Author: jmm-guest Date: 2010-06-30 07:00:44 +0000 (Wed, 30 Jun 2010) New Revision: 14931 Modified: data/CVE/list Log: - cups fixed - adobe reader NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2010-06-30 00:05:14 UTC (rev 14930) +++ data/CVE/list 2010-06-30 07:00:44 UTC (rev 14931) @@ -182,7 +182,7 @@ CVE-2010-2432 (The cupsDoAuthentication function in auth.c in the client in CUPS ...) - cups <unfixed> CVE-2010-2431 (The cupsFileOpen function in CUPS before 1.4.4 allows local users, ...) - - cups <unfixed> + - cups 1.4.4-1 CVE-2010-2430 RESERVED CVE-2010-2429 (Cross-site scripting (XSS) vulnerability in Splunk 4.0 through 4.1.2, ...) @@ -718,28 +718,39 @@ RESERVED CVE-2010-2212 RESERVED + NOT-FOR-US: Adobe Reader CVE-2010-2211 RESERVED + NOT-FOR-US: Adobe Reader CVE-2010-2210 RESERVED + NOT-FOR-US: Adobe Reader CVE-2010-2209 RESERVED + NOT-FOR-US: Adobe Reader CVE-2010-2208 RESERVED + NOT-FOR-US: Adobe Reader CVE-2010-2207 RESERVED + NOT-FOR-US: Adobe Reader CVE-2010-2206 RESERVED + NOT-FOR-US: Adobe Reader CVE-2010-2205 RESERVED + NOT-FOR-US: Adobe Reader CVE-2010-2204 RESERVED CVE-2010-2203 RESERVED + NOT-FOR-US: Adobe Reader CVE-2010-2202 RESERVED + NOT-FOR-US: Adobe Reader CVE-2010-2201 RESERVED + NOT-FOR-US: Adobe Reader CVE-2010-2200 RESERVED CVE-2010-2199 (lib/fsm.c in RPM 4.8.0 and earlier does not properly reset the ...) @@ -820,6 +831,7 @@ NOT-FOR-US: Adobe Flash CVE-2010-2168 RESERVED + NOT-FOR-US: Adobe Reader CVE-2010-2167 (Multiple heap-based buffer overflows in Adobe Flash Player before ...) NOT-FOR-US: Adobe Flash CVE-2010-2166 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and ...) @@ -1921,7 +1933,7 @@ NOTE: https://bugs.webkit.org/show_bug.cgi?id=38625 NOTE: http://trac.webkit.org/changeset/45941 CVE-2010-1748 (The cgi_initialize_string function in cgi-bin/var.c in the web ...) - - cups <unfixed> + - cups 1.4.4-1 CVE-2010-1747 RESERVED CVE-2010-1746 (Multiple cross-site scripting (XSS) vulnerabilities in the Table JX ...) @@ -3269,6 +3281,7 @@ NOT-FOR-US: Adobe Photoshop CS4 CVE-2010-1295 RESERVED + NOT-FOR-US: Adobe Reader CVE-2010-1294 (Unspecified vulnerability in Adobe ColdFusion 8.0, 8.0.1, and 9.0 ...) NOT-FOR-US: Adobe ColdFusion CVE-2010-1293 (Cross-site scripting (XSS) vulnerability in the Administrator page in ...) @@ -3289,6 +3302,7 @@ NOT-FOR-US: Adobe Shockwave Player CVE-2010-1285 RESERVED + NOT-FOR-US: Adobe Reader CVE-2010-1284 (Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a ...) NOT-FOR-US: Adobe Shockwave Player CVE-2010-1283 (Adobe Shockwave Player before 11.5.7.609 does not properly parse 3D ...) @@ -5584,12 +5598,12 @@ CVE-2010-0543 (ImageIO in Apple Mac OS X 10.5.8, and 10.6 before 10.6.2, allows ...) NOT-FOR-US: Apple Mac OS X CVE-2010-0542 (The _WriteProlog function in texttops.c in texttops in the Text Filter ...) - - cups <unfixed> + - cups 1.4.4-1 CVE-2010-0541 (Cross-site scripting (XSS) vulnerability in the WEBrick HTTP server in ...) - libwebapp-ruby <undetermined> TODO: check CVE-2010-0540 (Cross-site request forgery (CSRF) vulnerability in the web interface ...) - - cups <unfixed> + - cups 1.4.4-1 CVE-2010-0539 (Integer signedness error in the window drawing implementation in Apple ...) NOT-FOR-US: Apple Java CVE-2010-0538 (Apple Java for Mac OS X 10.5 before Update 7 and Java for Mac OS X ...)