Author: joeyh
Date: 2010-12-03 21:14:43 +0000 (Fri, 03 Dec 2010)
New Revision: 15647
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2010-12-03 16:24:51 UTC (rev 15646)
+++ data/CVE/list 2010-12-03 21:14:43 UTC (rev 15647)
@@ -1,3 +1,67 @@
+CVE-2010-4397
+ RESERVED
+CVE-2010-4396
+ RESERVED
+CVE-2010-4395
+ RESERVED
+CVE-2010-4394
+ RESERVED
+CVE-2010-4393
+ RESERVED
+CVE-2010-4392
+ RESERVED
+CVE-2010-4391
+ RESERVED
+CVE-2010-4390
+ RESERVED
+CVE-2010-4389
+ RESERVED
+CVE-2010-4388
+ RESERVED
+CVE-2010-4387
+ RESERVED
+CVE-2010-4386
+ RESERVED
+CVE-2010-4385
+ RESERVED
+CVE-2010-4384
+ RESERVED
+CVE-2010-4383
+ RESERVED
+CVE-2010-4382
+ RESERVED
+CVE-2010-4381
+ RESERVED
+CVE-2010-4380
+ RESERVED
+CVE-2010-4379
+ RESERVED
+CVE-2010-4378
+ RESERVED
+CVE-2010-4377
+ RESERVED
+CVE-2010-4376
+ RESERVED
+CVE-2010-4375
+ RESERVED
+CVE-2010-4374 (The in_mkv plugin in Winamp before 5.6 allows remote attackers
to ...)
+ TODO: check
+CVE-2010-4373 (The in_mp4 plugin in Winamp before 5.6 allows remote attackers
to ...)
+ TODO: check
+CVE-2010-4372 (Integer overflow in the in_nsv plugin in Winamp before 5.6
allows ...)
+ TODO: check
+CVE-2010-4371 (Buffer overflow in the in_mod plugin in Winamp before 5.6 allows
...)
+ TODO: check
+CVE-2010-4370 (Multiple integer overflows in the in_midi plugin in Winamp
before 5.6 ...)
+ TODO: check
+CVE-2010-4369 (Directory traversal vulnerability in AWStats before 7.0 allows
remote ...)
+ TODO: check
+CVE-2010-4368 (awstats.cgi in AWStats before 7.0 on Windows accepts a configdir
...)
+ TODO: check
+CVE-2010-4367 (awstats.cgi in AWStats before 7.0 accepts a configdir parameter
in the ...)
+ TODO: check
+CVE-2009-5020 (Open redirect vulnerability in awredir.pl in AWStats before 6.95
...)
+ TODO: check
CVE-2010-XXXX [ocrodjvu insecure temp files handling]
- ocrodjvu 0.4.6-2 (low; bug #598134)
CVE-2010-XXXX [hypermail XSS]
@@ -93,8 +157,7 @@
RESERVED
CVE-2010-4330
RESERVED
-CVE-2010-4329
- RESERVED
+CVE-2010-4329 (Cross-site scripting (XSS) vulnerability in the PMA_linkOrButton
...)
- phpmyadmin 4:3.3.7-2
CVE-2010-4328
RESERVED
@@ -126,8 +189,8 @@
RESERVED
CVE-2010-4314
RESERVED
-CVE-2010-4313
- RESERVED
+CVE-2010-4313 (Unrestricted file upload vulnerability in
fileman_file_upload.php in ...)
+ TODO: check
CVE-2010-4312 (The default configuration of Apache Tomcat 6.x does not include
the ...)
TODO: check
CVE-2010-4311 (Free Simple Software 1.0 stores passwords in cleartext, which
allows ...)
@@ -224,18 +287,18 @@
RESERVED
CVE-2010-4284
RESERVED
-CVE-2010-4283
- RESERVED
-CVE-2010-4282
- RESERVED
-CVE-2010-4281
- RESERVED
-CVE-2010-4280
- RESERVED
-CVE-2010-4279
- RESERVED
-CVE-2010-4278
- RESERVED
+CVE-2010-4283 (PHP remote file inclusion vulnerability in
extras/pandora_diag.php in ...)
