Author: joeyh
Date: 2010-05-28 21:15:43 +0000 (Fri, 28 May 2010)
New Revision: 14761
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2010-05-27 21:15:03 UTC (rev 14760)
+++ data/CVE/list 2010-05-28 21:15:43 UTC (rev 14761)
@@ -1,3 +1,45 @@
+CVE-2010-2104 (Directory traversal vulnerability in Orbit Downloader 3.0.0.4
and ...)
+ TODO: check
+CVE-2010-2103 (Cross-site scripting (XSS) vulnerability in ...)
+ TODO: check
+CVE-2010-2102 (Buffer overflow in Webby Webserver 1.01 allows remote attackers
to ...)
+ TODO: check
+CVE-2010-2101 (The (1) strip_tags, (2) setcookie, (3) strtok, (4) wordwrap, (5)
...)
+ TODO: check
+CVE-2010-2100 (The (1) htmlentities, (2) htmlspecialchars, (3) str_getcsv, (4)
...)
+ TODO: check
+CVE-2010-2099 (bbcode/php.bb in e107 0.7.20 and earlier does not perform access
...)
+ TODO: check
+CVE-2010-2098 (Incomplete blacklist vulnerability in usersettings.php in e107
0.7.20 ...)
+ TODO: check
+CVE-2010-2097 (The (1) iconv_mime_decode, (2) iconv_substr, and (3)
iconv_mime_encode ...)
+ TODO: check
+CVE-2010-2096 (Directory traversal vulnerability in index.php in CMSQlite 1.2
and ...)
+ TODO: check
+CVE-2010-2095 (SQL injection vulnerability in index.php in CMSQlite 1.2 and
earlier ...)
+ TODO: check
+CVE-2010-2094 (Multiple format string vulnerabilities in the phar extension in
PHP ...)
+ TODO: check
+CVE-2010-2093 (Use-after-free vulnerability in the request shutdown
functionality in ...)
+ TODO: check
+CVE-2010-2092 (SQL injection vulnerability in graph.php in Cacti 0.8.7e and
earlier ...)
+ TODO: check
+CVE-2010-2091 (Microsoft Outlook Web Access (OWA) 8.2.254.0, when Internet
Explorer 7 ...)
+ TODO: check
+CVE-2010-2090 (The npb_protocol_error function in sna V5router64 in IBM ...)
+ TODO: check
+CVE-2010-2089 (The audioop module in Python 2.7 and 3.2 does not verify the
...)
+ TODO: check
+CVE-2010-2088 (ASP.NET in Microsoft .NET 3.5 does not properly handle an
unencrypted ...)
+ TODO: check
+CVE-2010-2087 (Oracle Mojarra 1.2_14 and 2.0.2, as used in IBM WebSphere
Application ...)
+ TODO: check
+CVE-2010-2086 (Apache MyFaces 1.1.7 and 1.2.8, as used in IBM WebSphere
Application ...)
+ TODO: check
+CVE-2010-2085 (The default configuration of ASP.NET in Microsoft .NET before
1.1 has ...)
+ TODO: check
+CVE-2010-2084 (Microsoft ASP.NET 2.0 does not prevent setting the InnerHtml
property ...)
+ TODO: check
CVE-2010-2083 (Microsoft Dynamics GP has a default value of ACCESS for the
system ...)
TODO: check
CVE-2010-2082 (The web interface on the Cisco Scientific Atlanta WebSTAR
DPC2100R2 ...)
@@ -281,8 +323,8 @@
RESERVED
CVE-2010-1960
RESERVED
-CVE-2010-1959
- RESERVED
+CVE-2010-1959 (Unspecified vulnerability in HP TestDirector for Quality Center
9.2 ...)
+ TODO: check
CVE-2010-1958
RESERVED
CVE-2010-1957 (Directory traversal vulnerability in the Love Factory ...)
@@ -1032,8 +1074,8 @@
[lenny] - linux-2.6 <not-affected> (brtfs introduced in 2.6.32)
CVE-2010-1635
RESERVED
-CVE-2010-1634
- RESERVED
+CVE-2010-1634 (Multiple integer overflows in audioop.c in the audioop module in
...)
+ TODO: check
CVE-2010-1633
RESERVED
CVE-2010-1632
@@ -1578,8 +1620,8 @@
NOT-FOR-US: Photo Battle Component for Joomla!
