From 94f8321f2a15b37582922bc6695b4086f716cabc Mon Sep 17 00:00:00 2001 From: cvebot Date: Mon, 22 Nov 2010 17:16:47 +0000 Subject: MITRE sync svn path=/; revision=2213 --- data/CVE/list | 122 ++++++++++++++++++++++++++++++++-------------------------- 1 file changed, 68 insertions(+), 54 deletions(-) diff --git a/data/CVE/list b/data/CVE/list index 66b376f..71df11c 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -75586,6 +75586,8 @@ CVE-2008-7264 (The ftp_QUIT function in ftpserver.py in pyftpdlib before 0.5.0 a NOT-FOR-US: g rodola pyftpdlib CVE-2008-7265 (The pr_data_xfer function in ProFTPD before 1.3.2rc3 allows remote ...) TODO: check +CVE-2008-7266 + RESERVED CVE-2009-0001 (Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote ...) NOT-FOR-US: apple quicktime CVE-2009-0002 (Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote ...) @@ -89345,7 +89347,7 @@ CVE-2010-1820 (Apple Filing Protocol (AFP) Server in Apple Mac OS X 10.6.x throu NOT-FOR-US: apple mac_os_x_server CVE-2010-1821 RESERVED -CVE-2010-1822 (WebKit, as used in Google Chrome before 6.0.472.62, does not properly ...) +CVE-2010-1822 (WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3 ...) TODO: check CVE-2010-1823 (Use-after-free vulnerability in WebKit before r65958, as used in ...) TODO: check @@ -91939,7 +91941,7 @@ CVE-2010-3114 (The text-editing implementation in Google Chrome before 5.0.375.1 TODO: check CVE-2010-3115 (Google Chrome before 5.0.375.127 does not properly implement the ...) TODO: check -CVE-2010-3116 (Google Chrome before 5.0.375.127 does not properly process MIME types, ...) +CVE-2010-3116 (Multiple use-after-free vulnerabilities in WebKit, as used in Apple ...) TODO: check CVE-2010-3117 (Google Chrome before 5.0.375.127 does not properly implement the ...) TODO: check @@ -92221,11 +92223,11 @@ CVE-2010-3255 (Google Chrome before 6.0.472.53 does not properly handle counter TODO: check CVE-2010-3256 (Google Chrome before 6.0.472.53 does not properly limit the number of ...) TODO: check -CVE-2010-3257 (Google Chrome before 6.0.472.53 does not properly perform focus ...) +CVE-2010-3257 (Use-after-free vulnerability in WebKit, as used in Apple Safari before ...) TODO: check CVE-2010-3258 (The sandbox implementation in Google Chrome before 6.0.472.53 does not ...) TODO: check -CVE-2010-3259 (Google Chrome before 6.0.472.53 does not properly restrict read access ...) +CVE-2010-3259 (WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3 ...) TODO: check CVE-2010-3260 RESERVED @@ -92575,8 +92577,8 @@ CVE-2010-3430 RESERVED CVE-2010-3431 RESERVED -CVE-2010-3432 - RESERVED +CVE-2010-3432 (The sctp_packet_config function in net/sctp/output.c in the Linux ...) + TODO: check CVE-2010-3433 (The PL/perl and PL/Tcl implementations in PostgreSQL 7.4 before ...) TODO: check CVE-2010-3434 (Buffer overflow in the find_stream_bounds function in pdf.c in ...) @@ -92947,8 +92949,8 @@ CVE-2010-3616 RESERVED CVE-2010-3617 RESERVED -CVE-2010-3618 - RESERVED +CVE-2010-3618 (PGP Desktop 10.0.x before 10.0.3 SP2 and 10.1.0 before 10.1.0 SP1 does ...) + TODO: check CVE-2010-3619 (Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on ...) TODO: check CVE-2010-3620 (Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, ...) @@ -93317,54 +93319,54 @@ CVE-2010-3801 RESERVED CVE-2010-3802 RESERVED -CVE-2010-3803 - RESERVED -CVE-2010-3804 - RESERVED -CVE-2010-3805 - RESERVED +CVE-2010-3803 (Integer overflow in WebKit in Apple Safari before 5.0.3 on Mac OS X ...) + TODO: check +CVE-2010-3804 (The JavaScript implementation in WebKit in Apple Safari before 5.0.3 ...) + TODO: check +CVE-2010-3805 (Integer underflow in WebKit in Apple Safari before 5.0.3 on Mac OS X ...) + TODO: check CVE-2010-3806 RESERVED