Author: joeyh
Date: 2010-10-19 21:14:55 +0000 (Tue, 19 Oct 2010)
New Revision: 15487
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2010-10-19 20:07:39 UTC (rev 15486)
+++ data/CVE/list 2010-10-19 21:14:55 UTC (rev 15487)
@@ -1,3 +1,41 @@
+CVE-2010-3995
+ RESERVED
+CVE-2010-3994
+ RESERVED
+CVE-2010-3993
+ RESERVED
+CVE-2010-3992
+ RESERVED
+CVE-2010-3991
+ RESERVED
+CVE-2010-3990
+ RESERVED
+CVE-2010-3989
+ RESERVED
+CVE-2010-3988
+ RESERVED
+CVE-2010-3987
+ RESERVED
+CVE-2010-3986
+ RESERVED
+CVE-2010-3985
+ RESERVED
+CVE-2010-3984
+ RESERVED
+CVE-2010-3983 (CmcApp in SAP BusinessObjects Enterprise XI 3.2 allows remote
...)
+ TODO: check
+CVE-2010-3982 (SAP BusinessObjects Enterprise XI 3.2 allows remote attackers to
...)
+ TODO: check
+CVE-2010-3981 (Cross-site scripting (XSS) vulnerability in SAP BusinessObjects
...)
+ TODO: check
+CVE-2010-3980 (Dswsbobje in SAP BusinessObjects Enterprise XI 3.2 does not
limit the ...)
+ TODO: check
+CVE-2010-3979 (Dswsbobje in SAP BusinessObjects Enterprise XI 3.2 generates
different ...)
+ TODO: check
+CVE-2010-3978
+ RESERVED
+CVE-2010-3977
+ RESERVED
CVE-2010-3976
RESERVED
CVE-2010-3975
@@ -275,18 +313,18 @@
CVE-2010-3842
RESERVED
- curl <not-affected> (Doesn''t affect POSIX systems)
-CVE-2010-3841
- RESERVED
+CVE-2010-3841 (Multiple cross-site scripting (XSS) vulnerabilities in
lib/TWiki.pm in ...)
+ TODO: check
CVE-2009-5009 (Double free vulnerability in OpenConnect before 1.40 might allow
...)
- openconnect 1.40-1
CVE-2009-5008 (Cisco Secure Desktop (CSD), when used in conjunction with an
...)
NOT-FOR-US: isco Secure Desktop
CVE-2009-5007 (The Cisco trial client on Linux for Cisco AnyConnect SSL VPN
allows ...)
NOT-FOR-US: Cisco AnyConnect SSL VPN trial client
-CVE-2009-5006
- RESERVED
-CVE-2009-5005
- RESERVED
+CVE-2009-5006 (The SessionAdapter::ExchangeHandlerImpl::checkAlternate function
in ...)
+ TODO: check
+CVE-2009-5005 (The Cluster::deliveredEvent function in cluster/Cluster.cpp in
Apache ...)
+ TODO: check
CVE-2009-5004
RESERVED
CVE-2010-3845
@@ -494,16 +532,16 @@
CVE-2010-3752 (programs/pluto/xauth.c in the client in Openswan 2.6.25 through
2.6.28 ...)
- openswan 1:2.6.28+dfsg-2
[lenny] - openswan <not-affected> (Introduced in version 2.6.25)
-CVE-2010-3751
- RESERVED
-CVE-2010-3750
- RESERVED
-CVE-2010-3749
- RESERVED
-CVE-2010-3748
- RESERVED
-CVE-2010-3747
- RESERVED
+CVE-2010-3751 (Multiple heap-based buffer overflows in an ActiveX control in
...)
+ TODO: check
+CVE-2010-3750 (rjrmrpln.dll in RealNetworks RealPlayer 11.0 through 11.1,
RealPlayer ...)
+ TODO: check
+CVE-2010-3749 (The browser-plugin implementation in RealNetworks RealPlayer
11.0 ...)
+ TODO: check
+CVE-2010-3748 (Stack-based buffer overflow in the RichFX component in
RealNetworks ...)
