Author: joeyh Date: 2010-05-03 21:14:22 +0000 (Mon, 03 May 2010) New Revision: 14597 Modified: data/CVE/list Log: automatic update Modified: data/CVE/list ==================================================================--- data/CVE/list 2010-05-03 20:40:39 UTC (rev 14596) +++ data/CVE/list 2010-05-03 21:14:22 UTC (rev 14597) @@ -1,22 +1,224 @@ -CVE-2010-1619 [MSA-10-0001: Vulnerability in KSES text cleaning] +CVE-2010-1700 + RESERVED +CVE-2010-1699 + RESERVED +CVE-2010-1698 + RESERVED +CVE-2010-1697 + RESERVED +CVE-2010-1696 + RESERVED +CVE-2010-1695 + RESERVED +CVE-2010-1694 + RESERVED +CVE-2010-1693 + RESERVED +CVE-2010-1692 + RESERVED +CVE-2010-1691 + RESERVED +CVE-2010-1690 + RESERVED +CVE-2010-1689 + RESERVED +CVE-2010-1688 + RESERVED +CVE-2010-1687 + RESERVED +CVE-2010-1686 + RESERVED +CVE-2010-1685 + RESERVED +CVE-2010-1684 + RESERVED +CVE-2010-1683 + RESERVED +CVE-2010-1682 + RESERVED +CVE-2010-1681 + RESERVED +CVE-2010-1680 + RESERVED +CVE-2010-1679 + RESERVED +CVE-2010-1678 + RESERVED +CVE-2010-1677 + RESERVED +CVE-2010-1676 + RESERVED +CVE-2010-1675 + RESERVED +CVE-2010-1674 + RESERVED +CVE-2010-1673 + RESERVED +CVE-2010-1672 + RESERVED +CVE-2010-1671 + RESERVED +CVE-2010-1670 + RESERVED +CVE-2010-1669 + RESERVED +CVE-2010-1668 + RESERVED +CVE-2010-1667 + RESERVED +CVE-2010-1666 + RESERVED +CVE-2010-1665 (Google Chrome before 4.1.249.1064 does not properly handle fonts, ...) + TODO: check +CVE-2010-1664 (Google Chrome before 4.1.249.1064 does not properly handle HTML5 ...) + TODO: check +CVE-2010-1663 (The Google URL Parsing Library (aka google-url or GURL) in Google ...) + TODO: check +CVE-2010-1662 (Cross-site scripting (XSS) vulnerability in acpmoderate.php in ...) + TODO: check +CVE-2010-1661 (Multiple SQL injection vulnerabilities in PHP-Quick-Arcade (PHPQA) ...) + TODO: check +CVE-2010-1660 (SQL injection vulnerability in help-details.php in CLScript ...) + TODO: check +CVE-2010-1659 (Directory traversal vulnerability in the Ultimate Portfolio ...) + TODO: check +CVE-2010-1658 (Directory traversal vulnerability in the Code-Garage NoticeBoard ...) + TODO: check +CVE-2010-1657 (Directory traversal vulnerability in the SmartSite (com_smartsite) ...) + TODO: check +CVE-2010-1656 (SQL injection vulnerability in the Airiny ABC (com_abc) component ...) + TODO: check +CVE-2010-1655 (Cross-site scripting (XSS) vulnerability in User/User_ChkLogin.asp in ...) + TODO: check +CVE-2010-1654 (Multiple SQL injection vulnerabilities in system_member_login.php in ...) + TODO: check +CVE-2010-1653 (Directory traversal vulnerability in graphics.php in the Graphics ...) + TODO: check +CVE-2010-1652 (Directory traversal vulnerability in the HelpCenter module in Help ...) + TODO: check +CVE-2010-1651 (IBM WebSphere Application Server (WAS) 6.1.x before 6.1.0.31 and 7.0.x ...) + TODO: check +CVE-2010-1650 (IBM WebSphere Application Server (WAS) 6.0.x before 6.0.2.41, 6.1.x ...) + TODO: check +CVE-2010-1649 + RESERVED +CVE-2010-1648 + RESERVED +CVE-2010-1647 + RESERVED +CVE-2010-1646 + RESERVED +CVE-2010-1645 + RESERVED +CVE-2010-1644 + RESERVED +CVE-2010-1643 + RESERVED +CVE-2010-1642 + RESERVED +CVE-2010-1641 + RESERVED +CVE-2010-1640 + RESERVED +CVE-2010-1639 + RESERVED +CVE-2010-1638 + RESERVED +CVE-2010-1637 + RESERVED +CVE-2010-1636 + RESERVED +CVE-2010-1635 + RESERVED +CVE-2010-1634 + RESERVED +CVE-2010-1633 + RESERVED +CVE-2010-1632 + RESERVED +CVE-2010-1631 + RESERVED +CVE-2010-1630 + RESERVED +CVE-2010-1629 + RESERVED +CVE-2010-1628 + RESERVED +CVE-2010-1627 + RESERVED +CVE-2010-1626 + RESERVED +CVE-2010-1625 + RESERVED +CVE-2010-1624 + RESERVED +CVE-2010-1623 + RESERVED +CVE-2010-1622 + RESERVED +CVE-2010-1621 + RESERVED +CVE-2010-1620 + RESERVED +CVE-2010-1612 (The IBM WebSphere DataPower XML Accelerator XA35, Low Latency ...) + TODO: check +CVE-2010-1611 (Cross-site request forgery (CSRF) vulnerability in AlegroCart 1.1 ...) + TODO: check +CVE-2010-1610 (Cross-site request forgery (CSRF) vulnerability in index.php in ...) + TODO: check +CVE-2010-1609 (Cross-site scripting (XSS) vulnerability in SAP NetWeaver 2004 before ...) + TODO: check +CVE-2010-1608 (Stack-based buffer overflow in IBM Lotus Notes 8.5 and 8.5fp1, and ...) + TODO: check +CVE-2010-1607 (Directory traversal vulnerability