thr3ads.net - Secure testing commits - [Secure-testing-commits] r14879

If this information is useful, please help other people find it:
Share via:
Joey Hess
2010-Jun-16 21:14 UTC
[Secure-testing-commits] r14879 - data/CVE

Author: joeyh
Date: 2010-06-16 21:14:35 +0000 (Wed, 16 Jun 2010)
New Revision: 14879

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2010-06-16 20:41:23 UTC (rev 14878)
+++ data/CVE/list	2010-06-16 21:14:35 UTC (rev 14879)
@@ -1,3 +1,33 @@
+CVE-2010-2304 (The toAlphabetic function in rendering/RenderListMarker.cpp in
WebCore ...)
+	TODO: check
+CVE-2010-2303 (page/Geolocation.cpp in WebCore in WebKit in Google Chrome
before ...)
+	TODO: check
+CVE-2010-2302 (Use-after-free vulnerability in WebCore in WebKit in Google
Chrome ...)
+	TODO: check
+CVE-2010-2301 (Cross-site scripting (XSS) vulnerability in editing/markup.cpp
in ...)
+	TODO: check
+CVE-2010-2300 (Use-after-free vulnerability in the Element::normalizeAttributes
...)
+	TODO: check
+CVE-2010-2299 (The Clipboard::DispatchObject function in
app/clipboard/clipboard.cc ...)
+	TODO: check
+CVE-2010-2298 (browser/renderer_host/database_dispatcher_host.cc in Google
Chrome ...)
+	TODO: check
+CVE-2010-2297 (rendering/FixedTableLayout.cpp in WebCore in WebKit in Google
Chrome ...)
+	TODO: check
+CVE-2010-2296 (The implementation of unspecified DOM methods in Google Chrome
before ...)
+	TODO: check
+CVE-2010-2295 (page/EventHandler.cpp in WebCore in WebKit in Google Chrome
before ...)
+	TODO: check
+CVE-2009-4900
+	RESERVED
+CVE-2009-4899
+	RESERVED
+CVE-2009-4898
+	RESERVED
+CVE-2009-4897
+	RESERVED
+CVE-2009-4896
+	RESERVED
 CVE-2010-2294 (Cross-site request forgery (CSRF) vulnerability in Plume CMS
1.2.4 and ...)
 	NOT-FOR-US: Plume CMS
 CVE-2010-2293 (The Ping tools web interface in Dlink Di-604 router allows
remote ...)
@@ -48,6 +78,7 @@
 	- nginx <undetermined>
 	TODO: check
 CVE-2009-4895 [linux tty null ptr dereference]
+	RESERVED
 	- linux-2.6 2.6.32-9
 CVE-2009-4894 (Multiple cross-site scripting (XSS) vulnerabilities in
profile.php in ...)
 	NOT-FOR-US: PunBB
@@ -247,94 +278,65 @@
 CVE-2010-2190 (The (1) trim, (2) ltrim, (3) rtrim, and (4) substr_replace
functions ...)
 	- php5 <unfixed> (unimportant)
 	NOTE: Only triggerable through malicious script
-CVE-2010-2189
-	RESERVED
+CVE-2010-2189 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64,
and ...)
 	NOT-FOR-US: Adobe Flash
-CVE-2010-2188
-	RESERVED
+CVE-2010-2188 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64,
and ...)
 	NOT-FOR-US: Adobe Flash
-CVE-2010-2187
-	RESERVED
+CVE-2010-2187 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64,
and ...)
 	NOT-FOR-US: Adobe Flash
-CVE-2010-2186
-	RESERVED
+CVE-2010-2186 (Unspecified vulnerability in Adobe Flash Player before 9.0.277.0
and ...)
 	NOT-FOR-US: Adobe Flash
-CVE-2010-2185
-	RESERVED
+CVE-2010-2185 (Buffer overflow in Adobe Flash Player before 9.0.277.0 and 10.x
before ...)
 	NOT-FOR-US: Adobe Flash
-CVE-2010-2184
-	RESERVED
+CVE-2010-2184 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64,
and ...)
 	NOT-FOR-US: Adobe Flash
-CVE-2010-2183
-	RESERVED
+CVE-2010-2183 (Integer overflow in Adobe Flash Player before 9.0.277.0 and 10.x
...)
 	NOT-FOR-US: Adobe Flash
-CVE-2010-2182
-	RESERVED
+CVE-2010-2182 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64,
and ...)