+ TODO: check
+CVE-2010-3747 (An ActiveX control in RealNetworks RealPlayer 11.0 through 11.1,
...)
+ TODO: check
CVE-2010-3746
RESERVED
CVE-2010-3745
@@ -570,15 +608,19 @@
RESERVED
CVE-2010-3717
RESERVED
+ {DSA-2121-1}
- typo3-src 4.3.7-1
CVE-2010-3716
RESERVED
+ {DSA-2121-1}
- typo3-src 4.3.7-1
CVE-2010-3715
RESERVED
+ {DSA-2121-1}
- typo3-src 4.3.7-1
CVE-2010-3714
RESERVED
+ {DSA-2121-1}
- typo3-src 4.3.7-1
CVE-2010-3713
RESERVED
@@ -1756,10 +1798,10 @@
RESERVED
CVE-2010-3288
RESERVED
-CVE-2010-3287
- RESERVED
-CVE-2010-3286
- RESERVED
+CVE-2010-3287 (Unspecified vulnerability on HP ProCurve Access Points, Access
...)
+ TODO: check
+CVE-2010-3286 (Unspecified vulnerability in HP Systems Insight Manager (SIM)
6.0 and ...)
+ TODO: check
CVE-2010-3285 (Unspecified vulnerability in HP OpenView Network Node Manager
(OV NNM) ...)
NOT-FOR-US: HP OpenView Network Node Manager
CVE-2010-3284 (Unspecified vulnerability in HP System Management Homepage (SMH)
...)
@@ -2515,8 +2557,8 @@
NOT-FOR-US: RealPlayer
CVE-2010-2999
RESERVED
-CVE-2010-2998
- RESERVED
+CVE-2010-2998 (Array index error in RealNetworks RealPlayer 11.0 through 11.1
and ...)
+ TODO: check
CVE-2010-2997
RESERVED
CVE-2010-2996 (Array index error in RealNetworks RealPlayer 11.0 through 11.1
on ...)
@@ -3665,8 +3707,8 @@
NOT-FOR-US: MailEnable
CVE-2010-2579
RESERVED
-CVE-2010-2578
- RESERVED
+CVE-2010-2578 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0
through ...)
+ TODO: check
CVE-2010-2577 (Multiple SQL injection vulnerabilities in Pligg before 1.1.1
allow ...)
NOT-FOR-US: Pligg
CVE-2010-2576 (Opera before 10.61 does not properly suppress clicks on download
...)
@@ -4175,10 +4217,10 @@
NOT-FOR-US: Oracle Supply Chain Products Suite
CVE-2010-2370 (Unspecified vulnerability in the Oracle Business Process
Management ...)
NOT-FOR-US: Oracle Fusion Middleware
-CVE-2010-2369
- RESERVED
-CVE-2010-2368
- RESERVED
+CVE-2010-2369 (Untrusted search path vulnerability in Lhasa 0.19 and earlier
allows ...)
+ TODO: check
+CVE-2010-2368 (Untrusted search path vulnerability in Lhaplus before 1.58
allows ...)
+ TODO: check
CVE-2010-2367 (Cross-site scripting (XSS) vulnerability in search.cgi in
AD-EDIT2 ...)
NOT-FOR-US: AD-EDIT2
CVE-2010-2366 (Cross-site scripting (XSS) vulnerability in futomi CGI Cafe
Access ...)
@@ -10568,8 +10610,8 @@
NOTE: reserved device name. cherokee was lacking error handling...
CVE-2009-4586 (Multiple cross-site scripting (XSS) vulnerabilities in
index.html in ...)
NOT-FOR-US: Wowd client
-CVE-2010-0219
- RESERVED
+CVE-2010-0219 (Apache Axis2, as used in dswsbobje.war in SAP BusinessObjects
...)
+ TODO: check
CVE-2010-0218 (ISC BIND 9.7.2 through 9.7.2-P1 uses an incorrect ACL to
restrict the ...)
- bind9 <not-affected> (Only affects 9.7.2, which is not yet in the
archive)
NOTE: http://ftp.isc.org/isc/bind9/9.7.2-P2/RELEASE-NOTES-BIND-9.7.2-P2.html