commit: 63c603c81defbc71ed4631268e0f7d9bb9b47776
Author: Stefan Behte <craig <AT> gentoo <DOT> org>
AuthorDate: Sat Dec 11 17:59:20 2010 +0000
Commit: Pavlos Ratis <dastergon <AT> gentoo <DOT> org>
CommitDate: Sat Dec 11 17:59:20 2010 +0000
URL:
http://git.overlays.gentoo.org/gitweb/?p=proj/security.git;a=commit;h=63c603c8
nfu
svn path=/; revision=2217
---
data/CVE/list | 822 +++++++++++++++++++++++++++++-----------------------------
1 file changed, 411 insertions(+), 411 deletions(-)
diff --git a/data/CVE/list b/data/CVE/list
index c7916e6..e0f8065 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -47341,7 +47341,7 @@ CVE-2006-7238 (Cross-site scripting (XSS) vulnerability
in MyShoutPro before 1.2
CVE-2006-7239 (The _gnutls_x509_oid2mac_algorithm function in
lib/gnutls_algorithms.c ...)
NOT-FOR-US: Obsolete
CVE-2006-7240 (gnome-power-manager 2.14.0 does not properly implement the ...)
- TODO: check
+ NOT-FOR-US: age old version
CVE-2006-7241 (The Image Viewer component in IBM FileNet P8 Application Engine
(P8AE) ...)
NOT-FOR-US: ibm filenet_p8_application_engine
CVE-2006-7242 (The Workplace (aka WP) component in IBM FileNet P8 Application
Engine ...)
@@ -75589,13 +75589,13 @@ CVE-2008-7264 (The ftp_QUIT function in ftpserver.py
in pyftpdlib before 0.5.0 a
CVE-2008-7265 (The pr_data_xfer function in ProFTPD before 1.3.2rc3 allows
remote ...)
TODO: check
CVE-2008-7266 (Cross-site scripting (XSS) vulnerability in an unspecified
Shockwave ...)
- TODO: check
+ NOT-FOR-US: rsa adaptive_authentication
CVE-2008-7267 (SQL injection vulnerability in announcements.php in SiteEngine
5.x ...)
- TODO: check
+ NOT-FOR-US: boka siteengine
CVE-2008-7268 (The phpinfo function in SiteEngine 5.x allows remote attackers
to ...)
- TODO: check
+ NOT-FOR-US: boka siteengine
CVE-2008-7269 (Open redirect vulnerability in api.php in SiteEngine 5.x allows
...)
- TODO: check
+ NOT-FOR-US: boka siteengine
CVE-2008-7270 (OpenSSL before 0.9.8j, when
SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is ...)
TODO: check
CVE-2009-0001 (Heap-based buffer overflow in Apple QuickTime before 7.6 allows
remote ...)
@@ -85693,11 +85693,11 @@ CVE-2009-5017 (Mozilla Firefox before 3.6 Beta 3 does
not properly handle overlo
CVE-2009-5018
RESERVED
CVE-2009-5019 (Web Wiz NewsPad stores sensitive information under the web root
with ...)
- TODO: check
+ NOT-FOR-US: webwiz web_wiz_newspad
CVE-2009-5020 (Open redirect vulnerability in awredir.pl in AWStats before
6.95 ...)
TODO: check
CVE-2009-5021 (Cobbler before 1.6.1 does not properly determine whether an ...)
- TODO: check
+ NOT-FOR-US: cobbler
CVE-2009-5022
RESERVED
CVE-2009-5023
@@ -85941,9 +85941,9 @@ CVE-2010-0110
CVE-2010-0111
RESERVED
CVE-2010-0112 (Multiple SQL injection vulnerabilities in the Administrative
Interface ...)
- TODO: check
+ NOT-FOR-US: symantec im_manager
CVE-2010-0113 (The Symantec Norton Mobile Security application 1.0 Beta for
Android ...)
- TODO: check
+ NOT-FOR-US: symantec mobile_security
CVE-2010-0114
RESERVED
CVE-2010-0115
@@ -86176,7 +86176,7 @@ CVE-2010-0217
CVE-2010-0218 (ISC BIND 9.7.2 through 9.7.2-P1 uses an incorrect ACL to
restrict the ...)
NOT-FOR-US: We only have 9.7.2_p2, and it's still unstable.
CVE-2010-0219 (Apache Axis2, as used in dswsbobje.war in SAP BusinessObjects
...)
- TODO: check
+ NOT-FOR-US: sap businessobjects
CVE-2010-0220 (The nsObserverList::FillObserverArray function in ...)
BUG: 312679
CVE-2010-0221 (Kingston DataTraveler BlackBox (DTBB), DataTraveler Secure
Privacy ...)
@@ -86798,7 +86798,7 @@ CVE-2010-0528 (Apple QuickTime before 7.6.6 on Windows
allows remote attackers t
CVE-2010-0529 (Heap-based buffer overflow in QuickTime.qts in Apple QuickTime
before ...)
NOT-FOR-US: apple quicktime
CVE-2010-0530 (Apple QuickTime before 7.6.9 on Windows sets weak permissions
for the ...)
- TODO: check
+ NOT-FOR-US: apple quicktime
CVE-2010-0531 (Apple iTunes before 9.1 allows remote attackers to cause a
denial of ...)
NOT-FOR-US: apple itunes
CVE-2010-0532 (Race condition in the installation package in Apple iTunes
before 9.1 ...)
@@ -87302,15 +87302,15 @@ CVE-2010-0780
CVE-2010-0781 (Unspecified vulnerability in the administrative console in IBM
...)
NOT-FOR-US: ibm websphere_application_server
CVE-2010-0782 (IBM WebSphere MQ 6.x before 6.0.2.10 and 7.x before 7.0.1.3
allows ...)
- TODO: check
+ NOT-FOR-US: ibm websphere_mq
CVE-2010-0783 (Cross-site scripting (XSS) vulnerability in the Administrative
Console ...)
- TODO: check
+ NOT-FOR-US: ibm websphere_application_server
CVE-2010-0784 (Cross-site scripting (XSS) vulnerability in the Administrative
Console ...)
- TODO: check
+ NOT-FOR-US: ibm websphere_application_server
CVE-2010-0785 (Cross-site request forgery (CSRF) vulnerability in the
Administrative ...)
- TODO: check
+ NOT-FOR-US: ibm websphere_application_server
CVE-2010-0786 (The Web Services Security component in IBM WebSphere
Application ...)
- TODO: check
+ NOT-FOR-US: ibm websphere_application_server
CVE-2010-0787 (client/mount.cifs.c in mount.cifs in smbfs in Samba 3.0.22,
3.0.28a, ...)
BUG: 308067
CVE-2010-0788 (ncpfs 2.2.6 allows local users to cause a denial of service,
obtain ...)
@@ -88785,7 +88785,7 @@ CVE-2010-1521 (SQL injection vulnerability in
include/classes/tzn_user.php in ..
CVE-2010-1522 (Multiple SQL injection vulnerabilities in the BookLibrary Basic
...)
NOT-FOR-US: ordasoft com_booklibrary
CVE-2010-1523 (Multiple heap-based buffer overflows in vp6.w5s (aka the VP6
codec) in ...)
- TODO: check
+ NOT-FOR-US: nullsoft winamp
CVE-2010-1524 (The SpreadSheet Lotus 123 reader (wkssr.dll) in Autonomy
KeyView 10.4 ...)
NOT-FOR-US: autonomy keyview_viewer_sdk
CVE-2010-1525 (Integer underflow in the SpreadSheet Lotus 123 reader
(wkssr.dll) in ...)
@@ -89126,7 +89126,7 @@ CVE-2010-1691
CVE-2010-1692
RESERVED
CVE-2010-1693 (openibd in OpenFabrics Enterprise Distribution (OFED) 1.5.2
allows ...)
- TODO: check
+ NOT-FOR-US: openfabrics enterprise_distribution
CVE-2010-1694
RESERVED
CVE-2010-1695
@@ -89398,45 +89398,45 @@ CVE-2010-1826
CVE-2010-1827
RESERVED
CVE-2010-1828 (AFP Server in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5
allows ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-1829 (Directory traversal vulnerability in AFP Server in Apple Mac OS
X ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-1830 (AFP Server in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5
generates ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-1831 (Buffer overflow in Apple Type Services (ATS) in Apple Mac OS X
10.5.8 ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-1832 (Stack-based buffer overflow in Apple Type Services (ATS) in
Apple Mac ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-1833 (Apple Type Services (ATS) in Apple Mac OS X 10.6.x before
10.6.5 ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-1834 (CFNetwork in Apple Mac OS X 10.6.x before 10.6.5 does not
properly ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-1835
RESERVED
CVE-2010-1836 (Stack-based buffer overflow in CoreGraphics in Apple Mac OS X
10.5.8 ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-1837 (CoreText in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5
allows ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-1838 (Directory Services in Apple Mac OS X 10.5.8 and 10.6.x before
10.6.5 ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-1839
RESERVED
CVE-2010-1840 (Stack-based buffer overflow in the password-validation
functionality ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-1841 (Disk Images in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5
allows ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-1842 (Buffer overflow in AppKit in Apple Mac OS X 10.6.x before
10.6.5 ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-1843 (Networking in Apple Mac OS X 10.6.2 through 10.6.4 allows
remote ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-1844 (Unspecified vulnerability in Image Capture in Apple Mac OS X
10.6.x ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-1845 (ImageIO in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5
allows ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-1846 (Heap-based buffer overflow in Image RAW in Apple Mac OS X
10.5.8 and ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-1847 (The kernel in Apple Mac OS X 10.6.x before 10.6.5 does not
properly ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-1848 (Directory traversal vulnerability in MySQL 5.0 through 5.0.91
and 5.1 ...)
BUG: 321791
CVE-2010-1849 (The my_net_skip_rest function in sql/net_serv.cc in MySQL 5.0
through ...)
@@ -90214,7 +90214,7 @@ CVE-2010-2233 (tif_getimage.c in LibTIFF 3.9.0 and
3.9.2 on 64-bit platforms, as
CVE-2010-2234 (Cross-site request forgery (CSRF) vulnerability in Apache
CouchDB ...)
BUG: 335881
CVE-2010-2235 (template_api.py in Cobbler before 2.0.7, as used in Red Hat
Network ...)
- TODO: check
+ NOT-FOR-US: michael_dehaan cobbler
CVE-2010-2236
RESERVED
CVE-2010-2237 (Red Hat libvirt, possibly 0.6.1 through 0.8.2, looks up disk
backing ...)
@@ -90480,11 +90480,11 @@ CVE-2010-2365 (Cross-site scripting (XSS)
vulnerability in Free CGI Moo moobbs2
CVE-2010-2366 (Cross-site scripting (XSS) vulnerability in futomi CGI Cafe
Access ...)
NOT-FOR-US: futomi access_analyzer_cgi
CVE-2010-2367 (Cross-site scripting (XSS) vulnerability in search.cgi in
AD-EDIT2 ...)
- TODO: check
+ NOT-FOR-US: norenz ad edit2
CVE-2010-2368 (Untrusted search path vulnerability in Lhaplus before 1.58
allows ...)
- TODO: check
+ NOT-FOR-US: lhaplus
CVE-2010-2369 (Untrusted search path vulnerability in Lhasa 0.19 and earlier
allows ...)
- TODO: check
+ NOT-FOR-US: susie_ro lhasa
CVE-2010-2370 (Unspecified vulnerability in the Oracle Business Process
Management ...)
NOT-FOR-US: oracle fusion_middleware
CVE-2010-2371 (Unspecified vulnerability in the Oracle Transportation
Management ...)
@@ -90522,13 +90522,13 @@ CVE-2010-2386 (Unspecified vulnerability in Oracle
Solaris 8, 9, and 10, and ...
CVE-2010-2387
RESERVED
CVE-2010-2388 (Unspecified vulnerability in the Oracle Applications Manager
component ...)
- TODO: check
+ NOT-FOR-US: oracle e business_suite
CVE-2010-2389 (Unspecified vulnerability in the Perl component in Oracle
Database ...)
- TODO: check
+ NOT-FOR-US: oracle fusion_middleware
CVE-2010-2390 (Unspecified vulnerability in the Database Control component in
EM ...)
- TODO: check
+ NOT-FOR-US: oracle fusion_middleware
CVE-2010-2391 (Unspecified vulnerability in the Core RDBMS component in Oracle
...)
- TODO: check
+ NOT-FOR-US: oracle database_server
CVE-2010-2392 (Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris
allows ...)
NOT-FOR-US: oracle solaris
CVE-2010-2393 (Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris
allows ...)
@@ -90536,9 +90536,9 @@ CVE-2010-2393 (Unspecified vulnerability in Oracle
Solaris 10 and OpenSolaris al
CVE-2010-2394 (Unspecified vulnerability in Oracle Solaris 10 allows local
users to ...)
NOT-FOR-US: oracle solaris
CVE-2010-2395 (Unspecified vulnerability in the Cabo/UIX component in Oracle
Fusion ...)
- TODO: check
+ NOT-FOR-US: oracle fusion_middleware
CVE-2010-2396 (Unspecified vulnerability in the Forms component in Oracle
Fusion ...)
