Author: joeyh
Date: 2010-06-16 21:14:35 +0000 (Wed, 16 Jun 2010)
New Revision: 14879
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-06-16 20:41:23 UTC (rev 14878)
+++ data/CVE/list 2010-06-16 21:14:35 UTC (rev 14879)
@@ -1,3 +1,33 @@
+CVE-2010-2304 (The toAlphabetic function in rendering/RenderListMarker.cpp in
WebCore ...)
+ TODO: check
+CVE-2010-2303 (page/Geolocation.cpp in WebCore in WebKit in Google Chrome
before ...)
+ TODO: check
+CVE-2010-2302 (Use-after-free vulnerability in WebCore in WebKit in Google
Chrome ...)
+ TODO: check
+CVE-2010-2301 (Cross-site scripting (XSS) vulnerability in editing/markup.cpp
in ...)
+ TODO: check
+CVE-2010-2300 (Use-after-free vulnerability in the
Element::normalizeAttributes ...)
+ TODO: check
+CVE-2010-2299 (The Clipboard::DispatchObject function in
app/clipboard/clipboard.cc ...)
+ TODO: check
+CVE-2010-2298 (browser/renderer_host/database_dispatcher_host.cc in Google
Chrome ...)
+ TODO: check
+CVE-2010-2297 (rendering/FixedTableLayout.cpp in WebCore in WebKit in Google
Chrome ...)
+ TODO: check
+CVE-2010-2296 (The implementation of unspecified DOM methods in Google Chrome
before ...)
+ TODO: check
+CVE-2010-2295 (page/EventHandler.cpp in WebCore in WebKit in Google Chrome
before ...)
+ TODO: check
+CVE-2009-4900
+ RESERVED
+CVE-2009-4899
+ RESERVED
+CVE-2009-4898
+ RESERVED
+CVE-2009-4897
+ RESERVED
+CVE-2009-4896
+ RESERVED
CVE-2010-2294 (Cross-site request forgery (CSRF) vulnerability in Plume CMS
1.2.4 and ...)
NOT-FOR-US: Plume CMS
CVE-2010-2293 (The Ping tools web interface in Dlink Di-604 router allows
remote ...)
@@ -48,6 +78,7 @@
- nginx <undetermined>
TODO: check
CVE-2009-4895 [linux tty null ptr dereference]
+ RESERVED
- linux-2.6 2.6.32-9
CVE-2009-4894 (Multiple cross-site scripting (XSS) vulnerabilities in
profile.php in ...)
NOT-FOR-US: PunBB
@@ -247,94 +278,65 @@
CVE-2010-2190 (The (1) trim, (2) ltrim, (3) rtrim, and (4) substr_replace
functions ...)
- php5 <unfixed> (unimportant)
NOTE: Only triggerable through malicious script
-CVE-2010-2189
- RESERVED
+CVE-2010-2189 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64,
and ...)
NOT-FOR-US: Adobe Flash
-CVE-2010-2188
- RESERVED
+CVE-2010-2188 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64,
and ...)
NOT-FOR-US: Adobe Flash
-CVE-2010-2187
- RESERVED
+CVE-2010-2187 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64,
and ...)
NOT-FOR-US: Adobe Flash
-CVE-2010-2186
- RESERVED
+CVE-2010-2186 (Unspecified vulnerability in Adobe Flash Player before
9.0.277.0 and ...)
NOT-FOR-US: Adobe Flash
-CVE-2010-2185
- RESERVED
+CVE-2010-2185 (Buffer overflow in Adobe Flash Player before 9.0.277.0 and 10.x
before ...)
NOT-FOR-US: Adobe Flash
-CVE-2010-2184
- RESERVED
+CVE-2010-2184 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64,
and ...)
NOT-FOR-US: Adobe Flash
-CVE-2010-2183
- RESERVED
+CVE-2010-2183 (Integer overflow in Adobe Flash Player before 9.0.277.0 and
10.x ...)
NOT-FOR-US: Adobe Flash
-CVE-2010-2182
- RESERVED
+CVE-2010-2182 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64,
and ...)
NOT-FOR-US: Adobe Flash
-CVE-2010-2181
- RESERVED
+CVE-2010-2181 (Integer overflow in Adobe Flash Player before 9.0.277.0 and
10.x ...)
