Author: joeyh
Date: 2010-01-12 09:14:52 +0000 (Tue, 12 Jan 2010)
New Revision: 13791
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2010-01-11 23:48:50 UTC (rev 13790)
+++ data/CVE/list 2010-01-12 09:14:52 UTC (rev 13791)
@@ -1,3 +1,137 @@
+CVE-2010-0277 (slp.c in the MSN protocol plugin in libpurple in Pidgin 2.6.4
and ...)
+ TODO: check
+CVE-2010-0276 (IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.241
for ...)
+ TODO: check
+CVE-2010-0275 (Ultra-light Mode in IBM Lotus iNotes (aka Domino Web Access or
DWA) ...)
+ TODO: check
+CVE-2010-0274 (Unspecified vulnerability in the Edit Contact scene in
Ultra-light ...)
+ TODO: check
+CVE-2010-0273 (Unspecified vulnerability in Sun Java System Web Server 7.0
Update 6 ...)
+ TODO: check
+CVE-2010-0272 (Heap-based buffer overflow in Sun Java System Web Server 7.0
Update 6 ...)
+ TODO: check
+CVE-2010-0271 (hald in Sun OpenSolaris snv_51 through snv_130 does not have the
...)
+ TODO: check
+CVE-2010-0270
+ RESERVED
+CVE-2010-0269
+ RESERVED
+CVE-2010-0268
+ RESERVED
+CVE-2010-0267
+ RESERVED
+CVE-2010-0266
+ RESERVED
+CVE-2010-0265
+ RESERVED
+CVE-2010-0264
+ RESERVED
+CVE-2010-0263
+ RESERVED
+CVE-2010-0262
+ RESERVED
+CVE-2010-0261
+ RESERVED
+CVE-2010-0260
+ RESERVED
+CVE-2010-0259
+ RESERVED
+CVE-2010-0258
+ RESERVED
+CVE-2010-0257
+ RESERVED
+CVE-2010-0256
+ RESERVED
+CVE-2010-0255
+ RESERVED
+CVE-2010-0254
+ RESERVED
+CVE-2010-0253
+ RESERVED
+CVE-2010-0252
+ RESERVED
+CVE-2010-0251
+ RESERVED
+CVE-2010-0250
+ RESERVED
+CVE-2010-0249
+ RESERVED
+CVE-2010-0248
+ RESERVED
+CVE-2010-0247
+ RESERVED
+CVE-2010-0246
+ RESERVED
+CVE-2010-0245
+ RESERVED
+CVE-2010-0244
+ RESERVED
+CVE-2010-0243
+ RESERVED
+CVE-2010-0242
+ RESERVED
+CVE-2010-0241
+ RESERVED
+CVE-2010-0240
+ RESERVED
+CVE-2010-0239
+ RESERVED
+CVE-2010-0238
+ RESERVED
+CVE-2010-0237
+ RESERVED
+CVE-2010-0236
+ RESERVED
+CVE-2010-0235
+ RESERVED
+CVE-2010-0234
+ RESERVED
+CVE-2010-0233
+ RESERVED
+CVE-2010-0232
+ RESERVED
+CVE-2010-0231
+ RESERVED
+CVE-2010-0230
+ RESERVED
+CVE-2010-0229 (Verbatim Corporate Secure and Corporate Secure FIPS Edition USB
flash ...)
+ TODO: check
+CVE-2010-0228 (Verbatim Corporate Secure and Corporate Secure FIPS Edition USB
flash ...)
+ TODO: check
+CVE-2010-0227 (Verbatim Corporate Secure and Corporate Secure FIPS Edition USB
flash ...)
+ TODO: check
+CVE-2010-0226 (SanDisk Cruzer Enterprise USB flash drives do not prevent
password ...)
+ TODO: check
+CVE-2010-0225 (SanDisk Cruzer Enterprise USB flash drives use a fixed 256-bit
key for ...)
+ TODO: check
+CVE-2010-0224 (SanDisk Cruzer Enterprise USB flash drives validate passwords
with a ...)
+ TODO: check
+CVE-2010-0223 (Kingston DataTraveler BlackBox (DTBB), DataTraveler Secure
Privacy ...)
+ TODO: check
+CVE-2010-0222 (Kingston DataTraveler BlackBox (DTBB), DataTraveler Secure
Privacy ...)
+ TODO: check
+CVE-2010-0221 (Kingston DataTraveler BlackBox (DTBB), DataTraveler Secure
Privacy ...)
+ TODO: check
+CVE-2010-0220 (The nsObserverList::FillObserverArray function in ...)
+ TODO: check
+CVE-2009-4594 (Unspecified vulnerability in IBM Lotus iNotes (aka Domino Web
Access ...)
+ TODO: check
+CVE-2009-4593 (The bftpdutmp_log function in bftpdutmp.c in Bftpd before 2.4
does not ...)
+ TODO: check
+CVE-2009-4592 (Unspecified vulnerability in base_local_rules.php in Basic
Analysis ...)
+ TODO: check
+CVE-2009-4591 (SQL injection vulnerability in Basic Analysis and Security
Engine ...)
+ TODO: check
+CVE-2009-4590 (Cross-site scripting (XSS) vulnerability in base_local_rules.php
in ...)
+ TODO: check
+CVE-2009-4589 (Cross-site scripting (XSS) vulnerability in the Special:Block
...)
+ TODO: check
+CVE-2009-4588 (Heap-based buffer overflow in the WindsPlayerIE.View.1 ActiveX
control ...)
+ TODO: check
+CVE-2009-4587 (Cherokee Web Server 0.5.4 allows remote attackers to cause a
denial of ...)
