Author: joeyh
Date: 2010-03-31 21:14:42 +0000 (Wed, 31 Mar 2010)
New Revision: 14370
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2010-03-31 19:14:35 UTC (rev 14369)
+++ data/CVE/list 2010-03-31 21:14:42 UTC (rev 14370)
@@ -1,6 +1,64 @@
+CVE-2010-1219 (Directory traversal vulnerability in the JA News (com_janews)
...)
+ TODO: check
+CVE-2010-1218 (Cross-site scripting (XSS) vulnerability in the mm_forum
extension ...)
+ TODO: check
+CVE-2010-1217 (Directory traversal vulnerability in the JE Form Creator ...)
+ TODO: check
+CVE-2010-1216 (PHP remote file inclusion vulnerability in
templates/template.php in ...)
+ TODO: check
+CVE-2010-1215
+ RESERVED
+CVE-2010-1214
+ RESERVED
+CVE-2010-1213
+ RESERVED
+CVE-2010-1212
+ RESERVED
+CVE-2010-1211
+ RESERVED
+CVE-2010-1210
+ RESERVED
+CVE-2010-1209
+ RESERVED
+CVE-2010-1208
+ RESERVED
+CVE-2010-1207
+ RESERVED
+CVE-2010-1206
+ RESERVED
+CVE-2010-1205
+ RESERVED
+CVE-2010-1204
+ RESERVED
+CVE-2010-1203
+ RESERVED
+CVE-2010-1202
+ RESERVED
+CVE-2010-1201
+ RESERVED
+CVE-2010-1200
+ RESERVED
+CVE-2010-1199
+ RESERVED
+CVE-2010-1198
+ RESERVED
+CVE-2010-1197
+ RESERVED
+CVE-2010-1196
+ RESERVED
+CVE-2010-1194
+ RESERVED
+CVE-2010-1191
+ RESERVED
+CVE-2010-1186
+ RESERVED
+CVE-2009-4763 (Unspecified vulnerability in the ClickHeat plugin, as used in
...)
+ TODO: check
CVE-2010-1188 [linux-2.6: ipv6 skb unexpectedly freed]
+ RESERVED
- linux-2.6 2.6.20-1
CVE-2010-1187 [linux-2.6: ticp oops]
+ RESERVED
- linux-2.6 <unfixed>
CVE-2010-1185 (Stack-based buffer overflow in serv.exe in SAP MaxDB 7.4.3.32,
and ...)
NOT-FOR-US: SAP MaxDB
@@ -567,6 +625,7 @@
CVE-2007-6733 (The nfs_lock function in fs/nfs/file.c in the Linux kernel 2.6.9
does ...)
- linux-2.6 2.6.10-1
CVE-2010-1195 [ikiwiki htmlscrubber XSS via svg images]
+ RESERVED
{DSA-2020-1}
- ikiwiki 3.20100312 (low)
[lenny] - ikwiki 2.53.5
@@ -700,11 +759,13 @@
- spamass-milter 0.3.1-9 (bug #573228)
[lenny] - spamass-milter 0.3.1-8+lenny1
CVE-2010-1189 [mediawiki CSS validation]
+ RESERVED
{DSA-2022-1}
- mediawiki 1:1.15.2-1 (low)
NOTE:
http://lists.wikimedia.org/pipermail/mediawiki-announce/2010-March/000088.html
[lenny] - mediawiki 1:1.12.0-2lenny4
CVE-2010-1190 [mediawiki data leak in thumb.php]
+ RESERVED
{DSA-2022-1}
- mediawiki 1:1.15.2-1 (low)
[lenny] - mediawiki 1:1.12.0-2lenny4
@@ -1006,7 +1067,7 @@
- openjdk-6 <undetermined>
- sun-java6 <unfixed>
[lenny] - sun-java6 <no-dsa> (Non-free not supported)
-CVE-2010-0840
+CVE-2010-0840
RESERVED
- openjdk-6 <undetermined>
- sun-java6 <unfixed>
@@ -1092,9 +1153,11 @@
[lenny] - shibboleth-sp2 <no-dsa> (Minor issue)
- shibboleth-sp <not-affected> (Vulnerable code not present)
CVE-2010-1192 [libesmtp doesn''t handle null bytes in commonname]
+ RESERVED
- libesmtp <unfixed> (bug #572960)
NOTE: http://www.openwall.com/lists/oss-security/2010/03/03/6
CVE-2010-1193 [libesmtp wildcard handling]
+ RESERVED
- libesmtp <undetermined>
NOTE: http://www.openwall.com/lists/oss-security/2010/03/30/10
TODO: check
@@ -1919,16 +1982,16 @@
RESERVED
CVE-2010-0538
RESERVED
-CVE-2010-0537
- RESERVED
+CVE-2010-0537 (DesktopServices in Apple Mac OS X 10.6 before 10.6.3 does not
properly ...)
