[Secure-testing-commits] r14597 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Mon May 3 21:14:23 UTC 2010
Author: joeyh
Date: 2010-05-03 21:14:22 +0000 (Mon, 03 May 2010)
New Revision: 14597
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-05-03 20:40:39 UTC (rev 14596)
+++ data/CVE/list 2010-05-03 21:14:22 UTC (rev 14597)
@@ -1,22 +1,224 @@
-CVE-2010-1619 [MSA-10-0001: Vulnerability in KSES text cleaning]
+CVE-2010-1700
+ RESERVED
+CVE-2010-1699
+ RESERVED
+CVE-2010-1698
+ RESERVED
+CVE-2010-1697
+ RESERVED
+CVE-2010-1696
+ RESERVED
+CVE-2010-1695
+ RESERVED
+CVE-2010-1694
+ RESERVED
+CVE-2010-1693
+ RESERVED
+CVE-2010-1692
+ RESERVED
+CVE-2010-1691
+ RESERVED
+CVE-2010-1690
+ RESERVED
+CVE-2010-1689
+ RESERVED
+CVE-2010-1688
+ RESERVED
+CVE-2010-1687
+ RESERVED
+CVE-2010-1686
+ RESERVED
+CVE-2010-1685
+ RESERVED
+CVE-2010-1684
+ RESERVED
+CVE-2010-1683
+ RESERVED
+CVE-2010-1682
+ RESERVED
+CVE-2010-1681
+ RESERVED
+CVE-2010-1680
+ RESERVED
+CVE-2010-1679
+ RESERVED
+CVE-2010-1678
+ RESERVED
+CVE-2010-1677
+ RESERVED
+CVE-2010-1676
+ RESERVED
+CVE-2010-1675
+ RESERVED
+CVE-2010-1674
+ RESERVED
+CVE-2010-1673
+ RESERVED
+CVE-2010-1672
+ RESERVED
+CVE-2010-1671
+ RESERVED
+CVE-2010-1670
+ RESERVED
+CVE-2010-1669
+ RESERVED
+CVE-2010-1668
+ RESERVED
+CVE-2010-1667
+ RESERVED
+CVE-2010-1666
+ RESERVED
+CVE-2010-1665 (Google Chrome before 4.1.249.1064 does not properly handle fonts, ...)
+ TODO: check
+CVE-2010-1664 (Google Chrome before 4.1.249.1064 does not properly handle HTML5 ...)
+ TODO: check
+CVE-2010-1663 (The Google URL Parsing Library (aka google-url or GURL) in Google ...)
+ TODO: check
+CVE-2010-1662 (Cross-site scripting (XSS) vulnerability in acpmoderate.php in ...)
+ TODO: check
+CVE-2010-1661 (Multiple SQL injection vulnerabilities in PHP-Quick-Arcade (PHPQA) ...)
+ TODO: check
+CVE-2010-1660 (SQL injection vulnerability in help-details.php in CLScript ...)
+ TODO: check
+CVE-2010-1659 (Directory traversal vulnerability in the Ultimate Portfolio ...)
+ TODO: check
+CVE-2010-1658 (Directory traversal vulnerability in the Code-Garage NoticeBoard ...)
+ TODO: check
+CVE-2010-1657 (Directory traversal vulnerability in the SmartSite (com_smartsite) ...)
+ TODO: check
+CVE-2010-1656 (SQL injection vulnerability in the Airiny ABC (com_abc) component ...)
+ TODO: check
+CVE-2010-1655 (Cross-site scripting (XSS) vulnerability in User/User_ChkLogin.asp in ...)
+ TODO: check
+CVE-2010-1654 (Multiple SQL injection vulnerabilities in system_member_login.php in ...)
+ TODO: check
+CVE-2010-1653 (Directory traversal vulnerability in graphics.php in the Graphics ...)
+ TODO: check
+CVE-2010-1652 (Directory traversal vulnerability in the HelpCenter module in Help ...)
+ TODO: check
+CVE-2010-1651 (IBM WebSphere Application Server (WAS) 6.1.x before 6.1.0.31 and 7.0.x ...)
