Author: joeyh
Date: 2010-09-01 21:14:36 +0000 (Wed, 01 Sep 2010)
New Revision: 15253
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2010-09-01 16:55:35 UTC (rev 15252)
+++ data/CVE/list 2010-09-01 21:14:36 UTC (rev 15253)
@@ -1,3 +1,37 @@
+CVE-2010-3202
+ RESERVED
+CVE-2010-3201
+ RESERVED
+CVE-2010-3200
+ RESERVED
+CVE-2010-3199
+ RESERVED
+CVE-2010-3198
+ RESERVED
+CVE-2010-3197 (IBM DB2 9.7 before FP2 does not perform the expected access
control on ...)
+ TODO: check
+CVE-2010-3196 (IBM DB2 9.7 before FP2, when AUTO_REVAL is IMMEDIATE, allows
remote ...)
+ TODO: check
+CVE-2010-3195 (Unspecified vulnerability in IBM DB2 9.1 before FP9, 9.5 before
FP6, ...)
+ TODO: check
+CVE-2010-3194 (The DB2DART program in IBM DB2 9.1 before FP9, 9.5 before FP6,
and 9.7 ...)
+ TODO: check
+CVE-2010-3193 (Unspecified vulnerability in the DB2STST program in IBM DB2 9.1
before ...)
+ TODO: check
+CVE-2010-3192
+ RESERVED
+CVE-2010-3191 (Untrusted search path vulnerability in Adobe Captivate
5.0.0.596, and ...)
+ TODO: check
+CVE-2010-3190 (Untrusted search path vulnerability in ATL MFC Trace Tool ...)
+ TODO: check
+CVE-2010-3189 (The extSetOwner function in the UfProxyBrowserCtrl ActiveX
control ...)
+ TODO: check
+CVE-2010-3188 (SQL injection vulnerability in search.aspx in BugTracker.NET
3.4.3 and ...)
+ TODO: check
+CVE-2010-3187 (Buffer overflow in ftpd in IBM AIX 5.3 and earlier allows remote
...)
+ TODO: check
+CVE-2010-3186 (IBM WebSphere Application Server (WAS) 7.x before 7.0.0.13, and
...)
+ TODO: check
CVE-2010-3185
RESERVED
CVE-2010-3184
@@ -379,8 +413,8 @@
RESERVED
CVE-2010-3036
RESERVED
-CVE-2010-3035
- RESERVED
+CVE-2010-3035 (Cisco IOS XR 3.4.0 through 3.9.1, when BGP is enabled, does not
...)
+ TODO: check
CVE-2010-3034
RESERVED
CVE-2010-3033
@@ -441,20 +475,20 @@
RESERVED
CVE-2010-3003
RESERVED
-CVE-2010-3002
- RESERVED
-CVE-2010-3001
- RESERVED
-CVE-2010-3000
- RESERVED
+CVE-2010-3002 (Unspecified vulnerability in RealNetworks RealPlayer 11.0
through 11.1 ...)
+ TODO: check
+CVE-2010-3001 (Unspecified vulnerability in an ActiveX control in the Internet
...)
+ TODO: check
+CVE-2010-3000 (Multiple integer overflows in the ParseKnownType function in
...)
+ TODO: check
CVE-2010-2999
RESERVED
CVE-2010-2998
RESERVED
CVE-2010-2997
RESERVED
-CVE-2010-2996
- RESERVED
+CVE-2010-2996 (Array index error in RealNetworks RealPlayer 11.0 through 11.1
on ...)
+ TODO: check
CVE-2010-2991 (The IICAClient interface in the ICAClient library in the ICA
Client ...)
NOT-FOR-US: Citrix ICA Client
CVE-2010-2990 (Citrix Online Plug-in for Windows for XenApp &
XenDesktop before 11.2, ...)
@@ -578,8 +612,7 @@
CVE-2010-2946 [jfs issue]
RESERVED
- linux-2.6 2.6.32-21
-CVE-2010-2945
- RESERVED
+CVE-2010-2945 (The default configuration of SLiM before 1.3.2 places ./ (dot
slash) ...)
- slim 1.3.1-7 (low; bug #594414)
[lenny] - slim <no-dsa> (Maintainer will fix through stable point
update)
CVE-2010-2944 (The authenticate function in LDAPUserFolder/LDAPUserFolder.py in
...)
@@ -593,8 +626,7 @@
- linux-2.6 <unfixed>
CVE-2010-2941
RESERVED
-CVE-2010-2940
- RESERVED
+CVE-2010-2940 (The auth_send function in providers/ldap/ldap_auth.c in System
...)
- sssd 1.2.1-4 (bug #594413)
CVE-2010-2939 (Double free vulnerability in the ssl3_get_key_exchange function
in the ...)
{DSA-2100-1}
@@ -973,12 +1005,12 @@
NOTE: Only supported behind an authenticated HTTP zone
- moodle <unfixed>
TODO: check embedders
-CVE-2010-2794
- RESERVED
+CVE-2010-2794 (The SPICE (aka spice-xpi) plug-in 2.2 for Firefox allows local
users ...)
+ TODO: check
CVE-2010-2793
RESERVED
-CVE-2010-2792
- RESERVED
+CVE-2010-2792 (Race condition in the SPICE (aka spice-xpi) plug-in 2.2 for
Firefox ...)
+ TODO: check
CVE-2010-2791 (mod_proxy in httpd in Apache HTTP Server 2.2.9, when running on
Unix, ...)
