thr3ads.net - Secure testing commits - [Secure-testing-commits] r15474

If this information is useful, please help other people find it:
Share via:
Joey Hess
2010-Oct-14 21:14 UTC
[Secure-testing-commits] r15474 - data/CVE

Author: joeyh
Date: 2010-10-14 21:14:51 +0000 (Thu, 14 Oct 2010)
New Revision: 15474

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2010-10-14 20:56:33 UTC (rev 15473)
+++ data/CVE/list	2010-10-14 21:14:51 UTC (rev 15474)
@@ -1087,50 +1087,50 @@
 	RESERVED
 CVE-2010-3522
 	RESERVED
-CVE-2010-3521
-	RESERVED
-CVE-2010-3520
-	RESERVED
-CVE-2010-3519
-	RESERVED
-CVE-2010-3518
-	RESERVED
-CVE-2010-3517
-	RESERVED
-CVE-2010-3516
-	RESERVED
-CVE-2010-3515
-	RESERVED
-CVE-2010-3514
-	RESERVED
-CVE-2010-3513
-	RESERVED
-CVE-2010-3512
-	RESERVED
-CVE-2010-3511
-	RESERVED
+CVE-2010-3521 (Unspecified vulnerability in the PeopleSoft Enterprise HCM ePay
...)
+	TODO: check
+CVE-2010-3520 (Unspecified vulnerability in the PeopleSoft Enterprise HCM - GP
France ...)
+	TODO: check
+CVE-2010-3519 (Unspecified vulnerability in the PeopleSoft Enterprise
PeopleTools ...)
+	TODO: check
+CVE-2010-3518 (Unspecified vulnerability in the PeopleSoft Enterprise HCM GP -
Japan ...)
+	TODO: check
+CVE-2010-3517 (Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris
allows ...)
+	TODO: check
+CVE-2010-3516 (Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris
allows ...)
+	TODO: check
+CVE-2010-3515 (Unspecified vulnerability in the Solaris component in Oracle
Solaris 9 ...)
+	TODO: check
+CVE-2010-3514 (Unspecified vulnerability in the Oracle iPlanet Web Server (Sun
Java ...)
+	TODO: check
+CVE-2010-3513 (Unspecified vulnerability in Oracle Solaris 9 and 10, and
OpenSolaris, ...)
+	TODO: check
+CVE-2010-3512 (Unspecified vulnerability in the Oracle iPlanet Web Server (Sun
Java ...)
+	TODO: check
+CVE-2010-3511 (Unspecified vulnerability in Oracle OpenSolaris allows local
users to ...)
+	TODO: check
 CVE-2010-3510
 	RESERVED
-CVE-2010-3509
-	RESERVED
-CVE-2010-3508
-	RESERVED
-CVE-2010-3507
-	RESERVED
-CVE-2010-3506
-	RESERVED
+CVE-2010-3509 (Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows
remote ...)
+	TODO: check
+CVE-2010-3508 (Unspecified vulnerability in Oracle Solaris 10 allows local
users to ...)
+	TODO: check
+CVE-2010-3507 (Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows
local ...)
+	TODO: check
+CVE-2010-3506 (Unspecified vulnerability in the Oracle Explorer (Sun Explorer)
...)
+	TODO: check
 CVE-2010-3505
 	RESERVED
-CVE-2010-3504
-	RESERVED
-CVE-2010-3503
-	RESERVED
-CVE-2010-3502
-	RESERVED
-CVE-2010-3501
-	RESERVED
-CVE-2010-3500
-	RESERVED
+CVE-2010-3504 (Unspecified vulnerability in the Oracle Applications Technology
Stack ...)
+	TODO: check
+CVE-2010-3503 (Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris
allows ...)
+	TODO: check
+CVE-2010-3502 (Unspecified vulnerability in the Siebel Core component in Oracle
...)
+	TODO: check
+CVE-2010-3501 (Unspecified vulnerability in the OID component in Oracle Fusion
...)
+	TODO: check
+CVE-2010-3500 (Unspecified vulnerability in the Siebel Core - Highly
Interactive ...)
+	TODO: check
 CVE-2010-3476 (Open Ticket Request System (OTRS) 2.3.x before 2.3.6 and 2.4.x
before ...)
