aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorStefan Behte <craig@gentoo.org>2010-12-11 17:59:20 +0000
committerStefan Behte <craig@gentoo.org>2010-12-11 17:59:20 +0000
commit63c603c81defbc71ed4631268e0f7d9bb9b47776 (patch)
tree56f400338caa459e0e96bb0e34fecc41570c53ea /data/CVE/list
parentMITRE sync (diff)
downloadsecurity-63c603c81defbc71ed4631268e0f7d9bb9b47776.tar.gz
security-63c603c81defbc71ed4631268e0f7d9bb9b47776.tar.bz2
security-63c603c81defbc71ed4631268e0f7d9bb9b47776.zip
nfu
svn path=/; revision=2217
Diffstat (limited to 'data/CVE/list')
-rw-r--r--data/CVE/list822
1 files changed, 411 insertions, 411 deletions
diff --git a/data/CVE/list b/data/CVE/list
index c7916e6..e0f8065 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -47341,7 +47341,7 @@ CVE-2006-7238 (Cross-site scripting (XSS) vulnerability in MyShoutPro before 1.2
CVE-2006-7239 (The _gnutls_x509_oid2mac_algorithm function in lib/gnutls_algorithms.c ...)
NOT-FOR-US: Obsolete
CVE-2006-7240 (gnome-power-manager 2.14.0 does not properly implement the ...)
- TODO: check
+ NOT-FOR-US: age old version
CVE-2006-7241 (The Image Viewer component in IBM FileNet P8 Application Engine (P8AE) ...)
NOT-FOR-US: ibm filenet_p8_application_engine
CVE-2006-7242 (The Workplace (aka WP) component in IBM FileNet P8 Application Engine ...)
@@ -75589,13 +75589,13 @@ CVE-2008-7264 (The ftp_QUIT function in ftpserver.py in pyftpdlib before 0.5.0 a
CVE-2008-7265 (The pr_data_xfer function in ProFTPD before 1.3.2rc3 allows remote ...)
TODO: check
CVE-2008-7266 (Cross-site scripting (XSS) vulnerability in an unspecified Shockwave ...)
- TODO: check
+ NOT-FOR-US: rsa adaptive_authentication
CVE-2008-7267 (SQL injection vulnerability in announcements.php in SiteEngine 5.x ...)
- TODO: check
+ NOT-FOR-US: boka siteengine
CVE-2008-7268 (The phpinfo function in SiteEngine 5.x allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: boka siteengine
CVE-2008-7269 (Open redirect vulnerability in api.php in SiteEngine 5.x allows ...)
- TODO: check
+ NOT-FOR-US: boka siteengine
CVE-2008-7270 (OpenSSL before 0.9.8j, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is ...)
TODO: check
CVE-2009-0001 (Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote ...)
@@ -85693,11 +85693,11 @@ CVE-2009-5017 (Mozilla Firefox before 3.6 Beta 3 does not properly handle overlo
CVE-2009-5018
RESERVED
CVE-2009-5019 (Web Wiz NewsPad stores sensitive information under the web root with ...)
- TODO: check
+ NOT-FOR-US: webwiz web_wiz_newspad
CVE-2009-5020 (Open redirect vulnerability in awredir.pl in AWStats before 6.95 ...)
TODO: check
CVE-2009-5021 (Cobbler before 1.6.1 does not properly determine whether an ...)
- TODO: check
+ NOT-FOR-US: cobbler
CVE-2009-5022
RESERVED
CVE-2009-5023
@@ -85941,9 +85941,9 @@ CVE-2010-0110
CVE-2010-0111
RESERVED
CVE-2010-0112 (Multiple SQL injection vulnerabilities in the Administrative Interface ...)
- TODO: check
+ NOT-FOR-US: symantec im_manager
CVE-2010-0113 (The Symantec Norton Mobile Security application 1.0 Beta for Android ...)
- TODO: check
+ NOT-FOR-US: symantec mobile_security
CVE-2010-0114
RESERVED
CVE-2010-0115
@@ -86176,7 +86176,7 @@ CVE-2010-0217
CVE-2010-0218 (ISC BIND 9.7.2 through 9.7.2-P1 uses an incorrect ACL to restrict the ...)
NOT-FOR-US: We only have 9.7.2_p2, and it's still unstable.
CVE-2010-0219 (Apache Axis2, as used in dswsbobje.war in SAP BusinessObjects ...)
- TODO: check
+ NOT-FOR-US: sap businessobjects
CVE-2010-0220 (The nsObserverList::FillObserverArray function in ...)
BUG: 312679
CVE-2010-0221 (Kingston DataTraveler BlackBox (DTBB), DataTraveler Secure Privacy ...)
@@ -86798,7 +86798,7 @@ CVE-2010-0528 (Apple QuickTime before 7.6.6 on Windows allows remote attackers t
CVE-2010-0529 (Heap-based buffer overflow in QuickTime.qts in Apple QuickTime before ...)
NOT-FOR-US: apple quicktime
CVE-2010-0530 (Apple QuickTime before 7.6.9 on Windows sets weak permissions for the ...)
- TODO: check
+ NOT-FOR-US: apple quicktime
CVE-2010-0531 (Apple iTunes before 9.1 allows remote attackers to cause a denial of ...)
NOT-FOR-US: apple itunes
CVE-2010-0532 (Race condition in the installation package in Apple iTunes before 9.1 ...)
@@ -87302,15 +87302,15 @@ CVE-2010-0780
CVE-2010-0781 (Unspecified vulnerability in the administrative console in IBM ...)
NOT-FOR-US: ibm websphere_application_server
CVE-2010-0782 (IBM WebSphere MQ 6.x before 6.0.2.10 and 7.x before 7.0.1.3 allows ...)
- TODO: check
+ NOT-FOR-US: ibm websphere_mq
CVE-2010-0783 (Cross-site scripting (XSS) vulnerability in the Administrative Console ...)
- TODO: check
+ NOT-FOR-US: ibm websphere_application_server
CVE-2010-0784 (Cross-site scripting (XSS) vulnerability in the Administrative Console ...)
- TODO: check
+ NOT-FOR-US: ibm websphere_application_server
CVE-2010-0785 (Cross-site request forgery (CSRF) vulnerability in the Administrative ...)
- TODO: check
+ NOT-FOR-US: ibm websphere_application_server
CVE-2010-0786 (The Web Services Security component in IBM WebSphere Application ...)
- TODO: check
+ NOT-FOR-US: ibm websphere_application_server
CVE-2010-0787 (client/mount.cifs.c in mount.cifs in smbfs in Samba 3.0.22, 3.0.28a, ...)
BUG: 308067
CVE-2010-0788 (ncpfs 2.2.6 allows local users to cause a denial of service, obtain ...)
@@ -88785,7 +88785,7 @@ CVE-2010-1521 (SQL injection vulnerability in include/classes/tzn_user.php in ..
CVE-2010-1522 (Multiple SQL injection vulnerabilities in the BookLibrary Basic ...)
NOT-FOR-US: ordasoft com_booklibrary
CVE-2010-1523 (Multiple heap-based buffer overflows in vp6.w5s (aka the VP6 codec) in ...)
- TODO: check
+ NOT-FOR-US: nullsoft winamp
CVE-2010-1524 (The SpreadSheet Lotus 123 reader (wkssr.dll) in Autonomy KeyView 10.4 ...)
NOT-FOR-US: autonomy keyview_viewer_sdk
CVE-2010-1525 (Integer underflow in the SpreadSheet Lotus 123 reader (wkssr.dll) in ...)
@@ -89126,7 +89126,7 @@ CVE-2010-1691
CVE-2010-1692
RESERVED
CVE-2010-1693 (openibd in OpenFabrics Enterprise Distribution (OFED) 1.5.2 allows ...)
- TODO: check
+ NOT-FOR-US: openfabrics enterprise_distribution
CVE-2010-1694
RESERVED
CVE-2010-1695
@@ -89398,45 +89398,45 @@ CVE-2010-1826
CVE-2010-1827
RESERVED
CVE-2010-1828 (AFP Server in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-1829 (Directory traversal vulnerability in AFP Server in Apple Mac OS X ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-1830 (AFP Server in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 generates ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-1831 (Buffer overflow in Apple Type Services (ATS) in Apple Mac OS X 10.5.8 ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-1832 (Stack-based buffer overflow in Apple Type Services (ATS) in Apple Mac ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-1833 (Apple Type Services (ATS) in Apple Mac OS X 10.6.x before 10.6.5 ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-1834 (CFNetwork in Apple Mac OS X 10.6.x before 10.6.5 does not properly ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-1835
RESERVED
CVE-2010-1836 (Stack-based buffer overflow in CoreGraphics in Apple Mac OS X 10.5.8 ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-1837 (CoreText in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-1838 (Directory Services in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-1839
RESERVED
CVE-2010-1840 (Stack-based buffer overflow in the password-validation functionality ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-1841 (Disk Images in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-1842 (Buffer overflow in AppKit in Apple Mac OS X 10.6.x before 10.6.5 ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-1843 (Networking in Apple Mac OS X 10.6.2 through 10.6.4 allows remote ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-1844 (Unspecified vulnerability in Image Capture in Apple Mac OS X 10.6.x ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-1845 (ImageIO in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-1846 (Heap-based buffer overflow in Image RAW in Apple Mac OS X 10.5.8 and ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-1847 (The kernel in Apple Mac OS X 10.6.x before 10.6.5 does not properly ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-1848 (Directory traversal vulnerability in MySQL 5.0 through 5.0.91 and 5.1 ...)
BUG: 321791
CVE-2010-1849 (The my_net_skip_rest function in sql/net_serv.cc in MySQL 5.0 through ...)
@@ -90214,7 +90214,7 @@ CVE-2010-2233 (tif_getimage.c in LibTIFF 3.9.0 and 3.9.2 on 64-bit platforms, as
CVE-2010-2234 (Cross-site request forgery (CSRF) vulnerability in Apache CouchDB ...)
BUG: 335881
CVE-2010-2235 (template_api.py in Cobbler before 2.0.7, as used in Red Hat Network ...)
- TODO: check
+ NOT-FOR-US: michael_dehaan cobbler
CVE-2010-2236
RESERVED
CVE-2010-2237 (Red Hat libvirt, possibly 0.6.1 through 0.8.2, looks up disk backing ...)
@@ -90480,11 +90480,11 @@ CVE-2010-2365 (Cross-site scripting (XSS) vulnerability in Free CGI Moo moobbs2
CVE-2010-2366 (Cross-site scripting (XSS) vulnerability in futomi CGI Cafe Access ...)
NOT-FOR-US: futomi access_analyzer_cgi
CVE-2010-2367 (Cross-site scripting (XSS) vulnerability in search.cgi in AD-EDIT2 ...)
- TODO: check
+ NOT-FOR-US: norenz ad edit2
CVE-2010-2368 (Untrusted search path vulnerability in Lhaplus before 1.58 allows ...)
- TODO: check
+ NOT-FOR-US: lhaplus
CVE-2010-2369 (Untrusted search path vulnerability in Lhasa 0.19 and earlier allows ...)
- TODO: check
+ NOT-FOR-US: susie_ro lhasa
CVE-2010-2370 (Unspecified vulnerability in the Oracle Business Process Management ...)
NOT-FOR-US: oracle fusion_middleware
CVE-2010-2371 (Unspecified vulnerability in the Oracle Transportation Management ...)
@@ -90522,13 +90522,13 @@ CVE-2010-2386 (Unspecified vulnerability in Oracle Solaris 8, 9, and 10, and ...
CVE-2010-2387
RESERVED
CVE-2010-2388 (Unspecified vulnerability in the Oracle Applications Manager component ...)
- TODO: check
+ NOT-FOR-US: oracle e business_suite
CVE-2010-2389 (Unspecified vulnerability in the Perl component in Oracle Database ...)
- TODO: check
+ NOT-FOR-US: oracle fusion_middleware
CVE-2010-2390 (Unspecified vulnerability in the Database Control component in EM ...)
- TODO: check
+ NOT-FOR-US: oracle fusion_middleware
CVE-2010-2391 (Unspecified vulnerability in the Core RDBMS component in Oracle ...)
- TODO: check
+ NOT-FOR-US: oracle database_server
CVE-2010-2392 (Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows ...)
NOT-FOR-US: oracle solaris
CVE-2010-2393 (Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows ...)
@@ -90536,9 +90536,9 @@ CVE-2010-2393 (Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris al
CVE-2010-2394 (Unspecified vulnerability in Oracle Solaris 10 allows local users to ...)
NOT-FOR-US: oracle solaris
CVE-2010-2395 (Unspecified vulnerability in the Cabo/UIX component in Oracle Fusion ...)
- TODO: check
+ NOT-FOR-US: oracle fusion_middleware
CVE-2010-2396 (Unspecified vulnerability in the Forms component in Oracle Fusion ...)
