commit: 8003f5feea42653e0ae931ab4a2570c8d83fd21d
Author: Stefan Behte <craig <AT> gentoo <DOT> org>
AuthorDate: Fri Jan 21 11:17:36 2011 +0000
Commit: Pavlos Ratis <dastergon <AT> gentoo <DOT> org>
CommitDate: Fri Jan 21 11:17:36 2011 +0000
URL:
http://git.overlays.gentoo.org/gitweb/?p=proj/security.git;a=commit;h=8003f5fe
nfu, bug nrs
svn path=/; revision=2220
---
data/CVE/list | 587 +++++++++++++++++++++++++++++-----------------------------
1 file changed, 294 insertions(+), 293 deletions(-)
diff --git a/data/CVE/list b/data/CVE/list
index ffe43d8..28ea497 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -89394,11 +89394,11 @@ CVE-2010-1801 (Heap-based buffer overflow in
CoreGraphics in Apple Mac OS X 10.5
CVE-2010-1802 (libsecurity in Apple Mac OS X 10.5.8 and 10.6.4 does not
properly ...)
NOT-FOR-US: apple mac_os_x_server
CVE-2010-1803 (Time Machine in Apple Mac OS X 10.6.x before 10.6.5 does not
verify ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-1804 (Unspecified vulnerability in the network bridge functionality
on the ...)
- TODO: check
+ NOT-FOR-US: apple time_capsule
CVE-2010-1805 (Untrusted search path vulnerability in Apple Safari 4.x before
4.1.2 ...)
- TODO: check
+ NOT-FOR-US: apple safari
CVE-2010-1806 (Use-after-free vulnerability in Apple Safari 4.x before 4.1.2
and 5.x ...)
TODO: check
CVE-2010-1807 (WebKit in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2,
and ...)
@@ -89406,11 +89406,11 @@ CVE-2010-1807 (WebKit in Apple Safari 4.x before
4.1.2 and 5.x before 5.0.2, and
CVE-2010-1808 (Stack-based buffer overflow in Apple Type Services (ATS) in
Apple Mac ...)
NOT-FOR-US: apple mac_os_x_server
CVE-2010-1809 (The Accessibility component in Apple iOS before 4.1 on the
iPhone and ...)
- TODO: check
+ NOT-FOR-US: apple iphone_os
CVE-2010-1810 (FaceTime in Apple iOS before 4.1 on the iPhone and iPod touch
does not ...)
- TODO: check
+ NOT-FOR-US: apple iphone_os
CVE-2010-1811 (ImageIO in Apple iOS before 4.1 on the iPhone and iPod touch
allows ...)
- TODO: check
+ NOT-FOR-US: apple iphone_os
CVE-2010-1812 (Use-after-free vulnerability in WebKit in Apple iOS before 4.1
on the ...)
TODO: check
CVE-2010-1813 (WebKit in Apple iOS before 4.1 on the iPhone and iPod touch
allows ...)
@@ -89422,7 +89422,7 @@ CVE-2010-1815 (Use-after-free vulnerability in WebKit
in Apple iOS before 4.1 on
CVE-2010-1816
RESERVED
CVE-2010-1817 (Buffer overflow in ImageIO in Apple iOS before 4.1 on the
iPhone and ...)
- TODO: check
+ NOT-FOR-US: apple iphone_os
CVE-2010-1818 (The IPersistPropertyBag2::Read function in QTPlugin.ocx in
Apple ...)
NOT-FOR-US: apple quicktime
CVE-2010-1819
@@ -90930,7 +90930,7 @@ CVE-2010-2567 (The RPC client implementation in
Microsoft Windows XP SP2 and SP3
CVE-2010-2568 (Windows Shell in Microsoft Windows XP SP3, Server 2003 SP2,
Vista SP1 ...)
NOT-FOR-US: microsoft windows_xp
CVE-2010-2569 (pubconv.dll (aka the Publisher Converter DLL) in Microsoft
Publisher ...)
- TODO: check
+ NOT-FOR-US: microsoft publisher
CVE-2010-2570 (Heap-based buffer overflow in pubconv.dll (aka the Publisher
Converter ...)
NOT-FOR-US: microsoft publisher
CVE-2010-2571 (Array index error in pubconv.dll (aka the Publisher Converter
DLL) in ...)
@@ -91276,9 +91276,9 @@ CVE-2010-2740 (The OpenType Font (OTF) format driver in
Microsoft Windows XP SP2
CVE-2010-2741 (The OpenType Font (OTF) format driver in Microsoft Windows XP
SP2 and ...)
NOT-FOR-US: microsoft windows_xp
CVE-2010-2742 (The Netlogon RPC Service in Microsoft Windows Server 2003 SP2
and ...)
- TODO: check
-CVE-2010-2743
- RESERVED
+ NOT-FOR-US: microsoft windows_server_2008
+CVE-2010-2743 (The kernel-mode drivers in Microsoft Windows XP SP3 do not
properly ...)
+ NOT-FOR-US: wild in July
CVE-2010-2744 (The kernel-mode drivers in Microsoft Windows XP SP2 and SP3,
Windows ...)
NOT-FOR-US: microsoft windows_xp
CVE-2010-2745 (Microsoft Windows Media Player (WMP) 9 through 12 does not
properly ...)
@@ -91787,11 +91787,11 @@ CVE-2010-2995 (The SigComp Universal Decompressor
Virtual Machine (UDVM) in Wire
CVE-2010-2996 (Array index error in RealNetworks RealPlayer 11.0 through 11.1
on ...)
NOT-FOR-US: realnetworks realplayer
CVE-2010-2997 (Use-after-free vulnerability in RealNetworks RealPlayer 11.0
through ...)
- TODO: check
+ NOT-FOR-US: realnetworks realplayer_sp
CVE-2010-2998 (Array index error in RealNetworks RealPlayer 11.0 through 11.1
and ...)
NOT-FOR-US: realnetworks realplayer_sp
CVE-2010-2999 (Integer overflow in RealNetworks RealPlayer 11.0 through 11.1,
...)
- TODO: check
+ NOT-FOR-US: realnetworks realplayer_sp
CVE-2010-3000 (Multiple integer overflows in the ParseKnownType function in
...)
NOT-FOR-US: realnetworks realplayer_sp
CVE-2010-3001 (Unspecified vulnerability in an ActiveX control in the Internet
...)
@@ -91866,7 +91866,7 @@ CVE-2010-3034 (Cisco Wireless LAN Controller (WLC)
software, possibly 6.0.x or .
CVE-2010-3035 (Cisco IOS XR 3.4.0 through 3.9.1, when BGP is enabled, does not
...)
NOT-FOR-US: cisco ios_xr
CVE-2010-3036 (Multiple buffer overflows in the authentication functionality
in the ...)
- TODO: check
+ NOT-FOR-US: cisco unified_service_monitor
CVE-2010-3037 (goform/websXMLAdminRequestCgi.cgi in Cisco Unified
Videoconferencing ...)
NOT-FOR-US: cisco unified_videoconferencing_system_5230
CVE-2010-3038 (Cisco Unified Videoconferencing (UVC) System 5110 and 5115,
when the ...)
@@ -91946,7 +91946,7 @@ CVE-2010-3074 (SSL_Cipher.cpp in EncFS before 1.7.0
uses an improper combination
CVE-2010-3075 (EncFS before 1.7.0 encrypts multiple blocks by means of the CFB
cipher ...)
TODO: check
CVE-2010-3076 (The filter function in php/src/include.php in Simple Management
for ...)
- TODO: check
+ NOT-FOR-US: blentz smbind
CVE-2010-3077 (Cross-site scripting (XSS) vulnerability in
util/icon_browser.php in ...)
TODO: check
CVE-2010-3078 (The xfs_ioc_fsgetxattr function in fs/xfs/linux-2.6/xfs_ioctl.c
in the ...)
@@ -92196,7 +92196,7 @@ CVE-2010-3199 (Untrusted search path vulnerability in
TortoiseSVN 1.6.10, Build
CVE-2010-3200 (MSO.dll in Microsoft Word 2003 SP3 11.8326.11.8324 allows
remote ...)
NOT-FOR-US: microsoft word
CVE-2010-3201 (Cross-site scripting (XSS) vulnerability in NetWin Surgemail
before ...)
- TODO: check
+ NOT-FOR-US: netwin surgemail
CVE-2010-3202 (Cross-site scripting (XSS) vulnerability in Flock Browser
3.0.0.3989 ...)
NOT-FOR-US: flock
CVE-2010-3203 (Directory traversal vulnerability in the PicSell (com_picsell)
...)
@@ -92471,27 +92471,27 @@ CVE-2010-3336 (Microsoft Office XP SP3, Office 2004
and 2008 for Mac, Office for
CVE-2010-3337 (Untrusted search path vulnerability in Microsoft Office 2007
SP2 and ...)
NOT-FOR-US: microsoft office
CVE-2010-3338 (The Windows Task Scheduler in Microsoft Windows Vista SP1 and
SP2, ...)
- TODO: check
+ NOT-FOR-US: microsoft windows_vista
CVE-2010-3339
RESERVED
CVE-2010-3340 (Microsoft Internet Explorer 6 and 7 does not properly handle
objects ...)
- TODO: check
+ NOT-FOR-US: microsoft ie
CVE-2010-3341
RESERVED
CVE-2010-3342 (Microsoft Internet Explorer 6, 7, and 8 does not prevent
rendering of ...)
- TODO: check
+ NOT-FOR-US: microsoft ie
CVE-2010-3343 (Microsoft Internet Explorer 6 does not properly handle objects
in ...)
