[Secure-testing-commits] r14250 - data/CVE

Joey Hess Thu, 11 Mar 2010 13:14:34 -0800

Author: joeyh
Date: 2010-03-11 21:14:20 +0000 (Thu, 11 Mar 2010)
New Revision: 14250


Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2010-03-11 19:44:35 UTC (rev 14249)
+++ data/CVE/list       2010-03-11 21:14:20 UTC (rev 14250)
@@ -1,3 +1,71 @@
+CVE-2010-0962 (The FTP proxy server in Apple AirPort Express, AirPort Extreme, 
and ...)
+       TODO: check
+CVE-2010-0961 (Buffer overflow in qoslist in bos.net.tcp.server in IBM AIX 6.1 
and ...)
+       TODO: check
+CVE-2010-0960 (Buffer overflow in qosmod in bos.net.tcp.server in IBM AIX 6.1 
and ...)
+       TODO: check
+CVE-2010-0959 (Cross-site scripting (XSS) vulnerability in ...)
+       TODO: check
+CVE-2010-0958 (Directory traversal vulnerability in modules/hayoo/index.php in 
...)
+       TODO: check
+CVE-2010-0957 (Directory traversal vulnerability in content.php in Saskia's 
...)
+       TODO: check
+CVE-2010-0956 (SQL injection vulnerability in index.php in OpenCart 1.3.2 
allows ...)
+       TODO: check
+CVE-2010-0955 (SQL injection vulnerability in index.php in Bild Flirt 
Community 2.0 ...)
+       TODO: check
+CVE-2010-0954 (SQL injection vulnerability in search_result.asp in Pre 
Projects Pre ...)
+       TODO: check
+CVE-2010-0953 (Directory traversal vulnerability in mod.php in phpCOIN 1.2.1 
allows ...)
+       TODO: check
+CVE-2010-0952 (SQL injection vulnerability in index.php in OneCMS 2.5, when 
...)
+       TODO: check
+CVE-2010-0951 (SQL injection vulnerability in go_target.php in dev4u CMS 
allows ...)
+       TODO: check
+CVE-2010-0950 (Multiple SQL injection vulnerabilities in Natychmiast CMS allow 
remote ...)
+       TODO: check
+CVE-2010-0949 (Multiple cross-site scripting (XSS) vulnerabilities in 
Natychmiast CMS ...)
+       TODO: check
+CVE-2010-0948 (SQL injection vulnerability in profil.php in Bigforum 4.5, when 
...)
+       TODO: check
+CVE-2010-0947 (Cross-site scripting (XSS) vulnerability in post.aspx in Max 
Network ...)
+       TODO: check
+CVE-2009-4697 (Multiple cross-site scripting (XSS) vulnerabilities in 
index.php in ...)
+       TODO: check
+CVE-2009-4696 (SQL injection vulnerability in index.php in RadNICS Gold 5 
allows ...)
+       TODO: check
+CVE-2009-4695 (SQL injection vulnerability in index.php in RadScripts RadLance 
Gold ...)
+       TODO: check
+CVE-2009-4694 (Cross-site scripting (XSS) vulnerability in index.php in 
RadScripts ...)
+       TODO: check
+CVE-2009-4693 (Multiple PHP remote file inclusion vulnerabilities in GraFX 
MiniCWB ...)
+       TODO: check
+CVE-2009-4692 (Cross-site scripting (XSS) vulnerability in index.php in 
RadScripts ...)
+       TODO: check
+CVE-2009-4691 (SQL injection vulnerability in addlink.php in Classified 
Linktrader ...)
+       TODO: check
+CVE-2009-4690 (Multiple cross-site scripting (XSS) vulnerabilities in 
YourFreeWorld ...)
+       TODO: check
+CVE-2009-4689 (SQL injection vulnerability in index.php in PHP Shopping Cart 
Selling ...)
+       TODO: check
+CVE-2009-4688 (Multiple cross-site scripting (XSS) vulnerabilities in 
index.php in ...)
+       TODO: check
+CVE-2009-4687 (SQL injection vulnerability in silentum_guestbook.php in 
Silentum ...)
+       TODO: check
+CVE-2009-4686 (Cross-site scripting (XSS) vulnerability in account.php in 
phplemon ...)
