Author: joeyh
Date: 2010-03-30 21:14:51 +0000 (Tue, 30 Mar 2010)
New Revision: 14357
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2010-03-30 20:45:16 UTC (rev 14356)
+++ data/CVE/list 2010-03-30 21:14:51 UTC (rev 14357)
@@ -1,3 +1,121 @@
+CVE-2010-1185 (Stack-based buffer overflow in serv.exe in SAP MaxDB 7.4.3.32,
and ...)
+ TODO: check
+CVE-2010-1184 (The Microsoft wireless keyboard uses XOR encryption with a key
derived ...)
+ TODO: check
+CVE-2010-1183 (Certain patch-installation scripts in Oracle Solaris allow local
users ...)
+ TODO: check
+CVE-2010-1182 (Multiple unspecified vulnerabilities in the administrative
console in ...)
+ TODO: check
+CVE-2010-1181 (Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote
attackers ...)
+ TODO: check
+CVE-2010-1180 (Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote
attackers ...)
+ TODO: check
+CVE-2010-1179 (Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote
attackers ...)
+ TODO: check
+CVE-2010-1178 (Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote
attackers ...)
+ TODO: check
+CVE-2010-1177 (Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote
attackers ...)
+ TODO: check
+CVE-2010-1176 (Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote
attackers ...)
+ TODO: check
+CVE-2010-1175 (Microsoft Internet Explorer 7.0 on Windows XP and Windows Server
2003 ...)
+ TODO: check
+CVE-2010-1174 (Cisco TFTP Server 1.1 allows remote attackers to cause a denial
of ...)
+ TODO: check
+CVE-2010-1173
+ RESERVED
+CVE-2010-1172
+ RESERVED
+CVE-2010-1171
+ RESERVED
+CVE-2010-1170
+ RESERVED
+CVE-2010-1169
+ RESERVED
+CVE-2010-1168
+ RESERVED
+CVE-2010-1167
+ RESERVED
+CVE-2010-1166
+ RESERVED
+CVE-2010-1165
+ RESERVED
+CVE-2010-1164
+ RESERVED
+CVE-2010-1163
+ RESERVED
+CVE-2010-1162
+ RESERVED
+CVE-2010-1161
+ RESERVED
+CVE-2010-1160
+ RESERVED
+CVE-2010-1159
+ RESERVED
+CVE-2010-1158
+ RESERVED
+CVE-2010-1157
+ RESERVED
+CVE-2010-1156
+ RESERVED
+CVE-2010-1155
+ RESERVED
+CVE-2010-1154
+ RESERVED
+CVE-2010-1153
+ RESERVED
+CVE-2010-1152
+ RESERVED
+CVE-2010-1151
+ RESERVED
+CVE-2010-1150
+ RESERVED
+CVE-2010-1149
+ RESERVED
+CVE-2010-1148
+ RESERVED
+CVE-2010-1147
+ RESERVED
+CVE-2010-1146
+ RESERVED
+CVE-2010-1145
+ RESERVED
+CVE-2010-1144
+ RESERVED
+CVE-2010-1143
+ RESERVED
+CVE-2010-1142
+ RESERVED
+CVE-2010-1141
+ RESERVED
+CVE-2010-1140
+ RESERVED
+CVE-2010-1139
+ RESERVED
+CVE-2010-1138
+ RESERVED
+CVE-2010-1137
+ RESERVED
+CVE-2009-4762 (MoinMoin 1.7.x before 1.7.3 and 1.8.x before 1.8.3 checks parent
ACLs ...)
+ TODO: check
+CVE-2009-4761 (Stack-based buffer overflow in Mini-stream RM Downloader allows
remote ...)
+ TODO: check
+CVE-2009-4760 (Winn ASP Guestbook 1.01 Beta stores sensitive information under
the ...)
+ TODO: check
+CVE-2009-4759 (Buffer overflow in BrotherSoft BMXPlay 0.4.4b allows remote
attackers ...)
+ TODO: check
+CVE-2009-4758 (Stack-based buffer overflow in dicas Mpegable Player 2.12 allows
...)
+ TODO: check
+CVE-2009-4757 (Stack-based buffer overflow in BrotherSoft EW-MusicPlayer 0.8
allows ...)
+ TODO: check
+CVE-2009-4756 (Stack-based buffer overflow in TraktorBeatport.exe 1.0.0.283 in
...)
