Author: joeyh Date: 2010-07-12 21:14:25 +0000 (Mon, 12 Jul 2010) New Revision: 14983 Modified: data/CVE/list Log: automatic update Modified: data/CVE/list ==================================================================--- data/CVE/list 2010-07-12 16:40:53 UTC (rev 14982) +++ data/CVE/list 2010-07-12 21:14:25 UTC (rev 14983) @@ -1,3 +1,105 @@ +CVE-2010-2692 (Cross-site scripting (XSS) vulnerability in 2daybiz Custom T-Shirt ...) + TODO: check +CVE-2010-2691 (Multiple SQL injection vulnerabilities in 2daybiz Custom T-Shirt ...) + TODO: check +CVE-2010-2690 (SQL injection vulnerability in the JOOFORGE Gamesbox (com_gamesbox) ...) + TODO: check +CVE-2010-2689 (SQL injection vulnerability in cont_form.php in Internet DM WebDM CMS ...) + TODO: check +CVE-2010-2688 (SQL injection vulnerability in detail.asp in Site2Nite Boat ...) + TODO: check +CVE-2010-2687 (SQL injection vulnerability in printdetail.asp in Site2Nite Boat ...) + TODO: check +CVE-2010-2686 (Multiple SQL injection vulnerabilities in clientes.asp in TopManage ...) + TODO: check +CVE-2010-2685 (siteadmin/adduser.php in Customer Paradigm PageDirector CMS does not ...) + TODO: check +CVE-2010-2684 (SQL injection vulnerability in index.php in Customer Paradigm ...) + TODO: check +CVE-2010-2683 (SQL injection vulnerability in result.php in Customer Paradigm ...) + TODO: check +CVE-2010-2682 (Directory traversal vulnerability in the Realtyna Translator ...) + TODO: check +CVE-2010-2681 (PHP remote file inclusion vulnerability in the SEF404x (com_sef) ...) + TODO: check +CVE-2010-2680 (Directory traversal vulnerability in the JExtensions JE ...) + TODO: check +CVE-2010-2679 (SQL injection vulnerability in the Weblinks (com_weblinks) component ...) + TODO: check +CVE-2010-2678 (SQL injection vulnerability in xmap (com_xmap) component for Joomla! ...) + TODO: check +CVE-2010-2677 (PHP remote file inclusion vulnerability in mw_plugin.php in Open Web ...) + TODO: check +CVE-2010-2676 (Multiple directory traversal vulnerabilities in index.php in Open Web ...) + TODO: check +CVE-2010-2675 (Cross-site scripting (XSS) vulnerability in index.php in TSOKA:CMS ...) + TODO: check +CVE-2010-2674 (SQL injection vulnerability in index.php in TSOKA:CMS 1.1, 1.9, and ...) + TODO: check +CVE-2010-2673 (SQL injection vulnerability in profile_view.php in Devana 1.6.6 and ...) + TODO: check +CVE-2010-2672 (Multiple SQL injection vulnerabilities in eZ Publish 3.7.0 through ...) + TODO: check +CVE-2010-2671 (Cross-site scripting (XSS) vulnerability in advancedsearch.php in eZ ...) + TODO: check +CVE-2010-2670 (SQL injection vulnerability in recipedetail.php in BrotherScripts ...) + TODO: check +CVE-2010-2669 (Cross-site scripting (XSS) vulnerability in ...) + TODO: check +CVE-2010-2668 (Unspecified vulnerability in Adaptive Micro Systems ALPHA Ethernet ...) + TODO: check +CVE-2010-2667 + RESERVED +CVE-2010-2666 (Opera before 10.54 on Windows and Mac OS X does not properly enforce ...) + TODO: check +CVE-2010-2665 (Cross-site scripting (XSS) vulnerability in Opera before 10.54 on ...) + TODO: check +CVE-2010-2664 (Opera before 10.60 allows remote attackers to cause a denial of ...) + TODO: check +CVE-2010-2663 (Opera before 10.60 allows remote attackers to cause a denial of ...) + TODO: check +CVE-2010-2662 (Opera before 10.60 allows remote attackers to bypass the popup blocker ...) + TODO: check +CVE-2010-2661 (Opera before 10.54 on Windows and Mac OS X, and before 10.60 on UNIX ...) + TODO: check +CVE-2010-2660 (Opera before 10.54 on Windows and Mac OS X, and before 10.60 on UNIX ...) + TODO: check +CVE-2010-2659 (Opera before 10.50 on Windows, before 10.52 on Mac OS X, and before ...) + TODO: check +CVE-2010-2658 (Opera before 10.60 does not properly restrict certain interaction ...) + TODO: check +CVE-2010-2657 (Opera before 10.60 on Windows and Mac OS X does not properly prevent ...) + TODO: check +CVE-2010-2656 (The IBM BladeCenter with Advanced Management Module (AMM) firmware ...) + TODO: check +CVE-2010-2655 (Directory traversal vulnerability in private/file_management.php on ...) + TODO: check +CVE-2010-2654 (Multiple cross-site scripting (XSS) vulnerabilities on the IBM ...) + TODO: check +CVE-2010-2653 + RESERVED +CVE-2009-4935 (SQL injection vulnerability in ogp_show.php in Online Guestbook Pro ...) + TODO: check +CVE-2009-4934 (Cross-site scripting (XSS) vulnerability in index.php in Online Photo ...) + TODO: check +CVE-2009-4933 (Multiple SQL injection vulnerabilities in login.php in EZ Webitor ...) + TODO: check +CVE-2009-4932 (Stack-based buffer overflow in 1by1 1.67 (aka 1.6.7.0) allows remote ...) + TODO: check +CVE-2009-4931 (Stack-based buffer overflow in Groovy Media Player 1.1.0 allows remote ...) + TODO: check +CVE-2009-4930 (Cross-site scripting (XSS) vulnerability in the ...) + TODO: check +CVE-2009-4929 (admin/manage_users.php in TotalCalendar 2.4 does not require ...) + TODO: check +CVE-2009-4928 (PHP remote file inclusion vulnerability in config.php in TotalCalendar ...) + TODO: check +CVE-2009-4927 (WB News 2.1.2 allows remote attackers to bypass authentication and ...) + TODO: check +CVE-2009-4926 (Multiple cross-site scripting (XSS) vulnerabilities in Online Contact ...) + TODO: check +CVE-2009-4925 (Multiple SQL injection vulnerabilities in Portale e-commerce Creasito ...) + TODO: check CVE-2010-2652 (Google Chrome before 5.0.375.99 does not properly implement modal ...) TODO: check CVE-2010-2651 (The Cascading Style Sheets (CSS) implementation in Google Chrome ...) @@ -70,8 +172,7 @@ TODO: check CVE-2004-2769 (Cerberus FTP Server before 4.0.3.0 allows remote authenticated users ...) TODO: check -CVE-2010-2494 [bogofilter invalid null write] - RESERVED +CVE-2010-2494 (Multiple buffer underflows in the base64 decoder in base64.c in (1) ...) - bogofilter 1.2.1-3 (low; bug #588090) [lenny] - bogofilter <no-dsa> (Minor issue) NOTE: this is "only" null write to an invalid pointer, no arbitrary location @@ -375,8 +476,7 @@ TODO: File bug - qt4-x11 <undetermined> (low; bug #587713) NOTE: unclear whether is qt''s or sqlite''s fault -CVE-2010-2489 [ruby buffer overflow on Windows] - RESERVED +CVE-2010-2489 (Buffer overflow in Ruby 1.9.x before 1.9.1-p429 on Windows might allow ...) - ruby1.8 <not-affected> (Windows-specific) - ruby1.9.1 <not-affected> (Windows-specific) CVE-2010-2488 [znc null pointer deref] @@ -990,8 +1090,8 @@ [lenny] - feh <no-dsa> (Minor issue) CVE-2010-2245 RESERVED -CVE-2010-2244 - RESERVED +CVE-2010-2244 (The AvahiDnsPacket function in avahi-core/socket.c in avahi-daemon in ...) + TODO: check CVE-2010-2243 [timekeeping oops] RESERVED - linux-2.6 2.6.32-11 @@ -1044,8 +1144,8 @@ NOT-FOR-US: Red Hat Enterprise Virtualization Hypervisor (RHEV-H) CVE-2010-2222 RESERVED -CVE-2010-2221 - RESERVED +CVE-2010-2221 (Multiple buffer overflows in the iSNS implementation in isns.c in (1) ...) + TODO: check CVE-2010-2220 RESERVED CVE-2010-2219 @@ -2696,8 +2796,8 @@ TODO: check CVE-2010-1575 (The Cisco Content Services Switch (CSS) 11500 with software 08.20.1.01 ...) TODO: check -CVE-2010-1574 - RESERVED +CVE-2010-1574 (IOS 12.2(52)SE and 12.2(52)SE1 on Cisco Industrial Ethernet (IE) 3000 ...) + TODO: check CVE-2010-1573 (Linksys WAP54Gv3 firmware 3.04.03 and earlier uses a hard-coded ...) NOT-FOR-US: Linksys firmware CVE-2010-1572 (Unspecified vulnerability in the tech support diagnostic shell in ...) @@ -4145,8 +4245,7 @@ NOT-FOR-US: ws_ecard extension for typo3 CVE-2009-4739 (PHP remote file inclusion vulnerability in index.php in SkaDate Dating ...) NOT-FOR-US: SkaDate Dating -CVE-2010-2445 [freeciv lua] - RESERVED +CVE-2010-2445 (freeciv 2.2 before 2.2.1 and 2.3 before 2.3.0 allows attackers to read ...) - freeciv 2.2.1-1 (low; bug #584589) [lenny] - freeciv <no-dsa> (Minor issue) NOTE: http://gna.org/bugs/?15624