[Secure-testing-commits] r14995 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Wed Jul 14 21:14:55 UTC 2010
Author: joeyh
Date: 2010-07-14 21:14:54 +0000 (Wed, 14 Jul 2010)
New Revision: 14995
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-07-14 20:21:36 UTC (rev 14994)
+++ data/CVE/list 2010-07-14 21:14:54 UTC (rev 14995)
@@ -1,3 +1,27 @@
+CVE-2010-2724 (Cross-site scripting (XSS) vulnerability in the Hierarchical Select ...)
+ TODO: check
+CVE-2010-2723 (Cross-site scripting (XSS) vulnerability in LISTSERV 15 and 16 allows ...)
+ TODO: check
+CVE-2010-2722 (Cross-site scripting (XSS) vulnerability in index.php in RightInPoint ...)
+ TODO: check
+CVE-2010-2721 (SQL injection vulnerability in index.php in RightInPoint Lyrics Script ...)
+ TODO: check
+CVE-2010-2720 (SQL injection vulnerability in list.php in phpaaCms 0.3.1 UTF-8, and ...)
+ TODO: check
+CVE-2010-2719 (SQL injection vulnerability in show.php in phpaaCms 0.3.1 UTF-8, and ...)
+ TODO: check
+CVE-2010-2718 (Multiple cross-site scripting (XSS) vulnerabilities in CruxSoftware ...)
+ TODO: check
+CVE-2010-2717 (Cross-site scripting (XSS) vulnerability in manager/login.php in ...)
+ TODO: check
+CVE-2010-2716 (Multiple SQL injection vulnerabilities in PsNews 1.3 allow remote ...)
+ TODO: check
+CVE-2010-2715 (Cross-site scripting (XSS) vulnerability in photos/index.php in TCW ...)
+ TODO: check
+CVE-2010-2714 (SQL injection vulnerability in photos/index.php in TCW PHP Album 1.0 ...)
+ TODO: check
+CVE-2010-2713
+ RESERVED
CVE-2010-2712
RESERVED
CVE-2010-2711
@@ -36,8 +60,7 @@
TODO: check
CVE-2010-2694 (SQL injection vulnerability in the redSHOP Component (com_redshop) 1.0 ...)
TODO: check
-CVE-2010-2693
- RESERVED
+CVE-2010-2693 (FreeBSD 7.1 through 8.1-PRERELEASE does not copy the read-only flag ...)
- kfreebsd-7 7.3-5
- kfreebsd-8 8.0-10
CVE-2010-2692 (Cross-site scripting (XSS) vulnerability in 2daybiz Custom T-Shirt ...)
@@ -415,6 +438,7 @@
RESERVED
CVE-2010-2527
RESERVED
+ {DSA-2070-1}
- freetype 2.4.0-1
CVE-2010-2526
RESERVED
@@ -422,17 +446,19 @@
RESERVED
CVE-2010-2524
RESERVED
-CVE-2010-2523
- RESERVED
-CVE-2010-2522
- RESERVED
+CVE-2010-2523 (Multiple buffer overflows in ha.c in the mipv6 daemon in UMIP 0.4 ...)
+ TODO: check
+CVE-2010-2522 (The mipv6 daemon in UMIP 0.4 does not verify that netlink messages ...)
+ TODO: check
CVE-2010-2521
RESERVED
CVE-2010-2520 [freetype]
RESERVED
+ {DSA-2070-1}
- freetype 2.4.0-1
CVE-2010-2519
RESERVED
+ {DSA-2070-1}
CVE-2010-2518 (Unspecified vulnerability in the P8 Content Engine (P8CE) 4.5.1 before ...)
NOT-FOR-US: P8 Content Search Engine
CVE-2010-2517 (Multiple unspecified vulnerabilities in IBM Rational ClearQuest before ...)