- TODO: check
+ NOT-FOR-US: microsoft ie
CVE-2010-3344
RESERVED
CVE-2010-3345 (Microsoft Internet Explorer 8 does not properly handle objects
in ...)
- TODO: check
+ NOT-FOR-US: microsoft ie
CVE-2010-3346 (Microsoft Internet Explorer 6, 7, and 8 does not properly
handle ...)
- TODO: check
+ NOT-FOR-US: microsoft ie
CVE-2010-3347
RESERVED
CVE-2010-3348 (Microsoft Internet Explorer 6, 7, and 8 does not prevent
rendering of ...)
- TODO: check
+ NOT-FOR-US: microsoft ie
CVE-2010-3349 (Ardour 2.8.11 places a zero-length directory name in the ...)
TODO: check
CVE-2010-3350 (bareFTP 0.3.4 places a zero-length directory name in the ...)
@@ -92503,7 +92503,7 @@ CVE-2010-3352
CVE-2010-3353 (Cowbell 0.2.7.1 places a zero-length directory name in the ...)
TODO: check
CVE-2010-3354 (dropboxd in Dropbox 0.7.110 places a zero-length directory name
in the ...)
- TODO: check
+ NOT-FOR-US: dropbox
CVE-2010-3355 (Ember 0.5.7 places a zero-length directory name in the ...)
NOT-FOR-US: ember
CVE-2010-3356
@@ -92686,7 +92686,7 @@ CVE-2010-3442 (Multiple integer overflows in the
snd_ctl_new function in ...)
CVE-2010-3443
RESERVED
CVE-2010-3444 (Buffer overflow in the log2vis_utf8 function in pyfribidi.c in
GNU ...)
- TODO: check
+ NOT-FOR-US: kobi_zamir pyfribidi
CVE-2010-3445 (Stack consumption vulnerability in the dissect_ber_unknown
function in ...)
TODO: check
CVE-2010-3446
@@ -92786,7 +92786,7 @@ CVE-2010-3492 (The asyncore module in Python before 3.2
does not properly handle
CVE-2010-3493 (Multiple race conditions in smtpd.py in the smtpd module in
Python ...)
TODO: check
CVE-2010-3494 (Race condition in the FTPHandler class in ftpserver.py in
pyftpdlib ...)
- TODO: check
+ NOT-FOR-US: g rodola pyftpdlib
CVE-2010-3495 (Race condition in ZEO/StorageServer.py in Zope Object Database
(ZODB) ...)
TODO: check
CVE-2010-3496
@@ -92808,7 +92808,7 @@ CVE-2010-3503 (Unspecified vulnerability in Oracle
Solaris 10 and OpenSolaris al
CVE-2010-3504 (Unspecified vulnerability in the Oracle Applications Technology
Stack ...)
NOT-FOR-US: oracle e business_suite
CVE-2010-3505 (Unspecified vulnerability in the Agile Core component in Oracle
Supply ...)
- TODO: check
+ NOT-FOR-US: oracle supply_chain_products_suite
CVE-2010-3506 (Unspecified vulnerability in the Oracle Explorer (Sun Explorer)
...)
NOT-FOR-US: oracle sun_products_suite
CVE-2010-3507 (Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows
local ...)
@@ -92818,7 +92818,7 @@ CVE-2010-3508 (Unspecified vulnerability in Oracle
Solaris 10 allows local users
CVE-2010-3509 (Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows
remote ...)
NOT-FOR-US: oracle solaris
CVE-2010-3510 (Unspecified vulnerability in the Oracle WebLogic Server
component in ...)
- TODO: check
+ NOT-FOR-US: oracle fusion_middleware
CVE-2010-3511 (Unspecified vulnerability in Oracle OpenSolaris allows local
users to ...)
NOT-FOR-US: oracle opensolaris
CVE-2010-3512 (Unspecified vulnerability in the Oracle iPlanet Web Server (Sun
Java ...)
@@ -92972,33 +92972,33 @@ CVE-2010-3585 (Unspecified vulnerability in the
OracleVM component in Oracle VM
CVE-2010-3586 (Unspecified vulnerability in Oracle Solaris 9 allows local
users to ...)
TODO: check
CVE-2010-3587 (Unspecified vulnerability in the Oracle Common Applications
component ...)
- TODO: check
+ NOT-FOR-US: oracle e business_suite
CVE-2010-3588 (Unspecified vulnerability in the Oracle Discoverer component in
Oracle ...)
- TODO: check
+ NOT-FOR-US: oracle fusion_middleware
CVE-2010-3589 (Unspecified vulnerability in the Oracle Application Object
Library ...)
- TODO: check
+ NOT-FOR-US: oracle e business_suite
CVE-2010-3590 (Unspecified vulnerability in the Oracle Spatial component in
Oracle ...)
- TODO: check
+ NOT-FOR-US: oracle database_server
CVE-2010-3591 (Unspecified vulnerability in the Oracle Document Capture
component in ...)
- TODO: check
+ NOT-FOR-US: oracle fusion_middleware
CVE-2010-3592 (Unspecified vulnerability in the Oracle Document Capture
component in ...)
- TODO: check
+ NOT-FOR-US: oracle fusion_middleware
CVE-2010-3593 (Unspecified vulnerability in the Health Sciences - Oracle Argus
Safety ...)
- TODO: check
+ NOT-FOR-US: oracle industry_applications
CVE-2010-3594 (Unspecified vulnerability in the Real User Experience Insight
...)
- TODO: check
+ NOT-FOR-US: oracle enterprise_manager_grid_control
CVE-2010-3595 (Unspecified vulnerability in the Oracle Document Capture
component in ...)
- TODO: check
+ NOT-FOR-US: oracle fusion_middleware
CVE-2010-3596 (Unspecified vulnerability in the mod_ssl component in Oracle
Secure ...)
- TODO: check
+ NOT-FOR-US: oracle secure_backup
CVE-2010-3597 (Unspecified vulnerability in the Oracle Outside In Technology
...)
- TODO: check
+ NOT-FOR-US: oracle fusion_middleware
CVE-2010-3598 (Unspecified vulnerability in the Oracle Document Capture
component in ...)
- TODO: check
+ NOT-FOR-US: oracle fusion_middleware
CVE-2010-3599 (Unspecified vulnerability in the Oracle Document Capture
component in ...)
- TODO: check
+ NOT-FOR-US: oracle fusion_middleware
CVE-2010-3600 (Unspecified vulnerability in the Client System Analyzer
component in ...)
- TODO: check
+ NOT-FOR-US: oracle enterprise_manager_grid_control
CVE-2010-3601 (SQL injection vulnerability in index.php in ibPhotohost 1.1.2
allows ...)
NOT-FOR-US: invisionpower ibphotohost
CVE-2010-3602 (Cross-site scripting (XSS) vulnerability in ProfileView.aspx in
...)
@@ -93104,7 +93104,7 @@ CVE-2010-3651
CVE-2010-3652 (Unspecified vulnerability in Adobe Flash Player before
9.0.289.0 and ...)
TODO: check
CVE-2010-3653 (The Director module (dirapi.dll) in Adobe Shockwave Player
before ...)
- TODO: check
+ NOT-FOR-US: adobe shockwave_player
CVE-2010-3654 (Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64
on ...)
TODO: check
CVE-2010-3655 (Stack-based buffer overflow in dirapi.dll in Adobe Shockwave
Player ...)
@@ -93452,17 +93452,17 @@ CVE-2010-3825
CVE-2010-3826 (WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through
10.6 and ...)
TODO: check
CVE-2010-3827 (Apple iOS before 4.2 does not properly validate signatures
before ...)
- TODO: check
+ NOT-FOR-US: apple iphone_os
CVE-2010-3828 (iAd Content Display in Apple iOS before 4.2 allows
man-in-the-middle ...)
- TODO: check
+ NOT-FOR-US: apple iphone_os
CVE-2010-3829 (WebKit in Apple iOS before 4.2 allows remote attackers to
bypass the ...)
TODO: check
CVE-2010-3830 (Networking in Apple iOS before 4.2 accesses an invalid pointer
during ...)
- TODO: check
+ NOT-FOR-US: apple iphone_os
CVE-2010-3831 (Photos in Apple iOS before 4.2 enables support for HTTP Basic
...)
- TODO: check
+ NOT-FOR-US: apple iphone_os
CVE-2010-3832 (Heap-based buffer overflow in the GSM mobility management ...)
- TODO: check
+ NOT-FOR-US: apple iphone_os
CVE-2010-3833 (MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before
5.5.6 does ...)
TODO: check
CVE-2010-3834 (Unspecified vulnerability in MySQL 5.0 before 5.0.92, 5.1
before ...)
@@ -93542,7 +93542,7 @@ CVE-2010-3870 (The utf8_decode function in PHP before
5.3.4 does not properly ha
CVE-2010-3871 (Cross-site scripting (XSS) vulnerability in ...)
NOT-FOR-US: mahara
CVE-2010-3872 (The apr_status_t fcgid_header_bucket_read function in
fcgid_bucket.c ...)
- TODO: check
+ BUG: 344685
CVE-2010-3873 (The X.25 implementation in the Linux kernel before 2.6.36.2
does not ...)
TODO: check
CVE-2010-3874 (Heap-based buffer overflow in the bcm_connect function in ...)
@@ -93569,7 +93569,7 @@ CVE-2010-3884 (Cross-site request forgery (CSRF)
vulnerability in CMS Made Simpl
NOT-FOR-US: cmsmadesimple cms_made_simple
CVE-2010-3885
REJECTED
- TODO: check
+ NOT-FOR-US: this
CVE-2010-3886 (The CTimeoutEventList::InsertIntoTimeoutList function in
Microsoft ...)
