[Secure-testing-commits] r14983 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Mon Jul 12 21:14:26 UTC 2010
Author: joeyh
Date: 2010-07-12 21:14:25 +0000 (Mon, 12 Jul 2010)
New Revision: 14983
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-07-12 16:40:53 UTC (rev 14982)
+++ data/CVE/list 2010-07-12 21:14:25 UTC (rev 14983)
@@ -1,3 +1,105 @@
+CVE-2010-2692 (Cross-site scripting (XSS) vulnerability in 2daybiz Custom T-Shirt ...)
+ TODO: check
+CVE-2010-2691 (Multiple SQL injection vulnerabilities in 2daybiz Custom T-Shirt ...)
+ TODO: check
+CVE-2010-2690 (SQL injection vulnerability in the JOOFORGE Gamesbox (com_gamesbox) ...)
+ TODO: check
+CVE-2010-2689 (SQL injection vulnerability in cont_form.php in Internet DM WebDM CMS ...)
+ TODO: check
+CVE-2010-2688 (SQL injection vulnerability in detail.asp in Site2Nite Boat ...)
+ TODO: check
+CVE-2010-2687 (SQL injection vulnerability in printdetail.asp in Site2Nite Boat ...)
+ TODO: check
+CVE-2010-2686 (Multiple SQL injection vulnerabilities in clientes.asp in TopManage ...)
+ TODO: check
+CVE-2010-2685 (siteadmin/adduser.php in Customer Paradigm PageDirector CMS does not ...)
+ TODO: check
+CVE-2010-2684 (SQL injection vulnerability in index.php in Customer Paradigm ...)
+ TODO: check
+CVE-2010-2683 (SQL injection vulnerability in result.php in Customer Paradigm ...)
+ TODO: check
+CVE-2010-2682 (Directory traversal vulnerability in the Realtyna Translator ...)
+ TODO: check
+CVE-2010-2681 (PHP remote file inclusion vulnerability in the SEF404x (com_sef) ...)
+ TODO: check
+CVE-2010-2680 (Directory traversal vulnerability in the JExtensions JE ...)
+ TODO: check
+CVE-2010-2679 (SQL injection vulnerability in the Weblinks (com_weblinks) component ...)
+ TODO: check
+CVE-2010-2678 (SQL injection vulnerability in xmap (com_xmap) component for Joomla! ...)
+ TODO: check
+CVE-2010-2677 (PHP remote file inclusion vulnerability in mw_plugin.php in Open Web ...)
+ TODO: check
+CVE-2010-2676 (Multiple directory traversal vulnerabilities in index.php in Open Web ...)
+ TODO: check
+CVE-2010-2675 (Cross-site scripting (XSS) vulnerability in index.php in TSOKA:CMS ...)
+ TODO: check
+CVE-2010-2674 (SQL injection vulnerability in index.php in TSOKA:CMS 1.1, 1.9, and ...)
+ TODO: check
+CVE-2010-2673 (SQL injection vulnerability in profile_view.php in Devana 1.6.6 and ...)
+ TODO: check
+CVE-2010-2672 (Multiple SQL injection vulnerabilities in eZ Publish 3.7.0 through ...)
+ TODO: check
+CVE-2010-2671 (Cross-site scripting (XSS) vulnerability in advancedsearch.php in eZ ...)
+ TODO: check
+CVE-2010-2670 (SQL injection vulnerability in recipedetail.php in BrotherScripts ...)
+ TODO: check
+CVE-2010-2669 (Cross-site scripting (XSS) vulnerability in ...)
+ TODO: check
+CVE-2010-2668 (Unspecified vulnerability in Adaptive Micro Systems ALPHA Ethernet ...)
+ TODO: check
+CVE-2010-2667
+ RESERVED
+CVE-2010-2666 (Opera before 10.54 on Windows and Mac OS X does not properly enforce ...)
+ TODO: check
+CVE-2010-2665 (Cross-site scripting (XSS) vulnerability in Opera before 10.54 on ...)
+ TODO: check
+CVE-2010-2664 (Opera before 10.60 allows remote attackers to cause a denial of ...)
+ TODO: check
+CVE-2010-2663 (Opera before 10.60 allows remote attackers to cause a denial of ...)
+ TODO: check
+CVE-2010-2662 (Opera before 10.60 allows remote attackers to bypass the popup blocker ...)
+ TODO: check
+CVE-2010-2661 (Opera before 10.54 on Windows and Mac OS X, and before 10.60 on UNIX ...)
+ TODO: check
+CVE-2010-2660 (Opera before 10.54 on Windows and Mac OS X, and before 10.60 on UNIX ...)
+ TODO: check
+CVE-2010-2659 (Opera before 10.50 on Windows, before 10.52 on Mac OS X, and before ...)
+ TODO: check
+CVE-2010-2658 (Opera before 10.60 does not properly restrict certain interaction ...)
+ TODO: check
+CVE-2010-2657 (Opera before 10.60 on Windows and Mac OS X does not properly prevent ...)
+ TODO: check
+CVE-2010-2656 (The IBM BladeCenter with Advanced Management Module (AMM) firmware ...)
+ TODO: check
+CVE-2010-2655 (Directory traversal vulnerability in private/file_management.php on ...)
