[Secure-testing-commits] r14686 - data/CVE

Joey Hess Wed, 12 May 2010 14:14:38 -0700

Author: joeyh
Date: 2010-05-12 21:14:23 +0000 (Wed, 12 May 2010)
New Revision: 14686


Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2010-05-12 17:08:25 UTC (rev 14685)
+++ data/CVE/list       2010-05-12 21:14:23 UTC (rev 14686)
@@ -1,20 +1,115 @@
-CVE-2010-1918 [MOPS-2010-018 EFront ask_chat]
+CVE-2010-1933
+       RESERVED
+CVE-2010-1932
+       RESERVED
+CVE-2010-1931
+       RESERVED
+CVE-2010-1930
+       RESERVED
+CVE-2010-1929
+       RESERVED
+CVE-2010-1919
+       RESERVED
+CVE-2010-1913 (The default configuration of pluginlicense.ini for the ...)
+       TODO: check
+CVE-2010-1912 (The SdcWebSecureBase interface in tgctlcm.dll in Consona Live 
...)
+       TODO: check
+CVE-2010-1911 (The site-locking implementation in the SdcWebSecureBase 
interface in ...)
+       TODO: check
+CVE-2010-1910 (The Forgot Password implementation in Consona Live Assistance, 
Dynamic ...)
+       TODO: check
+CVE-2010-1909 (Buffer overflow in the RunCmd method in the SdcUser.TgConCtl 
ActiveX ...)
+       TODO: check
+CVE-2010-1908 (The SdcUser.TgConCtl ActiveX control in tgctlcm.dll in Consona 
Live ...)
+       TODO: check
+CVE-2010-1907 (The SdcUser.TgConCtl ActiveX control in tgctlcm.dll in Consona 
Live ...)
+       TODO: check
+CVE-2010-1906 (tgsrv.exe in the Repair Service in Consona Dynamic Agent, 
Repair ...)
+       TODO: check
+CVE-2010-1905 (Multiple cross-site scripting (XSS) vulnerabilities in Consona 
Live ...)
+       TODO: check
+CVE-2010-1904
+       RESERVED
+CVE-2010-1903
+       RESERVED
+CVE-2010-1902
+       RESERVED
+CVE-2010-1901
+       RESERVED
+CVE-2010-1900
+       RESERVED
+CVE-2010-1899
+       RESERVED
+CVE-2010-1898
+       RESERVED
+CVE-2010-1897
+       RESERVED
+CVE-2010-1896
+       RESERVED
+CVE-2010-1895
+       RESERVED
+CVE-2010-1894
+       RESERVED
+CVE-2010-1893
+       RESERVED
+CVE-2010-1892
+       RESERVED
+CVE-2010-1891
+       RESERVED
+CVE-2010-1890
+       RESERVED
+CVE-2010-1889
+       RESERVED
+CVE-2010-1888
+       RESERVED
+CVE-2010-1887
+       RESERVED
+CVE-2010-1886
+       RESERVED
+CVE-2010-1885
+       RESERVED
+CVE-2010-1884
+       RESERVED
+CVE-2010-1883
+       RESERVED
+CVE-2010-1882
+       RESERVED
+CVE-2010-1881
+       RESERVED
+CVE-2010-1880
+       RESERVED
+CVE-2010-1879
+       RESERVED
+CVE-2010-1878 (Directory traversal vulnerability in the OrgChart 
(com_orgchart) ...)
+       TODO: check
+CVE-2010-1877 (SQL injection vulnerability in the JTM Reseller (com_jtm) 
component ...)
+       TODO: check
+CVE-2010-1876 (SQL injection vulnerability in index.php in AJ Shopping Cart 
1.0 ...)
+       TODO: check
+CVE-2010-1875 (Directory traversal vulnerability in the Real Estate Property 
...)
+       TODO: check
+CVE-2010-1874 (SQL injection vulnerability in the Real Estate Property ...)
+       TODO: check
+CVE-2010-1873 (SQL injection vulnerability in the Jvehicles (com_jvehicles) 
component ...)
+       TODO: check
+CVE-2010-1872 (Cross-site scripting (XSS) vulnerability in cPlayer.php in 
FlashCard ...)
+       TODO: check
+CVE-2010-1918 (SQL injection vulnerability in ask_chat.php in eFront 3.6.2 and 
...)
        NOT-FOR-US: EFront ask_chat
-CVE-2010-1917 [MOPS-2010-021 fnmatch stack exhaustion]
+CVE-2010-1917 (Stack consumption vulnerability in PHP 5.2 through 5.2.13 and 
5.3 ...)
        - php5 <unfixed> (low)
        [lenny] - php5 <no-dsa> (low)
-CVE-2010-1916 [MOPS-2010-019 xinha config injection]
+CVE-2010-1916 (The dynamic configuration feature in Xinha WYSIWYG editor 0.96 
Beta 2 ...)
        TODO: check the embedded copies