+ TODO: check
+CVE-2010-1650 (IBM WebSphere Application Server (WAS) 6.0.x before 6.0.2.41, 6.1.x ...)
+ TODO: check
+CVE-2010-1649
+ RESERVED
+CVE-2010-1648
+ RESERVED
+CVE-2010-1647
+ RESERVED
+CVE-2010-1646
+ RESERVED
+CVE-2010-1645
+ RESERVED
+CVE-2010-1644
+ RESERVED
+CVE-2010-1643
+ RESERVED
+CVE-2010-1642
+ RESERVED
+CVE-2010-1641
+ RESERVED
+CVE-2010-1640
+ RESERVED
+CVE-2010-1639
+ RESERVED
+CVE-2010-1638
+ RESERVED
+CVE-2010-1637
+ RESERVED
+CVE-2010-1636
+ RESERVED
+CVE-2010-1635
+ RESERVED
+CVE-2010-1634
+ RESERVED
+CVE-2010-1633
+ RESERVED
+CVE-2010-1632
+ RESERVED
+CVE-2010-1631
+ RESERVED
+CVE-2010-1630
+ RESERVED
+CVE-2010-1629
+ RESERVED
+CVE-2010-1628
+ RESERVED
+CVE-2010-1627
+ RESERVED
+CVE-2010-1626
+ RESERVED
+CVE-2010-1625
+ RESERVED
+CVE-2010-1624
+ RESERVED
+CVE-2010-1623
+ RESERVED
+CVE-2010-1622
+ RESERVED
+CVE-2010-1621
+ RESERVED
+CVE-2010-1620
+ RESERVED
+CVE-2010-1612 (The IBM WebSphere DataPower XML Accelerator XA35, Low Latency ...)
+ TODO: check
+CVE-2010-1611 (Cross-site request forgery (CSRF) vulnerability in AlegroCart 1.1 ...)
+ TODO: check
+CVE-2010-1610 (Cross-site request forgery (CSRF) vulnerability in index.php in ...)
+ TODO: check
+CVE-2010-1609 (Cross-site scripting (XSS) vulnerability in SAP NetWeaver 2004 before ...)
+ TODO: check
+CVE-2010-1608 (Stack-based buffer overflow in IBM Lotus Notes 8.5 and 8.5fp1, and ...)
+ TODO: check
+CVE-2010-1607 (Directory traversal vulnerability in wmi.php in the Webmoney Web ...)
+ TODO: check
+CVE-2010-1606 (Multiple cross-site scripting (XSS) vulnerabilities in NCT Jobs Portal ...)
+ TODO: check
+CVE-2010-1605 (Multiple SQL injection vulnerabilities in isearch.php in NCT Jobs ...)
+ TODO: check
+CVE-2010-1604 (Multiple SQL injection vulnerabilities in admin_login.php in NCT Jobs ...)
+ TODO: check
+CVE-2010-1603 (Directory traversal vulnerability in the ZiMB Core (aka ZiMBCore or ...)
+ TODO: check
+CVE-2010-1602 (Directory traversal vulnerability in the ZiMB Comment ...)
+ TODO: check
+CVE-2010-1601 (Directory traversal vulnerability in the JA Comment (com_jacomment) ...)
+ TODO: check
+CVE-2010-1600 (SQL injection vulnerability in the Media Mall Factory (com_mediamall) ...)
+ TODO: check
+CVE-2010-1599 (SQL injection vulnerability in loadorder.php in NKInFoWeb 2.5 and ...)
+ TODO: check
+CVE-2010-1598 (phpThumb.php in phpThumb() 1.7.9 and possibly other versions, when ...)
+ TODO: check
+CVE-2010-1597 (Stack-based buffer overflow in zgtips.dll in ZipGenius 6.3.1.2552 ...)
+ TODO: check
+CVE-2009-4834
+ RESERVED
+CVE-2009-4833 (MySQL Connector/NET before 6.0.4, when using encryption, does not ...)
+ TODO: check
+CVE-2009-4832 (The dlpcrypt.sys kernel driver 0.1.1.27 in DESlock+ 4.0.2 allows local ...)
