[Secure-testing-commits] r14724 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Fri May 21 21:15:07 UTC 2010
Author: joeyh
Date: 2010-05-21 21:14:47 +0000 (Fri, 21 May 2010)
New Revision: 14724
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-05-21 10:16:14 UTC (rev 14723)
+++ data/CVE/list 2010-05-21 21:14:47 UTC (rev 14724)
@@ -1,3 +1,47 @@
+CVE-2010-2007 (Multiple cross-site request forgery (CSRF) vulnerabilities in LetoDMS ...)
+ TODO: check
+CVE-2010-2006 (Directory traversal vulnerability in op/op.Login.php in LetoDMS ...)
+ TODO: check
+CVE-2010-2005 (Multiple PHP remote file inclusion vulnerabilities in DataLife Engine ...)
+ TODO: check
+CVE-2010-2004 (Stack-based buffer overflow in BS.Global BS.Player 2.51 Build 1022 ...)
+ TODO: check
+CVE-2010-2003 (Cross-site scripting (XSS) vulnerability in misc/get_admin.php in ...)
+ TODO: check
+CVE-2010-2002 (Cross-site scripting (XSS) vulnerability in the Wordfilter module 5.x ...)
+ TODO: check
+CVE-2010-2001 (Cross-site scripting (XSS) vulnerability in the CiviRegister module ...)
+ TODO: check
+CVE-2010-2000 (Cross-site scripting (XSS) vulnerability in the Bibliography (Biblio) ...)
+ TODO: check
+CVE-2010-1999 (Directory traversal vulnerability in scr/soustab.php in OpenMairie ...)
+ TODO: check
+CVE-2010-1998 (Cross-site scripting (XSS) vulnerability in the CCK TableField module ...)
+ TODO: check
+CVE-2010-1997 (Cross-site scripting (XSS) vulnerability in admin/edit.php in Saurus ...)
+ TODO: check
+CVE-2010-1996 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+ TODO: check
+CVE-2010-1995 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+ TODO: check
+CVE-2010-1994 (SQL injection vulnerability in index.php in TomatoCMS before 2.0.5 ...)
+ TODO: check
+CVE-2010-1993 (Opera 9.52 does not properly handle an IFRAME element with a mailto: ...)
+ TODO: check
+CVE-2010-1992 (Google Chrome 1.0.154.48 executes a mail application in situations ...)
+ TODO: check
+CVE-2010-1991 (Microsoft Internet Explorer 6.0.2900.2180, 7, and 8.0.7600.16385 ...)
+ TODO: check
+CVE-2010-1990 (Mozilla Firefox 3.6.x, 3.5.x, 3.0.19, and earlier, and SeaMonkey, ...)
+ TODO: check
+CVE-2010-1989 (Opera 9.52 executes a mail application in situations where an IMG ...)
+ TODO: check
+CVE-2010-1988 (Mozilla Firefox 3.6.3 on Windows XP SP3 allows remote attackers to ...)
+ TODO: check
+CVE-2010-1987 (Mozilla Firefox 3.6.3 on Windows XP SP3 allows remote attackers to ...)
+ TODO: check
+CVE-2010-1986 (Mozilla Firefox 3.6.3 on Windows XP SP3 allows remote attackers to ...)
+ TODO: check
CVE-2010-1985 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
TODO: check
CVE-2010-1984 (Cross-site scripting (XSS) vulnerability in the Taxonomy Breadcrumb ...)
@@ -2122,7 +2166,7 @@
- linux-2.6 2.6.32-12
[lenny] - linux-2.6 <not-affected> (vulnerability introduced in 2.6.30)
CVE-2010-1145
- RESERVED
+ REJECTED
CVE-2010-0751 (The ip_evictor function in ip_fragment.c in libnids 1.24, as used in ...)
- libnids <unfixed> (low; bug #576281)
[lenny] - libnids <no-dsa> (Minor issue)
@@ -2405,8 +2449,8 @@
NOT-FOR-US: IBM DB2 Content Manager Toolkit
CVE-2010-1040 (The "IP address range limitation" function in OpenPNE 1.6 through 1.8, ...)
NOT-FOR-US: OpenPNE
-CVE-2010-1039
- RESERVED
+CVE-2010-1039 (Unspecified vulnerability in NFS/ONCplus B.11.31_09 and earlier on HP ...)
+ TODO: check
CVE-2010-1038 (Unspecified vulnerability in HP System Insight Manager before 6.0 ...)
NOT-FOR-US: HP System Insight Manager
CVE-2010-1037 (Cross-site request forgery (CSRF) vulnerability in HP System Insight ...)
@@ -3334,8 +3378,7 @@
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=523178
NOTE: http://cgit.freedesktop.org/DeviceKit/DeviceKit-disks/commit/?id=62f883c7d38e75d0669c162529062a1e81d00da2
NOTE: http://bugs.freedesktop.org/show_bug.cgi?id=23235
-CVE-2010-0745 [dovecot large header resource consumption/DoS]
- RESERVED
+CVE-2010-0745 (Unspecified vulnerability in Dovecot 1.2.x before 1.2.11 allows remote ...)
- dovecot 1:1.2.11-1 (low)
[lenny] - dovecot <not-affected> (Vulnerable code not present)
[etch] - dovecot <not-affected> (Vulnerable code not present)
More information about the Secure-testing-commits
mailing list