Author: joeyh Date: 2010-05-21 21:14:47 +0000 (Fri, 21 May 2010) New Revision: 14724 Modified: data/CVE/list Log: automatic update Modified: data/CVE/list ==================================================================--- data/CVE/list 2010-05-21 10:16:14 UTC (rev 14723) +++ data/CVE/list 2010-05-21 21:14:47 UTC (rev 14724) @@ -1,3 +1,47 @@ +CVE-2010-2007 (Multiple cross-site request forgery (CSRF) vulnerabilities in LetoDMS ...) + TODO: check +CVE-2010-2006 (Directory traversal vulnerability in op/op.Login.php in LetoDMS ...) + TODO: check +CVE-2010-2005 (Multiple PHP remote file inclusion vulnerabilities in DataLife Engine ...) + TODO: check +CVE-2010-2004 (Stack-based buffer overflow in BS.Global BS.Player 2.51 Build 1022 ...) + TODO: check +CVE-2010-2003 (Cross-site scripting (XSS) vulnerability in misc/get_admin.php in ...) + TODO: check +CVE-2010-2002 (Cross-site scripting (XSS) vulnerability in the Wordfilter module 5.x ...) + TODO: check +CVE-2010-2001 (Cross-site scripting (XSS) vulnerability in the CiviRegister module ...) + TODO: check +CVE-2010-2000 (Cross-site scripting (XSS) vulnerability in the Bibliography (Biblio) ...) + TODO: check +CVE-2010-1999 (Directory traversal vulnerability in scr/soustab.php in OpenMairie ...) + TODO: check +CVE-2010-1998 (Cross-site scripting (XSS) vulnerability in the CCK TableField module ...) + TODO: check +CVE-2010-1997 (Cross-site scripting (XSS) vulnerability in admin/edit.php in Saurus ...) + TODO: check +CVE-2010-1996 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...) + TODO: check +CVE-2010-1995 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...) + TODO: check +CVE-2010-1994 (SQL injection vulnerability in index.php in TomatoCMS before 2.0.5 ...) + TODO: check +CVE-2010-1993 (Opera 9.52 does not properly handle an IFRAME element with a mailto: ...) + TODO: check +CVE-2010-1992 (Google Chrome 1.0.154.48 executes a mail application in situations ...) + TODO: check +CVE-2010-1991 (Microsoft Internet Explorer 6.0.2900.2180, 7, and 8.0.7600.16385 ...) + TODO: check +CVE-2010-1990 (Mozilla Firefox 3.6.x, 3.5.x, 3.0.19, and earlier, and SeaMonkey, ...) + TODO: check +CVE-2010-1989 (Opera 9.52 executes a mail application in situations where an IMG ...) + TODO: check +CVE-2010-1988 (Mozilla Firefox 3.6.3 on Windows XP SP3 allows remote attackers to ...) + TODO: check +CVE-2010-1987 (Mozilla Firefox 3.6.3 on Windows XP SP3 allows remote attackers to ...) + TODO: check +CVE-2010-1986 (Mozilla Firefox 3.6.3 on Windows XP SP3 allows remote attackers to ...) + TODO: check CVE-2010-1985 (Multiple cross-site scripting (XSS) vulnerabilities in the ...) TODO: check CVE-2010-1984 (Cross-site scripting (XSS) vulnerability in the Taxonomy Breadcrumb ...) @@ -2122,7 +2166,7 @@ - linux-2.6 2.6.32-12 [lenny] - linux-2.6 <not-affected> (vulnerability introduced in 2.6.30) CVE-2010-1145 - RESERVED + REJECTED CVE-2010-0751 (The ip_evictor function in ip_fragment.c in libnids 1.24, as used in ...) - libnids <unfixed> (low; bug #576281) [lenny] - libnids <no-dsa> (Minor issue) @@ -2405,8 +2449,8 @@ NOT-FOR-US: IBM DB2 Content Manager Toolkit CVE-2010-1040 (The "IP address range limitation" function in OpenPNE 1.6 through 1.8, ...) NOT-FOR-US: OpenPNE -CVE-2010-1039 - RESERVED +CVE-2010-1039 (Unspecified vulnerability in NFS/ONCplus B.11.31_09 and earlier on HP ...) + TODO: check CVE-2010-1038 (Unspecified vulnerability in HP System Insight Manager before 6.0 ...) NOT-FOR-US: HP System Insight Manager CVE-2010-1037 (Cross-site request forgery (CSRF) vulnerability in HP System Insight ...) @@ -3334,8 +3378,7 @@ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=523178 NOTE: http://cgit.freedesktop.org/DeviceKit/DeviceKit-disks/commit/?id=62f883c7d38e75d0669c162529062a1e81d00da2 NOTE: http://bugs.freedesktop.org/show_bug.cgi?id=23235 -CVE-2010-0745 [dovecot large header resource consumption/DoS] - RESERVED +CVE-2010-0745 (Unspecified vulnerability in Dovecot 1.2.x before 1.2.11 allows remote ...) - dovecot 1:1.2.11-1 (low) [lenny] - dovecot <not-affected> (Vulnerable code not present) [etch] - dovecot <not-affected> (Vulnerable code not present)