 	- otrs2 2.4.8+dfsg1-1
 CVE-2010-3475 (IBM DB2 9.7 before FP3 does not properly enforce privilege ...)
@@ -1563,21 +1563,21 @@
 	RESERVED
 CVE-2010-3332 (Microsoft .NET Framework 1.1 SP1, 2.0 SP1 and SP2, 3.5, 3.5 SP1,
...)
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2010-3331
-	RESERVED
-CVE-2010-3330
-	RESERVED
-CVE-2010-3329
-	RESERVED
-CVE-2010-3328
-	RESERVED
-CVE-2010-3327
-	RESERVED
-CVE-2010-3326
-	RESERVED
-CVE-2010-3325
-	RESERVED
-CVE-2010-3324 (The toStaticHTML function in Microsoft Internet Explorer 8
allows ...)
+CVE-2010-3331 (Microsoft Internet Explorer 6 through 8 does not properly handle
...)
+	TODO: check
+CVE-2010-3330 (Microsoft Internet Explorer 6 through 8 does not properly
restrict ...)
+	TODO: check
+CVE-2010-3329 (Microsoft Internet Explorer 7 and 8 does not properly handle
objects ...)
+	TODO: check
+CVE-2010-3328 (Microsoft Internet Explorer 6 through 8 does not properly handle
...)
+	TODO: check
+CVE-2010-3327 (The implementation of HTML content creation in Microsoft
Internet ...)
+	TODO: check
+CVE-2010-3326 (Microsoft Internet Explorer 6 does not properly handle objects
in ...)
+	TODO: check
+CVE-2010-3325 (Microsoft Internet Explorer 6 through 8 does not properly handle
...)
+	TODO: check
+CVE-2010-3324 (The toStaticHTML function in Microsoft Internet Explorer 8, and
the ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2010-3323 (Splunk 4.0.0 through 4.1.4 allows remote attackers to conduct
session ...)
 	NOT-FOR-US: Splunk
@@ -1807,66 +1807,66 @@
 	- gnome-power-manager 2.28.0-1 (unimportant)
 CVE-2010-3306 (Directory traversal vulnerability in the modURL function in
instance.c ...)
 	- weborf 0.12.3-1 (bug #596112)
-CVE-2010-3243
-	RESERVED
-CVE-2010-3242
-	RESERVED
-CVE-2010-3241
-	RESERVED
-CVE-2010-3240
-	RESERVED
-CVE-2010-3239
-	RESERVED
-CVE-2010-3238
-	RESERVED
-CVE-2010-3237
-	RESERVED
-CVE-2010-3236
-	RESERVED
-CVE-2010-3235
-	RESERVED
-CVE-2010-3234
-	RESERVED
-CVE-2010-3233
-	RESERVED
-CVE-2010-3232
-	RESERVED
-CVE-2010-3231
-	RESERVED
-CVE-2010-3230
-	RESERVED
-CVE-2010-3229
-	RESERVED
-CVE-2010-3228
-	RESERVED
+CVE-2010-3243 (Cross-site scripting (XSS) vulnerability in the toStaticHTML
function ...)
+	TODO: check
+CVE-2010-3242 (Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open
XML ...)
+	TODO: check
+CVE-2010-3241 (Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open
XML ...)
+	TODO: check
+CVE-2010-3240 (Microsoft Excel 2002 SP3 and 2007 SP2; Excel Viewer SP2; and
Office ...)
+	TODO: check
+CVE-2010-3239 (Microsoft Excel 2002 SP3 does not properly validate record ...)
+	TODO: check
+CVE-2010-3238 (Microsoft Excel 2002 SP3 and 2003 SP3, and Office 2004 for Mac,
does ...)
+	TODO: check
+CVE-2010-3237 (Microsoft Excel 2002 SP3 and Office 2004 for Mac do not properly
...)
+	TODO: check
+CVE-2010-3236 (Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for
Mac, ...)
+	TODO: check
+CVE-2010-3235 (Microsoft Excel 2002 SP3 does not properly validate formula ...)
+	TODO: check
+CVE-2010-3234 (Microsoft Excel 2002 SP3 does not properly validate formula ...)
+	TODO: check
+CVE-2010-3233 (Microsoft Excel 2002 SP3 and 2003 SP3 does not properly validate
...)