NOT-FOR-US: Adobe Flash
-CVE-2010-2180
- RESERVED
+CVE-2010-2180 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64,
and ...)
NOT-FOR-US: Adobe Flash
-CVE-2010-2179
- RESERVED
+CVE-2010-2179 (Cross-site scripting (XSS) vulnerability in Adobe Flash Player
before ...)
NOT-FOR-US: Adobe Flash
-CVE-2010-2178
- RESERVED
+CVE-2010-2178 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64,
and ...)
NOT-FOR-US: Adobe Flash
-CVE-2010-2177
- RESERVED
+CVE-2010-2177 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64,
and ...)
NOT-FOR-US: Adobe Flash
-CVE-2010-2176
- RESERVED
+CVE-2010-2176 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64,
and ...)
NOT-FOR-US: Adobe Flash
-CVE-2010-2175
- RESERVED
+CVE-2010-2175 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64,
and ...)
NOT-FOR-US: Adobe Flash
-CVE-2010-2174
- RESERVED
+CVE-2010-2174 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64,
and ...)
NOT-FOR-US: Adobe Flash
-CVE-2010-2173
- RESERVED
+CVE-2010-2173 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64,
and ...)
NOT-FOR-US: Adobe Flash
-CVE-2010-2172
- RESERVED
+CVE-2010-2172 (Adobe Flash Player 9 before 9.0.277.0 on unspecified UNIX
platforms ...)
NOT-FOR-US: Adobe Flash
-CVE-2010-2171
- RESERVED
+CVE-2010-2171 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64,
and ...)
NOT-FOR-US: Adobe Flash
-CVE-2010-2170
- RESERVED
+CVE-2010-2170 (Integer overflow in Adobe Flash Player before 9.0.277.0 and
10.x ...)
NOT-FOR-US: Adobe Flash
-CVE-2010-2169
- RESERVED
+CVE-2010-2169 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64,
and ...)
NOT-FOR-US: Adobe Flash
CVE-2010-2168
RESERVED
-CVE-2010-2167
- RESERVED
+CVE-2010-2167 (Multiple heap-based buffer overflows in Adobe Flash Player
before ...)
NOT-FOR-US: Adobe Flash
-CVE-2010-2166
- RESERVED
+CVE-2010-2166 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64,
and ...)
NOT-FOR-US: Adobe Flash
-CVE-2010-2165
- RESERVED
+CVE-2010-2165 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64,
and ...)
NOT-FOR-US: Adobe Flash
-CVE-2010-2164
- RESERVED
+CVE-2010-2164 (Use-after-free vulnerability in Adobe Flash Player before
9.0.277.0 ...)
NOT-FOR-US: Adobe Flash
-CVE-2010-2163
- RESERVED
+CVE-2010-2163 (Multiple unspecified vulnerabilities in Adobe Flash Player
before ...)
NOT-FOR-US: Adobe Flash
-CVE-2010-2162
- RESERVED
+CVE-2010-2162 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64,
and ...)
NOT-FOR-US: Adobe Flash
-CVE-2010-2161
- RESERVED
+CVE-2010-2161 (Array index error in Adobe Flash Player before 9.0.277.0 and
10.x ...)
NOT-FOR-US: Adobe Flash
-CVE-2010-2160
- RESERVED
+CVE-2010-2160 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64,
and ...)
NOT-FOR-US: Adobe Flash
CVE-2010-2159 (Dameng DM Database Server allows remote authenticated users to
cause a ...)
NOT-FOR-US: Dameng DM Database
@@ -590,6 +592,7 @@
RESERVED
CVE-2010-2063 [samba arbitrary write on chained packet processing]
RESERVED
+ {DSA-2061-1}
- samba 2:3.4.0~pre1-1 (high)
NOTE: the affected code has been completely rewritten since 3.4.x
CVE-2010-2062 [VLC: integer underflow in Real RTSP]
@@ -2543,7 +2546,7 @@
NOT-FOR-US: Pepsi CMS
CVE-2010-1298 (Directory traversal vulnerability in view.php in Pulse CMS
1.2.2 ...)
