Author: joeyh Date: 2010-05-12 21:14:23 +0000 (Wed, 12 May 2010) New Revision: 14686 Modified: data/CVE/list Log: automatic update Modified: data/CVE/list ==================================================================--- data/CVE/list 2010-05-12 17:08:25 UTC (rev 14685) +++ data/CVE/list 2010-05-12 21:14:23 UTC (rev 14686) @@ -1,20 +1,115 @@ -CVE-2010-1918 [MOPS-2010-018 EFront ask_chat] +CVE-2010-1933 + RESERVED +CVE-2010-1932 + RESERVED +CVE-2010-1931 + RESERVED +CVE-2010-1930 + RESERVED +CVE-2010-1929 + RESERVED +CVE-2010-1919 + RESERVED +CVE-2010-1913 (The default configuration of pluginlicense.ini for the ...) + TODO: check +CVE-2010-1912 (The SdcWebSecureBase interface in tgctlcm.dll in Consona Live ...) + TODO: check +CVE-2010-1911 (The site-locking implementation in the SdcWebSecureBase interface in ...) + TODO: check +CVE-2010-1910 (The Forgot Password implementation in Consona Live Assistance, Dynamic ...) + TODO: check +CVE-2010-1909 (Buffer overflow in the RunCmd method in the SdcUser.TgConCtl ActiveX ...) + TODO: check +CVE-2010-1908 (The SdcUser.TgConCtl ActiveX control in tgctlcm.dll in Consona Live ...) + TODO: check +CVE-2010-1907 (The SdcUser.TgConCtl ActiveX control in tgctlcm.dll in Consona Live ...) + TODO: check +CVE-2010-1906 (tgsrv.exe in the Repair Service in Consona Dynamic Agent, Repair ...) + TODO: check +CVE-2010-1905 (Multiple cross-site scripting (XSS) vulnerabilities in Consona Live ...) + TODO: check +CVE-2010-1904 + RESERVED +CVE-2010-1903 + RESERVED +CVE-2010-1902 + RESERVED +CVE-2010-1901 + RESERVED +CVE-2010-1900 + RESERVED +CVE-2010-1899 + RESERVED +CVE-2010-1898 + RESERVED +CVE-2010-1897 + RESERVED +CVE-2010-1896 + RESERVED +CVE-2010-1895 + RESERVED +CVE-2010-1894 + RESERVED +CVE-2010-1893 + RESERVED +CVE-2010-1892 + RESERVED +CVE-2010-1891 + RESERVED +CVE-2010-1890 + RESERVED +CVE-2010-1889 + RESERVED +CVE-2010-1888 + RESERVED +CVE-2010-1887 + RESERVED +CVE-2010-1886 + RESERVED +CVE-2010-1885 + RESERVED +CVE-2010-1884 + RESERVED +CVE-2010-1883 + RESERVED +CVE-2010-1882 + RESERVED +CVE-2010-1881 + RESERVED +CVE-2010-1880 + RESERVED +CVE-2010-1879 + RESERVED +CVE-2010-1878 (Directory traversal vulnerability in the OrgChart (com_orgchart) ...) + TODO: check +CVE-2010-1877 (SQL injection vulnerability in the JTM Reseller (com_jtm) component ...) + TODO: check +CVE-2010-1876 (SQL injection vulnerability in index.php in AJ Shopping Cart 1.0 ...) + TODO: check +CVE-2010-1875 (Directory traversal vulnerability in the Real Estate Property ...) + TODO: check +CVE-2010-1874 (SQL injection vulnerability in the Real Estate Property ...) + TODO: check +CVE-2010-1873 (SQL injection vulnerability in the Jvehicles (com_jvehicles) component ...) + TODO: check +CVE-2010-1872 (Cross-site scripting (XSS) vulnerability in cPlayer.php in FlashCard ...) + TODO: check +CVE-2010-1918 (SQL injection vulnerability in ask_chat.php in eFront 3.6.2 and ...) NOT-FOR-US: EFront ask_chat -CVE-2010-1917 [MOPS-2010-021 fnmatch stack exhaustion] +CVE-2010-1917 (Stack consumption vulnerability in PHP 5.2 through 5.2.13 and 5.3 ...) - php5 <unfixed> (low) [lenny] - php5 <no-dsa> (low) -CVE-2010-1916 [MOPS-2010-019 xinha config injection] +CVE-2010-1916 (The dynamic configuration feature in