Author: joeyh
Date: 2010-06-17 21:14:34 +0000 (Thu, 17 Jun 2010)
New Revision: 14884
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2010-06-17 19:06:34 UTC (rev 14883)
+++ data/CVE/list 2010-06-17 21:14:34 UTC (rev 14884)
@@ -1,3 +1,19 @@
+CVE-2010-2312 (SQL injection vulnerability in index.php in HauntmAx Haunted
House ...)
+ TODO: check
+CVE-2010-2311 (Stack-based buffer overflow in Power Tab Editor 1.7 build 80
allows ...)
+ TODO: check
+CVE-2010-2310 (SolarWinds TFTP Server 10.4.0.13 allows remote attackers to
cause a ...)
+ TODO: check
+CVE-2010-2309 (Buffer overflow in the web server for EvoLogical EvoCam 3.6.6
and ...)
+ TODO: check
+CVE-2010-2308 (Unspecified vulnerability in the filter driver
(savonaccessfilter.sys) ...)
+ TODO: check
+CVE-2010-2307 (Multiple directory traversal vulnerabilities in the web server
for ...)
+ TODO: check
+CVE-2010-2306 (The default installation of Sourcefire 3D Sensor 1000, 2000, and
9900; ...)
+ TODO: check
+CVE-2010-2305 (Buffer overflow in an ActiveX control in SSHelper.dll for
Symantec ...)
+ TODO: check
CVE-2010-2304 (The toAlphabetic function in rendering/RenderListMarker.cpp in
WebCore ...)
TODO: check
CVE-2010-2303 (page/Geolocation.cpp in WebCore in WebKit in Google Chrome
before ...)
@@ -272,6 +288,7 @@
NOT-FOR-US: CA Global Advisor
CVE-2010-2192 [pmount DoS]
RESERVED
+ {DSA-2063-1}
- pmount 0.9.23-1
CVE-2010-2191 (The (1) parse_str, (2) preg_match, (3) unpack, and (4) pack
functions; ...)
- php5 <unfixed> (unimportant)
@@ -555,23 +572,20 @@
RESERVED
CVE-2010-2075 (UnrealIRCd 3.2.8.1, as distributed on certain mirror sites from
...)
- unrealircd <itp> (bug #515130)
-CVE-2010-2074 [w3m NULL byte in SSL cert]
- RESERVED
+CVE-2010-2074 (istream.c in w3m 0.5.2 and possibly other versions, when ...)
- w3m <unfixed> (low)
[lenny] - w3m <no-dsa> (Minor issue)
TODO: File bug
-CVE-2010-2073 [pyftpd default user accounts]
- RESERVED
+CVE-2010-2073 (auth_db_config.py in Pyftpd 0.8.4 contains hard-coded usernames
and ...)
- pyftpd <unfixed> (low; bug #585776)
[lenny] - pyftpd <no-dsa> (Minor issue)
-CVE-2010-2072 [pyftpd insecure temp file]
- RESERVED
+CVE-2010-2072 (Pyftpd 0.8.4 creates log files with predictable names in a
temporary ...)
- pyftpd <unfixed> (low; bug #585773)
[lenny] - pyftpd <no-dsa> (Minor issue)
-CVE-2010-2071
- RESERVED
-CVE-2010-2070
- RESERVED
+CVE-2010-2071 (The btrfs_xattr_set_acl function in fs/btrfs/acl.c in btrfs in
the ...)
+ TODO: check
+CVE-2010-2070 (arch/ia64/xen/faults.c in Xen 3.4 and 4.0 in Linux kernel
2.6.18, and ...)
+ TODO: check
CVE-2010-2069
RESERVED
CVE-2010-2068 [mod_proxy_http request mixup on timeout]
@@ -914,8 +928,8 @@
NOT-FOR-US: OpenMairie openAnnuaire
CVE-2010-1933
RESERVED
-CVE-2010-1932
- RESERVED
+CVE-2010-1932 (Heap-based buffer overflow in XnView 1.97.4 and possibly earlier
...)
+ TODO: check
CVE-2010-1931 (SQL injection vulnerability in includes/content/cart.inc.php in
...)
NOT-FOR-US: CubeCart PHP Shopping Cart
CVE-2010-1930
@@ -1617,6 +1631,7 @@
- mediawiki <unfixed>
NOTE:
http://lists.wikimedia.org/pipermail/mediawiki-announce/2010-May/000091.html
CVE-2010-1646 (The secure path feature in env.c in sudo 1.3.1 through 1.6.9p22
and ...)
+ {DSA-2062-1}
- sudo 1.7.2p7-1 (bug #585394)
CVE-2010-1645
RESERVED