Author: joeyh
Date: 2010-05-05 21:14:20 +0000 (Wed, 05 May 2010)
New Revision: 14608
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2010-05-05 20:56:34 UTC (rev 14607)
+++ data/CVE/list 2010-05-05 21:14:20 UTC (rev 14608)
@@ -1,3 +1,49 @@
+CVE-2010-1723 (Directory traversal vulnerability in the iNetLanka Contact Us
Draw ...)
+ TODO: check
+CVE-2010-1722 (Directory traversal vulnerability in the Online Market
(com_market) ...)
+ TODO: check
+CVE-2010-1721 (SQL injection vulnerability in the Intellectual Property (aka
...)
+ TODO: check
+CVE-2010-1720 (SQL injection vulnerability in the Q-Personel (com_qpersonel)
...)
+ TODO: check
+CVE-2010-1719 (Directory traversal vulnerability in the MT Fire Eagle ...)
+ TODO: check
+CVE-2010-1718 (Directory traversal vulnerability in archeryscores.php in the
Archery ...)
+ TODO: check
+CVE-2010-1717 (Directory traversal vulnerability in the iF surfALERT ...)
+ TODO: check
+CVE-2010-1716 (SQL injection vulnerability in the Agenda Address Book
(com_agenda) ...)
+ TODO: check
+CVE-2010-1715 (Directory traversal vulnerability in the Online Examination (aka
...)
+ TODO: check
+CVE-2010-1714 (Directory traversal vulnerability in the Arcade Games ...)
+ TODO: check
+CVE-2010-1713 (SQL injection vulnerability in modules.php in PostNuke 0.764
allows ...)
+ TODO: check
+CVE-2010-1712 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+ TODO: check
+CVE-2010-1711 (Cross-site scripting (XSS) vulnerability in carga_foto_al.php in
...)
+ TODO: check
+CVE-2010-1710 (Directory traversal vulnerability in login.php in Siestta 2.0,
when ...)
+ TODO: check
+CVE-2010-1709 (Multiple cross-site scripting (XSS) vulnerabilities in
upload.cgi in ...)
+ TODO: check
+CVE-2010-1708 (Multiple SQL injection vulnerabilities in agentadmin.php in Free
...)
+ TODO: check
+CVE-2010-1707 (Multiple cross-site scripting (XSS) vulnerabilities in
register.php in ...)
+ TODO: check
+CVE-2010-1706 (Multiple SQL injection vulnerabilities in login.php in 2daybiz
Auction ...)
+ TODO: check
+CVE-2010-1705 (SQL injection vulnerability in casting_view.php in Modelbook
allows ...)
+ TODO: check
+CVE-2010-1704 (Multiple SQL injection vulnerabilities in 2daybiz Polls (aka
Advanced ...)
+ TODO: check
+CVE-2010-1703 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+ TODO: check
+CVE-2010-1702 (SQL injection vulnerability in submitticket.php in
WHMCompleteSolution ...)
+ TODO: check
+CVE-2010-1701 (SQL injection vulnerability in browse.html in PHP Video Battle
Script ...)
+ TODO: check
CVE-2010-1700
RESERVED
CVE-2010-1699
@@ -24,12 +70,12 @@
RESERVED
CVE-2010-1688
RESERVED
-CVE-2010-1687
- RESERVED
-CVE-2010-1686
- RESERVED
-CVE-2010-1685
- RESERVED
+CVE-2010-1687 (Stack-based buffer overflow in lpd.exe in Mocha W32 LPD 1.9
allows ...)
+ TODO: check
+CVE-2010-1686 (Stack-based buffer overflow in (1) Urgent Backup 3.20, and (2)
ABC ...)
+ TODO: check
+CVE-2010-1685 (Stack-based buffer overflow in CursorArts ZipWrangler 1.20
allows ...)