@@ -504,15 +530,19 @@
RESERVED
CVE-2010-2500 [freetype]
RESERVED
+ {DSA-2070-1}
- freetype 2.4.0-1
CVE-2010-2499 [freetype]
RESERVED
+ {DSA-2070-1}
- freetype 2.4.0-1
CVE-2010-2498 [freetype]
RESERVED
+ {DSA-2070-1}
- freetype 2.4.0-1
CVE-2010-2497 [freetype]
RESERVED
+ {DSA-2070-1}
- freetype 2.4.0-1
CVE-2010-2496
RESERVED
@@ -731,30 +761,30 @@
RESERVED
CVE-2010-2404
RESERVED
-CVE-2010-2403
- RESERVED
-CVE-2010-2402
- RESERVED
-CVE-2010-2401
- RESERVED
-CVE-2010-2400
- RESERVED
-CVE-2010-2399
- RESERVED
-CVE-2010-2398
- RESERVED
-CVE-2010-2397
- RESERVED
+CVE-2010-2403 (Unspecified vulnerability in the PeopleSoft Enterprise Campus ...)
+ TODO: check
+CVE-2010-2402 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+ TODO: check
+CVE-2010-2401 (Unspecified vulnerability in the PeopleSoft Enterprise HCM - eProfile ...)
+ TODO: check
+CVE-2010-2400 (Unspecified vulnerability in Oracle Solaris 9 and 10, and OpenSolaris, ...)
+ TODO: check
+CVE-2010-2399 (Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows ...)
+ TODO: check
+CVE-2010-2398 (Unspecified vulnerability in the PeopleSoft Enterprise HCM component ...)
+ TODO: check
+CVE-2010-2397 (Unspecified vulnerability in Oracle Sun Java System Application Server ...)
+ TODO: check
CVE-2010-2396
RESERVED
CVE-2010-2395
RESERVED
-CVE-2010-2394
- RESERVED
-CVE-2010-2393
- RESERVED
-CVE-2010-2392
- RESERVED
+CVE-2010-2394 (Unspecified vulnerability in Oracle Solaris 10 allows local users to ...)
+ TODO: check
+CVE-2010-2393 (Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows ...)
+ TODO: check
+CVE-2010-2392 (Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows ...)
+ TODO: check
CVE-2010-2391
RESERVED
CVE-2010-2390
@@ -765,40 +795,40 @@
RESERVED
CVE-2010-2387
RESERVED
-CVE-2010-2386
- RESERVED
-CVE-2010-2385
- RESERVED
-CVE-2010-2384
- RESERVED
-CVE-2010-2383
- RESERVED
-CVE-2010-2382
- RESERVED
-CVE-2010-2381
- RESERVED
-CVE-2010-2380
- RESERVED
-CVE-2010-2379
- RESERVED
-CVE-2010-2378
- RESERVED
-CVE-2010-2377
- RESERVED
-CVE-2010-2376
- RESERVED
-CVE-2010-2375
- RESERVED
-CVE-2010-2374
- RESERVED
-CVE-2010-2373
- RESERVED
-CVE-2010-2372
- RESERVED
-CVE-2010-2371
- RESERVED
-CVE-2010-2370
- RESERVED
+CVE-2010-2386 (Unspecified vulnerability in Oracle Solaris 8, 9, and 10, and ...)
+ TODO: check
+CVE-2010-2385 (Unspecified vulnerability in Oracle Sun Java System Web Proxy Server ...)
+ TODO: check
+CVE-2010-2384 (Unspecified vulnerability in Oracle Solaris 9 and 10 allows local ...)
+ TODO: check
+CVE-2010-2383 (Unspecified vulnerability in Oracle Solaris 8, 9, and 10, and ...)
+ TODO: check
+CVE-2010-2382 (Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows local ...)
+ TODO: check
+CVE-2010-2381 (Unspecified vulnerability in the Application Server Control component ...)
+ TODO: check
+CVE-2010-2380 (Unspecified vulnerability in the PeopleSoft Enterprise FSCM component ...)
+ TODO: check
+CVE-2010-2379 (Unspecified vulnerability in the PeopleSoft Enterprise HCM - Time & ...)
