[Secure-testing-commits] r14686 - data/CVE

Joey Hess joeyh at alioth.debian.org
Wed May 12 21:14:25 UTC 2010 

Author: joeyh
Date: 2010-05-12 21:14:23 +0000 (Wed, 12 May 2010)
New Revision: 14686

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2010-05-12 17:08:25 UTC (rev 14685)
+++ data/CVE/list	2010-05-12 21:14:23 UTC (rev 14686)
@@ -1,20 +1,115 @@
-CVE-2010-1918 [MOPS-2010-018 EFront ask_chat]
+CVE-2010-1933
+	RESERVED
+CVE-2010-1932
+	RESERVED
+CVE-2010-1931
+	RESERVED
+CVE-2010-1930
+	RESERVED
+CVE-2010-1929
+	RESERVED
+CVE-2010-1919
+	RESERVED
+CVE-2010-1913 (The default configuration of pluginlicense.ini for the ...)
+	TODO: check
+CVE-2010-1912 (The SdcWebSecureBase interface in tgctlcm.dll in Consona Live ...)
+	TODO: check
+CVE-2010-1911 (The site-locking implementation in the SdcWebSecureBase interface in ...)
+	TODO: check
+CVE-2010-1910 (The Forgot Password implementation in Consona Live Assistance, Dynamic ...)
+	TODO: check
+CVE-2010-1909 (Buffer overflow in the RunCmd method in the SdcUser.TgConCtl ActiveX ...)
+	TODO: check
+CVE-2010-1908 (The SdcUser.TgConCtl ActiveX control in tgctlcm.dll in Consona Live ...)
+	TODO: check
+CVE-2010-1907 (The SdcUser.TgConCtl ActiveX control in tgctlcm.dll in Consona Live ...)
+	TODO: check
+CVE-2010-1906 (tgsrv.exe in the Repair Service in Consona Dynamic Agent, Repair ...)
+	TODO: check
+CVE-2010-1905 (Multiple cross-site scripting (XSS) vulnerabilities in Consona Live ...)
+	TODO: check
+CVE-2010-1904
+	RESERVED
+CVE-2010-1903
+	RESERVED
+CVE-2010-1902
+	RESERVED
+CVE-2010-1901
+	RESERVED
+CVE-2010-1900
+	RESERVED
+CVE-2010-1899
+	RESERVED
+CVE-2010-1898
+	RESERVED
+CVE-2010-1897
+	RESERVED
+CVE-2010-1896
+	RESERVED
+CVE-2010-1895
+	RESERVED
+CVE-2010-1894
+	RESERVED
+CVE-2010-1893
+	RESERVED
+CVE-2010-1892
+	RESERVED
+CVE-2010-1891
+	RESERVED
+CVE-2010-1890
+	RESERVED
+CVE-2010-1889
+	RESERVED
+CVE-2010-1888
+	RESERVED
+CVE-2010-1887
+	RESERVED
+CVE-2010-1886
+	RESERVED
+CVE-2010-1885
+	RESERVED
+CVE-2010-1884
+	RESERVED
+CVE-2010-1883
+	RESERVED
+CVE-2010-1882
+	RESERVED
+CVE-2010-1881
+	RESERVED
+CVE-2010-1880
+	RESERVED
+CVE-2010-1879
+	RESERVED
+CVE-2010-1878 (Directory traversal vulnerability in the OrgChart (com_orgchart) ...)
+	TODO: check
+CVE-2010-1877 (SQL injection vulnerability in the JTM Reseller (com_jtm) component ...)
+	TODO: check
+CVE-2010-1876 (SQL injection vulnerability in index.php in AJ Shopping Cart 1.0 ...)
+	TODO: check
+CVE-2010-1875 (Directory traversal vulnerability in the Real Estate Property ...)
+	TODO: check
+CVE-2010-1874 (SQL injection vulnerability in the Real Estate Property ...)
+	TODO: check
+CVE-2010-1873 (SQL injection vulnerability in the Jvehicles (com_jvehicles) component ...)
+	TODO: check
+CVE-2010-1872 (Cross-site scripting (XSS) vulnerability in cPlayer.php in FlashCard ...)
+	TODO: check
+CVE-2010-1918 (SQL injection vulnerability in ask_chat.php in eFront 3.6.2 and ...)
 	NOT-FOR-US: EFront ask_chat
-CVE-2010-1917 [MOPS-2010-021 fnmatch stack exhaustion]
+CVE-2010-1917 (Stack consumption vulnerability in PHP 5.2 through 5.2.13 and 5.3 ...)
 	- php5 <unfixed> (low)
 	[lenny] - php5 <no-dsa> (low)
-CVE-2010-1916 [MOPS-2010-019 xinha config injection]
+CVE-2010-1916 (The dynamic configuration feature in Xinha WYSIWYG editor 0.96 Beta 2 ...)
 	TODO: check the embedded copies
