thr3ads.net - Secure testing commits - [Secure-testing-commits] r17547

If this information is useful, please help other people find it:
Share via:
Joey Hess
2011-Nov-03 21:14 UTC
[Secure-testing-commits] r17547 - data/CVE

Author: joeyh
Date: 2011-11-03 21:14:29 +0000 (Thu, 03 Nov 2011)
New Revision: 17547

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2011-11-03 18:01:49 UTC (rev 17546)
+++ data/CVE/list	2011-11-03 21:14:29 UTC (rev 17547)
@@ -1,3 +1,119 @@
+CVE-2011-4274 (Cross-site scripting (XSS) vulnerability in the A-Form PC and
...)
+	TODO: check
+CVE-2011-4273 (Multiple cross-site scripting (XSS) vulnerabilities in GoAhead
...)
+	TODO: check
+CVE-2011-4272
+	RESERVED
+CVE-2011-4271
+	RESERVED
+CVE-2011-4270
+	RESERVED
+CVE-2011-4269
+	RESERVED
+CVE-2011-4268
+	RESERVED
+CVE-2011-4267
+	RESERVED
+CVE-2011-4266
+	RESERVED
+CVE-2011-4265
+	RESERVED
+CVE-2011-4264
+	RESERVED
+CVE-2011-4263
+	RESERVED
+CVE-2010-5045 (Cross-site scripting (XSS) vulnerability in poll/default.asp in
Smart ...)
+	TODO: check
+CVE-2010-5044 (SQL injection vulnerability in models/log.php in the Search Log
...)
+	TODO: check
+CVE-2010-5043 (SQL injection vulnerability in the DJ-ArtGallery
(com_djartgallery) ...)
+	TODO: check
+CVE-2010-5042 (Cross-site scripting (XSS) vulnerability in the DJ-ArtGallery
...)
+	TODO: check
+CVE-2010-5041 (SQL injection vulnerability in index.php in the NP_Gallery
plugin 0.94 ...)
+	TODO: check
+CVE-2010-5040 (PHP remote file inclusion vulnerability in ...)
+	TODO: check
+CVE-2010-5039 (SQL injection vulnerability in control/admin_login.php in
ScriptsFeed ...)
+	TODO: check
+CVE-2010-5038 (PHP remote file inclusion vulnerability in contact/contact.php
in ...)
+	TODO: check
+CVE-2010-5037 (SQL injection vulnerability in article.php in SenseSites
CommonSense ...)
+	TODO: check
+CVE-2010-5036 (SQL injection vulnerability in addsale.php in iScripts eSwap 2.0
...)
+	TODO: check
+CVE-2010-5035 (Cross-site scripting (XSS) vulnerability in search.php in
iScripts ...)
+	TODO: check
+CVE-2010-5034 (SQL injection vulnerability in viewhistorydetail.php in iScripts
...)
+	TODO: check
+CVE-2010-5033 (SQL injection vulnerability in ProductList.cfm in Fusebox 5.5.1
allows ...)
+	TODO: check
+CVE-2010-5032 (SQL injection vulnerability in the BF Quiz (com_bfquiztrial)
component ...)
+	TODO: check
+CVE-2010-5031 (Cross-site scripting (XSS) vulnerability in index.php in
fileNice 1.1 ...)
+	TODO: check
+CVE-2010-5030 (Cross-site scripting (XSS) vulnerability in index.php in Ecomat
CMS ...)
+	TODO: check
+CVE-2010-5029 (SQL injection vulnerability in index.php in Ecomat CMS 5.0
allows ...)
+	TODO: check
+CVE-2010-5028 (SQL injection vulnerability in the JExtensions JE Job
(com_jejob) ...)
+	TODO: check
+CVE-2010-5027 (Cross-site scripting (XSS) vulnerability in winners.php in
Science ...)
+	TODO: check
+CVE-2010-5026 (SQL injection vulnerability in winners.php in Science Fair In A
Box ...)
+	TODO: check
+CVE-2010-5025 (Cross-site scripting (XSS) vulnerability in manage/main.php in
...)