+ TODO: check
+CVE-2010-2378 (Unspecified vulnerability in the PeopleSoft Enterprise CRM component ...)
+ TODO: check
+CVE-2010-2377 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+ TODO: check
+CVE-2010-2376 (Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows local ...)
+ TODO: check
+CVE-2010-2375 (Package/Privilege: Plugins for Apache, Sun and IIS web servers ...)
+ TODO: check
+CVE-2010-2374 (Unspecified vulnerability in Solaris Studio 12 update 1 allows local ...)
+ TODO: check
+CVE-2010-2373 (Unspecified vulnerability in the Console component in Oracle ...)
+ TODO: check
+CVE-2010-2372 (Unspecified vulnerability in the Oracle Transportation Management ...)
+ TODO: check
+CVE-2010-2371 (Unspecified vulnerability in the Oracle Transportation Management ...)
+ TODO: check
+CVE-2010-2370 (Unspecified vulnerability in the Oracle Business Process Management ...)
+ TODO: check
CVE-2010-2369
RESERVED
CVE-2010-2368
@@ -1182,8 +1212,7 @@
- moodle 1.9.9-1 (bug #586280)
CVE-2010-2228 (Cross-site scripting (XSS) vulnerability in the MNET access-control ...)
- moodle 1.9.9-1 (bug #586280)
-CVE-2010-2227 [tomcat Apache Tomcat Remote Denial Of Service and Information Disclosure Vulnerability]
- RESERVED
+CVE-2010-2227 (Apache Tomcat 5.5.0 through 5.5.29, 6.0.0 through 6.0.27, and 7.0.0 ...)
- tomcat5 <removed>
- tomcat6 <unfixed> (bug filed)
CVE-2010-2226 [xfs SWAPEXT ioctl permissions bypass]
@@ -1734,8 +1763,8 @@
NOT-FOR-US: CTools module for Drupal
CVE-2010-2009 (Stack-based buffer overflow in the media library in BS.Global ...)
NOT-FOR-US: BS.Global BS.Player
-CVE-2010-2008
- RESERVED
+CVE-2010-2008 (MySQL before 5.1.48 allows remote authenticated users with alter ...)
+ TODO: check
CVE-2010-2007 (Multiple cross-site request forgery (CSRF) vulnerabilities in LetoDMS ...)
- mydms <unfixed> (bug #582587; medium)
NOTE: seems to have changed name to letoDMS
@@ -4947,44 +4976,44 @@
NOT-FOR-US: IBM Lotus iNotes/IBM Domino Web Access
CVE-2010-0917 (Stack-based buffer overflow in VBScript in Microsoft Windows 2000 SP4, ...)
NOT-FOR-US: Microsoft Windows
-CVE-2010-0916
- RESERVED
-CVE-2010-0915
- RESERVED
-CVE-2010-0914
- RESERVED
-CVE-2010-0913
- RESERVED
-CVE-2010-0912
- RESERVED
-CVE-2010-0911
- RESERVED
-CVE-2010-0910
- RESERVED
-CVE-2010-0909
- RESERVED
-CVE-2010-0908
- RESERVED
-CVE-2010-0907
- RESERVED
-CVE-2010-0906
- RESERVED
-CVE-2010-0905
- RESERVED
-CVE-2010-0904
- RESERVED
-CVE-2010-0903
- RESERVED
-CVE-2010-0902
- RESERVED
-CVE-2010-0901
- RESERVED
-CVE-2010-0900
- RESERVED
-CVE-2010-0899
- RESERVED
-CVE-2010-0898
- RESERVED
+CVE-2010-0916 (Unspecified vulnerability in Oracle OpenSolaris 10 allows local users ...)
+ TODO: check
+CVE-2010-0915 (Unspecified vulnerability in the Oracle Advanced Product Catalog ...)
+ TODO: check
+CVE-2010-0914 (Unspecified vulnerability in Oracle Sun Convergence 1.0 allows remote ...)