-CVE-2010-1915 [MOPS-2010-017 preg_quote]
+CVE-2010-1915 (The preg_quote function in PHP 5.2 through 5.2.13 and 5.3 through ...)
 	- php5 <unfixed> (unimportant)
-CVE-2010-1914 [MOPS-2010-014,15,16]
+CVE-2010-1914 (The Zend Engine in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows ...)
 	- php5 <unfixed> (unimportant)
 CVE-2010-1871
 	RESERVED
 CVE-2010-1870
 	RESERVED
-CVE-2010-1869 [ghostscript buffer overflow]
-	RESERVED
+CVE-2010-1869 (Stack-based buffer overflow in the parser function in GhostScript 8.70 ...)
 	- ghostscript <undetermined>
 	NOTE: http://www.openwall.com/lists/oss-security/2010/05/11/3
 	TODO: check
@@ -609,8 +704,8 @@
 	RESERVED
 CVE-2010-1621
 	RESERVED
-CVE-2010-1620
-	RESERVED
+CVE-2010-1620 (Integer overflow in the load_iface function in Tools/gdomap.c in ...)
+	TODO: check
 CVE-2010-1612 (The IBM WebSphere DataPower XML Accelerator XA35, Low Latency ...)
 	NOT-FOR-US: IBM WebSphere DataPower XML Accelerator
 CVE-2010-1611 (Cross-site request forgery (CSRF) vulnerability in AlegroCart 1.1 ...)
@@ -1050,8 +1145,8 @@
 	RESERVED
 CVE-2010-1482
 	RESERVED
-CVE-2010-1481
-	RESERVED
+CVE-2010-1481 (Cross-site scripting (XSS) vulnerability in the table feature in ...)
+	TODO: check
 CVE-2010-1480 (SQL injection vulnerability in the RokModule (com_rokmodule) component ...)
 	NOT-FOR-US: component for Joomla!
 CVE-2010-1479 (SQL injection vulnerability in the RokModule (com_rokmodule) component ...)
@@ -1119,15 +1214,13 @@
 	[lenny] - fetchmail <no-dsa> (only vulnerable when run under debug verbosity level)
 	NOTE: http://www.fetchmail.info/fetchmail-SA-2010-02.txt
 	NOTE: http://gitorious.org/fetchmail/fetchmail/commit/ec06293
-CVE-2010-1457 [gdomap file disclosure]
-	RESERVED
+CVE-2010-1457 (Tools/gdomap.c in gdomap in GNUstep Base before 1.20.0 allows local ...)
 	- gnustep-base <unfixed>
 	[lenny] - gnustep-base <not-affected> (Not installed setuid root)
 	NOTE: http://thread.gmane.org/gmane.comp.lib.gnustep.bugs/12336
 CVE-2010-1456
 	RESERVED
-CVE-2010-1455 [DOCSIS wireshark]
-	RESERVED
+CVE-2010-1455 (The DOCSIS dissector in Wireshark 0.9.6 through 1.0.12 and 1.2.0 ...)
 	- wireshark <unfixed> (unimportant)
 	NOTE: Not triggerable remotely
 CVE-2010-1454
@@ -2950,10 +3043,10 @@
 	RESERVED
 CVE-2010-0817 (Cross-site scripting (XSS) vulnerability in _layouts/help.aspx in ...)
 	NOT-FOR-US: Microsoft SharePoint Server
-CVE-2010-0816
-	RESERVED
-CVE-2010-0815
-	RESERVED
+CVE-2010-0816 (Integer overflow in inetcomm.dll in Microsoft Outlook Express 5.5 SP2, ...)
+	TODO: check
+CVE-2010-0815 (VBE6.DLL in Microsoft Office XP SP3, Office 2003 SP3, 2007 Microsoft ...)
+	TODO: check
 CVE-2010-0814
 	RESERVED
 CVE-2010-0813
@@ -3160,8 +3253,8 @@
 CVE-2010-0731 (The gnutls_x509_crt_get_serial function in the GnuTLS library before ...)
 	- gnutls26 <not-affected> (Fixed before initial release)
 	- gnutls13 1.2.1-1
-CVE-2010-0730
-	RESERVED
+CVE-2010-0730 (The MMIO instruction decoder in the Xen hypervisor in the Linux kernel ...)
+	TODO: check
 CVE-2010-0729 (A certain Red Hat patch for the Linux kernel in Red Hat Enterprise ...)
 	- linux-2.6 <not-affected> (vulnerability in redhat-specific patch)
 CVE-2010-0728 (smbd in Samba 3.3.11, 3.4.6, and 3.5.0, when libcap support is ...)

More information about the Secure-testing-commits mailing list