aboutsummaryrefslogtreecommitdiff
path: root/data/CVE
diff options
context:
space:
mode:
authorStefan Behte <craig@gentoo.org>2011-03-28 00:35:51 +0000
committerStefan Behte <craig@gentoo.org>2011-03-28 00:35:51 +0000
commit332e7353e9cfbfc0db3a6ad837b7e406441e9311 (patch)
treecf3ddc68d111351e833324c9acf535d6fc530629 /data/CVE
parentMITRE sync (diff)
downloadsecurity-332e7353e9cfbfc0db3a6ad837b7e406441e9311.tar.gz
security-332e7353e9cfbfc0db3a6ad837b7e406441e9311.tar.bz2
security-332e7353e9cfbfc0db3a6ad837b7e406441e9311.zip
NFU, bug nrs.
svn path=/; revision=2222
Diffstat (limited to 'data/CVE')
-rw-r--r--data/CVE/list250
1 files changed, 125 insertions, 125 deletions
diff --git a/data/CVE/list b/data/CVE/list
index b9de8d6..1a27a9e 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -75604,7 +75604,7 @@ CVE-2008-7272
CVE-2008-7273
RESERVED
CVE-2008-7274 (IBM WebSphere Application Server (WAS) 6.1.0.9, when the JAAS Login ...)
- TODO: check
+ NOT-FOR-US: ibm websphere_application_server
CVE-2008-7275 (Multiple cross-site scripting (XSS) vulnerabilities in Open Ticket ...)
TODO: check
CVE-2008-7276 (Kernel/System/Web/Request.pm in Open Ticket Request System (OTRS) ...)
@@ -75624,11 +75624,11 @@ CVE-2008-7282 (Kernel/Output/HTML/CustomerNewTicketQueueSelectionGeneric.pm in O
CVE-2008-7283 (Open Ticket Request System (OTRS) before 2.2.6, when customer group ...)
TODO: check
CVE-2008-7284 (IBM Lotus Quickr 8.1 before 8100.003 services for Lotus Domino allows ...)
- TODO: check
+ NOT-FOR-US: ibm lotus_quickr
CVE-2008-7285 (Unspecified vulnerability in the docnote string handling ...)
- TODO: check
+ NOT-FOR-US: ibm lotus_quickr
CVE-2008-7286 (IBM Lotus Quickr 8.1 before 8.1.0.2 services for Lotus Domino does not ...)
- TODO: check
+ NOT-FOR-US: ibm lotus_quickr
CVE-2009-0001 (Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote ...)
NOT-FOR-US: apple quicktime
CVE-2009-0002 (Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote ...)
@@ -81713,7 +81713,7 @@ CVE-2009-3026 (protocols/jabber/auth.c in libpurple in Pidgin 2.6.0, and possibl
CVE-2009-3027 (VRTSweb.exe in VRTSweb in Symantec Backup Exec Continuous Protection ...)
NOT-FOR-US: VRTSweb in Symantec Backup Exec Continuous Protection Server CPS
CVE-2009-3028 (The Altiris eXpress NS SC Download ActiveX control in ...)
- TODO: check
+ NOT-FOR-US: symantec management_platform
CVE-2009-3029 (Cross-site scripting (XSS) vulnerability in the console in Symantec ...)
NOT-FOR-US: symantec securityexpressions_audit_and_compliance_server
CVE-2009-3030 (Cross-site scripting (XSS) vulnerability in Symantec ...)
@@ -85714,9 +85714,9 @@ CVE-2009-5012 (ftpserver.py in pyftpdlib before 0.5.2 does not require the l ...
CVE-2009-5013 (Memory leak in the on_dtp_close function in ftpserver.py in pyftpdlib ...)
NOT-FOR-US: g rodola pyftpdlib
CVE-2009-5014 (The default quickstart configuration of TurboGears2 (aka tg2) before ...)
- TODO: check
+ NOT-FOR-US: trubogear
CVE-2009-5015 (The URL dispatch mechanism in TurboGears2 (aka tg2) before 2.0.2 ...)
- TODO: check
+ NOT-FOR-US: turbogears2
CVE-2009-5016 (Integer overflow in the xml_utf8_decode function in ext/xml/xml.c in ...)
TODO: check
CVE-2009-5017 (Mozilla Firefox before 3.6 Beta 3 does not properly handle overlong ...)
@@ -85750,23 +85750,23 @@ CVE-2009-5030
CVE-2009-5031
RESERVED
CVE-2009-5032 (The encrypted e-mail feature in IBM Lotus Notes Traveler before ...)