- TODO: check
+ NOT-FOR-US: oracle fusion_middleware
CVE-2010-2397 (Unspecified vulnerability in Oracle Sun Java System Application Server ...)
NOT-FOR-US: oracle sun_glassfish_enterprise_server
CVE-2010-2398 (Unspecified vulnerability in the PeopleSoft Enterprise HCM component ...)
@@ -90554,37 +90554,37 @@ CVE-2010-2402 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTool
CVE-2010-2403 (Unspecified vulnerability in the PeopleSoft Enterprise Campus ...)
NOT-FOR-US: oracle peoplesoft_and_jdedwards_suite_campus_solutions
CVE-2010-2404 (Unspecified vulnerability in the Oracle iRecruitment component in ...)
- TODO: check
+ NOT-FOR-US: oracle e business_suite
CVE-2010-2405 (Unspecified vulnerability in the Siebel Core - Highly Interactive ...)
- TODO: check
+ NOT-FOR-US: oracle siebel_suite
CVE-2010-2406 (Unspecified vulnerability in the Siebel Core - Highly Interactive ...)
- TODO: check
+ NOT-FOR-US: oracle siebel_suite
CVE-2010-2407 (Unspecified vulnerability in the XDK component in Oracle Database ...)
- TODO: check
+ NOT-FOR-US: oracle database_server
CVE-2010-2408 (Unspecified vulnerability in the Oracle iRecruitment component in ...)
- TODO: check
+ NOT-FOR-US: oracle e business_suite
CVE-2010-2409 (Unspecified vulnerability in the Cabo/UIX component in Oracle Fusion ...)
- TODO: check
+ NOT-FOR-US: oracle fusion_middleware
CVE-2010-2410 (Unspecified vulnerability in the Cabo/UIX component in Oracle Fusion ...)
- TODO: check
+ NOT-FOR-US: oracle fusion_middleware
CVE-2010-2411 (Unspecified vulnerability in the Job Queue component in Oracle ...)
- TODO: check
+ NOT-FOR-US: oracle database_server
CVE-2010-2412 (Unspecified vulnerability in the OLAP component in Oracle Database ...)
- TODO: check
+ NOT-FOR-US: oracle database_server
CVE-2010-2413 (Unspecified vulnerability in the BI Publisher component in Oracle ...)
- TODO: check
+ NOT-FOR-US: oracle fusion_middleware
CVE-2010-2414 (Unspecified vulnerability in the (1) Sun Convergence 1 and (2) Sun ...)
TODO: check
CVE-2010-2415 (Unspecified vulnerability in the Change Data Capture component in ...)
- TODO: check
+ NOT-FOR-US: oracle database_server
CVE-2010-2416 (Unspecified vulnerability in the Oracle E-Business Intelligence ...)
- TODO: check
+ NOT-FOR-US: oracle e business_suite
CVE-2010-2417 (Unspecified vulnerability in the Agile PLM component in Oracle Supply ...)
- TODO: check
+ NOT-FOR-US: oracle supply_chain_products_suite
CVE-2010-2418 (Unspecified vulnerability in the Oracle Territory Management component ...)
- TODO: check
+ NOT-FOR-US: oracle e business_suite
CVE-2010-2419 (Unspecified vulnerability in the Java Virtual Machine component in ...)
- TODO: check
+ NOT-FOR-US: oracle database_server
CVE-2010-2420 (Multiple unspecified vulnerabilities in Fenrir Inc. ActiveGeckoBrowser ...)
NOT-FOR-US: fenrir inc activegeckobrowser
CVE-2010-2421 (Multiple unspecified vulnerabilities in Opera before 10.54 have ...)
@@ -90700,7 +90700,7 @@ CVE-2010-2475
CVE-2010-2476
RESERVED
CVE-2010-2477 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
- TODO: check
+ NOT-FOR-US: pythonpaste paste
CVE-2010-2478 (Integer overflow in the ethtool_get_rxnfc function in ...)
TODO: check
CVE-2010-2479 (Cross-site scripting (XSS) vulnerability in HTML Purifier before ...)
@@ -90806,7 +90806,7 @@ CVE-2010-2528 (The clientautoresp function in family_icbm.c in the oscar protoco
CVE-2010-2529 (Unspecified vulnerability in ping.c in iputils 20020927, 20070202, ...)
BUG: 332527
CVE-2010-2530 (Multiple integer signedness errors in smb_subr.c in the netsmb module ...)
- TODO: check
+ NOT-FOR-US: netbsd
CVE-2010-2531 (The var_export function in PHP 5.2 before 5.2.14 and 5.3 before 5.3.3 ...)
BUG: 332039
CVE-2010-2532 (** DISPUTED ** ...)
@@ -90816,7 +90816,7 @@ CVE-2010-2533
CVE-2010-2534 (The NetworkSyncCommandQueue function in network/network_command.cpp in ...)
BUG: 320955
CVE-2010-2535 (Multiple cross-site scripting (XSS) vulnerabilities in the Back End in ...)
- TODO: check
+ NOT-FOR-US: joomla
CVE-2010-2536 (Multiple cross-site scripting (XSS) vulnerabilities in rekonq 0.5 and ...)
BUG: 332069
CVE-2010-2537 (The btrfs_ioctl_clone function in fs/btrfs/ioctl.c in the Linux kernel ...)
@@ -90890,9 +90890,9 @@ CVE-2010-2570
CVE-2010-2571
RESERVED
CVE-2010-2572 (Buffer overflow in Microsoft PowerPoint 2002 SP3 and 2003 SP3 allows ...)
- TODO: check
+ NOT-FOR-US: microsoft powerpoint
CVE-2010-2573 (Integer underflow in Microsoft PowerPoint 2002 SP3 and 2003 SP3, ...)
- TODO: check
+ NOT-FOR-US: microsoft powerpoint_viewer
CVE-2010-2574 (Cross-site scripting (XSS) vulnerability in manage_proj_cat_add.php in ...)
BUG: 335850
CVE-2010-2575 (Heap-based buffer overflow in the RLE decompression functionality in ...)
@@ -90902,23 +90902,23 @@ CVE-2010-2576 (Opera before 10.61 does not properly suppress clicks on download
CVE-2010-2577 (Multiple SQL injection vulnerabilities in Pligg before 1.1.1 allow ...)
NOT-FOR-US: pligg
CVE-2010-2578 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...)
- TODO: check
+ NOT-FOR-US: realnetworks realplayer_sp
CVE-2010-2579
RESERVED
CVE-2010-2580 (The SMTP service (MESMTPC.exe) in MailEnable 3.x and 4.25 does not ...)
NOT-FOR-US: mailenable
CVE-2010-2581 (dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows remote ...)
- TODO: check
+ NOT-FOR-US: adobe shockwave_player
CVE-2010-2582 (An unspecified function in TextXtra.x32 in Adobe Shockwave Player ...)
- TODO: check
+ NOT-FOR-US: adobe shockwave_player
CVE-2010-2583 (Stack-based buffer overflow in SonicWALL SSL-VPN End-Point ...)
- TODO: check
+ NOT-FOR-US: sonicwall ssl vpn_end point_interrogator installer_activex_control
CVE-2010-2584 (The Upload method in the RealPage Module Upload ActiveX control in ...)
- TODO: check
+ NOT-FOR-US: realpage module_activex_controls
CVE-2010-2585 (Multiple buffer overflows in the RealPage Module Upload ActiveX ...)
- TODO: check
+ NOT-FOR-US: realpage module_activex_control
CVE-2010-2586 (Multiple integer overflows in in_nsv.dll in the in_nsv plugin in ...)
- TODO: check
+ NOT-FOR-US: nullsoft winamp
CVE-2010-2587
RESERVED
CVE-2010-2588
@@ -91016,15 +91016,15 @@ CVE-2010-2633 (Unspecified vulnerability in EMC Disk Library (EDL) before 3.2.7,
CVE-2010-2634 (RSA enVision before 3.7 SP1 allows remote authenticated users to cause ...)
NOT-FOR-US: rsa envision
CVE-2010-2635 (SQL injection vulnerability in IBM WebSphere Commerce 6.0 before ...)
- TODO: check
+ NOT-FOR-US: ibm websphere_commerce
CVE-2010-2636 (Multiple cross-site scripting (XSS) vulnerabilities in sample store ...)
- TODO: check
+ NOT-FOR-US: ibm websphere_commerce
CVE-2010-2637 (IBM WebSphere MQ 6.0 before 6.0.2.9 and 7.0 before 7.0.1.1 does not ...)
- TODO: check
+ NOT-FOR-US: ibm websphere_mq
CVE-2010-2638 (Unspecified vulnerability in IBM WebSphere MQ 7.0 before 7.0.1.5 ...)
- TODO: check
+ NOT-FOR-US: ibm websphere_mq
CVE-2010-2639 (IBM WebSphere Commerce Enterprise 7.0 before 7.0.0.2 allows remote ...)
- TODO: check
+ NOT-FOR-US: ibm websphere_commerce
CVE-2010-2640
RESERVED
CVE-2010-2641
@@ -91210,11 +91210,11 @@ CVE-2010-2730 (Buffer overflow in Microsoft Internet Information Services (IIS)
CVE-2010-2731 (Unspecified vulnerability in Microsoft Internet Information Services ...)
NOT-FOR-US: microsoft iis
CVE-2010-2732 (Open redirect vulnerability in the web interface in Microsoft ...)
- TODO: check
+ NOT-FOR-US: microsoft forefront_unified_access_gateway
CVE-2010-2733 (Cross-site scripting (XSS) vulnerability in the Web Monitor in ...)
- TODO: check
+ NOT-FOR-US: microsoft forefront_unified_access_gateway
CVE-2010-2734 (Cross-site scripting (XSS) vulnerability in the mobile portal in ...)
- TODO: check
+ NOT-FOR-US: microsoft forefront_unified_access_gateway
CVE-2010-2735
RESERVED
CVE-2010-2736
@@ -91226,27 +91226,27 @@ CVE-2010-2738 (The Uniscribe (aka new Unicode Script Processor) implementation i
CVE-2010-2739 (Buffer overflow in the CreateDIBPalette function in win32k.sys in ...)
NOT-FOR-US: microsoft windows_xp
CVE-2010-2740 (The OpenType Font (OTF) format driver in Microsoft Windows XP SP2 and ...)
- TODO: check
+ NOT-FOR-US: microsoft windows_xp
CVE-2010-2741 (The OpenType Font (OTF) format driver in Microsoft Windows XP SP2 and ...)
- TODO: check
+ NOT-FOR-US: microsoft windows_xp
CVE-2010-2742
RESERVED
CVE-2010-2743
RESERVED
CVE-2010-2744 (The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows ...)
- TODO: check
+ NOT-FOR-US: microsoft windows_xp
CVE-2010-2745 (Microsoft Windows Media Player (WMP) 9 through 12 does not properly ...)
- TODO: check
+ NOT-FOR-US: microsoft windows_media_player
CVE-2010-2746 (Heap-based buffer overflow in Comctl32.dll (aka the common control ...)
- TODO: check
+ NOT-FOR-US: microsoft windows_xp
CVE-2010-2747 (Microsoft Word 2002 SP3 and Office 2004 for Mac do not properly handle ...)
- TODO: check
+ NOT-FOR-US: microsoft word
CVE-2010-2748 (Microsoft Word 2002 SP3 and Office 2004 for Mac do not properly check ...)
- TODO: check
+ NOT-FOR-US: microsoft word
CVE-2010-2749
RESERVED
CVE-2010-2750 (Array index error in Microsoft Word 2002 SP3 and Office 2004 for Mac ...)
- TODO: check
+ NOT-FOR-US: microsoft word
CVE-2010-2751 (The nsDocShell::OnRedirectStateChange function in ...)
TODO: check
CVE-2010-2752 (Integer overflow in an array class in Mozilla Firefox 3.5.x before ...)
@@ -91340,7 +91340,7 @@ CVE-2010-2795 (phpCAS before 1.1.2 allows remote authenticated users to hijack .
CVE-2010-2796 (Cross-site scripting (XSS) vulnerability in phpCAS before 1.1.2, when ...)
NOT-FOR-US: phpCAS
CVE-2010-2797 (Directory traversal vulnerability in lib/translation.functions.php in ...)
- TODO: check
+ NOT-FOR-US: cmsmadesimple cms_made_simple
CVE-2010-2798 (The gfs2_dirent_find_space function in fs/gfs2/dir.c in the Linux ...)
TODO: check
CVE-2010-2799 (Stack-based buffer overflow in the nestlex function in nestlex.c in ...)
@@ -91516,9 +91516,9 @@ CVE-2010-2883 (Stack-based buffer overflow in CoolType.dll in Adobe Reader and .
CVE-2010-2884 (Adobe Flash Player 10.1.82.76 and earlier on Windows, Mac OS X, Linux, ...)
