[Secure-testing-commits] r14560 - data/CVE

Joey Hess joeyh at alioth.debian.org
Mon Apr 26 21:15:52 UTC 2010 

Author: joeyh
Date: 2010-04-26 21:15:43 +0000 (Mon, 26 Apr 2010)
New Revision: 14560

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2010-04-26 02:01:02 UTC (rev 14559)
+++ data/CVE/list	2010-04-26 21:15:43 UTC (rev 14560)
@@ -1,3 +1,55 @@
+CVE-2010-1506 (The Google V8 bindings in Google Chrome before 4.1.249.1059 allow ...)
+	TODO: check
+CVE-2010-1505 (Google Chrome before 4.1.249.1059 does not prevent pages from loading ...)
+	TODO: check
+CVE-2010-1504 (Cross-site scripting (XSS) vulnerability in Google Chrome before ...)
+	TODO: check
+CVE-2010-1503 (Cross-site scripting (XSS) vulnerability in Google Chrome before ...)
+	TODO: check
+CVE-2010-1502 (Unspecified vulnerability in Google Chrome before 4.1.249.1059 allows ...)
+	TODO: check
+CVE-2010-1501 (Cross-site request forgery (CSRF) vulnerability in Google Chrome ...)
+	TODO: check
+CVE-2010-1500 (Google Chrome before 4.1.249.1059 does not properly support forms, ...)
+	TODO: check
+CVE-2010-1499 (SQL injection vulnerability in genre_artists.php in MusicBox 3.3 ...)
+	TODO: check
+CVE-2010-1498 (Multiple SQL injection vulnerabilities in dl_stats before 2.0 allow ...)
+	TODO: check
+CVE-2010-1497 (Cross-site scripting (XSS) vulnerability in download_proc.php in ...)
+	TODO: check
+CVE-2010-1496 (SQL injection vulnerability in the JoltCard (com_joltcard) component ...)
+	TODO: check
+CVE-2010-1495 (Directory traversal vulnerability in the Matamko (com_matamko) ...)
+	TODO: check
+CVE-2010-1494 (Directory traversal vulnerability in the AWDwall (com_awdwall) ...)
+	TODO: check
+CVE-2010-1493 (SQL injection vulnerability in the AWDwall (com_awdwall) component ...)
+	TODO: check
+CVE-2010-1492 (Directory traversal vulnerability in help/frameRight.php in Elastix ...)
+	TODO: check
+CVE-2010-1491 (Directory traversal vulnerability in the MMS Blog (com_mmsblog) ...)
+	TODO: check
+CVE-2009-4810 (The Secure Remote Password (SRP) implementation in Samhain before ...)
+	TODO: check
+CVE-2009-4809 (Directory traversal vulnerability in thumbnail.ghp in Easy File ...)
+	TODO: check
+CVE-2009-4808 (admin.php in Graugon PHP Article Publisher 1.0 allows remote attackers ...)
+	TODO: check
+CVE-2009-4807 (Multiple SQL injection vulnerabilities in Graugon PHP Article ...)
+	TODO: check
+CVE-2009-4806 (admin/save_user.asp in Digital Interchange Document Library 1.0.1 does ...)
+	TODO: check
+CVE-2009-4805 (Multiple SQL injection vulnerabilities in EZ-Blog Beta 1, when ...)
+	TODO: check
+CVE-2009-4804 (Cross-site scripting (XSS) vulnerability in the Calendar Base (cal) ...)
+	TODO: check
+CVE-2009-4803 (SQL injection vulnerability in the Accessibility Glossary ...)
+	TODO: check
+CVE-2009-4802 (SQL injection vulnerability in the Flat Manager (flatmgr) extension ...)
+	TODO: check
+CVE-2009-4801 (EZ-Blog Beta 1 does not require authentication, which allows remote ...)
+	TODO: check
 CVE-2010-1490 (Unspecified vulnerability in IBM Cognos 8 Business Intelligence before ...)
 	TODO: check
 CVE-2009-4800 (Directory traversal vulnerability in Sysax Multi Server 4.3 and 4.5 ...)
@@ -884,8 +936,8 @@
 	NOTE: http://www.openwall.com/lists/oss-security/2010/04/14/4
 CVE-2010-1158 (Integer overflow in the regular expression engine in Perl 5.8.x allows ...)
 	TODO: check
-CVE-2010-1157
-	RESERVED
+CVE-2010-1157 (Apache Tomcat 5.5.0 through 5.5.29 and 6.0.0 through 6.0.26 might ...)
+	TODO: check
 CVE-2010-1156 (core/nicklist.c in Irssi before 0.8.15 allows remote attackers to ...)
 	- irssi 0.8.15-1 (low)
 	[lenny] - irssi <no-dsa> (Minor issue)
@@ -1206,10 +1258,10 @@
 	RESERVED
 CVE-2010-1036
 	RESERVED
-CVE-2010-1035
-	RESERVED
-CVE-2010-1034
-	RESERVED
+CVE-2010-1035 (Multiple unspecified vulnerabilities in HP Virtual Machine Manager ...)
+	TODO: check
+CVE-2010-1034 (Unspecified vulnerability in HP System Management Homepage (SMH) 6.0 ...)
+	TODO: check
 CVE-2010-1033 (Multiple stack-based buffer overflows in a certain Tetradyne ActiveX ...)
 	TODO: check
 CVE-2010-1032 (Unspecified vulnerability in HP HP-UX B.11.11 allows local users to ...)
@@ -16433,11 +16485,11 @@
 	NOT-FOR-US: Taxonomy Theme module for Drupal
 CVE-2009-0817 (Cross-site scripting (XSS) vulnerability in the Protected Node module ...)
 	NOT-FOR-US: Protected Node module for Drupal
-CVE-2009-0816 (Cross-site scripting (XSS) vulnerability in the backend user interface ...)
+CVE-2009-0816 (Multiple cross-site scripting (XSS) vulnerabilities in the backend ...)
 	{DTSA-193-1}
 	- typo3-src 4.2.6-1 (low; bug #514713)
 	[etch] - typo3-src 4.0.2+debian-8
-CVE-2009-0815 (The jumpUrl mechanism in class.tslib_fe.php in TYPO3 4.0 before ...)
+CVE-2009-0815 (The jumpUrl mechanism in class.tslib_fe.php in TYPO3 3.3.x through ...)
 	{DTSA-193-1}
 	- typo3-src 4.2.6-1 (medium; bug #514713)
 	[etch] - typo3-src 4.0.2+debian-8

More information about the Secure-testing-commits mailing list