Author: joeyh
Date: 2010-08-19 21:14:45 +0000 (Thu, 19 Aug 2010)
New Revision: 15172
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2010-08-19 16:11:32 UTC (rev 15171)
+++ data/CVE/list 2010-08-19 21:14:45 UTC (rev 15172)
@@ -1,3 +1,49 @@
+CVE-2010-3052
+ RESERVED
+CVE-2010-3051
+ RESERVED
+CVE-2010-3050
+ RESERVED
+CVE-2010-3049
+ RESERVED
+CVE-2010-3048
+ RESERVED
+CVE-2010-3047
+ RESERVED
+CVE-2010-3046
+ RESERVED
+CVE-2010-3045
+ RESERVED
+CVE-2010-3044
+ RESERVED
+CVE-2010-3043
+ RESERVED
+CVE-2010-3042
+ RESERVED
+CVE-2010-3041
+ RESERVED
+CVE-2010-3040
+ RESERVED
+CVE-2010-3039
+ RESERVED
+CVE-2010-3038
+ RESERVED
+CVE-2010-3037
+ RESERVED
+CVE-2010-3036
+ RESERVED
+CVE-2010-3035
+ RESERVED
+CVE-2010-3034
+ RESERVED
+CVE-2010-3033
+ RESERVED
+CVE-2010-3032 (Integer overflow in the OBGIOPServerWorker::extractHeader
function in ...)
+ TODO: check
+CVE-2010-3031 (Buffer overflow in Wyse ThinOS HF 4.4.079i, and possibly other
...)
+ TODO: check
+CVE-2010-3030 (Cross-site request forgery (CSRF) vulnerability in Tomaz Muraus
Open ...)
+ TODO: check
CVE-2010-3029 (SQL injection vulnerability in statistics.php in PHPKick 0.8
allows ...)
TODO: check
CVE-2010-3028 (The Aardvertiser component before 2.2.1 for Joomla! uses
insecure ...)
@@ -25,7 +71,7 @@
CVE-2010-3017
RESERVED
CVE-2010-3016
- RESERVED
+ REJECTED
CVE-2010-3013 (SQL injection vulnerability in groupadmin.php in Pligg before
1.1.1 ...)
TODO: check
CVE-2010-3012
@@ -196,8 +242,8 @@
RESERVED
CVE-2010-2940
RESERVED
-CVE-2010-2939
- RESERVED
+CVE-2010-2939 (Double free vulnerability in the ssl3_get_key_exchange function
in the ...)
+ TODO: check
CVE-2010-2938
RESERVED
CVE-2010-2937
@@ -206,8 +252,8 @@
RESERVED
CVE-2010-2935
RESERVED
-CVE-2010-2934
- RESERVED
+CVE-2010-2934 (Multiple unspecified vulnerabilities in ZNC 0.092 allow remote
...)
+ TODO: check
CVE-2010-2933 (SQL injection vulnerability in AV Scripts AV Arcade 3 allows
remote ...)
NOT-FOR-US: AV Arcade
CVE-2010-2932 (Buffer overflow in BarCodeWiz BarCode 3.29 ActiveX control ...)
@@ -519,8 +565,8 @@
{DSA-2091-1}
- squirrelmail 2:1.4.21-1 (low)
[lenny] - squirrelmail <no-dsa> (low-risk issue)
-CVE-2010-2812
- RESERVED
+CVE-2010-2812 (Client.cpp in ZNC 0.092 allows remote attackers to cause a
denial of ...)
+ TODO: check
CVE-2010-2811
RESERVED
CVE-2010-2810
@@ -1997,8 +2043,8 @@
RESERVED
- libvirt 0.8.3-1 (low)
[lenny] - libvirt <no-dsa> (Minor issue)
-CVE-2010-2241
- RESERVED
+CVE-2010-2241 (The (1) setup-ds.pl and (2) setup-ds-admin.pl setup scripts for
Red ...)
+ TODO: check
CVE-2010-2240 [mm: keep a guard page below a grow-down stack segment]
RESERVED
- linux-2.6 2.6.32-21
@@ -2889,8 +2935,8 @@
- php5 <unfixed> (unimportant)
CVE-2010-1871 (JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise
Application ...)
- jbossas4 <not-affected> (Only builds a few libraries, not the full
application server, #581226)
-CVE-2010-1870
- RESERVED
+CVE-2010-1870 (The OGNL extensive expression evaluation capability in XWork in
Struts ...)