- TODO: check
+ NOT-FOR-US: oracle fusion_middleware
CVE-2010-2397 (Unspecified vulnerability in Oracle Sun Java System Application
Server ...)
NOT-FOR-US: oracle sun_glassfish_enterprise_server
CVE-2010-2398 (Unspecified vulnerability in the PeopleSoft Enterprise HCM
component ...)
@@ -90554,37 +90554,37 @@ CVE-2010-2402 (Unspecified vulnerability in the
PeopleSoft Enterprise PeopleTool
CVE-2010-2403 (Unspecified vulnerability in the PeopleSoft Enterprise Campus
...)
NOT-FOR-US: oracle peoplesoft_and_jdedwards_suite_campus_solutions
CVE-2010-2404 (Unspecified vulnerability in the Oracle iRecruitment component
in ...)
- TODO: check
+ NOT-FOR-US: oracle e business_suite
CVE-2010-2405 (Unspecified vulnerability in the Siebel Core - Highly
Interactive ...)
- TODO: check
+ NOT-FOR-US: oracle siebel_suite
CVE-2010-2406 (Unspecified vulnerability in the Siebel Core - Highly
Interactive ...)
- TODO: check
+ NOT-FOR-US: oracle siebel_suite
CVE-2010-2407 (Unspecified vulnerability in the XDK component in Oracle
Database ...)
- TODO: check
+ NOT-FOR-US: oracle database_server
CVE-2010-2408 (Unspecified vulnerability in the Oracle iRecruitment component
in ...)
- TODO: check
+ NOT-FOR-US: oracle e business_suite
CVE-2010-2409 (Unspecified vulnerability in the Cabo/UIX component in Oracle
Fusion ...)
- TODO: check
+ NOT-FOR-US: oracle fusion_middleware
CVE-2010-2410 (Unspecified vulnerability in the Cabo/UIX component in Oracle
Fusion ...)
- TODO: check
+ NOT-FOR-US: oracle fusion_middleware
CVE-2010-2411 (Unspecified vulnerability in the Job Queue component in Oracle
...)
- TODO: check
+ NOT-FOR-US: oracle database_server
CVE-2010-2412 (Unspecified vulnerability in the OLAP component in Oracle
Database ...)
- TODO: check
+ NOT-FOR-US: oracle database_server
CVE-2010-2413 (Unspecified vulnerability in the BI Publisher component in
Oracle ...)
- TODO: check
+ NOT-FOR-US: oracle fusion_middleware
CVE-2010-2414 (Unspecified vulnerability in the (1) Sun Convergence 1 and (2)
Sun ...)
TODO: check
CVE-2010-2415 (Unspecified vulnerability in the Change Data Capture component
in ...)
- TODO: check
+ NOT-FOR-US: oracle database_server
CVE-2010-2416 (Unspecified vulnerability in the Oracle E-Business Intelligence
...)
- TODO: check
+ NOT-FOR-US: oracle e business_suite
CVE-2010-2417 (Unspecified vulnerability in the Agile PLM component in Oracle
Supply ...)
- TODO: check
+ NOT-FOR-US: oracle supply_chain_products_suite
CVE-2010-2418 (Unspecified vulnerability in the Oracle Territory Management
component ...)
- TODO: check
+ NOT-FOR-US: oracle e business_suite
CVE-2010-2419 (Unspecified vulnerability in the Java Virtual Machine component
in ...)
- TODO: check
+ NOT-FOR-US: oracle database_server
CVE-2010-2420 (Multiple unspecified vulnerabilities in Fenrir Inc.
ActiveGeckoBrowser ...)
NOT-FOR-US: fenrir inc activegeckobrowser
CVE-2010-2421 (Multiple unspecified vulnerabilities in Opera before 10.54 have
...)
@@ -90700,7 +90700,7 @@ CVE-2010-2475
CVE-2010-2476
RESERVED
CVE-2010-2477 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
- TODO: check
+ NOT-FOR-US: pythonpaste paste
CVE-2010-2478 (Integer overflow in the ethtool_get_rxnfc function in ...)
TODO: check
CVE-2010-2479 (Cross-site scripting (XSS) vulnerability in HTML Purifier
before ...)
@@ -90806,7 +90806,7 @@ CVE-2010-2528 (The clientautoresp function in
family_icbm.c in the oscar protoco
CVE-2010-2529 (Unspecified vulnerability in ping.c in iputils 20020927,
20070202, ...)
BUG: 332527
CVE-2010-2530 (Multiple integer signedness errors in smb_subr.c in the netsmb
module ...)
- TODO: check
+ NOT-FOR-US: netbsd
CVE-2010-2531 (The var_export function in PHP 5.2 before 5.2.14 and 5.3 before
5.3.3 ...)
BUG: 332039
CVE-2010-2532 (** DISPUTED ** ...)
@@ -90816,7 +90816,7 @@ CVE-2010-2533
CVE-2010-2534 (The NetworkSyncCommandQueue function in
network/network_command.cpp in ...)
BUG: 320955
CVE-2010-2535 (Multiple cross-site scripting (XSS) vulnerabilities in the Back
End in ...)
- TODO: check
+ NOT-FOR-US: joomla
CVE-2010-2536 (Multiple cross-site scripting (XSS) vulnerabilities in rekonq
0.5 and ...)
BUG: 332069
CVE-2010-2537 (The btrfs_ioctl_clone function in fs/btrfs/ioctl.c in the Linux
kernel ...)
@@ -90890,9 +90890,9 @@ CVE-2010-2570
CVE-2010-2571
RESERVED
CVE-2010-2572 (Buffer overflow in Microsoft PowerPoint 2002 SP3 and 2003 SP3
allows ...)
- TODO: check
+ NOT-FOR-US: microsoft powerpoint
CVE-2010-2573 (Integer underflow in Microsoft PowerPoint 2002 SP3 and 2003
SP3, ...)
- TODO: check
+ NOT-FOR-US: microsoft powerpoint_viewer
CVE-2010-2574 (Cross-site scripting (XSS) vulnerability in
manage_proj_cat_add.php in ...)
BUG: 335850
CVE-2010-2575 (Heap-based buffer overflow in the RLE decompression
functionality in ...)
@@ -90902,23 +90902,23 @@ CVE-2010-2576 (Opera before 10.61 does not properly
suppress clicks on download
CVE-2010-2577 (Multiple SQL injection vulnerabilities in Pligg before 1.1.1
allow ...)
NOT-FOR-US: pligg
CVE-2010-2578 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0
through ...)
- TODO: check
+ NOT-FOR-US: realnetworks realplayer_sp
CVE-2010-2579
RESERVED
CVE-2010-2580 (The SMTP service (MESMTPC.exe) in MailEnable 3.x and 4.25 does
not ...)
NOT-FOR-US: mailenable
CVE-2010-2581 (dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows
remote ...)
- TODO: check
+ NOT-FOR-US: adobe shockwave_player
CVE-2010-2582 (An unspecified function in TextXtra.x32 in Adobe Shockwave
Player ...)
- TODO: check
+ NOT-FOR-US: adobe shockwave_player
CVE-2010-2583 (Stack-based buffer overflow in SonicWALL SSL-VPN End-Point ...)
- TODO: check
+ NOT-FOR-US: sonicwall ssl vpn_end point_interrogator
installer_activex_control
CVE-2010-2584 (The Upload method in the RealPage Module Upload ActiveX control
in ...)
- TODO: check
+ NOT-FOR-US: realpage module_activex_controls
CVE-2010-2585 (Multiple buffer overflows in the RealPage Module Upload ActiveX
...)
- TODO: check
+ NOT-FOR-US: realpage module_activex_control
CVE-2010-2586 (Multiple integer overflows in in_nsv.dll in the in_nsv plugin
in ...)
- TODO: check
+ NOT-FOR-US: nullsoft winamp
CVE-2010-2587
RESERVED
CVE-2010-2588
@@ -91016,15 +91016,15 @@ CVE-2010-2633 (Unspecified vulnerability in EMC Disk
Library (EDL) before 3.2.7,
CVE-2010-2634 (RSA enVision before 3.7 SP1 allows remote authenticated users
to cause ...)
NOT-FOR-US: rsa envision
CVE-2010-2635 (SQL injection vulnerability in IBM WebSphere Commerce 6.0
before ...)
- TODO: check
+ NOT-FOR-US: ibm websphere_commerce
CVE-2010-2636 (Multiple cross-site scripting (XSS) vulnerabilities in sample
store ...)
- TODO: check
+ NOT-FOR-US: ibm websphere_commerce
CVE-2010-2637 (IBM WebSphere MQ 6.0 before 6.0.2.9 and 7.0 before 7.0.1.1 does
not ...)
- TODO: check
+ NOT-FOR-US: ibm websphere_mq
CVE-2010-2638 (Unspecified vulnerability in IBM WebSphere MQ 7.0 before
7.0.1.5 ...)
- TODO: check
+ NOT-FOR-US: ibm websphere_mq
CVE-2010-2639 (IBM WebSphere Commerce Enterprise 7.0 before 7.0.0.2 allows
remote ...)
- TODO: check
+ NOT-FOR-US: ibm websphere_commerce
CVE-2010-2640
RESERVED
CVE-2010-2641
@@ -91210,11 +91210,11 @@ CVE-2010-2730 (Buffer overflow in Microsoft Internet
Information Services (IIS)
CVE-2010-2731 (Unspecified vulnerability in Microsoft Internet Information
Services ...)
NOT-FOR-US: microsoft iis
CVE-2010-2732 (Open redirect vulnerability in the web interface in Microsoft
...)
- TODO: check
+ NOT-FOR-US: microsoft forefront_unified_access_gateway
CVE-2010-2733 (Cross-site scripting (XSS) vulnerability in the Web Monitor in
...)
- TODO: check
+ NOT-FOR-US: microsoft forefront_unified_access_gateway
CVE-2010-2734 (Cross-site scripting (XSS) vulnerability in the mobile portal
in ...)
- TODO: check
+ NOT-FOR-US: microsoft forefront_unified_access_gateway
CVE-2010-2735
RESERVED
CVE-2010-2736
@@ -91226,27 +91226,27 @@ CVE-2010-2738 (The Uniscribe (aka new Unicode Script
Processor) implementation i
CVE-2010-2739 (Buffer overflow in the CreateDIBPalette function in win32k.sys
in ...)
NOT-FOR-US: microsoft windows_xp
CVE-2010-2740 (The OpenType Font (OTF) format driver in Microsoft Windows XP
SP2 and ...)
- TODO: check
+ NOT-FOR-US: microsoft windows_xp
CVE-2010-2741 (The OpenType Font (OTF) format driver in Microsoft Windows XP
SP2 and ...)
- TODO: check
+ NOT-FOR-US: microsoft windows_xp
CVE-2010-2742
RESERVED
CVE-2010-2743
RESERVED
CVE-2010-2744 (The kernel-mode drivers in Microsoft Windows XP SP2 and SP3,
Windows ...)
- TODO: check
+ NOT-FOR-US: microsoft windows_xp
CVE-2010-2745 (Microsoft Windows Media Player (WMP) 9 through 12 does not
properly ...)
- TODO: check
+ NOT-FOR-US: microsoft windows_media_player
CVE-2010-2746 (Heap-based buffer overflow in Comctl32.dll (aka the common
control ...)
- TODO: check
+ NOT-FOR-US: microsoft windows_xp
CVE-2010-2747 (Microsoft Word 2002 SP3 and Office 2004 for Mac do not properly
handle ...)
- TODO: check
+ NOT-FOR-US: microsoft word
CVE-2010-2748 (Microsoft Word 2002 SP3 and Office 2004 for Mac do not properly
check ...)
- TODO: check
+ NOT-FOR-US: microsoft word
CVE-2010-2749
RESERVED
CVE-2010-2750 (Array index error in Microsoft Word 2002 SP3 and Office 2004
for Mac ...)
- TODO: check
+ NOT-FOR-US: microsoft word
CVE-2010-2751 (The nsDocShell::OnRedirectStateChange function in ...)
TODO: check
CVE-2010-2752 (Integer overflow in an array class in Mozilla Firefox 3.5.x
before ...)
@@ -91340,7 +91340,7 @@ CVE-2010-2795 (phpCAS before 1.1.2 allows remote
authenticated users to hijack .
CVE-2010-2796 (Cross-site scripting (XSS) vulnerability in phpCAS before
1.1.2, when ...)
NOT-FOR-US: phpCAS
CVE-2010-2797 (Directory traversal vulnerability in
lib/translation.functions.php in ...)
- TODO: check
+ NOT-FOR-US: cmsmadesimple cms_made_simple
CVE-2010-2798 (The gfs2_dirent_find_space function in fs/gfs2/dir.c in the
Linux ...)
TODO: check
CVE-2010-2799 (Stack-based buffer overflow in the nestlex function in
nestlex.c in ...)
@@ -91516,9 +91516,9 @@ CVE-2010-2883 (Stack-based buffer overflow in
CoolType.dll in Adobe Reader and .
CVE-2010-2884 (Adobe Flash Player 10.1.82.76 and earlier on Windows, Mac OS X,
Linux, ...)