- TODO: check
+ NOT-FOR-US: ibm lotus_notes_traveler
CVE-2009-5033 (IBM Lotus Notes Traveler before 8.5.0.2 does not properly handle a &quot;* ...)
- TODO: check
+ NOT-FOR-US: ibm lotus_notes_traveler
CVE-2009-5034 (IBM Lotus Notes Traveler before 8.5.0.2 allows remote authenticated ...)
- TODO: check
+ NOT-FOR-US: ibm lotus_notes_traveler
CVE-2009-5035 (The Nokia client in IBM Lotus Notes Traveler before 8.5.0.2 does not ...)
- TODO: check
+ NOT-FOR-US: ibm lotus_notes_traveler
CVE-2009-5036 (traveler.exe in IBM Lotus Notes Traveler before 8.0.1.3 CF1 allows ...)
- TODO: check
+ NOT-FOR-US: ibm lotus_notes_traveler
CVE-2009-5037 (Cisco Adaptive Security Appliances (ASA) 5500 series devices with ...)
- TODO: check
+ NOT-FOR-US: cisco asa_5500
CVE-2009-5038 (Cisco IOS before 15.0(1)XA does not properly handle IRC traffic during ...)
- TODO: check
+ NOT-FOR-US: cisco ios
CVE-2009-5039 (Memory leak in the gk_circuit_info_do_in_acf function in the H.323 ...)
- TODO: check
+ NOT-FOR-US: cisco ios
CVE-2009-5040 (CallManager Express (CME) on Cisco IOS before 15.0(1)XA allows remote ...)
- TODO: check
+ NOT-FOR-US: cisco ios
CVE-2009-5041
RESERVED
CVE-2009-5042
@@ -85788,7 +85788,7 @@ CVE-2009-5049
CVE-2009-5050
RESERVED
CVE-2009-5051 (Hastymail2 before RC 8 does not set the secure flag for the session ...)
- TODO: check
+ NOT-FOR-US: hastymail2
CVE-2009-5052 (Multiple unspecified vulnerabilities in Smarty before 3.0.0 beta 6 ...)
TODO: check
CVE-2009-5053 (Unspecified vulnerability in Smarty before 3.0.0 beta 6 allows remote ...)
@@ -85802,15 +85802,15 @@ CVE-2009-5056 (Open Ticket Request System (OTRS) before 2.4.0-beta2 does not pro
CVE-2009-5057 (The S/MIME feature in Open Ticket Request System (OTRS) before 2.3.4 ...)
TODO: check
CVE-2009-5058 (Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.5 ...)
- TODO: check
+ NOT-FOR-US: ibm lotus_quickr
CVE-2009-5059 (Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.10 ...)
- TODO: check
+ NOT-FOR-US: ibm lotus_quickr
CVE-2009-5060 (Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.11 ...)
- TODO: check
+ NOT-FOR-US: ibm lotus_quickr
CVE-2009-5061 (Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.14 ...)
- TODO: check
+ NOT-FOR-US: ibm lotus_quickr
CVE-2009-5062 (IBM Lotus Quickr 8.1 before 8.1.0.15 services for Lotus Domino on AIX ...)
- TODO: check
+ NOT-FOR-US: ibm lotus_quickr
CVE-2010-0001 (Integer underflow in the unlzw function in unlzw.c in gzip before 1.4 ...)
BUG: 300943
CVE-2010-0002 (The /etc/profile.d/60alias.sh script in the Mandriva bash package for ...)
@@ -85888,7 +85888,7 @@ CVE-2010-0037 (Buffer overflow in Image RAW in Apple Mac OS X 10.5.8 and 10.6.2
CVE-2010-0038 (Recovery Mode in Apple iPhone OS 1.0 through 3.1.2, and iPhone OS for ...)
NOT-FOR-US: apple iphone_os
CVE-2010-0039 (The Application-Level Gateway (ALG) on the Apple Time Capsule, AirPort ...)
- TODO: check
+ NOT-FOR-US: apple time_capsule
CVE-2010-0040 (Integer overflow in ColorSync in Apple Safari before 4.0.5 on Windows, ...)
NOT-FOR-US: apple safari
CVE-2010-0041 (ImageIO in Apple Safari before 4.0.5 and iTunes before 9.1 on Windows ...)
@@ -86030,17 +86030,17 @@ CVE-2010-0108 (Buffer overflow in the cliproxy.objects.1 ActiveX control in the
CVE-2010-0109
RESERVED
CVE-2010-0110 (Multiple stack-based buffer overflows in Intel Alert Management System ...)
