thr3ads.net - Secure testing commits - [Secure-testing-commits] r14873

If this information is useful, please help other people find it:
Share via:
Joey Hess
2010-Jun-15 21:14 UTC
[Secure-testing-commits] r14873 - data/CVE

Author: joeyh
Date: 2010-06-15 21:14:24 +0000 (Tue, 15 Jun 2010)
New Revision: 14873

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2010-06-15 14:48:15 UTC (rev 14872)
+++ data/CVE/list	2010-06-15 21:14:24 UTC (rev 14873)
@@ -1,9 +1,61 @@
-CVE-2010-2265
-	RESERVED
+CVE-2010-2294 (Cross-site request forgery (CSRF) vulnerability in Plume CMS
1.2.4 and ...)
+	TODO: check
+CVE-2010-2293 (The Ping tools web interface in Dlink Di-604 router allows
remote ...)
+	TODO: check
+CVE-2010-2292 (Cross-site scripting (XSS) vulnerability in the Ping tools web
...)
+	TODO: check
+CVE-2010-2291 (Unspecified vulnerability in the web interface in snom VoIP
Phone ...)
+	TODO: check
+CVE-2010-2290 (Cross-site scripting (XSS) vulnerability in cgi-bin/cgix/help in
...)
+	TODO: check
+CVE-2010-2289 (Open redirect vulnerability in dana/home/homepage.cgi in Juniper
...)
+	TODO: check
+CVE-2010-2288 (Cross-site scripting (XSS) vulnerability in dana/nc/ncrun.cgi in
...)
+	TODO: check
+CVE-2010-2282 (Cross-site request forgery (CSRF) vulnerability in TomatoCMS
2.0.6 ...)
+	TODO: check
+CVE-2010-2281 (Multiple cross-site scripting (XSS) vulnerabilities in index.php
in ...)
+	TODO: check
+CVE-2010-2280 (Open redirect vulnerability in the Mobile component in IBM Lotus
...)
+	TODO: check
+CVE-2010-2279 (The Top Updates implementation in the Homepage component in IBM
Lotus ...)
+	TODO: check
+CVE-2010-2278 (The bookmarklet pop-up in the Bookmarks component in IBM Lotus
...)
+	TODO: check
+CVE-2010-2277 (Multiple cross-site scripting (XSS) vulnerabilities in IBM Lotus
...)
+	TODO: check
+CVE-2010-2276 (The default configuration of the build process in Dojo 0.4.x
before ...)
+	TODO: check
+CVE-2010-2275 (Cross-site scripting (XSS) vulnerability in
dijit/tests/_testCommon.js ...)
+	TODO: check
+CVE-2010-2274 (Multiple open redirect vulnerabilities in Dojo 1.0.x before
1.0.3, ...)
+	TODO: check
+CVE-2010-2273 (Multiple cross-site scripting (XSS) vulnerabilities in Dojo
1.0.x ...)
+	TODO: check
+CVE-2010-2272 (Unspecified vulnerability in iframe_history.html in Dojo 0.4.x
before ...)
+	TODO: check
+CVE-2010-2271 (Format string vulnerability in authcfg.cgi in Accoria Web Server
(aka ...)
+	TODO: check
+CVE-2010-2270 (Accoria Web Server (aka Rock Web Server) 1.4.7 uses a
predictable ...)
+	TODO: check
+CVE-2010-2269 (Directory traversal vulnerability in loadstatic.cgi in Accoria
Web ...)
+	TODO: check
+CVE-2010-2268 (Cross-site request forgery (CSRF) vulnerability in authcfg.cgi
in ...)
+	TODO: check
+CVE-2010-2267 (Multiple cross-site scripting (XSS) vulnerabilities in Accoria
Web ...)
+	TODO: check
+CVE-2010-2266 (nginx 0.8.36 allows remote attackers to cause a denial of
service ...)
+	TODO: check
+CVE-2009-4894 (Multiple cross-site scripting (XSS) vulnerabilities in
profile.php in ...)
+	TODO: check
+CVE-2009-4893 (Buffer overflow in UnrealIRCd 3.2beta11 through 3.2.8, when ...)
+	TODO: check
+CVE-2010-2265 (Cross-site scripting (XSS) vulnerability in the GetServerName
function ...)
+	TODO: check
 CVE-2010-2264 (The Cascading Style Sheets (CSS) implementation in WebKit in
Apple ...)
 	- webkit <undetermined>
-CVE-2010-2263
-	RESERVED
+CVE-2010-2263 (nginx 0.8 before 0.8.40 and 0.7 before 0.7.66, when running on
...)
+	TODO: check
 CVE-2009-4892 (SQL injection vulnerability in Content Management System
WEBjump! ...)