CVE-2010-1460 (The IBM BladeCenter with Advanced Management Module (AMM)
firmware ...)
NOT-FOR-US: IBM BladeCenter Management Module
-CVE-2010-1459
- RESERVED
+CVE-2010-1459 (The default configuration of ASP.NET in Mono before 2.6.4 has a
value ...)
+ TODO: check
CVE-2010-1458 (Stack-based buffer overflow in Create and Extract Zips TweakFS
Zip ...)
NOT-FOR-US: TweakFS
CVE-2010-1167 (fetchmail 4.6.3 through 6.3.16, when debug mode is enabled, does
not ...)
@@ -1605,10 +1647,10 @@
CVE-2010-1451 (The TSB I-TLB load implementation in arch/sparc/kernel/tsb.S in
the ...)
{DSA-2053-1}
- linux-2.6 2.6.32-10
-CVE-2010-1450
- RESERVED
-CVE-2010-1449
- RESERVED
+CVE-2010-1450 (Multiple buffer overflows in the RLE decoder in the rgbimg
module in ...)
+ TODO: check
+CVE-2010-1449 (Integer overflow in rgbimgmodule.c in the rgbimg module in
Python 2.5 ...)
+ TODO: check
CVE-2010-1448 [lxr XSS on the search page]
RESERVED
- lxr-cvs <unfixed>
@@ -1954,8 +1996,8 @@
NOT-FOR-US: Pulse CMS
CVE-2010-1297
RESERVED
-CVE-2010-1296
- RESERVED
+CVE-2010-1296 (Multiple buffer overflows in Adobe Photoshop CS4 before 11.0.2
allow ...)
+ TODO: check
CVE-2010-1295
RESERVED
CVE-2010-1294 (Unspecified vulnerability in Adobe ColdFusion 8.0, 8.0.1, and
9.0 ...)
@@ -4014,18 +4056,18 @@
NOT-FOR-US: Cisco PGW
CVE-2010-0601 (The MGCP implementation on the Cisco PGW 2200 Softswitch with
software ...)
NOT-FOR-US: Cisco PGW
-CVE-2010-0600
- RESERVED
-CVE-2010-0599
- RESERVED
-CVE-2010-0598
- RESERVED
-CVE-2010-0597
- RESERVED
-CVE-2010-0596
- RESERVED
-CVE-2010-0595
- RESERVED
+CVE-2010-0600 (Cisco Mediator Framework 1.5.1 before 1.5.1.build.14-eng, 2.2
before ...)
+ TODO: check
+CVE-2010-0599 (Cisco Mediator Framework 1.5.1 before 1.5.1.build.14-eng, 2.2
before ...)
+ TODO: check
+CVE-2010-0598 (Cisco Mediator Framework 1.5.1 before 1.5.1.build.14-eng, 2.2
before ...)
+ TODO: check
+CVE-2010-0597 (Unspecified vulnerability in Cisco Mediator Framework 1.5.1
before ...)
+ TODO: check
+CVE-2010-0596 (Unspecified vulnerability in Cisco Mediator Framework 2.2 before
...)
+ TODO: check
+CVE-2010-0595 (Cisco Mediator Framework 1.5.1 before 1.5.1.build.14-eng, 2.2
before ...)
+ TODO: check
CVE-2010-0594 (Cross-site scripting (XSS) vulnerability in Cisco Router and
Security ...)
NOT-FOR-US: Cisco Router and Security Device Manager
CVE-2010-0593 (The Cisco RVS4000 4-port Gigabit Security Router before 1.3.2.0,
...)
@@ -6923,8 +6965,8 @@
CVE-2009-4135 (The distcheck rule in dist-check.mk in GNU coreutils 5.2.1
through 8.1 ...)
- coreutils <not-affected> (this issue only affects the coreutils build
process; bug #560898)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=545439
-CVE-2009-4134
- RESERVED
+CVE-2009-4134 (Buffer underflow in the rgbimg module in Python 2.5 allows
remote ...)
+ TODO: check
CVE-2009-4133 (Condor 6.5.4 through 7.2.4, 7.3.x, and 7.4.0, as used in MRG,
Grid for ...)
- condor <itp> (bug #233482)
CVE-2009-4132