BUG: 337204
CVE-2010-2885 (Cross-site scripting (XSS) vulnerability in Adobe RoboHelp 7
and 8, ...)
- TODO: check
+ NOT-FOR-US: adobe robohelp_server
CVE-2010-2886 (Multiple cross-site scripting (XSS) vulnerabilities in Adobe
RoboHelp ...)
- TODO: check
+ NOT-FOR-US: adobe robohelp_server
CVE-2010-2887 (Multiple unspecified vulnerabilities in Adobe Reader and
Acrobat 9.x ...)
TODO: check
CVE-2010-2888 (Multiple unspecified vulnerabilities in an ActiveX control in
Adobe ...)
@@ -91530,7 +91530,7 @@ CVE-2010-2890 (Adobe Reader and Acrobat 9.x before 9.4,
and 8.x before 8.2.5 on
CVE-2010-2891 (Buffer overflow in the smiGetNode function in lib/smi.c in
libsmi ...)
TODO: check
CVE-2010-2892 (gsb/drivers.php in LANDesk Management Gateway 4.0 through
4.0-1.48 and ...)
- TODO: check
+ NOT-FOR-US: landesk management_gateway
CVE-2010-2893
RESERVED
CVE-2010-2894
@@ -91743,7 +91743,7 @@ CVE-2010-2996 (Array index error in RealNetworks
RealPlayer 11.0 through 11.1 on
CVE-2010-2997
RESERVED
CVE-2010-2998 (Array index error in RealNetworks RealPlayer 11.0 through 11.1
and ...)
- TODO: check
+ NOT-FOR-US: realnetworks realplayer_sp
CVE-2010-2999
RESERVED
CVE-2010-3000 (Multiple integer overflows in the ParseKnownType function in
...)
@@ -91822,13 +91822,13 @@ CVE-2010-3035 (Cisco IOS XR 3.4.0 through 3.9.1, when
BGP is enabled, does not .
CVE-2010-3036 (Multiple buffer overflows in the authentication functionality
in the ...)
TODO: check
CVE-2010-3037 (goform/websXMLAdminRequestCgi.cgi in Cisco Unified
Videoconferencing ...)
- TODO: check
+ NOT-FOR-US: cisco unified_videoconferencing_system_5230
CVE-2010-3038 (Cisco Unified Videoconferencing (UVC) System 5110 and 5115,
when the ...)
- TODO: check
+ NOT-FOR-US: cisco unified_videoconferencing_system_5115
CVE-2010-3039 (/usr/local/cm/bin/pktCap_protectData in Cisco Unified
Communications ...)
- TODO: check
+ NOT-FOR-US: cisco unified_communications_manager
CVE-2010-3040 (Multiple stack-based buffer overflows in agent.exe in Setup
Manager in ...)
- TODO: check
+ NOT-FOR-US: cisco intelligent_contact_manager
CVE-2010-3041
RESERVED
CVE-2010-3042
@@ -91888,7 +91888,7 @@ CVE-2010-3068
CVE-2010-3069 (Stack-based buffer overflow in the (1) sid_parse and (2)
dom_sid_parse ...)
TODO: check
CVE-2010-3070 (Cross-site scripting (XSS) vulnerability in NuSOAP 0.9.5, as
used in ...)
- TODO: check
+ NOT-FOR-US: dietrich_ayala nusoap
CVE-2010-3071 (bip before 0.8.6 allows remote attackers to cause a denial of
service ...)
TODO: check
CVE-2010-3072 (The string-comparison functions in String.cci in Squid 3.x
before ...)
@@ -91930,13 +91930,13 @@ CVE-2010-3089 (Multiple cross-site scripting (XSS)
vulnerabilities in GNU Mailma
CVE-2010-3090
RESERVED
CVE-2010-3091 (The OpenID module in Drupal 6.x before 6.18, and the OpenID
module 5.x ...)
- TODO: check
+ NOT-FOR-US: peter_wolanin openid
CVE-2010-3092 (The upload module in Drupal 5.x before 5.23 and 6.x before 6.18
does ...)
- TODO: check
+ NOT-FOR-US: drupal
CVE-2010-3093 (The comment module in Drupal 5.x before 5.23 and 6.x before
6.18 ...)
- TODO: check
+ NOT-FOR-US: drupal
CVE-2010-3094 (Multiple cross-site scripting (XSS) vulnerabilities in Drupal
6.x ...)
- TODO: check
+ NOT-FOR-US: drupal
CVE-2010-3095
RESERVED
CVE-2010-3096 (Directory traversal vulnerability in SoftX FTP Client 3.3 and
possibly ...)
@@ -91968,7 +91968,7 @@ CVE-2010-3108 (Buffer overflow in the browser plugin in
Novell iPrint Client bef
CVE-2010-3109 (Stack-based buffer overflow in the browser plugin in Novell
iPrint ...)
NOT-FOR-US: novell iprint
CVE-2010-3110 (Multiple buffer overflows in the Novell Client novfs module for
the ...)
- TODO: check
+ NOT-FOR-US: novfs
CVE-2010-3111 (Google Chrome before 6.0.472.53 does not properly mitigate an
...)
TODO: check
CVE-2010-3112 (Google Chrome before 5.0.375.127 does not properly implement
file ...)
@@ -92060,25 +92060,25 @@ CVE-2010-3154 (Untrusted search path vulnerability in
Adobe Extension Manager CS
CVE-2010-3155 (Untrusted search path vulnerability in Adobe ExtendScript
Toolkit ...)
NOT-FOR-US: adobe extendedscript_toolkit_cs5
CVE-2010-3156 (Untrusted search path vulnerability in K2 K2Editor before 1.5.9
allows ...)
- TODO: check
+ NOT-FOR-US: k2top k2editor
CVE-2010-3157 (Untrusted search path vulnerability in XacRett before 50 allows
...)
- TODO: check
+ NOT-FOR-US: kmonos xacrett
CVE-2010-3158 (Untrusted search path vulnerability in Lhaplus before 1.58
allows ...)
- TODO: check
+ NOT-FOR-US: lhaplus
CVE-2010-3159 (Untrusted search path vulnerability in Explzh 5.67 and earlier
allows ...)
- TODO: check
+ NOT-FOR-US: explzh
CVE-2010-3160 (Untrusted search path vulnerability in Archive Decoder 1.23 and
...)
- TODO: check
+ NOT-FOR-US: ponsoftware archive_decoder
CVE-2010-3161 (Untrusted search path vulnerability in TeraPad before 1.00
allows ...)
- TODO: check
+ NOT-FOR-US: susumu_terao terapad
CVE-2010-3162 (Untrusted search path vulnerability in Apsaly before 3.74
allows local ...)
- TODO: check
+ NOT-FOR-US: masahiko_watanabe apsaly
CVE-2010-3163 (Untrusted search path vulnerability in Fenrir Sleipnir before
2.9.5 ...)
- TODO: check
+ NOT-FOR-US: fenrir sleipnir
CVE-2010-3164 (Untrusted search path vulnerability in Fenrir Sleipnir 2.9.4
and ...)
- TODO: check
+ NOT-FOR-US: fenrir sleipnir
CVE-2010-3165 (Untrusted search path vulnerability in Yokka NoEditor 1.33.1.1
and ...)
- TODO: check
+ NOT-FOR-US: yokkasoft uneditor
CVE-2010-3166 (Heap-based buffer overflow in the
nsTextFrameUtils::TransformText ...)
TODO: check
CVE-2010-3167 (The nsTreeContentView function in Mozilla Firefox before 3.5.12
and ...)
@@ -92176,65 +92176,65 @@ CVE-2010-3212 (SQL injection vulnerability in
index.php in Seagull 0.6.7 and ear
CVE-2010-3213 (Cross-site request forgery (CSRF) vulnerability in Microsoft
Outlook ...)
NOT-FOR-US: microsoft outlook_web_access
CVE-2010-3214 (Stack-based buffer overflow in Microsoft Word 2002 SP3, 2003
SP3, 2007 ...)
- TODO: check
+ NOT-FOR-US: microsoft word_web_app
CVE-2010-3215 (Microsoft Word 2002 SP3 and Office 2004 for Mac do not properly
handle ...)
- TODO: check
+ NOT-FOR-US: microsoft word
CVE-2010-3216 (Microsoft Word 2002 SP3 and Office 2004 for Mac allow remote
attackers ...)
- TODO: check
+ NOT-FOR-US: microsoft word
CVE-2010-3217 (Microsoft Word 2002 SP3 allows remote attackers to execute
arbitrary ...)
- TODO: check
+ NOT-FOR-US: microsoft word
CVE-2010-3218 (Heap-based buffer overflow in Microsoft Word 2002 SP3 allows
remote ...)
- TODO: check
+ NOT-FOR-US: microsoft word
CVE-2010-3219 (Array index vulnerability in Microsoft Word 2002 SP3 allows
remote ...)
- TODO: check
+ NOT-FOR-US: microsoft word
CVE-2010-3220 (Unspecified vulnerability in Microsoft Word 2002 SP3 and Office
2004 ...)
- TODO: check
+ NOT-FOR-US: microsoft word
CVE-2010-3221 (Microsoft Word 2002 SP3 and 2003 SP3, Office 2004 for Mac, and
Word ...)
- TODO: check
+ NOT-FOR-US: microsoft word_viewer
CVE-2010-3222 (Stack-based buffer overflow in the Remote Procedure Call
Subsystem ...)
- TODO: check
+ NOT-FOR-US: microsoft windows_xp
CVE-2010-3223 (The user interface in Microsoft Cluster Service (MSCS) in
Microsoft ...)
- TODO: check
+ NOT-FOR-US: microsoft windows_server_2008
CVE-2010-3224
RESERVED
CVE-2010-3225 (Use-after-free vulnerability in the Media Player Network
Sharing ...)
- TODO: check
+ NOT-FOR-US: microsoft windows_vista
CVE-2010-3226
RESERVED
CVE-2010-3227 (Stack-based buffer overflow in the UpdateFrameTitleForDocument
method ...)
- TODO: check
+ NOT-FOR-US: microsoft windows_xp
CVE-2010-3228 (The JIT compiler in Microsoft .NET Framework 4.0 on 64-bit
platforms ...)
- TODO: check
+ NOT-FOR-US: microsoft net_framework
CVE-2010-3229 (The Secure Channel (aka SChannel) security package in Microsoft
...)
- TODO: check
+ NOT-FOR-US: microsoft windows_vista
CVE-2010-3230 (Integer overflow in Microsoft Excel 2002 SP3 allows remote
attackers ...)
- TODO: check
+ NOT-FOR-US: microsoft excel
CVE-2010-3231 (Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and
Open XML ...)
- TODO: check
+ NOT-FOR-US: microsoft open_xml_file_format_converter
CVE-2010-3232 (Microsoft Excel 2003 SP3 and 2007 SP2; Office 2004 and 2008 for
Mac; ...)
- TODO: check
+ NOT-FOR-US: microsoft open_xml_file_format_converter
CVE-2010-3233 (Microsoft Excel 2002 SP3 and 2003 SP3 does not properly
validate ...)
- TODO: check
+ NOT-FOR-US: microsoft excel
CVE-2010-3234 (Microsoft Excel 2002 SP3 does not properly validate formula ...)
- TODO: check
+ NOT-FOR-US: microsoft excel
CVE-2010-3235 (Microsoft Excel 2002 SP3 does not properly validate formula ...)
- TODO: check
+ NOT-FOR-US: microsoft excel
CVE-2010-3236 (Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for
Mac, ...)
- TODO: check
+ NOT-FOR-US: microsoft open_xml_file_format_converter
CVE-2010-3237 (Microsoft Excel 2002 SP3 and Office 2004 for Mac do not
properly ...)
- TODO: check
+ NOT-FOR-US: microsoft office
CVE-2010-3238 (Microsoft Excel 2002 SP3 and 2003 SP3, and Office 2004 for Mac,
does ...)
- TODO: check
+ NOT-FOR-US: microsoft office
CVE-2010-3239 (Microsoft Excel 2002 SP3 does not properly validate record ...)
- TODO: check
+ NOT-FOR-US: microsoft excel
CVE-2010-3240 (Microsoft Excel 2002 SP3 and 2007 SP2; Excel Viewer SP2; and
Office ...)
- TODO: check
+ NOT-FOR-US: microsoft office_compatibility_pack
CVE-2010-3241 (Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and
Open XML ...)
- TODO: check
+ NOT-FOR-US: microsoft open_xml_file_format_converter
CVE-2010-3242 (Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and
Open XML ...)
- TODO: check
+ NOT-FOR-US: microsoft open_xml_file_format_converter
CVE-2010-3243 (Cross-site scripting (XSS) vulnerability in the toStaticHTML
function ...)
- TODO: check
+ NOT-FOR-US: microsoft sharepoint_services
CVE-2010-3244 (BbtsConnection_Edit.exe in Blackboard Transact Suite (formerly
...)
NOT-FOR-US: blackboard transact_suite
CVE-2010-3245 (The automated-backup functionality in Blackboard Transact Suite
...)
