[Secure-testing-commits] r17547 - data/CVE

Joey Hess Thu, 03 Nov 2011 14:14:39 -0700

Author: joeyh
Date: 2011-11-03 21:14:29 +0000 (Thu, 03 Nov 2011)
New Revision: 17547


Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2011-11-03 18:01:49 UTC (rev 17546)
+++ data/CVE/list       2011-11-03 21:14:29 UTC (rev 17547)
@@ -1,3 +1,119 @@
+CVE-2011-4274 (Cross-site scripting (XSS) vulnerability in the A-Form PC and 
...)
+       TODO: check
+CVE-2011-4273 (Multiple cross-site scripting (XSS) vulnerabilities in GoAhead 
...)
+       TODO: check
+CVE-2011-4272
+       RESERVED
+CVE-2011-4271
+       RESERVED
+CVE-2011-4270
+       RESERVED
+CVE-2011-4269
+       RESERVED
+CVE-2011-4268
+       RESERVED
+CVE-2011-4267
+       RESERVED
+CVE-2011-4266
+       RESERVED
+CVE-2011-4265
+       RESERVED
+CVE-2011-4264
+       RESERVED
+CVE-2011-4263
+       RESERVED
+CVE-2010-5045 (Cross-site scripting (XSS) vulnerability in poll/default.asp in 
Smart ...)
+       TODO: check
+CVE-2010-5044 (SQL injection vulnerability in models/log.php in the Search Log 
...)
+       TODO: check
+CVE-2010-5043 (SQL injection vulnerability in the DJ-ArtGallery 
(com_djartgallery) ...)
+       TODO: check
+CVE-2010-5042 (Cross-site scripting (XSS) vulnerability in the DJ-ArtGallery 
...)
+       TODO: check
+CVE-2010-5041 (SQL injection vulnerability in index.php in the NP_Gallery 
plugin 0.94 ...)
+       TODO: check
+CVE-2010-5040 (PHP remote file inclusion vulnerability in ...)
+       TODO: check
+CVE-2010-5039 (SQL injection vulnerability in control/admin_login.php in 
ScriptsFeed ...)
+       TODO: check
+CVE-2010-5038 (PHP remote file inclusion vulnerability in contact/contact.php 
in ...)
+       TODO: check
+CVE-2010-5037 (SQL injection vulnerability in article.php in SenseSites 
CommonSense ...)
+       TODO: check
+CVE-2010-5036 (SQL injection vulnerability in addsale.php in iScripts eSwap 
2.0 ...)
+       TODO: check
+CVE-2010-5035 (Cross-site scripting (XSS) vulnerability in search.php in 
iScripts ...)
+       TODO: check
+CVE-2010-5034 (SQL injection vulnerability in viewhistorydetail.php in 
iScripts ...)
+       TODO: check
+CVE-2010-5033 (SQL injection vulnerability in ProductList.cfm in Fusebox 5.5.1 
allows ...)
+       TODO: check
+CVE-2010-5032 (SQL injection vulnerability in the BF Quiz (com_bfquiztrial) 
component ...)
+       TODO: check
+CVE-2010-5031 (Cross-site scripting (XSS) vulnerability in index.php in 
fileNice 1.1 ...)
+       TODO: check
+CVE-2010-5030 (Cross-site scripting (XSS) vulnerability in index.php in Ecomat 
CMS ...)
+       TODO: check
+CVE-2010-5029 (SQL injection vulnerability in index.php in Ecomat CMS 5.0 
allows ...)
+       TODO: check
+CVE-2010-5028 (SQL injection vulnerability in the JExtensions JE Job 
(com_jejob) ...)
+       TODO: check
+CVE-2010-5027 (Cross-site scripting (XSS) vulnerability in winners.php in 
Science ...)
+       TODO: check
+CVE-2010-5026 (SQL injection vulnerability in winners.php in Science Fair In A 
Box ...)
+       TODO: check
+CVE-2010-5025 (Cross-site scripting (XSS) vulnerability in manage/main.php in 