-CVE-2010-1915 [MOPS-2010-017 preg_quote]
+CVE-2010-1915 (The preg_quote function in PHP 5.2 through 5.2.13 and 5.3 
through ...)
        - php5 <unfixed> (unimportant)
-CVE-2010-1914 [MOPS-2010-014,15,16]
+CVE-2010-1914 (The Zend Engine in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 
allows ...)
        - php5 <unfixed> (unimportant)
 CVE-2010-1871
        RESERVED
 CVE-2010-1870
        RESERVED
-CVE-2010-1869 [ghostscript buffer overflow]
-       RESERVED
+CVE-2010-1869 (Stack-based buffer overflow in the parser function in 
GhostScript 8.70 ...)
        - ghostscript <undetermined>
        NOTE: http://www.openwall.com/lists/oss-security/2010/05/11/3
        TODO: check
@@ -609,8 +704,8 @@
        RESERVED
 CVE-2010-1621
        RESERVED
-CVE-2010-1620
-       RESERVED
+CVE-2010-1620 (Integer overflow in the load_iface function in Tools/gdomap.c 
in ...)
+       TODO: check
 CVE-2010-1612 (The IBM WebSphere DataPower XML Accelerator XA35, Low Latency 
...)
        NOT-FOR-US: IBM WebSphere DataPower XML Accelerator
 CVE-2010-1611 (Cross-site request forgery (CSRF) vulnerability in AlegroCart 
1.1 ...)
@@ -1050,8 +1145,8 @@
        RESERVED
 CVE-2010-1482
        RESERVED
-CVE-2010-1481
-       RESERVED
+CVE-2010-1481 (Cross-site scripting (XSS) vulnerability in the table feature 
in ...)
+       TODO: check
 CVE-2010-1480 (SQL injection vulnerability in the RokModule (com_rokmodule) 
component ...)
        NOT-FOR-US: component for Joomla!
 CVE-2010-1479 (SQL injection vulnerability in the RokModule (com_rokmodule) 
component ...)
@@ -1119,15 +1214,13 @@
        [lenny] - fetchmail <no-dsa> (only vulnerable when run under debug 
verbosity level)
        NOTE: http://www.fetchmail.info/fetchmail-SA-2010-02.txt
        NOTE: http://gitorious.org/fetchmail/fetchmail/commit/ec06293
-CVE-2010-1457 [gdomap file disclosure]
-       RESERVED
+CVE-2010-1457 (Tools/gdomap.c in gdomap in GNUstep Base before 1.20.0 allows 
local ...)
        - gnustep-base <unfixed>
        [lenny] - gnustep-base <not-affected> (Not installed setuid root)
        NOTE: http://thread.gmane.org/gmane.comp.lib.gnustep.bugs/12336
 CVE-2010-1456
        RESERVED
-CVE-2010-1455 [DOCSIS wireshark]
-       RESERVED
+CVE-2010-1455 (The DOCSIS dissector in Wireshark 0.9.6 through 1.0.12 and 
1.2.0 ...)
        - wireshark <unfixed> (unimportant)
        NOTE: Not triggerable remotely
 CVE-2010-1454
@@ -2950,10 +3043,10 @@
        RESERVED
 CVE-2010-0817 (Cross-site scripting (XSS) vulnerability in _layouts/help.aspx 
in ...)
        NOT-FOR-US: Microsoft SharePoint Server
-CVE-2010-0816
-       RESERVED
-CVE-2010-0815
-       RESERVED
+CVE-2010-0816 (Integer overflow in inetcomm.dll in Microsoft Outlook Express 
5.5 SP2, ...)
+       TODO: check
+CVE-2010-0815 (VBE6.DLL in Microsoft Office XP SP3, Office 2003 SP3, 2007 
Microsoft ...)
+       TODO: check
 CVE-2010-0814
        RESERVED
 CVE-2010-0813
@@ -3160,8 +3253,8 @@
 CVE-2010-0731 (The gnutls_x509_crt_get_serial function in the GnuTLS library 
before ...)
        - gnutls26 <not-affected> (Fixed before initial release)
        - gnutls13 1.2.1-1
-CVE-2010-0730
-       RESERVED
+CVE-2010-0730 (The MMIO instruction decoder in the Xen hypervisor in the Linux 
kernel ...)
+       TODO: check
 CVE-2010-0729 (A certain Red Hat patch for the Linux kernel in Red Hat 
Enterprise ...)
        - linux-2.6 <not-affected> (vulnerability in redhat-specific patch)
 CVE-2010-0728 (smbd in Samba 3.3.11, 3.4.6, and 3.5.0, when libcap support is 
...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r14686 - data/CVE

Reply via email to