[Secure-testing-commits] r14611 - data/CVE
Kees Cook
kees at alioth.debian.org
Thu May 6 01:12:36 UTC 2010
Author: kees
Date: 2010-05-06 01:12:31 +0000 (Thu, 06 May 2010)
New Revision: 14611
Modified:
data/CVE/list
Log:
NFUs: 31
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-05-05 21:36:38 UTC (rev 14610)
+++ data/CVE/list 2010-05-06 01:12:31 UTC (rev 14611)
@@ -1,7 +1,7 @@
CVE-2010-XXXX [gdomap file disclosure]
- gnustep-base-runtime <unfixed>
[lenny] - gnustep-base-runtime <not-affected> (Not installed setuid root)
- NOTE: http://thread.gmane.org/gmane.comp.lib.gnustep.bugs/12336
+ NOTE: http://thread.gmane.org/gmane.comp.lib.gnustep.bugs/12336
CVE-2010-1723 (Directory traversal vulnerability in the iNetLanka Contact Us Draw ...)
TODO: check
CVE-2010-1722 (Directory traversal vulnerability in the Online Market (com_market) ...)
@@ -125,11 +125,11 @@
CVE-2010-1663 (The Google URL Parsing Library (aka google-url or GURL) in Google ...)
TODO: check
CVE-2010-1662 (Cross-site scripting (XSS) vulnerability in acpmoderate.php in ...)
- TODO: check
+ NOT-FOR-US: PHP-Quick-Arcade
CVE-2010-1661 (Multiple SQL injection vulnerabilities in PHP-Quick-Arcade (PHPQA) ...)
- TODO: check
+ NOT-FOR-US: PHP-Quick-Arcade
CVE-2010-1660 (SQL injection vulnerability in help-details.php in CLScript ...)
- TODO: check
+ NOT-FOR-US: CLScript Classifieds Script
CVE-2010-1659 (Directory traversal vulnerability in the Ultimate Portfolio ...)
NOT-FOR-US: component for Joomla!
CVE-2010-1658 (Directory traversal vulnerability in the Code-Garage NoticeBoard ...)
@@ -141,15 +141,15 @@
CVE-2010-1655 (Cross-site scripting (XSS) vulnerability in User/User_ChkLogin.asp in ...)
NOT-FOR-US: PowerEasy
CVE-2010-1654 (Multiple SQL injection vulnerabilities in system_member_login.php in ...)
- TODO: check
+ NOT-FOR-US: Infocus Real Estate Enterprise Edition
CVE-2010-1653 (Directory traversal vulnerability in graphics.php in the Graphics ...)
- TODO: check
+ NOT-FOR-US: Graphics component for Joomla!
CVE-2010-1652 (Directory traversal vulnerability in the HelpCenter module in Help ...)
- TODO: check
+ NOT-FOR-US: Help Center Live
CVE-2010-1651 (IBM WebSphere Application Server (WAS) 6.1.x before 6.1.0.31 and 7.0.x ...)
- TODO: check
+ NOT-FOR-US: IBM WebSphere Application Server
CVE-2010-1650 (IBM WebSphere Application Server (WAS) 6.0.x before 6.0.2.41, 6.1.x ...)
- TODO: check
+ NOT-FOR-US: IBM WebSphere Application Server
CVE-2010-1649
RESERVED
CVE-2010-1648
@@ -211,45 +211,45 @@
CVE-2010-1620
RESERVED
CVE-2010-1612 (The IBM WebSphere DataPower XML Accelerator XA35, Low Latency ...)
- TODO: check
+ NOT-FOR-US: IBM WebSphere DataPower XML Accelerator
CVE-2010-1611 (Cross-site request forgery (CSRF) vulnerability in AlegroCart 1.1 ...)
- TODO: check
+ NOT-FOR-US: AlegroCart
CVE-2010-1610 (Cross-site request forgery (CSRF) vulnerability in index.php in ...)
- TODO: check
+ NOT-FOR-US: OpenCart
CVE-2010-1609 (Cross-site scripting (XSS) vulnerability in SAP NetWeaver 2004 before ...)
- TODO: check
+ NOT-FOR-US: SAP NetWeaver
CVE-2010-1608 (Stack-based buffer overflow in IBM Lotus Notes 8.5 and 8.5fp1, and ...)
- TODO: check
+ NOT-FOR-US: IBM Lotus Notes
CVE-2010-1607 (Directory traversal vulnerability in wmi.php in the Webmoney Web ...)
- TODO: check
+ NOT-FOR-US: Webmoney Web Merchant Interface component for Joomla!
CVE-2010-1606 (Multiple cross-site scripting (XSS) vulnerabilities in NCT Jobs Portal ...)
