Author: joeyh
Date: 2010-06-02 21:15:30 +0000 (Wed, 02 Jun 2010)
New Revision: 14784
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2010-06-02 18:47:14 UTC (rev 14783)
+++ data/CVE/list 2010-06-02 21:15:30 UTC (rev 14784)
@@ -1,3 +1,33 @@
+CVE-2010-2129 (Directory traversal vulnerability in the JE Ajax Event Calendar
...)
+ TODO: check
+CVE-2010-2128 (Directory traversal vulnerability in the JE Quotation Form ...)
+ TODO: check
+CVE-2010-2127 (PHP remote file inclusion vulnerability in gallery.php in JV2
Folder ...)
+ TODO: check
+CVE-2010-2126 (Multiple PHP remote file inclusion vulnerabilities in Snipe
Gallery ...)
+ TODO: check
+CVE-2010-2125 (Multiple cross-site scripting (XSS) vulnerabilities in the Rotor
...)
+ TODO: check
+CVE-2010-2124 (SQL injection vulnerability in firma.php in Bartels Schone
ConPresso ...)
+ TODO: check
+CVE-2010-2123 (Multiple cross-site scripting (XSS) vulnerabilities in the Storm
...)
+ TODO: check
+CVE-2010-2122 (Directory traversal vulnerability in the SimpleDownload ...)
+ TODO: check
+CVE-2010-2121 (Opera 9.52 allows remote attackers to cause a denial of service
...)
+ TODO: check
+CVE-2010-2120 (Google Chrome 1.0.154.48 allows remote attackers to cause a
denial of ...)
+ TODO: check
+CVE-2010-2119 (Microsoft Internet Explorer 6.0.2900.2180 allows remote
attackers to ...)
+ TODO: check
+CVE-2010-2118 (Microsoft Internet Explorer 6.0.2900.2180 and 8.0.7600.16385
allows ...)
+ TODO: check
+CVE-2010-2117 (Mozilla Firefox 3.0.19, 3.5.x, and 3.6.x allows remote attackers
to ...)
+ TODO: check
+CVE-2009-4881 (Integer overflow in the __vstrfmon_l function in
stdlib/strfmon_l.c in ...)
+ TODO: check
+CVE-2009-4880 (Multiple integer overflows in the strfmon implementation in the
GNU C ...)
+ TODO: check
CVE-2010-XXXX [rpm setuid handling]
- rpm <unfixed> (bug #584257; unimportant)
NOTE: Marking as unimportant since rpm isn''t used as a package
manager
@@ -1096,8 +1126,7 @@
RESERVED
- samba <unfixed> (unimportant)
NOTE: Only crashes a single connection, not the entire smbd
-CVE-2010-1641 [gfs2 ioctl permissions issue]
- RESERVED
+CVE-2010-1641 (The do_gfs2_set_flags function in fs/gfs2/file.c in the Linux
kernel ...)
- linux-2.6 <unfixed>
CVE-2010-1640 (Off-by-one error in the parseicon function in
libclamav/pe_icons.c in ...)
TODO: check
@@ -2742,7 +2771,7 @@
NOT-FOR-US: IBM DB2 Content Manager Toolkit
CVE-2010-1040 (The "IP address range limitation" function in
OpenPNE 1.6 through 1.8, ...)
NOT-FOR-US: OpenPNE
-CVE-2010-1039 (Integer overflow in an unspecified log function in rpc.pcnfsd in
IBM ...)
+CVE-2010-1039 (Format string vulnerability in the _msgout function in
rpc.pcnfsd in ...)
NOT-FOR-US: HP-UX
CVE-2010-1038 (Unspecified vulnerability in HP System Insight Manager before
6.0 ...)
NOT-FOR-US: HP System Insight Manager
@@ -3416,8 +3445,8 @@
RESERVED
CVE-2010-0831
RESERVED
-CVE-2010-0830
- RESERVED
+CVE-2010-0830 (Integer signedness error in the elf_get_dynamic_info function in
...)
+ TODO: check
CVE-2010-0829 (Multiple array index errors in set.c in dvipng 1.11 and 1.12,
and ...)
{DSA-2048-1}
- dvipng 1.13-1 (low; bug #580628)
@@ -5045,8 +5074,8 @@
- qemu-kvm 0.11.1+dfsg-1
- kvm <removed> (low)
[lenny] - kvm <no-dsa> (minor issue)
-CVE-2010-0296
- RESERVED
+CVE-2010-0296 (The encode_name macro in misc/mntent_r.c in the GNU C Library
(aka ...)
+ TODO: check
CVE-2010-0295 (lighttpd before 1.4.26, and 1.5.x, allocates a buffer for each
read ...)
{DSA-1987-1}
- lighttpd 1.4.26-1 (medium)