NOT-FOR-US: microsoft ie
CVE-2010-3887 (The Limit Mail feature in the Parental Controls functionality
in Mail ...)
@@ -93609,7 +93609,7 @@ CVE-2010-3903 (Unspecified vulnerability in OpenConnect
before 2.23 allows remot
CVE-2010-3904 (The rds_page_copy_user function in net/rds/page.c in the
Reliable ...)
TODO: check
CVE-2010-3905 (The password reset feature in the administrator interface for
...)
- TODO: check
+ NOT-FOR-US: eucalyptus
CVE-2010-3906 (Cross-site scripting (XSS) vulnerability in Gitweb 1.7.3.3 and
earlier ...)
TODO: check
CVE-2010-3907 (Multiple integer overflows in real.c in the Real demuxer plugin
in ...)
@@ -93645,25 +93645,26 @@ CVE-2010-3921 (Cross-site scripting (XSS)
vulnerability in Movable Type 4.x befo
CVE-2010-3922 (SQL injection vulnerability in Movable Type 4.x before 4.35 and
5.x ...)
NOT-FOR-US: sixapart movabletype
CVE-2010-3923 (Untrusted search path vulnerability in AttacheCase before 2.70
allows ...)
- TODO: check
+ NOT-FOR-US: mitsu_hiro_hi_rose attachecase
CVE-2010-3924 (SQL injection vulnerability in Aimluck Aipo before 5.1.0.1
allows ...)
- TODO: check
+ NOT-FOR-US: aimluck aipo
CVE-2010-3925 (Contents-Mall before 15 does not properly handle passwords,
which ...)
- TODO: check
+ NOT-FOR-US: wb i contents mall
CVE-2010-3926 (Multiple cross-site scripting (XSS) vulnerabilities in Shop.cgi
in ...)
- TODO: check
+ NOT-FOR-US: wb i sgx sp_final_ne
CVE-2010-3927
RESERVED
CVE-2010-3928 (Ruby Version Manager (RVM) before 1.2.1 writes file contents to
a ...)
- TODO: check
+ NOT-FOR-US: Ruby
CVE-2010-3929
RESERVED
CVE-2010-3930
RESERVED
CVE-2010-3931 (Cross-site scripting (XSS) vulnerability in multiple Rocomotion
...)
- TODO: check
+ NOT-FOR-US: multiple Rocomotion products including P board
CVE-2010-3932
RESERVED
+ REJECTED
CVE-2010-3933 (Ruby on Rails 2.3.9 and 3.0.0 does not properly handle nested
...)
TODO: check
CVE-2010-3934 (The browser in Research In Motion (RIM) BlackBerry Device
Software ...)
@@ -93673,79 +93674,79 @@ CVE-2010-3935
CVE-2010-3936 (Cross-site scripting (XSS) vulnerability in Signurl.asp in
Microsoft ...)
NOT-FOR-US: microsoft forefront_unified_access_gateway
CVE-2010-3937 (Microsoft Exchange Server 2007 SP2 on the x64 platform allows
remote ...)
- TODO: check
+ NOT-FOR-US: microsoft exchange_server
CVE-2010-3938
RESERVED
CVE-2010-3939 (Buffer overflow in win32k.sys in the kernel-mode drivers in
Microsoft ...)
- TODO: check
+ NOT-FOR-US: microsoft windows_xp
CVE-2010-3940 (Double free vulnerability in win32k.sys in the kernel-mode
drivers in ...)
- TODO: check
+ NOT-FOR-US: microsoft windows_xp
CVE-2010-3941 (Double free vulnerability in win32k.sys in the kernel-mode
drivers in ...)
- TODO: check
+ NOT-FOR-US: microsoft windows_xp
CVE-2010-3942 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP
SP2 and ...)
- TODO: check
+ NOT-FOR-US: microsoft windows_xp
CVE-2010-3943 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP
SP2 and ...)
- TODO: check
+ NOT-FOR-US: microsoft windows_xp
CVE-2010-3944 (win32k.sys in the kernel-mode drivers in Microsoft Windows
Server 2008 ...)
- TODO: check
+ NOT-FOR-US: microsoft windows_server_2008
CVE-2010-3945 (Buffer overflow in the CGM image converter in the graphics
filters in ...)
- TODO: check
+ NOT-FOR-US: microsoft office_converter_pack
CVE-2010-3946 (Integer overflow in the PICT image converter in the graphics
filters ...)
- TODO: check
+ NOT-FOR-US: microsoft office_converter_pack
CVE-2010-3947 (Heap-based buffer overflow in the TIFF image converter in the
graphics ...)
- TODO: check
+ NOT-FOR-US: microsoft works
CVE-2010-3948
RESERVED
CVE-2010-3949 (Buffer overflow in the TIFF image converter in the graphics
filters in ...)
- TODO: check
+ NOT-FOR-US: microsoft office_converter_pack
CVE-2010-3950 (The TIFF image converter in the graphics filters in Microsoft
Office ...)
- TODO: check
+ NOT-FOR-US: microsoft works
CVE-2010-3951 (Buffer overflow in the FlashPix image converter in the graphics
...)
- TODO: check
+ NOT-FOR-US: microsoft office_converter_pack
CVE-2010-3952 (The FlashPix image converter in the graphics filters in
Microsoft ...)
- TODO: check
+ NOT-FOR-US: microsoft office_converter_pack
CVE-2010-3953
RESERVED
CVE-2010-3954 (Microsoft Publisher 2002 SP3, 2003 SP3, and 2010 allows remote
...)
- TODO: check
+ NOT-FOR-US: microsoft publisher
CVE-2010-3955 (pubconv.dll (aka the Publisher Converter DLL) in Microsoft
Publisher ...)
- TODO: check
+ NOT-FOR-US: microsoft publisher
CVE-2010-3956 (The OpenType Font (OTF) driver in Microsoft Windows XP SP2 and
SP3, ...)
- TODO: check
+ NOT-FOR-US: microsoft windows_xp
CVE-2010-3957 (Double free vulnerability in the OpenType Font (OTF) driver in
...)
- TODO: check
+ NOT-FOR-US: microsoft windows_xp
CVE-2010-3958
RESERVED
CVE-2010-3959 (The OpenType Font (OTF) driver in Microsoft Windows XP SP2 and
SP3, ...)
- TODO: check
+ NOT-FOR-US: microsoft windows_xp
CVE-2010-3960 (Hyper-V in Microsoft Windows Server 2008 Gold, SP2, and R2
allows ...)
- TODO: check
+ NOT-FOR-US: microsoft windows_server_2008
CVE-2010-3961 (The Consent User Interface (UI) in Microsoft Windows Vista SP1
and ...)
- TODO: check
+ NOT-FOR-US: microsoft windows_vista
CVE-2010-3962 (Use-after-free vulnerability in Microsoft Internet Explorer 6,
7, and ...)
NOT-FOR-US: microsoft ie
CVE-2010-3963 (Buffer overflow in the Routing and Remote Access NDProxy
component in ...)
- TODO: check
+ NOT-FOR-US: microsoft windows_xp
CVE-2010-3964 (Unrestricted file upload vulnerability in the Document
Conversions ...)
- TODO: check
+ NOT-FOR-US: microsoft sharepoint_server
CVE-2010-3965 (Untrusted search path vulnerability in Windows Media Encoder 9
on ...)
- TODO: check
+ NOT-FOR-US: microsoft windows_media_encoder
CVE-2010-3966 (Untrusted search path vulnerability in Microsoft Windows Server
2008 ...)
- TODO: check
+ NOT-FOR-US: microsoft windows_server_2008
CVE-2010-3967 (Untrusted search path vulnerability in Microsoft Windows Movie
Maker ...)
- TODO: check
+ NOT-FOR-US: microsoft windows_movie_maker
CVE-2010-3968
RESERVED
CVE-2010-3969
RESERVED
CVE-2010-3970 (Stack-based buffer overflow in the CreateSizedDIBSECTION
function in ...)
- TODO: check
+ NOT-FOR-US: microsoft windows_xp
CVE-2010-3971 (Use-after-free vulnerability in the CSharedStyleSheet::Notify
function ...)
- TODO: check
+ NOT-FOR-US: microsoft ie
CVE-2010-3972 (The TELNET_STREAM_CONTEXT::OnSendData function in the FTP
protocol ...)
- TODO: check
+ NOT-FOR-US: microsoft iis
CVE-2010-3973 (The WBEMSingleView.ocx ActiveX control 1.50.1131.0 in Microsoft
WMI ...)
- TODO: check
+ NOT-FOR-US: microsoft wmi_administrative_tools
CVE-2010-3974
RESERVED
CVE-2010-3975 (Untrusted search path vulnerability in Adobe Flash Player 9
allows ...)
@@ -93823,9 +93824,9 @@ CVE-2010-4010 (Integer signedness error in Apple Type
Services (ATS) in Apple Ma
CVE-2010-4011 (Dovecot in Apple Mac OS X 10.6.5 10H574 does not properly
manage ...)
NOT-FOR-US: apple mac_os_x_server
CVE-2010-4012 (Race condition in Apple iOS 4.0 through 4.1 for iPhone 3G and
later ...)
- TODO: check
+ NOT-FOR-US: apple iphone_os
CVE-2010-4013 (Format string vulnerability in PackageKit in Apple Mac OS X
10.6.x ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-4014
RESERVED
CVE-2010-4015
@@ -93989,7 +93990,7 @@ CVE-2010-4093
CVE-2010-4094 (The Tomcat server in IBM Rational Quality Manager and Rational
Test ...)
