[Secure-testing-commits] r14857 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Thu Jun 10 21:14:20 UTC 2010
Author: joeyh
Date: 2010-06-10 21:14:20 +0000 (Thu, 10 Jun 2010)
New Revision: 14857
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-06-10 19:00:16 UTC (rev 14856)
+++ data/CVE/list 2010-06-10 21:14:20 UTC (rev 14857)
@@ -1,3 +1,87 @@
+CVE-2010-2262 (Galileo Students Team Weborf before 0.12.1 allows remote attackers to ...)
+ TODO: check
+CVE-2010-2261 (Linksys WAP54Gv3 firmware 3.04.03 and earlier allows remote attackers ...)
+ TODO: check
+CVE-2010-2260 (Multiple cross-site scripting (XSS) vulnerabilities in Gambit Design ...)
+ TODO: check
+CVE-2010-2259 (Directory traversal vulnerability in the BF Survey (com_bfsurvey) ...)
+ TODO: check
+CVE-2010-2258 (Cross-site scripting (XSS) vulnerability in signupconfirm.php in ...)
+ TODO: check
+CVE-2010-2257 (SQL injection vulnerability in index_ie.php in Pay Per Minute Video ...)
+ TODO: check
+CVE-2010-2256 (Multiple cross-site scripting (XSS) vulnerabilities in Pay Per Minute ...)
+ TODO: check
+CVE-2010-2255 (SQL injection vulnerability in the BF Survey Pro (com_bfsurvey_pro) ...)
+ TODO: check
+CVE-2010-2254 (SQL injection vulnerability in the Shape5 Bridge of Hope template for ...)
+ TODO: check
+CVE-2010-2253
+ RESERVED
+CVE-2010-2252
+ RESERVED
+CVE-2010-2251
+ RESERVED
+CVE-2010-2250
+ RESERVED
+CVE-2010-2249
+ RESERVED
+CVE-2010-2248
+ RESERVED
+CVE-2010-2247
+ RESERVED
+CVE-2010-2246
+ RESERVED
+CVE-2010-2245
+ RESERVED
+CVE-2010-2244
+ RESERVED
+CVE-2010-2243
+ RESERVED
+CVE-2010-2242
+ RESERVED
+CVE-2010-2241
+ RESERVED
+CVE-2010-2240
+ RESERVED
+CVE-2010-2239
+ RESERVED
+CVE-2010-2238
+ RESERVED
+CVE-2010-2237
+ RESERVED
+CVE-2010-2236
+ RESERVED
+CVE-2010-2235
+ RESERVED
+CVE-2010-2234
+ RESERVED
+CVE-2010-2233
+ RESERVED
+CVE-2010-2232
+ RESERVED
+CVE-2010-2231
+ RESERVED
+CVE-2010-2230
+ RESERVED
+CVE-2010-2229
+ RESERVED
+CVE-2010-2228
+ RESERVED
+CVE-2010-2227
+ RESERVED
+CVE-2010-2226
+ RESERVED
+CVE-2010-2225
+ RESERVED
+CVE-2010-2224
+ RESERVED
+CVE-2010-2223
+ RESERVED
+CVE-2010-2222
+ RESERVED
+CVE-2010-2221
+ RESERVED
CVE-2010-2220
RESERVED
CVE-2010-2219
@@ -60,8 +144,8 @@
RESERVED
CVE-2010-2194
RESERVED
-CVE-2010-2193
- RESERVED
+CVE-2010-2193 (Multiple unspecified vulnerabilities in the CA (1) PSFormX and (2) ...)
+ TODO: check
CVE-2010-2192
RESERVED
CVE-2010-2191 (The (1) parse_str, (2) preg_match, (3) unpack, and (4) pack functions; ...)
@@ -612,10 +696,10 @@
NOT-FOR-US: HP ServiceCenter
CVE-2010-1962 (Unspecified vulnerability in HP StorageWorks Storage Mirroring 5 ...)
NOT-FOR-US: HP StorageWorks
-CVE-2010-1961
- RESERVED
-CVE-2010-1960
- RESERVED
+CVE-2010-1961 (Buffer overflow in ovutil.dll in ovwebsnmpsrv.exe in HP OpenView ...)
+ TODO: check
+CVE-2010-1960 (Buffer overflow in the error handling functionality in ...)
+ TODO: check
CVE-2010-1959 (Unspecified vulnerability in HP TestDirector for Quality Center 9.2 ...)