BUG: 337204
CVE-2010-2885 (Cross-site scripting (XSS) vulnerability in Adobe RoboHelp 7 and 8, ...)
- TODO: check
+ NOT-FOR-US: adobe robohelp_server
CVE-2010-2886 (Multiple cross-site scripting (XSS) vulnerabilities in Adobe RoboHelp ...)
- TODO: check
+ NOT-FOR-US: adobe robohelp_server
CVE-2010-2887 (Multiple unspecified vulnerabilities in Adobe Reader and Acrobat 9.x ...)
TODO: check
CVE-2010-2888 (Multiple unspecified vulnerabilities in an ActiveX control in Adobe ...)
@@ -91530,7 +91530,7 @@ CVE-2010-2890 (Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on
CVE-2010-2891 (Buffer overflow in the smiGetNode function in lib/smi.c in libsmi ...)
TODO: check
CVE-2010-2892 (gsb/drivers.php in LANDesk Management Gateway 4.0 through 4.0-1.48 and ...)
- TODO: check
+ NOT-FOR-US: landesk management_gateway
CVE-2010-2893
RESERVED
CVE-2010-2894
@@ -91743,7 +91743,7 @@ CVE-2010-2996 (Array index error in RealNetworks RealPlayer 11.0 through 11.1 on
CVE-2010-2997
RESERVED
CVE-2010-2998 (Array index error in RealNetworks RealPlayer 11.0 through 11.1 and ...)
- TODO: check
+ NOT-FOR-US: realnetworks realplayer_sp
CVE-2010-2999
RESERVED
CVE-2010-3000 (Multiple integer overflows in the ParseKnownType function in ...)
@@ -91822,13 +91822,13 @@ CVE-2010-3035 (Cisco IOS XR 3.4.0 through 3.9.1, when BGP is enabled, does not .
CVE-2010-3036 (Multiple buffer overflows in the authentication functionality in the ...)
TODO: check
CVE-2010-3037 (goform/websXMLAdminRequestCgi.cgi in Cisco Unified Videoconferencing ...)
- TODO: check
+ NOT-FOR-US: cisco unified_videoconferencing_system_5230
CVE-2010-3038 (Cisco Unified Videoconferencing (UVC) System 5110 and 5115, when the ...)
- TODO: check
+ NOT-FOR-US: cisco unified_videoconferencing_system_5115
CVE-2010-3039 (/usr/local/cm/bin/pktCap_protectData in Cisco Unified Communications ...)
- TODO: check
+ NOT-FOR-US: cisco unified_communications_manager
CVE-2010-3040 (Multiple stack-based buffer overflows in agent.exe in Setup Manager in ...)
- TODO: check
+ NOT-FOR-US: cisco intelligent_contact_manager
CVE-2010-3041
RESERVED
CVE-2010-3042
@@ -91888,7 +91888,7 @@ CVE-2010-3068
CVE-2010-3069 (Stack-based buffer overflow in the (1) sid_parse and (2) dom_sid_parse ...)
TODO: check
CVE-2010-3070 (Cross-site scripting (XSS) vulnerability in NuSOAP 0.9.5, as used in ...)
- TODO: check
+ NOT-FOR-US: dietrich_ayala nusoap
CVE-2010-3071 (bip before 0.8.6 allows remote attackers to cause a denial of service ...)
TODO: check
CVE-2010-3072 (The string-comparison functions in String.cci in Squid 3.x before ...)
@@ -91930,13 +91930,13 @@ CVE-2010-3089 (Multiple cross-site scripting (XSS) vulnerabilities in GNU Mailma
CVE-2010-3090
RESERVED
CVE-2010-3091 (The OpenID module in Drupal 6.x before 6.18, and the OpenID module 5.x ...)
- TODO: check
+ NOT-FOR-US: peter_wolanin openid
CVE-2010-3092 (The upload module in Drupal 5.x before 5.23 and 6.x before 6.18 does ...)
- TODO: check
+ NOT-FOR-US: drupal
CVE-2010-3093 (The comment module in Drupal 5.x before 5.23 and 6.x before 6.18 ...)
- TODO: check
+ NOT-FOR-US: drupal
CVE-2010-3094 (Multiple cross-site scripting (XSS) vulnerabilities in Drupal 6.x ...)
- TODO: check
+ NOT-FOR-US: drupal
CVE-2010-3095
RESERVED
CVE-2010-3096 (Directory traversal vulnerability in SoftX FTP Client 3.3 and possibly ...)
@@ -91968,7 +91968,7 @@ CVE-2010-3108 (Buffer overflow in the browser plugin in Novell iPrint Client bef
CVE-2010-3109 (Stack-based buffer overflow in the browser plugin in Novell iPrint ...)
NOT-FOR-US: novell iprint
CVE-2010-3110 (Multiple buffer overflows in the Novell Client novfs module for the ...)
- TODO: check
+ NOT-FOR-US: novfs
CVE-2010-3111 (Google Chrome before 6.0.472.53 does not properly mitigate an ...)
TODO: check
CVE-2010-3112 (Google Chrome before 5.0.375.127 does not properly implement file ...)
@@ -92060,25 +92060,25 @@ CVE-2010-3154 (Untrusted search path vulnerability in Adobe Extension Manager CS
CVE-2010-3155 (Untrusted search path vulnerability in Adobe ExtendScript Toolkit ...)
NOT-FOR-US: adobe extendedscript_toolkit_cs5
CVE-2010-3156 (Untrusted search path vulnerability in K2 K2Editor before 1.5.9 allows ...)
- TODO: check
+ NOT-FOR-US: k2top k2editor
CVE-2010-3157 (Untrusted search path vulnerability in XacRett before 50 allows ...)
- TODO: check
+ NOT-FOR-US: kmonos xacrett
CVE-2010-3158 (Untrusted search path vulnerability in Lhaplus before 1.58 allows ...)
- TODO: check
+ NOT-FOR-US: lhaplus
CVE-2010-3159 (Untrusted search path vulnerability in Explzh 5.67 and earlier allows ...)
- TODO: check
+ NOT-FOR-US: explzh
CVE-2010-3160 (Untrusted search path vulnerability in Archive Decoder 1.23 and ...)
- TODO: check
+ NOT-FOR-US: ponsoftware archive_decoder
CVE-2010-3161 (Untrusted search path vulnerability in TeraPad before 1.00 allows ...)
- TODO: check
+ NOT-FOR-US: susumu_terao terapad
CVE-2010-3162 (Untrusted search path vulnerability in Apsaly before 3.74 allows local ...)
- TODO: check
+ NOT-FOR-US: masahiko_watanabe apsaly
CVE-2010-3163 (Untrusted search path vulnerability in Fenrir Sleipnir before 2.9.5 ...)
- TODO: check
+ NOT-FOR-US: fenrir sleipnir
CVE-2010-3164 (Untrusted search path vulnerability in Fenrir Sleipnir 2.9.4 and ...)
- TODO: check
+ NOT-FOR-US: fenrir sleipnir
CVE-2010-3165 (Untrusted search path vulnerability in Yokka NoEditor 1.33.1.1 and ...)
- TODO: check
+ NOT-FOR-US: yokkasoft uneditor
CVE-2010-3166 (Heap-based buffer overflow in the nsTextFrameUtils::TransformText ...)
TODO: check
CVE-2010-3167 (The nsTreeContentView function in Mozilla Firefox before 3.5.12 and ...)
@@ -92176,65 +92176,65 @@ CVE-2010-3212 (SQL injection vulnerability in index.php in Seagull 0.6.7 and ear
CVE-2010-3213 (Cross-site request forgery (CSRF) vulnerability in Microsoft Outlook ...)
NOT-FOR-US: microsoft outlook_web_access
CVE-2010-3214 (Stack-based buffer overflow in Microsoft Word 2002 SP3, 2003 SP3, 2007 ...)
- TODO: check
+ NOT-FOR-US: microsoft word_web_app
CVE-2010-3215 (Microsoft Word 2002 SP3 and Office 2004 for Mac do not properly handle ...)
- TODO: check
+ NOT-FOR-US: microsoft word
CVE-2010-3216 (Microsoft Word 2002 SP3 and Office 2004 for Mac allow remote attackers ...)
- TODO: check
+ NOT-FOR-US: microsoft word
CVE-2010-3217 (Microsoft Word 2002 SP3 allows remote attackers to execute arbitrary ...)
- TODO: check
+ NOT-FOR-US: microsoft word
CVE-2010-3218 (Heap-based buffer overflow in Microsoft Word 2002 SP3 allows remote ...)
- TODO: check
+ NOT-FOR-US: microsoft word
CVE-2010-3219 (Array index vulnerability in Microsoft Word 2002 SP3 allows remote ...)
- TODO: check
+ NOT-FOR-US: microsoft word
CVE-2010-3220 (Unspecified vulnerability in Microsoft Word 2002 SP3 and Office 2004 ...)
- TODO: check
+ NOT-FOR-US: microsoft word
CVE-2010-3221 (Microsoft Word 2002 SP3 and 2003 SP3, Office 2004 for Mac, and Word ...)
- TODO: check
+ NOT-FOR-US: microsoft word_viewer
CVE-2010-3222 (Stack-based buffer overflow in the Remote Procedure Call Subsystem ...)
- TODO: check
+ NOT-FOR-US: microsoft windows_xp
CVE-2010-3223 (The user interface in Microsoft Cluster Service (MSCS) in Microsoft ...)
- TODO: check
+ NOT-FOR-US: microsoft windows_server_2008
CVE-2010-3224
RESERVED
CVE-2010-3225 (Use-after-free vulnerability in the Media Player Network Sharing ...)
- TODO: check
+ NOT-FOR-US: microsoft windows_vista
CVE-2010-3226
RESERVED
CVE-2010-3227 (Stack-based buffer overflow in the UpdateFrameTitleForDocument method ...)
- TODO: check
+ NOT-FOR-US: microsoft windows_xp
CVE-2010-3228 (The JIT compiler in Microsoft .NET Framework 4.0 on 64-bit platforms ...)
- TODO: check
+ NOT-FOR-US: microsoft net_framework
CVE-2010-3229 (The Secure Channel (aka SChannel) security package in Microsoft ...)
- TODO: check
+ NOT-FOR-US: microsoft windows_vista
CVE-2010-3230 (Integer overflow in Microsoft Excel 2002 SP3 allows remote attackers ...)
- TODO: check
+ NOT-FOR-US: microsoft excel
CVE-2010-3231 (Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML ...)
- TODO: check
+ NOT-FOR-US: microsoft open_xml_file_format_converter
CVE-2010-3232 (Microsoft Excel 2003 SP3 and 2007 SP2; Office 2004 and 2008 for Mac; ...)
- TODO: check
+ NOT-FOR-US: microsoft open_xml_file_format_converter
CVE-2010-3233 (Microsoft Excel 2002 SP3 and 2003 SP3 does not properly validate ...)
- TODO: check
+ NOT-FOR-US: microsoft excel
CVE-2010-3234 (Microsoft Excel 2002 SP3 does not properly validate formula ...)
- TODO: check
+ NOT-FOR-US: microsoft excel
CVE-2010-3235 (Microsoft Excel 2002 SP3 does not properly validate formula ...)
- TODO: check
+ NOT-FOR-US: microsoft excel
CVE-2010-3236 (Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, ...)
- TODO: check
+ NOT-FOR-US: microsoft open_xml_file_format_converter
CVE-2010-3237 (Microsoft Excel 2002 SP3 and Office 2004 for Mac do not properly ...)
- TODO: check
+ NOT-FOR-US: microsoft office
CVE-2010-3238 (Microsoft Excel 2002 SP3 and 2003 SP3, and Office 2004 for Mac, does ...)
- TODO: check
+ NOT-FOR-US: microsoft office
CVE-2010-3239 (Microsoft Excel 2002 SP3 does not properly validate record ...)
- TODO: check
+ NOT-FOR-US: microsoft excel
CVE-2010-3240 (Microsoft Excel 2002 SP3 and 2007 SP2; Excel Viewer SP2; and Office ...)
- TODO: check
+ NOT-FOR-US: microsoft office_compatibility_pack
CVE-2010-3241 (Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML ...)
- TODO: check
+ NOT-FOR-US: microsoft open_xml_file_format_converter
CVE-2010-3242 (Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML ...)
- TODO: check
+ NOT-FOR-US: microsoft open_xml_file_format_converter
CVE-2010-3243 (Cross-site scripting (XSS) vulnerability in the toStaticHTML function ...)
- TODO: check
+ NOT-FOR-US: microsoft sharepoint_services
CVE-2010-3244 (BbtsConnection_Edit.exe in Blackboard Transact Suite (formerly ...)
NOT-FOR-US: blackboard transact_suite
CVE-2010-3245 (The automated-backup functionality in Blackboard Transact Suite ...)