- TODO: check
+ NOT-FOR-US: NCT Jobs Portal Script
CVE-2010-1605 (Multiple SQL injection vulnerabilities in isearch.php in NCT Jobs ...)
- TODO: check
+ NOT-FOR-US: NCT Jobs Portal Script
CVE-2010-1604 (Multiple SQL injection vulnerabilities in admin_login.php in NCT Jobs ...)
- TODO: check
+ NOT-FOR-US: NCT Jobs Portal Script
CVE-2010-1603 (Directory traversal vulnerability in the ZiMB Core (aka ZiMBCore or ...)
- TODO: check
+ NOT-FOR-US: ZiMB Core component for Joomla!
CVE-2010-1602 (Directory traversal vulnerability in the ZiMB Comment ...)
- TODO: check
+ NOT-FOR-US: ZiMB Comment component for Joomla!
CVE-2010-1601 (Directory traversal vulnerability in the JA Comment (com_jacomment) ...)
- TODO: check
+ NOT-FOR-US: JA Comment component for Joomla!
CVE-2010-1600 (SQL injection vulnerability in the Media Mall Factory (com_mediamall) ...)
- TODO: check
+ NOT-FOR-US: Media Mall Factory component for Joomla!
CVE-2010-1599 (SQL injection vulnerability in loadorder.php in NKInFoWeb 2.5 and ...)
- TODO: check
+ NOT-FOR-US: NKInFoWeb
CVE-2010-1598 (phpThumb.php in phpThumb() 1.7.9 and possibly other versions, when ...)
- TODO: check
+ NOT-FOR-US: phpThumb()
CVE-2010-1597 (Stack-based buffer overflow in zgtips.dll in ZipGenius 6.3.1.2552 ...)
- TODO: check
+ NOT-FOR-US: ZipGenius
CVE-2009-4834 (lib.php in Zeroboard 4.1 pl7 allows remote attackers to execute ...)
TODO: check
CVE-2009-4833 (MySQL Connector/NET before 6.0.4, when using encryption, does not ...)
- TODO: check
+ NOT-FOR-US: MySQL Connector/NET
CVE-2009-4832 (The dlpcrypt.sys kernel driver 0.1.1.27 in DESlock+ 4.0.2 allows local ...)
- TODO: check
+ NOT-FOR-US: DLPCryptCore
CVE-2009-4831 (Cerulean Studios Trillian 3.1 Basic does not check SSL certificates ...)
- TODO: check
+ NOT-FOR-US: Cerulean Studios Trillian
CVE-2010-1619 (Cross-site scripting (XSS) vulnerability in the ...)
- moodle <undetermined>
TODO: check
@@ -1651,7 +1651,7 @@
CVE-2010-1100 (Integer overflow in Arora allows remote attackers to bypass intended ...)
- arora <not-affected> (Advisory is wrong, URL range is protected by QUrl)
CVE-2010-1099 (Integer overflow in Apple Safari allows remote attackers to bypass ...)
- TODO: check
+ NOT-FOR-US: Apple Safari
CVE-2010-1098 (The ANI parser in Microsoft Windows before 7 on the x86 platform, as ...)
NOT-FOR-US: Microsoft Windows
CVE-2010-1097 (include/userlogin.class.php in DeDeCMS 5.5 GBK, when ...)
@@ -1878,7 +1878,7 @@
CVE-2010-0998
RESERVED
CVE-2010-0997 (Cross-site scripting (XSS) vulnerability in ...)
- TODO: check
+ NOT-FOR-US: e107
CVE-2010-0996 (Unrestricted file upload vulnerability in e107 before 0.7.20 allows ...)
NOT-FOR-US: e107
CVE-2010-0995
@@ -2539,7 +2539,7 @@
CVE-2010-0818
RESERVED
CVE-2010-0817 (Cross-site scripting (XSS) vulnerability in _layouts/help.aspx in ...)
- TODO: check
+ NOT-FOR-US: Microsoft SharePoint Server
CVE-2010-0816
RESERVED
CVE-2010-0815
@@ -2726,7 +2726,7 @@
- texlive-bin <unfixed> (low)
[lenny] - texlive-bin <no-dsa> (minor issue)
CVE-2010-0738 (The JMX-Console web application in JBossAs in Red Hat JBoss Enterprise ...)
- TODO: check
+ NOT-FOR-US: Red Hat JBoss Enterprise Application Platform
CVE-2010-0737
RESERVED
CVE-2010-0736 (Cross-site scripting (XSS) vulnerability in the view_queryform ...)
More information about the Secure-testing-commits
mailing list