thr3ads.net - Secure testing commits - [Secure-testing-commits] r15105

If this information is useful, please help other people find it:
Share via:
Joey Hess
2010-Aug-02 21:15 UTC
[Secure-testing-commits] r15105 - data/CVE

Author: joeyh
Date: 2010-08-02 21:15:04 +0000 (Mon, 02 Aug 2010)
New Revision: 15105

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2010-08-02 19:05:11 UTC (rev 15104)
+++ data/CVE/list	2010-08-02 21:15:04 UTC (rev 15105)
@@ -1,3 +1,29 @@
+CVE-2010-2926 (SQL injection vulnerability in index.php in sNews 1.7 allows
remote ...)
+	TODO: check
+CVE-2010-2925 (SQL injection vulnerability in index.php in Freeway CMS
1.4.3.210 ...)
+	TODO: check
+CVE-2010-2924 (SQL injection vulnerability in myLDlinker.php in the myLinksDump
...)
+	TODO: check
+CVE-2010-2923 (SQL injection vulnerability in the YouTube (com_youtube)
component 1.5 ...)
+	TODO: check
+CVE-2010-2922 (SQL injection vulnerability in default.asp in AKY Blog allows
remote ...)
+	TODO: check
+CVE-2010-2921 (SQL injection vulnerability in the Golf Course Guide ...)
+	TODO: check
+CVE-2010-2920 (Directory traversal vulnerability in the Foobla Suggestions ...)
+	TODO: check
+CVE-2010-2919 (SQL injection vulnerability in the StaticXT (com_staticxt)
component ...)
+	TODO: check
+CVE-2010-2918 (PHP remote file inclusion vulnerability in ...)
+	TODO: check
+CVE-2010-2917 (Multiple cross-site scripting (XSS) vulnerabilities in index.php
in AJ ...)
+	TODO: check
+CVE-2010-2916 (SQL injection vulnerability in news.php in AJ Square AJ HYIP
MERIDIAN ...)
+	TODO: check
+CVE-2010-2915 (SQL injection vulnerability in welcome.php in AJ Square AJ HYIP
PRIME ...)
+	TODO: check
+CVE-2010-2914 (Cross-site scripting (XSS) vulnerability in
nessusd_www_server.nbin in ...)
+	TODO: check
 CVE-2010-2913 (The Citibank Citi Mobile app before 2.0.3 for iOS stores account
data ...)
 	NOT-FOR-US: Citibank Citi Mobile app
 CVE-2010-2912 (SQL injection vulnerability in index.php in Kayako eSupport
3.70.02 ...)
@@ -433,20 +459,17 @@
 	- xulrunner 1.9.1.11-1
 	- iceape 2.0.6-1
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2010-2753
-	RESERVED
+CVE-2010-2753 (Integer overflow in Mozilla Firefox 3.5.x before 3.5.11 and
3.6.x ...)
 	{DSA-2075-1}
 	- xulrunner 1.9.1.11-1
 	- iceape 2.0.6-1
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2010-2752
-	RESERVED
+CVE-2010-2752 (Integer overflow in an array class in Mozilla Firefox 3.5.x
before ...)
 	- xulrunner 1.9.1.11-1
 	[lenny] - xulrunner <not-affected> (Only affects 1.9.1 and above)
 	- iceape 2.0.6-1
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2010-2751
-	RESERVED
+CVE-2010-2751 (The nsDocShell::OnRedirectStateChange function in ...)
 	{DSA-2075-1}
 	- xulrunner 1.9.1.11-1
 	- iceape 2.0.6-1
@@ -1107,6 +1130,7 @@
 	- znc 0.090-2 (bug #584929)
 CVE-2010-2487 [moin XSS]
 	RESERVED
+	{DSA-2083-1}
 	- moin 1.9.3-1 (bug #584809)
 CVE-2010-2486
 	RESERVED
@@ -2830,44 +2854,44 @@
 	RESERVED
 CVE-2010-1797
 	RESERVED
-CVE-2010-1796
-	RESERVED
+CVE-2010-1796 (The AutoFill feature in Apple Safari before 5.0.1 on Mac OS X
10.5 ...)
+	TODO: check
 CVE-2010-1795
 	RESERVED
 CVE-2010-1794
 	RESERVED
-CVE-2010-1793
-	RESERVED
-CVE-2010-1792
-	RESERVED
-CVE-2010-1791
-	RESERVED
-CVE-2010-1790
-	RESERVED
-CVE-2010-1789
-	RESERVED
-CVE-2010-1788
-	RESERVED
-CVE-2010-1787
-	RESERVED
-CVE-2010-1786
-	RESERVED
-CVE-2010-1785
-	RESERVED
-CVE-2010-1784
-	RESERVED
-CVE-2010-1783
-	RESERVED
-CVE-2010-1782
-	RESERVED
+CVE-2010-1793 (Multiple use-after-free vulnerabilities in WebKit in Apple
Safari ...)
+	TODO: check
+CVE-2010-1792 (WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through
10.6 and ...)
+	TODO: check
+CVE-2010-1791 (Integer signedness error in WebKit in Apple Safari before 5.0.1
