Author: joeyh Date: 2010-10-20 21:14:40 +0000 (Wed, 20 Oct 2010) New Revision: 15490 Modified: data/CVE/list Log: automatic update Modified: data/CVE/list ==================================================================--- data/CVE/list 2010-10-20 20:26:48 UTC (rev 15489) +++ data/CVE/list 2010-10-20 21:14:40 UTC (rev 15490) @@ -1,3 +1,49 @@ +CVE-2010-4005 + RESERVED +CVE-2010-4004 + RESERVED +CVE-2010-4003 + RESERVED +CVE-2010-4002 + RESERVED +CVE-2010-4001 + RESERVED +CVE-2010-4000 + RESERVED +CVE-2010-3999 + RESERVED +CVE-2010-3998 + RESERVED +CVE-2010-3997 + RESERVED +CVE-2010-3996 + RESERVED +CVE-2009-5013 (Memory leak in the on_dtp_close function in ftpserver.py in pyftpdlib ...) + TODO: check +CVE-2009-5012 (ftpserver.py in pyftpdlib before 0.5.2 does not require the l ...) + TODO: check +CVE-2009-5011 (Race condition in the FTPHandler class in ftpserver.py in pyftpdlib ...) + TODO: check +CVE-2009-5010 (Race condition in the FTPHandler class in ftpserver.py in pyftpdlib ...) + TODO: check +CVE-2008-7264 (The ftp_QUIT function in ftpserver.py in pyftpdlib before 0.5.0 allows ...) + TODO: check +CVE-2008-7263 (ftpserver.py in pyftpdlib before 0.5.0 does not delay its response ...) + TODO: check +CVE-2008-7262 (Multiple directory traversal vulnerabilities in FTPServer.py in ...) + TODO: check +CVE-2007-6741 (The ftp_PORT function in FTPServer.py in pyftpdlib before 0.2.0 does ...) + TODO: check +CVE-2007-6740 (The ftp_STOU function in FTPServer.py in pyftpdlib before 0.2.0 does ...) + TODO: check +CVE-2007-6739 (FTPServer.py in pyftpdlib before 0.2.0 allows remote attackers to ...) + TODO: check +CVE-2007-6738 (pyftpdlib before 0.1.1 does not choose a random value for the port ...) + TODO: check +CVE-2007-6737 (FTPServer.py in pyftpdlib before 0.2.0 does not increment the ...) + TODO: check +CVE-2007-6736 (Multiple directory traversal vulnerabilities in FTPServer.py in ...) + TODO: check CVE-2010-3995 RESERVED CVE-2010-3994 @@ -36,10 +82,10 @@ RESERVED CVE-2010-3977 RESERVED -CVE-2010-3976 - RESERVED -CVE-2010-3975 - RESERVED +CVE-2010-3976 (Untrusted search path vulnerability in Adobe Flash Player 10.1.82.76, ...) + TODO: check +CVE-2010-3975 (Untrusted search path vulnerability in Adobe Flash Player 9 allows ...) + TODO: check CVE-2010-3974 RESERVED CVE-2010-3973 @@ -946,17 +992,14 @@ RESERVED CVE-2010-3496 RESERVED -CVE-2010-3495 - RESERVED +CVE-2010-3495 (Race condition in ZEO/StorageServer.py in Zope Object Database (ZODB) ...) - zodb <unfixed> (bug #599711) -CVE-2010-3494 - RESERVED +CVE-2010-3494 (Race condition in the FTPHandler class in ftpserver.py in pyftpdlib ...) - python-pyftpdlib 0.5.2-1 (low) NOTE: http://code.google.com/p/pyftpdlib/issues/detail?id=104 -CVE-2010-3493 - RESERVED -CVE-2010-3492 - RESERVED +CVE-2010-3493 (Multiple race conditions in smtpd.py in the smtpd module in Python ...) + TODO: check +CVE-2010-3492 (The asyncore module in Python before 3.2 does not properly handle ...) - python2.7 <unfixed> (unimportant) - python3.1 <unfixed> (unimportant) - python3.2 <unfixed> (unimportant) @@ -1042,124 +1085,98 @@ NOT-FOR-US: Oracle OpenSolaris CVE-2010-3575 (Unspecified vulnerability in the Oracle Communications Messaging ...) NOT-FOR-US: Oracle Sun Products Suite -CVE-2010-3574 - RESERVED +CVE-2010-3574 (Unspecified vulnerability in the Networking component in Oracle Java ...) - openjdk-6 6b18-1.8.2-1 - sun-java6 6.22-1 [lenny] - sun-java6 <no-dsa> (Non-free not supported) -CVE-2010-3573 - RESERVED +CVE-2010-3573 (Unspecified vulnerability in the Networking component in Oracle Java ...) - openjdk-6 6b18-1.8.2-1 - sun-java6 6.22-1 [lenny] - sun-java6 <no-dsa> (Non-free not supported) -CVE-2010-3572 - RESERVED +CVE-2010-3572 (Unspecified vulnerability in the Sound component in Oracle Java SE and ...) - sun-java6 6.22-1 [lenny] - sun-java6 <no-dsa> (Non-free not supported) -CVE-2010-3571 - RESERVED +CVE-2010-3571 (Unspecified vulnerability in the 2D component in Oracle Java SE and ...) - sun-java6 6.22-1 [lenny] - sun-java6 <no-dsa> (Non-free not supported) -CVE-2010-3570 - RESERVED +CVE-2010-3570 (Unspecified vulnerability in the Deployment Toolkit component in ...) - sun-java6 6.22-1 [lenny] - sun-java6 <no-dsa> (Non-free not supported) -CVE-2010-3569 - RESERVED +CVE-2010-3569 (Unspecified vulnerability in the Java Runtime Environment component in ...) - openjdk-6 6b18-1.8.2-1 - sun-java6 6.22-1 [lenny] - sun-java6 <no-dsa> (Non-free not supported) -CVE-2010-3568 - RESERVED +CVE-2010-3568 (Unspecified vulnerability in the Java Runtime Environment component in ...) - openjdk-6 6b18-1.8.2-1 - sun-java6 6.22-1 [lenny] - sun-java6 <no-dsa> (Non-free not supported) -CVE-2010-3567 - RESERVED +CVE-2010-3567 (Unspecified vulnerability in the 2D component in Oracle Java SE and ...) - openjdk-6 6b18-1.8.2-1 - sun-java6 6.22-1 [lenny] - sun-java6 <no-dsa> (Non-free not supported) -CVE-2010-3566 - RESERVED +CVE-2010-3566 (Unspecified vulnerability in the 2D component in Oracle Java SE and ...) - openjdk-6 6b18-1.8.2-1 - sun-java6 6.22-1 [lenny] - sun-java6 <no-dsa> (Non-free not supported) -CVE-2010-3565 - RESERVED +CVE-2010-3565 (Unspecified vulnerability in the 2D component in Oracle Java SE and ...) - openjdk-6 6b18-1.8.2-1 - sun-java6 6.22-1 [lenny] - sun-java6 <no-dsa> (Non-free not supported) CVE-2010-3564 (Unspecified vulnerability in the Oracle Communications Messaging ...) - openjdk-6 6b18-1.8.2-1 -CVE-2010-3563 - RESERVED +CVE-2010-3563 (Unspecified vulnerability in the Deployment component in Oracle Java ...) - sun-java6 6.22-1 [lenny] - sun-java6 <no-dsa> (Non-free not supported) -CVE-2010-3562 - RESERVED +CVE-2010-3562 (Unspecified vulnerability in the 2D component in Oracle Java SE and ...) - openjdk-6 6b18-1.8.2-1 - sun-java6 6.22-1 [lenny] - sun-java6 <no-dsa> (Non-free not supported) -CVE-2010-3561 - RESERVED +CVE-2010-3561 (Unspecified vulnerability in the CORBA component in Oracle Java SE and ...) - openjdk-6 6b18-1.8.2-1 - sun-java6 6.22-1 [lenny] - sun-java6 <no-dsa> (Non-free not supported) -CVE-2010-3560 - RESERVED +CVE-2010-3560 (Unspecified vulnerability in the Networking component in Oracle Java ...) - sun-java6 6.22-1 [lenny] - sun-java6 <no-dsa> (Non-free not supported) -CVE-2010-3559 - RESERVED +CVE-2010-3559 (Unspecified vulnerability in the Sound component in Oracle Java SE and ...) - sun-java6 6.22-1 [lenny] - sun-java6 <no-dsa> (Non-free not supported) -CVE-2010-3558 - RESERVED +CVE-2010-3558 (Unspecified vulnerability in the Java Web Start component in Oracle ...) - sun-java6 6.22-1 [lenny] - sun-java6 <no-dsa> (Non-free not supported) -CVE-2010-3557 - RESERVED +CVE-2010-3557 (Unspecified vulnerability in the Swing component in Oracle Java SE and ...) - openjdk-6 6b18-1.8.2-1 - sun-java6 6.22-1 [lenny] - sun-java6 <no-dsa> (Non-free not supported) -CVE-2010-3556 - RESERVED +CVE-2010-3556 (Unspecified vulnerability in the 2D component in Oracle Java SE and ...) - sun-java6 6.22-1 [lenny] - sun-java6 <no-dsa> (Non-free not supported) -CVE-2010-3555 - RESERVED +CVE-2010-3555 (Unspecified vulnerability in the Deployment component in Oracle Java ...) - sun-java6 6.22-1 [lenny] - sun-java6 <no-dsa> (Non-free not supported) -CVE-2010-3554 - RESERVED +CVE-2010-3554 (Unspecified vulnerability in the CORBA component in Oracle Java SE and ...) - openjdk-6 6b18-1.8.2-1 - sun-java6 6.22-1 [lenny] - sun-java6 <no-dsa> (Non-free not supported) -CVE-2010-3553 - RESERVED +CVE-2010-3553 (Unspecified vulnerability in the Swing component in Oracle Java SE and ...) - openjdk-6 6b18-1.8.2-1 - sun-java6 6.22-1 [lenny] - sun-java6 <no-dsa> (Non-free not supported) -CVE-2010-3552 - RESERVED +CVE-2010-3552 (Unspecified vulnerability in the New Java Plug-in component in Oracle ...) - sun-java6 6.22-1 [lenny] - sun-java6 <no-dsa> (Non-free not supported) -CVE-2010-3551 - RESERVED +CVE-2010-3551 (Unspecified vulnerability in the Networking component in Oracle Java ...) - openjdk-6 6b18-1.8.2-1 - sun-java6 6.22-1 [lenny] - sun-java6 <no-dsa> (Non-free not supported) -CVE-2010-3550 - RESERVED +CVE-2010-3550 (Unspecified vulnerability in the Java Web Start component in Oracle ...) - sun-java6 6.22-1 [lenny] - sun-java6 <no-dsa> (Non-free not supported) -CVE-2010-3549 - RESERVED +CVE-2010-3549 (Unspecified vulnerability in the Networking component in Oracle Java ...) - openjdk-6 6b18-1.8.2-1 - sun-java6 6.22-1 [lenny] - sun-java6 <no-dsa> (Non-free not supported) -CVE-2010-3548 - RESERVED +CVE-2010-3548 (Unspecified vulnerability in the JNDI component in Oracle Java SE and ...) - openjdk-6 6b18-1.8.2-1 - sun-java6 6.22-1 [lenny] - sun-java6 <no-dsa> (Non-free not supported) @@ -1175,8 +1192,7 @@ RESERVED CVE-2010-3542 (Unspecified vulnerability in Oracle Solaris 8, 9, and 10, and ...) NOT-FOR-US: Oracle Solaris -CVE-2010-3541 - RESERVED +CVE-2010-3541 (Unspecified vulnerability in the Networking component in Oracle Java ...) - openjdk-6 6b18-1.8.2-1 - sun-java6 6.22-1 [lenny] - sun-java6 <no-dsa> (Non-free not supported) @@ -2137,10 +2153,10 @@ RESERVED CVE-2010-3159 RESERVED -CVE-2010-3158 - RESERVED -CVE-2010-3157 - RESERVED +CVE-2010-3158 (Untrusted search path vulnerability in Lhaplus before 1.58 allows ...) + TODO: check +CVE-2010-3157 (Untrusted search path vulnerability in XacRett before 50 allows ...) + TODO: check CVE-2010-3156 RESERVED CVE-2010-3133 (Untrusted search path vulnerability in Wireshark 0.8.4 through 1.0.15 ...) @@ -7094,7 +7110,7 @@ NOTE: http://trac.webkit.org/changeset/54129 NOTE: http://trac.webkit.org/changeset/54141 NOTE: http://trac.webkit.org/changeset/54265 -CVE-2010-1386 (page/Geolocation.cpp in WebCore in WebKit before r56188 does not ...) +CVE-2010-1386 (page/Geolocation.cpp in WebCore in WebKit before r56188 and before ...) - webkit 1.2.2-1 - chromium-browser 5.0.342.9~r43360-1 NOTE: https://bugs.webkit.org/show_bug.cgi?id=36255