+ TODO: check
+CVE-2010-0913 (Unspecified vulnerability in the Oracle Applications Manager component ...)
+ TODO: check
+CVE-2010-0912 (Unspecified vulnerability in the Oracle Applications Framework ...)
+ TODO: check
+CVE-2010-0911 (Unspecified vulnerability in the Listener component in Oracle Database ...)
+ TODO: check
+CVE-2010-0910 (Unspecified vulnerability in the Data Server component in Oracle ...)
+ TODO: check
+CVE-2010-0909 (Unspecified vulnerability in the Oracle Applications Framework ...)
+ TODO: check
+CVE-2010-0908 (Unspecified vulnerability in the Oracle Applications Framework ...)
+ TODO: check
+CVE-2010-0907 (Unspecified vulnerability in Oracle Secure Backup 10.3.0.1 allows ...)
+ TODO: check
+CVE-2010-0906 (Unspecified vulnerability in Oracle Secure Backup 10.3.0.1 allows ...)
+ TODO: check
+CVE-2010-0905 (Unspecified vulnerability in the Oracle Applications Manager component ...)
+ TODO: check
+CVE-2010-0904 (Unspecified vulnerability in Oracle Secure Backup 10.3.0.1 allows ...)
+ TODO: check
+CVE-2010-0903 (Unspecified vulnerability in the Net Foundation Layer component in ...)
+ TODO: check
+CVE-2010-0902 (Unspecified vulnerability in the Oracle OLAP component in Oracle ...)
+ TODO: check
+CVE-2010-0901 (Unspecified vulnerability in the Export component in Oracle Database ...)
+ TODO: check
+CVE-2010-0900 (Unspecified vulnerability in the Network Layer component in Oracle ...)
+ TODO: check
+CVE-2010-0899 (Unspecified vulnerability in Oracle Secure Backup 10.3.0.1 allows ...)
+ TODO: check
+CVE-2010-0898 (Unspecified vulnerability in Oracle Secure Backup 10.3.0.1 allows ...)
+ TODO: check
CVE-2010-0897 (Unspecified vulnerability in the Sun Java System Directory Server ...)
NOT-FOR-US: Sun Java System Directory Server
CVE-2010-0896 (Unspecified vulnerability in the Sun Convergence component in Oracle ...)
@@ -4995,8 +5024,8 @@
NOT-FOR-US: Oracle Sun Product Suite
CVE-2010-0893 (Unspecified vulnerability in the Sun Convergence component in Oracle ...)
NOT-FOR-US: Oracle sun Product Suite
-CVE-2010-0892
- RESERVED
+CVE-2010-0892 (Unspecified vulnerability in the Application Express component in ...)
+ TODO: check
CVE-2010-0891 (Unspecified vulnerability in the Sun Management Center component in ...)
NOT-FOR-US: Oracle Sun Product Suite
CVE-2010-0890 (Unspecified vulnerability in the Solaris component in Oracle Sun ...)
@@ -5037,8 +5066,8 @@
NOT-FOR-US: Oracle Industry Product Suite
CVE-2010-0874 (Unspecified vulnerability in the Communications - Oracle ...)
NOT-FOR-US: Oracle Industry Product Suite
-CVE-2010-0873
- RESERVED
+CVE-2010-0873 (Unspecified vulnerability in the Data Server component in Oracle ...)
+ TODO: check
CVE-2010-0872 (Unspecified vulnerability in the Oracle Internet Directory component ...)
NOT-FOR-US: Oracle Fusion Middleware
CVE-2010-0871 (Unspecified vulnerability in the Oracle Application Object Library ...)
@@ -5139,10 +5168,10 @@
- openjdk-6 <undetermined>
- sun-java6 6.19-1
[lenny] - sun-java6 6-20-0lenny1
-CVE-2010-0836
- RESERVED
-CVE-2010-0835
- RESERVED
+CVE-2010-0836 (Unspecified vulnerability in the Oracle Knowledge Management component ...)