@@ -92280,9 +92280,9 @@ CVE-2010-3264 (The engine installer in Novell Identity
Manager (aka IDM) 3.6.1 s
CVE-2010-3265
RESERVED
CVE-2010-3266 (Multiple cross-site scripting (XSS) vulnerabilities in
BugTracker.NET ...)
- TODO: check
+ NOT-FOR-US: ifdefined bugtracker net
CVE-2010-3267 (Multiple SQL injection vulnerabilities in BugTracker.NET before
3.4.5 ...)
- TODO: check
+ NOT-FOR-US: ifdefined bugtracker net
CVE-2010-3268
RESERVED
CVE-2010-3269
@@ -92321,17 +92321,17 @@ CVE-2010-3284 (Unspecified vulnerability in HP System
Management Homepage (SMH)
CVE-2010-3285 (Unspecified vulnerability in HP OpenView Network Node Manager
(OV NNM) ...)
NOT-FOR-US: hp openview_network_node_manager
CVE-2010-3286 (Unspecified vulnerability in HP Systems Insight Manager (SIM)
6.0 and ...)
- TODO: check
+ NOT-FOR-US: hp systems_insight_manager
CVE-2010-3287 (Unspecified vulnerability on HP ProCurve Access Points, Access
...)
- TODO: check
+ NOT-FOR-US: hp procurve_access_point_software
CVE-2010-3288 (Cross-site request forgery (CSRF) vulnerability in HP Systems
Insight ...)
- TODO: check
+ NOT-FOR-US: hp systems_insight_manager
CVE-2010-3289 (Cross-site scripting (XSS) vulnerability in HP Systems Insight
Manager ...)
- TODO: check
+ NOT-FOR-US: hp systems_insight_manager
CVE-2010-3290 (Unspecified vulnerability in HP Systems Insight Manager (SIM)
before ...)
- TODO: check
+ NOT-FOR-US: hp systems_insight_manager
CVE-2010-3291 (Cross-site scripting (XSS) vulnerability in HP AssetCenter 5.0x
...)
- TODO: check
+ NOT-FOR-US: hp assetmanager
CVE-2010-3292
RESERVED
CVE-2010-3293
@@ -92363,7 +92363,7 @@ CVE-2010-3305
CVE-2010-3306 (Directory traversal vulnerability in the modURL function in
instance.c ...)
NOT-FOR-US: salvo_g _tomaselli weborf
CVE-2010-3307 (Multiple PHP remote file inclusion vulnerabilities in ...)
- TODO: check
+ NOT-FOR-US: dustincowell free_simple_cms
CVE-2010-3308 (Buffer overflow in programs/pluto/xauth.c in the client in
Openswan ...)
TODO: check
CVE-2010-3309
@@ -92391,7 +92391,7 @@ CVE-2010-3319 (IBM Records Manager (RM) 4.5.x before
4.5.1.1-IER-FP001 places a
CVE-2010-3320 (Open redirect vulnerability in IBM Records Manager (RM) 4.5.x
before ...)
NOT-FOR-US: ibm filenet_content_manager
CVE-2010-3321 (RSA Authentication Client 2.0.x, 3.0, and 3.5.x before 3.5.3
does not ...)
- TODO: check
+ NOT-FOR-US: rsa authentication_client
CVE-2010-3322 (The XML parser in Splunk 4.0.0 through 4.1.4 allows remote ...)
NOT-FOR-US: splunk
CVE-2010-3323 (Splunk 4.0.0 through 4.1.4 allows remote attackers to conduct
session ...)
@@ -92399,31 +92399,31 @@ CVE-2010-3323 (Splunk 4.0.0 through 4.1.4 allows
remote attackers to conduct ses
CVE-2010-3324 (The toStaticHTML function in Microsoft Internet Explorer 8, and
the ...)
NOT-FOR-US: microsoft ie
CVE-2010-3325 (Microsoft Internet Explorer 6 through 8 does not properly
handle ...)
- TODO: check
+ NOT-FOR-US: microsoft ie
CVE-2010-3326 (Microsoft Internet Explorer 6 does not properly handle objects
in ...)
- TODO: check
+ NOT-FOR-US: microsoft ie
CVE-2010-3327 (The implementation of HTML content creation in Microsoft
Internet ...)
- TODO: check
+ NOT-FOR-US: microsoft ie
CVE-2010-3328 (Use-after-free vulnerability in the CAttrArray::PrivateFind
function ...)
- TODO: check
+ NOT-FOR-US: microsoft ie
CVE-2010-3329 (mshtmled.dll in Microsoft Internet Explorer 7 and 8 allows
remote ...)
- TODO: check
+ NOT-FOR-US: microsoft ie
CVE-2010-3330 (Microsoft Internet Explorer 6 through 8 does not properly
restrict ...)
- TODO: check
+ NOT-FOR-US: microsoft ie
CVE-2010-3331 (Microsoft Internet Explorer 6 through 8 does not properly
handle ...)
- TODO: check
+ NOT-FOR-US: microsoft ie
CVE-2010-3332 (Microsoft .NET Framework 1.1 SP1, 2.0 SP1 and SP2, 3.5, 3.5
SP1, ...)
NOT-FOR-US: microsoft net_framework
CVE-2010-3333 (Stack-based buffer overflow in Microsoft Office XP SP3, Office
2003 ...)
- TODO: check
+ NOT-FOR-US: microsoft open_xml_file_format_converter
CVE-2010-3334 (Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2,
Office ...)
- TODO: check
+ NOT-FOR-US: microsoft open_xml_file_format_converter
CVE-2010-3335 (Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2,
Office ...)
- TODO: check
+ NOT-FOR-US: microsoft open_xml_file_format_converter
CVE-2010-3336 (Microsoft Office XP SP3, Office 2004 and 2008 for Mac, Office
for Mac ...)
- TODO: check
+ NOT-FOR-US: microsoft open_xml_file_format_converter
CVE-2010-3337 (Untrusted search path vulnerability in Microsoft Office 2007
SP2 and ...)
- TODO: check
+ NOT-FOR-US: microsoft office
CVE-2010-3338
RESERVED
CVE-2010-3339
@@ -92459,7 +92459,7 @@ CVE-2010-3353 (Cowbell 0.2.7.1 places a zero-length
directory name in the ...)
CVE-2010-3354 (dropboxd in Dropbox 0.7.110 places a zero-length directory name
in the ...)
TODO: check
CVE-2010-3355 (Ember 0.5.7 places a zero-length directory name in the ...)
- TODO: check
+ NOT-FOR-US: ember
CVE-2010-3356
RESERVED
CVE-2010-3357 (gnome-subtitles 1.0 places a zero-length directory name in the
...)
@@ -92469,19 +92469,19 @@ CVE-2010-3358 (HenPlus JDBC SQL-Shell 0.9.7 places a
zero-length directory name
CVE-2010-3359
RESERVED
CVE-2010-3360 (Hipo 0.6.1 places a zero-length directory name in the
LD_LIBRARY_PATH, ...)
- TODO: check
+ NOT-FOR-US: pedro_villavicencio_garrido hipo
CVE-2010-3361 (The (1) iked, (2) ikea, and (3) ikec scripts in Shrew Soft IKE
2.1.5 ...)
- TODO: check
+ NOT-FOR-US: shrew vpn_client
CVE-2010-3362 (lastfm 1.5.4 places a zero-length directory name in the ...)
TODO: check
CVE-2010-3363 (roarify in roaraudio 0.3 places a zero-length directory name in
the ...)
- TODO: check
+ NOT-FOR-US: roaraudio
CVE-2010-3364 (The vips-7.22 script in VIPS 7.22.2 places a zero-length
directory ...)
TODO: check
CVE-2010-3365 (Mistelix 0.31 places a zero-length directory name in the ...)
- TODO: check
+ NOT-FOR-US: mistelix
CVE-2010-3366 (Mn_Fit 5.13 places a zero-length directory name in the ...)
- TODO: check
+ NOT-FOR-US: zeus physik uni bonn mn_fit
CVE-2010-3367
RESERVED
CVE-2010-3368
@@ -92493,7 +92493,7 @@ CVE-2010-3370
CVE-2010-3371
RESERVED
CVE-2010-3372 (Untrusted search path vulnerability in NorduGrid Advanced
Resource ...)
- TODO: check
+ NOT-FOR-US: nordugrid arc
CVE-2010-3373
RESERVED
CVE-2010-3374 (Qt Creator before 2.0.1 places a zero-length directory name in
the ...)
@@ -92503,7 +92503,7 @@ CVE-2010-3375
CVE-2010-3376 (The (1) proofserv, (2) xrdcp, (3) xrdpwdadmin, and (4) xrd
scripts in ...)
TODO: check
CVE-2010-3377 (The (1) runSalome, (2) runTestMedCorba, (3) runLightSalome, and
(4) ...)
- TODO: check
+ NOT-FOR-US: salome platform salome
CVE-2010-3378 (The (1) scilab, (2) scilab-cli, and (3) scilab-adv-cli scripts
in ...)
TODO: check
CVE-2010-3379
@@ -92513,15 +92513,15 @@ CVE-2010-3380 (The (1) init.d/slurm and (2)
init.d/slurmdbd scripts in SLURM bef
CVE-2010-3381 (The (1) tangerine and (2) tangerine-properties scripts in
Tangerine ...)
TODO: check
CVE-2010-3382 (tauex in Tuning and Analysis Utilities (TAU) 2.16.4 places a
...)
- TODO: check
+ NOT-FOR-US: uoregon tau
CVE-2010-3383 (The (1) teamspeak and (2) teamspeak-server scripts in TeamSpeak
2.0.32 ...)
TODO: check
CVE-2010-3384 (The (1) torcs, (2) nfsperf, (3) accc, (4) texmapper, (5)
trackgen, and ...)
TODO: check
CVE-2010-3385 (TuxGuitar 1.2 places a zero-length directory name in the ...)
- TODO: check
+ NOT-FOR-US: herac tuxguitar
CVE-2010-3386 (usttrace in LTTng Userspace Tracer (aka UST) 0.7 places a
zero-length ...)
- TODO: check
+ NOT-FOR-US: lttng ust
CVE-2010-3387 (** DISPUTED ** ...)
TODO: check
CVE-2010-3388
@@ -92535,7 +92535,7 @@ CVE-2010-3391
CVE-2010-3392
RESERVED
CVE-2010-3393 (magics-config in Magics++ 2.10.0 places a zero-length directory
name ...)
- TODO: check
+ NOT-FOR-US: ecmwf magics
CVE-2010-3394 (The (1) texmacs and (2) tm_mupad_help scripts in TeXmacs
1.0.7.4 place ...)
TODO: check
CVE-2010-3395
@@ -92650,7 +92650,7 @@ CVE-2010-3447
CVE-2010-3448
RESERVED
CVE-2010-3449 (Cross-site request forgery (CSRF) vulnerability in Redback
before ...)
- TODO: check
+ NOT-FOR-US: codehaus redback
CVE-2010-3450
RESERVED
CVE-2010-3451
@@ -92734,7 +92734,7 @@ CVE-2010-3489 (Cross-site scripting (XSS) vulnerability
in ...)
CVE-2010-3490 (Directory traversal vulnerability in page.recordings.php in the
System ...)
NOT-FOR-US: freepbx
CVE-2010-3491 (The (1) ActiveMatrix Runtime and (2) ActiveMatrix Administrator
...)
- TODO: check
+ NOT-FOR-US: tibco activematrix_service_performance_manager
CVE-2010-3492 (The asyncore module in Python before 3.2 does not properly
handle ...)
TODO: check
CVE-2010-3493 (Multiple race conditions in smtpd.py in the smtpd module in
Python ...)
@@ -93018,11 +93018,11 @@ CVE-2010-3631 (Array index error in Adobe Reader and
Acrobat 8.x before 8.2.5 an
CVE-2010-3632 (Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5
on ...)
TODO: check
CVE-2010-3633 (Memory leak in Adobe Flash Media Server (FMS) 3.0.x before
3.0.7, ...)
- TODO: check
+ NOT-FOR-US: adobe flash_media_server
CVE-2010-3634 (Unspecified vulnerability in the edge process in Adobe Flash
Media ...)
- TODO: check
+ NOT-FOR-US: adobe flash_media_server
CVE-2010-3635 (Adobe Flash Media Server (FMS) 3.0.x before 3.0.7, 3.5.x before
3.5.5, ...)
- TODO: check
+ NOT-FOR-US: adobe flash_media_server
CVE-2010-3636 (Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64
on ...)
TODO: check
CVE-2010-3637 (An unspecified ActiveX control in Adobe Flash Player before
9.0.289.0 ...)
@@ -93062,7 +93062,7 @@ CVE-2010-3653 (The Director module (dirapi.dll) in
Adobe Shockwave Player before
CVE-2010-3654 (Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64
on ...)
TODO: check
CVE-2010-3655 (Stack-based buffer overflow in dirapi.dll in Adobe Shockwave
Player ...)
- TODO: check
+ NOT-FOR-US: adobe shockwave_player
CVE-2010-3656 (Unspecified vulnerability in Adobe Reader and Acrobat 9.x
before 9.4, ...)
TODO: check
CVE-2010-3657 (Unspecified vulnerability in Adobe Reader and Acrobat 9.x
before 9.4, ...)