on Mac ...)
+	TODO: check
+CVE-2010-1790 (WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through
10.6 and ...)
+	TODO: check
+CVE-2010-1789 (Heap-based buffer overflow in WebKit in Apple Safari before
5.0.1 on ...)
+	TODO: check
+CVE-2010-1788 (WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through
10.6 and ...)
+	TODO: check
+CVE-2010-1787 (WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through
10.6 and ...)
+	TODO: check
+CVE-2010-1786 (Use-after-free vulnerability in WebKit in Apple Safari before
5.0.1 on ...)
+	TODO: check
+CVE-2010-1785 (WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through
10.6 and ...)
+	TODO: check
+CVE-2010-1784 (The counters functionality in the Cascading Style Sheets (CSS)
...)
+	TODO: check
+CVE-2010-1783 (WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through
10.6 and ...)
+	TODO: check
+CVE-2010-1782 (WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through
10.6 and ...)
+	TODO: check
 CVE-2010-1781
 	RESERVED
-CVE-2010-1780
-	RESERVED
+CVE-2010-1780 (Use-after-free vulnerability in WebKit in Apple Safari before
5.0.1 on ...)
+	TODO: check
 CVE-2010-1779
 	RESERVED
-CVE-2010-1778
-	RESERVED
+CVE-2010-1778 (Cross-site scripting (XSS) vulnerability in Apple Safari before
5.0.1 ...)
+	TODO: check
 CVE-2010-1777 (Buffer overflow in Apple iTunes before 9.2.1 allows remote
attackers ...)
 	TODO: check
 CVE-2010-1776
@@ -4595,46 +4619,39 @@
 	NOT-FOR-US: com_jeformcr component for Joomla!
 CVE-2010-1216 (PHP remote file inclusion vulnerability in
templates/template.php in ...)
 	NOT-FOR-US: notsoPureEdit
-CVE-2010-1215
-	RESERVED
+CVE-2010-1215 (Mozilla Firefox 3.6.x before 3.6.7 and Thunderbird 3.1.x before
3.1.1 ...)
 	- xulrunner <not-affected> (Only affects Firefox 3.6.x and above)
-CVE-2010-1214
-	RESERVED
+CVE-2010-1214 (Integer overflow in Mozilla Firefox 3.5.x before 3.5.11 and
3.6.x ...)
 	{DSA-2075-1}
 	- xulrunner 1.9.1.11-1
 	- iceape 2.0.6-1
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2010-1213
-	RESERVED
+CVE-2010-1213 (The importScripts Web Worker method in Mozilla Firefox 3.5.x
before ...)
 	- xulrunner 1.9.1.11-1
 	[lenny] - xulrunner <not-affected> (Only affects 1.9.1 and above)
 	- iceape 2.0.6-1
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2010-1212
-	RESERVED
+CVE-2010-1212 (js/src/jstracer.cpp in the browser engine in Mozilla Firefox
3.6.x ...)
 	- xulrunner <not-affected> (Only affects Firefox 3.6.x and above)
-CVE-2010-1211
-	RESERVED
+CVE-2010-1211 (Multiple unspecified vulnerabilities in the browser engine in
Mozilla ...)
 	{DSA-2075-1}
 	- xulrunner 1.9.1.11-1
 	- iceape 2.0.6-1
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2010-1210
-	RESERVED
-CVE-2010-1209
-	RESERVED
+CVE-2010-1210 (intl/uconv/util/nsUnicodeDecodeHelper.cpp in Mozilla Firefox
before ...)
+	TODO: check
+CVE-2010-1209 (Use-after-free vulnerability in the NodeIterator implementation
in ...)
 	- xulrunner 1.9.1.11-1
 	[lenny] - xulrunner <not-affected> (Only affects 1.9.1 and above)
 	- iceape 2.0.6-1
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2010-1208
-	RESERVED
+CVE-2010-1208 (The attribute-cloning functionality in the DOM implementation in
...)
 	{DSA-2075-1}
 	- xulrunner 1.9.1.11-1
 	- iceape 2.0.6-1
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2010-1207
-	RESERVED
+CVE-2010-1207 (Mozilla Firefox before 3.6.7 and Thunderbird before 3.1.1 do not
...)
+	TODO: check
 CVE-2010-1206 (The startDocumentLoad function in
browser/base/content/browser.js in ...)
 	- iceweasel 3.5.11-1
 	[lenny] - iceweasel <not-affected> (Vulnerable code not present)
Secure testing commits - Aug 2010 - r15105 - data/CVE

[Secure-testing-commits] r15105 - data/CVE
