Author: joeyh Date: 2010-12-08 21:14:58 +0000 (Wed, 08 Dec 2010) New Revision: 15668 Modified: data/CVE/list Log: automatic update Modified: data/CVE/list ==================================================================--- data/CVE/list 2010-12-08 21:03:48 UTC (rev 15667) +++ data/CVE/list 2010-12-08 21:14:58 UTC (rev 15668) @@ -1,3 +1,93 @@ +CVE-2011-0025 + RESERVED +CVE-2011-0024 + RESERVED +CVE-2011-0023 + RESERVED +CVE-2011-0022 + RESERVED +CVE-2011-0021 + RESERVED +CVE-2011-0020 + RESERVED +CVE-2011-0019 + RESERVED +CVE-2011-0018 + RESERVED +CVE-2011-0017 + RESERVED +CVE-2011-0016 + RESERVED +CVE-2011-0015 + RESERVED +CVE-2011-0014 + RESERVED +CVE-2011-0013 + RESERVED +CVE-2011-0012 + RESERVED +CVE-2011-0011 + RESERVED +CVE-2011-0010 + RESERVED +CVE-2011-0009 + RESERVED +CVE-2011-0008 + RESERVED +CVE-2011-0007 + RESERVED +CVE-2011-0006 + RESERVED +CVE-2011-0005 + RESERVED +CVE-2011-0004 + RESERVED +CVE-2011-0003 + RESERVED +CVE-2011-0002 + RESERVED +CVE-2011-0001 + RESERVED +CVE-2010-4499 + RESERVED +CVE-2010-4498 + RESERVED +CVE-2010-4497 + RESERVED +CVE-2010-4496 + RESERVED +CVE-2010-4495 + RESERVED +CVE-2010-4494 (Double free vulnerability in Google Chrome before 8.0.552.215 allows ...) + TODO: check +CVE-2010-4493 (Use-after-free vulnerability in Google Chrome before 8.0.552.215 ...) + TODO: check +CVE-2010-4492 (Use-after-free vulnerability in Google Chrome before 8.0.552.215 ...) + TODO: check +CVE-2010-4491 (Google Chrome before 8.0.552.215 does not properly restrict privileged ...) + TODO: check +CVE-2010-4490 (Google Chrome before 8.0.552.215 allows remote attackers to cause a ...) + TODO: check +CVE-2010-4489 (Google Chrome before 8.0.552.215 does not properly handle WebM video, ...) + TODO: check +CVE-2010-4488 (Google Chrome before 8.0.552.215 does not properly handle HTTP proxy ...) + TODO: check +CVE-2010-4487 (Incomplete blacklist vulnerability in Google Chrome before 8.0.552.215 ...) + TODO: check +CVE-2010-4486 (Use-after-free vulnerability in Google Chrome before 8.0.552.215 ...) + TODO: check +CVE-2010-4485 (Google Chrome before 8.0.552.215 does not properly restrict the ...) + TODO: check +CVE-2010-4484 (Google Chrome before 8.0.552.215 does not properly handle HTML5 ...) + TODO: check +CVE-2010-4483 (Google Chrome before 8.0.552.215 does not properly restrict read ...) + TODO: check +CVE-2010-4482 (Unspecified vulnerability in Google Chrome before 8.0.552.215 allows ...) + TODO: check +CVE-2010-4481 + RESERVED +CVE-2010-4480 + RESERVED CVE-2010-4510 REJECTED CVE-2010-4479 (Unspecified vulnerability in pdf.c in libclamav in ClamAV before ...) @@ -723,8 +813,8 @@ CVE-2010-4180 (OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when ...) - openssl 0.9.8o-4 NOTE: http://www.openssl.org/news/secadv_20101202.txt -CVE-2010-4179 - RESERVED +CVE-2010-4179 (The installation documentation for Red Hat Enterprise Messaging, ...) + TODO: check CVE-2010-4178 RESERVED - mysql-gui-tools <unfixed> (low; bug #605542) @@ -735,8 +825,7 @@ - mysql-gui-tools <unfixed> (low; bug #605542) [squeeze] - mysql-gui-tools <no-dsa> (Minor issue) [lenny] - mysql-gui-tools <no-dsa> (Minor issue) -CVE-2010-4176 [dracut: wrong /dev/systty permissions] - RESERVED +CVE-2010-4176 (plymouth-pretrigger.sh in dracut and udev, when running on Fedora 13 ...) - dracut <not-affected> (vulnerable script not shipped) CVE-2010-4175 [linux: integer overflow in RDS] RESERVED @@ -747,11 +836,9 @@ - libsdp 1.1.99-2.1 (bug #603841) CVE-2010-4172 (Multiple cross-site scripting (XSS) vulnerabilities in the Manager ...) - tomcat6 <unfixed> (bug #606388) -CVE-2010-4171 - RESERVED +CVE-2010-4171 (The staprun runtime tool in SystemTap 1.3 does not verify that a ...) - systemtap 1.2-3 (bug #603946) -CVE-2010-4170 - RESERVED +CVE-2010-4170 (The staprun runtime tool in SystemTap 1.3 does not properly clear the ...) - systemtap 1.2-3 (bug #603946) CVE-2010-4169 (Use-after-free vulnerability in mm/mprotect.c in the Linux kernel ...) - linux-2.6 <unfixed> @@ -794,8 +881,8 @@ NOT-FOR-US: 4site CMS CVE-2010-4151 (SQL injection vulnerability in misc.php in DeluxeBB 1.3, and possibly ...) NOT-FOR-US: DeluxeBB -CVE-2010-4150 - RESERVED +CVE-2010-4150 (Double free vulnerability in the imap_do_open function in the IMAP ...) + TODO: check CVE-2009-5015 (The URL dispatch mechanism in TurboGears2 (aka tg2) before 2.0.2 ...) - turbogears2 2.0.3-1 CVE-2009-5014 (The default quickstart configuration of TurboGears2 (aka tg2) before ...) @@ -1648,7 +1735,7 @@ CVE-2010-3813 (WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and ...) - webkit <undetermined> - chromium-browser <undetermined> -CVE-2010-3812 (Integer overflow in WebKit in Apple Safari before 5.0.3 on Mac OS X ...) +CVE-2010-3812 (Integer overflow in the wholeText method in WebKit in Apple Safari ...) - webkit <unfixed> - chromium-browser <undetermined> NOTE: http://www.zerodayinitiative.com/advisories/ZDI-10-257 @@ -2814,7 +2901,7 @@ RESERVED CVE-2010-3370 RESERVED -CVE-2010-3369 (The (1) mdb and (2) mdb-symbolreader scripts in mono-debugger 2.4.3 ...) +CVE-2010-3369 (The (1) mdb and (2) mdb-symbolreader scripts in mono-debugger 2.4.3, ...) - mono-debugger 2.6.3-2.1 (bug #598299) CVE-2010-3368 RESERVED @@ -14687,7 +14774,7 @@ NOT-FOR-US: IBM Rational AppScan Enterprise Edition CVE-2009-3744 (rep_serv.exe 6.3.1.3 in the server in EMC RepliStor allows remote ...) NOT-FOR-US: EMC RepliStor -CVE-2009-3743 (Off-by-one error in the TrueType bytecode interpreter in Ghostscript ...) +CVE-2009-3743 (Off-by-one error in the Ins_MINDEX function in the TrueType bytecode ...) - ghostscript 8.71~dfsg-1 CVE-2009-3742 (Cross-site scripting (XSS) vulnerability in Liferay Portal before ...) NOT-FOR-US: Liferay Portal