Xinha WYSIWYG editor 0.96 Beta 2 ...) TODO: check the embedded copies -CVE-2010-1915 [MOPS-2010-017 preg_quote] +CVE-2010-1915 (The preg_quote function in PHP 5.2 through 5.2.13 and 5.3 through ...) - php5 <unfixed> (unimportant) -CVE-2010-1914 [MOPS-2010-014,15,16] +CVE-2010-1914 (The Zend Engine in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows ...) - php5 <unfixed> (unimportant) CVE-2010-1871 RESERVED CVE-2010-1870 RESERVED -CVE-2010-1869 [ghostscript buffer overflow] - RESERVED +CVE-2010-1869 (Stack-based buffer overflow in the parser function in GhostScript 8.70 ...) - ghostscript <undetermined> NOTE: http://www.openwall.com/lists/oss-security/2010/05/11/3 TODO: check @@ -609,8 +704,8 @@ RESERVED CVE-2010-1621 RESERVED -CVE-2010-1620 - RESERVED +CVE-2010-1620 (Integer overflow in the load_iface function in Tools/gdomap.c in ...) + TODO: check CVE-2010-1612 (The IBM WebSphere DataPower XML Accelerator XA35, Low Latency ...) NOT-FOR-US: IBM WebSphere DataPower XML Accelerator CVE-2010-1611 (Cross-site request forgery (CSRF) vulnerability in AlegroCart 1.1 ...) @@ -1050,8 +1145,8 @@ RESERVED CVE-2010-1482 RESERVED -CVE-2010-1481 - RESERVED +CVE-2010-1481 (Cross-site scripting (XSS) vulnerability in the table feature in ...) + TODO: check CVE-2010-1480 (SQL injection vulnerability in the RokModule (com_rokmodule) component ...) NOT-FOR-US: component for Joomla! CVE-2010-1479 (SQL injection vulnerability in the RokModule (com_rokmodule) component ...) @@ -1119,15 +1214,13 @@ [lenny] - fetchmail <no-dsa> (only vulnerable when run under debug verbosity level) NOTE: http://www.fetchmail.info/fetchmail-SA-2010-02.txt NOTE: http://gitorious.org/fetchmail/fetchmail/commit/ec06293 -CVE-2010-1457 [gdomap file disclosure] - RESERVED +CVE-2010-1457 (Tools/gdomap.c in gdomap in GNUstep Base before 1.20.0 allows local ...) - gnustep-base <unfixed> [lenny] - gnustep-base <not-affected> (Not installed setuid root) NOTE: http://thread.gmane.org/gmane.comp.lib.gnustep.bugs/12336 CVE-2010-1456 RESERVED -CVE-2010-1455 [DOCSIS wireshark] - RESERVED +CVE-2010-1455 (The DOCSIS dissector in Wireshark 0.9.6 through 1.0.12 and 1.2.0 ...) - wireshark <unfixed> (unimportant) NOTE: Not triggerable remotely CVE-2010-1454 @@ -2950,10 +3043,10 @@ RESERVED CVE-2010-0817 (Cross-site scripting (XSS) vulnerability in _layouts/help.aspx in ...) NOT-FOR-US: Microsoft SharePoint Server -CVE-2010-0816 - RESERVED -CVE-2010-0815 - RESERVED +CVE-2010-0816 (Integer overflow in inetcomm.dll in Microsoft Outlook Express 5.5 SP2, ...) + TODO: check +CVE-2010-0815 (VBE6.DLL in Microsoft Office XP SP3, Office 2003 SP3, 2007 Microsoft ...) + TODO: check CVE-2010-0814 RESERVED CVE-2010-0813 @@ -3160,8 +3253,8 @@ CVE-2010-0731 (The gnutls_x509_crt_get_serial function in the GnuTLS library before ...) - gnutls26 <not-affected> (Fixed before initial release) - gnutls13 1.2.1-1 -CVE-2010-0730 - RESERVED +CVE-2010-0730 (The MMIO instruction decoder in the Xen hypervisor in the Linux kernel ...) + TODO: check CVE-2010-0729 (A certain Red Hat patch for the Linux kernel in Red Hat Enterprise ...) - linux-2.6 <not-affected> (vulnerability in redhat-specific patch) CVE-2010-0728 (smbd in Samba 3.3.11, 3.4.6, and 3.5.0, when libcap support is ...)