[Secure-testing-commits] r13821 - data/CVE

Raphael Geissert Thu, 14 Jan 2010 19:32:24 -0800

Author: geissert
Date: 2010-01-15 03:32:08 +0000 (Fri, 15 Jan 2010)
New Revision: 13821


Modified:
   data/CVE/list
Log:
lib3ds issue


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2010-01-14 21:41:13 UTC (rev 13820)
+++ data/CVE/list       2010-01-15 03:32:08 UTC (rev 13821)
@@ -71,8 +71,13 @@
        RESERVED
 CVE-2010-0281
        RESERVED
-CVE-2010-0280
+CVE-2010-0280 [lib3ds memory corruption]
        RESERVED
+       - lib3ds <unfixed> (medium)
+       NOTE: http://www.coresecurity.com/content/google-sketchup-vulnerability
+       TODO: check affected versions and file bug
+       NOTE: issue was published saying it affects google sketchup,
+       NOTE: but the vulnerable code is in lib3ds
 CVE-2010-0279 (Unrestricted file upload vulnerability in upload.php in BTS-GI 
Read ...)
        NOT-FOR-US: BTS-GI Read excel
 CVE-2010-0278 (A certain ActiveX control in msgsc.14.0.8089.726.dll in 
Microsoft ...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r13821 - data/CVE

Reply via email to