+	TODO: check
+CVE-2010-3232 (Microsoft Excel 2003 SP3 and 2007 SP2; Office 2004 and 2008 for
Mac; ...)
+	TODO: check
+CVE-2010-3231 (Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open
XML ...)
+	TODO: check
+CVE-2010-3230 (Integer overflow in Microsoft Excel 2002 SP3 allows remote
attackers ...)
+	TODO: check
+CVE-2010-3229 (The Secure Channel (aka SChannel) security package in Microsoft
...)
+	TODO: check
+CVE-2010-3228 (The JIT compiler in Microsoft .NET Framework 4.0 on 64-bit
platforms ...)
+	TODO: check
 CVE-2010-3227
 	RESERVED
 CVE-2010-3226
 	RESERVED
-CVE-2010-3225
-	RESERVED
+CVE-2010-3225 (Use-after-free vulnerability in the Media Player Network Sharing
...)
+	TODO: check
 CVE-2010-3224
 	RESERVED
-CVE-2010-3223
-	RESERVED
-CVE-2010-3222
-	RESERVED
-CVE-2010-3221
-	RESERVED
-CVE-2010-3220
-	RESERVED
-CVE-2010-3219
-	RESERVED
-CVE-2010-3218
-	RESERVED
-CVE-2010-3217
-	RESERVED
-CVE-2010-3216
-	RESERVED
-CVE-2010-3215
-	RESERVED
-CVE-2010-3214
-	RESERVED
+CVE-2010-3223 (The user interface in Microsoft Cluster Service (MSCS) in
Microsoft ...)
+	TODO: check
+CVE-2010-3222 (Stack-based buffer overflow in the Remote Procedure Call
Subsystem ...)
+	TODO: check
+CVE-2010-3221 (Microsoft Word 2002 SP3 and 2003 SP3, Office 2004 for Mac, and
Word ...)
+	TODO: check
+CVE-2010-3220 (Unspecified vulnerability in Microsoft Word 2002 SP3 and Office
2004 ...)
+	TODO: check
+CVE-2010-3219 (Microsoft Word 2002 SP3 does not properly handle indexes during
...)
+	TODO: check
+CVE-2010-3218 (Heap-based buffer overflow in Microsoft Word 2002 SP3 allows
remote ...)
+	TODO: check
+CVE-2010-3217 (Microsoft Word 2002 SP3 does not properly handle pointers during
...)
+	TODO: check
+CVE-2010-3216 (Microsoft Word 2002 SP3 and Office 2004 for Mac do not properly
handle ...)
+	TODO: check
+CVE-2010-3215 (Microsoft Word 2002 SP3 and Office 2004 for Mac do not properly
handle ...)
+	TODO: check
+CVE-2010-3214 (Stack-based buffer overflow in Microsoft Word 2002 SP3, 2003
SP3, 2007 ...)
+	TODO: check
 CVE-2010-3213 (Cross-site request forgery (CSRF) vulnerability in Microsoft
Outlook ...)
 	NOT-FOR-US: Microsoft Outlook Web Access
 CVE-2010-3212 (SQL injection vulnerability in index.php in Seagull 0.6.7 and
earlier ...)
@@ -3172,28 +3172,28 @@
 	[lenny] - iceweasel <not-affected> (Iceweasel in Lenny links against
xulrunner)
 	- iceape 2.0.6-1
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2010-2750
-	RESERVED
+CVE-2010-2750 (Microsoft Word 2002 SP3 and Office 2004 for Mac do not properly
handle ...)
+	TODO: check
 CVE-2010-2749
 	RESERVED
-CVE-2010-2748
-	RESERVED
-CVE-2010-2747
-	RESERVED
-CVE-2010-2746
-	RESERVED
-CVE-2010-2745
-	RESERVED
-CVE-2010-2744
-	RESERVED
+CVE-2010-2748 (Microsoft Word 2002 SP3 and Office 2004 for Mac do not properly
check ...)
+	TODO: check
+CVE-2010-2747 (Microsoft Word 2002 SP3 and Office 2004 for Mac do not properly
handle ...)
+	TODO: check
+CVE-2010-2746 (Heap-based buffer overflow in Comctl32.dll (aka the common
control ...)
+	TODO: check
+CVE-2010-2745 (Microsoft Windows Media Player (WMP) 9 through 12 does not
properly ...)