@@ -92280,9 +92280,9 @@ CVE-2010-3264 (The engine installer in Novell Identity Manager (aka IDM) 3.6.1 s
CVE-2010-3265
RESERVED
CVE-2010-3266 (Multiple cross-site scripting (XSS) vulnerabilities in BugTracker.NET ...)
- TODO: check
+ NOT-FOR-US: ifdefined bugtracker net
CVE-2010-3267 (Multiple SQL injection vulnerabilities in BugTracker.NET before 3.4.5 ...)
- TODO: check
+ NOT-FOR-US: ifdefined bugtracker net
CVE-2010-3268
RESERVED
CVE-2010-3269
@@ -92321,17 +92321,17 @@ CVE-2010-3284 (Unspecified vulnerability in HP System Management Homepage (SMH)
CVE-2010-3285 (Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) ...)
NOT-FOR-US: hp openview_network_node_manager
CVE-2010-3286 (Unspecified vulnerability in HP Systems Insight Manager (SIM) 6.0 and ...)
- TODO: check
+ NOT-FOR-US: hp systems_insight_manager
CVE-2010-3287 (Unspecified vulnerability on HP ProCurve Access Points, Access ...)
- TODO: check
+ NOT-FOR-US: hp procurve_access_point_software
CVE-2010-3288 (Cross-site request forgery (CSRF) vulnerability in HP Systems Insight ...)
- TODO: check
+ NOT-FOR-US: hp systems_insight_manager
CVE-2010-3289 (Cross-site scripting (XSS) vulnerability in HP Systems Insight Manager ...)
- TODO: check
+ NOT-FOR-US: hp systems_insight_manager
CVE-2010-3290 (Unspecified vulnerability in HP Systems Insight Manager (SIM) before ...)
- TODO: check
+ NOT-FOR-US: hp systems_insight_manager
CVE-2010-3291 (Cross-site scripting (XSS) vulnerability in HP AssetCenter 5.0x ...)
- TODO: check
+ NOT-FOR-US: hp assetmanager
CVE-2010-3292
RESERVED
CVE-2010-3293
@@ -92363,7 +92363,7 @@ CVE-2010-3305
CVE-2010-3306 (Directory traversal vulnerability in the modURL function in instance.c ...)
NOT-FOR-US: salvo_g _tomaselli weborf
CVE-2010-3307 (Multiple PHP remote file inclusion vulnerabilities in ...)
- TODO: check
+ NOT-FOR-US: dustincowell free_simple_cms
CVE-2010-3308 (Buffer overflow in programs/pluto/xauth.c in the client in Openswan ...)
TODO: check
CVE-2010-3309
@@ -92391,7 +92391,7 @@ CVE-2010-3319 (IBM Records Manager (RM) 4.5.x before 4.5.1.1-IER-FP001 places a
CVE-2010-3320 (Open redirect vulnerability in IBM Records Manager (RM) 4.5.x before ...)
NOT-FOR-US: ibm filenet_content_manager
CVE-2010-3321 (RSA Authentication Client 2.0.x, 3.0, and 3.5.x before 3.5.3 does not ...)
- TODO: check
+ NOT-FOR-US: rsa authentication_client
CVE-2010-3322 (The XML parser in Splunk 4.0.0 through 4.1.4 allows remote ...)
NOT-FOR-US: splunk
CVE-2010-3323 (Splunk 4.0.0 through 4.1.4 allows remote attackers to conduct session ...)
@@ -92399,31 +92399,31 @@ CVE-2010-3323 (Splunk 4.0.0 through 4.1.4 allows remote attackers to conduct ses
CVE-2010-3324 (The toStaticHTML function in Microsoft Internet Explorer 8, and the ...)
NOT-FOR-US: microsoft ie
CVE-2010-3325 (Microsoft Internet Explorer 6 through 8 does not properly handle ...)
- TODO: check
+ NOT-FOR-US: microsoft ie
CVE-2010-3326 (Microsoft Internet Explorer 6 does not properly handle objects in ...)
- TODO: check
+ NOT-FOR-US: microsoft ie
CVE-2010-3327 (The implementation of HTML content creation in Microsoft Internet ...)
- TODO: check
+ NOT-FOR-US: microsoft ie
CVE-2010-3328 (Use-after-free vulnerability in the CAttrArray::PrivateFind function ...)
- TODO: check
+ NOT-FOR-US: microsoft ie
CVE-2010-3329 (mshtmled.dll in Microsoft Internet Explorer 7 and 8 allows remote ...)
- TODO: check
+ NOT-FOR-US: microsoft ie
CVE-2010-3330 (Microsoft Internet Explorer 6 through 8 does not properly restrict ...)
- TODO: check
+ NOT-FOR-US: microsoft ie
CVE-2010-3331 (Microsoft Internet Explorer 6 through 8 does not properly handle ...)
- TODO: check
+ NOT-FOR-US: microsoft ie
CVE-2010-3332 (Microsoft .NET Framework 1.1 SP1, 2.0 SP1 and SP2, 3.5, 3.5 SP1, ...)
NOT-FOR-US: microsoft net_framework
CVE-2010-3333 (Stack-based buffer overflow in Microsoft Office XP SP3, Office 2003 ...)
- TODO: check
+ NOT-FOR-US: microsoft open_xml_file_format_converter
CVE-2010-3334 (Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office ...)
- TODO: check
+ NOT-FOR-US: microsoft open_xml_file_format_converter
CVE-2010-3335 (Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office ...)
- TODO: check
+ NOT-FOR-US: microsoft open_xml_file_format_converter
CVE-2010-3336 (Microsoft Office XP SP3, Office 2004 and 2008 for Mac, Office for Mac ...)
- TODO: check
+ NOT-FOR-US: microsoft open_xml_file_format_converter
CVE-2010-3337 (Untrusted search path vulnerability in Microsoft Office 2007 SP2 and ...)
- TODO: check
+ NOT-FOR-US: microsoft office
CVE-2010-3338
RESERVED
CVE-2010-3339
@@ -92459,7 +92459,7 @@ CVE-2010-3353 (Cowbell 0.2.7.1 places a zero-length directory name in the ...)
CVE-2010-3354 (dropboxd in Dropbox 0.7.110 places a zero-length directory name in the ...)
TODO: check
CVE-2010-3355 (Ember 0.5.7 places a zero-length directory name in the ...)
- TODO: check
+ NOT-FOR-US: ember
CVE-2010-3356
RESERVED
CVE-2010-3357 (gnome-subtitles 1.0 places a zero-length directory name in the ...)
@@ -92469,19 +92469,19 @@ CVE-2010-3358 (HenPlus JDBC SQL-Shell 0.9.7 places a zero-length directory name
CVE-2010-3359
RESERVED
CVE-2010-3360 (Hipo 0.6.1 places a zero-length directory name in the LD_LIBRARY_PATH, ...)
- TODO: check
+ NOT-FOR-US: pedro_villavicencio_garrido hipo
CVE-2010-3361 (The (1) iked, (2) ikea, and (3) ikec scripts in Shrew Soft IKE 2.1.5 ...)
- TODO: check
+ NOT-FOR-US: shrew vpn_client
CVE-2010-3362 (lastfm 1.5.4 places a zero-length directory name in the ...)
TODO: check
CVE-2010-3363 (roarify in roaraudio 0.3 places a zero-length directory name in the ...)
- TODO: check
+ NOT-FOR-US: roaraudio
CVE-2010-3364 (The vips-7.22 script in VIPS 7.22.2 places a zero-length directory ...)
TODO: check
CVE-2010-3365 (Mistelix 0.31 places a zero-length directory name in the ...)
- TODO: check
+ NOT-FOR-US: mistelix
CVE-2010-3366 (Mn_Fit 5.13 places a zero-length directory name in the ...)
- TODO: check
+ NOT-FOR-US: zeus physik uni bonn mn_fit
CVE-2010-3367
RESERVED
CVE-2010-3368
@@ -92493,7 +92493,7 @@ CVE-2010-3370
CVE-2010-3371
RESERVED
CVE-2010-3372 (Untrusted search path vulnerability in NorduGrid Advanced Resource ...)
- TODO: check
+ NOT-FOR-US: nordugrid arc
CVE-2010-3373
RESERVED
CVE-2010-3374 (Qt Creator before 2.0.1 places a zero-length directory name in the ...)
@@ -92503,7 +92503,7 @@ CVE-2010-3375
CVE-2010-3376 (The (1) proofserv, (2) xrdcp, (3) xrdpwdadmin, and (4) xrd scripts in ...)
TODO: check
CVE-2010-3377 (The (1) runSalome, (2) runTestMedCorba, (3) runLightSalome, and (4) ...)
- TODO: check
+ NOT-FOR-US: salome platform salome
CVE-2010-3378 (The (1) scilab, (2) scilab-cli, and (3) scilab-adv-cli scripts in ...)
TODO: check
CVE-2010-3379
@@ -92513,15 +92513,15 @@ CVE-2010-3380 (The (1) init.d/slurm and (2) init.d/slurmdbd scripts in SLURM bef
CVE-2010-3381 (The (1) tangerine and (2) tangerine-properties scripts in Tangerine ...)
TODO: check
CVE-2010-3382 (tauex in Tuning and Analysis Utilities (TAU) 2.16.4 places a ...)
- TODO: check
+ NOT-FOR-US: uoregon tau
CVE-2010-3383 (The (1) teamspeak and (2) teamspeak-server scripts in TeamSpeak 2.0.32 ...)
TODO: check
CVE-2010-3384 (The (1) torcs, (2) nfsperf, (3) accc, (4) texmapper, (5) trackgen, and ...)
TODO: check
CVE-2010-3385 (TuxGuitar 1.2 places a zero-length directory name in the ...)
- TODO: check
+ NOT-FOR-US: herac tuxguitar
CVE-2010-3386 (usttrace in LTTng Userspace Tracer (aka UST) 0.7 places a zero-length ...)
- TODO: check
+ NOT-FOR-US: lttng ust
CVE-2010-3387 (** DISPUTED ** ...)
TODO: check
CVE-2010-3388
@@ -92535,7 +92535,7 @@ CVE-2010-3391
CVE-2010-3392
RESERVED
CVE-2010-3393 (magics-config in Magics++ 2.10.0 places a zero-length directory name ...)
- TODO: check
+ NOT-FOR-US: ecmwf magics
CVE-2010-3394 (The (1) texmacs and (2) tm_mupad_help scripts in TeXmacs 1.0.7.4 place ...)
TODO: check
CVE-2010-3395
@@ -92650,7 +92650,7 @@ CVE-2010-3447
CVE-2010-3448
RESERVED
CVE-2010-3449 (Cross-site request forgery (CSRF) vulnerability in Redback before ...)
- TODO: check
+ NOT-FOR-US: codehaus redback
CVE-2010-3450
RESERVED
CVE-2010-3451
@@ -92734,7 +92734,7 @@ CVE-2010-3489 (Cross-site scripting (XSS) vulnerability in ...)
CVE-2010-3490 (Directory traversal vulnerability in page.recordings.php in the System ...)
NOT-FOR-US: freepbx
CVE-2010-3491 (The (1) ActiveMatrix Runtime and (2) ActiveMatrix Administrator ...)
- TODO: check
+ NOT-FOR-US: tibco activematrix_service_performance_manager
CVE-2010-3492 (The asyncore module in Python before 3.2 does not properly handle ...)
TODO: check
CVE-2010-3493 (Multiple race conditions in smtpd.py in the smtpd module in Python ...)
@@ -93018,11 +93018,11 @@ CVE-2010-3631 (Array index error in Adobe Reader and Acrobat 8.x before 8.2.5 an
CVE-2010-3632 (Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on ...)
TODO: check
CVE-2010-3633 (Memory leak in Adobe Flash Media Server (FMS) 3.0.x before 3.0.7, ...)
- TODO: check
+ NOT-FOR-US: adobe flash_media_server
CVE-2010-3634 (Unspecified vulnerability in the edge process in Adobe Flash Media ...)
- TODO: check
+ NOT-FOR-US: adobe flash_media_server
CVE-2010-3635 (Adobe Flash Media Server (FMS) 3.0.x before 3.0.7, 3.5.x before 3.5.5, ...)
- TODO: check
+ NOT-FOR-US: adobe flash_media_server
CVE-2010-3636 (Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on ...)
TODO: check
CVE-2010-3637 (An unspecified ActiveX control in Adobe Flash Player before 9.0.289.0 ...)
@@ -93062,7 +93062,7 @@ CVE-2010-3653 (The Director module (dirapi.dll) in Adobe Shockwave Player before
CVE-2010-3654 (Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on ...)
TODO: check
CVE-2010-3655 (Stack-based buffer overflow in dirapi.dll in Adobe Shockwave Player ...)
- TODO: check
+ NOT-FOR-US: adobe shockwave_player
CVE-2010-3656 (Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, ...)
TODO: check
CVE-2010-3657 (Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, ...)
