[Secure-testing-commits] r14761 - data/CVE

Joey Hess Fri, 28 May 2010 14:16:28 -0700

Author: joeyh
Date: 2010-05-28 21:15:43 +0000 (Fri, 28 May 2010)
New Revision: 14761


Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2010-05-27 21:15:03 UTC (rev 14760)
+++ data/CVE/list       2010-05-28 21:15:43 UTC (rev 14761)
@@ -1,3 +1,45 @@
+CVE-2010-2104 (Directory traversal vulnerability in Orbit Downloader 3.0.0.4 
and ...)
+       TODO: check
+CVE-2010-2103 (Cross-site scripting (XSS) vulnerability in ...)
+       TODO: check
+CVE-2010-2102 (Buffer overflow in Webby Webserver 1.01 allows remote attackers 
to ...)
+       TODO: check
+CVE-2010-2101 (The (1) strip_tags, (2) setcookie, (3) strtok, (4) wordwrap, 
(5) ...)
+       TODO: check
+CVE-2010-2100 (The (1) htmlentities, (2) htmlspecialchars, (3) str_getcsv, (4) 
...)
+       TODO: check
+CVE-2010-2099 (bbcode/php.bb in e107 0.7.20 and earlier does not perform 
access ...)
+       TODO: check
+CVE-2010-2098 (Incomplete blacklist vulnerability in usersettings.php in e107 
0.7.20 ...)
+       TODO: check
+CVE-2010-2097 (The (1) iconv_mime_decode, (2) iconv_substr, and (3) 
iconv_mime_encode ...)
+       TODO: check
+CVE-2010-2096 (Directory traversal vulnerability in index.php in CMSQlite 1.2 
and ...)
+       TODO: check
+CVE-2010-2095 (SQL injection vulnerability in index.php in CMSQlite 1.2 and 
earlier ...)
+       TODO: check
+CVE-2010-2094 (Multiple format string vulnerabilities in the phar extension in 
PHP ...)
+       TODO: check
+CVE-2010-2093 (Use-after-free vulnerability in the request shutdown 
functionality in ...)
+       TODO: check
+CVE-2010-2092 (SQL injection vulnerability in graph.php in Cacti 0.8.7e and 
earlier ...)
+       TODO: check
+CVE-2010-2091 (Microsoft Outlook Web Access (OWA) 8.2.254.0, when Internet 
Explorer 7 ...)
+       TODO: check
+CVE-2010-2090 (The npb_protocol_error function in sna V5router64 in IBM ...)
+       TODO: check
+CVE-2010-2089 (The audioop module in Python 2.7 and 3.2 does not verify the 
...)
+       TODO: check
+CVE-2010-2088 (ASP.NET in Microsoft .NET 3.5 does not properly handle an 
unencrypted ...)
+       TODO: check
+CVE-2010-2087 (Oracle Mojarra 1.2_14 and 2.0.2, as used in IBM WebSphere 
Application ...)
+       TODO: check
+CVE-2010-2086 (Apache MyFaces 1.1.7 and 1.2.8, as used in IBM WebSphere 
Application ...)
+       TODO: check
+CVE-2010-2085 (The default configuration of ASP.NET in Microsoft .NET before 
1.1 has ...)
+       TODO: check
+CVE-2010-2084 (Microsoft ASP.NET 2.0 does not prevent setting the InnerHtml 
property ...)
+       TODO: check
 CVE-2010-2083 (Microsoft Dynamics GP has a default value of ACCESS for the 
system ...)
        TODO: check
 CVE-2010-2082 (The web interface on the Cisco Scientific Atlanta WebSTAR 
DPC2100R2 ...)
@@ -281,8 +323,8 @@
        RESERVED
 CVE-2010-1960
        RESERVED
-CVE-2010-1959
-       RESERVED
+CVE-2010-1959 (Unspecified vulnerability in HP TestDirector for Quality Center 
9.2 ...)
+       TODO: check
 CVE-2010-1958
        RESERVED
 CVE-2010-1957 (Directory traversal vulnerability in the Love Factory ...)
@@ -1032,8 +1074,8 @@
        [lenny] - linux-2.6 <not-affected> (brtfs introduced in 2.6.32)
 CVE-2010-1635
        RESERVED
-CVE-2010-1634
-       RESERVED
+CVE-2010-1634 (Multiple integer overflows in audioop.c in the audioop module 
in ...)
+       TODO: check
 CVE-2010-1633