+ TODO: check
+CVE-2010-0835 (Unspecified vulnerability in the Wireless component in Oracle Fusion ...)
+ TODO: check
CVE-2010-0834
RESERVED
CVE-2010-0833
@@ -7905,14 +7934,14 @@
- openjdk-6 <undetermined>
- sun-java6 6.19-1
[lenny] - sun-java6 6-20-0lenny1
-CVE-2010-0083
- RESERVED
+CVE-2010-0083 (Unspecified vulnerability in Oracle OpenSolaris 8, 9, and 10 allows ...)
+ TODO: check
CVE-2010-0082 (Unspecified vulnerability in the HotSpot Server component in Oracle ...)
- openjdk-6 <undetermined>
- sun-java6 6.19-1
[lenny] - sun-java6 6-20-0lenny1
-CVE-2010-0081
- RESERVED
+CVE-2010-0081 (Unspecified vulnerability in the Application Server Control component ...)
+ TODO: check
CVE-2010-0080 (Unspecified vulnerability in the PeopleSoft Enterprise HCM - eProfile ...)
NOT-FOR-US: PeopleSoft Enterprise HCM
CVE-2010-0079 (Multiple vulnerabilities in the JRockit component in BEA Product Suite ...)
@@ -9168,9 +9197,11 @@
CVE-2009-3997 (Integer overflow in IN_MOD.DLL (aka the Module Decoder Plug-in) in ...)
NOT-FOR-US: winamp
CVE-2009-3996 (Heap-based buffer overflow in IN_MOD.DLL (aka the Module Decoder ...)
+ {DSA-2071-1}
- libmikmod 3.1.11-6.2 (bug #575742)
NOTE: http://secunia.com/secunia_research/2009-55/
CVE-2009-3995 (Multiple heap-based buffer overflows in IN_MOD.DLL (aka the Module ...)
+ {DSA-2071-1}
- libmikmod 3.1.11-6.2 (bug #575742)
NOTE: http://secunia.com/secunia_research/2009-55/
CVE-2009-3994 (Stack-based buffer overflow in the GetUID function in ...)
@@ -9795,12 +9826,12 @@
CVE-2009-3765 (mutt_ssl.c in mutt 1.5.19 and 1.5.20, when OpenSSL is used, does not ...)
- mutt <not-affected> (uses GnuTLS and not OpenSSL)
NOTE: our mutt is linked against gnutls
-CVE-2009-3764
- RESERVED
-CVE-2009-3763
- RESERVED
-CVE-2009-3762
- RESERVED
+CVE-2009-3764 (Unspecified vulnerability in the OpenSSO component in Oracle OpenSSO ...)
+ TODO: check
+CVE-2009-3763 (Unspecified vulnerability in the Access Manager / OpenSSO component in ...)
+ TODO: check
+CVE-2009-3762 (Unspecified vulnerability in Oracle OpenSSO Enterprise 8.0 allows ...)
+ TODO: check
CVE-2009-3761
RESERVED
CVE-2009-3760 (Static code injection vulnerability in config/writeconfig.php in the ...)
@@ -27119,7 +27150,7 @@
[etch] - dist 3.70-31etch1
CVE-2008-4970 (runiozone in lustre 1.6.5 allows local users to overwrite arbitrary ...)
- lustre 1.6.5.1-1 (low; bug #496371)
-CVE-2008-4247 (ftpd in OpenBSD 4.3, FreeBSD 7.0, and NetBSD 4.0 interprets long ...)
+CVE-2008-4247 (ftpd in OpenBSD 4.3, FreeBSD 7.0, NetBSD 4.0, Solaris, and possibly ...)
- linux-ftpd-ssl 0.17.27+0.3-3 (bug #500518)
[etch] - linux-ftpd-ssl 0.17.18+0.3-6etch1
- linux-ftpd 0.17-29 (bug #500278)
More information about the Secure-testing-commits
mailing list