Author: joeyh Date: 2010-07-28 21:14:46 +0000 (Wed, 28 Jul 2010) New Revision: 15048 Modified: data/CVE/list Log: automatic update Modified: data/CVE/list ==================================================================--- data/CVE/list 2010-07-28 20:29:35 UTC (rev 15047) +++ data/CVE/list 2010-07-28 21:14:46 UTC (rev 15048) @@ -1,3 +1,109 @@ +CVE-2010-2895 + RESERVED +CVE-2010-2894 + RESERVED +CVE-2010-2893 + RESERVED +CVE-2010-2892 + RESERVED +CVE-2010-2891 + RESERVED +CVE-2010-2890 + RESERVED +CVE-2010-2889 + RESERVED +CVE-2010-2888 + RESERVED +CVE-2010-2887 + RESERVED +CVE-2010-2886 + RESERVED +CVE-2010-2885 + RESERVED +CVE-2010-2884 + RESERVED +CVE-2010-2883 + RESERVED +CVE-2010-2882 + RESERVED +CVE-2010-2881 + RESERVED +CVE-2010-2880 + RESERVED +CVE-2010-2879 + RESERVED +CVE-2010-2878 + RESERVED +CVE-2010-2877 + RESERVED +CVE-2010-2876 + RESERVED +CVE-2010-2875 + RESERVED +CVE-2010-2874 + RESERVED +CVE-2010-2873 + RESERVED +CVE-2010-2872 + RESERVED +CVE-2010-2871 + RESERVED +CVE-2010-2870 + RESERVED +CVE-2010-2869 + RESERVED +CVE-2010-2868 + RESERVED +CVE-2010-2867 + RESERVED +CVE-2010-2866 + RESERVED +CVE-2010-2865 + RESERVED +CVE-2010-2864 + RESERVED +CVE-2010-2863 + RESERVED +CVE-2010-2862 + RESERVED +CVE-2010-2861 + RESERVED +CVE-2010-2860 + RESERVED +CVE-2009-4974 (Directory traversal vulnerability in box_display.php in TotalCalendar ...) + TODO: check +CVE-2009-4973 (SQL injection vulnerability in rss.php in TotalCalendar 2.4 allows ...) + TODO: check +CVE-2009-4972 (Cross-site scripting (XSS) vulnerability in index.php (aka the log in ...) + TODO: check +CVE-2009-4971 (SQL injection vulnerability in the AJAX Chat (vjchat) extension before ...) + TODO: check +CVE-2009-4970 (SQL injection vulnerability in the t3m_affiliate extension 0.5.0 for ...) + TODO: check +CVE-2009-4969 (SQL injection vulnerability in the Solidbase Bannermanagement ...) + TODO: check +CVE-2009-4968 (SQL injection vulnerability in the Event Registration (event_registr) ...) + TODO: check +CVE-2009-4967 (SQL injection vulnerability in the Car (car) extension before 0.1.1 ...) + TODO: check +CVE-2009-4966 (SQL injection vulnerability in the AST ZipCodeSearch ...) + TODO: check +CVE-2009-4965 (SQL injection vulnerability in the AIRware Lexicon (air_lexicon) ...) + TODO: check +CVE-2009-4964 (Stack-based buffer overflow in KSP 2006 FINAL allows remote attackers ...) + TODO: check +CVE-2009-4963 (Cross-site scripting (XSS) vulnerability in the Commerce extension ...) + TODO: check +CVE-2009-4962 (Stack-based buffer overflow in Fat Player 0.6b allows remote attackers ...) + TODO: check +CVE-2009-4961 (Lanai Core 0.6 allows remote attackers to obtain configuration ...) + TODO: check +CVE-2009-4960 (Directory traversal vulnerability in modules/backup/download.php in ...) + TODO: check +CVE-2009-4959 (SQL injection vulnerability in the T3M E-Mail Marketing Tool (t3m) ...) + TODO: check +CVE-2009-4958 (SQL injection vulnerability in video.php in EMO Breader Manager allows ...) + TODO: check CVE-2010-XXXX [mediawiki XSS and data leakage] - mediawiki <unfixed> NOTE: http://lists.wikimedia.org/pipermail/mediawiki-announce/2010-July/000092.html @@ -386,10 +492,10 @@ RESERVED CVE-2010-2705 RESERVED -CVE-2010-2704 - RESERVED -CVE-2010-2703 - RESERVED +CVE-2010-2704 (Buffer overflow in HP OpenView Network Node Manager (OV NNM) 7.51 and ...) + TODO: check +CVE-2010-2703 (Stack-based buffer overflow in the execvp_nc function in the ov.dll ...) + TODO: check CVE-2010-2702 (Buffer overflow in the UGameEngine::UpdateConnectingMessage function ...) NOT-FOR-US: Unreal engine CVE-2010-2701 (Multiple buffer overflows in the FathFTP ActiveX control 1.7 allow ...) @@ -796,8 +902,7 @@ RESERVED CVE-2010-2535 RESERVED -CVE-2010-2534 - RESERVED +CVE-2010-2534 (The NetworkSyncCommandQueue function in network/network_command.cpp in ...) - openttd <unfixed> [lenny] - openttd <not-affected> (Introduced in 1.0.1) NOTE: http://bugs.openttd.org/task/3909 @@ -809,8 +914,7 @@ RESERVED CVE-2010-2530 RESERVED -CVE-2010-2529 [ping resource consumption DoS] - RESERVED +CVE-2010-2529 (Unspecified vulnerability in ping.c in iputils 20020927, 20070202, ...) - iputils 3:20100418-2 [lenny] - iputils <no-dsa> (Minor issue) TODO: next point update: [lenny] - iputils 3:20071127-1+lenny1 @@ -1273,8 +1377,8 @@ NOT-FOR-US: Subdreamer CMS CVE-2010-2338 (Multiple SQL injection vulnerabilities in redir.asp in VU Web Visitor ...) NOT-FOR-US: VU Web Visitor Analyst -CVE-2010-2337 - RESERVED +CVE-2010-2337 (Open redirect vulnerability in RSA Federated Identity Manager 4.0 ...) + TODO: check CVE-2010-2336 (index.php in Yamamah Photo Gallery 1.00 allows remote attackers to ...) NOT-FOR-US: Yamamah Photo Gallery CVE-2010-2335 (SQL injection vulnerability in index.php in Yamamah Photo Gallery ...) @@ -3265,8 +3369,8 @@ RESERVED CVE-2010-1578 RESERVED -CVE-2010-1577 - RESERVED +CVE-2010-1577 (Directory traversal vulnerability in Cisco Internet Streamer, as used ...) + TODO: check CVE-2010-1576 (The Cisco Content Services Switch (CSS) 11500 with software before ...) NOT-FOR-US: Cisco CVE-2010-1575 (The Cisco Content Services Switch (CSS) 11500 with software 08.20.1.01 ...) @@ -5590,8 +5694,8 @@ NOT-FOR-US: Oracle CVE-2010-0834 RESERVED -CVE-2010-0833 - RESERVED +CVE-2010-0833 (The pam_lsass library in Likewise Open 5.4 and CIFS 5.4 before build ...) + TODO: check CVE-2010-0832 (pam_motd (aka the MOTD module) in libpam-modules before ...) TODO: check CVE-2010-0831 (Directory traversal vulnerability in the extract_jar function in ...) @@ -7511,14 +7615,12 @@ RESERVED CVE-2010-0214 RESERVED -CVE-2010-0213 - RESERVED -CVE-2010-0212 [openldap issue] - RESERVED +CVE-2010-0213 (BIND 9.7.1 and 9.7.1-P1, when a recursive validating server has a ...) + TODO: check +CVE-2010-0212 (OpenLDAP 2.4.22 allows remote attackers to cause a denial of service ...) - openldap <undetermined> NOTE: http://www.openldap.org/its/index.cgi/Software%20Bugs?id=6570 -CVE-2010-0211 [openldap issue] - RESERVED +CVE-2010-0211 (The slap_modrdn2mods function in modrdn.c in OpenLDAP 2.4.22 does not ...) - openldap <undetermined> NOTE: http://www.openldap.org/its/index.cgi/Software%20Bugs?id=6570 CVE-2010-0210