+       TODO: check
+CVE-2009-4685 (Cross-site scripting (XSS) vulnerability in celebrities.php in 
PHP ...)
+       TODO: check
+CVE-2009-4684 (Cross-site scripting (XSS) vulnerability in index.php in 
EZodiak ...)
+       TODO: check
+CVE-2009-4683 (Directory traversal vulnerability in vote.php in Good/Bad Vote 
allows ...)
+       TODO: check
+CVE-2009-4682 (Cross-site scripting (XSS) vulnerability in vote.php in 
Good/Bad Vote ...)
+       TODO: check
+CVE-2009-4681 (Cross-site scripting (XSS) vulnerability in search.php in ...)
+       TODO: check
+CVE-2009-4680 (SQL injection vulnerability in search.php in phpDirectorySource 
1.x ...)
+       TODO: check
 CVE-2010-XXXX [spamass-milter report on full-disclosure]
        - spamass-milter <unfixed> (bug #573228)
 CVE-2010-XXXX [mediawiki CSS validation]
@@ -44,8 +112,8 @@
        NOTE: http://www.phpbb.com/community/viewtopic.php?f=14&t=2014195
 CVE-2010-0928 (OpenSSL 0.9.8i on the Gaisler Research LEON3 SoC on the Xilinx 
...)
        TODO: check
-CVE-2010-0926
-       RESERVED
+CVE-2010-0926 (The default configuration of smbd in Samba before 3.3.11, 3.4.x 
before ...)
+       TODO: check
 CVE-2010-XXXX [dovecot DoS]
        - dovecot 1:1.2.11-1 (low)
        [lenny] - dovecot <not-affected> (Vulnerable code not present)
@@ -390,8 +458,8 @@
        RESERVED
 CVE-2010-0807
        RESERVED
-CVE-2010-0806
-       RESERVED
+CVE-2010-0806 (Use-after-free vulnerability in the Peer Objects component (aka 
...)
+       TODO: check
 CVE-2010-0805
        RESERVED
 CVE-2010-0804 (Cross-site scripting (XSS) vulnerability in index.php in 
iBoutique 4.0 ...)
@@ -422,13 +490,11 @@
        - fcron <unfixed> (low; bug #572587)
        [lenny] - fcron <no-dsa> (Minor issue)
        NOTE: http://seclists.org/fulldisclosure/2010/Mar/97
-CVE-2010-0791 [ncpfs denial-of-service]
-       RESERVED
+CVE-2010-0791 (The (1) ncpmount, (2) ncpumount, and (3) ncplogin programs in 
ncpfs ...)
        - ncpfs <unfixed> (bug #572937)
        [lenny] - ncpfs <no-dsa> (Minor issue)
        NOTE: http://seclists.org/fulldisclosure/2010/Mar/122
-CVE-2010-0790 [ncpmount info disclosure]
-       RESERVED
+CVE-2010-0790 (sutil/ncpumount.c in ncpumount in ncpfs 2.2.6 produces certain 
...)
        - ncpfs <unfixed> (bug #572937)
        [lenny] - ncpfs <no-dsa> (Minor issue)
        NOTE: http://seclists.org/fulldisclosure/2010/Mar/122
@@ -560,8 +626,7 @@
        RESERVED
 CVE-2010-0729
        RESERVED
-CVE-2010-0728 [samba insufficient permission validation]
-       RESERVED
+CVE-2010-0728 (smbd in Samba 3.3.11, 3.4.6, and 3.5.0, when libcap support is 
...)
        - samba 2:3.4.7~dfsg-1 (high)
        [lenny] - samba <not-affected> (Only affects 3.3.11, 3.4.6 and 3.5.0)
 CVE-2010-0727
@@ -1015,7 +1080,7 @@
        [lenny] - linux-2.6 <not-affected> (vulnerable code introduced in 
2.6.28)
        - linux-2.6.24 <not-affected> (vulnerable code introduced in 2.6.28)
 CVE-2010-0622 (The wake_futex_pi function in kernel/futex.c in the Linux 
kernel ...)