+	TODO: check
+CVE-2010-5024 (SQL injection vulnerability in manage/add_user.php in CuteSITE
CMS ...)
+	TODO: check
+CVE-2010-5023 (SQL injection vulnerability in index.asp in Digital Interchange
...)
+	TODO: check
+CVE-2010-5022 (SQL injection vulnerability in the JExtensions JE Story Submit
...)
+	TODO: check
+CVE-2010-5021 (SQL injection vulnerability in view_group.asp in Digital
Interchange ...)
+	TODO: check
+CVE-2010-5020 (SQL injection vulnerability in index.php in NetArt Media
iBoutique 4.0 ...)
+	TODO: check
+CVE-2010-5019 (SQL injection vulnerability in view_photo.php in 2daybiz Online
...)
+	TODO: check
+CVE-2010-5018 (Cross-site scripting (XSS) vulnerability in ...)
+	TODO: check
+CVE-2010-5017 (SQL injection vulnerability in stats.php in Elite Gaming Ladders
3.0 ...)
+	TODO: check
+CVE-2010-5016 (SQL injection vulnerability in matchdb.php in Elite Gaming
Ladders 3.5 ...)
+	TODO: check
+CVE-2010-5015 (SQL injection vulnerability in view_photo.php in 2daybiz Network
...)
+	TODO: check
+CVE-2010-5014 (SQL injection vulnerability in standings.php in Elite Gaming
Ladders ...)
+	TODO: check
+CVE-2010-5013 (SQL injection vulnerability in listing_detail.asp in Mckenzie
...)
+	TODO: check
+CVE-2010-5012 (SQL injection vulnerability in new.php in DaLogin 2.2 and 2.2.5
allows ...)
+	TODO: check
+CVE-2010-5011 (SQL injection vulnerability in schoolmv2/html/studentmain.php in
...)
+	TODO: check
+CVE-2010-5010 (Cross-site scripting (XSS) vulnerability in ...)
+	TODO: check
+CVE-2010-5009 (SQL injection vulnerability in index.php in UTStats Beta 4 and
earlier ...)
+	TODO: check
+CVE-2010-5008 (SQL injection vulnerability in pages/contact_list_mail_form.asp
in ...)
+	TODO: check
+CVE-2010-5007 (Cross-site scripting (XSS) vulnerability in
pages/match_report.php in ...)
+	TODO: check
+CVE-2010-5006 (SQL injection vulnerability in googlemap/index.php in EMO Realty
...)
+	TODO: check
+CVE-2010-5005 (Cross-site scripting (XSS) vulnerability in ...)
+	TODO: check
+CVE-2010-5004 (SQL injection vulnerability in searchvote.php in 2daybiz Polls
(aka ...)
+	TODO: check
+CVE-2010-5000 (SQL injection vulnerability in login/login_index.php in MCLogin
System ...)
+	TODO: check
+CVE-2010-4998 (PHP remote file inclusion vulnerability in ...)
+	TODO: check
+CVE-2010-4997 (SQL injection vulnerability in index.php in OlyKit Swoopo Clone
2010 ...)
+	TODO: check
+CVE-2010-4971 (Cross-site scripting (XSS) vulnerability in VideoWhisper PHP 2
Way ...)
+	TODO: check
 CVE-2011-4262
 	RESERVED
 CVE-2011-4261
@@ -547,12 +663,10 @@
 	- linux-2.6 3.0.0-6
 CVE-2011-4076
 	RESERVED
-CVE-2011-4075 [phpldapadmin arbitrary execution]
-	RESERVED
+CVE-2011-4075 (The masort function in lib/functions.php in phpLDAPadmin 1.2.x
before ...)
 	{DSA-2333-1}
 	- phpldapadmin 1.2.0.5-2.1 (bug #646754)
-CVE-2011-4074 [phpldapadmin XSS]
-	RESERVED
+CVE-2011-4074 (Cross-site scripting (XSS) vulnerability in cmd.php in
phpLDAPadmin ...)
