[Secure-testing-commits] r14103 - data/CVE

Joey Hess joeyh at alioth.debian.org
Mon Feb 15 21:15:00 UTC 2010 

Author: joeyh
Date: 2010-02-15 21:14:57 +0000 (Mon, 15 Feb 2010)
New Revision: 14103

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2010-02-15 20:58:50 UTC (rev 14102)
+++ data/CVE/list	2010-02-15 21:14:57 UTC (rev 14103)
@@ -1,3 +1,9 @@
+CVE-2010-0634 (Unspecified vulnerability in Fast Lexical Analyzer Generator (flex) ...)
+	TODO: check
+CVE-2010-0629
+	RESERVED
+CVE-2010-0628
+	RESERVED
 CVE-2010-XXXX [CouchDB: browser interface has XSS, CSRF issues]
 	- couchdb <unfixed> (bug #570013)
 	[lenny] - couchdb <no-dsa> (does not support authentication at all)
@@ -3,17 +9,17 @@
 	NOTE: http://mail-archives.apache.org/mod_mbox/couchdb-dev/201002.mbox/%3C87bpfz5t39.fsf@mid.deneb.enyo.de%3E
 	NOTE: http://www.openwall.com/lists/oss-security/2010/02/15/5
-CVE-2010-0637
+CVE-2010-0637 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
 	TODO: check, webcalendar is in the archive
-CVE-2010-0636
+CVE-2010-0636 (Multiple cross-site scripting (XSS) vulnerabilities in WebCalendar ...)
 	TODO: check, webcalendar is in the archive
-CVE-2010-0635
+CVE-2010-0635 (SQL injection vulnerability in the plgSearchEventsearch::onSearch ...)
 	NOT-FOR-US: JEvents Search plugin for Joomla!
-CVE-2010-0633
+CVE-2010-0633 (Unspecified vulnerability in Citrix XenServer 5.0 Update 3 and ...)
 	NOT-FOR-US: Citrix XenServer
-CVE-2010-0632
+CVE-2010-0632 (SQL injection vulnerability in the Parkview Consultants SimpleFAQ ...)
 	NOT-FOR-US: Parkview Consultants SimpleFAQ component for Joomla!
-CVE-2010-0631
+CVE-2010-0631 (Multiple SQL injection vulnerabilities in index.php in Eicra Car ...)
 	NOT-FOR-US: Eicra Car Rental-Script
-CVE-2010-0630
+CVE-2010-0630 (SQL injection vulnerability in viewjokes.php in Evernew Free Joke ...)
 	NOT-FOR-US: Evernew Free Joke Script
 CVE-2010-0627
@@ -145,8 +151,8 @@
 	- gnome-screensaver <unfixed> (low; bug #569667)
 	[etch] - gnome-screensaver <not-affected> (Vulnerable code not present)
 	[lenny] - gnome-screensaver <not-affected> (Vulnerable code not present)
-CVE-2001-1586
-	RESERVED
+CVE-2001-1586 (Directory traversal vulnerability in SimpleServer:WWW 1.13 and earlier ...)
+	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2010-XXXX [multiple mod_security issues]
 	- libapache-mod-security <unfixed> (bug #569658)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=563455
@@ -482,8 +488,7 @@
 	RESERVED
 CVE-2010-0447
 	RESERVED
-CVE-2010-0446
-	RESERVED
+CVE-2010-0446 (Unspecified vulnerability on the HP DreamScreen 100 and 130 with ...)
 	NOT-FOR-US: HP DreamScreen
 CVE-2010-0445 (Unspecified vulnerability in HP Network Node Manager (NNM) 8.10, 8.11, ...)
 	NOT-FOR-US: HP Network Node Manager
@@ -936,8 +941,7 @@
 CVE-2010-XXXX [zenoss csrf]
 	- zenoss <itp> (bug #361253)
 	NOTE: http://seclists.org/fulldisclosure/2010/Jan/296
-CVE-2010-0309 [linux kvm pit_ioport_read() DoS]
-	RESERVED
+CVE-2010-0309 (The pit_ioport_read function in the Programmable Interval Timer (PIT) ...)
 	{DSA-1996-1}
 	- linux-2.6 2.6.32-8 
 	[etch] - linux-2.6 <not-affected> (kvm introduced in 2.6.25)
@@ -954,8 +958,7 @@
 	{DSA-1996-1}
 	- linux-2.6 2.6.32-8
 	- linux-2.6.24 <removed>
-CVE-2010-0306 [kvm privilege escalation]
-	RESERVED
+CVE-2010-0306 (The x86 emulator in KVM 83, when a guest is configured for Symmetric ...)
 	{DSA-1996-1}
 	- linux-2.6 2.6.32-8
 	[etch] - linux-2.6 <not-affected> (kvm introduced in 2.6.25)
@@ -982,15 +985,13 @@
 	RESERVED
 	- linux-2.6 <unfixed>
 	- linux-2.6.24 <removed>
-CVE-2010-0298 [kvm privilege escalation]
-	RESERVED
+CVE-2010-0298 (The x86 emulator in KVM 83 does not use the Current Privilege Level ...)
 	{DSA-1996-1}
 	- linux-2.6 2.6.32-8
 	[etch] - linux-2.6 <not-affected> (kvm introduced in 2.6.25)
 	- linux-2.6.24 <not-affected> (kvm introduced in 2.6.25)
 	- kvm <removed>
-CVE-2010-0297 [kvm userspace usb-linux.c buffer overflow]
-	RESERVED
+CVE-2010-0297 (Buffer overflow in the usb_host_handle_control function in the USB ...)
 	- qemu-kvm 0.11.1+dfsg-1
 	- kvm <removed>
 CVE-2010-0296
@@ -2406,8 +2407,7 @@
 	RESERVED
 CVE-2009-4275
 	RESERVED
-CVE-2009-4274 [stack-based buffer overflow in netpbm's XPM reader]
-	RESERVED
+CVE-2009-4274 (Stack-based buffer overflow in converter/ppm/xpmtoppm.c in netpbm ...)
 	- netpbm-free <unfixed> (medium; bug #569060)
 CVE-2009-4273 (stap-server in SystemTap before 1.1 allows remote attackers to execute ...)
 	- systemtap 1.1-1

More information about the Secure-testing-commits mailing list