+ TODO: check
+CVE-2009-4586 (Multiple cross-site scripting (XSS) vulnerabilities in
index.html in ...)
+ TODO: check
CVE-2010-0219
RESERVED
CVE-2010-0218
@@ -427,8 +561,7 @@
- zabbix 1:1.8-1 (bug #562613)
CVE-2009-4498 (The node_process_command function in Zabbix Server before 1.8
allows ...)
- zabbix 1:1.8-1 (bug #562613)
-CVE-2009-4497 [XSS in LXR]
- RESERVED
+CVE-2009-4497 (Cross-site scripting (XSS) vulnerability in LXR Cross Referencer
0.9.5 ...)
- lxr-cvs <unfixed>
NOTE:
http://sourceforge.net/mailarchive/forum.php?thread_name=E1NS2s4-0001PE-F2 at
3bkjzd1.ch3.sourceforge.com&forum_name=lxr-developer
CVE-2009-4496 [boa escape sequence injection]
@@ -488,8 +621,8 @@
[etch] - nginx <no-dsa> (issue not really specific to the httpd)
[lenny] - nginx <no-dsa> (issue not really specific to the httpd)
NOTE: http://www.ush.it/team/ush/hack_httpd_escape/adv.txt
-CVE-2009-4486
- RESERVED
+CVE-2009-4486 (Stack-based buffer overflow in the eDirectory plugin in Novell
...)
+ TODO: check
CVE-2009-4485
RESERVED
CVE-2009-4484 (Buffer overflow in the server in MySQL 5.0.51a on Linux allows
remote ...)
@@ -1033,14 +1166,12 @@
- glibc <removed> (medium)
CVE-2010-0014
RESERVED
-CVE-2010-0013 [pidgin local file disclosure vuln]
- RESERVED
+CVE-2010-0013 (Directory traversal vulnerability in slp.c in the MSN protocol
plugin ...)
- pidgin 2.6.5-1 (medium; bug #563206)
[lenny] - pidgin <not-affected> (vulnerable code not present)
- gaim <not-affected> (vulnerable code not present)
NOTE:
http://events.ccc.de/congress/2009/Fahrplan/attachments/1483_26c3_ipv4_fuckups.pdf
-CVE-2010-0012 [transmission directory traversal when processing .torrent files]
- RESERVED
+CVE-2010-0012 (Directory traversal vulnerability in libtransmission/metainfo.c
in ...)
{DSA-1967-1}
- transmission 1.77-1 (low)
TODO: check affected versions
@@ -1401,7 +1532,7 @@
NOT-FOR-US: Huawei MT882 V100R002B020
CVE-2009-4196 (Multiple cross-site scripting (XSS) vulnerabilities in multiple
...)
NOT-FOR-US: Huawei MT882 V100R002B020
-CVE-2009-4195 (Buffer overflow in Adobe Illustrator CS4 13.0.0 and 14.0.0
allows ...)
+CVE-2009-4195 (Buffer overflow in Adobe Illustrator CS4 14.0.0, CS3 13.0.3 and
...)
NOT-FOR-US: Adobe Illustrator
CVE-2009-4194 (Directory traversal vulnerability in Golden FTP Server 4.30 Free
and ...)
NOT-FOR-US: Golden FTP
@@ -1876,12 +2007,10 @@
RESERVED
- dtc-xen 0.5.4-1
[lenny] - dtc-xen <not-affected> (Only affects 0.5.x)
-CVE-2009-4010 [pdns-recursor vulns]
- RESERVED
+CVE-2009-4010 (Unspecified vulnerability in PowerDNS Recursor before 3.1.7.2
allows ...)
{DSA-1968-1}
- pdns-recursor 3.1.7.2-1 (high)
-CVE-2009-4009 [pdns-recursor vulns]
- RESERVED
+CVE-2009-4009 (Buffer overflow in PowerDNS Recursor before 3.1.7.2 allows
remote ...)
{DSA-1968-1}
- pdns-recursor 3.1.7.2-1 (high)
CVE-2009-4008
@@ -2032,8 +2161,8 @@
RESERVED
CVE-2009-3953
RESERVED
-CVE-2009-3952
- RESERVED
+CVE-2009-3952 (Buffer overflow in Adobe Illustrator CS3 13.0.3 and earlier and
...)
+ TODO: check
CVE-2009-3951 (Unspecified vulnerability in the Flash Player ActiveX control in
Adobe ...)
NOT-FOR-US: ActiveX
CVE-2009-3950 (Multiple cross-site scripting (XSS) vulnerabilities in Bractus
...)
@@ -2558,8 +2687,8 @@
NOT-FOR-US: EMC RepliStor
CVE-2009-3743
RESERVED
-CVE-2009-3742
- RESERVED
+CVE-2009-3742 (Cross-site scripting (XSS) vulnerability in Liferay Portal
before ...)
+ TODO: check
CVE-2009-3741
RESERVED
CVE-2009-3740
@@ -35887,7 +36016,7 @@
CVE-2007-4568 (Integer overflow in the build_range function in X.Org X Font
Server ...)
{DSA-1385-1}
- xfs 1:1.0.5-1
-CVE-2007-4567 (Linux kernel 2.6.22 and earlier, and possibly other versions,
does not ...)
+CVE-2007-4567 (The ipv6_hop_jumbo function in net/ipv6/exthdrs.c in the Linux
kernel ...)
- linux-2.6 2.6.22-1
[etch] - linux-2.6 <not-affected> (Introduced in 2.6.20)
CVE-2007-4566 (Multiple buffer overflows in the login mechanism in sidvault in
Alpha ...)