+ TODO: check
+CVE-2009-4831 (Cerulean Studios Trillian 3.1 Basic does not check SSL certificates ...)
+ TODO: check
+CVE-2010-1619 (Cross-site scripting (XSS) vulnerability in the ...)
- moodle <undetermined>
TODO: check
-CVE-2010-1618 [MSA-10-0002: XSS vulnerabilty in the phpcas module]
+CVE-2010-1618 (Cross-site scripting (XSS) vulnerability in the phpCAS client library ...)
- moodle <undetermined>
TODO: check
-CVE-2010-1617 [MSA-10-0003: Disclosure of full user names]
+CVE-2010-1617 (user/view.php in Moodle 1.8.x before 1.8.12 and 1.9.x before 1.9.8 ...)
- moodle <undetermined>
TODO: check
-CVE-2010-1616 [MSA-10-0004: Improved access control in course restore]
+CVE-2010-1616 (Moodle 1.8.x and 1.9.x before 1.9.8 can create new roles when ...)
- moodle <undetermined>
TODO: check
-CVE-2010-1615 [MSA-10-0006: SQL injection in Wiki module, MSA-10-0005: Incorrect validation of forms data]
+CVE-2010-1615 (Multiple SQL injection vulnerabilities in Moodle 1.8.x before 1.8.12 ...)
- moodle <undetermined>
TODO: check
-CVE-2010-1614 [MSA-10-0008: Persistent XSS when using Login-as feature, MSA-10-0007: Reflective Cross Site Scripting (XSS) in the Moodle Global Search Engine]
+CVE-2010-1614 (Multiple cross-site scripting (XSS) vulnerabilities in Moodle 1.8.x ...)
- moodle <undetermined>
TODO: check
-CVE-2010-1613 [MSA-10-0009: Session fixation prevention now turned on by default]
+CVE-2010-1613 (Moodle 1.8.x and 1.9.x before 1.9.8 does not enable the "Regenerate ...)
- moodle <undetermined>
TODO: check
CVE-2010-1596 (Support Incident Tracker before 3.51, when using LDAP authentication ...)
@@ -1180,8 +1382,7 @@
RESERVED
CVE-2010-1168
RESERVED
-CVE-2010-1166 [xorg remote code execution vulnerability]
- RESERVED
+CVE-2010-1166 (The fbComposite function in fbpict.c in the Render extension in the X ...)
- xorg-server <not-affected> (Xorg in Lenny onwards uses Pixman, which isn't affected)
NOTE: https://rhn.redhat.com/errata/RHSA-2010-0382.html
CVE-2010-1165 (Atlassian JIRA 3.12 through 4.1 allows remote authenticated ...)
@@ -2285,8 +2486,8 @@
RESERVED
CVE-2010-0818
RESERVED
-CVE-2010-0817
- RESERVED
+CVE-2010-0817 (Cross-site scripting (XSS) vulnerability in _layouts/help.aspx in ...)
+ TODO: check
CVE-2010-0816
RESERVED
CVE-2010-0815
@@ -55216,9 +55417,9 @@
CVE-2006-5482 (ufs_vnops.c in FreeBSD 6.1 allows local users to cause an unspecified ...)
- kfreebsd-5 <unfixed> (low)
[etch] - kfreebsd-5 <no-dsa> (no security support for freebsd)
-CVE-2006-5481 (Multiple PHP remote file inclusion vulnerabilities in Castor 1.1.1 ...)
+CVE-2006-5481 (Multiple PHP remote file inclusion vulnerabilities in 2le.net Castor ...)
NOT-FOR-US: Castor
-CVE-2006-5480 (PHP remote file inclusion vulnerability in lib/rs.php in Castor 1.1.1 ...)
+CVE-2006-5480 (PHP remote file inclusion vulnerability in lib/rs.php in 2le.net ...)
NOT-FOR-US: Castor
CVE-2006-5479 (The NCP Engine in Novell eDirectory before 8.7.3.8 FTF1 allows remote ...)
NOT-FOR-US: Novell eDirectory
More information about the Secure-testing-commits
mailing list