NOT-FOR-US: ibm rational_test_lab_manager
CVE-2010-4095 (Directory traversal vulnerability in the FTP client in
Serengeti ...)
- TODO: check
+ NOT-FOR-US: robo ftp
CVE-2010-4096 (share/ma/keys_for_user in Monkeysphere 0.31 and 0.32 allows
local ...)
NOT-FOR-US: monkeysphere_project monkeysphere
CVE-2010-4097 (Multiple cross-site scripting (XSS) vulnerabilities in
index.php in ...)
@@ -94019,19 +94020,19 @@ CVE-2010-4108 (HP HP-UX B.11.11, B.11.23, and B.11.31
does not properly support
CVE-2010-4109 (Cross-site scripting (XSS) vulnerability in the Contacts
Application ...)
NOT-FOR-US: hp palm_webos
CVE-2010-4110 (Unspecified vulnerability in HP OpenVMS 8.3, 8.3-1H1, and 8.4
on the ...)
- TODO: check
+ NOT-FOR-US: hp openvms
CVE-2010-4111 (Cross-site scripting (XSS) vulnerability in HP Insight
Diagnostics ...)
- TODO: check
+ NOT-FOR-US: hp insight_diagnostics
CVE-2010-4112 (HP Insight Management Agents before 8.6 allows remote attackers
to ...)
- TODO: check
+ NOT-FOR-US: hp insight_management_agents
CVE-2010-4113 (Stack-based buffer overflow in HP Power Manager (HPPM) before
4.3.2 ...)
- TODO: check
+ NOT-FOR-US: hp power_manager
CVE-2010-4114 (Cross-site scripting (XSS) vulnerability in HP Discovery &
Dependency ...)
- TODO: check
+ NOT-FOR-US: hp discovery dependency_mapping_inventory
CVE-2010-4115 (HP StorageWorks Modular Smart Array P2000 G3 firmware
TS100R011, ...)
- TODO: check
+ NOT-FOR-US: hp storageworks_modular_smart_array_p2000_g3_firmware
CVE-2010-4116 (Unspecified vulnerability in HP StorageWorks Storage Mirroring
5.x ...)
- TODO: check
+ NOT-FOR-US: hp storageworks_storage_mirroring
CVE-2010-4117
RESERVED
CVE-2010-4118
@@ -94143,7 +94144,7 @@ CVE-2010-4170 (The staprun runtime tool in SystemTap
1.3 does not properly clear
CVE-2010-4171 (The staprun runtime tool in SystemTap 1.3 does not verify that
a ...)
TODO: check
CVE-2010-4172 (Multiple cross-site scripting (XSS) vulnerabilities in the
Manager ...)
- TODO: check
+ BUG: 329937
CVE-2010-4173 (The default configuration of libsdp.conf in libsdp 1.1.104 and
earlier ...)
NOT-FOR-US: openfabrics libsdp
CVE-2010-4174
@@ -94151,13 +94152,13 @@ CVE-2010-4174
CVE-2010-4175 (Integer overflow in the rds_cmsg_rdma_args function
(net/rds/rdma.c) ...)
TODO: check
CVE-2010-4176 (plymouth-pretrigger.sh in dracut and udev, when running on
Fedora 13 ...)
- TODO: check
+ NOT-FOR-US: Fedora only
CVE-2010-4177
RESERVED
CVE-2010-4178
RESERVED
CVE-2010-4179 (The installation documentation for Red Hat Enterprise
Messaging, ...)
- TODO: check
+ NOT-FOR-US: redhat enterprise_mrg
CVE-2010-4180 (OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when ...)
TODO: check
CVE-2010-4181 (Directory traversal vulnerability in Yaws 1.89 allows remote
attackers ...)
@@ -94200,7 +94201,7 @@ CVE-2010-4199 (Google Chrome before 7.0.517.44 does not
properly perform a cast
TODO: check
CVE-2010-4200
REJECTED
- TODO: check
+ NOT-FOR-US: this
CVE-2010-4201 (Use-after-free vulnerability in Google Chrome before 7.0.517.44
allows ...)
TODO: check
CVE-2010-4202 (Multiple integer overflows in Google Chrome before 7.0.517.44
on Linux ...)
@@ -94324,7 +94325,7 @@ CVE-2010-4260 (Multiple unspecified vulnerabilities in
pdf.c in libclamav in Cla
CVE-2010-4261 (Off-by-one error in the icon_cb function in pe_icons.c in
libclamav in ...)
TODO: check
CVE-2010-4262 (Stack-based buffer overflow in Xfig 3.2.4 and 3.2.5 allows
remote ...)
- TODO: check
+ BUG: 348344
CVE-2010-4263 (The igb_receive_skb function in drivers/net/igb/igb_main.c in
the ...)
TODO: check
CVE-2010-4264
@@ -94334,7 +94335,7 @@ CVE-2010-4265 (The ...)
CVE-2010-4266
RESERVED
CVE-2010-4267 (Stack-based buffer overflow in the hpmud_get_pml function in
...)
- TODO: check
+ BUG: 352085
CVE-2010-4268 (SQL injection vulnerability in the Pulse Infotech Flip Wall ...)
NOT-FOR-US: pulseinfotech com_flipwall
CVE-2010-4269 (SQL injection vulnerability in managechat.php in Collabtive
0.65 ...)
@@ -94350,11 +94351,11 @@ CVE-2010-4273 (SQL injection vulnerability in
imoveis.php in DescargarVista ACC
CVE-2010-4274 (reset_diragent_keys in the Common agent in IBM Systems Director
6.2.0 ...)
NOT-FOR-US: ibm director_agent
CVE-2010-4275 (Multiple cross-site scripting (XSS) vulnerabilities in Radius
Manager ...)
- TODO: check
+ NOT-FOR-US: dmasoftlab radius_manager
CVE-2010-4276 (Cross-site scripting (XSS) vulnerability in the
lz_tracking_set_sessid ...)
- TODO: check
+ NOT-FOR-US: livezilla
CVE-2010-4277 (Cross-site scripting (XSS) vulnerability in lembedded-video.php
in the ...)
- TODO: check
+ NOT-FOR-US: jovelstefan embedded video
CVE-2010-4278 (operation/agentes/networkmap.php in Pandora FMS before 3.1.1
allows ...)
NOT-FOR-US: pandora
CVE-2010-4279 (The default configuration of Pandora FMS 3.1 and earlier
specifies an ...)
@@ -94442,13 +94443,13 @@ CVE-2010-4319
CVE-2010-4320
RESERVED
CVE-2010-4321 (Stack-based buffer overflow in an ActiveX control in ienipp.ocx
in ...)
- TODO: check
+ NOT-FOR-US: novell iprint_client
CVE-2010-4322 (Cross-site scripting (XSS) vulnerability in gwtTeaming.rpc in
Novell ...)
- TODO: check
+ NOT-FOR-US: novell vibe_onprem
CVE-2010-4323
RESERVED
CVE-2010-4324 (Cross-site scripting (XSS) vulnerability in the Approval Form
in the ...)
- TODO: check
+ NOT-FOR-US: novell identity_manager_roles_based_provisioning_module
CVE-2010-4325
RESERVED
CVE-2010-4326
@@ -94462,11 +94463,11 @@ CVE-2010-4329 (Cross-site scripting (XSS)
vulnerability in the PMA_linkOrButton
CVE-2010-4330 (Directory traversal vulnerability in includes/controller.php in
Pulse ...)
NOT-FOR-US: pulsecms pulse_cms
CVE-2010-4331 (Multiple cross-site scripting (XSS) vulnerabilities in Seo
Panel 2.2.0 ...)
- TODO: check
+ NOT-FOR-US: Seo Panel
CVE-2010-4332 (Pointter PHP Content Management System 1.0 allows remote
attackers to ...)
- TODO: check
+ NOT-FOR-US: pangramsoft pointter_php_content_management_system
CVE-2010-4333 (Pointter PHP Micro-Blogging Social Network 1.8 allows remote
attackers ...)
- TODO: check
+ NOT-FOR-US: pangramsoft pointter_php_micro blogging_social_network
CVE-2010-4334 (IO::Socket::SSL Perl module 1.35, when verify_mode is not
VERIFY_NONE, ...)
TODO: check
CVE-2010-4335 (The _validatePost function in
libs/controller/components/security.php ...)
@@ -94474,11 +94475,11 @@ CVE-2010-4335 (The _validatePost function in
libs/controller/components/security
CVE-2010-4336 (The cu_rrd_create_file function (src/utils_rrdcreate.c) in
collectd ...)
TODO: check
CVE-2010-4337 (The configure script in gnash 0.8.8 allows local users to
overwrite ...)
- TODO: check
+ BUG: 351724
CVE-2010-4338 (ocrodjvu 0.4.6-1 on Debian GNU/Linux, when using Cuneiform as
the OCR ...)
- TODO: check
+ NOT-FOR-US: ocrodjvu
CVE-2010-4339 (Cross-site scripting (XSS) vulnerability in Hypermail 2.2.0
allows ...)
- TODO: check
+ NOT-FOR-US: hypermail project hypermail
CVE-2010-4340
TODO: check
CVE-2010-4341
@@ -94502,7 +94503,7 @@ CVE-2010-4349 (admin/upgrade_unattended.php in MantisBT
before 1.2.4 allows remo
CVE-2010-4350 (Directory traversal vulnerability in
admin/upgrade_unattended.php in ...)