+ TODO: check
CVE-2010-0536
RESERVED
-CVE-2010-0535
- RESERVED
-CVE-2010-0534
- RESERVED
-CVE-2010-0533
- RESERVED
+CVE-2010-0535 (Dovecot in Apple Mac OS X 10.6 before 10.6.3, when Kerberos is
...)
+ TODO: check
+CVE-2010-0534 (Wiki Server in Apple Mac OS X 10.6 before 10.6.3 does not
enforce the ...)
+ TODO: check
+CVE-2010-0533 (Directory traversal vulnerability in AFP Server in Apple Mac OS
X ...)
+ TODO: check
CVE-2010-0532
RESERVED
CVE-2010-0531
@@ -1941,66 +2004,66 @@
RESERVED
CVE-2010-0527
RESERVED
-CVE-2010-0526
- RESERVED
-CVE-2010-0525
- RESERVED
-CVE-2010-0524
- RESERVED
-CVE-2010-0523
- RESERVED
-CVE-2010-0522
- RESERVED
-CVE-2010-0521
- RESERVED
-CVE-2010-0520
- RESERVED
-CVE-2010-0519
- RESERVED
-CVE-2010-0518
- RESERVED
-CVE-2010-0517
- RESERVED
-CVE-2010-0516
- RESERVED
-CVE-2010-0515
- RESERVED
-CVE-2010-0514
- RESERVED
-CVE-2010-0513
- RESERVED
-CVE-2010-0512
- RESERVED
-CVE-2010-0511
- RESERVED
-CVE-2010-0510
- RESERVED
-CVE-2010-0509
- RESERVED
-CVE-2010-0508
- RESERVED
-CVE-2010-0507
- RESERVED
-CVE-2010-0506
- RESERVED
-CVE-2010-0505
- RESERVED
-CVE-2010-0504
- RESERVED
-CVE-2010-0503
- RESERVED
-CVE-2010-0502
- RESERVED
-CVE-2010-0501
- RESERVED
-CVE-2010-0500
- RESERVED
+CVE-2010-0526 (Heap-based buffer overflow in QuickTime in Apple Mac OS X before
...)
+ TODO: check
+CVE-2010-0525 (Mail in Apple Mac OS X before 10.6.3 does not properly enforce
the key ...)
+ TODO: check
+CVE-2010-0524 (The default configuration of the FreeRADIUS server in Apple Mac
OS X ...)
+ TODO: check
+CVE-2010-0523 (Wiki Server in Apple Mac OS X 10.5.8 does not restrict the file
types ...)
+ TODO: check
+CVE-2010-0522 (Server Admin in Apple Mac OS X Server 10.5.8 does not properly
...)
+ TODO: check
+CVE-2010-0521 (Server Admin in Apple Mac OS X Server before 10.6.3 does not
properly ...)
+ TODO: check
+CVE-2010-0520 (Heap-based buffer overflow in QuickTime in Apple Mac OS X before
...)
+ TODO: check
+CVE-2010-0519 (Integer overflow in QuickTime in Apple Mac OS X before 10.6.3
allows ...)
+ TODO: check
+CVE-2010-0518 (QuickTime in Apple Mac OS X before 10.6.3 allows remote
attackers to ...)
+ TODO: check
+CVE-2010-0517 (Heap-based buffer overflow in QuickTime in Apple Mac OS X before
...)
+ TODO: check
+CVE-2010-0516 (Heap-based buffer overflow in QuickTime in Apple Mac OS X before
...)
+ TODO: check
+CVE-2010-0515 (QuickTime in Apple Mac OS X before 10.6.3 allows remote
attackers to ...)
+ TODO: check
+CVE-2010-0514 (Heap-based buffer overflow in QuickTime in Apple Mac OS X before
...)
+ TODO: check
+CVE-2010-0513 (Stack-based buffer overflow in PS Normalizer in Apple Mac OS X
before ...)
+ TODO: check
+CVE-2010-0512 (The Accounts Preferences implementation in Apple Mac OS X 10.6
before ...)
+ TODO: check
+CVE-2010-0511 (Podcast Producer in Apple Mac OS X 10.6 before 10.6.3 deletes
the ...)
+ TODO: check
+CVE-2010-0510 (Password Server in Apple Mac OS X Server before 10.6.3 does not
...)
+ TODO: check
+CVE-2010-0509 (SFLServer in OS Services in Apple Mac OS X before 10.6.3 allows
local ...)
+ TODO: check
+CVE-2010-0508 (Mail in Apple Mac OS X before 10.6.3 does not disable the filter
rules ...)