 	NOT-FOR-US: Adobe Flash
-CVE-2010-2181
-	RESERVED
+CVE-2010-2181 (Integer overflow in Adobe Flash Player before 9.0.277.0 and 10.x
...)
 	NOT-FOR-US: Adobe Flash
-CVE-2010-2180
-	RESERVED
+CVE-2010-2180 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64,
and ...)
 	NOT-FOR-US: Adobe Flash
-CVE-2010-2179
-	RESERVED
+CVE-2010-2179 (Cross-site scripting (XSS) vulnerability in Adobe Flash Player
before ...)
 	NOT-FOR-US: Adobe Flash
-CVE-2010-2178
-	RESERVED
+CVE-2010-2178 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64,
and ...)
 	NOT-FOR-US: Adobe Flash
-CVE-2010-2177
-	RESERVED
+CVE-2010-2177 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64,
and ...)
 	NOT-FOR-US: Adobe Flash
-CVE-2010-2176
-	RESERVED
+CVE-2010-2176 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64,
and ...)
 	NOT-FOR-US: Adobe Flash
-CVE-2010-2175
-	RESERVED
+CVE-2010-2175 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64,
and ...)
 	NOT-FOR-US: Adobe Flash
-CVE-2010-2174
-	RESERVED
+CVE-2010-2174 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64,
and ...)
 	NOT-FOR-US: Adobe Flash
-CVE-2010-2173
-	RESERVED
+CVE-2010-2173 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64,
and ...)
 	NOT-FOR-US: Adobe Flash
-CVE-2010-2172
-	RESERVED
+CVE-2010-2172 (Adobe Flash Player 9 before 9.0.277.0 on unspecified UNIX
platforms ...)
 	NOT-FOR-US: Adobe Flash
-CVE-2010-2171
-	RESERVED
+CVE-2010-2171 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64,
and ...)
 	NOT-FOR-US: Adobe Flash
-CVE-2010-2170
-	RESERVED
+CVE-2010-2170 (Integer overflow in Adobe Flash Player before 9.0.277.0 and 10.x
...)
 	NOT-FOR-US: Adobe Flash
-CVE-2010-2169
-	RESERVED
+CVE-2010-2169 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64,
and ...)
 	NOT-FOR-US: Adobe Flash
 CVE-2010-2168
 	RESERVED
-CVE-2010-2167
-	RESERVED
+CVE-2010-2167 (Multiple heap-based buffer overflows in Adobe Flash Player
before ...)
 	NOT-FOR-US: Adobe Flash
-CVE-2010-2166
-	RESERVED
+CVE-2010-2166 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64,
and ...)
 	NOT-FOR-US: Adobe Flash
-CVE-2010-2165
-	RESERVED
+CVE-2010-2165 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64,
and ...)
 	NOT-FOR-US: Adobe Flash
-CVE-2010-2164
-	RESERVED
+CVE-2010-2164 (Use-after-free vulnerability in Adobe Flash Player before
9.0.277.0 ...)
 	NOT-FOR-US: Adobe Flash
-CVE-2010-2163
-	RESERVED
+CVE-2010-2163 (Multiple unspecified vulnerabilities in Adobe Flash Player
before ...)
 	NOT-FOR-US: Adobe Flash
-CVE-2010-2162
-	RESERVED
+CVE-2010-2162 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64,
and ...)
 	NOT-FOR-US: Adobe Flash
-CVE-2010-2161
-	RESERVED
+CVE-2010-2161 (Array index error in Adobe Flash Player before 9.0.277.0 and
10.x ...)
 	NOT-FOR-US: Adobe Flash
-CVE-2010-2160
-	RESERVED
+CVE-2010-2160 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64,
and ...)
 	NOT-FOR-US: Adobe Flash
 CVE-2010-2159 (Dameng DM Database Server allows remote authenticated users to
cause a ...)
 	NOT-FOR-US: Dameng DM Database
@@ -590,6 +592,7 @@
 	RESERVED
 CVE-2010-2063 [samba arbitrary write on chained packet processing]
 	RESERVED
+	{DSA-2061-1}
 	- samba 2:3.4.0~pre1-1 (high)
 	NOTE: the affected code has been completely rewritten since 3.4.x
 CVE-2010-2062 [VLC: integer underflow in Real RTSP]
@@ -2543,7 +2546,7 @@
 	NOT-FOR-US: Pepsi CMS
 CVE-2010-1298 (Directory traversal vulnerability in view.php in Pulse CMS 1.2.2
...)