+ TODO: check
+CVE-2010-4282 (Multiple directory traversal vulnerabilities in Pandora FMS
before ...)
+ TODO: check
+CVE-2010-4281 (Incomplete blacklist vulnerability in the safe_url_extraclean
function ...)
+ TODO: check
+CVE-2010-4280 (Multiple SQL injection vulnerabilities in Pandora FMS before
3.1.1 ...)
+ TODO: check
+CVE-2010-4279 (The default configuration of Pandora FMS 3.1 and earlier
specifies an ...)
+ TODO: check
+CVE-2010-4278 (operation/agentes/networkmap.php in Pandora FMS before 3.1.1
allows ...)
+ TODO: check
CVE-2010-4277
RESERVED
CVE-2010-4276
@@ -836,12 +899,10 @@
NOT-FOR-US: HP Insight Control Power Management
CVE-2010-4022
RESERVED
-CVE-2010-4021 [krb5 checksum handling]
- RESERVED
+CVE-2010-4021 (The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5)
1.7 ...)
- krb5 1.8+dfsg~alpha1-1
[lenny] - krb5 <not-affected> (Only affects 1.7.x)
-CVE-2010-4020 [krb5 checksum handling]
- RESERVED
+CVE-2010-4020 (MIT Kerberos 5 (aka krb5) 1.8.x through 1.8.3 does not reject
RC4 ...)
- krb5 1.8.3+dfsg-3 (bug #605553)
[lenny] - krb5 <not-affected> (Only affects krb5 >= 1.8)
CVE-2010-4019
@@ -2780,10 +2841,10 @@
RESERVED
CVE-2010-3268
RESERVED
-CVE-2010-3267
- RESERVED
-CVE-2010-3266
- RESERVED
+CVE-2010-3267 (Multiple SQL injection vulnerabilities in BugTracker.NET before
3.4.5 ...)
+ TODO: check
+CVE-2010-3266 (Multiple cross-site scripting (XSS) vulnerabilities in
BugTracker.NET ...)
+ TODO: check
CVE-2010-3265
RESERVED
CVE-2010-3264 (The engine installer in Novell Identity Manager (aka IDM) 3.6.1
stores ...)
@@ -4666,8 +4727,8 @@
RESERVED
CVE-2010-2587
RESERVED
-CVE-2010-2586
- RESERVED
+CVE-2010-2586 (Multiple integer overflows in in_nsv.dll in the in_nsv plugin in
...)
+ TODO: check
CVE-2010-2585 (Multiple buffer overflows in the RealPage Module Upload ActiveX
...)
NOT-FOR-US: RealPage Module ActiveX Controls
CVE-2010-2584 (The Upload method in the RealPage Module Upload ActiveX control
in ...)
@@ -8194,12 +8255,10 @@
NOTE: http://march-hare.com/cvspro/vuln.htm
CVE-2010-1325 (Cross-site request forgery (CSRF) vulnerability in the
apache2-slms ...)
NOT-FOR-US: SUSE Lifecycle Management Server
-CVE-2010-1324 [krb5 checksum handling]
- RESERVED
+CVE-2010-1324 (MIT Kerberos 5 (aka krb5) 1.7.x and 1.8.x through 1.8.3 does not
...)
- krb5 1.8.3+dfsg-3 (bug #605553)
[lenny] - krb5 <not-affected> (Only affects krb5 >= 1.7)
-CVE-2010-1323 [krb5 checksum handling]
- RESERVED
+CVE-2010-1323 (MIT Kerberos 5 (aka krb5) 1.3.x, 1.4.x, 1.5.x, 1.6.x, 1.7.x, and
1.8.x ...)
{DSA-2129-1}
- krb5 1.8.3+dfsg-3 (bug #605553)
CVE-2010-1322 (The merge_authdata function in kdc_authdata.c in the Key
Distribution ...)