Author: gilbert-guest Date: 2010-05-13 01:51:56 +0000 (Thu, 13 May 2010) New Revision: 14687 Modified: data/CVE/list Log: NFUs and new issues Modified: data/CVE/list ==================================================================--- data/CVE/list 2010-05-12 21:14:23 UTC (rev 14686) +++ data/CVE/list 2010-05-13 01:51:56 UTC (rev 14687) @@ -11,23 +11,23 @@ CVE-2010-1919 RESERVED CVE-2010-1913 (The default configuration of pluginlicense.ini for the ...) - TODO: check + NOT-FOR-US: Consona CVE-2010-1912 (The SdcWebSecureBase interface in tgctlcm.dll in Consona Live ...) - TODO: check + NOT-FOR-US: Consona CVE-2010-1911 (The site-locking implementation in the SdcWebSecureBase interface in ...) - TODO: check + NOT-FOR-US: Consona CVE-2010-1910 (The Forgot Password implementation in Consona Live Assistance, Dynamic ...) - TODO: check + NOT-FOR-US: Consona CVE-2010-1909 (Buffer overflow in the RunCmd method in the SdcUser.TgConCtl ActiveX ...) - TODO: check + NOT-FOR-US: Consona CVE-2010-1908 (The SdcUser.TgConCtl ActiveX control in tgctlcm.dll in Consona Live ...) - TODO: check + NOT-FOR-US: Consona CVE-2010-1907 (The SdcUser.TgConCtl ActiveX control in tgctlcm.dll in Consona Live ...) - TODO: check + NOT-FOR-US: ConsonA CVE-2010-1906 (tgsrv.exe in the Repair Service in Consona Dynamic Agent, Repair ...) - TODO: check + NOT-FOR-US: Consona CVE-2010-1905 (Multiple cross-site scripting (XSS) vulnerabilities in Consona Live ...) - TODO: check + NOT-FOR-US: Consona CVE-2010-1904 RESERVED CVE-2010-1903 @@ -81,19 +81,19 @@ CVE-2010-1879 RESERVED CVE-2010-1878 (Directory traversal vulnerability in the OrgChart (com_orgchart) ...) - TODO: check + NOT-FOR-US: com_orgchart component for joomla! CVE-2010-1877 (SQL injection vulnerability in the JTM Reseller (com_jtm) component ...) - TODO: check + NOT-FOR-US: com_jtm component for joomla! CVE-2010-1876 (SQL injection vulnerability in index.php in AJ Shopping Cart 1.0 ...) - TODO: check + NOT-FOR-US: AJ Shopping Cart CVE-2010-1875 (Directory traversal vulnerability in the Real Estate Property ...) - TODO: check + NOT-FOR-US: com_properties component for joomla! CVE-2010-1874 (SQL injection vulnerability in the Real Estate Property ...) - TODO: check + NOT-FOR-US: com_properties component for joomla! CVE-2010-1873 (SQL injection vulnerability in the Jvehicles (com_jvehicles) component ...) - TODO: check + NOT-FOR-US: com_jvehicles component for joomla! CVE-2010-1872 (Cross-site scripting (XSS) vulnerability in cPlayer.php in FlashCard ...) - TODO: check + NOT-FOR-US: FlashCard CVE-2010-1918 (SQL injection vulnerability in ask_chat.php in eFront 3.6.2 and ...) NOT-FOR-US: EFront ask_chat CVE-2010-1917 (Stack consumption vulnerability in PHP 5.2 through 5.2.13 and 5.3 ...) @@ -705,7 +705,7 @@ CVE-2010-1621 RESERVED CVE-2010-1620 (Integer overflow in the load_iface function in Tools/gdomap.c in ...) - TODO: check + - gnustep-base <unfixed> CVE-2010-1612 (The IBM WebSphere DataPower XML Accelerator XA35, Low Latency ...) NOT-FOR-US: IBM WebSphere DataPower XML Accelerator CVE-2010-1611 (Cross-site request forgery (CSRF) vulnerability in AlegroCart 1.1 ...) @@ -1146,7 +1146,7 @@ CVE-2010-1482 RESERVED CVE-2010-1481 (Cross-site scripting (XSS) vulnerability in the table feature in ...) - TODO: check + NOT-FOR-US: PmWiki CVE-2010-1480 (SQL injection vulnerability in the RokModule (com_rokmodule) component ...) NOT-FOR-US: component for Joomla! CVE-2010-1479 (SQL injection vulnerability in the RokModule (com_rokmodule) component ...) @@ -3044,9 +3044,9 @@ CVE-2010-0817 (Cross-site scripting (XSS) vulnerability in _layouts/help.aspx in ...) NOT-FOR-US: Microsoft SharePoint Server CVE-2010-0816 (Integer overflow in inetcomm.dll in Microsoft Outlook Express 5.5 SP2, ...) - TODO: check + NOT-FOR-US: Microsoft Outlook Express, Windows Live Mail, and Windows Mail CVE-2010-0815 (VBE6.DLL in Microsoft Office XP SP3, Office 2003 SP3, 2007 Microsoft ...) - TODO: check + NOT-FOR-US: Microsoft Office CVE-2010-0814 RESERVED CVE-2010-0813 @@ -3254,7 +3254,7 @@ - gnutls26 <not-affected> (Fixed before initial release) - gnutls13 1.2.1-1 CVE-2010-0730 (The MMIO instruction decoder in the Xen hypervisor in the Linux kernel ...) - TODO: check + - linux-2.6 <not-affected> (redhat-specific issue in the 2.6.18 xen kernel) CVE-2010-0729 (A certain Red Hat patch for the Linux kernel in Red Hat Enterprise ...) - linux-2.6 <not-affected> (vulnerability in redhat-specific patch) CVE-2010-0728 (smbd in Samba 3.3.11, 3.4.6, and 3.5.0, when libcap support is ...)