Author: joeyh Date: 2010-06-09 21:14:17 +0000 (Wed, 09 Jun 2010) New Revision: 14836 Modified: data/CVE/list Log: automatic update Modified: data/CVE/list ==================================================================--- data/CVE/list 2010-06-09 17:10:35 UTC (rev 14835) +++ data/CVE/list 2010-06-09 21:14:17 UTC (rev 14836) @@ -1,3 +1,55 @@ +CVE-2010-2220 + RESERVED +CVE-2010-2219 + RESERVED +CVE-2010-2218 + RESERVED +CVE-2010-2217 + RESERVED +CVE-2010-2216 + RESERVED +CVE-2010-2215 + RESERVED +CVE-2010-2214 + RESERVED +CVE-2010-2213 + RESERVED +CVE-2010-2212 + RESERVED +CVE-2010-2211 + RESERVED +CVE-2010-2210 + RESERVED +CVE-2010-2209 + RESERVED +CVE-2010-2208 + RESERVED +CVE-2010-2207 + RESERVED +CVE-2010-2206 + RESERVED +CVE-2010-2205 + RESERVED +CVE-2010-2204 + RESERVED +CVE-2010-2203 + RESERVED +CVE-2010-2202 + RESERVED +CVE-2010-2201 + RESERVED +CVE-2010-2200 + RESERVED +CVE-2010-2199 (lib/fsm.c in RPM 4.8.0 and earlier does not properly reset the ...) + TODO: check +CVE-2010-2198 (lib/fsm.c in RPM 4.8.0 and earlier does not properly reset the ...) + TODO: check +CVE-2010-2197 (rpmbuild in RPM 4.8.0 and earlier does not properly parse the syntax ...) + TODO: check +CVE-2005-4889 (lib/fsm.c in RPM before 4.4.3 does not properly reset the metadata of ...) + TODO: check +CVE-2004-2768 (dpkg 1.9.21 does not properly reset the metadata of a file during ...) + TODO: check CVE-2010-2196 RESERVED CVE-2010-2195 @@ -332,8 +384,8 @@ - beanstalkd <unfixed> (bug #585162) NOTE: Package description reads: "Beanstalkd is meant to be ran in a trusted network, NOTE: "as it has no authorisation/authentication mechanisms". So this is likely a non-issue -CVE-2010-2059 - RESERVED +CVE-2010-2059 (lib/fsm.c in RPM 4.8.0 and unspecified 4.7.x and 4.6.x versions, and ...) + TODO: check CVE-2010-2058 (setup.py in Prewikka 0.9.14 installs prewikka.conf with world-readable ...) - prewikka <unfixed> (bug #584469) CVE-2010-2057 @@ -705,10 +757,10 @@ RESERVED CVE-2010-1881 RESERVED -CVE-2010-1880 - RESERVED -CVE-2010-1879 - RESERVED +CVE-2010-1880 (Unspecified vulnerability in Quartz.dll for DirectShow on Microsoft ...) + TODO: check +CVE-2010-1879 (Unspecified vulnerability in Quartz.dll for DirectShow; Windows Media ...) + TODO: check CVE-2010-1878 (Directory traversal vulnerability in the OrgChart (com_orgchart) ...) NOT-FOR-US: com_orgchart component for joomla! CVE-2010-1877 (SQL injection vulnerability in the JTM Reseller (com_jtm) component ...) @@ -2256,8 +2308,8 @@ NOT-FOR-US: Pepsi CMS CVE-2010-1298 (Directory traversal vulnerability in view.php in Pulse CMS 1.2.2 ...) NOT-FOR-US: Pulse CMS -CVE-2010-1297 - RESERVED +CVE-2010-1297 (Unspecified vulnerability in Adobe Flash Player 9.0.x through 9.0.262 ...) + TODO: check CVE-2010-1296 (Multiple buffer overflows in Adobe Photoshop CS4 before 11.0.2 allow ...) NOT-FOR-US: Adobe Photoshop CS4 CVE-2010-1295 @@ -2325,46 +2377,46 @@ NOT-FOR-US: WebMaid CMS CVE-2010-1265 (SQL injection vulnerability in Adam Corley dcsFlashGames ...) NOT-FOR-US: dcsFlashGames -CVE-2010-1264 - RESERVED -CVE-2010-1263 - RESERVED -CVE-2010-1262 - RESERVED -CVE-2010-1261 - RESERVED -CVE-2010-1260 - RESERVED -CVE-2010-1259 - RESERVED +CVE-2010-1264 (Unspecified vulnerability in Microsoft Windows SharePoint Services 3.0 ...) + TODO: check +CVE-2010-1263 (Unspecified vulnerability in Microsoft Office XP SP3, Office 2003 SP3, ...) + TODO: check +CVE-2010-1262 (Microsoft Internet Explorer 6 SP1 and SP2, 7, and 8 allows remote ...) + TODO: check +CVE-2010-1261 (The IE8 Developer Toolbar in Microsoft Internet Explorer 8 SP1, SP2, ...) + TODO: check +CVE-2010-1260 (The IE8 Developer Toolbar in Microsoft Internet Explorer 8 SP1, SP2, ...) + TODO: check +CVE-2010-1259 (Microsoft Internet Explorer 6 SP1 and SP2, 7, and 8 allows remote ...) + TODO: check CVE-2010-1258 