- TODO: check
+ NOT-FOR-US: symantec system_center
CVE-2010-0111 (HDNLRSVC.EXE in the Intel Alert Handler service (aka Symantec Intel ...)
- TODO: check
+ NOT-FOR-US: symantec system_center
CVE-2010-0112 (Multiple SQL injection vulnerabilities in the Administrative Interface ...)
NOT-FOR-US: symantec im_manager
CVE-2010-0113 (The Symantec Norton Mobile Security application 1.0 Beta for Android ...)
NOT-FOR-US: symantec mobile_security
CVE-2010-0114 (fw_charts.php in the reporting module in the Manager (aka SEPM) ...)
- TODO: check
+ NOT-FOR-US: symantec endpoint_protection
CVE-2010-0115 (SQL injection vulnerability in login.php in the GUI management console ...)
- TODO: check
+ NOT-FOR-US: symantec web_gateway
CVE-2010-0116 (Integer overflow in RealNetworks RealPlayer 11.0 through 11.1 and ...)
NOT-FOR-US: realnetworks realplayer_sp
CVE-2010-0117 (RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 ...)
@@ -86259,7 +86259,7 @@ CVE-2010-0212 (OpenLDAP 2.4.22 allows remote attackers to cause a denial of serv
CVE-2010-0213 (BIND 9.7.1 and 9.7.1-P1, when a recursive validating server has a ...)
NOT-FOR-US: We already have 9.7.1-p2
CVE-2010-0214 (The administrative interface on the PolyVision RoomWizard with ...)
- TODO: check
+ NOT-FOR-US: polyvision roomwizard
CVE-2010-0215 (ActiveCollab before 2.3.2 allows remote authenticated users to bypass ...)
NOT-FOR-US: a51dev activecollab
CVE-2010-0216
@@ -89187,11 +89187,11 @@ CVE-2010-1675
CVE-2010-1676 (Heap-based buffer overflow in Tor before 0.2.1.28 and 0.2.2.x before ...)
TODO: check
CVE-2010-1677 (MHonArc 2.6.16 allows remote attackers to cause a denial of service ...)
- TODO: check
+ BUG: 349563
CVE-2010-1678
RESERVED
CVE-2010-1679 (Directory traversal vulnerability in dpkg-source in dpkg before ...)
- TODO: check
+ BUG: 350877
CVE-2010-1680
RESERVED
CVE-2010-1681 (Buffer overflow in VISIODWG.DLL before 10.0.6880.4 in Microsoft Office ...)
@@ -89289,7 +89289,7 @@ CVE-2010-1726 (SQL injection vulnerability in offers_buy.php in EC21 Clone 3.0 a
CVE-2010-1727 (SQL injection vulnerability in type.asp in JobPost 1.0 allows remote ...)
NOT-FOR-US: aspsiteware jobpost
CVE-2010-1728 (Opera before 10.53 on Windows and Mac OS X does not properly handle a ...)
- TODO: check
+ NOT-FOR-US: opera_browser
CVE-2010-1729 (WebKit.dll in WebKit, as used in Safari.exe 4.531.9.1 in Apple Safari, ...)
TODO: check
CVE-2010-1730 (Dolphin Browser 2.5.0 on the HTC Hero allows remote attackers to cause ...)
@@ -91393,11 +91393,11 @@ CVE-2010-2775
CVE-2010-2776
RESERVED
CVE-2010-2777 (Stack-based buffer overflow in the IMAP server component in GroupWise ...)
- TODO: check
+ NOT-FOR-US: novell groupwise
CVE-2010-2778 (Cross-site scripting (XSS) vulnerability in WebAccess in Novell ...)
- TODO: check
+ NOT-FOR-US: novell groupwise
CVE-2010-2779 (Cross-site scripting (XSS) vulnerability in WebAccess in Novell ...)
- TODO: check
+ NOT-FOR-US: novell groupwise
CVE-2010-2780
RESERVED
CVE-2010-2781
@@ -91695,7 +91695,7 @@ CVE-2010-2926 (SQL injection vulnerability in index.php in sNews 1.7 allows remo
CVE-2010-2927 (The slapi_printmessage function in IBM Tivoli Directory Server (ITDS) ...)
NOT-FOR-US: ibm tivoli_directory_server
CVE-2010-2928 (The vCenter Tomcat Management Application in VMware vCenter Server 4.1 ...)
- TODO: check
+ NOT-FOR-US: vmware vcenter_server
CVE-2010-2929 (Untrusted search path vulnerability in hsolinkcontrol in hsolink ...)
NOT-FOR-US: pharscape hsolink
CVE-2010-2930 (Multiple stack-based buffer overflows in hsolinkcontrol in hsolink ...)
