thr3ads.net - Secure testing commits - [Secure-testing-commits] r14103

If this information is useful, please help other people find it:
Share via:
Joey Hess
2010-Feb-15 21:15 UTC
[Secure-testing-commits] r14103 - data/CVE

Author: joeyh
Date: 2010-02-15 21:14:57 +0000 (Mon, 15 Feb 2010)
New Revision: 14103

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2010-02-15 20:58:50 UTC (rev 14102)
+++ data/CVE/list	2010-02-15 21:14:57 UTC (rev 14103)
@@ -1,3 +1,9 @@
+CVE-2010-0634 (Unspecified vulnerability in Fast Lexical Analyzer Generator
(flex) ...)
+	TODO: check
+CVE-2010-0629
+	RESERVED
+CVE-2010-0628
+	RESERVED
 CVE-2010-XXXX [CouchDB: browser interface has XSS, CSRF issues]
 	- couchdb <unfixed> (bug #570013)
 	[lenny] - couchdb <no-dsa> (does not support authentication at all)
@@ -3,17 +9,17 @@
 	NOTE:
http://mail-archives.apache.org/mod_mbox/couchdb-dev/201002.mbox/%3C87bpfz5t39.fsf
at mid.deneb.enyo.de%3E
 	NOTE: http://www.openwall.com/lists/oss-security/2010/02/15/5
-CVE-2010-0637
+CVE-2010-0637 (Multiple cross-site request forgery (CSRF) vulnerabilities in
...)
 	TODO: check, webcalendar is in the archive
-CVE-2010-0636
+CVE-2010-0636 (Multiple cross-site scripting (XSS) vulnerabilities in
WebCalendar ...)
 	TODO: check, webcalendar is in the archive
-CVE-2010-0635
+CVE-2010-0635 (SQL injection vulnerability in the
plgSearchEventsearch::onSearch ...)
 	NOT-FOR-US: JEvents Search plugin for Joomla!
-CVE-2010-0633
+CVE-2010-0633 (Unspecified vulnerability in Citrix XenServer 5.0 Update 3 and
...)
 	NOT-FOR-US: Citrix XenServer
-CVE-2010-0632
+CVE-2010-0632 (SQL injection vulnerability in the Parkview Consultants
SimpleFAQ ...)
 	NOT-FOR-US: Parkview Consultants SimpleFAQ component for Joomla!
-CVE-2010-0631
+CVE-2010-0631 (Multiple SQL injection vulnerabilities in index.php in Eicra Car
...)
 	NOT-FOR-US: Eicra Car Rental-Script
-CVE-2010-0630
+CVE-2010-0630 (SQL injection vulnerability in viewjokes.php in Evernew Free
Joke ...)
 	NOT-FOR-US: Evernew Free Joke Script
 CVE-2010-0627
@@ -145,8 +151,8 @@
 	- gnome-screensaver <unfixed> (low; bug #569667)
 	[etch] - gnome-screensaver <not-affected> (Vulnerable code not present)
 	[lenny] - gnome-screensaver <not-affected> (Vulnerable code not present)
-CVE-2001-1586
-	RESERVED
+CVE-2001-1586 (Directory traversal vulnerability in SimpleServer:WWW 1.13 and
earlier ...)
+	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2010-XXXX [multiple mod_security issues]
 	- libapache-mod-security <unfixed> (bug #569658)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=563455
@@ -482,8 +488,7 @@
 	RESERVED
 CVE-2010-0447
 	RESERVED
-CVE-2010-0446
-	RESERVED
+CVE-2010-0446 (Unspecified vulnerability on the HP DreamScreen 100 and 130 with
...)
 	NOT-FOR-US: HP DreamScreen
 CVE-2010-0445 (Unspecified vulnerability in HP Network Node Manager (NNM) 8.10,
8.11, ...)
 	NOT-FOR-US: HP Network Node Manager
@@ -936,8 +941,7 @@
 CVE-2010-XXXX [zenoss csrf]
 	- zenoss <itp> (bug #361253)
 	NOTE: http://seclists.org/fulldisclosure/2010/Jan/296
-CVE-2010-0309 [linux kvm pit_ioport_read() DoS]
-	RESERVED
+CVE-2010-0309 (The pit_ioport_read function in the Programmable Interval Timer
(PIT) ...)
 	{DSA-1996-1}
 	- linux-2.6 2.6.32-8 
 	[etch] - linux-2.6 <not-affected> (kvm introduced in 2.6.25)
@@ -954,8 +958,7 @@
 	{DSA-1996-1}
 	- linux-2.6 2.6.32-8
 	- linux-2.6.24 <removed>
-CVE-2010-0306 [kvm privilege escalation]
-	RESERVED
+CVE-2010-0306 (The x86 emulator in KVM 83, when a guest is configured for
Symmetric ...)
 	{DSA-1996-1}
 	- linux-2.6 2.6.32-8
 	[etch] - linux-2.6 <not-affected> (kvm introduced in 2.6.25)
@@ -982,15 +985,13 @@
 	RESERVED
 	- linux-2.6 <unfixed>
 	- linux-2.6.24 <removed>
-CVE-2010-0298 [kvm privilege escalation]
-	RESERVED
+CVE-2010-0298 (The x86 emulator in KVM 83 does not use the Current Privilege
Level ...)
 	{DSA-1996-1}
 	- linux-2.6 2.6.32-8
 	[etch] - linux-2.6 <not-affected> (kvm introduced in 2.6.25)
 	- linux-2.6.24 <not-affected> (kvm introduced in 2.6.25)
 	- kvm <removed>
-CVE-2010-0297 [kvm userspace usb-linux.c buffer overflow]
-	RESERVED
+CVE-2010-0297 (Buffer overflow in the usb_host_handle_control function in the
USB ...)
 	- qemu-kvm 0.11.1+dfsg-1
 	- kvm <removed>
 CVE-2010-0296
@@ -2406,8 +2407,7 @@
 	RESERVED
 CVE-2009-4275
 	RESERVED
-CVE-2009-4274 [stack-based buffer overflow in netpbm''s XPM reader]
-	RESERVED
+CVE-2009-4274 (Stack-based buffer overflow in converter/ppm/xpmtoppm.c in
netpbm ...)
 	- netpbm-free <unfixed> (medium; bug #569060)
 CVE-2009-4273 (stap-server in SystemTap before 1.1 allows remote attackers to
execute ...)
 	- systemtap 1.1-1
Secure testing commits - Feb 2010 - r14103 - data/CVE

[Secure-testing-commits] r14103 - data/CVE
