Author: joeyh
Date: 2010-07-22 09:29:42 +0000 (Thu, 22 Jul 2010)
New Revision: 15013
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2010-07-21 17:36:24 UTC (rev 15012)
+++ data/CVE/list 2010-07-22 09:29:42 UTC (rev 15013)
@@ -1,3 +1,27 @@
+CVE-2010-2772 (Siemens Simatic WinCC and PCS 7 SCADA system uses a hard-coded
...)
+ TODO: check
+CVE-2010-2771 (solid.exe in IBM solidDB before 6.5 FP2 allows remote attackers
to ...)
+ TODO: check
+CVE-2009-4945 (AdPeeps 8.5d1 has a default password of admin for the admin
account, ...)
+ TODO: check
+CVE-2009-4944 (Multiple cross-site scripting (XSS) vulnerabilities in ATRC
ACollab ...)
+ TODO: check
+CVE-2009-4943 (index.php in AdPeeps 8.5d1 allows remote attackers to obtain
sensitive ...)
+ TODO: check
+CVE-2009-4942 (Cross-site request forgery (CSRF) vulnerability in ACollab 1.2
allows ...)
+ TODO: check
+CVE-2009-4941 (Cross-site scripting (XSS) vulnerability in sign_in.php in ATRC
...)
+ TODO: check
+CVE-2009-4940 (SQL injection vulnerability in index.php in Zeus Cart 2.3 and
earlier ...)
+ TODO: check
+CVE-2009-4939 (Multiple cross-site scripting (XSS) vulnerabilities in index.php
in ...)
+ TODO: check
+CVE-2009-4938 (SQL injection vulnerability in the JVideo! (com_jvideo)
component ...)
+ TODO: check
+CVE-2009-4937 (Cross-site scripting (XSS) vulnerability in Small Pirate
(SPirate) 2.1 ...)
+ TODO: check
+CVE-2009-4936 (Multiple SQL injection vulnerabilities in Small Pirate (SPirate)
2.1 ...)
+ TODO: check
CVE-2010-XXXX [mapserver: buffer overflow in msTmpFile()]
- mapserver 5.6.4-1 (low)
NOTE: CVE id requested
@@ -218,8 +242,8 @@
NOT-FOR-US: Orbis CMS
CVE-2010-2668 (Unspecified vulnerability in Adaptive Micro Systems ALPHA
Ethernet ...)
NOT-FOR-US: Adaptive Micro Systems ALPHA Ethernet Adapter
-CVE-2010-2667
- RESERVED
+CVE-2010-2667 (Multiple unspecified vulnerabilities in the Virtual Appliance
...)
+ TODO: check
CVE-2010-2666 (Opera before 10.54 on Windows and Mac OS X does not properly
enforce ...)
NOT-FOR-US: Opera
CVE-2010-2665 (Cross-site scripting (XSS) vulnerability in Opera before 10.54
on ...)
@@ -476,8 +500,8 @@
RESERVED
CVE-2010-2569
RESERVED
-CVE-2010-2568
- RESERVED
+CVE-2010-2568 (Windows Shell in Microsoft Windows XP SP3, Server 2003 SP2,
Vista SP1 ...)
+ TODO: check
CVE-2010-2567
RESERVED
CVE-2010-2566
@@ -825,8 +849,8 @@
NOT-FOR-US: Splunk
CVE-2010-2428 (Cross-site scripting (XSS) vulnerability in admin_loginok.html
in the ...)
NOT-FOR-US: Wing FTP Server
-CVE-2010-2427
- RESERVED
+CVE-2010-2427 (VMware Studio 2.0 does not properly write to temporary files,
which ...)
+ TODO: check
CVE-2010-2426 (Directory traversal vulnerability in TitanFTPd in South River
...)
NOT-FOR-US: Titan FTP Server
CVE-2010-2425 (Directory traversal vulnerability in TitanFTPd in South River
...)
@@ -1150,8 +1174,8 @@
RESERVED
CVE-2009-4898
RESERVED
-CVE-2009-4897
- RESERVED
+CVE-2009-4897 (Buffer overflow in gs/psi/iscan.c in Ghostscript 8.64 and
earlier ...)
+ TODO: check
CVE-2009-4896
RESERVED
{DSA-2073-1}
@@ -1781,10 +1805,10 @@
NOTE: set to medium as this might as well expose the db administrator password
CVE-2010-2057
RESERVED
-CVE-2010-2056
- RESERVED
-CVE-2010-2055
- RESERVED
+CVE-2010-2056 (GNU gv before 3.7.0 allows local users to overwrite arbitrary
files ...)
+ TODO: check
+CVE-2010-2055 (Ghostscript 8.71 and earlier reads initialization files from the
...)
+ TODO: check
CVE-2010-2054 (Integer overflow in httpAdapter.c in httpAdapter in SBLIM SFCB
1.3.4 ...)
NOT-FOR-US: SBLIM SFCB
CVE-2010-2053 (emesenelib/ProfileManager.py in emesene before 1.6.2 allows
local ...)
@@ -1975,16 +1999,16 @@
- postgresql-8.3 <removed> (low)
CVE-2010-1974
REJECTED
-CVE-2010-1973
- RESERVED
-CVE-2010-1972
- RESERVED
+CVE-2010-1973 (Unspecified vulnerability in the Auditing subsystem in HP
OpenVMS 8.3, ...)
+ TODO: check
+CVE-2010-1972 (The default configuration of HP Client Automation (HPCA)
Enterprise ...)
+ TODO: check
CVE-2010-1971 (Cross-site request forgery (CSRF) vulnerability in HP Insight
Software ...)
TODO: check
CVE-2010-1970 (Unspecified vulnerability in HP Insight Software Installer for
Windows ...)
TODO: check
-CVE-2010-1969
- RESERVED
+CVE-2010-1969 (Cross-site scripting (XSS) vulnerability in HP Virtual Connect
...)
+ TODO: check
CVE-2010-1968 (Cross-site request forgery (CSRF) vulnerability in HP Insight
Software ...)
TODO: check
CVE-2010-1967 (Unspecified vulnerability in HP Insight Software Installer for
Windows ...)
@@ -2498,8 +2522,7 @@
NOTE: http://trac.webkit.org/changeset/57041
NOTE: if this is the right commit, then this is a dup of cve-2010-1501
TODO: request rejection
-CVE-2010-1766
- RESERVED
+CVE-2010-1766 (Off-by-one error in the WebSocketHandshake::readServerHandshake
...)
- webkit 1.2.1-2
- chromium-browser 5.0.375.55~r47796-1
NOTE: https://bugs.webkit.org/show_bug.cgi?id=36339
@@ -13129,7 +13152,7 @@
NOT-FOR-US: Mac OS X
CVE-2009-2842 (Apple Safari before 4.0.4 does not properly implement certain
(1) Open ...)
NOT-FOR-US: Apple Safari
-CVE-2009-2841 (WebKit in Apple Safari before 4.0.4 on Mac OS X does not perform
the ...)
+CVE-2009-2841 (The HTMLMediaElement::loadResource function in ...)
- webkit 1.1.21-1 (medium; bug #559759)
NOTE: http://trac.webkit.org/changeset/49480
- qt4-x11 4:4.6.2-4 (medium; bug #561760)