@@ -93132,9 +93132,9 @@ CVE-2010-3688 (Directory traversal vulnerability in ADMIN/login.php in NetArtMED
CVE-2010-3689
RESERVED
CVE-2010-3690 (Multiple cross-site scripting (XSS) vulnerabilities in phpCAS before ...)
- TODO: check
+ NOT-FOR-US: jasig phpcas
CVE-2010-3691 (PGTStorage/pgt-file.php in phpCAS before 1.1.3, when proxy mode is ...)
- TODO: check
+ NOT-FOR-US: jasig phpcas
CVE-2010-3692 (Directory traversal vulnerability in the callback function in ...)
NOT-FOR-US: jasig phpcas
CVE-2010-3693
@@ -93178,15 +93178,15 @@ CVE-2010-3711 (libpurple in Pidgin before 2.7.4 does not properly validate the r
CVE-2010-3712 (Cross-site scripting (XSS) vulnerability in Joomla! 1.5.x before ...)
TODO: check
CVE-2010-3713 (rss.php in UseBB before 1.0.11 does not properly handle forum ...)
- TODO: check
+ NOT-FOR-US: usebb
CVE-2010-3714 (The jumpUrl (aka access tracking) implementation in ...)
- TODO: check
+ NOT-FOR-US: typo3
CVE-2010-3715 (Multiple cross-site scripting (XSS) vulnerabilities in TYPO3 4.2.x ...)
- TODO: check
+ NOT-FOR-US: typo3
CVE-2010-3716 (The be_user_creation task in TYPO3 4.2.x before 4.2.15 and 4.3.x ...)
- TODO: check
+ NOT-FOR-US: typo3
CVE-2010-3717 (The t3lib_div::validEmail function in TYPO3 4.2.x before 4.2.15, 4.3.x ...)
- TODO: check
+ NOT-FOR-US: typo3
CVE-2010-3718
RESERVED
CVE-2010-3719
@@ -93218,7 +93218,7 @@ CVE-2010-3731 (Buffer overflow in the Administration Server component in IBM DB2
CVE-2010-3732 (The DRDA Services component in IBM DB2 UDB 9.5 before FP6a allows ...)
NOT-FOR-US: ibm db2
CVE-2010-3733 (The Engine Utilities component in IBM DB2 UDB 9.5 before FP6a uses ...)
- TODO: check
+ NOT-FOR-US: ibm db2
CVE-2010-3734 (The Install component in IBM DB2 UDB 9.5 before FP6a on Linux, UNIX, ...)
NOT-FOR-US: ibm db2
CVE-2010-3735 (The &quot;Query Compiler, Rewrite, Optimizer&quot; component in IBM DB2 UDB 9.5 ...)
@@ -93318,45 +93318,45 @@ CVE-2010-3781 (The PL/php add-on 1.4 and earlier for PostgreSQL does not properl
CVE-2010-3782
RESERVED
CVE-2010-3783 (Password Server in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 does ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-3784 (The PMPageFormatCreateWithDataRepresentation API in Printing in Apple ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-3785 (Buffer overflow in QuickLook in Apple Mac OS X 10.5.8 and 10.6.x ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-3786 (QuickLook in Apple Mac OS X 10.6.x before 10.6.5 allows remote ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-3787 (Heap-based buffer overflow in QuickTime in Apple Mac OS X 10.6.x ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-3788 (QuickTime in Apple Mac OS X 10.6.x before 10.6.5 accesses ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-3789 (QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-3790 (QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-3791 (Buffer overflow in QuickTime in Apple Mac OS X 10.6.x before 10.6.5 ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-3792 (Integer signedness error in QuickTime in Apple Mac OS X 10.6.x before ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-3793 (QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-3794 (QuickTime in Apple Mac OS X 10.6.x before 10.6.5 accesses ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-3795 (QuickTime in Apple Mac OS X 10.6.x before 10.6.5 accesses ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-3796 (Safari RSS in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 does not ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-3797 (Cross-site scripting (XSS) vulnerability in Wiki Server in Apple Mac ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-3798 (Heap-based buffer overflow in xar in Apple Mac OS X 10.6.x before ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-3799
RESERVED
CVE-2010-3800 (Apple QuickTime before 7.6.9 allows remote attackers to execute ...)
- TODO: check
+ NOT-FOR-US: apple quicktime
CVE-2010-3801 (Apple QuickTime before 7.6.9 allows remote attackers to execute ...)
- TODO: check
+ NOT-FOR-US: apple quicktime
CVE-2010-3802 (Integer signedness error in Apple QuickTime before 7.6.9 allows remote ...)
- TODO: check
+ NOT-FOR-US: apple quicktime
CVE-2010-3803 (Integer overflow in WebKit in Apple Safari before 5.0.3 on Mac OS X ...)
TODO: check
CVE-2010-3804 (The JavaScript implementation in WebKit in Apple Safari before 5.0.3 ...)
@@ -93454,9 +93454,9 @@ CVE-2010-3849
CVE-2010-3850
RESERVED
CVE-2010-3851 (libguestfs before 1.5.23, as used in virt-v2v, virt-inspector 1.5.3 ...)
- TODO: check
+ NOT-FOR-US: libguestfs
CVE-2010-3852 (The default configuration of Luci 0.22.4 and earlier in Red Hat Conga ...)
- TODO: check
+ NOT-FOR-US: redhat luci
CVE-2010-3853
RESERVED
CVE-2010-3854
@@ -93478,7 +93478,7 @@ CVE-2010-3861 (The ethtool_get_rxnfc function in net/core/ethtool.c in the Linux
CVE-2010-3862
RESERVED
CVE-2010-3863 (Apache Shiro before 1.1.0, and JSecurity 0.9.x, does not canonicalize ...)
- TODO: check
+ NOT-FOR-US: shiro
CVE-2010-3864 (Multiple race conditions in ssl/t1_lib.c in OpenSSL 0.9.8f through ...)
TODO: check
CVE-2010-3865
@@ -93488,13 +93488,13 @@ CVE-2010-3866
CVE-2010-3867 (Multiple directory traversal vulnerabilities in the mod_site_misc ...)
TODO: check
CVE-2010-3868 (Red Hat Certificate System (RHCS) 7.3 and 8 and Dogtag Certificate ...)
- TODO: check
+ NOT-FOR-US: redhat dogtag_certificate_system
CVE-2010-3869 (Red Hat Certificate System (RHCS) 7.3 and 8 and Dogtag Certificate ...)
- TODO: check
+ NOT-FOR-US: redhat dogtag_certificate_system
CVE-2010-3870 (The utf8_decode function in PHP before 5.3.4 does not properly handle ...)
TODO: check
CVE-2010-3871 (Cross-site scripting (XSS) vulnerability in ...)
- TODO: check
+ NOT-FOR-US: mahara
CVE-2010-3872 (The apr_status_t fcgid_header_bucket_read function in fcgid_bucket.c ...)
TODO: check
CVE-2010-3873
@@ -93516,50 +93516,50 @@ CVE-2010-3880 (net/ipv4/inet_diag.c in the Linux kernel before 2.6.37-rc2 does n
CVE-2010-3881
RESERVED
CVE-2010-3882 (Multiple cross-site scripting (XSS) vulnerabilities in CMS Made Simple ...)
- TODO: check
+ NOT-FOR-US: cmsmadesimple cms_made_simple
CVE-2010-3883 (Cross-site request forgery (CSRF) vulnerability in the Change Group ...)
- TODO: check
+ NOT-FOR-US: cmsmadesimple cms_made_simple
CVE-2010-3884 (Cross-site request forgery (CSRF) vulnerability in CMS Made Simple ...)
- TODO: check
+ NOT-FOR-US: cmsmadesimple cms_made_simple
CVE-2010-3885
REJECTED
TODO: check
CVE-2010-3886 (The CTimeoutEventList::InsertIntoTimeoutList function in Microsoft ...)
- TODO: check
+ NOT-FOR-US: microsoft ie
CVE-2010-3887 (The Limit Mail feature in the Parental Controls functionality in Mail ...)
- TODO: check
+ NOT-FOR-US: apple mail
CVE-2010-3888 (Unspecified vulnerability in Microsoft Windows on 32-bit platforms ...)
- TODO: check
+ NOT-FOR-US: microsoft windows
CVE-2010-3889 (Unspecified vulnerability in Microsoft Windows on 32-bit platforms ...)
- TODO: check
+ NOT-FOR-US: microsoft windows
CVE-2010-3890 (Cross-site scripting (XSS) vulnerability in IBM OmniFind Enterprise ...)
- TODO: check
+ NOT-FOR-US: ibm omnifind
CVE-2010-3891 (Cross-site request forgery (CSRF) vulnerability in ESAdmin/security.do ...)
- TODO: check
+ NOT-FOR-US: ibm omnifind
CVE-2010-3892 (Session fixation vulnerability in the login form in the administrator ...)
- TODO: check
+ NOT-FOR-US: ibm omnifind
CVE-2010-3893 (The administrator interface in IBM OmniFind Enterprise Edition 8.x and ...)
- TODO: check
+ NOT-FOR-US: ibm omnifind
CVE-2010-3894 (Stack-based buffer overflow in the ...)
- TODO: check
+ NOT-FOR-US: ibm omnifind
CVE-2010-3895 (esRunCommand in IBM OmniFind Enterprise Edition before 9.1 allows ...)
- TODO: check
+ NOT-FOR-US: ibm omnifind
CVE-2010-3896 (The ESSearchApplication directory tree in IBM OmniFind Enterprise ...)
- TODO: check
+ NOT-FOR-US: ibm omnifind
CVE-2010-3897 (ESSearchApplication/palette.do in IBM OmniFind Enterprise Edition 8.x ...)
- TODO: check
+ NOT-FOR-US: ibm omnifind
CVE-2010-3898 (IBM OmniFind Enterprise Edition 8.x and 9.x does not properly restrict ...)
- TODO: check
+ NOT-FOR-US: ibm omnifind
CVE-2010-3899 (IBM OmniFind Enterprise Edition 8.x and 9.x performs web crawls with ...)
- TODO: check
+ NOT-FOR-US: ibm omnifind
CVE-2010-3900 (Midori before 0.2.5, when WebKitGTK+ before 1.1.14 or LibSoup before ...)
TODO: check
CVE-2010-3901 (OpenConnect before 2.25 does not properly validate X.509 certificates, ...)
- TODO: check
+ NOT-FOR-US: infradead openconnect
CVE-2010-3902 (OpenConnect before 2.26 places the webvpn cookie value in the ...)
- TODO: check
+ NOT-FOR-US: infradead openconnect
CVE-2010-3903 (Unspecified vulnerability in OpenConnect before 2.23 allows remote ...)
- TODO: check
+ NOT-FOR-US: infradead openconnect
CVE-2010-3904 (The rds_page_copy_user function in net/rds/page.c in the Reliable ...)
TODO: check
CVE-2010-3905
@@ -93571,33 +93571,33 @@ CVE-2010-3907
CVE-2010-3908
RESERVED
CVE-2010-3909 (Incomplete blacklist vulnerability in config.template.php in vtiger ...)
- TODO: check
+ NOT-FOR-US: vtiger_crm
CVE-2010-3910 (Multiple directory traversal vulnerabilities in the ...)
- TODO: check
+ NOT-FOR-US: vtiger_crm
CVE-2010-3911 (Multiple cross-site scripting (XSS) vulnerabilities in vtiger CRM ...)
- TODO: check
+ NOT-FOR-US: vtiger_crm
CVE-2010-3912
RESERVED
CVE-2010-3913 (CRLF injection vulnerability in TransWARE Active! mail 6 build ...)
- TODO: check
+ NOT-FOR-US: transware active _mail
CVE-2010-3914 (Untrusted search path vulnerability in VIM Development Group GVim ...)
TODO: check
CVE-2010-3915 (Unspecified vulnerability in JustSystems Ichitaro and Ichitaro ...)
- TODO: check
+ NOT-FOR-US: justsystems ichitaro
CVE-2010-3916 (Unspecified vulnerability in JustSystems Ichitaro and Ichitaro ...)
- TODO: check
+ NOT-FOR-US: justsystems ichitaro
CVE-2010-3917
RESERVED
CVE-2010-3918 (Fenrir Sleipnir 2.9.6 and earlier does not prevent interaction between ...)
- TODO: check
+ NOT-FOR-US: Fenrir
CVE-2010-3919 (Fenrir Grani 4.5 and earlier does not prevent interaction between web ...)
- TODO: check
+ NOT-FOR-US: Fenrir
CVE-2010-3920 (The Seiko Epson printer driver installers for LP-S9000 before 4.1.11 ...)
- TODO: check
+ NOT-FOR-US: epson lp s9000_driver_4 1 11
CVE-2010-3921 (Cross-site scripting (XSS) vulnerability in Movable Type 4.x before ...)
- TODO: check
+ NOT-FOR-US: sixapart movabletype
CVE-2010-3922 (SQL injection vulnerability in Movable Type 4.x before 4.35 and 5.x ...)