- apache2 2.2.10-1 (low)
CVE-2010-2790 (Multiple cross-site scripting (XSS) vulnerabilities in the
formatQuery ...)
@@ -1217,8 +1249,8 @@
- vte 1:0.24.3-1
NOTE:
http://git.gnome.org/browse/vte/commit/?id=58bc3a942f198a1a8788553ca72c19d7c1702b74
NOTE:
http://git.gnome.org/browse/vte/commit/?id=8b971a7b2c59902914ecbbc3915c45dd21530a91
-CVE-2010-2712
- RESERVED
+CVE-2010-2712 (Unspecified vulnerability in Software Distributor (sd) in HP
HP-UX ...)
+ TODO: check
CVE-2010-2711 (Unspecified vulnerability in the HP MagCloud app before 1.0.5
for the ...)
NOT-FOR-US: HP MagCloud app
CVE-2010-2710 (Unspecified vulnerability in HP OpenView Network Node Manager
(OV NNM) ...)
@@ -1545,8 +1577,7 @@
NOT-FOR-US: Pligg
CVE-2010-2576 (Opera before 10.61 does not properly suppress clicks on download
...)
NOT-FOR-US: Opera
-CVE-2010-2575
- RESERVED
+CVE-2010-2575 (Heap-based buffer overflow in the RLE decompression
functionality in ...)
- okular <removed> (low)
[lenny] - okular <no-dsa> (Will be fixed in a stable point update)
- kdegraphics 4:4.4.5-2
@@ -2058,12 +2089,12 @@
RESERVED
CVE-2010-2366
RESERVED
-CVE-2010-2365
- RESERVED
-CVE-2010-2364
- RESERVED
-CVE-2010-2363
- RESERVED
+CVE-2010-2365 (Cross-site scripting (XSS) vulnerability in Free CGI Moo moobbs2
...)
+ TODO: check
+CVE-2010-2364 (Cross-site scripting (XSS) vulnerability in Free CGI Moo moobbs
before ...)
+ TODO: check
+CVE-2010-2363 (The IPv6 Unicast Reverse Path Forwarding (RPF) implementation on
the ...)
+ TODO: check
CVE-2010-2362 (Winny 2.0b7.1 and earlier does not properly process node
information, ...)
NOT-FOR-US: Winny
CVE-2010-2361 (Winny 2.0b7.1 and earlier does not properly process BBS
information, ...)
@@ -3478,8 +3509,8 @@
RESERVED
CVE-2010-1819
RESERVED
-CVE-2010-1818
- RESERVED
+CVE-2010-1818 (The IPersistPropertyBag2::Read function in QTPlugin.ocx in Apple
...)
+ TODO: check
CVE-2010-1817
RESERVED
CVE-2010-1816
@@ -7565,7 +7596,7 @@
CVE-2010-0463 (Horde IMP 4.3.6 and earlier does not request that the web
browser ...)
- imp4 4.3.7+debian0-2 (low; bug #569661)
[lenny] - imp4 <no-dsa> (Minor issue)
-CVE-2010-0462 (Heap-based buffer overflow in IBM DB2 9.7 and 9.7.1 on Linux
allows ...)
+CVE-2010-0462 (Heap-based buffer overflow in IBM DB2 9.1 before FP9, 9.5 before
FP6, ...)
NOT-FOR-US: IBM DB2
CVE-2010-0461 (SQL injection vulnerability in the casino (com_casino) component
1.0 ...)
NOT-FOR-US: Joomla!
@@ -8639,16 +8670,16 @@
NOT-FOR-US: Employee Timeclock Software
CVE-2010-0121
RESERVED
-CVE-2010-0120
- RESERVED
+CVE-2010-0120 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0
through ...)
+ TODO: check
CVE-2010-0119 (Bournal before 1.4.1 on FreeBSD 8.0, when the -K option is used,
...)
NOT-FOR-US: Bournal
CVE-2010-0118 (Bournal before 1.4.1 allows local users to overwrite arbitrary
files ...)
NOT-FOR-US: Bournal
-CVE-2010-0117
- RESERVED
-CVE-2010-0116
- RESERVED
+CVE-2010-0117 (RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0
...)
+ TODO: check
+CVE-2010-0116 (Integer overflow in RealNetworks RealPlayer 11.0 through 11.1
and ...)
+ TODO: check
CVE-2009-4585 (UranyumSoft Listing Service stores sensitive information under
the web ...)
NOT-FOR-US: UranyumSoft Listing Service
CVE-2009-4584 (admin.php in dB Masters Multimedia Links Directory 3.1.3 allows
remote ...)
@@ -12072,7 +12103,7 @@
NOT-FOR-US: IBM DB2
CVE-2009-3472 (IBM DB2 8 before FP18, 9.1 before FP8, and 9.5 before FP4 allows
...)
NOT-FOR-US: IBM DB2
-CVE-2009-3471 (IBM DB2 8 before FP18, 9.1 before FP8, and 9.5 before FP4 does
not ...)
+CVE-2009-3471 (IBM DB2 8 before FP18, 9.1 before FP8, 9.5 before FP4, and 9.7
before ...)
NOT-FOR-US: IBM DB2
CVE-2009-3470 (IBM Informix Dynamic Server (IDS) 10.00 before 10.00.xC11, 11.10
...)
NOT-FOR-US: IBM Informix Dynamic Server (IDS)