[Secure-testing-commits] r14357 - data/CVE

Joey Hess joeyh at alioth.debian.org
Tue Mar 30 21:14:54 UTC 2010 

Author: joeyh
Date: 2010-03-30 21:14:51 +0000 (Tue, 30 Mar 2010)
New Revision: 14357

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2010-03-30 20:45:16 UTC (rev 14356)
+++ data/CVE/list	2010-03-30 21:14:51 UTC (rev 14357)
@@ -1,3 +1,121 @@
+CVE-2010-1185 (Stack-based buffer overflow in serv.exe in SAP MaxDB 7.4.3.32, and ...)
+	TODO: check
+CVE-2010-1184 (The Microsoft wireless keyboard uses XOR encryption with a key derived ...)
+	TODO: check
+CVE-2010-1183 (Certain patch-installation scripts in Oracle Solaris allow local users ...)
+	TODO: check
+CVE-2010-1182 (Multiple unspecified vulnerabilities in the administrative console in ...)
+	TODO: check
+CVE-2010-1181 (Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers ...)
+	TODO: check
+CVE-2010-1180 (Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers ...)
+	TODO: check
+CVE-2010-1179 (Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers ...)
+	TODO: check
+CVE-2010-1178 (Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers ...)
+	TODO: check
+CVE-2010-1177 (Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers ...)
+	TODO: check
+CVE-2010-1176 (Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers ...)
+	TODO: check
+CVE-2010-1175 (Microsoft Internet Explorer 7.0 on Windows XP and Windows Server 2003 ...)
+	TODO: check
+CVE-2010-1174 (Cisco TFTP Server 1.1 allows remote attackers to cause a denial of ...)
+	TODO: check
+CVE-2010-1173
+	RESERVED
+CVE-2010-1172
+	RESERVED
+CVE-2010-1171
+	RESERVED
+CVE-2010-1170
+	RESERVED
+CVE-2010-1169
+	RESERVED
+CVE-2010-1168
+	RESERVED
+CVE-2010-1167
+	RESERVED
+CVE-2010-1166
+	RESERVED
+CVE-2010-1165
+	RESERVED
+CVE-2010-1164
+	RESERVED
+CVE-2010-1163
+	RESERVED
+CVE-2010-1162
+	RESERVED
+CVE-2010-1161
+	RESERVED
+CVE-2010-1160
+	RESERVED
+CVE-2010-1159
+	RESERVED
+CVE-2010-1158
+	RESERVED
+CVE-2010-1157
+	RESERVED
+CVE-2010-1156
+	RESERVED
+CVE-2010-1155
+	RESERVED
+CVE-2010-1154
+	RESERVED
+CVE-2010-1153
+	RESERVED
+CVE-2010-1152
+	RESERVED
+CVE-2010-1151
+	RESERVED
+CVE-2010-1150
+	RESERVED
+CVE-2010-1149
+	RESERVED
+CVE-2010-1148
+	RESERVED
+CVE-2010-1147
+	RESERVED
+CVE-2010-1146
+	RESERVED
+CVE-2010-1145
+	RESERVED
+CVE-2010-1144
+	RESERVED
+CVE-2010-1143
+	RESERVED
+CVE-2010-1142
+	RESERVED
+CVE-2010-1141
+	RESERVED
+CVE-2010-1140
+	RESERVED
+CVE-2010-1139
+	RESERVED
+CVE-2010-1138
+	RESERVED
+CVE-2010-1137
+	RESERVED
+CVE-2009-4762 (MoinMoin 1.7.x before 1.7.3 and 1.8.x before 1.8.3 checks parent ACLs ...)
+	TODO: check
+CVE-2009-4761 (Stack-based buffer overflow in Mini-stream RM Downloader allows remote ...)
+	TODO: check
+CVE-2009-4760 (Winn ASP Guestbook 1.01 Beta stores sensitive information under the ...)
+	TODO: check
+CVE-2009-4759 (Buffer overflow in BrotherSoft BMXPlay 0.4.4b allows remote attackers ...)
+	TODO: check
+CVE-2009-4758 (Stack-based buffer overflow in dicas Mpegable Player 2.12 allows ...)
+	TODO: check
+CVE-2009-4757 (Stack-based buffer overflow in BrotherSoft EW-MusicPlayer 0.8 allows ...)
+	TODO: check
+CVE-2009-4756 (Stack-based buffer overflow in TraktorBeatport.exe 1.0.0.283 in ...)