+	TODO: check
+CVE-2010-2744 (The kernel-mode drivers in Microsoft Windows XP SP2 and SP3,
Windows ...)
+	TODO: check
 CVE-2010-2743
 	RESERVED
 CVE-2010-2742
 	RESERVED
-CVE-2010-2741
-	RESERVED
-CVE-2010-2740
-	RESERVED
+CVE-2010-2741 (The OpenType Font (OTF) format driver in Microsoft Windows XP
SP2 and ...)
+	TODO: check
+CVE-2010-2740 (The OpenType Font (OTF) format driver in Microsoft Windows XP
SP2 and ...)
+	TODO: check
 CVE-2010-2739 (Buffer overflow in the CreateDIBPalette function in win32k.sys
in ...)
 	NOT-FOR-US: Windows
 CVE-2010-2738 (The Uniscribe (aka new Unicode Script Processor) implementation
in ...)
@@ -3648,7 +3648,7 @@
 	NOT-FOR-US: Microsoft
 CVE-2010-2550 (The SMB Server in Microsoft Windows XP SP2 and SP3, Windows
Server ...)
 	NOT-FOR-US: Microsoft
-CVE-2010-2549 (Use-after-free vulnerability in Microsoft Windows Vista and
Server ...)
+CVE-2010-2549 (Use-after-free vulnerability in the kernel-mode drivers in
Microsoft ...)
 	NOT-FOR-US: Microsoft
 CVE-2010-2548
 	RESERVED
@@ -3987,38 +3987,38 @@
 	[lenny] - moodle <not-affected> (doesn''t ship/use htmlpurifier)
 	- knowledgeroot 0.9.9.5-5
 	[lenny] - knowledgeroot <no-dsa> (low)
-CVE-2010-2419
-	RESERVED
-CVE-2010-2418
-	RESERVED
-CVE-2010-2417
-	RESERVED
-CVE-2010-2416
-	RESERVED
-CVE-2010-2415
-	RESERVED
-CVE-2010-2414
-	RESERVED
-CVE-2010-2413
-	RESERVED
-CVE-2010-2412
-	RESERVED
-CVE-2010-2411
-	RESERVED
-CVE-2010-2410
-	RESERVED
-CVE-2010-2409
-	RESERVED
-CVE-2010-2408
-	RESERVED
-CVE-2010-2407
-	RESERVED
-CVE-2010-2406
-	RESERVED
-CVE-2010-2405
-	RESERVED
-CVE-2010-2404
-	RESERVED
+CVE-2010-2419 (Unspecified vulnerability in the Java Virtual Machine component
in ...)
+	TODO: check
+CVE-2010-2418 (Unspecified vulnerability in the Oracle Territory Management
component ...)
+	TODO: check
+CVE-2010-2417 (Unspecified vulnerability in the Agile PLM component in Oracle
Supply ...)
+	TODO: check
+CVE-2010-2416 (Unspecified vulnerability in the Oracle E-Business Intelligence
...)
+	TODO: check
+CVE-2010-2415 (Unspecified vulnerability in the Change Data Capture component
in ...)
+	TODO: check
+CVE-2010-2414 (Unspecified vulnerability in the (1) Sun Convergence 1 and (2)
Sun ...)
+	TODO: check
+CVE-2010-2413 (Unspecified vulnerability in the BI Publisher component in
Oracle ...)
+	TODO: check
+CVE-2010-2412 (Unspecified vulnerability in the OLAP component in Oracle
Database ...)
+	TODO: check
+CVE-2010-2411 (Unspecified vulnerability in the Job Queue component in Oracle
...)
+	TODO: check
+CVE-2010-2410 (Unspecified vulnerability in the Cabo/UIX component in Oracle
Fusion ...)
+	TODO: check
+CVE-2010-2409 (Unspecified vulnerability in the Cabo/UIX component in Oracle
Fusion ...)
+	TODO: check
+CVE-2010-2408 (Unspecified vulnerability in the Oracle iRecruitment component
in ...)
+	TODO: check
+CVE-2010-2407 (Unspecified vulnerability in the XDK component in Oracle
Database ...)
+	TODO: check
+CVE-2010-2406 (Unspecified vulnerability in the Siebel Core - Highly
Interactive ...)
+	TODO: check
+CVE-2010-2405 (Unspecified vulnerability in the Siebel Core - Highly
Interactive ...)