TODO: check
CVE-2010-4351 (The JNLP SecurityManager in IcedTea (IcedTea.so) 1.7 before
1.7.7, 1.8 ...)
- TODO: check
+ BUG: 352035
CVE-2010-4352 (Stack consumption vulnerability in D-Bus (aka DBus) before
1.4.1 ...)
TODO: check
CVE-2010-4353
@@ -94550,51 +94551,51 @@ CVE-2010-4373 (The in_mp4 plugin in Winamp before 5.6
allows remote attackers to
CVE-2010-4374 (The in_mkv plugin in Winamp before 5.6 allows remote attackers
to ...)
NOT-FOR-US: nullsoft winamp
CVE-2010-4375 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0
through ...)
- TODO: check
+ NOT-FOR-US: realnetworks realplayer
CVE-2010-4376 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0
through ...)
- TODO: check
+ NOT-FOR-US: realnetworks realplayer_sp
CVE-2010-4377 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0
through ...)
- TODO: check
+ NOT-FOR-US: realnetworks realplayer_sp
CVE-2010-4378 (The drv2.dll (aka RV20 decompression) module in RealNetworks
...)
- TODO: check
+ NOT-FOR-US: realnetworks realplayer_sp
CVE-2010-4379 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0
through ...)
- TODO: check
+ NOT-FOR-US: realnetworks realplayer_sp
CVE-2010-4380 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0
through ...)
- TODO: check
+ NOT-FOR-US: realnetworks realplayer_sp
CVE-2010-4381 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0
through ...)
- TODO: check
+ NOT-FOR-US: realnetworks realplayer_sp
CVE-2010-4382 (Multiple heap-based buffer overflows in RealNetworks RealPlayer
11.0 ...)
- TODO: check
+ NOT-FOR-US: realnetworks realplayer_sp
CVE-2010-4383 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0
through ...)
- TODO: check
+ NOT-FOR-US: realnetworks realplayer_sp
CVE-2010-4384 (Array index error in RealNetworks RealPlayer 11.0 through 11.1,
...)
- TODO: check
+ NOT-FOR-US: realnetworks realplayer
CVE-2010-4385 (Integer overflow in RealNetworks RealPlayer 11.0 through 11.1,
...)
- TODO: check
+ NOT-FOR-US: realnetworks realplayer_sp
CVE-2010-4386 (RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0
through ...)
- TODO: check
+ NOT-FOR-US: realnetworks realplayer_sp
CVE-2010-4387 (The RealAudio codec in RealNetworks RealPlayer 11.0 through
11.1, ...)
- TODO: check
+ NOT-FOR-US: realnetworks realplayer_sp
CVE-2010-4388 (The (1) Upsell.htm, (2) Main.html, and (3) Custsupport.html
components ...)
- TODO: check
+ NOT-FOR-US: realnetworks realplayer_sp
CVE-2010-4389 (Heap-based buffer overflow in the cook codec in RealNetworks
...)
- TODO: check
+ NOT-FOR-US: realnetworks realplayer_sp
CVE-2010-4390 (Multiple heap-based buffer overflows in RealNetworks RealPlayer
11.0 ...)
- TODO: check
+ NOT-FOR-US: realnetworks realplayer_sp
CVE-2010-4391 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0
through ...)
- TODO: check
+ NOT-FOR-US: realnetworks realplayer_sp
CVE-2010-4392 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0
through ...)
- TODO: check
+ NOT-FOR-US: realnetworks realplayer_sp
CVE-2010-4393
RESERVED
CVE-2010-4394 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0
through ...)
- TODO: check
+ NOT-FOR-US: realnetworks realplayer_sp
CVE-2010-4395 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0
through ...)
- TODO: check
+ NOT-FOR-US: realnetworks realplayer_sp
CVE-2010-4396 (Cross-zone scripting vulnerability in the HandleAction method
in a ...)
- TODO: check
+ NOT-FOR-US: realnetworks realplayer_sp
CVE-2010-4397 (Integer overflow in the pnen3260.dll module in RealNetworks
RealPlayer ...)
- TODO: check
+ NOT-FOR-US: realnetworks realplayer_sp
CVE-2010-4398 (Stack-based buffer overflow in the RtlQueryRegistryValues
function in ...)
NOT-FOR-US: microsoft windows_xp
CVE-2010-4399 (Directory traversal vulnerability in languages.inc.php in DynPG
CMS ...)
@@ -94626,79 +94627,79 @@ CVE-2010-4411 (Unspecified vulnerability in CGI.pm
3.50 and earlier allows remot
CVE-2010-4412 (Multiple cross-site scripting (XSS) vulnerabilities in pfSense
2 beta ...)
NOT-FOR-US: bsdperimeter pfsense
CVE-2010-4413 (Unspecified vulnerability in the Scheduler Agent component in
Oracle ...)
- TODO: check
+ NOT-FOR-US: oracle database_server
CVE-2010-4414 (Unspecified vulnerability in Oracle VM VirtualBox 4.0 allows
local ...)
TODO: check
CVE-2010-4415 (Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows
local ...)
- TODO: check
+ NOT-FOR-US: sunos
CVE-2010-4416 (Unspecified vulnerability in the Oracle GoldenGate Veridata
component ...)
- TODO: check
+ NOT-FOR-US: oracle fusion_middleware
CVE-2010-4417 (Unspecified vulnerability in the Services for Beehive component
in ...)
- TODO: check
+ NOT-FOR-US: oracle beehive
CVE-2010-4418 (Unspecified vulnerability in the PeopleSoft Enterprise
PeopleTools ...)
- TODO: check
+ NOT-FOR-US: oracle peoplesoft_enterprise
CVE-2010-4419 (Unspecified vulnerability in the PeopleSoft Enterprise CRM
component ...)
- TODO: check
+ NOT-FOR-US: oracle peoplesoft_and_jdedwards_product_suite
CVE-2010-4420 (Unspecified vulnerability in the Database Vault component in
Oracle ...)
- TODO: check
+ NOT-FOR-US: oracle database_server
CVE-2010-4421 (Unspecified vulnerability in the Database Vault component in
Oracle ...)
- TODO: check
+ NOT-FOR-US: oracle database_server
CVE-2010-4422
RESERVED
CVE-2010-4423 (Unspecified vulnerability in the Cluster Verify Utility
component in ...)
- TODO: check
+ NOT-FOR-US: oracle database_server
CVE-2010-4424 (Unspecified vulnerability in the PeopleSoft Enterprise
PeopleTools ...)
- TODO: check
+ NOT-FOR-US: oracle peoplesoft_enterprise
CVE-2010-4425 (Unspecified vulnerability in the Oracle BI Publisher component
in ...)
- TODO: check
+ NOT-FOR-US: oracle fusion_middleware
CVE-2010-4426 (Unspecified vulnerability in the PeopleSoft Enterprise
PeopleTools ...)
- TODO: check
+ NOT-FOR-US: oracle peoplesoft_enterprise
CVE-2010-4427 (Unspecified vulnerability in the Oracle BI Publisher component
in ...)
- TODO: check
+ NOT-FOR-US: oracle fusion_middleware
CVE-2010-4428 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS
component ...)
- TODO: check
+ NOT-FOR-US: oracle peoplesoft_and_jdedwards_product_suite
CVE-2010-4429 (Unspecified vulnerability in the Agile Core component in Oracle
Supply ...)
- TODO: check
+ NOT-FOR-US: oracle supply_chain_products_suite
CVE-2010-4430 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS
component ...)
- TODO: check
+ NOT-FOR-US: oracle peoplesoft_and_jdedwards_product_suite
CVE-2010-4431 (Unspecified vulnerability in Oracle Sun Java System Portal
Server 7.1 ...)
- TODO: check
+ NOT-FOR-US: sun java_system_portal_server
CVE-2010-4432 (Unspecified vulnerability in the Oracle Transportation Manager
...)
- TODO: check
+ NOT-FOR-US: oracle supply_chain_products_suite
CVE-2010-4433 (Unspecified vulnerability in Oracle Solaris 10 allows remote
attackers ...)
- TODO: check
+ NOT-FOR-US: sunos
CVE-2010-4434 (Unspecified vulnerability in the PeopleSoft Enterprise
PeopleTools ...)
- TODO: check
+ NOT-FOR-US: oracle peoplesoft_enterprise
CVE-2010-4435 (Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows
remote ...)
- TODO: check
+ NOT-FOR-US: sunos
CVE-2010-4436 (Unspecified vulnerability in Oracle Sun Management Center
(SunMC) 4.0 ...)
- TODO: check
+ NOT-FOR-US: oracle sunmc
CVE-2010-4437 (Unspecified vulnerability in the Oracle WebLogic Server
component in ...)
- TODO: check
+ NOT-FOR-US: oracle fusion_middleware
CVE-2010-4438 (Unspecified vulnerability in Oracle GlassFish 2.1, 2.1.1, and
3.0.1, ...)
- TODO: check
+ NOT-FOR-US: oracle sun_glassfish_enterprise_server
CVE-2010-4439 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS
component ...)
- TODO: check
+ NOT-FOR-US: oracle peoplesoft_and_jdedwards_product_suite
CVE-2010-4440 (Unspecified vulnerability in Oracle 10 and 11 Express allows
local ...)
- TODO: check
+ NOT-FOR-US: sunos
CVE-2010-4441 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS
component ...)
- TODO: check
+ NOT-FOR-US: oracle peoplesoft_and_jdedwards_product_suite
CVE-2010-4442 (Unspecified vulnerability in Oracle Solaris 10 and 11 Express
allows ...)
