thr3ads.net - Secure testing commits - [Secure-testing-commits] r14560

If this information is useful, please help other people find it:
Share via:
Joey Hess
2010-Apr-26 21:15 UTC
[Secure-testing-commits] r14560 - data/CVE

Author: joeyh
Date: 2010-04-26 21:15:43 +0000 (Mon, 26 Apr 2010)
New Revision: 14560

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2010-04-26 02:01:02 UTC (rev 14559)
+++ data/CVE/list	2010-04-26 21:15:43 UTC (rev 14560)
@@ -1,3 +1,55 @@
+CVE-2010-1506 (The Google V8 bindings in Google Chrome before 4.1.249.1059
allow ...)
+	TODO: check
+CVE-2010-1505 (Google Chrome before 4.1.249.1059 does not prevent pages from
loading ...)
+	TODO: check
+CVE-2010-1504 (Cross-site scripting (XSS) vulnerability in Google Chrome before
...)
+	TODO: check
+CVE-2010-1503 (Cross-site scripting (XSS) vulnerability in Google Chrome before
...)
+	TODO: check
+CVE-2010-1502 (Unspecified vulnerability in Google Chrome before 4.1.249.1059
allows ...)
+	TODO: check
+CVE-2010-1501 (Cross-site request forgery (CSRF) vulnerability in Google Chrome
...)
+	TODO: check
+CVE-2010-1500 (Google Chrome before 4.1.249.1059 does not properly support
forms, ...)
+	TODO: check
+CVE-2010-1499 (SQL injection vulnerability in genre_artists.php in MusicBox 3.3
...)
+	TODO: check
+CVE-2010-1498 (Multiple SQL injection vulnerabilities in dl_stats before 2.0
allow ...)
+	TODO: check
+CVE-2010-1497 (Cross-site scripting (XSS) vulnerability in download_proc.php in
...)
+	TODO: check
+CVE-2010-1496 (SQL injection vulnerability in the JoltCard (com_joltcard)
component ...)
+	TODO: check
+CVE-2010-1495 (Directory traversal vulnerability in the Matamko (com_matamko)
...)
+	TODO: check
+CVE-2010-1494 (Directory traversal vulnerability in the AWDwall (com_awdwall)
...)
+	TODO: check
+CVE-2010-1493 (SQL injection vulnerability in the AWDwall (com_awdwall)
component ...)
+	TODO: check
+CVE-2010-1492 (Directory traversal vulnerability in help/frameRight.php in
Elastix ...)
+	TODO: check
+CVE-2010-1491 (Directory traversal vulnerability in the MMS Blog (com_mmsblog)
...)
+	TODO: check
+CVE-2009-4810 (The Secure Remote Password (SRP) implementation in Samhain
before ...)
+	TODO: check
+CVE-2009-4809 (Directory traversal vulnerability in thumbnail.ghp in Easy File
...)
+	TODO: check
+CVE-2009-4808 (admin.php in Graugon PHP Article Publisher 1.0 allows remote
attackers ...)
+	TODO: check
+CVE-2009-4807 (Multiple SQL injection vulnerabilities in Graugon PHP Article
...)
+	TODO: check
+CVE-2009-4806 (admin/save_user.asp in Digital Interchange Document Library
1.0.1 does ...)
+	TODO: check
+CVE-2009-4805 (Multiple SQL injection vulnerabilities in EZ-Blog Beta 1, when
...)
+	TODO: check
+CVE-2009-4804 (Cross-site scripting (XSS) vulnerability in the Calendar Base
(cal) ...)
+	TODO: check
+CVE-2009-4803 (SQL injection vulnerability in the Accessibility Glossary ...)
+	TODO: check
+CVE-2009-4802 (SQL injection vulnerability in the Flat Manager (flatmgr)
extension ...)
+	TODO: check
+CVE-2009-4801 (EZ-Blog Beta 1 does not require authentication, which allows
remote ...)
+	TODO: check
 CVE-2010-1490 (Unspecified vulnerability in IBM Cognos 8 Business Intelligence
before ...)
 	TODO: check
 CVE-2009-4800 (Directory traversal vulnerability in Sysax Multi Server 4.3 and
4.5 ...)
@@ -884,8 +936,8 @@
 	NOTE: http://www.openwall.com/lists/oss-security/2010/04/14/4
 CVE-2010-1158 (Integer overflow in the regular expression engine in Perl 5.8.x
allows ...)
 	TODO: check
-CVE-2010-1157
-	RESERVED
+CVE-2010-1157 (Apache Tomcat 5.5.0 through 5.5.29 and 6.0.0 through 6.0.26
might ...)
+	TODO: check
 CVE-2010-1156 (core/nicklist.c in Irssi before 0.8.15 allows remote attackers
to ...)
 	- irssi 0.8.15-1 (low)
 	[lenny] - irssi <no-dsa> (Minor issue)
@@ -1206,10 +1258,10 @@
 	RESERVED
 CVE-2010-1036
 	RESERVED
-CVE-2010-1035
-	RESERVED
-CVE-2010-1034
-	RESERVED
+CVE-2010-1035 (Multiple unspecified vulnerabilities in HP Virtual Machine
Manager ...)
+	TODO: check
+CVE-2010-1034 (Unspecified vulnerability in HP System Management Homepage (SMH)
6.0 ...)
+	TODO: check
 CVE-2010-1033 (Multiple stack-based buffer overflows in a certain Tetradyne
ActiveX ...)
 	TODO: check
 CVE-2010-1032 (Unspecified vulnerability in HP HP-UX B.11.11 allows local users
to ...)
@@ -16433,11 +16485,11 @@
 	NOT-FOR-US: Taxonomy Theme module for Drupal
 CVE-2009-0817 (Cross-site scripting (XSS) vulnerability in the Protected Node
module ...)
 	NOT-FOR-US: Protected Node module for Drupal
-CVE-2009-0816 (Cross-site scripting (XSS) vulnerability in the backend user
interface ...)
+CVE-2009-0816 (Multiple cross-site scripting (XSS) vulnerabilities in the
backend ...)
 	{DTSA-193-1}
 	- typo3-src 4.2.6-1 (low; bug #514713)
 	[etch] - typo3-src 4.0.2+debian-8
-CVE-2009-0815 (The jumpUrl mechanism in class.tslib_fe.php in TYPO3 4.0 before
...)
+CVE-2009-0815 (The jumpUrl mechanism in class.tslib_fe.php in TYPO3 3.3.x
through ...)
 	{DTSA-193-1}
 	- typo3-src 4.2.6-1 (medium; bug #514713)
 	[etch] - typo3-src 4.0.2+debian-8
Secure testing commits - Apr 2010 - r14560 - data/CVE

[Secure-testing-commits] r14560 - data/CVE