 	NOT-FOR-US: Pulse CMS
-CVE-2010-1297 (Unspecified vulnerability in Adobe Flash Player 9.0.x through
9.0.262 ...)
+CVE-2010-1297 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64,
Adobe ...)
 	NOT-FOR-US: Adobe Flash
 CVE-2010-1296 (Multiple buffer overflows in Adobe Photoshop CS4 before 11.0.2
allow ...)
 	NOT-FOR-US: Adobe Photoshop CS4
@@ -2640,15 +2643,15 @@
 	NOT-FOR-US: Microsoft
 CVE-2010-1251 (Unspecified vulnerability in Microsoft Office Excel 2002 SP3 and
...)
 	NOT-FOR-US: Microsoft
-CVE-2010-1250 (Unspecified vulnerability in Microsoft Office Excel 2002 SP3,
Office ...)
+CVE-2010-1250 (Heap-based buffer overflow in Microsoft Office Excel 2002 SP3,
Office ...)
 	NOT-FOR-US: Microsoft
-CVE-2010-1249 (Unspecified vulnerability in Microsoft Office Excel 2002 SP3,
Office ...)
+CVE-2010-1249 (Buffer overflow in Microsoft Office Excel 2002 SP3, Office 2004
for ...)
 	NOT-FOR-US: Microsoft
-CVE-2010-1248 (Unspecified vulnerability in Microsoft Office Excel 2002 SP3 and
...)
+CVE-2010-1248 (Buffer overflow in Microsoft Office Excel 2002 SP3 and Office
2004 for ...)
 	NOT-FOR-US: Microsoft
 CVE-2010-1247 (Unspecified vulnerability in Microsoft Office Excel 2002 SP3
allows ...)
 	NOT-FOR-US: Microsoft
-CVE-2010-1246 (Unspecified vulnerability in Microsoft Office Excel 2002 SP3
allows ...)
+CVE-2010-1246 (Stack-based buffer overflow in Microsoft Office Excel 2002 SP3
allows ...)
 	NOT-FOR-US: Microsoft
 CVE-2010-1245 (Unspecified vulnerability in Microsoft Office Excel 2002 SP3,
Office ...)
 	NOT-FOR-US: Microsoft
@@ -4011,7 +4014,7 @@
 	NOT-FOR-US: Microsoft
 CVE-2010-0823 (Unspecified vulnerability in Microsoft Office Excel 2002 SP3,
2003 ...)
 	NOT-FOR-US: Microsoft
-CVE-2010-0822 (Microsoft Office Excel 2002 SP3, Office 2004 for Mac, Office
2008 for ...)
+CVE-2010-0822 (Stack-based buffer overflow in Microsoft Office Excel 2002 SP3,
Office ...)
 	NOT-FOR-US: Microsoft
 CVE-2010-0821 (Unspecified vulnerability in Microsoft Office Excel 2002 SP3,
2003 ...)
 	NOT-FOR-US: Microsoft
@@ -8462,8 +8465,8 @@
 	RESERVED
 CVE-2009-3794 (Heap-based buffer overflow in Adobe Flash Player before
10.0.42.34 and ...)
 	NOT-FOR-US: Adobe Flash
-CVE-2009-3793
-	RESERVED
+CVE-2009-3793 (Unspecified vulnerability in Adobe Flash Player before 9.0.277.0
and ...)
+	TODO: check
 CVE-2009-3792 (Directory traversal vulnerability in Adobe Flash Media Server
(FMS) ...)
 	NOT-FOR-US: Adobe Flash Media Server
 CVE-2009-3791 (Unspecified vulnerability in Adobe Flash Media Server (FMS)
before ...)
@@ -25004,7 +25007,7 @@
 	NOT-FOR-US: PTZCamPanelCtrl ActiveX control
 CVE-2008-4547 (Heap-based buffer overflow in the PdvrAtl.PdvrOcx.1 ActiveX
control ...)
 	NOT-FOR-US: DVRHOST Web CMS
-CVE-2008-4546 (Adobe Flash Player 9.0.45.0, 9.0.112.0, 9.0.124.0, and
10.0.12.10 ...)
+CVE-2008-4546 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64,
and ...)
 	NOT-FOR-US: Adobe Flash
 CVE-2008-4558 (Array index error in VLC media player 0.9.2 allows remote
attackers to ...)
 	- vlc 0.9.3-1 (medium; bug #502314)
Secure testing commits - Jun 2010 - r14879 - data/CVE

[Secure-testing-commits] r14879 - data/CVE
