[Secure-testing-commits] r14919 - data/CVE

Mon Jun 28 21:14:20 UTC 2010

Author: joeyh
Date: 2010-06-28 21:14:20 +0000 (Mon, 28 Jun 2010)
New Revision: 14919

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2010-06-28 21:08:26 UTC (rev 14918)
+++ data/CVE/list	2010-06-28 21:14:20 UTC (rev 14919)
@@ -1,3 +1,51 @@
+CVE-2010-2469 (The Linear eMerge 50 and 5000 uses a default password of eMerge for ...)
+	TODO: check
+CVE-2010-2468 (The S2 Security NetBox 2.x and 3.x, as used in the Linear eMerge 50 ...)
+	TODO: check
+CVE-2010-2467 (The S2 Security NetBox, possibly 2.x and 3.x, as used in the Linear ...)
+	TODO: check
+CVE-2010-2466 (The S2 Security NetBox, possibly 2.x and 3.x, as used in the Linear ...)
+	TODO: check
+CVE-2010-2465 (The S2 Security NetBox 2.5, 3.3, and 4.0, as used in the Linear eMerge ...)
+	TODO: check
+CVE-2010-2464 (Multiple cross-site scripting (XSS) vulnerabilities in the RSComments ...)
+	TODO: check
+CVE-2010-2463 (Cross-site scripting (XSS) vulnerability in forum.php in Jamroom ...)
+	TODO: check
+CVE-2010-2462 (SQL injection vulnerability in withdraw_money.php in Toma Cero OroHYIP ...)
+	TODO: check
+CVE-2010-2461 (SQL injection vulnerability in storecat.php in JCE-Tech Overstock 1 ...)
+	TODO: check
+CVE-2010-2460 (SQL injection vulnerability in merchant_product_list.php in JCE-Tech ...)
+	TODO: check
+CVE-2010-2459 (SQL injection vulnerability in video.php in 2daybiz Video Community ...)
+	TODO: check
+CVE-2010-2458 (Cross-site scripting (XSS) vulnerability in video.php in 2daybiz Video ...)
+	TODO: check
+CVE-2010-2457 (Cross-site scripting (XSS) vulnerability in index.php in K-Search ...)
+	TODO: check
+CVE-2010-2456 (Multiple directory traversal vulnerabilities in index.php in Linker ...)
+	TODO: check
+CVE-2010-2455 (Opera does not properly manage the address bar between the request to ...)
+	TODO: check
+CVE-2010-2454 (Apple Safari does not properly manage the address bar between the ...)
+	TODO: check
+CVE-2010-2453
+	RESERVED
+CVE-2009-4909 (admin/index.php in oBlog allows remote attackers to conduct ...)
+	TODO: check
+CVE-2009-4908 (Multiple cross-site scripting (XSS) vulnerabilities in oBlog allow ...)
+	TODO: check
+CVE-2009-4907 (Multiple cross-site request forgery (CSRF) vulnerabilities in oBlog ...)
+	TODO: check
+CVE-2009-4906 (Cross-site request forgery (CSRF) vulnerability in index.php in Acc ...)
+	TODO: check
+CVE-2009-4905 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+	TODO: check
+CVE-2009-4904 (article.php in oBlog does not properly restrict comments, which allows ...)
+	TODO: check
+CVE-2009-4903 (Cross-site scripting (XSS) vulnerability in index.php in oBlog allows ...)
+	TODO: check
 CVE-2010-XXXX [feh --wget-timestamp issue]
 	- feh 1.8-1 (low; bug #587205)
 	[lenny] - feh <no-dsa> (Minor issue)
@@ -30,8 +78,8 @@
 	NOT-FOR-US: AneCMS Blog
 CVE-2010-2435 (Weborf HTTP Server 0.12.1 and earlier allows remote attackers to cause ...)
 	- weborf 0.12.2-1
-CVE-2010-2434
-	RESERVED
+CVE-2010-2434 (Buffer overflow in Arcext.dll 2.16.1 and earlier in pon software ...)
+	TODO: check
 CVE-2010-2433 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
 	NOT-FOR-US: IBM WebSphere
 CVE-2010-2432 (The cupsDoAuthentication function in auth.c in the client in CUPS ...)
@@ -3314,8 +3362,8 @@
 	RESERVED
 CVE-2010-1207
 	RESERVED
-CVE-2010-1206
-	RESERVED
+CVE-2010-1206 (The startDocumentLoad function in browser/base/content/browser.js in ...)
+	TODO: check
 CVE-2010-1205
 	RESERVED
 CVE-2010-1204
@@ -5800,8 +5848,7 @@
 	- bozohttpd 20090522-2 (low; bug #566325)
 	[lenny] - bozohttpd <no-dsa> (Minor issue)
 	[etch] - bozohttpd <no-dsa> (Minor issue)
-CVE-2010-2444 [maradns null pointer dereference]
-	RESERVED
+CVE-2010-2444 (parse/Csv2_parse.c in MaraDNS 1.3.03, and other versions before ...)
 	- maradns <unfixed> (low; bug #584587)
 	[lenny] - maradns <no-dsa> (minor issue)
 	[etch] - maradns <not-affected> (vulnerable code introduced in 1.3.03)


