[Secure-testing-commits] r14272 - data/CVE

Joey Hess Mon, 15 Mar 2010 14:14:39 -0700

Author: joeyh
Date: 2010-03-15 21:14:24 +0000 (Mon, 15 Mar 2010)
New Revision: 14272


Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2010-03-15 19:59:24 UTC (rev 14271)
+++ data/CVE/list       2010-03-15 21:14:24 UTC (rev 14272)
@@ -956,8 +956,7 @@
        RESERVED
 CVE-2010-0625
        RESERVED
-CVE-2010-0624 [heap overflow in rmt implementation of tar/cpio]
-       RESERVED
+CVE-2010-0624 (Heap-based buffer overflow in the rmt_read__ function in ...)
        - cpio 2.11-1 (low)
        - tar 1.23-1 (low)
        [lenny] - cpio <no-dsa> (Minor issue)
@@ -1559,8 +1558,7 @@
        RESERVED
        - php5 5.3.2-1 (medium; bug #573573)
        NOTE: sent mail to oss-sec notifying about the id
-CVE-2010-0396 [dpkg path traversal]
-       RESERVED
+CVE-2010-0396 (Directory traversal vulnerability in the dpkg-source component 
in dpkg ...)
        {DSA-2011-1}
        - dpkg 1.15.6
 CVE-2010-0395
@@ -2400,12 +2398,12 @@
        RESERVED
 CVE-2010-0125
        RESERVED
-CVE-2010-0124
-       RESERVED
-CVE-2010-0123
-       RESERVED
-CVE-2010-0122
-       RESERVED
+CVE-2010-0124 (Employee Timeclock Software 0.99 places the database password 
on the ...)
+       TODO: check
+CVE-2010-0123 (The database backup implementation in Employee Timeclock 
Software 0.99 ...)
+       TODO: check
+CVE-2010-0122 (Multiple SQL injection vulnerabilities in Employee Timeclock 
Software ...)
+       TODO: check
 CVE-2010-0121
        RESERVED
 CVE-2010-0120
@@ -3160,36 +3158,36 @@
        RESERVED
        - xar <unfixed> (bug #572556)
        [lenny] - xar <no-dsa> (Minor issue)
-CVE-2010-0054
-       RESERVED
-CVE-2010-0053
-       RESERVED
-CVE-2010-0052
-       RESERVED
-CVE-2010-0051
-       RESERVED
-CVE-2010-0050
-       RESERVED
-CVE-2010-0049
-       RESERVED
-CVE-2010-0048
-       RESERVED
-CVE-2010-0047
-       RESERVED
-CVE-2010-0046
-       RESERVED
-CVE-2010-0045
-       RESERVED
-CVE-2010-0044
-       RESERVED
-CVE-2010-0043
-       RESERVED
-CVE-2010-0042
-       RESERVED
-CVE-2010-0041
-       RESERVED
-CVE-2010-0040
-       RESERVED
+CVE-2010-0054 (Use-after-free vulnerability in WebKit in Apple Safari before 
4.0.5 ...)
+       TODO: check
+CVE-2010-0053 (Use-after-free vulnerability in WebKit in Apple Safari before 
4.0.5 ...)
+       TODO: check
+CVE-2010-0052 (Use-after-free vulnerability in WebKit in Apple Safari before 
4.0.5 ...)
+       TODO: check
+CVE-2010-0051 (WebKit in Apple Safari before 4.0.5 does not properly validate 
the ...)
+       TODO: check
+CVE-2010-0050 (Use-after-free vulnerability in WebKit in Apple Safari before 
4.0.5 ...)
+       TODO: check
+CVE-2010-0049 (Use-after-free vulnerability in WebKit in Apple Safari before 
4.0.5 ...)
+       TODO: check
+CVE-2010-0048 (Use-after-free vulnerability in WebKit in Apple Safari before 
4.0.5 ...)
+       TODO: check
+CVE-2010-0047 (Use-after-free vulnerability in WebKit in Apple Safari before 
4.0.5 ...)
+       TODO: check
+CVE-2010-0046 (The Cascading Style Sheets (CSS) implementation in WebKit in 
Apple ...)
+       TODO: check
+CVE-2010-0045 (Apple Safari before 4.0.5 on Windows does not properly validate 
...)
+       TODO: check
+CVE-2010-0044 (PubSub in Apple Safari before 4.0.5 does not properly implement 
use of ...)
+       TODO: check
+CVE-2010-0043 (ImageIO in Apple Safari before 4.0.5 on Windows allows remote 
...)
+       TODO: check
+CVE-2010-0042 (ImageIO in Apple Safari before 4.0.5 on Windows does not ensure 
that ...)
+       TODO: check
+CVE-2010-0041 (ImageIO in Apple Safari before 4.0.5 on Windows does not ensure 
that ...)
+       TODO: check
+CVE-2010-0040 (Integer overflow in ColorSync in Apple Safari before 4.0.5 on 
Windows ...)
+       TODO: check
 CVE-2010-0039
        RESERVED
 CVE-2010-0038 (Recovery Mode in Apple iPhone OS 1.0 through 3.1.2, and iPhone 
OS for ...)
@@ -4159,8 +4157,8 @@
        NOT-FOR-US: Adobe Shockwave Player
 CVE-2009-4002 (Heap-based buffer overflow in Adobe Shockwave Player before 
11.5.6.606 ...)
        NOT-FOR-US: Adobe Shockwave Player
-CVE-2009-4001
-       RESERVED
+CVE-2009-4001 (Integer overflow in XnView before 1.97.2 might allow remote 
attackers ...)
+       TODO: check
 CVE-2009-4000 (Directory traversal vulnerability in goform/formExportDataLogs 
in HP ...)
        NOT-FOR-US: HP Power Manager
 CVE-2009-3999 (Stack-based buffer overflow in goform/formExportDataLogs in HP 
Power ...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r14272 - data/CVE

Reply via email to