CVE-2010-3807 RESERVED -CVE-2010-3808 - RESERVED -CVE-2010-3809 - RESERVED -CVE-2010-3810 - RESERVED -CVE-2010-3811 - RESERVED -CVE-2010-3812 - RESERVED -CVE-2010-3813 - RESERVED +CVE-2010-3808 (WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and ...) + TODO: check +CVE-2010-3809 (WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and ...) + TODO: check +CVE-2010-3810 (WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and ...) + TODO: check +CVE-2010-3811 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on ...) + TODO: check +CVE-2010-3812 (Integer overflow in WebKit in Apple Safari before 5.0.3 on Mac OS X ...) + TODO: check +CVE-2010-3813 (WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and ...) + TODO: check CVE-2010-3814 RESERVED CVE-2010-3815 RESERVED -CVE-2010-3816 - RESERVED -CVE-2010-3817 - RESERVED -CVE-2010-3818 - RESERVED -CVE-2010-3819 - RESERVED -CVE-2010-3820 - RESERVED -CVE-2010-3821 - RESERVED -CVE-2010-3822 - RESERVED -CVE-2010-3823 - RESERVED -CVE-2010-3824 - RESERVED +CVE-2010-3816 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on ...) + TODO: check +CVE-2010-3817 (WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and ...) + TODO: check +CVE-2010-3818 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on ...) + TODO: check +CVE-2010-3819 (WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and ...) + TODO: check +CVE-2010-3820 (WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and ...) + TODO: check +CVE-2010-3821 (WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and ...) + TODO: check +CVE-2010-3822 (WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and ...) + TODO: check +CVE-2010-3823 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on ...) + TODO: check +CVE-2010-3824 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on ...) + TODO: check CVE-2010-3825 RESERVED -CVE-2010-3826 - RESERVED +CVE-2010-3826 (WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and ...) + TODO: check CVE-2010-3827 RESERVED CVE-2010-3828 @@ -93455,8 +93457,8 @@ CVE-2010-3870 (The utf8_decode function in PHP before 5.3.4 does not properly ha TODO: check CVE-2010-3871 (Cross-site scripting (XSS) vulnerability in ...) TODO: check -CVE-2010-3872 - RESERVED +CVE-2010-3872 (The apr_status_t fcgid_header_bucket_read function in fcgid_bucket.c ...) + TODO: check CVE-2010-3873 RESERVED CVE-2010-3874 @@ -94042,16 +94044,16 @@ CVE-2010-4163 RESERVED CVE-2010-4164 RESERVED -CVE-2010-4165 - RESERVED +CVE-2010-4165 (The do_tcp_setsockopt function in net/ipv4/tcp.c in the Linux kernel ...) + TODO: check CVE-2010-4166 RESERVED CVE-2010-4167 RESERVED CVE-2010-4168 (Multiple use-after-free vulnerabilities in OpenTTD 1.0.x before 1.0.5 ...) TODO: check -CVE-2010-4169 - RESERVED +CVE-2010-4169 (Use-after-free vulnerability in mm/mprotect.c in the Linux kernel ...) + TODO: check CVE-2010-4170 RESERVED CVE-2010-4171 @@ -94133,8 +94135,8 @@ CVE-2010-4208 (Cross-site scripting (XSS) vulnerability in the Flash component . TODO: check CVE-2010-4209 (Cross-site scripting (XSS) vulnerability in the Flash component ...) TODO: check -CVE-2010-4210 - RESERVED +CVE-2010-4210 (The pfs_getextattr function in FreeBSD 7.x before 7.3-RELEASE and 8.x ...) + TODO: check CVE-2010-4211 (The PayPal app before 3.0.1 for iOS does not verify that the server ...) TODO: check CVE-2010-4212 (The USAA application 3.0 for Android stores a mirror image of each ...) @@ -94301,3 +94303,15 @@ CVE-2010-4292 RESERVED CVE-2010-4293 RESERVED +CVE-2010-4294 + RESERVED +CVE-2010-4295 + RESERVED +CVE-2010-4296 + RESERVED +CVE-2010-4297 + RESERVED +CVE-2010-4298 + RESERVED +CVE-2010-4299 (Heap-based buffer overflow in ZfHIPCND.exe in Novell Zenworks 7 ...) + TODO: check -- cgit v1.2.3-65-gdbad