- TODO: check
+ NOT-FOR-US: sixapart movabletype
CVE-2010-3923
RESERVED
CVE-2010-3924
@@ -93621,11 +93621,11 @@ CVE-2010-3932
CVE-2010-3933 (Ruby on Rails 2.3.9 and 3.0.0 does not properly handle nested ...)
TODO: check
CVE-2010-3934 (The browser in Research In Motion (RIM) BlackBerry Device Software ...)
- TODO: check
+ NOT-FOR-US: rim blackberry_device_software
CVE-2010-3935
RESERVED
CVE-2010-3936 (Cross-site scripting (XSS) vulnerability in Signurl.asp in Microsoft ...)
- TODO: check
+ NOT-FOR-US: microsoft forefront_unified_access_gateway
CVE-2010-3937
RESERVED
CVE-2010-3938
@@ -93677,7 +93677,7 @@ CVE-2010-3960
CVE-2010-3961
RESERVED
CVE-2010-3962 (Use-after-free vulnerability in Microsoft Internet Explorer 6, 7, and ...)
- TODO: check
+ NOT-FOR-US: microsoft ie
CVE-2010-3963
RESERVED
CVE-2010-3964
@@ -93707,9 +93707,9 @@ CVE-2010-3975 (Untrusted search path vulnerability in Adobe Flash Player 9 allow
CVE-2010-3976 (Untrusted search path vulnerability in Adobe Flash Player before ...)
TODO: check
CVE-2010-3977 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
- TODO: check
+ NOT-FOR-US: deliciousdays cforms
CVE-2010-3978 (Spree 0.11.x before 0.11.2 and 0.30.x before 0.30.0 exchanges data ...)
- TODO: check
+ NOT-FOR-US: spree
CVE-2010-3979 (Dswsbobje in SAP BusinessObjects Enterprise XI 3.2 generates different ...)
NOT-FOR-US: sap businessobjects
CVE-2010-3980 (Dswsbobje in SAP BusinessObjects Enterprise XI 3.2 does not limit the ...)
@@ -93723,25 +93723,25 @@ CVE-2010-3983 (CmcApp in SAP BusinessObjects Enterprise XI 3.2 allows remote ...
CVE-2010-3984
RESERVED
CVE-2010-3985 (Cross-site scripting (XSS) vulnerability in HP Operations ...)
- TODO: check
+ NOT-FOR-US: hp operations_orchestration
CVE-2010-3986 (Unspecified vulnerability in HP Virtual Connect Enterprise Manager ...)
- TODO: check
+ NOT-FOR-US: hp virtual_connect_enterprise_manager
CVE-2010-3987 (Cross-site scripting (XSS) vulnerability in HP Insight Control Virtual ...)
- TODO: check
+ NOT-FOR-US: hp insight_control_virtual_machine_management
CVE-2010-3988 (Unspecified vulnerability in HP Insight Control Virtual Machine ...)
- TODO: check
+ NOT-FOR-US: hp insight_control_virtual_machine_management
CVE-2010-3989 (Cross-site request forgery (CSRF) vulnerability in HP Insight Control ...)
- TODO: check
+ NOT-FOR-US: hp insight_control_virtual_machine_management
CVE-2010-3990 (Unspecified vulnerability in HP Virtual Server Environment before 6.2 ...)
- TODO: check
+ NOT-FOR-US: hp virtual_server_environment
CVE-2010-3991 (Cross-site scripting (XSS) vulnerability in HP Insight Control Server ...)
- TODO: check
+ NOT-FOR-US: hp insight_control_server_migration6 0 1
CVE-2010-3992 (Unspecified vulnerability in HP Insight Control Server Migration ...)
- TODO: check
+ NOT-FOR-US: hp insight_control_server_migration6 0 1
CVE-2010-3993 (Unspecified vulnerability in HP Insight Control Server Migration ...)
- TODO: check
+ NOT-FOR-US: hp insight_control_server_migration6 0 1
CVE-2010-3994 (Cross-site scripting (XSS) vulnerability in HP Version Control ...)
- TODO: check
+ NOT-FOR-US: hp version_control_repository_manager
CVE-2010-3995
RESERVED
CVE-2010-3996 (festival_server in Centre for Speech Technology Research (CSTR) ...)
@@ -93765,7 +93765,7 @@ CVE-2010-4004
CVE-2010-4005 (The (1) tomboy and (2) tomboy-panel scripts in GNOME Tomboy 1.5.2 and ...)
TODO: check
CVE-2010-4006 (Multiple SQL injection vulnerabilities in search.php in WSN Links ...)
- TODO: check
+ NOT-FOR-US: wsnlinks wsn_links
CVE-2010-4007 (Oracle Mojarra uses an encrypted View State without a Message ...)
NOT-FOR-US: oracle mojarra
CVE-2010-4008 (libxml2 before 2.7.8, as used in Google Chrome before 7.0.517.44, ...)
@@ -93773,9 +93773,9 @@ CVE-2010-4008 (libxml2 before 2.7.8, as used in Google Chrome before 7.0.517.44,
CVE-2010-4009 (Integer overflow in Apple QuickTime before 7.6.9 allows remote ...)
TODO: check
CVE-2010-4010 (Integer signedness error in Apple Type Services (ATS) in Apple Mac OS ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-4011 (Dovecot in Apple Mac OS X 10.6.5 10H574 does not properly manage ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-4012 (Race condition in Apple iOS 4.0 through 4.1 for iPhone 3G and later ...)
TODO: check
CVE-2010-4013
@@ -93799,25 +93799,25 @@ CVE-2010-4021 (The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.
CVE-2010-4022
RESERVED
CVE-2010-4023 (Cross-site scripting (XSS) vulnerability in HP Insight Control Power ...)
- TODO: check
+ NOT-FOR-US: hp insight_control_power_management
CVE-2010-4024 (Cross-site request forgery (CSRF) vulnerability in HP Insight Control ...)
- TODO: check
+ NOT-FOR-US: hp insight_control_power_management
CVE-2010-4025 (Unspecified vulnerability in Doc Viewer in HP Palm webOS 1.4.1 allows ...)
- TODO: check
+ NOT-FOR-US: hp palm_webos
CVE-2010-4026 (Unspecified vulnerability in the service API in HP Palm webOS 1.4.1 ...)
- TODO: check
+ NOT-FOR-US: hp palm_webos
CVE-2010-4027 (Unspecified vulnerability in the camera application in HP Palm webOS ...)
- TODO: check
+ NOT-FOR-US: hp palm_webos
CVE-2010-4028 (Unspecified vulnerability in LoadRunner Web Tours 9.10 in HP ...)
- TODO: check
+ NOT-FOR-US: hp loadrunner_web_tours
CVE-2010-4029 (Unspecified vulnerability in HP Storage Essentials before 6.3.0, when ...)
- TODO: check
+ NOT-FOR-US: hp storage_essentials
CVE-2010-4030 (Cross-site scripting (XSS) vulnerability in HP Insight Control ...)
- TODO: check
+ NOT-FOR-US: hp insight_control_performance_management
CVE-2010-4031 (Unspecified vulnerability in HP Insight Control Performance Management ...)
- TODO: check
+ NOT-FOR-US: hp insight_control_performance_management
CVE-2010-4032 (Cross-site request forgery (CSRF) vulnerability in HP Insight Control ...)
- TODO: check
+ NOT-FOR-US: hp insight_control_performance_management
CVE-2010-4033 (Google Chrome before 7.0.517.41 does not properly implement the ...)
TODO: check
CVE-2010-4034 (Google Chrome before 7.0.517.41 does not properly handle forms, which ...)
@@ -93859,15 +93859,15 @@ CVE-2010-4051
CVE-2010-4052
RESERVED
CVE-2010-4053 (Stack-based buffer overflow in an unspecified logging function in ...)
- TODO: check
+ NOT-FOR-US: ibm informix_dynamic_server
CVE-2010-4054 (The gs_type2_interpret function in Ghostscript allows remote attackers ...)
TODO: check
CVE-2010-4055 (Stack consumption vulnerability in solid.exe in IBM solidDB 6.5.0.3 ...)
- TODO: check
+ NOT-FOR-US: ibm soliddb
CVE-2010-4056 (solid.exe in IBM solidDB 6.5.0.3 and earlier does not properly perform ...)
- TODO: check
+ NOT-FOR-US: ibm soliddb
CVE-2010-4057 (solid.exe in IBM solidDB 6.5.0.3 and earlier does not properly perform ...)
- TODO: check
+ NOT-FOR-US: ibm soliddb
CVE-2010-4058
RESERVED
CVE-2010-4059
@@ -93889,11 +93889,11 @@ CVE-2010-4066
CVE-2010-4067
RESERVED
CVE-2010-4068 (Unspecified vulnerability in the Extension Manager in TYPO3 4.2.x ...)
- TODO: check
+ NOT-FOR-US: typo3
CVE-2010-4069 (Stack-based buffer overflow in IBM Informix Dynamic Server (IDS) 7.x ...)
- TODO: check
+ NOT-FOR-US: ibm informix_dynamic_server
CVE-2010-4070 (Integer overflow in librpc.dll in portmap.exe (aka the ISM Portmapper ...)
- TODO: check
+ NOT-FOR-US: ibm informix_dynamic_server
CVE-2010-4071
RESERVED
CVE-2010-4072 (The copy_shmid_to_user function in ipc/shm.c in the Linux kernel ...)
@@ -93921,57 +93921,57 @@ CVE-2010-4082 (The viafb_ioctl_get_viafb_info function in drivers/video/via/ioct
CVE-2010-4083 (The copy_semid_to_user function in ipc/sem.c in the Linux kernel ...)
TODO: check
CVE-2010-4084 (dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows ...)
- TODO: check
+ NOT-FOR-US: adobe shockwave_player
CVE-2010-4085 (dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows ...)
- TODO: check
+ NOT-FOR-US: adobe shockwave_player
CVE-2010-4086 (dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows ...)
- TODO: check
+ NOT-FOR-US: adobe shockwave_player
CVE-2010-4087 (IML32.dll in Adobe Shockwave Player before 11.5.9.615 allows attackers ...)
- TODO: check
+ NOT-FOR-US: adobe shockwave_player
CVE-2010-4088 (dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows ...)
- TODO: check
+ NOT-FOR-US: adobe shockwave_player
CVE-2010-4089 (IML32.dll in Adobe Shockwave Player before 11.5.9.615 allows attackers ...)
- TODO: check
+ NOT-FOR-US: adobe shockwave_player
CVE-2010-4090 (Adobe Shockwave Player before 11.5.9.615 allows attackers to execute ...)
- TODO: check
+ NOT-FOR-US: adobe shockwave_player
CVE-2010-4091 (The EScript.api plugin in Adobe Acrobat Reader 9.4.0, 8.1.7, and ...)
TODO: check
CVE-2010-4092 (Use-after-free vulnerability in an unspecified compatibility component ...)
- TODO: check
+ NOT-FOR-US: adobe shockwave_player
CVE-2010-4093
RESERVED
CVE-2010-4094 (The Tomcat server in IBM Rational Quality Manager and Rational Test ...)
- TODO: check
+ NOT-FOR-US: ibm rational_test_lab_manager
CVE-2010-4095 (Directory traversal vulnerability in the FTP client in Serengeti ...)
TODO: check
CVE-2010-4096 (share/ma/keys_for_user in Monkeysphere 0.31 and 0.32 allows local ...)
- TODO: check
+ NOT-FOR-US: monkeysphere_project monkeysphere
CVE-2010-4097 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
- TODO: check
+ NOT-FOR-US: avatic aardvark_topsites_php
CVE-2010-4098 (monotone before 0.48.1, when configured to allow remote commands, ...)
TODO: check
CVE-2010-4099 (ess.pm in NitroSecurity NitroView ESM 8.4.0a, when ESSPMDebug is ...)
- TODO: check
+ NOT-FOR-US: nitrosecurity nitroview_esm_software
CVE-2010-4100 (Unspecified vulnerability in HP Insight Control Performance Management ...)
- TODO: check
+ NOT-FOR-US: hp insight_control_performance_management
CVE-2010-4101 (Cross-site scripting (XSS) vulnerability in HP Insight Recovery before ...)
- TODO: check
+ NOT-FOR-US: hp insight_recovery
CVE-2010-4102 (Unspecified vulnerability in HP Insight Recovery before 6.2 allows ...)
- TODO: check
+ NOT-FOR-US: hp insight_recovery
CVE-2010-4103 (Unspecified vulnerability in HP Insight Managed System Setup Wizard ...)
- TODO: check
+ NOT-FOR-US: hp insight_managed_system_setup_wizard
CVE-2010-4104 (Unspecified vulnerability in HP Insight Orchestration before 6.2 ...)
- TODO: check
+ NOT-FOR-US: hp insight_orchestration
CVE-2010-4105 (Unspecified vulnerability in HP Insight Orchestration before 6.2 ...)