+	TODO: check
+CVE-2010-2404 (Unspecified vulnerability in the Oracle iRecruitment component
in ...)
+	TODO: check
 CVE-2010-2403 (Unspecified vulnerability in the PeopleSoft Enterprise Campus
...)
 	NOT-FOR-US: PeopleSoft
 CVE-2010-2402 (Unspecified vulnerability in the PeopleSoft Enterprise
PeopleTools ...)
@@ -4033,24 +4033,24 @@
 	NOT-FOR-US: PeopleSoft
 CVE-2010-2397 (Unspecified vulnerability in Oracle Sun Java System Application
Server ...)
 	NOT-FOR-US: Oracle Sun Java System Application Serve
-CVE-2010-2396
-	RESERVED
-CVE-2010-2395
-	RESERVED
+CVE-2010-2396 (Unspecified vulnerability in the Forms component in Oracle
Fusion ...)
+	TODO: check
+CVE-2010-2395 (Unspecified vulnerability in the Cabo/UIX component in Oracle
Fusion ...)
+	TODO: check
 CVE-2010-2394 (Unspecified vulnerability in Oracle Solaris 10 allows local
users to ...)
 	NOT-FOR-US: Solaris
 CVE-2010-2393 (Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris
allows ...)
 	NOT-FOR-US: Solaris
 CVE-2010-2392 (Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris
allows ...)
 	NOT-FOR-US: Solaris
-CVE-2010-2391
-	RESERVED
-CVE-2010-2390
-	RESERVED
-CVE-2010-2389
-	RESERVED
-CVE-2010-2388
-	RESERVED
+CVE-2010-2391 (Unspecified vulnerability in the Core RDBMS component in Oracle
...)
+	TODO: check
+CVE-2010-2390 (Unspecified vulnerability in the Database Control component in
EM ...)
+	TODO: check
+CVE-2010-2389 (Unspecified vulnerability in the Perl component in Oracle
Database ...)
+	TODO: check
+CVE-2010-2388 (Unspecified vulnerability in the Oracle Applications Manager
component ...)
+	TODO: check
 CVE-2010-2387
 	RESERVED
 CVE-2010-2386 (Unspecified vulnerability in Oracle Solaris 8, 9, and 10, and
...)
@@ -5304,8 +5304,8 @@
 	NOT-FOR-US: Microsoft Windows
 CVE-2010-1884
 	RESERVED
-CVE-2010-1883
-	RESERVED
+CVE-2010-1883 (Integer overflow in the Embedded OpenType (EOT) Font Engine in
...)
+	TODO: check
 CVE-2010-1882 (Multiple buffer overflows in the MPEG Layer-3 Audio Codec for
...)
 	NOT-FOR-US: MPEG Layer-3 Audio Codec for
 CVE-2010-1881 (The FieldList ActiveX control in the Microsoft Access Wizard
Controls ...)
@@ -7246,7 +7246,7 @@
 	NOT-FOR-US: dcsFlashGames
 CVE-2010-1264 (Unspecified vulnerability in Microsoft Windows SharePoint
Services 3.0 ...)
 	NOT-FOR-US: Microsoft
-CVE-2010-1263 (Unspecified vulnerability in Microsoft Office XP SP3, Office
2003 SP3, ...)
+CVE-2010-1263 (Windows Shell and WordPad in Microsoft Windows XP SP2 and SP3,
Windows ...)
 	NOT-FOR-US: Microsoft
 CVE-2010-1262 (Microsoft Internet Explorer 6 SP1 and SP2, 7, and 8 allows
remote ...)
 	NOT-FOR-US: Microsoft
@@ -8712,8 +8712,8 @@
 	NOT-FOR-US: Microsoft Windows
 CVE-2010-0809
 	RESERVED
-CVE-2010-0808
-	RESERVED
+CVE-2010-0808 (Microsoft Internet Explorer 6 and 7 on Windows XP and Vista does
not ...)
+	TODO: check
 CVE-2010-0807 (Microsoft Internet Explorer 7 does not properly handle objects
in ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2010-0806 (Use-after-free vulnerability in the Peer Objects component (aka
...)
Secure testing commits - Oct 2010 - r15474 - data/CVE

[Secure-testing-commits] r15474 - data/CVE