+	TODO: check
+CVE-2009-4755 (Multiple stack-based buffer overflows in Mercury Audio Player 1.21 ...)
+	TODO: check
+CVE-2009-4754 (Stack-based buffer overflow in Mercury Audio Player 1.21 allows remote ...)
+	TODO: check
+CVE-2009-4753 (Multiple buffer overflows in the FTP server on the Addonics NAS ...)
+	TODO: check
 CVE-2010-1136 (The Standard Remember method in TikiWiki CMS/Groupware 3.x before 3.5 ...)
 	TODO: check
 CVE-2010-1135 (The user_logout function in TikiWiki CMS/Groupware 4.x before 4.2 does ...)
@@ -445,6 +563,7 @@
 CVE-2007-6733 (The nfs_lock function in fs/nfs/file.c in the Linux kernel 2.6.9 does ...)
 	- linux-2.6 2.6.10-1
 CVE-2010-1195 [ikiwiki htmlscrubber XSS via svg images]
+	{DSA-2020-1}
 	- ikiwiki 3.20100312 (low)
 	[lenny] - ikwiki 2.53.5
 CVE-2010-XXXX [linux-2.6 drbd connector issue]
@@ -577,10 +696,12 @@
 	- spamass-milter 0.3.1-9 (bug #573228)
 	[lenny] - spamass-milter 0.3.1-8+lenny1
 CVE-2010-1189 [mediawiki CSS validation]
+	{DSA-2022-1}
 	- mediawiki 1:1.15.2-1 (low)
 	NOTE: http://lists.wikimedia.org/pipermail/mediawiki-announce/2010-March/000088.html
 	[lenny] - mediawiki 1:1.12.0-2lenny4
 CVE-2010-1190 [mediawiki data leak in thumb.php]
+	{DSA-2022-1}
 	- mediawiki 1:1.15.2-1 (low)
 	[lenny] - mediawiki 1:1.12.0-2lenny4
 	NOTE: http://lists.wikimedia.org/pipermail/mediawiki-announce/2010-March/000088.html
@@ -1922,10 +2043,10 @@
 	NOT-FOR-US: Publique! CMS
 CVE-2010-0453 (The ucode_ioctl function in intel/io/ucode_drv.c in Sun Solaris 10 and ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2010-0452
-	RESERVED
-CVE-2010-0451
-	RESERVED
+CVE-2010-0452 (Multiple cross-site scripting (XSS) vulnerabilities in HP Project and ...)
+	TODO: check
+CVE-2010-0451 (The installation process for NFS/ONCplus B.11.31_08 and earlier on HP ...)
+	TODO: check
 CVE-2010-0450
 	RESERVED
 CVE-2010-0449
@@ -12497,7 +12618,7 @@
 	NOT-FOR-US: Node Access User Reference module for Drupal
 CVE-2009-1506 (SQL injection vulnerability in classes/Xp.php in eLitius 1.0 allows ...)
 	NOT-FOR-US: eLitius
-CVE-2009-1505 (SQL injection vulnerability in News Page 5.x before 5.x-1.2 module, a ...)
+CVE-2009-1505 (SQL injection vulnerability in the News Page module 5.x before 5.x-1.2 ...)
 	NOT-FOR-US: News Page module for Drupal
 CVE-2009-1504 (Absolute Form Processor XE 1.5 allows remote attackers to bypass ...)
 	NOT-FOR-US: Absolute Form Processor XE
@@ -77817,9 +77938,9 @@
 	NOT-FOR-US: Uapplication Uphotogallery
 CVE-2005-1427 (Uapplication Uphotogallery stores the database under the web document ...)
 	NOT-FOR-US: Uapplication Uphotogallery
-CVE-2005-1426 (Uapplication Ublog Reload stores the database under the web document ...)
+CVE-2005-1426 (Uapplication Ublog Reload stores sensitive information under the web ...)
 	NOT-FOR-US: Uapplication Ublog
-CVE-2005-1425 (Uapplication Uguestbook stores the database under the web document ...)
+CVE-2005-1425 (Uapplication Uguestbook 1.0 stores sensitive information under the web ...)
 	NOT-FOR-US: Uapplication Uguestbook
 CVE-2005-1424 (StumbleInside GoText 1.01 stores sensitive username, mail address,and ...)
 	NOT-FOR-US: GoText

More information about the Secure-testing-commits mailing list