Author: gilbert-guest Date: 2010-11-14 21:01:47 +0000 (Sun, 14 Nov 2010) New Revision: 15582 Modified: data/CVE/list Log: new issues and nfus Modified: data/CVE/list ==================================================================--- data/CVE/list 2010-11-14 10:50:36 UTC (rev 15581) +++ data/CVE/list 2010-11-14 21:01:47 UTC (rev 15582) @@ -1,33 +1,33 @@ CVE-2010-4221 (Multiple stack-based buffer overflows in the pr_netio_telnet_gets ...) - TODO: check + - proftpd-dfsg <unfixed> (bug #603511) CVE-2010-4220 (Cross-site scripting (XSS) vulnerability in the Integrated Solution ...) - TODO: check + NOT-FOR-US: IBM WebSphere CVE-2010-4219 (Cross-site scripting (XSS) vulnerability in SemanticTagService.js in ...) - TODO: check + NOT-FOR-US: IBM WebSphere CVE-2010-4218 (Unspecified vulnerability in Web Services in IBM ENOVIA 6 has unknown ...) - TODO: check + NOT-FOR-US: IBM ENOVIA 6 CVE-2010-4217 (Use-after-free vulnerability in the proxy server in IBM Tivoli ...) - TODO: check + NOT-FOR-US: IBM Tivoli Directory Server CVE-2010-4216 (IBM Tivoli Directory Server (TDS) 6.0.0.x before ...) - TODO: check + NOT-FOR-US: IBM Tivoli Directory Server CVE-2010-4215 RESERVED CVE-2010-4214 (The Wells Fargo Mobile application 1.1 for Android stores a username ...) - TODO: check + NOT-FOR-US: Wells Fargo Mobile for Android CVE-2010-4213 (The Bank of America application 2.12 for Android stores a security ...) - TODO: check + NOT-FOR-US: Bank of America application for Android CVE-2010-4212 (The USAA application 3.0 for Android stores a mirror image of each ...) - TODO: check + NOT-FOR-US: USAA application for Android CVE-2010-4211 (The PayPal app before 3.0.1 for iOS does not verify that the server ...) - TODO: check + NOT-FOR-US: PayPal app for iOS CVE-2010-4210 RESERVED CVE-2010-4209 (Cross-site scripting (XSS) vulnerability in the Flash component ...) - TODO: check + - yui <unfixed> (bug #603513) CVE-2010-4208 (Cross-site scripting (XSS) vulnerability in the Flash component ...) - TODO: check + - yui <unfixed> (bug #603513) CVE-2010-4207 (Cross-site scripting (XSS) vulnerability in the Flash component ...) - TODO: check + - yui <unfixed> (bug #603513) CVE-2010-4206 (Google Chrome before 7.0.517.44 accesses memory at an out-of-bounds ...) TODO: check CVE-2010-4205 (Google Chrome before 7.0.517.44 does not properly handle the data ...) @@ -67,15 +67,15 @@ CVE-2010-4187 RESERVED CVE-2010-4186 (SQL injection vulnerability in process.asp in OnlineTechTools Online ...) - TODO: check + NOT-FOR-US: OnlineTechTools CVE-2010-4185 (SQL injection vulnerability in index.php in Energine, possibly 2.3.8 ...) - TODO: check + NOT-FOR-US: Energine CVE-2010-4184 (NetSupport Manager (NSM) before 11.00.0005 sends HTTP headers with ...) - TODO: check + NOT-FOR-US: NetSupport Manager CVE-2010-4183 (Multiple cross-site scripting (XSS) vulnerabilities in HTML Purifier ...) - TODO: check + - php-htmlpurifier 4.1.1+dfsg1-1 CVE-2010-4182 (Untrusted search path vulnerability in the Data Access Objects (DAO) ...) - TODO: check + NOT-FOR-US: Microsoft Windows CVE-2010-4181 (Directory traversal vulnerability in Yaws 1.89 allows remote attackers ...) TODO: check CVE-2010-4180