- TODO: check
+ NOT-FOR-US: sunos
CVE-2010-4443 (Unspecified vulnerability in Oracle Solaris 10 and 11 Express
allows ...)
- TODO: check
+ NOT-FOR-US: sunos
CVE-2010-4444 (Unspecified vulnerability in Oracle Sun Java System Access
Manager and ...)
- TODO: check
+ NOT-FOR-US: sun java_system_access_manager
CVE-2010-4445 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS
component ...)
- TODO: check
+ NOT-FOR-US: oracle peoplesoft_and_jdedwards_product_suite
CVE-2010-4446 (Unspecified vulnerability in Oracle Solaris 11 Express allows
local ...)
- TODO: check
+ NOT-FOR-US: sunos
CVE-2010-4447
RESERVED
CVE-2010-4448
RESERVED
CVE-2010-4449 (Unspecified vulnerability in the Audit Vault component in
Oracle Audit ...)
- TODO: check
+ NOT-FOR-US: oracle audit_vault
CVE-2010-4450
RESERVED
CVE-2010-4451
@@ -94706,29 +94707,29 @@ CVE-2010-4451
CVE-2010-4452
RESERVED
CVE-2010-4453 (Unspecified vulnerability in the Oracle WebLogic Server
component in ...)
- TODO: check
+ NOT-FOR-US: oracle weblogic_server
CVE-2010-4454
RESERVED
CVE-2010-4455 (Unspecified vulnerability in the Oracle HTTP Server component
in ...)
- TODO: check
+ NOT-FOR-US: oracle fusion_middleware
CVE-2010-4456 (Unspecified vulnerability in Oracle Sun Java System
Communications ...)
TODO: check
CVE-2010-4457 (Unspecified vulnerability in Oracle Solaris 11 Express allows
remote ...)
- TODO: check
+ NOT-FOR-US: sunos
CVE-2010-4458 (Unspecified vulnerability in Oracle Solaris 11 Express allows
local ...)
- TODO: check
+ NOT-FOR-US: sunos
CVE-2010-4459 (Unspecified vulnerability in Oracle Solaris 11 Express allows
local ...)
- TODO: check
+ NOT-FOR-US: sunos
CVE-2010-4460 (Unspecified vulnerability in Oracle Solaris 10 allows local
users to ...)
- TODO: check
+ NOT-FOR-US: sunos
CVE-2010-4461 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS
component ...)
- TODO: check
+ NOT-FOR-US: oracle peoplesoft_and_jdedwards_product_suite
CVE-2010-4462
RESERVED
CVE-2010-4463
RESERVED
CVE-2010-4464 (Unspecified vulnerability in Oracle Sun Convergence 1.0 allows
remote ...)
- TODO: check
+ NOT-FOR-US: oracle sun_convergence
CVE-2010-4465
RESERVED
CVE-2010-4466
@@ -94792,18 +94793,18 @@ CVE-2010-4494 (Double free vulnerability in libxml2
2.7.8 and other versions, as
CVE-2010-4495 (Unspecified vulnerability in the ActiveMatrix Runtime component
in ...)
TODO: check
CVE-2010-4496 (Multiple SQL injection vulnerabilities in Collaborative
Information ...)
- TODO: check
+ NOT-FOR-US: tibco collaborative_information_manager
CVE-2010-4497 (Cross-site scripting (XSS) vulnerability in Collaborative
Information ...)
- TODO: check
+ NOT-FOR-US: tibco collaborative_information_manager
CVE-2010-4498 (Unspecified vulnerability in Collaborative Information Manager
server, ...)
- TODO: check
+ NOT-FOR-US: tibco collaborative_information_manager
CVE-2010-4499 (Session fixation vulnerability in Collaborative Information
Manager ...)
- TODO: check
+ NOT-FOR-US: tibco collaborative_information_manager
CVE-2010-4500 (Multiple SQL injection vulnerabilities in contact.php in
MRCGIGUY ...)
NOT-FOR-US: mrcgiguy freeticket
CVE-2010-4501
REJECTED
- TODO: check
+ NOT-FOR-US: this
CVE-2010-4502 (Integer overflow in KmxSbx.sys 6.2.0.22 in CA Internet Security
Suite ...)
NOT-FOR-US: ca internet_security_suite_plus_2010
CVE-2010-4503 (SQL injection vulnerability in indexlight.php in Aigaion 1.3.4
allows ...)
@@ -94815,14 +94816,14 @@ CVE-2010-4505 (Multiple SQL injection vulnerabilities
in login.php in Injader 2.
CVE-2010-4506
RESERVED
CVE-2010-4507 (Multiple cross-site request forgery (CSRF) vulnerabilities on
the ...)
- TODO: check
+ NOT-FOR-US: clear ispot
CVE-2010-4508 (The WebSockets implementation in Mozilla Firefox 4 through 4.0
Beta 7 ...)
TODO: check
CVE-2010-4509 (Multiple unspecified vulnerabilities in Movable Type 4.x before
4.35 ...)
NOT-FOR-US: sixapart movabletype
CVE-2010-4510
REJECTED
- TODO: check
+ NOT-FOR-US: this
CVE-2010-4511 (Unspecified vulnerability in Movable Type 4.x before 4.35 and
5.x ...)
NOT-FOR-US: sixapart movabletype
CVE-2010-4512 (Cobbler before 2.0.4 uses an incorrect umask value, which
allows local ...)
@@ -94840,17 +94841,17 @@ CVE-2010-4517 (SQL injection vulnerability in the
JExtensions JE Auto (com_jeaut
CVE-2010-4518 (Cross-site scripting (XSS) vulnerability in ...)
NOT-FOR-US: wobeo wp safe search
CVE-2010-4519 (Multiple cross-site request forgery (CSRF) vulnerabilities in
the ...)
- TODO: check
+ NOT-FOR-US: earl_miles views
CVE-2010-4520 (Multiple cross-site scripting (XSS) vulnerabilities in the
Views ...)
- TODO: check
+ NOT-FOR-US: earl_miles views
CVE-2010-4521 (Cross-site scripting (XSS) vulnerability in the Views module
6.x ...)
- TODO: check
+ NOT-FOR-US: earl_miles views
CVE-2010-4522 (Multiple cross-site scripting (XSS) vulnerabilities in MyBB
(aka ...)
- TODO: check
+ NOT-FOR-US: mybb
CVE-2010-4523 (Multiple stack-based buffer overflows in libopensc in OpenSC
0.11.13 ...)
- TODO: check
+ BUG: 349567
CVE-2010-4524 (Cross-site scripting (XSS) vulnerability in lib/mhtxthtml.pl in
...)
- TODO: check
+ BUG: 349563
CVE-2010-4525 (Linux kernel 2.6.33 and 2.6.34.y does not initialize the ...)
TODO: check
CVE-2010-4526 (Race condition in the sctp_icmp_proto_unreachable function in
...)
@@ -94862,9 +94863,9 @@ CVE-2010-4528 (directconn.c in the MSN protocol plugin
in libpurple 2.7.6 throug
CVE-2010-4529 (Integer underflow in the irda_getsockopt function in ...)
TODO: check
CVE-2010-4530 (Signedness error in ccid_serial.c in libccid in the USB
Chip/Smart ...)
- TODO: check
+ BUG: 349559
CVE-2010-4531 (Stack-based buffer overflow in the ATRDecodeAtr function in the
...)
- TODO: check
+ BUG: 349561
CVE-2010-4532
RESERVED
CVE-2010-4533
@@ -94876,7 +94877,7 @@ CVE-2010-4535 (The password reset functionality in
django.contrib.auth in Django
CVE-2010-4536 (Multiple cross-site scripting (XSS) vulnerabilities in KSES, as
used ...)
TODO: check
CVE-2010-4537 (Unspecified vulnerability in CrawlTrack before 3.2.7, when a
public ...)
- TODO: check
+ NOT-FOR-US: crawltrack
CVE-2010-4538 (Buffer overflow in the sect_enttec_dmx_da function in ...)
TODO: check
CVE-2010-4539 (The walk function in repos.c in the mod_dav_svn module for the
Apache ...)
@@ -94890,35 +94891,35 @@ CVE-2010-4542 (Stack-based buffer overflow in the
gfig_read_parameter_gimp_rgb .
CVE-2010-4543 (Heap-based buffer overflow in the read_channel_data function in
...)
TODO: check
CVE-2010-4544 (Cross-site scripting (XSS) vulnerability in the servlet in IBM
Lotus ...)
- TODO: check
+ NOT-FOR-US: ibm lotus_notes_traveler
CVE-2010-4545 (IBM Lotus Notes Traveler before 8.5.1.2 allows remote
authenticated ...)
- TODO: check
+ NOT-FOR-US: ibm lotus_notes_traveler
CVE-2010-4546 (IBM Lotus Notes Traveler before 8.5.1.2 does not reject an
attachment ...)
- TODO: check
+ NOT-FOR-US: ibm lotus_notes_traveler
CVE-2010-4547 (IBM Lotus Notes Traveler before 8.5.1.3, when a multidomain ...)
- TODO: check
+ NOT-FOR-US: ibm lotus_notes_traveler
CVE-2010-4548 (IBM Lotus Notes Traveler before 8.5.1.2 allows remote
authenticated ...)
- TODO: check
+ NOT-FOR-US: ibm lotus_notes_traveler
CVE-2010-4549 (IBM Lotus Notes Traveler before 8.5.1.3 on the Nokia s60 device
...)
- TODO: check
+ NOT-FOR-US: ibm lotus_notes_traveler
CVE-2010-4550 (IBM Lotus Notes Traveler before 8.5.1.3 allows remote attackers
to ...)