NOT-FOR-US: Pulse CMS
-CVE-2010-1297 (Unspecified vulnerability in Adobe Flash Player 9.0.x through
9.0.262 ...)
+CVE-2010-1297 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64,
Adobe ...)
NOT-FOR-US: Adobe Flash
CVE-2010-1296 (Multiple buffer overflows in Adobe Photoshop CS4 before 11.0.2
allow ...)
NOT-FOR-US: Adobe Photoshop CS4
@@ -2640,15 +2643,15 @@
NOT-FOR-US: Microsoft
CVE-2010-1251 (Unspecified vulnerability in Microsoft Office Excel 2002 SP3
and ...)
NOT-FOR-US: Microsoft
-CVE-2010-1250 (Unspecified vulnerability in Microsoft Office Excel 2002 SP3,
Office ...)
+CVE-2010-1250 (Heap-based buffer overflow in Microsoft Office Excel 2002 SP3,
Office ...)
NOT-FOR-US: Microsoft
-CVE-2010-1249 (Unspecified vulnerability in Microsoft Office Excel 2002 SP3,
Office ...)
+CVE-2010-1249 (Buffer overflow in Microsoft Office Excel 2002 SP3, Office 2004
for ...)
NOT-FOR-US: Microsoft
-CVE-2010-1248 (Unspecified vulnerability in Microsoft Office Excel 2002 SP3
and ...)
+CVE-2010-1248 (Buffer overflow in Microsoft Office Excel 2002 SP3 and Office
2004 for ...)
NOT-FOR-US: Microsoft
CVE-2010-1247 (Unspecified vulnerability in Microsoft Office Excel 2002 SP3
allows ...)
NOT-FOR-US: Microsoft
-CVE-2010-1246 (Unspecified vulnerability in Microsoft Office Excel 2002 SP3
allows ...)
+CVE-2010-1246 (Stack-based buffer overflow in Microsoft Office Excel 2002 SP3
allows ...)
NOT-FOR-US: Microsoft
CVE-2010-1245 (Unspecified vulnerability in Microsoft Office Excel 2002 SP3,
Office ...)
NOT-FOR-US: Microsoft
@@ -4011,7 +4014,7 @@
NOT-FOR-US: Microsoft
CVE-2010-0823 (Unspecified vulnerability in Microsoft Office Excel 2002 SP3,
2003 ...)
NOT-FOR-US: Microsoft
-CVE-2010-0822 (Microsoft Office Excel 2002 SP3, Office 2004 for Mac, Office
2008 for ...)
+CVE-2010-0822 (Stack-based buffer overflow in Microsoft Office Excel 2002 SP3,
Office ...)
NOT-FOR-US: Microsoft
CVE-2010-0821 (Unspecified vulnerability in Microsoft Office Excel 2002 SP3,
2003 ...)
NOT-FOR-US: Microsoft
@@ -8462,8 +8465,8 @@
RESERVED
CVE-2009-3794 (Heap-based buffer overflow in Adobe Flash Player before
10.0.42.34 and ...)
NOT-FOR-US: Adobe Flash
-CVE-2009-3793
- RESERVED
+CVE-2009-3793 (Unspecified vulnerability in Adobe Flash Player before
9.0.277.0 and ...)
+ TODO: check
CVE-2009-3792 (Directory traversal vulnerability in Adobe Flash Media Server
(FMS) ...)
NOT-FOR-US: Adobe Flash Media Server
CVE-2009-3791 (Unspecified vulnerability in Adobe Flash Media Server (FMS)
before ...)
@@ -25004,7 +25007,7 @@
NOT-FOR-US: PTZCamPanelCtrl ActiveX control
CVE-2008-4547 (Heap-based buffer overflow in the PdvrAtl.PdvrOcx.1 ActiveX
control ...)
NOT-FOR-US: DVRHOST Web CMS
-CVE-2008-4546 (Adobe Flash Player 9.0.45.0, 9.0.112.0, 9.0.124.0, and
10.0.12.10 ...)
+CVE-2008-4546 (Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64,
and ...)
NOT-FOR-US: Adobe Flash
CVE-2008-4558 (Array index error in VLC media player 0.9.2 allows remote
attackers to ...)
- vlc 0.9.3-1 (medium; bug #502314)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