...)
+       TODO: check
+CVE-2010-5024 (SQL injection vulnerability in manage/add_user.php in CuteSITE 
CMS ...)
+       TODO: check
+CVE-2010-5023 (SQL injection vulnerability in index.asp in Digital Interchange 
...)
+       TODO: check
+CVE-2010-5022 (SQL injection vulnerability in the JExtensions JE Story Submit 
...)
+       TODO: check
+CVE-2010-5021 (SQL injection vulnerability in view_group.asp in Digital 
Interchange ...)
+       TODO: check
+CVE-2010-5020 (SQL injection vulnerability in index.php in NetArt Media 
iBoutique 4.0 ...)
+       TODO: check
+CVE-2010-5019 (SQL injection vulnerability in view_photo.php in 2daybiz Online 
...)
+       TODO: check
+CVE-2010-5018 (Cross-site scripting (XSS) vulnerability in ...)
+       TODO: check
+CVE-2010-5017 (SQL injection vulnerability in stats.php in Elite Gaming 
Ladders 3.0 ...)
+       TODO: check
+CVE-2010-5016 (SQL injection vulnerability in matchdb.php in Elite Gaming 
Ladders 3.5 ...)
+       TODO: check
+CVE-2010-5015 (SQL injection vulnerability in view_photo.php in 2daybiz 
Network ...)
+       TODO: check
+CVE-2010-5014 (SQL injection vulnerability in standings.php in Elite Gaming 
Ladders ...)
+       TODO: check
+CVE-2010-5013 (SQL injection vulnerability in listing_detail.asp in Mckenzie 
...)
+       TODO: check
+CVE-2010-5012 (SQL injection vulnerability in new.php in DaLogin 2.2 and 2.2.5 
allows ...)
+       TODO: check
+CVE-2010-5011 (SQL injection vulnerability in schoolmv2/html/studentmain.php 
in ...)
+       TODO: check
+CVE-2010-5010 (Cross-site scripting (XSS) vulnerability in ...)
+       TODO: check
+CVE-2010-5009 (SQL injection vulnerability in index.php in UTStats Beta 4 and 
earlier ...)
+       TODO: check
+CVE-2010-5008 (SQL injection vulnerability in pages/contact_list_mail_form.asp 
in ...)
+       TODO: check
+CVE-2010-5007 (Cross-site scripting (XSS) vulnerability in 
pages/match_report.php in ...)
+       TODO: check
+CVE-2010-5006 (SQL injection vulnerability in googlemap/index.php in EMO 
Realty ...)
+       TODO: check
+CVE-2010-5005 (Cross-site scripting (XSS) vulnerability in ...)
+       TODO: check
+CVE-2010-5004 (SQL injection vulnerability in searchvote.php in 2daybiz Polls 
(aka ...)
+       TODO: check
+CVE-2010-5000 (SQL injection vulnerability in login/login_index.php in MCLogin 
System ...)
+       TODO: check
+CVE-2010-4998 (PHP remote file inclusion vulnerability in ...)
+       TODO: check
+CVE-2010-4997 (SQL injection vulnerability in index.php in OlyKit Swoopo Clone 
2010 ...)
+       TODO: check
+CVE-2010-4971 (Cross-site scripting (XSS) vulnerability in VideoWhisper PHP 2 
Way ...)
+       TODO: check
 CVE-2011-4262
        RESERVED
 CVE-2011-4261
@@ -547,12 +663,10 @@
        - linux-2.6 3.0.0-6
 CVE-2011-4076
        RESERVED
-CVE-2011-4075 [phpldapadmin arbitrary execution]
-       RESERVED
+CVE-2011-4075 (The masort function in lib/functions.php in phpLDAPadmin 1.2.x 
before ...)
        {DSA-2333-1}
        - phpldapadmin 1.2.0.5-2.1 (bug #646754)