-       {DSA-2005-1 DSA-2003-1}
+       {DSA-2012-1 DSA-2005-1 DSA-2003-1}
        - linux-2.6 2.6.32-9 
        - linux-2.6.24 <removed>
 CVE-2010-0564 (Buffer overflow in Trend Micro URL Filtering Engine (TMUFE) in 
...)
@@ -1340,8 +1405,8 @@
        RESERVED
 CVE-2010-0448
        RESERVED
-CVE-2010-0447
-       RESERVED
+CVE-2010-0447 (The helpmanager servlet in the web server in HP OpenView 
Performance ...)
+       TODO: check
 CVE-2010-0446 (Unspecified vulnerability on the HP DreamScreen 100 and 130 
with ...)
        NOT-FOR-US: HP DreamScreen
 CVE-2010-0445 (Unspecified vulnerability in HP Network Node Manager (NNM) 
8.10, 8.11, ...)
@@ -1415,8 +1480,8 @@
 CVE-2010-0419 (The x86 emulator in KVM 83, when a guest is configured for 
Symmetric ...)
        {DSA-2010-1}
        TODO: check
-CVE-2010-0418
-       RESERVED
+CVE-2010-0418 (The web interface in chumby one before 1.0.4 and chumby classic 
before ...)
+       TODO: check
 CVE-2010-0417 (Buffer overflow in common/util/rlstate.cpp in Helix Player 
1.0.6 and ...)
        NOT-FOR-US: RealPlayer/Helix Player
 CVE-2010-0416 (Buffer overflow in the Unescape function in 
common/util/hxurl.cpp and ...)
@@ -1987,24 +2052,24 @@
        RESERVED
 CVE-2010-0266
        RESERVED
-CVE-2010-0265
-       RESERVED
-CVE-2010-0264
-       RESERVED
-CVE-2010-0263
-       RESERVED
-CVE-2010-0262
-       RESERVED
-CVE-2010-0261
-       RESERVED
-CVE-2010-0260
-       RESERVED
+CVE-2010-0265 (Buffer overflow in Microsoft Windows Movie Maker 2.1, 2.6, and 
6.0, ...)
+       TODO: check
+CVE-2010-0264 (Microsoft Office Excel 2002 SP3, Office 2004 and 2008 for Mac, 
and ...)
+       TODO: check
+CVE-2010-0263 (Microsoft Office Excel 2007 SP1 and SP2; Office 2008 for Mac; 
Open XML ...)
+       TODO: check
+CVE-2010-0262 (Microsoft Office Excel 2007 SP1 and SP2 and Office 2004 for Mac 
do not ...)
+       TODO: check
+CVE-2010-0261 (Heap-based buffer overflow in Microsoft Office Excel 2007 SP1 
and SP2 ...)
+       TODO: check
+CVE-2010-0260 (Heap-based buffer overflow in Microsoft Office Excel 2007 SP1 
and SP2; ...)
+       TODO: check
 CVE-2010-0259
        RESERVED
-CVE-2010-0258
-       RESERVED
-CVE-2010-0257
-       RESERVED
+CVE-2010-0258 (Microsoft Office Excel 2002 SP3, 2003 SP3, and 2007 SP1 and 
SP2; ...)
+       TODO: check
+CVE-2010-0257 (Microsoft Office Excel 2002 SP3 does not properly parse the 
Excel file ...)
+       TODO: check
 CVE-2010-0256
        RESERVED
 CVE-2010-0255 (Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, 7, and 8 does 
not ...)
@@ -2453,8 +2518,8 @@
        RESERVED
 CVE-2010-0104
        RESERVED
-CVE-2010-0103
-       RESERVED
+CVE-2010-0103 (UsbCharger.dll in the Energizer DUO USB battery charger 
software ...)
+       TODO: check
 CVE-2010-0102
        RESERVED
 CVE-2010-0101
@@ -4897,6 +4962,7 @@
        [lenny] - linux-2.6 2.6.26-21
        - linux-2.6.24 <removed> (medium)
 CVE-2009-3725 (The connector layer in the Linux kernel before 2.6.31.5 does 
not ...)
+       {DSA-2012-1}
        - linux-2.6 2.6.31-1 (medium)
        [etch] - linux-2.6 <not-affected> (Vulnerable code not present)
        - linux-2.6.24 <removed> (medium)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r14250 - data/CVE

Reply via email to