+ TODO: check
+CVE-2009-4755 (Multiple stack-based buffer overflows in Mercury Audio Player
1.21 ...)
+ TODO: check
+CVE-2009-4754 (Stack-based buffer overflow in Mercury Audio Player 1.21 allows
remote ...)
+ TODO: check
+CVE-2009-4753 (Multiple buffer overflows in the FTP server on the Addonics NAS
...)
+ TODO: check
CVE-2010-1136 (The Standard Remember method in TikiWiki CMS/Groupware 3.x
before 3.5 ...)
TODO: check
CVE-2010-1135 (The user_logout function in TikiWiki CMS/Groupware 4.x before
4.2 does ...)
@@ -445,6 +563,7 @@
CVE-2007-6733 (The nfs_lock function in fs/nfs/file.c in the Linux kernel 2.6.9
does ...)
- linux-2.6 2.6.10-1
CVE-2010-1195 [ikiwiki htmlscrubber XSS via svg images]
+ {DSA-2020-1}
- ikiwiki 3.20100312 (low)
[lenny] - ikwiki 2.53.5
CVE-2010-XXXX [linux-2.6 drbd connector issue]
@@ -577,10 +696,12 @@
- spamass-milter 0.3.1-9 (bug #573228)
[lenny] - spamass-milter 0.3.1-8+lenny1
CVE-2010-1189 [mediawiki CSS validation]
+ {DSA-2022-1}
- mediawiki 1:1.15.2-1 (low)
NOTE:
http://lists.wikimedia.org/pipermail/mediawiki-announce/2010-March/000088.html
[lenny] - mediawiki 1:1.12.0-2lenny4
CVE-2010-1190 [mediawiki data leak in thumb.php]
+ {DSA-2022-1}
- mediawiki 1:1.15.2-1 (low)
[lenny] - mediawiki 1:1.12.0-2lenny4
NOTE:
http://lists.wikimedia.org/pipermail/mediawiki-announce/2010-March/000088.html
@@ -1922,10 +2043,10 @@
NOT-FOR-US: Publique! CMS
CVE-2010-0453 (The ucode_ioctl function in intel/io/ucode_drv.c in Sun Solaris
10 and ...)
NOT-FOR-US: Sun Solaris
-CVE-2010-0452
- RESERVED
-CVE-2010-0451
- RESERVED
+CVE-2010-0452 (Multiple cross-site scripting (XSS) vulnerabilities in HP
Project and ...)
+ TODO: check
+CVE-2010-0451 (The installation process for NFS/ONCplus B.11.31_08 and earlier
on HP ...)
+ TODO: check
CVE-2010-0450
RESERVED
CVE-2010-0449
@@ -12497,7 +12618,7 @@
NOT-FOR-US: Node Access User Reference module for Drupal
CVE-2009-1506 (SQL injection vulnerability in classes/Xp.php in eLitius 1.0
allows ...)
NOT-FOR-US: eLitius
-CVE-2009-1505 (SQL injection vulnerability in News Page 5.x before 5.x-1.2
module, a ...)
+CVE-2009-1505 (SQL injection vulnerability in the News Page module 5.x before
5.x-1.2 ...)
NOT-FOR-US: News Page module for Drupal
CVE-2009-1504 (Absolute Form Processor XE 1.5 allows remote attackers to bypass
...)
NOT-FOR-US: Absolute Form Processor XE
@@ -77817,9 +77938,9 @@
NOT-FOR-US: Uapplication Uphotogallery
CVE-2005-1427 (Uapplication Uphotogallery stores the database under the web
document ...)
NOT-FOR-US: Uapplication Uphotogallery
-CVE-2005-1426 (Uapplication Ublog Reload stores the database under the web
document ...)
+CVE-2005-1426 (Uapplication Ublog Reload stores sensitive information under the
web ...)
NOT-FOR-US: Uapplication Ublog
-CVE-2005-1425 (Uapplication Uguestbook stores the database under the web
document ...)
+CVE-2005-1425 (Uapplication Uguestbook 1.0 stores sensitive information under
the web ...)
NOT-FOR-US: Uapplication Uguestbook
CVE-2005-1424 (StumbleInside GoText 1.01 stores sensitive username, mail
address,and ...)
NOT-FOR-US: GoText