+ TODO: check
+CVE-2010-0507 (Buffer overflow in Image RAW in Apple Mac OS X before 10.6.3
allows ...)
+ TODO: check
+CVE-2010-0506 (Buffer overflow in Image RAW in Apple Mac OS X 10.5.8 allows
remote ...)
+ TODO: check
+CVE-2010-0505 (Heap-based buffer overflow in ImageIO in Apple Mac OS X before
10.6.3 ...)
+ TODO: check
+CVE-2010-0504 (Multiple stack-based buffer overflows in iChat Server in Apple
Mac OS ...)
+ TODO: check
+CVE-2010-0503 (Use-after-free vulnerability in iChat Server in Apple Mac OS X
Server ...)
+ TODO: check
+CVE-2010-0502 (iChat Server in Apple Mac OS X Server before 10.6.3, when group
chat ...)
+ TODO: check
+CVE-2010-0501 (Directory traversal vulnerability in FTP Server in Apple Mac OS
X ...)
+ TODO: check
+CVE-2010-0500 (Event Monitor in Apple Mac OS X before 10.6.3 does not properly
...)
+ TODO: check
CVE-2010-0499
RESERVED
-CVE-2010-0498
- RESERVED
-CVE-2010-0497
- RESERVED
+CVE-2010-0498 (Directory Services in Apple Mac OS X before 10.6.3 does not
properly ...)
+ TODO: check
+CVE-2010-0497 (Disk Images in Apple Mac OS X before 10.6.3 does not provide the
...)
+ TODO: check
CVE-2010-0496 (FreeBit ServersMan 3.1.5 on Apple iPhone OS 3.1.2, and iPhone OS
for ...)
NOT-FOR-US: Apple iPhone OS
CVE-2010-0495
@@ -3864,28 +3927,27 @@
- php5 5.2.11.dfsg.1-1 (low)
NOTE: CVE requested
NOTE: from "Shocking News in PHP Exploitation" by Stefan Esser
-CVE-2010-0065
- RESERVED
-CVE-2010-0064
- RESERVED
-CVE-2010-0063
- RESERVED
-CVE-2010-0062
- RESERVED
+CVE-2010-0065 (Disk Images in Apple Mac OS X before 10.6.3 allows user-assisted
...)
+ TODO: check
+CVE-2010-0064 (DesktopServices in Apple Mac OS X 10.6 before 10.6.3 preserves
file ...)
+ TODO: check
+CVE-2010-0063 (Incomplete blacklist vulnerability in CoreTypes in Apple Mac OS
X ...)
+ TODO: check
+CVE-2010-0062 (Heap-based buffer overflow in CoreMedia and QuickTime in Apple
Mac OS ...)
+ TODO: check
CVE-2010-0061
RESERVED
-CVE-2010-0060
- RESERVED
-CVE-2010-0059
- RESERVED
-CVE-2010-0058
- RESERVED
-CVE-2010-0057
- RESERVED
-CVE-2010-0056
- RESERVED
-CVE-2010-0055 [xar Signature verification bypass]
- RESERVED
+CVE-2010-0060 (CoreAudio in Apple Mac OS X before 10.6.3 allows remote
attackers to ...)
+ TODO: check
+CVE-2010-0059 (CoreAudio in Apple Mac OS X before 10.6.3 allows remote
attackers to ...)
+ TODO: check
+CVE-2010-0058 (freshclam in ClamAV in Apple Mac OS X 10.5.8 with Security
Update ...)
+ TODO: check
+CVE-2010-0057 (AFP Server in Apple Mac OS X before 10.6.3 does not prevent
guest use ...)
+ TODO: check
+CVE-2010-0056 (Buffer overflow in Cocoa spell checking in AppKit in Apple Mac
OS X ...)
+ TODO: check
+CVE-2010-0055 (xar in Apple Mac OS X 10.5.8 does not properly validate package
...)
- xar <removed> (bug #572556)
[lenny] - xar <no-dsa> (Minor issue)
CVE-2010-0054 (Use-after-free vulnerability in WebKit in Apple Safari before
4.0.5 ...)
@@ -8820,8 +8882,8 @@
NOT-FOR-US: Apple Mac OS X
CVE-2009-2802
RESERVED
-CVE-2009-2801
- RESERVED
+CVE-2009-2801 (The Application Firewall in Apple Mac OS X 10.5.8 drops
unspecified ...)
+ TODO: check
CVE-2009-2800 (Buffer overflow in Alias Manager in Apple Mac OS X 10.4.11 and
10.5.8 ...)
NOT-FOR-US: Apple Mac OS X
CVE-2009-2799 (Heap-based buffer overflow in Apple QuickTime before 7.6.4
allows ...)