+CVE-2010-0835
+	RESERVED
+CVE-2010-0834
+	RESERVED
+CVE-2010-0833
+	RESERVED
+CVE-2010-0832
+	RESERVED
+CVE-2010-0831
+	RESERVED
+CVE-2010-0830
+	RESERVED
+CVE-2010-0829
+	RESERVED
+CVE-2010-0828
+	RESERVED
+CVE-2010-0827
+	RESERVED
+CVE-2010-0826
+	RESERVED
+CVE-2010-0825
+	RESERVED
+CVE-2009-4664 (Firewall Builder 3.0.4, 3.0.5, and 3.0.6, when running on Linux,
...)
+	TODO: check
+CVE-2009-4663 (Heap-based buffer overflow in the Quiksoft EasyMail Objects 6
ActiveX ...)
+	TODO: check
+CVE-2009-4662 (Cross-site scripting (XSS) vulnerability in the WebAccess
component in ...)
+	TODO: check
+CVE-2009-4661 (Multiple buffer overflows in BigAnt Server 2.50 SP6 and earlier
allow ...)
+	TODO: check
+CVE-2009-4660 (Stack-based buffer overflow in the AntServer Module
(AntServer.exe) in ...)
+	TODO: check
+CVE-2009-4659 (Unspecified vulnerability in MP3-Cutter Ease Audio Cutter 1.20
allows ...)
+	TODO: check
+CVE-2009-4658 (Xerver 4.32 allows remote authenticated users to cause a denial
of ...)
+	TODO: check
+CVE-2009-4657 (The administrator package for Xerver 4.32 does not require ...)
+	TODO: check
+CVE-2009-4656 (Stack-based buffer overflow in E-Soft DJ Studio Pro 4.2
including ...)
+	TODO: check
 CVE-2010-XXXX [openssl power supply fluctuation fault-based key disclosure]
 	- openssl <unfixed> (low)
 	NOTE: http://www.eecs.umich.edu/~valeria/research/publications/DATE10RSA.pdf
@@ -124,8 +344,8 @@
 	RESERVED
 CVE-2010-0767
 	RESERVED
-CVE-2010-0766
-	RESERVED
+CVE-2010-0766 (Integer overflow in the Swap4 function in valet4.dll in Luxology
Modo ...)
+	TODO: check
 CVE-2010-0765 (fipsForum 2.6 stores sensitive information under the web root
with ...)
 	NOT-FOR-US: fipsForum
 CVE-2010-0764 (SQL injection vulnerability in index.php in KuwaitPHP eSmile
allows ...)
@@ -887,8 +1107,8 @@
 	RESERVED
 CVE-2010-0484
 	RESERVED
-CVE-2010-0483
-	RESERVED
+CVE-2010-0483 (VBScript in Microsoft Windows 2000 SP4, XP SP2 and SP3, and
Server ...)
+	TODO: check
 CVE-2010-0482
 	RESERVED
 CVE-2010-0481
@@ -1765,8 +1985,7 @@
 	RESERVED
 CVE-2010-0206
 	RESERVED
-CVE-2010-0205 [libpng memory consumption dos]
-	RESERVED
+CVE-2010-0205 (The png_decompress_chunk function in pngrutil.c in libpng 1.0.x
before ...)
 	- libpng 1.2.43-1 (low; bug #572308)
 	[lenny] - libpng <no-dsa> (Minor issue)
 	NOTE: http://www.kb.cert.org/vuls/id/576029
@@ -1879,8 +2098,8 @@
 	NOT-FOR-US: JoomlaBamboo (JB) Simpla Admin template
 CVE-2010-0157 (Directory traversal vulnerability in the Bible Study
(com_biblestudy) ...)
 	NOT-FOR-US: component for Joomla!
-CVE-2010-0156
-	RESERVED
+CVE-2010-0156 (Puppet 0.24.x before 0.24.9 and 0.25.x before 0.25.2 allows
local ...)
+	TODO: check
 CVE-2010-0155
 	RESERVED
 CVE-2010-0154
@@ -13255,7 +13474,7 @@
 	- sun-java6 6-13-1 (bug #521414)
 	[lenny] - sun-java6 <no-dsa> (Non-free not supported)
 	- openjdk-6 <undetermined> (bug #566769)
-CVE-2009-1962 (Xfig in Debian GNU/Linux, possibly 3.2.5, allows local users to
read ...)
+CVE-2009-1962 (Xfig, possibly 3.2.5, allows local users to read and write
arbitrary ...)
 	- xfig 1:3.2.5.a-1
 	[etch] - xfig <no-dsa> (Minor issue)
 	[lenny] - xfig <no-dsa> (Minor issue)