[Secure-testing-commits] r14884 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Thu Jun 17 21:14:34 UTC 2010
Author: joeyh
Date: 2010-06-17 21:14:34 +0000 (Thu, 17 Jun 2010)
New Revision: 14884
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-06-17 19:06:34 UTC (rev 14883)
+++ data/CVE/list 2010-06-17 21:14:34 UTC (rev 14884)
@@ -1,3 +1,19 @@
+CVE-2010-2312 (SQL injection vulnerability in index.php in HauntmAx Haunted House ...)
+ TODO: check
+CVE-2010-2311 (Stack-based buffer overflow in Power Tab Editor 1.7 build 80 allows ...)
+ TODO: check
+CVE-2010-2310 (SolarWinds TFTP Server 10.4.0.13 allows remote attackers to cause a ...)
+ TODO: check
+CVE-2010-2309 (Buffer overflow in the web server for EvoLogical EvoCam 3.6.6 and ...)
+ TODO: check
+CVE-2010-2308 (Unspecified vulnerability in the filter driver (savonaccessfilter.sys) ...)
+ TODO: check
+CVE-2010-2307 (Multiple directory traversal vulnerabilities in the web server for ...)
+ TODO: check
+CVE-2010-2306 (The default installation of Sourcefire 3D Sensor 1000, 2000, and 9900; ...)
+ TODO: check
+CVE-2010-2305 (Buffer overflow in an ActiveX control in SSHelper.dll for Symantec ...)
+ TODO: check
CVE-2010-2304 (The toAlphabetic function in rendering/RenderListMarker.cpp in WebCore ...)
TODO: check
CVE-2010-2303 (page/Geolocation.cpp in WebCore in WebKit in Google Chrome before ...)
@@ -272,6 +288,7 @@
NOT-FOR-US: CA Global Advisor
CVE-2010-2192 [pmount DoS]
RESERVED
+ {DSA-2063-1}
- pmount 0.9.23-1
CVE-2010-2191 (The (1) parse_str, (2) preg_match, (3) unpack, and (4) pack functions; ...)
- php5 <unfixed> (unimportant)
@@ -555,23 +572,20 @@
RESERVED
CVE-2010-2075 (UnrealIRCd 3.2.8.1, as distributed on certain mirror sites from ...)
- unrealircd <itp> (bug #515130)
-CVE-2010-2074 [w3m NULL byte in SSL cert]
- RESERVED
+CVE-2010-2074 (istream.c in w3m 0.5.2 and possibly other versions, when ...)
- w3m <unfixed> (low)
[lenny] - w3m <no-dsa> (Minor issue)
TODO: File bug
-CVE-2010-2073 [pyftpd default user accounts]
- RESERVED
+CVE-2010-2073 (auth_db_config.py in Pyftpd 0.8.4 contains hard-coded usernames and ...)
- pyftpd <unfixed> (low; bug #585776)
[lenny] - pyftpd <no-dsa> (Minor issue)
-CVE-2010-2072 [pyftpd insecure temp file]
- RESERVED
+CVE-2010-2072 (Pyftpd 0.8.4 creates log files with predictable names in a temporary ...)
- pyftpd <unfixed> (low; bug #585773)
[lenny] - pyftpd <no-dsa> (Minor issue)
-CVE-2010-2071
- RESERVED
-CVE-2010-2070
- RESERVED
+CVE-2010-2071 (The btrfs_xattr_set_acl function in fs/btrfs/acl.c in btrfs in the ...)
+ TODO: check
+CVE-2010-2070 (arch/ia64/xen/faults.c in Xen 3.4 and 4.0 in Linux kernel 2.6.18, and ...)
+ TODO: check
CVE-2010-2069
RESERVED
CVE-2010-2068 [mod_proxy_http request mixup on timeout]
@@ -914,8 +928,8 @@
NOT-FOR-US: OpenMairie openAnnuaire
CVE-2010-1933
RESERVED
-CVE-2010-1932
- RESERVED
+CVE-2010-1932 (Heap-based buffer overflow in XnView 1.97.4 and possibly earlier ...)
+ TODO: check
CVE-2010-1931 (SQL injection vulnerability in includes/content/cart.inc.php in ...)
NOT-FOR-US: CubeCart PHP Shopping Cart
CVE-2010-1930
@@ -1617,6 +1631,7 @@
- mediawiki <unfixed>
NOTE: http://lists.wikimedia.org/pipermail/mediawiki-announce/2010-May/000091.html
CVE-2010-1646 (The secure path feature in env.c in sudo 1.3.1 through 1.6.9p22 and ...)
+ {DSA-2062-1}
- sudo 1.7.2p7-1 (bug #585394)
CVE-2010-1645
RESERVED
More information about the Secure-testing-commits
mailing list