@@ -93132,9 +93132,9 @@ CVE-2010-3688 (Directory traversal vulnerability in
ADMIN/login.php in NetArtMED
CVE-2010-3689
RESERVED
CVE-2010-3690 (Multiple cross-site scripting (XSS) vulnerabilities in phpCAS
before ...)
- TODO: check
+ NOT-FOR-US: jasig phpcas
CVE-2010-3691 (PGTStorage/pgt-file.php in phpCAS before 1.1.3, when proxy mode
is ...)
- TODO: check
+ NOT-FOR-US: jasig phpcas
CVE-2010-3692 (Directory traversal vulnerability in the callback function in
...)
NOT-FOR-US: jasig phpcas
CVE-2010-3693
@@ -93178,15 +93178,15 @@ CVE-2010-3711 (libpurple in Pidgin before 2.7.4 does
not properly validate the r
CVE-2010-3712 (Cross-site scripting (XSS) vulnerability in Joomla! 1.5.x
before ...)
TODO: check
CVE-2010-3713 (rss.php in UseBB before 1.0.11 does not properly handle forum
...)
- TODO: check
+ NOT-FOR-US: usebb
CVE-2010-3714 (The jumpUrl (aka access tracking) implementation in ...)
- TODO: check
+ NOT-FOR-US: typo3
CVE-2010-3715 (Multiple cross-site scripting (XSS) vulnerabilities in TYPO3
4.2.x ...)
- TODO: check
+ NOT-FOR-US: typo3
CVE-2010-3716 (The be_user_creation task in TYPO3 4.2.x before 4.2.15 and
4.3.x ...)
- TODO: check
+ NOT-FOR-US: typo3
CVE-2010-3717 (The t3lib_div::validEmail function in TYPO3 4.2.x before
4.2.15, 4.3.x ...)
- TODO: check
+ NOT-FOR-US: typo3
CVE-2010-3718
RESERVED
CVE-2010-3719
@@ -93218,7 +93218,7 @@ CVE-2010-3731 (Buffer overflow in the Administration
Server component in IBM DB2
CVE-2010-3732 (The DRDA Services component in IBM DB2 UDB 9.5 before FP6a
allows ...)
NOT-FOR-US: ibm db2
CVE-2010-3733 (The Engine Utilities component in IBM DB2 UDB 9.5 before FP6a
uses ...)
- TODO: check
+ NOT-FOR-US: ibm db2
CVE-2010-3734 (The Install component in IBM DB2 UDB 9.5 before FP6a on Linux,
UNIX, ...)
NOT-FOR-US: ibm db2
CVE-2010-3735 (The "Query Compiler, Rewrite, Optimizer" component in
IBM DB2 UDB 9.5 ...)
@@ -93318,45 +93318,45 @@ CVE-2010-3781 (The PL/php add-on 1.4 and earlier for
PostgreSQL does not properl
CVE-2010-3782
RESERVED
CVE-2010-3783 (Password Server in Apple Mac OS X 10.5.8 and 10.6.x before
10.6.5 does ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-3784 (The PMPageFormatCreateWithDataRepresentation API in Printing in
Apple ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-3785 (Buffer overflow in QuickLook in Apple Mac OS X 10.5.8 and
10.6.x ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-3786 (QuickLook in Apple Mac OS X 10.6.x before 10.6.5 allows remote
...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-3787 (Heap-based buffer overflow in QuickTime in Apple Mac OS X
10.6.x ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-3788 (QuickTime in Apple Mac OS X 10.6.x before 10.6.5 accesses ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-3789 (QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote
...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-3790 (QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote
...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-3791 (Buffer overflow in QuickTime in Apple Mac OS X 10.6.x before
10.6.5 ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-3792 (Integer signedness error in QuickTime in Apple Mac OS X 10.6.x
before ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-3793 (QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote
...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-3794 (QuickTime in Apple Mac OS X 10.6.x before 10.6.5 accesses ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-3795 (QuickTime in Apple Mac OS X 10.6.x before 10.6.5 accesses ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-3796 (Safari RSS in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5
does not ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-3797 (Cross-site scripting (XSS) vulnerability in Wiki Server in
Apple Mac ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-3798 (Heap-based buffer overflow in xar in Apple Mac OS X 10.6.x
before ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-3799
RESERVED
CVE-2010-3800 (Apple QuickTime before 7.6.9 allows remote attackers to execute
...)
- TODO: check
+ NOT-FOR-US: apple quicktime
CVE-2010-3801 (Apple QuickTime before 7.6.9 allows remote attackers to execute
...)
- TODO: check
+ NOT-FOR-US: apple quicktime
CVE-2010-3802 (Integer signedness error in Apple QuickTime before 7.6.9 allows
remote ...)
- TODO: check
+ NOT-FOR-US: apple quicktime
CVE-2010-3803 (Integer overflow in WebKit in Apple Safari before 5.0.3 on Mac
OS X ...)
TODO: check
CVE-2010-3804 (The JavaScript implementation in WebKit in Apple Safari before
5.0.3 ...)
@@ -93454,9 +93454,9 @@ CVE-2010-3849
CVE-2010-3850
RESERVED
CVE-2010-3851 (libguestfs before 1.5.23, as used in virt-v2v, virt-inspector
1.5.3 ...)
- TODO: check
+ NOT-FOR-US: libguestfs
CVE-2010-3852 (The default configuration of Luci 0.22.4 and earlier in Red Hat
Conga ...)
- TODO: check
+ NOT-FOR-US: redhat luci
CVE-2010-3853
RESERVED
CVE-2010-3854
@@ -93478,7 +93478,7 @@ CVE-2010-3861 (The ethtool_get_rxnfc function in
net/core/ethtool.c in the Linux
CVE-2010-3862
RESERVED
CVE-2010-3863 (Apache Shiro before 1.1.0, and JSecurity 0.9.x, does not
canonicalize ...)
- TODO: check
+ NOT-FOR-US: shiro
CVE-2010-3864 (Multiple race conditions in ssl/t1_lib.c in OpenSSL 0.9.8f
through ...)
TODO: check
CVE-2010-3865
@@ -93488,13 +93488,13 @@ CVE-2010-3866
CVE-2010-3867 (Multiple directory traversal vulnerabilities in the
mod_site_misc ...)
TODO: check
CVE-2010-3868 (Red Hat Certificate System (RHCS) 7.3 and 8 and Dogtag
Certificate ...)
- TODO: check
+ NOT-FOR-US: redhat dogtag_certificate_system
CVE-2010-3869 (Red Hat Certificate System (RHCS) 7.3 and 8 and Dogtag
Certificate ...)
- TODO: check
+ NOT-FOR-US: redhat dogtag_certificate_system
CVE-2010-3870 (The utf8_decode function in PHP before 5.3.4 does not properly
handle ...)
TODO: check
CVE-2010-3871 (Cross-site scripting (XSS) vulnerability in ...)
- TODO: check
+ NOT-FOR-US: mahara
CVE-2010-3872 (The apr_status_t fcgid_header_bucket_read function in
fcgid_bucket.c ...)
TODO: check
CVE-2010-3873
@@ -93516,50 +93516,50 @@ CVE-2010-3880 (net/ipv4/inet_diag.c in the Linux
kernel before 2.6.37-rc2 does n
CVE-2010-3881
RESERVED
CVE-2010-3882 (Multiple cross-site scripting (XSS) vulnerabilities in CMS Made
Simple ...)
- TODO: check
+ NOT-FOR-US: cmsmadesimple cms_made_simple
CVE-2010-3883 (Cross-site request forgery (CSRF) vulnerability in the Change
Group ...)
- TODO: check
+ NOT-FOR-US: cmsmadesimple cms_made_simple
CVE-2010-3884 (Cross-site request forgery (CSRF) vulnerability in CMS Made
Simple ...)
- TODO: check
+ NOT-FOR-US: cmsmadesimple cms_made_simple
CVE-2010-3885
REJECTED
TODO: check
CVE-2010-3886 (The CTimeoutEventList::InsertIntoTimeoutList function in
Microsoft ...)
- TODO: check
+ NOT-FOR-US: microsoft ie
CVE-2010-3887 (The Limit Mail feature in the Parental Controls functionality
in Mail ...)
- TODO: check
+ NOT-FOR-US: apple mail
CVE-2010-3888 (Unspecified vulnerability in Microsoft Windows on 32-bit
platforms ...)
- TODO: check
+ NOT-FOR-US: microsoft windows
CVE-2010-3889 (Unspecified vulnerability in Microsoft Windows on 32-bit
platforms ...)
- TODO: check
+ NOT-FOR-US: microsoft windows
CVE-2010-3890 (Cross-site scripting (XSS) vulnerability in IBM OmniFind
Enterprise ...)
- TODO: check
+ NOT-FOR-US: ibm omnifind
CVE-2010-3891 (Cross-site request forgery (CSRF) vulnerability in
ESAdmin/security.do ...)
- TODO: check
+ NOT-FOR-US: ibm omnifind
CVE-2010-3892 (Session fixation vulnerability in the login form in the
administrator ...)
- TODO: check
+ NOT-FOR-US: ibm omnifind
CVE-2010-3893 (The administrator interface in IBM OmniFind Enterprise Edition
8.x and ...)
- TODO: check
+ NOT-FOR-US: ibm omnifind
CVE-2010-3894 (Stack-based buffer overflow in the ...)
- TODO: check
+ NOT-FOR-US: ibm omnifind
CVE-2010-3895 (esRunCommand in IBM OmniFind Enterprise Edition before 9.1
allows ...)
- TODO: check
+ NOT-FOR-US: ibm omnifind
CVE-2010-3896 (The ESSearchApplication directory tree in IBM OmniFind
Enterprise ...)
- TODO: check
+ NOT-FOR-US: ibm omnifind
CVE-2010-3897 (ESSearchApplication/palette.do in IBM OmniFind Enterprise
Edition 8.x ...)
- TODO: check
+ NOT-FOR-US: ibm omnifind
CVE-2010-3898 (IBM OmniFind Enterprise Edition 8.x and 9.x does not properly
restrict ...)
- TODO: check
+ NOT-FOR-US: ibm omnifind
CVE-2010-3899 (IBM OmniFind Enterprise Edition 8.x and 9.x performs web crawls
with ...)
- TODO: check
+ NOT-FOR-US: ibm omnifind
CVE-2010-3900 (Midori before 0.2.5, when WebKitGTK+ before 1.1.14 or LibSoup
before ...)
TODO: check
CVE-2010-3901 (OpenConnect before 2.25 does not properly validate X.509
certificates, ...)
- TODO: check
+ NOT-FOR-US: infradead openconnect
CVE-2010-3902 (OpenConnect before 2.26 places the webvpn cookie value in the
...)
- TODO: check
+ NOT-FOR-US: infradead openconnect
CVE-2010-3903 (Unspecified vulnerability in OpenConnect before 2.23 allows
remote ...)
- TODO: check
+ NOT-FOR-US: infradead openconnect
CVE-2010-3904 (The rds_page_copy_user function in net/rds/page.c in the
Reliable ...)
TODO: check
CVE-2010-3905
@@ -93571,33 +93571,33 @@ CVE-2010-3907
CVE-2010-3908
RESERVED
CVE-2010-3909 (Incomplete blacklist vulnerability in config.template.php in
vtiger ...)
- TODO: check
+ NOT-FOR-US: vtiger_crm
CVE-2010-3910 (Multiple directory traversal vulnerabilities in the ...)
- TODO: check
+ NOT-FOR-US: vtiger_crm
CVE-2010-3911 (Multiple cross-site scripting (XSS) vulnerabilities in vtiger
CRM ...)
- TODO: check
+ NOT-FOR-US: vtiger_crm
CVE-2010-3912
RESERVED
CVE-2010-3913 (CRLF injection vulnerability in TransWARE Active! mail 6 build
...)
- TODO: check
+ NOT-FOR-US: transware active _mail
CVE-2010-3914 (Untrusted search path vulnerability in VIM Development Group
GVim ...)
TODO: check
CVE-2010-3915 (Unspecified vulnerability in JustSystems Ichitaro and Ichitaro
...)
- TODO: check
+ NOT-FOR-US: justsystems ichitaro
CVE-2010-3916 (Unspecified vulnerability in JustSystems Ichitaro and Ichitaro
...)
- TODO: check
+ NOT-FOR-US: justsystems ichitaro
CVE-2010-3917
RESERVED
CVE-2010-3918 (Fenrir Sleipnir 2.9.6 and earlier does not prevent interaction
between ...)
- TODO: check
+ NOT-FOR-US: Fenrir
CVE-2010-3919 (Fenrir Grani 4.5 and earlier does not prevent interaction
between web ...)
- TODO: check
+ NOT-FOR-US: Fenrir
CVE-2010-3920 (The Seiko Epson printer driver installers for LP-S9000 before
4.1.11 ...)
- TODO: check
+ NOT-FOR-US: epson lp s9000_driver_4 1 11
CVE-2010-3921 (Cross-site scripting (XSS) vulnerability in Movable Type 4.x
before ...)