- TODO: check
+ NOT-FOR-US: hp insight_orchestration
CVE-2010-4106 (Cross-site request forgery (CSRF) vulnerability in HP Insight Control ...)
- TODO: check
+ NOT-FOR-US: hp insight_control_for_linux
CVE-2010-4107 (The default configuration of the PJL Access value in the File System ...)
- TODO: check
+ NOT-FOR-US: hp laserjet_mfp
CVE-2010-4108 (HP HP-UX B.11.11, B.11.23, and B.11.31 does not properly support ...)
- TODO: check
+ NOT-FOR-US: hp ux
CVE-2010-4109 (Cross-site scripting (XSS) vulnerability in the Contacts Application ...)
- TODO: check
+ NOT-FOR-US: hp palm_webos
CVE-2010-4110
RESERVED
CVE-2010-4111
@@ -93993,9 +93993,9 @@ CVE-2010-4118
CVE-2010-4119
RESERVED
CVE-2010-4120 (Multiple cross-site scripting (XSS) vulnerabilities in the TAM console ...)
- TODO: check
+ NOT-FOR-US: ibm tivoli_access_manager_for_e business
CVE-2010-4121 (** DISPUTED ** The TCP-to-ODBC gateway in IBM Tivoli Provisioning ...)
- TODO: check
+ NOT-FOR-US: ibm tivoli_provisioning_manager_os_deployment
CVE-2010-4122
RESERVED
CVE-2010-4123
@@ -94037,35 +94037,35 @@ CVE-2010-4140
CVE-2010-4141
RESERVED
CVE-2010-4142 (Multiple stack-based buffer overflows in DATAC RealWin 2.0 Build ...)
- TODO: check
+ NOT-FOR-US: realflex realwin
CVE-2010-4143 (SQL injection vulnerability in chart.php in phpCheckZ 1.1.0, when ...)
- TODO: check
+ NOT-FOR-US: phpcheckz
CVE-2010-4144 (SQL injection vulnerability in radyo.asp in Kisisel Radyo Script ...)
- TODO: check
+ NOT-FOR-US: aspindir kisisel_radyo_script
CVE-2010-4145 (Kisisel Radyo Script stores sensitive information under the web root ...)
- TODO: check
+ NOT-FOR-US: aspindir kisisel_radyo_script
CVE-2010-4146 (Cross-site scripting (XSS) vulnerability in Attachmate Reflection for ...)
- TODO: check
+ NOT-FOR-US: attachmate reflection_for_the_web
CVE-2010-4147 (Multiple SQL injection vulnerabilities in Pentasoft Avactis Shopping ...)
- TODO: check
+ NOT-FOR-US: avactis_shopping_cart
CVE-2010-4148 (Directory traversal vulnerability in AnyConnect 1.2.3.0, and possibly ...)
- TODO: check
+ NOT-FOR-US: anyconnect
CVE-2010-4149 (Directory traversal vulnerability in FreshWebMaster Fresh FTP 5.36, ...)
- TODO: check
+ NOT-FOR-US: freshwebmaster fresh_ftp
CVE-2010-4150 (Double free vulnerability in the imap_do_open function in the IMAP ...)
TODO: check
CVE-2010-4151 (SQL injection vulnerability in misc.php in DeluxeBB 1.3, and possibly ...)
- TODO: check
+ NOT-FOR-US: deluxebb
CVE-2010-4152 (SQL injection vulnerability in catalog/index.shtml in 4site CMS 2.6, ...)
- TODO: check
+ NOT-FOR-US: 4site_cms
CVE-2010-4153 (Directory traversal vulnerability in CrossFTP Pro 1.65a, and probably ...)
- TODO: check
+ NOT-FOR-US: crossftp_pro
CVE-2010-4154 (Directory traversal vulnerability in Rhino Software, Inc. FTP Voyager ...)
- TODO: check
+ NOT-FOR-US: rhinosoft ftp_voyager
CVE-2010-4155 (Multiple cross-site scripting (XSS) vulnerabilities in eXV2 CMS 2.10 ...)
- TODO: check
+ NOT-FOR-US: exv2
CVE-2010-4156 (The mb_strcut function in Libmbfl 1.1.0, as used in PHP 5.3.x through ...)
- TODO: check
+ NOT-FOR-US: libmbfl
CVE-2010-4157 (Integer overflow in the ioc_general function in drivers/scsi/gdth.c in ...)
TODO: check
CVE-2010-4158
@@ -94099,7 +94099,7 @@ CVE-2010-4171 (The staprun runtime tool in SystemTap 1.3 does not verify that a
CVE-2010-4172 (Multiple cross-site scripting (XSS) vulnerabilities in the Manager ...)
TODO: check
CVE-2010-4173 (The default configuration of libsdp.conf in libsdp 1.1.104 and earlier ...)
- TODO: check
+ NOT-FOR-US: openfabrics libsdp
CVE-2010-4174
RESERVED
CVE-2010-4175
@@ -94115,17 +94115,17 @@ CVE-2010-4179 (The installation documentation for Red Hat Enterprise Messaging,
CVE-2010-4180 (OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when ...)
TODO: check
CVE-2010-4181 (Directory traversal vulnerability in Yaws 1.89 allows remote attackers ...)
- TODO: check
+ NOT-FOR-US: yaws
CVE-2010-4182 (Untrusted search path vulnerability in the Data Access Objects (DAO) ...)
- TODO: check
+ NOT-FOR-US: microsoft windows_xp
CVE-2010-4183 (Multiple cross-site scripting (XSS) vulnerabilities in HTML Purifier ...)
TODO: check
CVE-2010-4184 (NetSupport Manager (NSM) before 11.00.0005 sends HTTP headers with ...)
- TODO: check
+ NOT-FOR-US: netsupportsoftware netsupport_manager
CVE-2010-4185 (SQL injection vulnerability in index.php in Energine, possibly 2.3.8 ...)
- TODO: check
+ NOT-FOR-US: energine
CVE-2010-4186 (SQL injection vulnerability in process.asp in OnlineTechTools Online ...)
- TODO: check
+ NOT-FOR-US: onlinetechtools com oasys_professional
CVE-2010-4187
RESERVED
CVE-2010-4188
@@ -94168,33 +94168,33 @@ CVE-2010-4205 (Google Chrome before 7.0.517.44 does not properly handle the data
CVE-2010-4206 (Google Chrome before 7.0.517.44 accesses memory at an out-of-bounds ...)
TODO: check
CVE-2010-4207 (Cross-site scripting (XSS) vulnerability in the Flash component ...)
- TODO: check
+ NOT-FOR-US: yahoo yui
CVE-2010-4208 (Cross-site scripting (XSS) vulnerability in the Flash component ...)
- TODO: check
+ NOT-FOR-US: yahoo yui
CVE-2010-4209 (Cross-site scripting (XSS) vulnerability in the Flash component ...)
- TODO: check
+ NOT-FOR-US: yahoo yui
CVE-2010-4210 (The pfs_getextattr function in FreeBSD 7.x before 7.3-RELEASE and 8.x ...)
TODO: check
CVE-2010-4211 (The PayPal app before 3.0.1 for iOS does not verify that the server ...)
- TODO: check
+ NOT-FOR-US: ebay paypal
CVE-2010-4212 (The USAA application 3.0 for Android stores a mirror image of each ...)
- TODO: check
+ NOT-FOR-US: usaa
CVE-2010-4213 (The Bank of America application 2.12 for Android stores a security ...)
- TODO: check
+ NOT-FOR-US: bankofamerica bank_of_america
CVE-2010-4214 (The Wells Fargo Mobile application 1.1 for Android stores a username ...)
- TODO: check
+ NOT-FOR-US: wellsfargo wells_fargo_mobile
CVE-2010-4215 (UI/Manage.pm in Foswiki 1.1.0 and 1.1.1 allows remote authenticated ...)
- TODO: check
+ NOT-FOR-US: foswiki
CVE-2010-4216 (IBM Tivoli Directory Server (TDS) 6.0.0.x before ...)
- TODO: check
+ NOT-FOR-US: ibm tivoli_directory_server
CVE-2010-4217 (Use-after-free vulnerability in the proxy server in IBM Tivoli ...)
- TODO: check
+ NOT-FOR-US: ibm tivoli_directory_server
CVE-2010-4218 (Unspecified vulnerability in Web Services in IBM ENOVIA 6 has unknown ...)
- TODO: check
+ NOT-FOR-US: ibm enovia
CVE-2010-4219 (Cross-site scripting (XSS) vulnerability in SemanticTagService.js in ...)
- TODO: check
+ NOT-FOR-US: ibm websphere_portal
CVE-2010-4220 (Cross-site scripting (XSS) vulnerability in the Integrated Solution ...)
- TODO: check
+ NOT-FOR-US: ibm websphere_application_server
CVE-2010-4221 (Multiple stack-based buffer overflows in the pr_netio_telnet_gets ...)
TODO: check
CVE-2010-4222
@@ -94214,19 +94214,19 @@ CVE-2010-4228
CVE-2010-4229
RESERVED
CVE-2010-4230 (Stack-based buffer overflow in a certain ActiveX control for the ...)
- TODO: check
+ NOT-FOR-US: tecvoz cmnc 200
CVE-2010-4231 (Directory traversal vulnerability in the web-based administration ...)
- TODO: check
+ NOT-FOR-US: tecvoz cmnc 200
CVE-2010-4232 (The web-based administration interface on the Camtron CMNC-200 Full HD ...)
- TODO: check
+ NOT-FOR-US: tecvoz cmnc 200
CVE-2010-4233 (The Linux installation on the Camtron CMNC-200 Full HD IP Camera and ...)
- TODO: check
+ NOT-FOR-US: tecvoz cmnc 200
CVE-2010-4234 (The web server on the Camtron CMNC-200 Full HD IP Camera and TecVoz ...)
- TODO: check
+ NOT-FOR-US: tecvoz cmnc 200
CVE-2010-4235
RESERVED
CVE-2010-4236 (Untrusted search path vulnerability in estaskwrapper in IBM OmniFind ...)
- TODO: check
+ NOT-FOR-US: ibm omnifind
CVE-2010-4237
RESERVED
CVE-2010-4238
@@ -94246,7 +94246,7 @@ CVE-2010-4244
CVE-2010-4245
RESERVED
CVE-2010-4246 (Multiple cross-site scripting (XSS) vulnerabilities in graph.php in ...)
- TODO: check
+ NOT-FOR-US: bsdperimeter pfsense
CVE-2010-4247
RESERVED
CVE-2010-4248 (Race condition in the __exit_signal function in kernel/exit.c in the ...)
@@ -94290,19 +94290,19 @@ CVE-2010-4266
CVE-2010-4267
RESERVED
CVE-2010-4268 (SQL injection vulnerability in the Pulse Infotech Flip Wall ...)
- TODO: check
+ NOT-FOR-US: pulseinfotech com_flipwall
CVE-2010-4269 (SQL injection vulnerability in managechat.php in Collabtive 0.65 ...)
- TODO: check
+ NOT-FOR-US: o dyn collabtive
CVE-2010-4270 (Directory traversal vulnerability in the nBill (com_netinvoice) ...)
- TODO: check
+ NOT-FOR-US: netshinesoftware com_netinvoice
CVE-2010-4271 (SQL injection vulnerability in ImpressCMS before 1.2.3 RC2 allows ...)
- TODO: check
+ NOT-FOR-US: impresscms
CVE-2010-4272 (SQL injection vulnerability in the Pulse Infotech Sponsor Wall ...)
- TODO: check
+ NOT-FOR-US: pulseinfotech com_sponsorwall
CVE-2010-4273 (SQL injection vulnerability in imoveis.php in DescargarVista ACC ...)
- TODO: check
+ NOT-FOR-US: accimoveis descargarvista_acc_imoveis
CVE-2010-4274 (reset_diragent_keys in the Common agent in IBM Systems Director 6.2.0 ...)
- TODO: check
+ NOT-FOR-US: ibm director_agent
CVE-2010-4275
RESERVED
CVE-2010-4276
@@ -94310,17 +94310,17 @@ CVE-2010-4276
CVE-2010-4277
RESERVED
CVE-2010-4278 (operation/agentes/networkmap.php in Pandora FMS before 3.1.1 allows ...)
- TODO: check
+ NOT-FOR-US: pandora
CVE-2010-4279 (The default configuration of Pandora FMS 3.1 and earlier specifies an ...)
- TODO: check
+ NOT-FOR-US: artica pandora_fms
CVE-2010-4280 (Multiple SQL injection vulnerabilities in Pandora FMS before 3.1.1 ...)
- TODO: check
+ NOT-FOR-US: artica pandora_fms
CVE-2010-4281 (Incomplete blacklist vulnerability in the safe_url_extraclean function ...)