+ TODO: check
CVE-2010-1869 (Stack-based buffer overflow in the parser function in
GhostScript 8.70 ...)
{DSA-2080-1}
- ghostscript 8.71~dfsg-4
@@ -3871,10 +3917,10 @@
RESERVED
CVE-2010-1526
RESERVED
-CVE-2010-1525
- RESERVED
-CVE-2010-1524
- RESERVED
+CVE-2010-1525 (Integer underflow in the SpreadSheet Lotus 123 reader
(wkssr.dll) in ...)
+ TODO: check
+CVE-2010-1524 (The SpreadSheet Lotus 123 reader (wkssr.dll) in Autonomy KeyView
10.4 ...)
+ TODO: check
CVE-2010-1523
RESERVED
CVE-2010-1522 (Multiple SQL injection vulnerabilities in the BookLibrary Basic
...)
@@ -3889,8 +3935,8 @@
NOT-FOR-US: GIGABYTE Dldrv2 ActiveX control
CVE-2010-1517 (The GIGABYTE Dldrv2 ActiveX control 1.4.206.11 allows remote
attackers ...)
NOT-FOR-US: GIGABYTE Dldrv2 ActiveX control
-CVE-2010-1516
- RESERVED
+CVE-2010-1516 (Multiple integer overflows in SWFTools 0.9.1 allow remote
attackers to ...)
+ TODO: check
CVE-2010-1515 (Multiple cross-site scripting (XSS) vulnerabilities in index.php
in ...)
NOT-FOR-US: TomatoCMS
CVE-2010-1514 (Unrestricted file upload vulnerability in TomatoCMS 2.0.6 and
earlier ...)
@@ -8198,16 +8244,16 @@
CVE-2010-0136 (OpenOffice.org (OOo) 2.0.4, 2.4.1, and 3.1.1 does not properly
enforce ...)
{DSA-1995-1}
- openoffice.org 1:3.1.1-11
-CVE-2010-0135
- RESERVED
-CVE-2010-0134
- RESERVED
-CVE-2010-0133
- RESERVED
+CVE-2010-0135 (Heap-based buffer overflow in the WordPerfect 5.x reader
(wosr.dll), ...)
+ TODO: check
+CVE-2010-0134 (Integer signedness error in rtfsr.dll in Autonomy KeyView 10.4
and ...)
+ TODO: check
+CVE-2010-0133 (Multiple stack-based buffer overflows in the SpreadSheet Lotus
123 ...)
+ TODO: check
CVE-2010-0132 (Cross-site scripting (XSS) vulnerability in ViewVC 1.1 before
1.1.5 ...)
- viewvc 1.1.5-1 (bug #576307)
-CVE-2010-0131
- RESERVED
+CVE-2010-0131 (Stack-based buffer overflow in the SpreadSheet Lotus 123 reader
...)
+ TODO: check
CVE-2010-0130 (Integer overflow in Adobe Shockwave Player before 11.5.7.609
might ...)
NOT-FOR-US: Adobe Shockwave Player
CVE-2010-0129 (Multiple integer overflows in Adobe Shockwave Player before
11.5.7.609 ...)
@@ -8216,8 +8262,8 @@
NOT-FOR-US: Adobe Shockwave Player
CVE-2010-0127 (Adobe Shockwave Player before 11.5.7.609 allows remote attackers
to ...)
NOT-FOR-US: Adobe Shockwave Player
-CVE-2010-0126
- RESERVED
+CVE-2010-0126 (Heap-based buffer overflow in an unspecified library in Autonomy
...)
+ TODO: check
CVE-2010-0125
RESERVED
CVE-2010-0124 (Employee Timeclock Software 0.99 places the database password on
the ...)
@@ -10731,8 +10777,8 @@
NOT-FOR-US: Micrologix
CVE-2009-3738
RESERVED
-CVE-2009-3737
- RESERVED
+CVE-2009-3737 (The Oracle Siebel Option Pack for IE ActiveX control does not
properly ...)
+ TODO: check
CVE-2009-3736 (ltdl.c in libltdl in GNU Libtool 1.5.x, and 2.2.6 before 2.2.6b,
as ...)
{DSA-1958-1}
- libtool 2.2.6b-1 (low; bug #559797)