- TODO: check
+ NOT-FOR-US: sixapart movabletype
CVE-2010-3922 (SQL injection vulnerability in Movable Type 4.x before 4.35 and
5.x ...)
- TODO: check
+ NOT-FOR-US: sixapart movabletype
CVE-2010-3923
RESERVED
CVE-2010-3924
@@ -93621,11 +93621,11 @@ CVE-2010-3932
CVE-2010-3933 (Ruby on Rails 2.3.9 and 3.0.0 does not properly handle nested
...)
TODO: check
CVE-2010-3934 (The browser in Research In Motion (RIM) BlackBerry Device
Software ...)
- TODO: check
+ NOT-FOR-US: rim blackberry_device_software
CVE-2010-3935
RESERVED
CVE-2010-3936 (Cross-site scripting (XSS) vulnerability in Signurl.asp in
Microsoft ...)
- TODO: check
+ NOT-FOR-US: microsoft forefront_unified_access_gateway
CVE-2010-3937
RESERVED
CVE-2010-3938
@@ -93677,7 +93677,7 @@ CVE-2010-3960
CVE-2010-3961
RESERVED
CVE-2010-3962 (Use-after-free vulnerability in Microsoft Internet Explorer 6,
7, and ...)
- TODO: check
+ NOT-FOR-US: microsoft ie
CVE-2010-3963
RESERVED
CVE-2010-3964
@@ -93707,9 +93707,9 @@ CVE-2010-3975 (Untrusted search path vulnerability in
Adobe Flash Player 9 allow
CVE-2010-3976 (Untrusted search path vulnerability in Adobe Flash Player
before ...)
TODO: check
CVE-2010-3977 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
- TODO: check
+ NOT-FOR-US: deliciousdays cforms
CVE-2010-3978 (Spree 0.11.x before 0.11.2 and 0.30.x before 0.30.0 exchanges
data ...)
- TODO: check
+ NOT-FOR-US: spree
CVE-2010-3979 (Dswsbobje in SAP BusinessObjects Enterprise XI 3.2 generates
different ...)
NOT-FOR-US: sap businessobjects
CVE-2010-3980 (Dswsbobje in SAP BusinessObjects Enterprise XI 3.2 does not
limit the ...)
@@ -93723,25 +93723,25 @@ CVE-2010-3983 (CmcApp in SAP BusinessObjects
Enterprise XI 3.2 allows remote ...
CVE-2010-3984
RESERVED
CVE-2010-3985 (Cross-site scripting (XSS) vulnerability in HP Operations ...)
- TODO: check
+ NOT-FOR-US: hp operations_orchestration
CVE-2010-3986 (Unspecified vulnerability in HP Virtual Connect Enterprise
Manager ...)
- TODO: check
+ NOT-FOR-US: hp virtual_connect_enterprise_manager
CVE-2010-3987 (Cross-site scripting (XSS) vulnerability in HP Insight Control
Virtual ...)
- TODO: check
+ NOT-FOR-US: hp insight_control_virtual_machine_management
CVE-2010-3988 (Unspecified vulnerability in HP Insight Control Virtual Machine
...)
- TODO: check
+ NOT-FOR-US: hp insight_control_virtual_machine_management
CVE-2010-3989 (Cross-site request forgery (CSRF) vulnerability in HP Insight
Control ...)
- TODO: check
+ NOT-FOR-US: hp insight_control_virtual_machine_management
CVE-2010-3990 (Unspecified vulnerability in HP Virtual Server Environment
before 6.2 ...)
- TODO: check
+ NOT-FOR-US: hp virtual_server_environment
CVE-2010-3991 (Cross-site scripting (XSS) vulnerability in HP Insight Control
Server ...)
- TODO: check
+ NOT-FOR-US: hp insight_control_server_migration6 0 1
CVE-2010-3992 (Unspecified vulnerability in HP Insight Control Server
Migration ...)
- TODO: check
+ NOT-FOR-US: hp insight_control_server_migration6 0 1
CVE-2010-3993 (Unspecified vulnerability in HP Insight Control Server
Migration ...)
- TODO: check
+ NOT-FOR-US: hp insight_control_server_migration6 0 1
CVE-2010-3994 (Cross-site scripting (XSS) vulnerability in HP Version Control
...)
- TODO: check
+ NOT-FOR-US: hp version_control_repository_manager
CVE-2010-3995
RESERVED
CVE-2010-3996 (festival_server in Centre for Speech Technology Research (CSTR)
...)
@@ -93765,7 +93765,7 @@ CVE-2010-4004
CVE-2010-4005 (The (1) tomboy and (2) tomboy-panel scripts in GNOME Tomboy
1.5.2 and ...)
TODO: check
CVE-2010-4006 (Multiple SQL injection vulnerabilities in search.php in WSN
Links ...)
- TODO: check
+ NOT-FOR-US: wsnlinks wsn_links
CVE-2010-4007 (Oracle Mojarra uses an encrypted View State without a Message
...)
NOT-FOR-US: oracle mojarra
CVE-2010-4008 (libxml2 before 2.7.8, as used in Google Chrome before
7.0.517.44, ...)
@@ -93773,9 +93773,9 @@ CVE-2010-4008 (libxml2 before 2.7.8, as used in Google
Chrome before 7.0.517.44,
CVE-2010-4009 (Integer overflow in Apple QuickTime before 7.6.9 allows remote
...)
TODO: check
CVE-2010-4010 (Integer signedness error in Apple Type Services (ATS) in Apple
Mac OS ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-4011 (Dovecot in Apple Mac OS X 10.6.5 10H574 does not properly
manage ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-4012 (Race condition in Apple iOS 4.0 through 4.1 for iPhone 3G and
later ...)
TODO: check
CVE-2010-4013
@@ -93799,25 +93799,25 @@ CVE-2010-4021 (The Key Distribution Center (KDC) in
MIT Kerberos 5 (aka krb5) 1.
CVE-2010-4022
RESERVED
CVE-2010-4023 (Cross-site scripting (XSS) vulnerability in HP Insight Control
Power ...)
- TODO: check
+ NOT-FOR-US: hp insight_control_power_management
CVE-2010-4024 (Cross-site request forgery (CSRF) vulnerability in HP Insight
Control ...)
- TODO: check
+ NOT-FOR-US: hp insight_control_power_management
CVE-2010-4025 (Unspecified vulnerability in Doc Viewer in HP Palm webOS 1.4.1
allows ...)
- TODO: check
+ NOT-FOR-US: hp palm_webos
CVE-2010-4026 (Unspecified vulnerability in the service API in HP Palm webOS
1.4.1 ...)
- TODO: check
+ NOT-FOR-US: hp palm_webos
CVE-2010-4027 (Unspecified vulnerability in the camera application in HP Palm
webOS ...)
- TODO: check
+ NOT-FOR-US: hp palm_webos
CVE-2010-4028 (Unspecified vulnerability in LoadRunner Web Tours 9.10 in HP
...)
- TODO: check
+ NOT-FOR-US: hp loadrunner_web_tours
CVE-2010-4029 (Unspecified vulnerability in HP Storage Essentials before
6.3.0, when ...)
- TODO: check
+ NOT-FOR-US: hp storage_essentials
CVE-2010-4030 (Cross-site scripting (XSS) vulnerability in HP Insight Control
...)
- TODO: check
+ NOT-FOR-US: hp insight_control_performance_management
CVE-2010-4031 (Unspecified vulnerability in HP Insight Control Performance
Management ...)
- TODO: check
+ NOT-FOR-US: hp insight_control_performance_management
CVE-2010-4032 (Cross-site request forgery (CSRF) vulnerability in HP Insight
Control ...)
- TODO: check
+ NOT-FOR-US: hp insight_control_performance_management
CVE-2010-4033 (Google Chrome before 7.0.517.41 does not properly implement the
...)
TODO: check
CVE-2010-4034 (Google Chrome before 7.0.517.41 does not properly handle forms,
which ...)
@@ -93859,15 +93859,15 @@ CVE-2010-4051
CVE-2010-4052
RESERVED
CVE-2010-4053 (Stack-based buffer overflow in an unspecified logging function
in ...)
- TODO: check
+ NOT-FOR-US: ibm informix_dynamic_server
CVE-2010-4054 (The gs_type2_interpret function in Ghostscript allows remote
attackers ...)
TODO: check
CVE-2010-4055 (Stack consumption vulnerability in solid.exe in IBM solidDB
6.5.0.3 ...)
- TODO: check
+ NOT-FOR-US: ibm soliddb
CVE-2010-4056 (solid.exe in IBM solidDB 6.5.0.3 and earlier does not properly
perform ...)
- TODO: check
+ NOT-FOR-US: ibm soliddb
CVE-2010-4057 (solid.exe in IBM solidDB 6.5.0.3 and earlier does not properly
perform ...)
- TODO: check
+ NOT-FOR-US: ibm soliddb
CVE-2010-4058
RESERVED
CVE-2010-4059
@@ -93889,11 +93889,11 @@ CVE-2010-4066
CVE-2010-4067
RESERVED
CVE-2010-4068 (Unspecified vulnerability in the Extension Manager in TYPO3
4.2.x ...)
- TODO: check
+ NOT-FOR-US: typo3
CVE-2010-4069 (Stack-based buffer overflow in IBM Informix Dynamic Server
(IDS) 7.x ...)
- TODO: check
+ NOT-FOR-US: ibm informix_dynamic_server
CVE-2010-4070 (Integer overflow in librpc.dll in portmap.exe (aka the ISM
Portmapper ...)
- TODO: check
+ NOT-FOR-US: ibm informix_dynamic_server
CVE-2010-4071
RESERVED
CVE-2010-4072 (The copy_shmid_to_user function in ipc/shm.c in the Linux
kernel ...)
@@ -93921,57 +93921,57 @@ CVE-2010-4082 (The viafb_ioctl_get_viafb_info
function in drivers/video/via/ioct
CVE-2010-4083 (The copy_semid_to_user function in ipc/sem.c in the Linux
kernel ...)
TODO: check
CVE-2010-4084 (dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows
...)
- TODO: check
+ NOT-FOR-US: adobe shockwave_player
CVE-2010-4085 (dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows
...)
- TODO: check
+ NOT-FOR-US: adobe shockwave_player
CVE-2010-4086 (dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows
...)
- TODO: check
+ NOT-FOR-US: adobe shockwave_player
CVE-2010-4087 (IML32.dll in Adobe Shockwave Player before 11.5.9.615 allows
attackers ...)
- TODO: check
+ NOT-FOR-US: adobe shockwave_player
CVE-2010-4088 (dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows
...)
- TODO: check
+ NOT-FOR-US: adobe shockwave_player
CVE-2010-4089 (IML32.dll in Adobe Shockwave Player before 11.5.9.615 allows
attackers ...)
- TODO: check
+ NOT-FOR-US: adobe shockwave_player
CVE-2010-4090 (Adobe Shockwave Player before 11.5.9.615 allows attackers to
execute ...)
- TODO: check
+ NOT-FOR-US: adobe shockwave_player
CVE-2010-4091 (The EScript.api plugin in Adobe Acrobat Reader 9.4.0, 8.1.7,
and ...)
TODO: check
CVE-2010-4092 (Use-after-free vulnerability in an unspecified compatibility
component ...)
- TODO: check
+ NOT-FOR-US: adobe shockwave_player
CVE-2010-4093
RESERVED
CVE-2010-4094 (The Tomcat server in IBM Rational Quality Manager and Rational
Test ...)
- TODO: check
+ NOT-FOR-US: ibm rational_test_lab_manager
CVE-2010-4095 (Directory traversal vulnerability in the FTP client in
Serengeti ...)
TODO: check
CVE-2010-4096 (share/ma/keys_for_user in Monkeysphere 0.31 and 0.32 allows
local ...)
- TODO: check
+ NOT-FOR-US: monkeysphere_project monkeysphere
CVE-2010-4097 (Multiple cross-site scripting (XSS) vulnerabilities in
index.php in ...)
- TODO: check
+ NOT-FOR-US: avatic aardvark_topsites_php
CVE-2010-4098 (monotone before 0.48.1, when configured to allow remote
commands, ...)
TODO: check
CVE-2010-4099 (ess.pm in NitroSecurity NitroView ESM 8.4.0a, when ESSPMDebug
is ...)
- TODO: check
+ NOT-FOR-US: nitrosecurity nitroview_esm_software
CVE-2010-4100 (Unspecified vulnerability in HP Insight Control Performance
Management ...)
- TODO: check
+ NOT-FOR-US: hp insight_control_performance_management
CVE-2010-4101 (Cross-site scripting (XSS) vulnerability in HP Insight Recovery
before ...)
- TODO: check
+ NOT-FOR-US: hp insight_recovery
CVE-2010-4102 (Unspecified vulnerability in HP Insight Recovery before 6.2
allows ...)
- TODO: check
+ NOT-FOR-US: hp insight_recovery
CVE-2010-4103 (Unspecified vulnerability in HP Insight Managed System Setup
Wizard ...)
- TODO: check
+ NOT-FOR-US: hp insight_managed_system_setup_wizard
CVE-2010-4104 (Unspecified vulnerability in HP Insight Orchestration before
6.2 ...)
