[Secure-testing-commits] r14438 - data/CVE

Joey Hess joeyh at alioth.debian.org
Thu Apr 8 21:14:25 UTC 2010 

Author: joeyh
Date: 2010-04-08 21:14:23 +0000 (Thu, 08 Apr 2010)
New Revision: 14438

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2010-04-08 00:56:42 UTC (rev 14437)
+++ data/CVE/list	2010-04-08 21:14:23 UTC (rev 14438)
@@ -1,3 +1,13 @@
+CVE-2010-1302 (Directory traversal vulnerability in dwgraphs.php in the DecryptWeb DW ...)
+	TODO: check
+CVE-2010-1301 (SQL injection vulnerability in main.php in Centreon 2.1.5 allows ...)
+	TODO: check
+CVE-2010-1300 (SQL injection vulnerability in index.php in Yamamah (aka Dove Photo ...)
+	TODO: check
+CVE-2010-1299 (Multiple PHP remote file inclusion vulnerabilities in DynPG CMS 4.1.0, ...)
+	TODO: check
+CVE-2008-7254 (Directory traversal vulnerability in includes/template-loader.php in ...)
+	TODO: check
 CVE-2010-1298 (Directory traversal vulnerability in view.php in Pulse CMS 1.2.2 ...)
 	TODO: check
 CVE-2010-1297
@@ -241,12 +251,12 @@
 CVE-2010-1224 (main/acl.c in Asterisk Open Source 1.6.0.x before 1.6.0.25, 1.6.1.x ...)
 	- asterisk <unfixed> (low; bug #576560)
 	[lenny] - asterisk <not-affected> (Vulnerable code not present)
-CVE-2010-1223
-	RESERVED
-CVE-2010-1222
-	RESERVED
-CVE-2010-1221
-	RESERVED
+CVE-2010-1223 (Multiple buffer overflows in CA XOsoft r12.0 and r12.5 allow remote ...)
+	TODO: check
+CVE-2010-1222 (CA XOsoft r12.5 does not properly perform authentication, which allows ...)
+	TODO: check
+CVE-2010-1221 (CA XOsoft r12.0 and r12.5 does not properly perform authentication, ...)
+	TODO: check
 CVE-2010-1220
 	RESERVED
 CVE-2010-XXXX [interchange potential HTTP response splitting vulnerability]
@@ -303,8 +313,8 @@
 	- libesmtp 1.0.4-2 (bug #311191)
 CVE-2010-1191 (Sahana disaster management system 0.6.2.2, and possibly other ...)
 	- sahana <itp> (bug #497414)
-CVE-2010-1186
-	RESERVED
+CVE-2010-1186 (Cross-site scripting (XSS) vulnerability in xml/media-rss.php in the ...)
+	TODO: check
 CVE-2009-4763 (Unspecified vulnerability in the ClickHeat plugin, as used in ...)
 	NOT-FOR-US: ClickHeat plugin
 CVE-2010-1188 (Use-after-free vulnerability in net/ipv4/tcp_input.c in the Linux ...)
@@ -1923,8 +1933,7 @@
 	- phpbb3 <unfixed> (unimportant; bug #570011)
 CVE-2010-0634 (Unspecified vulnerability in Fast Lexical Analyzer Generator (flex) ...)
 	- flex 2.5.35-1
-CVE-2010-0629 [krb5 dos]
-	RESERVED
+CVE-2010-0629 (Use-after-free vulnerability in kadmin/server/server_stubs.c in ...)
 	- krb5 <unfixed> (low)
 	NOTE: http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-003.txt
 CVE-2010-0628 (The spnego_gss_accept_sec_context function in ...)
@@ -2549,8 +2558,7 @@
 	RESERVED
 CVE-2010-0401
 	RESERVED
-CVE-2010-0400 [mahara sql inection]
-	RESERVED
+CVE-2010-0400 (SQL injection vulnerability in lib/user.php in mahara 1.0.4 allows ...)
 	{DSA-2030-1}
 	- mahara 1.2.4-1 (medium)
 CVE-2010-0399

More information about the Secure-testing-commits mailing list