Author: joeyh Date: 2010-12-23 21:14:45 +0000 (Thu, 23 Dec 2010) New Revision: 15746 Modified: data/CVE/list Log: automatic update Modified: data/CVE/list ==================================================================--- data/CVE/list 2010-12-22 23:01:53 UTC (rev 15745) +++ data/CVE/list 2010-12-23 21:14:45 UTC (rev 15746) @@ -1,3 +1,19 @@ +CVE-2010-4595 (The Connection Manager in IBM Lotus Mobile Connect before 6.1.4 ...) + TODO: check +CVE-2010-4594 (The Connection Manager in IBM Lotus Mobile Connect before 6.1.4, when ...) + TODO: check +CVE-2010-4593 (The Connection Manager in IBM Lotus Mobile Connect before 6.1.4 does ...) + TODO: check +CVE-2010-4592 (The Mobile Network Connections functionality in the Connection Manager ...) + TODO: check +CVE-2010-4591 (The Connection Manager in IBM Lotus Mobile Connect (LMC) before 6.1.4, ...) + TODO: check +CVE-2010-4590 (Cross-site scripting (XSS) vulnerability in HTTP Access Services ...) + TODO: check +CVE-2010-4589 (Cross-site scripting (XSS) vulnerability in IBM ENOVIA 6 allows remote ...) + TODO: check +CVE-2010-4588 + RESERVED CVE-2011-0110 RESERVED CVE-2011-0109 @@ -143,8 +159,8 @@ - chromium-browser <unfixed> (bug #607848; low) NOTE: http://code.google.com/p/chromium/issues/detail?id=56449 NOTE: http://codereview.chromium.org/4716006 -CVE-2010-4573 - RESERVED +CVE-2010-4573 (The Update Installer in VMware ESXi 4.1, when a modified sfcb.cfg is ...) + TODO: check CVE-2010-4572 RESERVED CVE-2010-4571 @@ -835,11 +851,9 @@ CVE-2010-4348 [mantisbt XSS] RESERVED - mantis <not-affected> (admin dir procected in Apache config, see #607159) -CVE-2010-4347 - RESERVED +CVE-2010-4347 (The ACPI subsystem in the Linux kernel before 2.6.36.2 uses 0222 ...) - linux-2.6 <not-affected> (Introduced in 2.6.33 and fixed in 2.6.36.2, we never released an affected kernel) -CVE-2010-4346 [linux: install_special_mapping skips security_file_mmap check] - RESERVED +CVE-2010-4346 (The install_special_mapping function in mm/mmap.c in the Linux kernel ...) - linux-2.6 <unfixed> CVE-2010-4345 (Exim 4.72 and earlier allows local users to gain privileges by ...) - exim4 <unfixed> (bug #606612) @@ -1008,8 +1022,8 @@ NOT-FOR-US: Pandora FMS CVE-2010-4278 (operation/agentes/networkmap.php in Pandora FMS before 3.1.1 allows ...) NOT-FOR-US: Pandora FMS -CVE-2010-4277 - RESERVED +CVE-2010-4277 (Cross-site scripting (XSS) vulnerability in lembedded-video.php in the ...) + TODO: check CVE-2010-4276 RESERVED CVE-2010-4275 (Multiple cross-site scripting (XSS) vulnerabilities in Radius Manager ...) @@ -1421,16 +1435,16 @@ NOT-FOR-US: HP StorageWorks Storage Mirroring CVE-2010-4115 (HP StorageWorks Modular Smart Array P2000 G3 firmware TS100R011, ...) NOT-FOR-US: HP StorageWorks -CVE-2010-4114 - RESERVED -CVE-2010-4113 - RESERVED -CVE-2010-4112 - RESERVED -CVE-2010-4111 - RESERVED -CVE-2010-4110 - RESERVED +CVE-2010-4114 (Cross-site scripting (XSS) vulnerability in HP Discovery & Dependency ...) + TODO: check +CVE-2010-4113 (Unspecified vulnerability in HP Power Manager (HPPM) before 4.3.2 ...) + TODO: check +CVE-2010-4112 (HP Insight Management Agents before 8.6 allows remote attackers to ...) + TODO: check +CVE-2010-4111 (Cross-site scripting (XSS) vulnerability in HP Insight Diagnostics ...) + TODO: check +CVE-2010-4110 (Unspecified vulnerability in HP OpenVMS 8.3, 8.3-1H1, and 8.4 on the ...) + TODO: check CVE-2010-4109 (Cross-site scripting (XSS) vulnerability in the Contacts Application ...) NOT-FOR-US: HP Palm webOS CVE-2010-4108 (HP HP-UX B.11.11, B.11.23, and B.11.31 does not properly support ...) @@ -1774,10 +1788,10 @@ RESERVED CVE-2010-3972 RESERVED -CVE-2010-3971 - RESERVED -CVE-2010-3970 - RESERVED +CVE-2010-3971 (Use-after-free vulnerability in the CSharedStyleSheet::Notify function ...) + TODO: check +CVE-2010-3970 (Unspecified vulnerability in Microsoft Windows has unknown impact and ...) + TODO: check CVE-2010-3969 RESERVED CVE-2010-3968 @@ -1909,8 +1923,7 @@ CVE-2010-3906 (Cross-site scripting (XSS) vulnerability in Gitweb 1.7.3.3 and earlier ...) - git-core <removed> - git 1:1.7.2.3-2.2 -CVE-2010-3905 - RESERVED +CVE-2010-3905 (The password reset feature in the administrator interface for ...) - eucalyptus <unfixed> CVE-2010-3904 (The rds_page_copy_user function in net/rds/page.c in the Reliable ...) - linux-2.6 2.6.32-26 @@ -3667,8 +3680,8 @@ RESERVED CVE-2010-3269 RESERVED -CVE-2010-3268 - RESERVED +CVE-2010-3268 (The GetStringAMSHandler function in prgxhndl.dll in hndlrsvc.exe in ...) + TODO: check CVE-2010-3267 (Multiple SQL injection vulnerabilities in BugTracker.NET before 3.4.5 ...) NOT-FOR-US: BugTracker.NET CVE-2010-3266 (Multiple cross-site scripting (XSS) vulnerabilities in BugTracker.NET ...) @@ -5437,8 +5450,8 @@ - chromium-browser 5.0.375.99~r51029-1 NOTE: https://bugs.webkit.org/show_bug.cgi?id=38039 NOTE: http://trac.webkit.org/changeset/58957 -CVE-2010-2644 - RESERVED +CVE-2010-2644 (IBM WebSphere Service Registry and Repository (WSRR) 7.0.0 before FP1 ...) + TODO: check CVE-2010-2643 RESERVED CVE-2010-2642