Author: joeyh Date: 2010-03-15 21:14:24 +0000 (Mon, 15 Mar 2010) New Revision: 14272 Modified: data/CVE/list Log: automatic update Modified: data/CVE/list ==================================================================--- data/CVE/list 2010-03-15 19:59:24 UTC (rev 14271) +++ data/CVE/list 2010-03-15 21:14:24 UTC (rev 14272) @@ -956,8 +956,7 @@ RESERVED CVE-2010-0625 RESERVED -CVE-2010-0624 [heap overflow in rmt implementation of tar/cpio] - RESERVED +CVE-2010-0624 (Heap-based buffer overflow in the rmt_read__ function in ...) - cpio 2.11-1 (low) - tar 1.23-1 (low) [lenny] - cpio <no-dsa> (Minor issue) @@ -1559,8 +1558,7 @@ RESERVED - php5 5.3.2-1 (medium; bug #573573) NOTE: sent mail to oss-sec notifying about the id -CVE-2010-0396 [dpkg path traversal] - RESERVED +CVE-2010-0396 (Directory traversal vulnerability in the dpkg-source component in dpkg ...) {DSA-2011-1} - dpkg 1.15.6 CVE-2010-0395 @@ -2400,12 +2398,12 @@ RESERVED CVE-2010-0125 RESERVED -CVE-2010-0124 - RESERVED -CVE-2010-0123 - RESERVED -CVE-2010-0122 - RESERVED +CVE-2010-0124 (Employee Timeclock Software 0.99 places the database password on the ...) + TODO: check +CVE-2010-0123 (The database backup implementation in Employee Timeclock Software 0.99 ...) + TODO: check +CVE-2010-0122 (Multiple SQL injection vulnerabilities in Employee Timeclock Software ...) + TODO: check CVE-2010-0121 RESERVED CVE-2010-0120 @@ -3160,36 +3158,36 @@ RESERVED - xar <unfixed> (bug #572556) [lenny] - xar <no-dsa> (Minor issue) -CVE-2010-0054 - RESERVED -CVE-2010-0053 - RESERVED -CVE-2010-0052 - RESERVED -CVE-2010-0051 - RESERVED -CVE-2010-0050 - RESERVED -CVE-2010-0049 - RESERVED -CVE-2010-0048 - RESERVED -CVE-2010-0047 - RESERVED -CVE-2010-0046 - RESERVED -CVE-2010-0045 - RESERVED -CVE-2010-0044 - RESERVED -CVE-2010-0043 - RESERVED -CVE-2010-0042 - RESERVED -CVE-2010-0041 - RESERVED -CVE-2010-0040 - RESERVED +CVE-2010-0054 (Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 ...) + TODO: check +CVE-2010-0053 (Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 ...) + TODO: check +CVE-2010-0052 (Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 ...) + TODO: check +CVE-2010-0051 (WebKit in Apple Safari before 4.0.5 does not properly validate the ...) + TODO: check +CVE-2010-0050 (Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 ...) + TODO: check +CVE-2010-0049 (Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 ...) + TODO: check +CVE-2010-0048 (Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 ...) + TODO: check +CVE-2010-0047 (Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 ...) + TODO: check +CVE-2010-0046 (The Cascading Style Sheets (CSS) implementation in WebKit in Apple ...) + TODO: check +CVE-2010-0045 (Apple Safari before 4.0.5 on Windows does not properly validate ...) + TODO: check +CVE-2010-0044 (PubSub in Apple Safari before 4.0.5 does not properly implement use of ...) + TODO: check +CVE-2010-0043 (ImageIO in Apple Safari before 4.0.5 on Windows allows remote ...) + TODO: check +CVE-2010-0042 (ImageIO in Apple Safari before 4.0.5 on Windows does not ensure that ...) + TODO: check +CVE-2010-0041 (ImageIO in Apple Safari before 4.0.5 on Windows does not ensure that ...) + TODO: check +CVE-2010-0040 (Integer overflow in ColorSync in Apple Safari before 4.0.5 on Windows ...) + TODO: check CVE-2010-0039 RESERVED CVE-2010-0038 (Recovery Mode in Apple iPhone OS 1.0 through 3.1.2, and iPhone OS for ...) @@ -4159,8 +4157,8 @@ NOT-FOR-US: Adobe Shockwave Player CVE-2009-4002 (Heap-based buffer overflow in Adobe Shockwave Player before 11.5.6.606 ...) NOT-FOR-US: Adobe Shockwave Player -CVE-2009-4001 - RESERVED +CVE-2009-4001 (Integer overflow in XnView before 1.97.2 might allow remote attackers ...) + TODO: check CVE-2009-4000 (Directory traversal vulnerability in goform/formExportDataLogs in HP ...) NOT-FOR-US: HP Power Manager CVE-2009-3999 (Stack-based buffer overflow in goform/formExportDataLogs in HP Power ...)