+ TODO: check
+CVE-2010-2654 (Multiple cross-site scripting (XSS) vulnerabilities on the IBM ...)
+ TODO: check
+CVE-2010-2653
+ RESERVED
+CVE-2009-4935 (SQL injection vulnerability in ogp_show.php in Online Guestbook Pro ...)
+ TODO: check
+CVE-2009-4934 (Cross-site scripting (XSS) vulnerability in index.php in Online Photo ...)
+ TODO: check
+CVE-2009-4933 (Multiple SQL injection vulnerabilities in login.php in EZ Webitor ...)
+ TODO: check
+CVE-2009-4932 (Stack-based buffer overflow in 1by1 1.67 (aka 1.6.7.0) allows remote ...)
+ TODO: check
+CVE-2009-4931 (Stack-based buffer overflow in Groovy Media Player 1.1.0 allows remote ...)
+ TODO: check
+CVE-2009-4930 (Cross-site scripting (XSS) vulnerability in the ...)
+ TODO: check
+CVE-2009-4929 (admin/manage_users.php in TotalCalendar 2.4 does not require ...)
+ TODO: check
+CVE-2009-4928 (PHP remote file inclusion vulnerability in config.php in TotalCalendar ...)
+ TODO: check
+CVE-2009-4927 (WB News 2.1.2 allows remote attackers to bypass authentication and ...)
+ TODO: check
+CVE-2009-4926 (Multiple cross-site scripting (XSS) vulnerabilities in Online Contact ...)
+ TODO: check
+CVE-2009-4925 (Multiple SQL injection vulnerabilities in Portale e-commerce Creasito ...)
+ TODO: check
CVE-2010-2652 (Google Chrome before 5.0.375.99 does not properly implement modal ...)
TODO: check
CVE-2010-2651 (The Cascading Style Sheets (CSS) implementation in Google Chrome ...)
@@ -70,8 +172,7 @@
TODO: check
CVE-2004-2769 (Cerberus FTP Server before 4.0.3.0 allows remote authenticated users ...)
TODO: check
-CVE-2010-2494 [bogofilter invalid null write]
- RESERVED
+CVE-2010-2494 (Multiple buffer underflows in the base64 decoder in base64.c in (1) ...)
- bogofilter 1.2.1-3 (low; bug #588090)
[lenny] - bogofilter <no-dsa> (Minor issue)
NOTE: this is "only" null write to an invalid pointer, no arbitrary location
@@ -375,8 +476,7 @@
TODO: File bug
- qt4-x11 <undetermined> (low; bug #587713)
NOTE: unclear whether is qt's or sqlite's fault
-CVE-2010-2489 [ruby buffer overflow on Windows]
- RESERVED
+CVE-2010-2489 (Buffer overflow in Ruby 1.9.x before 1.9.1-p429 on Windows might allow ...)
- ruby1.8 <not-affected> (Windows-specific)
- ruby1.9.1 <not-affected> (Windows-specific)
CVE-2010-2488 [znc null pointer deref]
@@ -990,8 +1090,8 @@
[lenny] - feh <no-dsa> (Minor issue)
CVE-2010-2245
RESERVED
-CVE-2010-2244
- RESERVED
+CVE-2010-2244 (The AvahiDnsPacket function in avahi-core/socket.c in avahi-daemon in ...)
+ TODO: check
CVE-2010-2243 [timekeeping oops]
RESERVED
- linux-2.6 2.6.32-11
@@ -1044,8 +1144,8 @@
NOT-FOR-US: Red Hat Enterprise Virtualization Hypervisor (RHEV-H)
CVE-2010-2222
RESERVED
-CVE-2010-2221
- RESERVED
+CVE-2010-2221 (Multiple buffer overflows in the iSNS implementation in isns.c in (1) ...)
+ TODO: check
CVE-2010-2220
RESERVED
CVE-2010-2219
@@ -2696,8 +2796,8 @@
TODO: check
CVE-2010-1575 (The Cisco Content Services Switch (CSS) 11500 with software 08.20.1.01 ...)
TODO: check
-CVE-2010-1574
- RESERVED
+CVE-2010-1574 (IOS 12.2(52)SE and 12.2(52)SE1 on Cisco Industrial Ethernet (IE) 3000 ...)
+ TODO: check
CVE-2010-1573 (Linksys WAP54Gv3 firmware 3.04.03 and earlier uses a hard-coded ...)
NOT-FOR-US: Linksys firmware
CVE-2010-1572 (Unspecified vulnerability in the tech support diagnostic shell in ...)
@@ -4145,8 +4245,7 @@
NOT-FOR-US: ws_ecard extension for typo3
CVE-2009-4739 (PHP remote file inclusion vulnerability in index.php in SkaDate Dating ...)
NOT-FOR-US: SkaDate Dating
-CVE-2010-2445 [freeciv lua]
- RESERVED
+CVE-2010-2445 (freeciv 2.2 before 2.2.1 and 2.3 before 2.3.0 allows attackers to read ...)
- freeciv 2.2.1-1 (low; bug #584589)
[lenny] - freeciv <no-dsa> (Minor issue)
NOTE: http://gna.org/bugs/?15624
More information about the Secure-testing-commits
mailing list