-CVE-2011-4074 [phpldapadmin XSS]
-       RESERVED
+CVE-2011-4074 (Cross-site scripting (XSS) vulnerability in cmd.php in 
phpLDAPadmin ...)
        {DSA-2333-1}
        - phpldapadmin 1.2.0.5-2.1 (bug #646769)
 CVE-2011-4073
@@ -917,8 +1031,8 @@
        RESERVED
 CVE-2011-4006
        RESERVED
-CVE-2011-4005
-       RESERVED
+CVE-2011-4005 (Cross-site request forgery (CSRF) vulnerability in the Services 
Ready ...)
+       TODO: check
 CVE-2011-4004 (Buffer overflow in the ATAS32 processing functionality in the 
Cisco ...)
        NOT-FOR-US: Cisco Webex
 CVE-2011-4003
@@ -937,8 +1051,8 @@
        RESERVED
 CVE-2011-3996
        RESERVED
-CVE-2011-3995
-       RESERVED
+CVE-2011-3995 (Unspecified vulnerability in Twilight Frontier Touhou Hisouten 
1.06 ...)
+       TODO: check
 CVE-2011-3994
        RESERVED
 CVE-2011-3993
@@ -2667,8 +2781,8 @@
        NOT-FOR-US: Scadatec Limited Procyon SCADA
 CVE-2011-3321 (Heap-based buffer overflow in the Siemens WinCC Runtime 
Advanced ...)
        NOT-FOR-US: SIMATIC WinCC
-CVE-2011-3320
-       RESERVED
+CVE-2011-3320 (Cross-site scripting (XSS) vulnerability in the Web 
Administrator ...)
+       TODO: check
 CVE-2011-3319 (Buffer overflow in the WRF parsing functionality in the Cisco 
WebEx ...)
        NOT-FOR-US: WebEx
 CVE-2011-3318 (Cisco Video Surveillance 2421 and 2500 series cameras with 
software ...)
@@ -3085,12 +3199,12 @@
        RESERVED
 CVE-2011-3168
        RESERVED
-CVE-2011-3167
-       RESERVED
-CVE-2011-3166
-       RESERVED
-CVE-2011-3165
-       RESERVED
+CVE-2011-3167 (Unspecified vulnerability in HP OpenView Network Node Manager 
(OV NNM) ...)
+       TODO: check
+CVE-2011-3166 (Unspecified vulnerability in HP OpenView Network Node Manager 
(OV NNM) ...)
+       TODO: check
+CVE-2011-3165 (Unspecified vulnerability in HP OpenView Network Node Manager 
(OV NNM) ...)
+       TODO: check
 CVE-2011-3164
        RESERVED
 CVE-2011-3163 (HP MFP Digital Sending Software 4.9x through 4.91.21 allows 
local ...)
@@ -4575,8 +4689,8 @@
        NOT-FOR-US: Cisco VPN Client
 CVE-2011-2677 (Cybozu Office before 8.0.0 allows remote authenticated users to 
bypass ...)
        TODO: check
-CVE-2011-2676
-       RESERVED
+CVE-2011-2676 (The A-Form and A-Form bamboo before 1.3.6 and 2.x before 2.0.3, 
and ...)
+       TODO: check
 CVE-2011-2675 (Cross-site scripting (XSS) vulnerability in Enkai-kun before 
110916 ...)
        NOT-FOR-US: Enkai-kun
 CVE-2011-2674 (BaserCMS before 1.6.12 does not properly restrict additions to 
the ...)
@@ -6568,10 +6682,10 @@
        - pmake 1.111-3 (low; bug #626673)
        [squeeze] - pmake 1.111-2+squeeze1
        [lenny] - pmake 1.111-1+lenny1
-CVE-2011-1919
-       RESERVED
-CVE-2011-1918
-       RESERVED
+CVE-2011-1919 (Multiple stack-based buffer overflows in GE Intelligent 
Platforms ...)
+       TODO: check
+CVE-2011-1918 (Stack-based buffer overflow in the Data Archiver service in GE 
...)
+       TODO: check
 CVE-2011-1917
        RESERVED
 CVE-2011-1916


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r17547 - data/CVE

Reply via email to