Author: joeyh
Date: 2010-08-19 21:14:45 +0000 (Thu, 19 Aug 2010)
New Revision: 15172

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2010-08-19 16:11:32 UTC (rev 15171)
+++ data/CVE/list       2010-08-19 21:14:45 UTC (rev 15172)
@@ -1,3 +1,49 @@
+CVE-2010-3052
+       RESERVED
+CVE-2010-3051
+       RESERVED
+CVE-2010-3050
+       RESERVED
+CVE-2010-3049
+       RESERVED
+CVE-2010-3048
+       RESERVED
+CVE-2010-3047
+       RESERVED
+CVE-2010-3046
+       RESERVED
+CVE-2010-3045
+       RESERVED
+CVE-2010-3044
+       RESERVED
+CVE-2010-3043
+       RESERVED
+CVE-2010-3042
+       RESERVED
+CVE-2010-3041
+       RESERVED
+CVE-2010-3040
+       RESERVED
+CVE-2010-3039
+       RESERVED
+CVE-2010-3038
+       RESERVED
+CVE-2010-3037
+       RESERVED
+CVE-2010-3036
+       RESERVED
+CVE-2010-3035
+       RESERVED
+CVE-2010-3034
+       RESERVED
+CVE-2010-3033
+       RESERVED
+CVE-2010-3032 (Integer overflow in the OBGIOPServerWorker::extractHeader 
function in ...)
+       TODO: check
+CVE-2010-3031 (Buffer overflow in Wyse ThinOS HF 4.4.079i, and possibly other 
...)
+       TODO: check
+CVE-2010-3030 (Cross-site request forgery (CSRF) vulnerability in Tomaz Muraus 
Open ...)
+       TODO: check
 CVE-2010-3029 (SQL injection vulnerability in statistics.php in PHPKick 0.8 
allows ...)
        TODO: check
 CVE-2010-3028 (The Aardvertiser component before 2.2.1 for Joomla! uses 
insecure ...)
@@ -25,7 +71,7 @@
 CVE-2010-3017
        RESERVED
 CVE-2010-3016
-       RESERVED
+       REJECTED
 CVE-2010-3013 (SQL injection vulnerability in groupadmin.php in Pligg before 
1.1.1 ...)
        TODO: check
 CVE-2010-3012
@@ -196,8 +242,8 @@
        RESERVED
 CVE-2010-2940
        RESERVED
-CVE-2010-2939
-       RESERVED
+CVE-2010-2939 (Double free vulnerability in the ssl3_get_key_exchange function 
in the ...)
+       TODO: check
 CVE-2010-2938
        RESERVED
 CVE-2010-2937
@@ -206,8 +252,8 @@
        RESERVED
 CVE-2010-2935
        RESERVED
-CVE-2010-2934
-       RESERVED
+CVE-2010-2934 (Multiple unspecified vulnerabilities in ZNC 0.092 allow remote 
...)
+       TODO: check
 CVE-2010-2933 (SQL injection vulnerability in AV Scripts AV Arcade 3 allows 
remote ...)
        NOT-FOR-US: AV Arcade
 CVE-2010-2932 (Buffer overflow in BarCodeWiz BarCode 3.29 ActiveX control ...)
@@ -519,8 +565,8 @@
        {DSA-2091-1}
        - squirrelmail 2:1.4.21-1 (low)
        [lenny] - squirrelmail <no-dsa> (low-risk issue)
-CVE-2010-2812
-       RESERVED
+CVE-2010-2812 (Client.cpp in ZNC 0.092 allows remote attackers to cause a 
denial of ...)
+       TODO: check
 CVE-2010-2811
        RESERVED
 CVE-2010-2810
@@ -1997,8 +2043,8 @@
        RESERVED
        - libvirt 0.8.3-1 (low)
        [lenny] - libvirt <no-dsa> (Minor issue)
-CVE-2010-2241
-       RESERVED
+CVE-2010-2241 (The (1) setup-ds.pl and (2) setup-ds-admin.pl setup scripts for 
Red ...)
+       TODO: check
 CVE-2010-2240 [mm: keep a guard page below a grow-down stack segment]
        RESERVED
        - linux-2.6 2.6.32-21
@@ -2889,8 +2935,8 @@
        - php5 <unfixed> (unimportant)
 CVE-2010-1871 (JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise 
Application ...)
        - jbossas4 <not-affected> (Only builds a few libraries, not the full 
application server, #581226)
-CVE-2010-1870
-       RESERVED