NOT-FOR-US: HP TestDirector for Quality Center
CVE-2010-1958
@@ -691,8 +775,8 @@
RESERVED
CVE-2010-1932
RESERVED
-CVE-2010-1931
- RESERVED
+CVE-2010-1931 (SQL injection vulnerability in includes/content/cart.inc.php in ...)
+ TODO: check
CVE-2010-1930
RESERVED
CVE-2010-1929
@@ -879,8 +963,8 @@
NOT-FOR-US: PHP Easy Shopping Cart
CVE-2009-4855 (SQL injection vulnerability in index.php in TYPO3 4.0 allows remote ...)
- typo3-src 4.2.5-1+lenny3
- NOTE: I have no idea when this was fixed, 4.2.5-1+lenny3 is the version currently in lenny
- NOTE: which is not affected by this bug
+ NOTE: I have no idea when this was fixed, 4.2.5-1+lenny3 is the version currently in lenny
+ NOTE: which is not affected by this bug
CVE-2009-4854 (addons/import.php in TalkBack 2.3.14 allows remote attackers to ...)
NOT-FOR-US: TalkBack
CVE-2009-4853 (Multiple cross-site scripting (XSS) vulnerabilities in JumpBox before ...)
@@ -1540,14 +1624,14 @@
RESERVED
CVE-2010-1574
RESERVED
-CVE-2010-1573
- RESERVED
-CVE-2010-1572
- RESERVED
-CVE-2010-1571
- RESERVED
-CVE-2010-1570
- RESERVED
+CVE-2010-1573 (Linksys WAP54Gv3 firmware 3.04.03 and earlier uses a hard-coded ...)
+ TODO: check
+CVE-2010-1572 (Unspecified vulnerability in the tech support diagnostic shell in ...)
+ TODO: check
+CVE-2010-1571 (Directory traversal vulnerability in the bootstrap service in Cisco ...)
+ TODO: check
+CVE-2010-1570 (The computer telephony integration (CTI) server component in Cisco ...)
+ TODO: check
CVE-2010-1569
RESERVED
CVE-2010-1568 (The Send Secure functionality in the Cisco IronPort Desktop Flag ...)
@@ -1983,6 +2067,7 @@
- lxr-cvs <unfixed>
TODO: prod maintainer (and find out why we have lxr and lxr-cvs)
CVE-2010-1447 (PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, ...)
+ {DSA-2051-1}
- postgresql-8.4 8.4.4-1
- postgresql-8.3 <removed>
CVE-2010-1446 (arch/powerpc/mm/fsl_booke_mmu.c in KGDB in the Linux kernel 2.6.30 and ...)
@@ -2411,7 +2496,7 @@
NOT-FOR-US: Microsoft
CVE-2010-1254 (The installation for Microsoft Open XML File Format Converter for Mac ...)
NOT-FOR-US: Microsoft
-CVE-2010-1253 (Unspecified vulnerability in Microsoft Office Excel 2002 SP3, 2007 ...)
+CVE-2010-1253 (Microsoft Office Excel 2002 SP3, 2007 SP1, and SP2; Office 2004 for ...)
NOT-FOR-US: Microsoft
CVE-2010-1252 (Unspecified vulnerability in Microsoft Office Excel 2002 SP3 and ...)
NOT-FOR-US: Microsoft
@@ -4920,6 +5005,7 @@
NOTE: Will be fixed in s-p-u
CVE-2010-0407 [pcsc-lite local privilege escalation]
RESERVED
+ {DSA-2059-1}
- pcsc-lite 1.5.4-1
CVE-2010-0406 (OpenTTD before 1.0.1 allows remote attackers to cause a denial of ...)
- openttd 1.0.1-1
@@ -4956,8 +5042,7 @@
CVE-2010-0396 (Directory traversal vulnerability in the dpkg-source component in dpkg ...)
{DSA-2011-1}
- dpkg 1.15.6
-CVE-2010-0395 [openoffice python macro code execution]
- RESERVED
+CVE-2010-0395 (OpenOffice.org 2.x and 3.0 before 3.2.1 allows user-assisted remote ...)
{DSA-2055-1}
- openoffice.org 1:3.2.1-1 (low)
CVE-2010-0394 (PyGIT.py in the Trac Git plugin (trac-git) before ...)
More information about the Secure-testing-commits
mailing list