in wmi.php in the Webmoney Web ...) + TODO: check +CVE-2010-1606 (Multiple cross-site scripting (XSS) vulnerabilities in NCT Jobs Portal ...) + TODO: check +CVE-2010-1605 (Multiple SQL injection vulnerabilities in isearch.php in NCT Jobs ...) + TODO: check +CVE-2010-1604 (Multiple SQL injection vulnerabilities in admin_login.php in NCT Jobs ...) + TODO: check +CVE-2010-1603 (Directory traversal vulnerability in the ZiMB Core (aka ZiMBCore or ...) + TODO: check +CVE-2010-1602 (Directory traversal vulnerability in the ZiMB Comment ...) + TODO: check +CVE-2010-1601 (Directory traversal vulnerability in the JA Comment (com_jacomment) ...) + TODO: check +CVE-2010-1600 (SQL injection vulnerability in the Media Mall Factory (com_mediamall) ...) + TODO: check +CVE-2010-1599 (SQL injection vulnerability in loadorder.php in NKInFoWeb 2.5 and ...) + TODO: check +CVE-2010-1598 (phpThumb.php in phpThumb() 1.7.9 and possibly other versions, when ...) + TODO: check +CVE-2010-1597 (Stack-based buffer overflow in zgtips.dll in ZipGenius 6.3.1.2552 ...) + TODO: check +CVE-2009-4834 + RESERVED +CVE-2009-4833 (MySQL Connector/NET before 6.0.4, when using encryption, does not ...) + TODO: check +CVE-2009-4832 (The dlpcrypt.sys kernel driver 0.1.1.27 in DESlock+ 4.0.2 allows local ...) + TODO: check +CVE-2009-4831 (Cerulean Studios Trillian 3.1 Basic does not check SSL certificates ...) + TODO: check +CVE-2010-1619 (Cross-site scripting (XSS) vulnerability in the ...) - moodle <undetermined> TODO: check -CVE-2010-1618 [MSA-10-0002: XSS vulnerabilty in the phpcas module] +CVE-2010-1618 (Cross-site scripting (XSS) vulnerability in the phpCAS client library ...) - moodle <undetermined> TODO: check -CVE-2010-1617 [MSA-10-0003: Disclosure of full user names] +CVE-2010-1617 (user/view.php in Moodle 1.8.x before 1.8.12 and 1.9.x before 1.9.8 ...) - moodle <undetermined> TODO: check -CVE-2010-1616 [MSA-10-0004: Improved access control in course restore] +CVE-2010-1616 (Moodle 1.8.x and 1.9.x before 1.9.8 can create new roles when ...) - moodle <undetermined> TODO: check -CVE-2010-1615 [MSA-10-0006: SQL injection in Wiki module, MSA-10-0005: Incorrect validation of forms data] +CVE-2010-1615 (Multiple SQL injection vulnerabilities in Moodle 1.8.x before 1.8.12 ...) - moodle <undetermined> TODO: check -CVE-2010-1614 [MSA-10-0008: Persistent XSS when using Login-as feature, MSA-10-0007: Reflective Cross Site Scripting (XSS) in the Moodle Global Search Engine] +CVE-2010-1614 (Multiple cross-site scripting (XSS) vulnerabilities in Moodle 1.8.x ...) - moodle <undetermined> TODO: check -CVE-2010-1613 [MSA-10-0009: Session fixation prevention now turned on by default] +CVE-2010-1613 (Moodle 1.8.x and 1.9.x before 1.9.8 does not enable the "Regenerate ...) - moodle <undetermined> TODO: check CVE-2010-1596 (Support Incident Tracker before 3.51, when using LDAP authentication ...) @@ -1180,8 +1382,7 @@ RESERVED CVE-2010-1168 RESERVED -CVE-2010-1166 [xorg remote code execution vulnerability] - RESERVED +CVE-2010-1166 (The fbComposite function in fbpict.c in the Render extension in the X ...) - xorg-server <not-affected> (Xorg in Lenny onwards uses Pixman, which isn''t affected) NOTE: https://rhn.redhat.com/errata/RHSA-2010-0382.html CVE-2010-1165 (Atlassian JIRA 3.12 through 4.1 allows remote authenticated ...) @@ -2285,8 +2486,8 @@ RESERVED CVE-2010-0818 RESERVED -CVE-2010-0817 - RESERVED +CVE-2010-0817 (Cross-site scripting (XSS) vulnerability in _layouts/help.aspx in ...) + TODO: check CVE-2010-0816 RESERVED CVE-2010-0815 @@ -55216,9 +55417,9 @@ CVE-2006-5482 (ufs_vnops.c in FreeBSD 6.1 allows local users to cause an unspecified ...) - kfreebsd-5 <unfixed> (low) [etch] - kfreebsd-5 <no-dsa> (no security support for freebsd) -CVE-2006-5481 (Multiple PHP remote file inclusion vulnerabilities in Castor 1.1.1 ...) +CVE-2006-5481 (Multiple PHP remote file inclusion vulnerabilities in 2le.net Castor ...) NOT-FOR-US: Castor -CVE-2006-5480 (PHP remote file inclusion vulnerability in lib/rs.php in Castor 1.1.1 ...) +CVE-2006-5480 (PHP remote file inclusion vulnerability in lib/rs.php in 2le.net ...) NOT-FOR-US: Castor CVE-2006-5479 (The NCP Engine in Novell eDirectory before 8.7.3.8 FTF1 allows remote ...) NOT-FOR-US: Novell eDirectory