- TODO: check
+ NOT-FOR-US: ibm lotus_notes_traveler
CVE-2010-4551 (IBM Lotus Notes Traveler before 8.5.1.2 allows remote
authenticated ...)
- TODO: check
+ NOT-FOR-US: ibm lotus_notes_traveler
CVE-2010-4552 (Memory leak in IBM Lotus Notes Traveler before 8.5.1.1 allows
remote ...)
- TODO: check
+ NOT-FOR-US: ibm lotus_notes_traveler
CVE-2010-4553 (An unspecified Domino API in IBM Lotus Notes Traveler before
8.5.1.1 ...)
- TODO: check
+ NOT-FOR-US: ibm lotus_notes_traveler
CVE-2010-4554
RESERVED
CVE-2010-4555
RESERVED
CVE-2010-4556 (Stack-based buffer overflow in the SapThemeRepository ActiveX
control ...)
- TODO: check
+ NOT-FOR-US: sap netweaver_business_client
CVE-2010-4557 (Buffer overflow in the lm_tcp service in Invensys Wonderware
InBatch ...)
- TODO: check
+ NOT-FOR-US: invensys wonderware_inbatch
CVE-2010-4558 (phpMyFAQ 2.6.11 and 2.6.12, as distributed between December 4th
and ...)
- TODO: check
+ NOT-FOR-US: phpmyfaq
CVE-2010-4559
RESERVED
CVE-2010-4560
@@ -94934,7 +94935,7 @@ CVE-2010-4564
CVE-2010-4565 (The bcm_connect function in net/can/bcm.c (aka the Broadcast
Manager) ...)
TODO: check
CVE-2010-4566 (Unspecified vulnerability in the NT4 authentication component
in ...)
- TODO: check
+ NOT-FOR-US: citrix access_gateway
CVE-2010-4567
RESERVED
CVE-2010-4568
@@ -94948,7 +94949,7 @@ CVE-2010-4571
CVE-2010-4572
RESERVED
CVE-2010-4573 (The Update Installer in VMware ESXi 4.1, when a modified
sfcb.cfg is ...)
- TODO: check
+ NOT-FOR-US: vmware esxi
CVE-2010-4574 (The Pickle::Pickle function in base/pickle.cc in Google Chrome
before ...)
TODO: check
CVE-2010-4575 (The ThemeInstalledInfoBarDelegate::Observe function in ...)
@@ -94978,115 +94979,115 @@ CVE-2010-4586 (The default configuration of Opera
before 11.00 enables WebSocket
CVE-2010-4587 (Opera before 11.00 on Windows does not properly implement the
Insecure ...)
TODO: check
CVE-2010-4588 (The WBEMSingleView.ocx ActiveX control 1.50.1131.0 in Microsoft
WMI ...)
- TODO: check
+ NOT-FOR-US: microsoft wmi_administrative_tools
CVE-2010-4589 (Cross-site scripting (XSS) vulnerability in IBM ENOVIA 6 allows
remote ...)
- TODO: check
+ NOT-FOR-US: ibm enovia
CVE-2010-4590 (Cross-site scripting (XSS) vulnerability in HTTP Access
Services ...)
- TODO: check
+ NOT-FOR-US: ibm lotus_mobile_connect
CVE-2010-4591 (The Connection Manager in IBM Lotus Mobile Connect (LMC) before
6.1.4, ...)
- TODO: check
+ NOT-FOR-US: ibm lotus_mobile_connect
CVE-2010-4592 (The Mobile Network Connections functionality in the Connection
Manager ...)
- TODO: check
+ NOT-FOR-US: ibm lotus_mobile_connect
CVE-2010-4593 (The Connection Manager in IBM Lotus Mobile Connect before 6.1.4
does ...)
- TODO: check
+ NOT-FOR-US: ibm lotus_mobile_connect
CVE-2010-4594 (The Connection Manager in IBM Lotus Mobile Connect before
6.1.4, when ...)
- TODO: check
+ NOT-FOR-US: ibm lotus_mobile_connect
CVE-2010-4595 (The Connection Manager in IBM Lotus Mobile Connect before 6.1.4
...)
- TODO: check
+ NOT-FOR-US: ibm lotus_mobile_connect
CVE-2010-4596
RESERVED
CVE-2010-4597 (Stack-based buffer overflow in the save method in the ...)
- TODO: check
+ NOT-FOR-US: ecava integraxor
CVE-2010-4598 (Directory traversal vulnerability in Ecava IntegraXor
3.6.4000.0 and ...)
- TODO: check
+ NOT-FOR-US: ecava integraxor
CVE-2010-4599 (Untrusted search path vulnerability in Ecava IntegraXor
3.6.4000.0 ...)
- TODO: check
+ NOT-FOR-US: ecava integraxor
CVE-2010-4600 (Dojo Toolkit, as used in the Web client in IBM Rational
ClearQuest ...)
- TODO: check
+ NOT-FOR-US: ibm rational_clearquest
CVE-2010-4601 (Multiple unspecified vulnerabilities in IBM Rational ClearQuest
7.0.x ...)
- TODO: check
+ NOT-FOR-US: ibm rational_clearquest
CVE-2010-4602 (The Web client in IBM Rational ClearQuest 7.1.1.x before
7.1.1.4 and ...)
- TODO: check
+ NOT-FOR-US: ibm rational_clearquest
CVE-2010-4603 (IBM Rational ClearQuest 7.0.x before 7.0.1.11, 7.1.1.x before
7.1.1.4, ...)
- TODO: check
+ NOT-FOR-US: ibm rational_clearquest
CVE-2010-4604 (Stack-based buffer overflow in the GeneratePassword function in
dsmtca ...)
- TODO: check
+ NOT-FOR-US: ibm tivoli_storage_manager
CVE-2010-4605 (Unspecified vulnerability in the backup-archive client in IBM
Tivoli ...)
- TODO: check
+ NOT-FOR-US: ibm tivoli_storage_manager
CVE-2010-4606 (Unspecified vulnerability in the Space Management client in the
...)
- TODO: check
+ NOT-FOR-US: ibm tivoli_storage_manager
CVE-2010-4607 (Multiple cross-site scripting (XSS) vulnerabilities in Habari
0.6.5, ...)
- TODO: check
+ NOT-FOR-US: habariproject habari
CVE-2010-4608 (Habari 0.6.5 allows remote attackers to obtain sensitive
information ...)
- TODO: check
+ NOT-FOR-US: habariproject habari
CVE-2010-4609 (SQL injection vulnerability in index.php in Html-edit CMS 3.1.8
allows ...)
- TODO: check
+ NOT-FOR-US: html edit_cms
CVE-2010-4610 (Cross-site scripting (XSS) vulnerability in index.php in
Html-edit CMS ...)
- TODO: check
+ NOT-FOR-US: html edit_cms
CVE-2010-4611 (Html-edit CMS 3.1.8 allows remote attackers to obtain sensitive
...)
- TODO: check
+ NOT-FOR-US: html edit_cms
CVE-2010-4612 (Multiple SQL injection vulnerabilities in index.php in Hycus
CMS ...)
- TODO: check
+ NOT-FOR-US: hycus_cms
CVE-2010-4613 (Multiple directory traversal vulnerabilities in Hycus CMS 1.0.3
allow ...)
- TODO: check
+ NOT-FOR-US: hycus_cms
CVE-2010-4614 (SQL injection vulnerability in item.php in Ero Auktion 2010
allows ...)
- TODO: check
+ NOT-FOR-US: mhproducts ero_auktion
CVE-2010-4615 (Multiple SQL injection vulnerabilities in Oto Galeri Sistemi
1.0 allow ...)
- TODO: check
+ NOT-FOR-US: iskenderaltuntas oto_galeri_sistemi
CVE-2010-4616 (Cross-site scripting (XSS) vulnerability in ...)
- TODO: check
+ NOT-FOR-US: impresscms
CVE-2010-4617 (Directory traversal vulnerability in the JotLoader
(com_jotloader) ...)
- TODO: check
+ NOT-FOR-US: kanich com_jotloader
CVE-2010-4618 (Cross-site scripting (XSS) vulnerability in the Algis Info ...)
- TODO: check
+ NOT-FOR-US: algisinfo aicontactsafe
CVE-2010-4619 (SQL injection vulnerability in profil.php in Mafya Oyun Scrpti
(aka ...)
- TODO: check
+ NOT-FOR-US: webscripti mafya_oyun_scrpti
CVE-2010-4620
RESERVED
CVE-2010-4621
RESERVED
CVE-2010-4622 (Directory traversal vulnerability in WebSEAL in IBM Tivoli
Access ...)
- TODO: check
+ NOT-FOR-US: ibm tivoli_access_manager_for_e business
CVE-2010-4623 (WebSEAL in IBM Tivoli Access Manager for e-business 6.1.1
before ...)
- TODO: check
+ NOT-FOR-US: ibm tivoli_access_manager_for_e business
CVE-2010-4624 (MyBB (aka MyBulletinBoard) before 1.4.12 allows remote
authenticated ...)
- TODO: check
+ NOT-FOR-US: mybb
CVE-2010-4625 (MyBB (aka MyBulletinBoard) before 1.4.12 does not properly
handle a ...)
- TODO: check
+ NOT-FOR-US: mybb
CVE-2010-4626 (The my_rand function in functions.php in MyBB (aka
MyBulletinBoard) ...)
- TODO: check
+ NOT-FOR-US: mybb
CVE-2010-4627 (Cross-site request forgery (CSRF) vulnerability in usercp2.php
in MyBB ...)