- TODO: check
+ NOT-FOR-US: hp insight_orchestration
CVE-2010-4105 (Unspecified vulnerability in HP Insight Orchestration before
6.2 ...)
- TODO: check
+ NOT-FOR-US: hp insight_orchestration
CVE-2010-4106 (Cross-site request forgery (CSRF) vulnerability in HP Insight
Control ...)
- TODO: check
+ NOT-FOR-US: hp insight_control_for_linux
CVE-2010-4107 (The default configuration of the PJL Access value in the File
System ...)
- TODO: check
+ NOT-FOR-US: hp laserjet_mfp
CVE-2010-4108 (HP HP-UX B.11.11, B.11.23, and B.11.31 does not properly
support ...)
- TODO: check
+ NOT-FOR-US: hp ux
CVE-2010-4109 (Cross-site scripting (XSS) vulnerability in the Contacts
Application ...)
- TODO: check
+ NOT-FOR-US: hp palm_webos
CVE-2010-4110
RESERVED
CVE-2010-4111
@@ -93993,9 +93993,9 @@ CVE-2010-4118
CVE-2010-4119
RESERVED
CVE-2010-4120 (Multiple cross-site scripting (XSS) vulnerabilities in the TAM
console ...)
- TODO: check
+ NOT-FOR-US: ibm tivoli_access_manager_for_e business
CVE-2010-4121 (** DISPUTED ** The TCP-to-ODBC gateway in IBM Tivoli
Provisioning ...)
- TODO: check
+ NOT-FOR-US: ibm tivoli_provisioning_manager_os_deployment
CVE-2010-4122
RESERVED
CVE-2010-4123
@@ -94037,35 +94037,35 @@ CVE-2010-4140
CVE-2010-4141
RESERVED
CVE-2010-4142 (Multiple stack-based buffer overflows in DATAC RealWin 2.0
Build ...)
- TODO: check
+ NOT-FOR-US: realflex realwin
CVE-2010-4143 (SQL injection vulnerability in chart.php in phpCheckZ 1.1.0,
when ...)
- TODO: check
+ NOT-FOR-US: phpcheckz
CVE-2010-4144 (SQL injection vulnerability in radyo.asp in Kisisel Radyo
Script ...)
- TODO: check
+ NOT-FOR-US: aspindir kisisel_radyo_script
CVE-2010-4145 (Kisisel Radyo Script stores sensitive information under the web
root ...)
- TODO: check
+ NOT-FOR-US: aspindir kisisel_radyo_script
CVE-2010-4146 (Cross-site scripting (XSS) vulnerability in Attachmate
Reflection for ...)
- TODO: check
+ NOT-FOR-US: attachmate reflection_for_the_web
CVE-2010-4147 (Multiple SQL injection vulnerabilities in Pentasoft Avactis
Shopping ...)
- TODO: check
+ NOT-FOR-US: avactis_shopping_cart
CVE-2010-4148 (Directory traversal vulnerability in AnyConnect 1.2.3.0, and
possibly ...)
- TODO: check
+ NOT-FOR-US: anyconnect
CVE-2010-4149 (Directory traversal vulnerability in FreshWebMaster Fresh FTP
5.36, ...)
- TODO: check
+ NOT-FOR-US: freshwebmaster fresh_ftp
CVE-2010-4150 (Double free vulnerability in the imap_do_open function in the
IMAP ...)
TODO: check
CVE-2010-4151 (SQL injection vulnerability in misc.php in DeluxeBB 1.3, and
possibly ...)
- TODO: check
+ NOT-FOR-US: deluxebb
CVE-2010-4152 (SQL injection vulnerability in catalog/index.shtml in 4site CMS
2.6, ...)
- TODO: check
+ NOT-FOR-US: 4site_cms
CVE-2010-4153 (Directory traversal vulnerability in CrossFTP Pro 1.65a, and
probably ...)
- TODO: check
+ NOT-FOR-US: crossftp_pro
CVE-2010-4154 (Directory traversal vulnerability in Rhino Software, Inc. FTP
Voyager ...)
- TODO: check
+ NOT-FOR-US: rhinosoft ftp_voyager
CVE-2010-4155 (Multiple cross-site scripting (XSS) vulnerabilities in eXV2 CMS
2.10 ...)
- TODO: check
+ NOT-FOR-US: exv2
CVE-2010-4156 (The mb_strcut function in Libmbfl 1.1.0, as used in PHP 5.3.x
through ...)
- TODO: check
+ NOT-FOR-US: libmbfl
CVE-2010-4157 (Integer overflow in the ioc_general function in
drivers/scsi/gdth.c in ...)
TODO: check
CVE-2010-4158
@@ -94099,7 +94099,7 @@ CVE-2010-4171 (The staprun runtime tool in SystemTap
1.3 does not verify that a
CVE-2010-4172 (Multiple cross-site scripting (XSS) vulnerabilities in the
Manager ...)
TODO: check
CVE-2010-4173 (The default configuration of libsdp.conf in libsdp 1.1.104 and
earlier ...)
- TODO: check
+ NOT-FOR-US: openfabrics libsdp
CVE-2010-4174
RESERVED
CVE-2010-4175
@@ -94115,17 +94115,17 @@ CVE-2010-4179 (The installation documentation for Red
Hat Enterprise Messaging,
CVE-2010-4180 (OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when ...)
TODO: check
CVE-2010-4181 (Directory traversal vulnerability in Yaws 1.89 allows remote
attackers ...)
- TODO: check
+ NOT-FOR-US: yaws
CVE-2010-4182 (Untrusted search path vulnerability in the Data Access Objects
(DAO) ...)
- TODO: check
+ NOT-FOR-US: microsoft windows_xp
CVE-2010-4183 (Multiple cross-site scripting (XSS) vulnerabilities in HTML
Purifier ...)
TODO: check
CVE-2010-4184 (NetSupport Manager (NSM) before 11.00.0005 sends HTTP headers
with ...)
- TODO: check
+ NOT-FOR-US: netsupportsoftware netsupport_manager
CVE-2010-4185 (SQL injection vulnerability in index.php in Energine, possibly
2.3.8 ...)
- TODO: check
+ NOT-FOR-US: energine
CVE-2010-4186 (SQL injection vulnerability in process.asp in OnlineTechTools
Online ...)
- TODO: check
+ NOT-FOR-US: onlinetechtools com oasys_professional
CVE-2010-4187
RESERVED
CVE-2010-4188
@@ -94168,33 +94168,33 @@ CVE-2010-4205 (Google Chrome before 7.0.517.44 does
not properly handle the data
CVE-2010-4206 (Google Chrome before 7.0.517.44 accesses memory at an
out-of-bounds ...)
TODO: check
CVE-2010-4207 (Cross-site scripting (XSS) vulnerability in the Flash component
...)
- TODO: check
+ NOT-FOR-US: yahoo yui
CVE-2010-4208 (Cross-site scripting (XSS) vulnerability in the Flash component
...)
- TODO: check
+ NOT-FOR-US: yahoo yui
CVE-2010-4209 (Cross-site scripting (XSS) vulnerability in the Flash component
...)
- TODO: check
+ NOT-FOR-US: yahoo yui
CVE-2010-4210 (The pfs_getextattr function in FreeBSD 7.x before 7.3-RELEASE
and 8.x ...)
TODO: check
CVE-2010-4211 (The PayPal app before 3.0.1 for iOS does not verify that the
server ...)
- TODO: check
+ NOT-FOR-US: ebay paypal
CVE-2010-4212 (The USAA application 3.0 for Android stores a mirror image of
each ...)
- TODO: check
+ NOT-FOR-US: usaa
CVE-2010-4213 (The Bank of America application 2.12 for Android stores a
security ...)
- TODO: check
+ NOT-FOR-US: bankofamerica bank_of_america
CVE-2010-4214 (The Wells Fargo Mobile application 1.1 for Android stores a
username ...)
- TODO: check
+ NOT-FOR-US: wellsfargo wells_fargo_mobile
CVE-2010-4215 (UI/Manage.pm in Foswiki 1.1.0 and 1.1.1 allows remote
authenticated ...)
- TODO: check
+ NOT-FOR-US: foswiki
CVE-2010-4216 (IBM Tivoli Directory Server (TDS) 6.0.0.x before ...)
- TODO: check
+ NOT-FOR-US: ibm tivoli_directory_server
CVE-2010-4217 (Use-after-free vulnerability in the proxy server in IBM Tivoli
...)
- TODO: check
+ NOT-FOR-US: ibm tivoli_directory_server
CVE-2010-4218 (Unspecified vulnerability in Web Services in IBM ENOVIA 6 has
unknown ...)
- TODO: check
+ NOT-FOR-US: ibm enovia
CVE-2010-4219 (Cross-site scripting (XSS) vulnerability in
SemanticTagService.js in ...)
- TODO: check
+ NOT-FOR-US: ibm websphere_portal
CVE-2010-4220 (Cross-site scripting (XSS) vulnerability in the Integrated
Solution ...)
- TODO: check
+ NOT-FOR-US: ibm websphere_application_server
CVE-2010-4221 (Multiple stack-based buffer overflows in the
pr_netio_telnet_gets ...)
TODO: check
CVE-2010-4222
@@ -94214,19 +94214,19 @@ CVE-2010-4228
CVE-2010-4229
RESERVED
CVE-2010-4230 (Stack-based buffer overflow in a certain ActiveX control for
the ...)
- TODO: check
+ NOT-FOR-US: tecvoz cmnc 200
CVE-2010-4231 (Directory traversal vulnerability in the web-based
administration ...)
- TODO: check
+ NOT-FOR-US: tecvoz cmnc 200
CVE-2010-4232 (The web-based administration interface on the Camtron CMNC-200
Full HD ...)
- TODO: check
+ NOT-FOR-US: tecvoz cmnc 200
CVE-2010-4233 (The Linux installation on the Camtron CMNC-200 Full HD IP
Camera and ...)
- TODO: check
+ NOT-FOR-US: tecvoz cmnc 200
CVE-2010-4234 (The web server on the Camtron CMNC-200 Full HD IP Camera and
TecVoz ...)
- TODO: check
+ NOT-FOR-US: tecvoz cmnc 200
CVE-2010-4235
RESERVED
CVE-2010-4236 (Untrusted search path vulnerability in estaskwrapper in IBM
OmniFind ...)
- TODO: check
+ NOT-FOR-US: ibm omnifind
CVE-2010-4237
RESERVED
CVE-2010-4238
@@ -94246,7 +94246,7 @@ CVE-2010-4244
CVE-2010-4245
RESERVED
CVE-2010-4246 (Multiple cross-site scripting (XSS) vulnerabilities in
graph.php in ...)
- TODO: check
+ NOT-FOR-US: bsdperimeter pfsense
CVE-2010-4247
RESERVED
CVE-2010-4248 (Race condition in the __exit_signal function in kernel/exit.c
in the ...)
@@ -94290,19 +94290,19 @@ CVE-2010-4266
CVE-2010-4267
RESERVED
CVE-2010-4268 (SQL injection vulnerability in the Pulse Infotech Flip Wall ...)
- TODO: check
+ NOT-FOR-US: pulseinfotech com_flipwall
CVE-2010-4269 (SQL injection vulnerability in managechat.php in Collabtive
0.65 ...)
- TODO: check
+ NOT-FOR-US: o dyn collabtive
CVE-2010-4270 (Directory traversal vulnerability in the nBill (com_netinvoice)
...)
- TODO: check
+ NOT-FOR-US: netshinesoftware com_netinvoice
CVE-2010-4271 (SQL injection vulnerability in ImpressCMS before 1.2.3 RC2
allows ...)
- TODO: check
+ NOT-FOR-US: impresscms
CVE-2010-4272 (SQL injection vulnerability in the Pulse Infotech Sponsor Wall
...)
- TODO: check
+ NOT-FOR-US: pulseinfotech com_sponsorwall
CVE-2010-4273 (SQL injection vulnerability in imoveis.php in DescargarVista
ACC ...)
- TODO: check
+ NOT-FOR-US: accimoveis descargarvista_acc_imoveis
CVE-2010-4274 (reset_diragent_keys in the Common agent in IBM Systems Director
6.2.0 ...)
- TODO: check
+ NOT-FOR-US: ibm director_agent
CVE-2010-4275
RESERVED
CVE-2010-4276
@@ -94310,17 +94310,17 @@ CVE-2010-4276
CVE-2010-4277
RESERVED
CVE-2010-4278 (operation/agentes/networkmap.php in Pandora FMS before 3.1.1
allows ...)
- TODO: check
+ NOT-FOR-US: pandora
CVE-2010-4279 (The default configuration of Pandora FMS 3.1 and earlier
specifies an ...)
- TODO: check
+ NOT-FOR-US: artica pandora_fms
CVE-2010-4280 (Multiple SQL injection vulnerabilities in Pandora FMS before
3.1.1 ...)
- TODO: check
+ NOT-FOR-US: artica pandora_fms
CVE-2010-4281 (Incomplete blacklist vulnerability in the safe_url_extraclean
function ...)
- TODO: check
+ NOT-FOR-US: artica pandora_fms
CVE-2010-4282 (Multiple directory traversal vulnerabilities in Pandora FMS
before ...)