+CVE-2010-1870 (The OGNL extensive expression evaluation capability in XWork in 
Struts ...)
+       TODO: check
 CVE-2010-1869 (Stack-based buffer overflow in the parser function in 
GhostScript 8.70 ...)
        {DSA-2080-1}
        - ghostscript 8.71~dfsg-4 
@@ -3871,10 +3917,10 @@
        RESERVED
 CVE-2010-1526
        RESERVED
-CVE-2010-1525
-       RESERVED
-CVE-2010-1524
-       RESERVED
+CVE-2010-1525 (Integer underflow in the SpreadSheet Lotus 123 reader 
(wkssr.dll) in ...)
+       TODO: check
+CVE-2010-1524 (The SpreadSheet Lotus 123 reader (wkssr.dll) in Autonomy 
KeyView 10.4 ...)
+       TODO: check
 CVE-2010-1523
        RESERVED
 CVE-2010-1522 (Multiple SQL injection vulnerabilities in the BookLibrary Basic 
...)
@@ -3889,8 +3935,8 @@
        NOT-FOR-US: GIGABYTE Dldrv2 ActiveX control
 CVE-2010-1517 (The GIGABYTE Dldrv2 ActiveX control 1.4.206.11 allows remote 
attackers ...)
        NOT-FOR-US: GIGABYTE Dldrv2 ActiveX control
-CVE-2010-1516
-       RESERVED
+CVE-2010-1516 (Multiple integer overflows in SWFTools 0.9.1 allow remote 
attackers to ...)
+       TODO: check
 CVE-2010-1515 (Multiple cross-site scripting (XSS) vulnerabilities in 
index.php in ...)
        NOT-FOR-US: TomatoCMS
 CVE-2010-1514 (Unrestricted file upload vulnerability in TomatoCMS 2.0.6 and 
earlier ...)
@@ -8198,16 +8244,16 @@
 CVE-2010-0136 (OpenOffice.org (OOo) 2.0.4, 2.4.1, and 3.1.1 does not properly 
enforce ...)
        {DSA-1995-1}
        - openoffice.org 1:3.1.1-11
-CVE-2010-0135
-       RESERVED
-CVE-2010-0134
-       RESERVED
-CVE-2010-0133
-       RESERVED
+CVE-2010-0135 (Heap-based buffer overflow in the WordPerfect 5.x reader 
(wosr.dll), ...)
+       TODO: check
+CVE-2010-0134 (Integer signedness error in rtfsr.dll in Autonomy KeyView 10.4 
and ...)
+       TODO: check
+CVE-2010-0133 (Multiple stack-based buffer overflows in the SpreadSheet Lotus 
123 ...)
+       TODO: check
 CVE-2010-0132 (Cross-site scripting (XSS) vulnerability in ViewVC 1.1 before 
1.1.5 ...)
        - viewvc 1.1.5-1 (bug #576307)
-CVE-2010-0131
-       RESERVED
+CVE-2010-0131 (Stack-based buffer overflow in the SpreadSheet Lotus 123 reader 
...)
+       TODO: check
 CVE-2010-0130 (Integer overflow in Adobe Shockwave Player before 11.5.7.609 
might ...)
        NOT-FOR-US: Adobe Shockwave Player
 CVE-2010-0129 (Multiple integer overflows in Adobe Shockwave Player before 
11.5.7.609 ...)
@@ -8216,8 +8262,8 @@
        NOT-FOR-US: Adobe Shockwave Player
 CVE-2010-0127 (Adobe Shockwave Player before 11.5.7.609 allows remote 
attackers to ...)
        NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-0126
-       RESERVED
+CVE-2010-0126 (Heap-based buffer overflow in an unspecified library in 
Autonomy ...)
+       TODO: check
 CVE-2010-0125
        RESERVED
 CVE-2010-0124 (Employee Timeclock Software 0.99 places the database password 
on the ...)
@@ -10731,8 +10777,8 @@
        NOT-FOR-US: Micrologix
 CVE-2009-3738
        RESERVED
-CVE-2009-3737
-       RESERVED
+CVE-2009-3737 (The Oracle Siebel Option Pack for IE ActiveX control does not 
properly ...)
+       TODO: check
 CVE-2009-3736 (ltdl.c in libltdl in GNU Libtool 1.5.x, and 2.2.6 before 
2.2.6b, as ...)
        {DSA-1958-1}
        - libtool 2.2.6b-1 (low; bug #559797)


_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

Reply via email to