- TODO: check
+ NOT-FOR-US: artica pandora_fms
CVE-2010-4282 (Multiple directory traversal vulnerabilities in Pandora FMS before ...)
- TODO: check
+ NOT-FOR-US: artica pandora_fms
CVE-2010-4283 (PHP remote file inclusion vulnerability in extras/pandora_diag.php in ...)
- TODO: check
+ NOT-FOR-US: artica pandora_fms
CVE-2010-4284
RESERVED
CVE-2010-4285
@@ -94350,21 +94350,21 @@ CVE-2010-4296 (vmware-mount in VMware Workstation 7.x before 7.1.2 build 301548
CVE-2010-4297 (The VMware Tools update functionality in VMware Workstation 6.5.x ...)
TODO: check
CVE-2010-4298 (SQL injection vulnerability in the download module in Free Simple ...)
- TODO: check
+ NOT-FOR-US: dustincowell free_simple_software
CVE-2010-4299 (Heap-based buffer overflow in ZfHIPCND.exe in Novell Zenworks 7 ...)
- TODO: check
+ NOT-FOR-US: novell zenworks_handheld_management
CVE-2010-4300 (Heap-based buffer overflow in the dissect_ldss_transfer function ...)
TODO: check
CVE-2010-4301 (epan/dissectors/packet-zbee-zcl.c in the ZigBee ZCL dissector in ...)
TODO: check
CVE-2010-4302 (/opt/rv/Versions/CurrentVersion/Mcu/Config/Mcu.val in Cisco Unified ...)
- TODO: check
+ NOT-FOR-US: cisco unified_videoconferencing_system_5115
CVE-2010-4303 (Cisco Unified Videoconferencing (UVC) System 5110 and 5115, when the ...)
- TODO: check
+ NOT-FOR-US: cisco unified_videoconferencing_system_5115
CVE-2010-4304 (The web interface in Cisco Unified Videoconferencing (UVC) System ...)
- TODO: check
+ NOT-FOR-US: cisco unified_videoconferencing_system_5230
CVE-2010-4305 (Cisco Unified Videoconferencing (UVC) System 3545, 5110, 5115, and ...)
- TODO: check
+ NOT-FOR-US: cisco unified_videoconferencing_system_5230
CVE-2010-4306
RESERVED
CVE-2010-4307
@@ -94376,11 +94376,11 @@ CVE-2010-4309
CVE-2010-4310
RESERVED
CVE-2010-4311 (Free Simple Software 1.0 stores passwords in cleartext, which allows ...)
- TODO: check
+ NOT-FOR-US: dustincowell free_simple_software
CVE-2010-4312 (The default configuration of Apache Tomcat 6.x does not include the ...)
TODO: check
CVE-2010-4313 (Unrestricted file upload vulnerability in fileman_file_upload.php in ...)
- TODO: check
+ NOT-FOR-US: novo ws orbis_cms
CVE-2010-4314
RESERVED
CVE-2010-4315
@@ -94414,7 +94414,7 @@ CVE-2010-4328
CVE-2010-4329 (Cross-site scripting (XSS) vulnerability in the PMA_linkOrButton ...)
TODO: check
CVE-2010-4330 (Directory traversal vulnerability in includes/controller.php in Pulse ...)
- TODO: check
+ NOT-FOR-US: pulsecms pulse_cms
CVE-2010-4331
RESERVED
CVE-2010-4332
@@ -94462,31 +94462,31 @@ CVE-2010-4352
CVE-2010-4353
RESERVED
CVE-2010-4354 (The remote-access IPSec VPN implementation on Cisco Adaptive Security ...)
- TODO: check
+ NOT-FOR-US: cisco vpn_3080_concentrator
CVE-2010-4355 (Cross-site scripting (XSS) vulnerability in DaDaBIK before 4.3 beta2, ...)
- TODO: check
+ NOT-FOR-US: dadabik
CVE-2010-4356 (SQL injection vulnerability in news_default.asp in Site2Nite Big Truck ...)
- TODO: check
+ NOT-FOR-US: site2nite big_truck_broker
CVE-2010-4357 (SQL injection vulnerability in comments.php in SiteEngine 7.1 allows ...)
- TODO: check
+ NOT-FOR-US: boka siteengine
CVE-2010-4358 (Multiple cross-site scripting (XSS) vulnerabilities in gb.cgi in ...)
- TODO: check
+ NOT-FOR-US: mrcgiguy guestbook
CVE-2010-4359 (SQL injection vulnerability in index.php in Jurpopage 0.2.0 allows ...)
- TODO: check
+ NOT-FOR-US: jurpopage
CVE-2010-4360 (Multiple SQL injection vulnerabilities in index.php in Jurpopage 0.2.0 ...)
- TODO: check
+ NOT-FOR-US: jurpopage
CVE-2010-4361 (Cross-site scripting (XSS) vulnerability in url-gateway.php in ...)
- TODO: check
+ NOT-FOR-US: jurpopage
CVE-2010-4362 (Multiple SQL injection vulnerabilities in MicroNetsoft RV Dealer ...)
- TODO: check
+ NOT-FOR-US: micronetsoft rv_dealer_website
CVE-2010-4363 (Multiple SQL injection vulnerabilities in contact.php in MRCGIGUY ...)
- TODO: check
+ NOT-FOR-US: mrcgiguy freeticket
CVE-2010-4364 (DaDaBIK 4.3 beta3, when running in a case-sensitive environment, does ...)
- TODO: check
+ NOT-FOR-US: dadabik
CVE-2010-4365 (SQL injection vulnerability in JE Ajax Event Calendar ...)
- TODO: check
+ NOT-FOR-US: harmistechnology com_jeajaxeventcalendar
CVE-2010-4366 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
- TODO: check
+ NOT-FOR-US: abk soft chameleon_social_networking
CVE-2010-4367 (awstats.cgi in AWStats before 7.0 accepts a configdir parameter in the ...)
TODO: check
CVE-2010-4368 (awstats.cgi in AWStats before 7.0 on Windows accepts a configdir ...)
@@ -94494,15 +94494,15 @@ CVE-2010-4368 (awstats.cgi in AWStats before 7.0 on Windows accepts a configdir
CVE-2010-4369 (Directory traversal vulnerability in AWStats before 7.0 allows remote ...)
TODO: check
CVE-2010-4370 (Multiple integer overflows in the in_midi plugin in Winamp before 5.6 ...)
- TODO: check
+ NOT-FOR-US: nullsoft winamp
CVE-2010-4371 (Buffer overflow in the in_mod plugin in Winamp before 5.6 allows ...)
- TODO: check
+ NOT-FOR-US: nullsoft winamp
CVE-2010-4372 (Integer overflow in the in_nsv plugin in Winamp before 5.6 allows ...)
- TODO: check
+ NOT-FOR-US: nullsoft winamp
CVE-2010-4373 (The in_mp4 plugin in Winamp before 5.6 allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: nullsoft winamp
CVE-2010-4374 (The in_mkv plugin in Winamp before 5.6 allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: nullsoft winamp
CVE-2010-4375
RESERVED
CVE-2010-4376
@@ -94550,27 +94550,27 @@ CVE-2010-4396
CVE-2010-4397
RESERVED
CVE-2010-4398 (Stack-based buffer overflow in the RtlQueryRegistryValues function in ...)
- TODO: check
+ NOT-FOR-US: microsoft windows_xp
CVE-2010-4399 (Directory traversal vulnerability in languages.inc.php in DynPG CMS ...)
- TODO: check
+ NOT-FOR-US: dynpg_cms
CVE-2010-4400 (SQL injection vulnerability in _rights.php in DynPG CMS 4.2.0 allows ...)
- TODO: check
+ NOT-FOR-US: dynpg_cms
CVE-2010-4401 (languages.inc.php in DynPG CMS 4.2.0 allows remote attackers to obtain ...)
- TODO: check
+ NOT-FOR-US: dynpg_cms
CVE-2010-4402 (Multiple cross-site scripting (XSS) vulnerabilities in wp-login.php in ...)
- TODO: check
+ NOT-FOR-US: wordpress register_plus_plugin
CVE-2010-4403 (The Register Plus plugin 3.5.1 and earlier for WordPress allows remote ...)
- TODO: check
+ NOT-FOR-US: wordpress register_plus_plugin
CVE-2010-4404 (SQL injection vulnerability in the Yannick Gaultier sh404SEF component ...)
- TODO: check
+ NOT-FOR-US: anything digital sh404sef
CVE-2010-4405 (Cross-site scripting (XSS) vulnerability in the Yannick Gaultier ...)
- TODO: check
+ NOT-FOR-US: anything digital sh404sef
CVE-2010-4406 (Directory traversal vulnerability in gallery.php in Brunetton ...)
- TODO: check
+ NOT-FOR-US: brunetton littlephpgallery
CVE-2010-4407 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
- TODO: check
+ NOT-FOR-US: alguest
CVE-2010-4408 (Apache Archiva 1.0 through 1.0.3, 1.1 through 1.1.4, 1.2 through ...)
- TODO: check
+ NOT-FOR-US: apache archiva
CVE-2010-4409 (Integer overflow in the NumberFormatter::getSymbol (aka ...)
TODO: check
CVE-2010-4410 (CRLF injection vulnerability in the header function in (1) CGI.pm ...)
@@ -94578,7 +94578,7 @@ CVE-2010-4410 (CRLF injection vulnerability in the header function in (1) CGI.pm
CVE-2010-4411 (Unspecified vulnerability in CGI.pm 3.50 and earlier allows remote ...)
TODO: check
CVE-2010-4412 (Multiple cross-site scripting (XSS) vulnerabilities in pfSense 2 beta ...)
- TODO: check
+ NOT-FOR-US: bsdperimeter pfsense
CVE-2010-4413
RESERVED
CVE-2010-4414
@@ -94754,17 +94754,17 @@ CVE-2010-4498
CVE-2010-4499
RESERVED
CVE-2010-4500 (Multiple SQL injection vulnerabilities in contact.php in MRCGIGUY ...)
- TODO: check
+ NOT-FOR-US: mrcgiguy freeticket
CVE-2010-4501 (IO::Socket::SSL Perl module 1.35, when verify_mode is not VERIFY_NONE, ...)
TODO: check
CVE-2010-4502 (Integer overflow in KmxSbx.sys 6.2.0.22 in CA Internet Security Suite ...)
- TODO: check
+ NOT-FOR-US: ca internet_security_suite_plus_2010
CVE-2010-4503 (SQL injection vulnerability in indexlight.php in Aigaion 1.3.4 allows ...)
- TODO: check
+ NOT-FOR-US: aigaion
CVE-2010-4504 (Multiple cross-site scripting (XSS) vulnerabilities in eSyndiCat ...)
- TODO: check
+ NOT-FOR-US: intelliants esyndicat
CVE-2010-4505 (Multiple SQL injection vulnerabilities in login.php in Injader 2.4.4, ...)
- TODO: check
+ NOT-FOR-US: injader
CVE-2010-4506
RESERVED
CVE-2010-4507
@@ -94772,26 +94772,26 @@ CVE-2010-4507
CVE-2010-4508 (The WebSockets implementation in Mozilla Firefox 4 through 4.0 Beta 7 ...)
TODO: check
CVE-2010-4509 (Multiple unspecified vulnerabilities in Movable Type 4.x before 4.35 ...)
- TODO: check
+ NOT-FOR-US: sixapart movabletype
CVE-2010-4510
REJECTED
TODO: check
CVE-2010-4511 (Unspecified vulnerability in Movable Type 4.x before 4.35 and 5.x ...)
- TODO: check
+ NOT-FOR-US: sixapart movabletype
CVE-2010-4512 (Cobbler before 2.0.4 uses an incorrect umask value, which allows local ...)
- TODO: check
+ NOT-FOR-US: michael_dehaan cobbler
CVE-2010-4513 (Multiple cross-site scripting (XSS) vulnerabilities in Zimplit CMS ...)
- TODO: check
+ NOT-FOR-US: zimplit_cms
CVE-2010-4514 (Cross-site scripting (XSS) vulnerability in Install/InstallWizard.aspx ...)
- TODO: check
+ NOT-FOR-US: dotnetnuke
CVE-2010-4515 (Cross-site scripting (XSS) vulnerability in Citrix Web Interface 5.0, ...)
- TODO: check
+ NOT-FOR-US: citrix web_interface
CVE-2010-4516 (Multiple cross-site scripting (XSS) vulnerabilities in the JXtended ...)
- TODO: check
+ NOT-FOR-US: jxtended_comments
CVE-2010-4517 (SQL injection vulnerability in the JExtensions JE Auto (com_jeauto) ...)
- TODO: check
+ NOT-FOR-US: harmistechnology com_jeauto
CVE-2010-4518 (Cross-site scripting (XSS) vulnerability in ...)
- TODO: check
+ NOT-FOR-US: wobeo wp safe search
CVE-2010-4519
RESERVED
CVE-2010-4520