- TODO: check
+ NOT-FOR-US: mybb
CVE-2010-4628 (member.php in MyBB (aka MyBulletinBoard) before 1.4.12 makes a
certain ...)
- TODO: check
+ NOT-FOR-US: mybb
CVE-2010-4629 (MyBB (aka MyBulletinBoard) before 1.4.12 does not properly
restrict ...)
- TODO: check
+ NOT-FOR-US: mybb
CVE-2010-4630 (Cross-site scripting (XSS) vulnerability in ...)
- TODO: check
+ NOT-FOR-US: fubra wp survey and quiz tool
CVE-2010-4631 (Multiple cross-site scripting (XSS) vulnerabilities in ASPilot
Pilot ...)
- TODO: check
+ NOT-FOR-US: pilotcart pilot_cart
CVE-2010-4632 (Multiple SQL injection vulnerabilities in ASPilot Pilot Cart
7.3 allow ...)
- TODO: check
+ NOT-FOR-US: pilotcart pilot_cart
CVE-2010-4633 (SQL injection vulnerability in cart.php in digiSHOP 2.0.2
allows ...)
- TODO: check
+ NOT-FOR-US: sumeffect digishop
CVE-2010-4634 (** DISPUTED ** ...)
- TODO: check
+ NOT-FOR-US: osticket
CVE-2010-4635 (SQL injection vulnerability in detail.asp in Site2Nite Vacation
Rental ...)
- TODO: check
+ NOT-FOR-US: site2nite vacation_rental_listings
CVE-2010-4636 (SQL injection vulnerability in detail.asp in Site2Nite Business
...)
- TODO: check
+ NOT-FOR-US: site2nite business_e listings
CVE-2010-4637 (Cross-site scripting (XSS) vulnerability in
feedlist/handler_image.php ...)
- TODO: check
+ NOT-FOR-US: finalcut feedlist
CVE-2010-4638 (SQL injection vulnerability in the submitSurvey function in ...)
- TODO: check
+ NOT-FOR-US: iptechinside com_jquarks4s
CVE-2010-4639 (SQL injection vulnerability in index.php in MySource Matrix
allows ...)
- TODO: check
+ NOT-FOR-US: intendance mysource_matrix
CVE-2010-4640 (Multiple cross-site scripting (XSS) vulnerabilities in XWiki
Watch 1.0 ...)
- TODO: check
+ NOT-FOR-US: xwiki_watch
CVE-2010-4641 (SQL injection vulnerability in XWiki Enterprise before 2.5
allows ...)
- TODO: check
+ NOT-FOR-US: xwiki
CVE-2010-4642 (Cross-site scripting (XSS) vulnerability in XWiki Enterprise
before ...)
- TODO: check
+ NOT-FOR-US: xwiki
CVE-2010-4643
RESERVED
CVE-2010-4644 (Multiple memory leaks in rev_hunt.c in Apache Subversion before
1.6.15 ...)
@@ -95094,7 +95095,7 @@ CVE-2010-4644 (Multiple memory leaks in rev_hunt.c in
Apache Subversion before 1
CVE-2010-4645 (strtod.c, as used in the zend_strtod function in PHP 5.2 before
5.2.17 ...)
TODO: check
CVE-2010-4646 (Cross-site scripting (XSS) vulnerability in Hastymail2 before
1.01 ...)
- TODO: check
+ NOT-FOR-US: hastymail2
CVE-2010-4647 (Multiple cross-site scripting (XSS) vulnerabilities in the Help
...)
TODO: check
CVE-2010-4648
@@ -95140,59 +95141,59 @@ CVE-2010-4667
CVE-2010-4668 (The blk_rq_map_user_iov function in block/blk-map.c in the
Linux ...)
TODO: check
CVE-2010-4669 (The Neighbor Discovery (ND) protocol implementation in the IPv6
stack ...)
- TODO: check
+ NOT-FOR-US: microsoft windows_xp
CVE-2010-4670 (The Neighbor Discovery (ND) protocol implementation in the IPv6
stack ...)
- TODO: check
+ NOT-FOR-US: cisco pix_security_appliance
CVE-2010-4671 (The Neighbor Discovery (ND) protocol implementation in the IPv6
stack ...)
- TODO: check
+ NOT-FOR-US: cisco ios
CVE-2010-4672 (Cisco Adaptive Security Appliances (ASA) 5500 series devices
with ...)
- TODO: check
+ NOT-FOR-US: cisco asa_5500
CVE-2010-4673 (Cisco Adaptive Security Appliances (ASA) 5500 series devices
with ...)
- TODO: check
+ NOT-FOR-US: cisco asa_5500
CVE-2010-4674 (Unspecified vulnerability on Cisco Adaptive Security Appliances
(ASA) ...)
- TODO: check
+ NOT-FOR-US: cisco asa_5500
CVE-2010-4675 (Cisco Adaptive Security Appliances (ASA) 5500 series devices
with ...)
- TODO: check
+ NOT-FOR-US: cisco asa_5500
CVE-2010-4676 (Unspecified vulnerability on Cisco Adaptive Security Appliances
(ASA) ...)
- TODO: check
+ NOT-FOR-US: cisco asa_5500
CVE-2010-4677 (emWEB on Cisco Adaptive Security Appliances (ASA) 5500 series
devices ...)
- TODO: check
+ NOT-FOR-US: cisco asa_5500
CVE-2010-4678 (Cisco Adaptive Security Appliances (ASA) 5500 series devices
with ...)
- TODO: check
+ NOT-FOR-US: cisco asa_5500
CVE-2010-4679 (Cisco Adaptive Security Appliances (ASA) 5500 series devices
with ...)
- TODO: check
+ NOT-FOR-US: cisco asa_5500
CVE-2010-4680 (The WebVPN implementation on Cisco Adaptive Security Appliances
(ASA) ...)
- TODO: check
+ NOT-FOR-US: cisco asa_5500
CVE-2010-4681 (Unspecified vulnerability on Cisco Adaptive Security Appliances
(ASA) ...)
- TODO: check
+ NOT-FOR-US: cisco asa_5500
CVE-2010-4682 (Memory leak on Cisco Adaptive Security Appliances (ASA) 5500
series ...)
- TODO: check
+ NOT-FOR-US: cisco asa_5500
CVE-2010-4683 (Memory leak in Cisco IOS before 15.0(1)XA5 might allow remote
...)
- TODO: check
+ NOT-FOR-US: cisco ios
CVE-2010-4684 (Cisco IOS before 15.0(1)XA1, when certain TFTP debugging is
enabled, ...)
- TODO: check
+ NOT-FOR-US: cisco ios
CVE-2010-4685 (Cisco IOS before 15.0(1)XA1 does not clear the public key cache
upon a ...)
- TODO: check
+ NOT-FOR-US: cisco ios
CVE-2010-4686 (CallManager Express (CME) on Cisco IOS before 15.0(1)XA1 does
not ...)
- TODO: check
+ NOT-FOR-US: cisco ios
CVE-2010-4687 (STCAPP (aka the SCCP telephony control application) on Cisco
IOS ...)
- TODO: check
+ NOT-FOR-US: cisco ios
CVE-2010-4688 (Unspecified vulnerability in the SIP inspection feature on
Cisco ...)
- TODO: check
+ NOT-FOR-US: cisco asa_5500
CVE-2010-4689 (Cisco Adaptive Security Appliances (ASA) 5500 series devices
with ...)
- TODO: check
+ NOT-FOR-US: cisco asa_5500
CVE-2010-4690 (The Mobile User Security (MUS) service on Cisco Adaptive
Security ...)
- TODO: check
+ NOT-FOR-US: cisco asa_5500
CVE-2010-4691 (Unspecified vulnerability on Cisco Adaptive Security Appliances
(ASA) ...)
- TODO: check
+ NOT-FOR-US: cisco asa_5500
CVE-2010-4692 (Unspecified vulnerability on Cisco Adaptive Security Appliances
(ASA) ...)
- TODO: check
+ NOT-FOR-US: cisco asa_5500
CVE-2010-4693 (Multiple cross-site scripting (XSS) vulnerabilities in
Coppermine ...)
- TODO: check
+ NOT-FOR-US: coppermine gallery coppermine_photo_gallery
CVE-2010-4694 (Buffer overflow in gif2png.c in gif2png 2.5.3 and earlier might
allow ...)
- TODO: check
+ BUG: 351698
CVE-2010-4695 (A certain Fedora patch for gif2png.c in gif2png 2.5.1 and
2.5.2, as ...)
- TODO: check
+ BUG: 351698
CVE-2010-4696 (Multiple SQL injection vulnerabilities in Joomla! 1.5.x before
1.5.22 ...)
TODO: check
CVE-2010-4697 (Use-after-free vulnerability in the Zend engine in PHP before
5.2.15 ...)
@@ -95204,11 +95205,11 @@ CVE-2010-4699 (The iconv_mime_decode_headers function
in the Iconv extension in
CVE-2010-4700 (The set_magic_quotes_runtime function in PHP 5.3.2 and 5.3.3,
when the ...)
TODO: check
CVE-2010-4701 (Heap-based buffer overflow in the CDrawPoly::Serialize function
in ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows Fax Services Cover Page Editor
CVE-2010-4702 (SQL injection vulnerability in JRadio (com_jradio) component
before ...)
- TODO: check
+ NOT-FOR-US: JRadio com_jradio component
CVE-2010-4703 (SQL injection vulnerability in default.asp in HotWebScripts
HotWeb ...)
- TODO: check
+ NOT-FOR-US: HotWebScripts
CVE-2011-0001
RESERVED
CVE-2011-0002