 	TODO: check
 CVE-2009-4891 (SQL injection vulnerability in index.php in CS-Cart 2.0.0 Beta 3
...)
@@ -24,15 +76,15 @@
 	TODO: check
 CVE-2009-4883 (SQL injection vulnerability in index.php in PHPRecipeBook 2.24
and ...)
 	TODO: check
-CVE-2010-2283 [SMB NULL deref]
+CVE-2010-2283 (The SMB dissector in Wireshark 0.99.6 through 1.0.13, and 1.2.0
...)
 	- wireshark 1.2.9-1
-CVE-2010-2285 [SMB PIPE NULL deref]
+CVE-2010-2285 (The SMB PIPE dissector in Wireshark 0.8.20 through 1.0.13 and
1.2.0 ...)
 	- wireshark 1.2.9-1
-CVE-2010-2284 [ASN1 buffer overflow]
+CVE-2010-2284 (Buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13
...)
 	- wireshark 1.2.9-1
-CVE-2010-2287 [SigComp buffer overflow]
+CVE-2010-2287 (Buffer overflow in the SigComp Universal Decompressor Virtual
Machine ...)
 	- wireshark 1.2.9-1
-CVE-2010-2286 [SigComp infinite loop]
+CVE-2010-2286 (The SigComp Universal Decompressor Virtual Machine dissector in
...)
 	- wireshark 1.2.9-1
 CVE-2010-2262 (Galileo Students Team Weborf before 0.12.1 allows remote
attackers to ...)
 	TODO: check
@@ -493,8 +545,8 @@
 	REJECTED
 CVE-2010-2076
 	RESERVED
-CVE-2010-2075
-	RESERVED
+CVE-2010-2075 (UnrealIRCd 3.2.8.1, as distributed on certain mirror sites from
...)
+	TODO: check
 CVE-2010-2074
 	RESERVED
 CVE-2010-2073 [pyftpd default user accounts]
@@ -557,8 +609,8 @@
 	RESERVED
 CVE-2010-2055
 	RESERVED
-CVE-2010-2054
-	RESERVED
+CVE-2010-2054 (Integer overflow in httpAdapter.c in httpAdapter in SBLIM SFCB
1.3.4 ...)
+	TODO: check
 CVE-2010-2053 (emesenelib/ProfileManager.py in emesene before 1.6.2 allows
local ...)
 	- emesene 1.6.2-1 (low)
 	[lenny] - emesene <not-affected> (Introduced in 1.6.1) 
@@ -818,8 +870,8 @@
 CVE-2010-1938 (Off-by-one error in the __opiereadrec function in readrec.c in
libopie ...)
 	- opie <unfixed> (bug #584932)
 	[lenny] - opie <no-dsa> (Minor issue)
-CVE-2010-1937
-	RESERVED
+CVE-2010-1937 (Heap-based buffer overflow in httpAdapter.c in httpAdapter in
SBLIM ...)
+	TODO: check
 CVE-2010-1936 (Directory traversal vulnerability in scr/soustab.php in
openMairie ...)
 	NOT-FOR-US: openMairie openComInterne
 CVE-2010-1935 (Directory traversal vulnerability in scr/soustab.php in
openMairie ...)
@@ -912,8 +964,8 @@
 	RESERVED
 CVE-2010-1886
 	RESERVED
-CVE-2010-1885
-	RESERVED
+CVE-2010-1885 (The MPC::HexToNum function in helpctr.exe in Microsoft Windows
Help ...)
+	TODO: check
 CVE-2010-1884
 	RESERVED
 CVE-2010-1883
@@ -1857,10 +1909,10 @@
 	RESERVED
 CVE-2010-1516
 	RESERVED
-CVE-2010-1515
-	RESERVED
-CVE-2010-1514
-	RESERVED
+CVE-2010-1515 (Multiple cross-site scripting (XSS) vulnerabilities in index.php
in ...)
+	TODO: check
+CVE-2010-1514 (Unrestricted file upload vulnerability in TomatoCMS 2.0.6 and
earlier ...)
+	TODO: check
 CVE-2010-1513 (Multiple integer overflows in src/image.c in Ziproxy before
3.0.1 ...)
 	- ziproxy 3.1.0-1 (bug #584933)
 	[lenny] - ziproxy <no-dsa> (Minor issue, obscure attack vector)
@@ -3310,8 +3362,8 @@
 	- imlib2 <not-affected> (vulnerable code introduced in 1.4.3)
 	NOTE: http://seclists.org/bugtraq/2010/Apr/196
 	TODO: recheck when 1.4.3 gets uploaded to unstable
-CVE-2010-0990
-	RESERVED
+CVE-2010-0990 (Stack-based buffer overflow in Creative Software AutoUpdate
Engine ...)
+	TODO: check
 CVE-2010-0989 (Directory traversal vulnerability in delete.php in Pulse CMS
before ...)
 	NOT-FOR-US: Pulse CMS
 CVE-2010-0988 (Multiple unspecified vulnerabilities in Pulse CMS before 1.2.3
allow ...)
Secure testing commits - Jun 2010 - r14873 - data/CVE

[Secure-testing-commits] r14873 - data/CVE