+ TODO: check
CVE-2010-1684
RESERVED
CVE-2010-1683
@@ -192,8 +238,8 @@
TODO: check
CVE-2010-1597 (Stack-based buffer overflow in zgtips.dll in ZipGenius
6.3.1.2552 ...)
TODO: check
-CVE-2009-4834
- RESERVED
+CVE-2009-4834 (lib.php in Zeroboard 4.1 pl7 allows remote attackers to execute
...)
+ TODO: check
CVE-2009-4833 (MySQL Connector/NET before 6.0.4, when using encryption, does
not ...)
TODO: check
CVE-2009-4832 (The dlpcrypt.sys kernel driver 0.1.1.27 in DESlock+ 4.0.2 allows
local ...)
@@ -573,8 +619,7 @@
- prosody <unfixed> (low; bug #579087)
CVE-2010-XXXX [gnome-orca: shell access without logon]
- gnome-orca 2.30.0-2 (bug #578928)
-CVE-2010-1431 [cacti sql injection BONSAI-2010-0104]
- RESERVED
+CVE-2010-1431 (SQL injection vulnerability in templates_export.php in Cacti
0.8.7e ...)
{DSA-2039-1}
- cacti 0.8.7e-3 (bug #578909)
NOTE: http://seclists.org/fulldisclosure/2010/Apr/272
@@ -1059,8 +1104,8 @@
RESERVED
CVE-2010-1280
RESERVED
-CVE-2010-1279
- RESERVED
+CVE-2010-1279 (Multiple unspecified vulnerabilities in Adobe Photoshop CS4 11.x
...)
+ TODO: check
CVE-2010-1278 (Buffer overflow in the Atlcom.get_atlcom ActiveX control in
gp.ocx in ...)
NOT-FOR-US: Adobe Download Manager
CVE-2010-1277 (SQL injection vulnerability in the user.authenticate method in
the API ...)
@@ -3084,8 +3129,8 @@
RESERVED
CVE-2010-0595
RESERVED
-CVE-2010-0594
- RESERVED
+CVE-2010-0594 (Cross-site scripting (XSS) vulnerability in Cisco Router and
Security ...)
+ TODO: check
CVE-2010-0593 (The Cisco RVS4000 4-port Gigabit Security Router before 1.3.2.0,
...)
NOT-FOR-US: Cisco RVS4000 Router
CVE-2010-0592 (The CTI Manager service in Cisco Unified Communications Manager
(aka ...)
@@ -3610,8 +3655,7 @@
NOTE: Will be fixed in s-p-u
CVE-2010-0407
RESERVED
-CVE-2010-0406
- RESERVED
+CVE-2010-0406 (OpenTTD before 1.0.1 allows remote attackers to cause a denial
of ...)
- openttd 1.0.1-1
[lenny] - openttd <no-dsa> (Contrib not supported)
TODO: next point update: [lenny] - openttd 0.6.2-1+lenny2
@@ -3621,13 +3665,11 @@
RESERVED
CVE-2010-0403
RESERVED
-CVE-2010-0402
- RESERVED
+CVE-2010-0402 (OpenTTD before 1.0.1 does not properly validate index values of
...)
- openttd 1.0.1-1
[lenny] - openttd <no-dsa> (Contrib not supported)
TODO: next point update: [lenny] - openttd 0.6.2-1+lenny2
-CVE-2010-0401
- RESERVED
+CVE-2010-0401 (OpenTTD before 1.0.1 accepts a company password for
authentication in ...)
- openttd 1.0.1-1
[lenny] - openttd <no-dsa> (Contrib not supported)
TODO: next point update: [lenny] - openttd 0.6.2-1+lenny2
@@ -4672,8 +4714,8 @@
NOT-FOR-US: Energizer DUO USB Battery Charger Software
CVE-2010-0102
RESERVED
-CVE-2010-0101
- RESERVED
+CVE-2010-0101 (The embedded HTTP server in multiple Lexmark laser and inkjet
printers ...)
+ TODO: check
CVE-2010-0100
RESERVED
CVE-2010-0099