RESERVED -CVE-2010-1257 - RESERVED -CVE-2010-1256 - RESERVED -CVE-2010-1255 - RESERVED -CVE-2010-1254 - RESERVED -CVE-2010-1253 - RESERVED -CVE-2010-1252 - RESERVED -CVE-2010-1251 - RESERVED -CVE-2010-1250 - RESERVED -CVE-2010-1249 - RESERVED -CVE-2010-1248 - RESERVED -CVE-2010-1247 - RESERVED -CVE-2010-1246 - RESERVED -CVE-2010-1245 - RESERVED +CVE-2010-1257 (Cross-site scripting (XSS) vulnerability in the toStaticHTML API, as ...) + TODO: check +CVE-2010-1256 (Unspecified vulnerability in Microsoft IIS 6.0, 7.0, and 7.5, when ...) + TODO: check +CVE-2010-1255 (The Windows kernel-mode drivers in win32k.sys in Microsoft Windows ...) + TODO: check +CVE-2010-1254 (The installation for Microsoft Open XML File Format Converter for Mac ...) + TODO: check +CVE-2010-1253 (Unspecified vulnerability in Microsoft Office Excel 2002 SP3, 2007 ...) + TODO: check +CVE-2010-1252 (Unspecified vulnerability in Microsoft Office Excel 2002 SP3 and ...) + TODO: check +CVE-2010-1251 (Unspecified vulnerability in Microsoft Office Excel 2002 SP3 and ...) + TODO: check +CVE-2010-1250 (Unspecified vulnerability in Microsoft Office Excel 2002 SP3, Office ...) + TODO: check +CVE-2010-1249 (Unspecified vulnerability in Microsoft Office Excel 2002 SP3, Office ...) + TODO: check +CVE-2010-1248 (Unspecified vulnerability in Microsoft Office Excel 2002 SP3 and ...) + TODO: check +CVE-2010-1247 (Unspecified vulnerability in Microsoft Office Excel 2002 SP3 allows ...) + TODO: check +CVE-2010-1246 (Unspecified vulnerability in Microsoft Office Excel 2002 SP3 allows ...) + TODO: check +CVE-2010-1245 (Unspecified vulnerability in Microsoft Office Excel 2002 SP3, Office ...) + TODO: check CVE-2010-XXXX [tcpdf code execution via tcpdf tag] - moodle <not-affected> (Vulnerable code not present) - phpmyadmin <not-affected> (Vulnerable code not present) @@ -3720,18 +3772,18 @@ NOTE: http://drupal.org/node/731710 CVE-2010-XXXX [linux-ftpd: null ptr dereference] - linux-ftpd <not-affected> (Performs proper length checks, see #572813) -CVE-2010-0824 - RESERVED -CVE-2010-0823 - RESERVED -CVE-2010-0822 - RESERVED -CVE-2010-0821 - RESERVED +CVE-2010-0824 (Unspecified vulnerability in Microsoft Office Excel 2002 SP3 and ...) + TODO: check +CVE-2010-0823 (Unspecified vulnerability in Microsoft Office Excel 2002 SP3, 2003 ...) + TODO: check +CVE-2010-0822 (Microsoft Office Excel 2002 SP3, Office 2004 for Mac, Office 2008 for ...) + TODO: check +CVE-2010-0821 (Unspecified vulnerability in Microsoft Office Excel 2002 SP3, 2003 ...) + TODO: check CVE-2010-0820 RESERVED -CVE-2010-0819 - RESERVED +CVE-2010-0819 (Unspecified vulnerability in the Windows OpenType Compact Font Format ...) + TODO: check CVE-2010-0818 RESERVED CVE-2010-0817 (Cross-site scripting (XSS) vulnerability in _layouts/help.aspx in ...) @@ -3746,8 +3798,8 @@ RESERVED CVE-2010-0812 (Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, ...) NOT-FOR-US: Microsoft Windows -CVE-2010-0811 - RESERVED +CVE-2010-0811 (Unspecified vulnerability in the Microsoft Internet Explorer 8 ...) + TODO: check CVE-2010-0810 (The kernel in Microsoft Windows Vista Gold, SP1, and SP2, and Windows ...) NOT-FOR-US: Microsoft Windows CVE-2010-0809 @@ -4649,10 +4701,10 @@ NOT-FOR-US: Microsoft Windows CVE-2010-0486 (The WinVerifyTrust function in Authenticode Signature Verification ...) NOT-FOR-US: Microsoft Windows -CVE-2010-0485 - RESERVED -CVE-2010-0484 - RESERVED +CVE-2010-0485 (The Windows kernel-mode drivers in win32k.sys in Microsoft Windows ...) + TODO: check +CVE-2010-0484 (The Windows kernel-mode drivers in win32k.sys in Microsoft Windows ...) + TODO: check CVE-2010-0483 (vbscript.dll in VBScript 5.1, 5.6, 5.7, and 5.8 in Microsoft Windows ...) NOT-FOR-US: Microsoft Windows CVE-2010-0482 (The kernel in Microsoft Windows Server 2008 R2 and Windows 7 does not ...)