[Secure-testing-commits] r15370 - data/CVE

[Joey Hess]

Author: joeyh
Date: 2010-09-23 21:14:38 +0000 (Thu, 23 Sep 2010)
New Revision: 15370

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2010-09-23 16:46:04 UTC (rev 15369)
+++ data/CVE/list	2010-09-23 21:14:38 UTC (rev 15370)
@@ -1,3 +1,23 @@
+CVE-2010-3489 (Cross-site scripting (XSS) vulnerability in ...)
+	TODO: check
+CVE-2010-3488 (Directory traversal vulnerability in QuickShare 1.0 allows remote ...)
+	TODO: check
+CVE-2010-3487 (Directory traversal vulnerability in YelloSoft Pinky 1.0 for Windows ...)
+	TODO: check
+CVE-2010-3486 (Directory traversal vulnerability in FileStorageUpload.ashx in ...)
+	TODO: check
+CVE-2010-3483 (cms_write.php in Primitive CMS 1.0.9 does not properly restrict ...)
+	TODO: check
+CVE-2010-3482 (Multiple SQL injection vulnerabilities in cms_write.php in Primitive ...)
+	TODO: check
+CVE-2010-3481 (Multiple SQL injection vulnerabilities in login.php in ApPHP PHP ...)
+	TODO: check
+CVE-2010-3480 (Directory traversal vulnerability in index.php in ApPHP PHP MicroCMS ...)
+	TODO: check
+CVE-2010-3479 (SQL injection vulnerability in list.php in BoutikOne 1.0 allows remote ...)
+	TODO: check
+CVE-2009-5003 (SQL injection vulnerability in click.php in e-soft24 Banner Exchange ...)
+	TODO: check
 CVE-2010-3478
 	RESERVED
 CVE-2010-3477 (The tcf_act_police_dump function in net/sched/act_police.c in the ...)
@@ -558,8 +578,8 @@
 	RESERVED
 CVE-2010-3333
 	RESERVED
-CVE-2010-3332
-	RESERVED
+CVE-2010-3332 (Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5, 3.5 SP1, ...)
+	TODO: check
 CVE-2010-3331
 	RESERVED
 CVE-2010-3330
@@ -594,10 +614,10 @@
 	RESERVED
 CVE-2010-3315
 	RESERVED
-CVE-2010-3314
-	RESERVED
-CVE-2010-3313
-	RESERVED
+CVE-2010-3314 (Cross-site scripting (XSS) vulnerability in login.php in EGroupware ...)
+	TODO: check
+CVE-2010-3313 (phpgwapi/js/fckeditor/editor/dialog/fck_spellerpages/spellerpages/serverscripts/spellchecker.php ...)
+	TODO: check
 CVE-2010-3312
 	RESERVED
 CVE-2010-3311
@@ -626,8 +646,7 @@
 	NOTE: http://www.mantisbt.org/bugs/changelog_page.php?version_id=111
 CVE-2010-3302
 	RESERVED
-CVE-2010-3301 [IA32 System Call Entry Point Vulnerability]
-	RESERVED
+CVE-2010-3301 (The IA32 system call emulation functionality in ...)
 	- linux-2.6 2.6.32-23 
 	[lenny] - linux-2.6 <not-affected> (vulnerability introduced in 2.6.27)
 CVE-2010-3300
@@ -2072,10 +2091,10 @@
 	NOT-FOR-US: SPirate
 CVE-2009-4936 (Multiple SQL injection vulnerabilities in Small Pirate (SPirate) 2.1 ...)
 	NOT-FOR-US: SPirate
-CVE-2010-3484 [mapserver: buffer overflow in msTmpFile()]
+CVE-2010-3484 (SQL injection vulnerability in common.php in LightNEasy 3.2.1 allows ...)
 	- mapserver 5.6.4-1 (low)
 	[lenny] - mapserver <no-dsa> (Minor issue)
-CVE-2010-3485 [mapserver: insecure mapserv cgi command-line debug args]
+CVE-2010-3485 (SQL injection vulnerability in common.php in LightNEasy 3.2.1 allows ...)
 	- mapserver 5.6.4-1 (low)
 	[lenny] - mapserver <no-dsa> (Minor issue)
 CVE-2010-2770 (Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird ...)