 	{DSA-2333-1}
 	- phpldapadmin 1.2.0.5-2.1 (bug #646769)
 CVE-2011-4073
@@ -917,8 +1031,8 @@
 	RESERVED
 CVE-2011-4006
 	RESERVED
-CVE-2011-4005
-	RESERVED
+CVE-2011-4005 (Cross-site request forgery (CSRF) vulnerability in the Services
Ready ...)
+	TODO: check
 CVE-2011-4004 (Buffer overflow in the ATAS32 processing functionality in the
Cisco ...)
 	NOT-FOR-US: Cisco Webex
 CVE-2011-4003
@@ -937,8 +1051,8 @@
 	RESERVED
 CVE-2011-3996
 	RESERVED
-CVE-2011-3995
-	RESERVED
+CVE-2011-3995 (Unspecified vulnerability in Twilight Frontier Touhou Hisouten
1.06 ...)
+	TODO: check
 CVE-2011-3994
 	RESERVED
 CVE-2011-3993
@@ -2667,8 +2781,8 @@
 	NOT-FOR-US: Scadatec Limited Procyon SCADA
 CVE-2011-3321 (Heap-based buffer overflow in the Siemens WinCC Runtime Advanced
...)
 	NOT-FOR-US: SIMATIC WinCC
-CVE-2011-3320
-	RESERVED
+CVE-2011-3320 (Cross-site scripting (XSS) vulnerability in the Web
Administrator ...)
+	TODO: check
 CVE-2011-3319 (Buffer overflow in the WRF parsing functionality in the Cisco
WebEx ...)
 	NOT-FOR-US: WebEx
 CVE-2011-3318 (Cisco Video Surveillance 2421 and 2500 series cameras with
software ...)
@@ -3085,12 +3199,12 @@
 	RESERVED
 CVE-2011-3168
 	RESERVED
-CVE-2011-3167
-	RESERVED
-CVE-2011-3166
-	RESERVED
-CVE-2011-3165
-	RESERVED
+CVE-2011-3167 (Unspecified vulnerability in HP OpenView Network Node Manager
(OV NNM) ...)
+	TODO: check
+CVE-2011-3166 (Unspecified vulnerability in HP OpenView Network Node Manager
(OV NNM) ...)
+	TODO: check
+CVE-2011-3165 (Unspecified vulnerability in HP OpenView Network Node Manager
(OV NNM) ...)
+	TODO: check
 CVE-2011-3164
 	RESERVED
 CVE-2011-3163 (HP MFP Digital Sending Software 4.9x through 4.91.21 allows
local ...)
@@ -4575,8 +4689,8 @@
 	NOT-FOR-US: Cisco VPN Client
 CVE-2011-2677 (Cybozu Office before 8.0.0 allows remote authenticated users to
bypass ...)
 	TODO: check
-CVE-2011-2676
-	RESERVED
+CVE-2011-2676 (The A-Form and A-Form bamboo before 1.3.6 and 2.x before 2.0.3,
and ...)
+	TODO: check
 CVE-2011-2675 (Cross-site scripting (XSS) vulnerability in Enkai-kun before
110916 ...)
 	NOT-FOR-US: Enkai-kun
 CVE-2011-2674 (BaserCMS before 1.6.12 does not properly restrict additions to
the ...)
@@ -6568,10 +6682,10 @@
 	- pmake 1.111-3 (low; bug #626673)
 	[squeeze] - pmake 1.111-2+squeeze1
 	[lenny] - pmake 1.111-1+lenny1
-CVE-2011-1919
-	RESERVED
-CVE-2011-1918
-	RESERVED
+CVE-2011-1919 (Multiple stack-based buffer overflows in GE Intelligent
Platforms ...)
+	TODO: check
+CVE-2011-1918 (Stack-based buffer overflow in the Data Archiver service in GE
...)
+	TODO: check
 CVE-2011-1917
 	RESERVED
 CVE-2011-1916
Secure testing commits - Nov 2011 - r17547 - data/CVE

[Secure-testing-commits] r17547 - data/CVE
