Author: joeyh Date: 2010-10-27 21:14:47 +0000 (Wed, 27 Oct 2010) New Revision: 15534 Modified: data/CVE/list Log: automatic update Modified: data/CVE/list ==================================================================--- data/CVE/list 2010-10-27 20:40:36 UTC (rev 15533) +++ data/CVE/list 2010-10-27 21:14:47 UTC (rev 15534) @@ -1,3 +1,7 @@ +CVE-2010-4095 (Directory traversal vulnerability in the FTP client in Serengeti ...) + TODO: check +CVE-2010-4094 (The Tomcat server in IBM Rational Quality Manager and Rational Test ...) + TODO: check CVE-2010-4093 RESERVED CVE-2010-4092 @@ -64,6 +68,7 @@ CVE-2010-4068 (Unspecified vulnerability in the Extension Manager in TYPO3 4.2.x ...) TODO: check CVE-2010-4096 + RESERVED - monkeysphere 0.31-3 (bug #600304) NOTE: micah requested this CVE from mitre, issue has been fixed in debian already CVE-2010-4067 @@ -272,10 +277,10 @@ RESERVED CVE-2010-3987 RESERVED -CVE-2010-3986 - RESERVED -CVE-2010-3985 - RESERVED +CVE-2010-3986 (Unspecified vulnerability in HP Virtual Connect Enterprise Manager ...) + TODO: check +CVE-2010-3985 (Cross-site scripting (XSS) vulnerability in HP Operations ...) + TODO: check CVE-2010-3984 RESERVED CVE-2010-3983 (CmcApp in SAP BusinessObjects Enterprise XI 3.2 allows remote ...) @@ -477,7 +482,8 @@ NOT-FOR-US: Apple Mac OS X CVE-2010-3886 (The CTimeoutEventList::InsertIntoTimeoutList function in Microsoft ...) NOT-FOR-US: Microsoft Windows -CVE-2010-3885 (Stack-based buffer overflow in the UpdateFrameTitleForDocument method ...) +CVE-2010-3885 + REJECTED NOT-FOR-US: Microsoft Windows CVE-2010-3884 (Cross-site request forgery (CSRF) vulnerability in CMS Made Simple ...) NOT-FOR-US: CMS Made Simple @@ -1028,8 +1034,8 @@ RESERVED CVE-2010-3654 RESERVED -CVE-2010-3653 - RESERVED +CVE-2010-3653 (The Director module (dirapi.dll) in Adobe Shockwave player 11.5.8.612, ...) + TODO: check CVE-2010-3652 RESERVED CVE-2010-3651 @@ -1222,8 +1228,8 @@ - python3.2 <unfixed> (unimportant) NOTE: Unfixable design limitation, which needs to be coped with in applications NOTE: This CVE is about proper documentation -CVE-2010-3491 - RESERVED +CVE-2010-3491 (The (1) ActiveMatrix Runtime and (2) ActiveMatrix Administrator ...) + TODO: check CVE-2010-3490 (Directory traversal vulnerability in page.recordings.php in the System ...) NOT-FOR-US: System Recordings component in the configuration interface in FreePBX CVE-2010-3489 (Cross-site scripting (XSS) vulnerability in ...) @@ -1889,9 +1895,9 @@ NOT-FOR-US: Microsoft Internet Explorer CVE-2010-3330 (Microsoft Internet Explorer 6 through 8 does not properly restrict ...) NOT-FOR-US: Microsoft Internet Explorer -CVE-2010-3329 (Microsoft Internet Explorer 7 and 8 does not properly handle objects ...) +CVE-2010-3329 (mshtmled.dll in Microsoft Internet Explorer 7 and 8 allows remote ...) NOT-FOR-US: Microsoft Internet Explorer -CVE-2010-3328 (Microsoft Internet Explorer 6 through 8 does not properly handle ...) +CVE-2010-3328 (Use-after-free vulnerability in the CAttrArray::PrivateFind function ...) NOT-FOR-US: Microsoft Internet Explorer CVE-2010-3327 (The implementation of HTML content creation in Microsoft Internet ...) NOT-FOR-US: Microsoft Internet Explorer @@ -2162,8 +2168,8 @@ NOT-FOR-US: Microsoft OSes CVE-2010-3228 (The JIT compiler in Microsoft .NET Framework 4.0 on 64-bit platforms ...) NOT-FOR-US: Microsoft .NET Framework -CVE-2010-3227 - RESERVED +CVE-2010-3227 (Stack-based buffer overflow in the UpdateFrameTitleForDocument method ...) + TODO: check CVE-2010-3226 RESERVED CVE-2010-3225 (Use-after-free vulnerability in the Media Player Network Sharing ...) @@ -2178,13 +2184,13 @@ NOT-FOR-US: Microsoft Word CVE-2010-3220 (Unspecified vulnerability in Microsoft Word 2002 SP3 and Office 2004 ...) NOT-FOR-US: Microsoft Word -CVE-2010-3219 (Microsoft Word 2002 SP3 does not properly handle indexes during ...) +CVE-2010-3219 (Array index vulnerability in Microsoft Word 2002 SP3 allows remote ...) NOT-FOR-US: Microsoft Word CVE-2010-3218 (Heap-based buffer overflow in Microsoft Word 2002 SP3 allows remote ...) NOT-FOR-US: Microsoft Word -CVE-2010-3217 (Microsoft Word 2002 SP3 does not properly handle pointers during ...) +CVE-2010-3217 (Microsoft Word 2002 SP3 allows remote attackers to execute arbitrary ...) NOT-FOR-US: Microsoft Word -CVE-2010-3216 (Microsoft Word 2002 SP3 and Office 2004 for Mac do not properly handle ...) +CVE-2010-3216 (Microsoft Word 2002 SP3 and Office 2004 for Mac allow remote attackers ...) NOT-FOR-US: Microsoft Word CVE-2010-3215 (Microsoft Word 2002 SP3 and Office 2004 for Mac do not properly handle ...) NOT-FOR-US: Microsoft Word @@ -3067,10 +3073,10 @@ NOT-FOR-US: Adobe Reader and Acrobat CVE-2010-2887 (Multiple unspecified vulnerabilities in Adobe Reader and Acrobat 9.x ...) NOT-FOR-US: Adobe Reader and Acrobat -CVE-2010-2886 - RESERVED -CVE-2010-2885 - RESERVED +CVE-2010-2886 (Multiple cross-site scripting (XSS) vulnerabilities in Adobe RoboHelp ...) + TODO: check +CVE-2010-2885 (Cross-site scripting (XSS) vulnerability in Adobe RoboHelp 7 and 8, ...) + TODO: check CVE-2010-2884 (Adobe Flash Player 10.1.82.76 and earlier on Windows, Mac OS X, Linux, ...) NOT-FOR-US: Adobe Flash Player CVE-2010-2883 (Stack-based buffer overflow in CoolType.dll in Adobe Reader and ...) @@ -3531,7 +3537,7 @@ [lenny] - iceweasel <not-affected> (Iceweasel in Lenny links against xulrunner) - iceape 2.0.6-1 [lenny] - iceape <not-affected> (Only a stub package) -CVE-2010-2750 (Microsoft Word 2002 SP3 and Office 2004 for Mac do not properly handle ...) +CVE-2010-2750 (Array index error in Microsoft Word 2002 SP3 and Office 2004 for Mac ...) NOT-FOR-US: Microsoft Word CVE-2010-2749 RESERVED @@ -3922,10 +3928,10 @@ RESERVED CVE-2010-2586 RESERVED -CVE-2010-2585 - RESERVED -CVE-2010-2584 - RESERVED +CVE-2010-2585 (Multiple buffer overflows in the RealPage Module Upload ActiveX ...) + TODO: check +CVE-2010-2584 (The Upload method in the RealPage Module Upload ActiveX control in ...) + TODO: check CVE-2010-2583 RESERVED CVE-2010-2582 @@ -4591,7 +4597,6 @@ REJECTED CVE-2010-2303 REJECTED - CVE-2010-2302 (Use-after-free vulnerability in WebCore in WebKit in Google Chrome ...) - webkit 1.2.1-3 - chromium-browser 5.0.375.70~r48679-1 @@ -6291,8 +6296,8 @@ RESERVED CVE-2010-1694 RESERVED -CVE-2010-1693 - RESERVED +CVE-2010-1693 (openibd in OpenFabrics Enterprise Distribution (OFED) 1.5.2 allows ...) + TODO: check CVE-2010-1692 RESERVED CVE-2010-1691