thr3ads.net - Secure testing commits - [Secure-testing-commits] r15344

If this information is useful, please help other people find it:
Share via:
Joey Hess
2010-Sep-17 21:14 UTC
[Secure-testing-commits] r15344 - data/CVE

Author: joeyh
Date: 2010-09-17 21:14:53 +0000 (Fri, 17 Sep 2010)
New Revision: 15344

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2010-09-17 18:55:47 UTC (rev 15343)
+++ data/CVE/list	2010-09-17 21:14:53 UTC (rev 15344)
@@ -1,3 +1,59 @@
+CVE-2010-3428 (SQL injection vulnerability in modules/notes/json.php in
Intermesh ...)
+	TODO: check
+CVE-2010-3427 (Multiple cross-site scripting (XSS) vulnerabilities in Open ...)
+	TODO: check
+CVE-2010-3426 (Directory traversal vulnerability in jphone.php in the JPhone
...)
+	TODO: check
+CVE-2010-3425 (Cross-site scripting (XSS) vulnerability in ...)
+	TODO: check
+CVE-2010-3424 (Cross-site scripting (XSS) vulnerability in ...)
+	TODO: check
+CVE-2010-3423 (SQL injection vulnerability in the Yr Weatherdata module for
Drupal ...)
+	TODO: check
+CVE-2010-3422 (SQL injection vulnerability in the JGen (com_jgen) component
0.9.33 ...)
+	TODO: check
+CVE-2010-3421 (Cross-site scripting (XSS) vulnerability in AffiliateLogin.asp
in ...)
+	TODO: check
+CVE-2010-3420 (Cross-site scripting (XSS) vulnerability in Products_Results.php
in ...)
+	TODO: check
+CVE-2010-3419 (Multiple PHP remote file inclusion vulnerabilities in
Haudenschilt ...)
+	TODO: check
+CVE-2010-3418 (Multiple cross-site scripting (XSS) vulnerabilities in NetArt
Media ...)
+	TODO: check
+CVE-2010-3417 (Google Chrome before 6.0.472.59 does not prompt the user before
...)
+	TODO: check
+CVE-2010-3416 (Google Chrome before 6.0.472.59 on Linux does not properly
implement ...)
+	TODO: check
+CVE-2010-3415 (Google Chrome before 6.0.472.59 does not properly implement ...)
+	TODO: check
+CVE-2010-3414 (Google Chrome before 6.0.472.59 on Mac OS X does not properly
...)
+	TODO: check
+CVE-2010-3413 (Unspecified vulnerability in the pop-up blocking functionality
in ...)
+	TODO: check
+CVE-2010-3412 (Race condition in the console implementation in Google Chrome
before ...)
+	TODO: check
+CVE-2010-3411 (Google Chrome before 6.0.472.59 on Linux does not properly
handle ...)
+	TODO: check
+CVE-2010-3410 (Use-after-free vulnerability in Google Chrome before 6.0.472.59
allows ...)
+	TODO: check
+CVE-2010-3409 (Use-after-free vulnerability in Google Chrome before 6.0.472.59
allows ...)
+	TODO: check
+CVE-2010-3408 (Use-after-free vulnerability in Google Chrome before 6.0.472.59
allows ...)
+	TODO: check
+CVE-2010-3407 (Stack-based buffer overflow in the MailCheck821Address function
in ...)
+	TODO: check
+CVE-2010-3406 (Unspecified vulnerability in sa_snap in the bos.esagent fileset
in IBM ...)
+	TODO: check
+CVE-2010-3405 (Buffer overflow in sa_snap in the bos.esagent fileset in IBM AIX
6.1, ...)
+	TODO: check
+CVE-2010-3404 (Multiple SQL injection vulnerabilities in eshtery CMS (aka ...)
+	TODO: check
+CVE-2010-3403 (Untrusted search path vulnerability in Qualcomm eXtensible
Diagnostic ...)
+	TODO: check
+CVE-2010-3402 (Untrusted search path vulnerability in IDM Computer Solutions
...)
+	TODO: check
+CVE-2010-3401
+	RESERVED
 CVE-2010-XXXX [python accept() implementation in async core is broken]
 	- python2.7 <unfixed>
 	- python3.1 <unfixed>
@@ -387,6 +443,7 @@
 	- gnome-power-manager <unfixed>
 	TODO: check
 CVE-2010-3306 [weborf directory traversal]
+	RESERVED
 	- weborf 0.12.3-1
 	NOTE: http://www.exploit-db.com/exploits/14925/
 CVE-2010-3243
@@ -828,14 +885,17 @@
 	NOTE: http://www.djangoproject.com/weblog/2010/sep/08/security-release/
 CVE-2010-3081 [64-bit Compatibility Mode Stack Pointer Underflow]
 	RESERVED
+	{DSA-2110-1}
 	- linux-2.6 2.6.32-23 (high)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-3081
 CVE-2010-3080
 	RESERVED
+	{DSA-2110-1}
 CVE-2010-3079
 	RESERVED
 CVE-2010-3078 [linux: xfs: XFS_IOC_FSGETXATTR ioctl memory leak]
 	RESERVED
+	{DSA-2110-1}
 	- linux-2.6 <unfixed>
 	NOTE: see RH''s bugzilla
 CVE-2010-3077 [horde XSS in icon_browser.php]
@@ -1129,6 +1189,7 @@
 CVE-2010-2955 (The cfg80211_wext_giwessid function in
net/wireless/wext-compat.c in ...)
 	- linux-2.6 2.6.32-23
 CVE-2010-2954 (The irda_bind function in net/irda/af_irda.c in the Linux kernel
...)
+	{DSA-2110-1}
 	- linux-2.6 2.6.32-22
 CVE-2010-2953 (Untrusted search path vulnerability in a certain Debian
GNU/Linux ...)
 	{DSA-2107-1}
@@ -2417,6 +2478,7 @@
 CVE-2010-2493 (The default configuration of the deployment descriptor (aka
web.xml) ...)
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full
application server, #581226)
 CVE-2010-2492 (Buffer overflow in the ecryptfs_uid_hash macro in ...)
+	{DSA-2110-1}
 	- linux-2.6 2.6.32-19 
 CVE-2010-2491 [roundup XSS]
 	RESERVED
Secure testing commits - Sep 2010 - r15344 - data/CVE

[Secure-testing-commits] r15344 - data/CVE