        RESERVED
 CVE-2010-1632
@@ -1578,8 +1620,8 @@
        NOT-FOR-US: Photo Battle Component for Joomla!
 CVE-2010-1460 (The IBM BladeCenter with Advanced Management Module (AMM) 
firmware ...)
        NOT-FOR-US: IBM BladeCenter Management Module
-CVE-2010-1459
-       RESERVED
+CVE-2010-1459 (The default configuration of ASP.NET in Mono before 2.6.4 has a 
value ...)
+       TODO: check
 CVE-2010-1458 (Stack-based buffer overflow in Create and Extract Zips TweakFS 
Zip ...)
        NOT-FOR-US: TweakFS
 CVE-2010-1167 (fetchmail 4.6.3 through 6.3.16, when debug mode is enabled, 
does not ...)
@@ -1605,10 +1647,10 @@
 CVE-2010-1451 (The TSB I-TLB load implementation in arch/sparc/kernel/tsb.S in 
the ...)
        {DSA-2053-1}
        - linux-2.6 2.6.32-10
-CVE-2010-1450
-       RESERVED
-CVE-2010-1449
-       RESERVED
+CVE-2010-1450 (Multiple buffer overflows in the RLE decoder in the rgbimg 
module in ...)
+       TODO: check
+CVE-2010-1449 (Integer overflow in rgbimgmodule.c in the rgbimg module in 
Python 2.5 ...)
+       TODO: check
 CVE-2010-1448 [lxr XSS on the search page]
        RESERVED
        - lxr-cvs <unfixed>
@@ -1954,8 +1996,8 @@
        NOT-FOR-US: Pulse CMS
 CVE-2010-1297
        RESERVED
-CVE-2010-1296
-       RESERVED
+CVE-2010-1296 (Multiple buffer overflows in Adobe Photoshop CS4 before 11.0.2 
allow ...)
+       TODO: check
 CVE-2010-1295
        RESERVED
 CVE-2010-1294 (Unspecified vulnerability in Adobe ColdFusion 8.0, 8.0.1, and 
9.0 ...)
@@ -4014,18 +4056,18 @@
        NOT-FOR-US: Cisco PGW
 CVE-2010-0601 (The MGCP implementation on the Cisco PGW 2200 Softswitch with 
software ...)
        NOT-FOR-US: Cisco PGW
-CVE-2010-0600
-       RESERVED
-CVE-2010-0599
-       RESERVED
-CVE-2010-0598
-       RESERVED
-CVE-2010-0597
-       RESERVED
-CVE-2010-0596
-       RESERVED
-CVE-2010-0595
-       RESERVED
+CVE-2010-0600 (Cisco Mediator Framework 1.5.1 before 1.5.1.build.14-eng, 2.2 
before ...)
+       TODO: check
+CVE-2010-0599 (Cisco Mediator Framework 1.5.1 before 1.5.1.build.14-eng, 2.2 
before ...)
+       TODO: check
+CVE-2010-0598 (Cisco Mediator Framework 1.5.1 before 1.5.1.build.14-eng, 2.2 
before ...)
+       TODO: check
+CVE-2010-0597 (Unspecified vulnerability in Cisco Mediator Framework 1.5.1 
before ...)
+       TODO: check
+CVE-2010-0596 (Unspecified vulnerability in Cisco Mediator Framework 2.2 
before ...)
+       TODO: check
+CVE-2010-0595 (Cisco Mediator Framework 1.5.1 before 1.5.1.build.14-eng, 2.2 
before ...)
+       TODO: check
 CVE-2010-0594 (Cross-site scripting (XSS) vulnerability in Cisco Router and 
Security ...)
        NOT-FOR-US: Cisco Router and Security Device Manager
 CVE-2010-0593 (The Cisco RVS4000 4-port Gigabit Security Router before 
1.3.2.0, ...)
@@ -6923,8 +6965,8 @@
 CVE-2009-4135 (The distcheck rule in dist-check.mk in GNU coreutils 5.2.1 
through 8.1 ...)
        - coreutils <not-affected> (this issue only affects the coreutils build 
process; bug #560898)
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=545439
-CVE-2009-4134
-       RESERVED
+CVE-2009-4134 (Buffer underflow in the rgbimg module in Python 2.5 allows 
remote ...)
+       TODO: check
 CVE-2009-4133 (Condor 6.5.4 through 7.2.4, 7.3.x, and 7.4.0, as used in MRG, 
Grid for ...)
        - condor <itp> (bug #233482)
 CVE-2009-4132


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r14761 - data/CVE

Reply via email to