Author: gilbert-guest Date: 2010-06-15 05:14:14 +0000 (Tue, 15 Jun 2010) New Revision: 14869 Modified: data/CVE/list Log: tiff issues Modified: data/CVE/list ==================================================================--- data/CVE/list 2010-06-15 03:12:56 UTC (rev 14868) +++ data/CVE/list 2010-06-15 05:14:14 UTC (rev 14869) @@ -512,8 +512,12 @@ RESERVED - linux-2.6 <unfixed> [lenny] - linux-2.6 <not-affected> (Vulnerable code introduced in 2.6.31) -CVE-2010-2065 +CVE-2010-2065 [tiff integer overflow] RESERVED + - tiff <undetermined> + NOTE: https://bugs.launchpad.net/ubuntu/+source/tiff/+bug/589145 + NOTE: https://bugs.launchpad.net/ubuntu/+source/tiff/+bug/589565 + TODO: check CVE-2010-2064 RESERVED CVE-2010-2063 @@ -2213,8 +2217,10 @@ TODO: check CVE-2010-1412 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on ...) TODO: check -CVE-2010-1411 +CVE-2010-1411 [tiff heap overflow] RESERVED + - tiff <undetermined> + TODO: check CVE-2010-1410 (WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and ...) TODO: check CVE-2010-1409 (Incomplete blacklist vulnerability in WebKit in Apple Safari before ...) @@ -11715,7 +11721,9 @@ CVE-2009-2810 (Launch Services in Apple Mac OS X 10.6.x before 10.6.2 recursively ...) NOT-FOR-US: Apple Mac OS X CVE-2009-2809 (ImageIO in Apple Mac OS X 10.4.11 and 10.5.8 allows remote attackers ...) - NOT-FOR-US: ImageIO in Apple Mac OS X + - tiff <undetermined> + NOTE: description very apple-centric, but tiff may be affected + TODO: check CVE-2009-2808 (Help Viewer in Apple Mac OS X before 10.6.2 does not use an HTTPS ...) NOT-FOR-US: Apple Mac OS X CVE-2009-2807 (Heap-based buffer overflow in the USB backend in CUPS in Apple Mac OS ...)