- TODO: check
+ NOT-FOR-US: artica pandora_fms
CVE-2010-4283 (PHP remote file inclusion vulnerability in
extras/pandora_diag.php in ...)
- TODO: check
+ NOT-FOR-US: artica pandora_fms
CVE-2010-4284
RESERVED
CVE-2010-4285
@@ -94350,21 +94350,21 @@ CVE-2010-4296 (vmware-mount in VMware Workstation 7.x
before 7.1.2 build 301548
CVE-2010-4297 (The VMware Tools update functionality in VMware Workstation
6.5.x ...)
TODO: check
CVE-2010-4298 (SQL injection vulnerability in the download module in Free
Simple ...)
- TODO: check
+ NOT-FOR-US: dustincowell free_simple_software
CVE-2010-4299 (Heap-based buffer overflow in ZfHIPCND.exe in Novell Zenworks 7
...)
- TODO: check
+ NOT-FOR-US: novell zenworks_handheld_management
CVE-2010-4300 (Heap-based buffer overflow in the dissect_ldss_transfer
function ...)
TODO: check
CVE-2010-4301 (epan/dissectors/packet-zbee-zcl.c in the ZigBee ZCL dissector
in ...)
TODO: check
CVE-2010-4302 (/opt/rv/Versions/CurrentVersion/Mcu/Config/Mcu.val in Cisco
Unified ...)
- TODO: check
+ NOT-FOR-US: cisco unified_videoconferencing_system_5115
CVE-2010-4303 (Cisco Unified Videoconferencing (UVC) System 5110 and 5115,
when the ...)
- TODO: check
+ NOT-FOR-US: cisco unified_videoconferencing_system_5115
CVE-2010-4304 (The web interface in Cisco Unified Videoconferencing (UVC)
System ...)
- TODO: check
+ NOT-FOR-US: cisco unified_videoconferencing_system_5230
CVE-2010-4305 (Cisco Unified Videoconferencing (UVC) System 3545, 5110, 5115,
and ...)
- TODO: check
+ NOT-FOR-US: cisco unified_videoconferencing_system_5230
CVE-2010-4306
RESERVED
CVE-2010-4307
@@ -94376,11 +94376,11 @@ CVE-2010-4309
CVE-2010-4310
RESERVED
CVE-2010-4311 (Free Simple Software 1.0 stores passwords in cleartext, which
allows ...)
- TODO: check
+ NOT-FOR-US: dustincowell free_simple_software
CVE-2010-4312 (The default configuration of Apache Tomcat 6.x does not include
the ...)
TODO: check
CVE-2010-4313 (Unrestricted file upload vulnerability in
fileman_file_upload.php in ...)
- TODO: check
+ NOT-FOR-US: novo ws orbis_cms
CVE-2010-4314
RESERVED
CVE-2010-4315
@@ -94414,7 +94414,7 @@ CVE-2010-4328
CVE-2010-4329 (Cross-site scripting (XSS) vulnerability in the
PMA_linkOrButton ...)
TODO: check
CVE-2010-4330 (Directory traversal vulnerability in includes/controller.php in
Pulse ...)
- TODO: check
+ NOT-FOR-US: pulsecms pulse_cms
CVE-2010-4331
RESERVED
CVE-2010-4332
@@ -94462,31 +94462,31 @@ CVE-2010-4352
CVE-2010-4353
RESERVED
CVE-2010-4354 (The remote-access IPSec VPN implementation on Cisco Adaptive
Security ...)
- TODO: check
+ NOT-FOR-US: cisco vpn_3080_concentrator
CVE-2010-4355 (Cross-site scripting (XSS) vulnerability in DaDaBIK before 4.3
beta2, ...)
- TODO: check
+ NOT-FOR-US: dadabik
CVE-2010-4356 (SQL injection vulnerability in news_default.asp in Site2Nite
Big Truck ...)
- TODO: check
+ NOT-FOR-US: site2nite big_truck_broker
CVE-2010-4357 (SQL injection vulnerability in comments.php in SiteEngine 7.1
allows ...)
- TODO: check
+ NOT-FOR-US: boka siteengine
CVE-2010-4358 (Multiple cross-site scripting (XSS) vulnerabilities in gb.cgi
in ...)
- TODO: check
+ NOT-FOR-US: mrcgiguy guestbook
CVE-2010-4359 (SQL injection vulnerability in index.php in Jurpopage 0.2.0
allows ...)
- TODO: check
+ NOT-FOR-US: jurpopage
CVE-2010-4360 (Multiple SQL injection vulnerabilities in index.php in
Jurpopage 0.2.0 ...)
- TODO: check
+ NOT-FOR-US: jurpopage
CVE-2010-4361 (Cross-site scripting (XSS) vulnerability in url-gateway.php in
...)
- TODO: check
+ NOT-FOR-US: jurpopage
CVE-2010-4362 (Multiple SQL injection vulnerabilities in MicroNetsoft RV
Dealer ...)
- TODO: check
+ NOT-FOR-US: micronetsoft rv_dealer_website
CVE-2010-4363 (Multiple SQL injection vulnerabilities in contact.php in
MRCGIGUY ...)
- TODO: check
+ NOT-FOR-US: mrcgiguy freeticket
CVE-2010-4364 (DaDaBIK 4.3 beta3, when running in a case-sensitive
environment, does ...)
- TODO: check
+ NOT-FOR-US: dadabik
CVE-2010-4365 (SQL injection vulnerability in JE Ajax Event Calendar ...)
- TODO: check
+ NOT-FOR-US: harmistechnology com_jeajaxeventcalendar
CVE-2010-4366 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
- TODO: check
+ NOT-FOR-US: abk soft chameleon_social_networking
CVE-2010-4367 (awstats.cgi in AWStats before 7.0 accepts a configdir parameter
in the ...)
TODO: check
CVE-2010-4368 (awstats.cgi in AWStats before 7.0 on Windows accepts a
configdir ...)
@@ -94494,15 +94494,15 @@ CVE-2010-4368 (awstats.cgi in AWStats before 7.0 on
Windows accepts a configdir
CVE-2010-4369 (Directory traversal vulnerability in AWStats before 7.0 allows
remote ...)
TODO: check
CVE-2010-4370 (Multiple integer overflows in the in_midi plugin in Winamp
before 5.6 ...)
- TODO: check
+ NOT-FOR-US: nullsoft winamp
CVE-2010-4371 (Buffer overflow in the in_mod plugin in Winamp before 5.6
allows ...)
- TODO: check
+ NOT-FOR-US: nullsoft winamp
CVE-2010-4372 (Integer overflow in the in_nsv plugin in Winamp before 5.6
allows ...)
- TODO: check
+ NOT-FOR-US: nullsoft winamp
CVE-2010-4373 (The in_mp4 plugin in Winamp before 5.6 allows remote attackers
to ...)
- TODO: check
+ NOT-FOR-US: nullsoft winamp
CVE-2010-4374 (The in_mkv plugin in Winamp before 5.6 allows remote attackers
to ...)
- TODO: check
+ NOT-FOR-US: nullsoft winamp
CVE-2010-4375
RESERVED
CVE-2010-4376
@@ -94550,27 +94550,27 @@ CVE-2010-4396
CVE-2010-4397
RESERVED
CVE-2010-4398 (Stack-based buffer overflow in the RtlQueryRegistryValues
function in ...)
- TODO: check
+ NOT-FOR-US: microsoft windows_xp
CVE-2010-4399 (Directory traversal vulnerability in languages.inc.php in DynPG
CMS ...)
- TODO: check
+ NOT-FOR-US: dynpg_cms
CVE-2010-4400 (SQL injection vulnerability in _rights.php in DynPG CMS 4.2.0
allows ...)
- TODO: check
+ NOT-FOR-US: dynpg_cms
CVE-2010-4401 (languages.inc.php in DynPG CMS 4.2.0 allows remote attackers to
obtain ...)
- TODO: check
+ NOT-FOR-US: dynpg_cms
CVE-2010-4402 (Multiple cross-site scripting (XSS) vulnerabilities in
wp-login.php in ...)
- TODO: check
+ NOT-FOR-US: wordpress register_plus_plugin
CVE-2010-4403 (The Register Plus plugin 3.5.1 and earlier for WordPress allows
remote ...)
- TODO: check
+ NOT-FOR-US: wordpress register_plus_plugin
CVE-2010-4404 (SQL injection vulnerability in the Yannick Gaultier sh404SEF
component ...)
- TODO: check
+ NOT-FOR-US: anything digital sh404sef
CVE-2010-4405 (Cross-site scripting (XSS) vulnerability in the Yannick
Gaultier ...)
- TODO: check
+ NOT-FOR-US: anything digital sh404sef
CVE-2010-4406 (Directory traversal vulnerability in gallery.php in Brunetton
...)
- TODO: check
+ NOT-FOR-US: brunetton littlephpgallery
CVE-2010-4407 (Multiple cross-site scripting (XSS) vulnerabilities in
index.php in ...)
- TODO: check
+ NOT-FOR-US: alguest
CVE-2010-4408 (Apache Archiva 1.0 through 1.0.3, 1.1 through 1.1.4, 1.2
through ...)
- TODO: check
+ NOT-FOR-US: apache archiva
CVE-2010-4409 (Integer overflow in the NumberFormatter::getSymbol (aka ...)
TODO: check
CVE-2010-4410 (CRLF injection vulnerability in the header function in (1)
CGI.pm ...)
@@ -94578,7 +94578,7 @@ CVE-2010-4410 (CRLF injection vulnerability in the
header function in (1) CGI.pm
CVE-2010-4411 (Unspecified vulnerability in CGI.pm 3.50 and earlier allows
remote ...)
TODO: check
CVE-2010-4412 (Multiple cross-site scripting (XSS) vulnerabilities in pfSense
2 beta ...)
- TODO: check
+ NOT-FOR-US: bsdperimeter pfsense
CVE-2010-4413
RESERVED
CVE-2010-4414
@@ -94754,17 +94754,17 @@ CVE-2010-4498
CVE-2010-4499
RESERVED
CVE-2010-4500 (Multiple SQL injection vulnerabilities in contact.php in
MRCGIGUY ...)
- TODO: check
+ NOT-FOR-US: mrcgiguy freeticket
CVE-2010-4501 (IO::Socket::SSL Perl module 1.35, when verify_mode is not
VERIFY_NONE, ...)
TODO: check
CVE-2010-4502 (Integer overflow in KmxSbx.sys 6.2.0.22 in CA Internet Security
Suite ...)
- TODO: check
+ NOT-FOR-US: ca internet_security_suite_plus_2010
CVE-2010-4503 (SQL injection vulnerability in indexlight.php in Aigaion 1.3.4
allows ...)
- TODO: check
+ NOT-FOR-US: aigaion
CVE-2010-4504 (Multiple cross-site scripting (XSS) vulnerabilities in
eSyndiCat ...)
- TODO: check
+ NOT-FOR-US: intelliants esyndicat
CVE-2010-4505 (Multiple SQL injection vulnerabilities in login.php in Injader
2.4.4, ...)
- TODO: check
+ NOT-FOR-US: injader
CVE-2010-4506
RESERVED
CVE-2010-4507
@@ -94772,26 +94772,26 @@ CVE-2010-4507
CVE-2010-4508 (The WebSockets implementation in Mozilla Firefox 4 through 4.0
Beta 7 ...)
TODO: check
CVE-2010-4509 (Multiple unspecified vulnerabilities in Movable Type 4.x before
4.35 ...)
- TODO: check
+ NOT-FOR-US: sixapart movabletype
CVE-2010-4510
REJECTED
TODO: check
CVE-2010-4511 (Unspecified vulnerability in Movable Type 4.x before 4.35 and
5.x ...)
- TODO: check
+ NOT-FOR-US: sixapart movabletype
CVE-2010-4512 (Cobbler before 2.0.4 uses an incorrect umask value, which
allows local ...)
- TODO: check
+ NOT-FOR-US: michael_dehaan cobbler
CVE-2010-4513 (Multiple cross-site scripting (XSS) vulnerabilities in Zimplit
CMS ...)
- TODO: check
+ NOT-FOR-US: zimplit_cms
CVE-2010-4514 (Cross-site scripting (XSS) vulnerability in
Install/InstallWizard.aspx ...)
- TODO: check
+ NOT-FOR-US: dotnetnuke
CVE-2010-4515 (Cross-site scripting (XSS) vulnerability in Citrix Web
Interface 5.0, ...)
- TODO: check
+ NOT-FOR-US: citrix web_interface
CVE-2010-4516 (Multiple cross-site scripting (XSS) vulnerabilities in the
JXtended ...)
- TODO: check
+ NOT-FOR-US: jxtended_comments
CVE-2010-4517 (SQL injection vulnerability in the JExtensions JE Auto
(com_jeauto) ...)
- TODO: check
+ NOT-FOR-US: harmistechnology com_jeauto
CVE-2010-4518 (Cross-site scripting (XSS) vulnerability in ...)
- TODO: check
+ NOT-FOR-US: wobeo wp safe search
CVE-2010-4519
RESERVED
CVE-2010-4520