@@ -91923,13 +91923,13 @@ CVE-2010-3039 (/usr/local/cm/bin/pktCap_protectData in Cisco Unified Communicati
CVE-2010-3040 (Multiple stack-based buffer overflows in agent.exe in Setup Manager in ...)
NOT-FOR-US: cisco intelligent_contact_manager
CVE-2010-3041 (Multiple buffer overflows in the Cisco WebEx Recording Format (WRF) ...)
- TODO: check
+ NOT-FOR-US: cisco webex_recording_format_player
CVE-2010-3042 (Multiple buffer overflows in the Cisco WebEx Recording Format (WRF) ...)
- TODO: check
+ NOT-FOR-US: cisco webex_recording_format_player
CVE-2010-3043 (Multiple buffer overflows in the Cisco WebEx Recording Format (WRF) ...)
- TODO: check
+ NOT-FOR-US: cisco webex_recording_format_player
CVE-2010-3044 (Multiple buffer overflows in the Cisco WebEx Recording Format (WRF) ...)
- TODO: check
+ NOT-FOR-US: cisco webex_recording_format_player
CVE-2010-3045
RESERVED
CVE-2010-3046
@@ -91983,7 +91983,7 @@ CVE-2010-3069 (Stack-based buffer overflow in the (1) sid_parse and (2) dom_sid_
CVE-2010-3070 (Cross-site scripting (XSS) vulnerability in NuSOAP 0.9.5, as used in ...)
NOT-FOR-US: dietrich_ayala nusoap
CVE-2010-3071 (bip before 0.8.6 allows remote attackers to cause a denial of service ...)
- TODO: check
+ BUG: 336321
CVE-2010-3072 (The string-comparison functions in String.cci in Squid 3.x before ...)
BUG: 334263
CVE-2010-3073 (SSL_Cipher.cpp in EncFS before 1.7.0 does not properly handle integer ...)
@@ -92377,19 +92377,19 @@ CVE-2010-3266 (Multiple cross-site scripting (XSS) vulnerabilities in BugTracker
CVE-2010-3267 (Multiple SQL injection vulnerabilities in BugTracker.NET before 3.4.5 ...)
NOT-FOR-US: ifdefined bugtracker net
CVE-2010-3268 (The GetStringAMSHandler function in prgxhndl.dll in hndlrsvc.exe in ...)
- TODO: check
+ NOT-FOR-US: symantec endpoint_protection
CVE-2010-3269 (Multiple stack-based buffer overflows in the Cisco WebEx Recording ...)
- TODO: check
+ NOT-FOR-US: cisco webex_recording_format_player
CVE-2010-3270 (Stack-based buffer overflow in Cisco WebEx Meeting Center T27LB before ...)
- TODO: check
+ NOT-FOR-US: cisco webex_meeting_center
CVE-2010-3271
RESERVED
CVE-2010-3272 (accounts/ValidateAnswers in the security-questions implementation in ...)
- TODO: check
+ NOT-FOR-US: zohocorp manageengine_adselfservice_plus
CVE-2010-3273 (ZOHO ManageEngine ADSelfService Plus before 4.5 Build 4500 allows ...)
- TODO: check
+ NOT-FOR-US: zohocorp manageengine_adselfservice_plus
CVE-2010-3274 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
- TODO: check
+ NOT-FOR-US: zohocorp manageengine_adselfservice_plus
CVE-2010-3275
RESERVED
CVE-2010-3276
@@ -92540,7 +92540,7 @@ CVE-2010-3347
CVE-2010-3348 (Microsoft Internet Explorer 6, 7, and 8 does not prevent rendering of ...)
NOT-FOR-US: microsoft ie
CVE-2010-3349 (Ardour 2.8.11 places a zero-length directory name in the ...)
- TODO: check
+ BUG: 341567
CVE-2010-3350 (bareFTP 0.3.4 places a zero-length directory name in the ...)
TODO: check
CVE-2010-3351 (startBristol in Bristol 0.60.5 places a zero-length directory name in ...)
@@ -92570,7 +92570,7 @@ CVE-2010-3362 (lastfm 1.5.4 places a zero-length directory name in the ...)
CVE-2010-3363 (roarify in roaraudio 0.3 places a zero-length directory name in the ...)
NOT-FOR-US: roaraudio
CVE-2010-3364 (The vips-7.22 script in VIPS 7.22.2 places a zero-length directory ...)
- TODO: check
+ BUG: 344561
CVE-2010-3365 (Mistelix 0.31 places a zero-length directory name in the ...)
NOT-FOR-US: mistelix
CVE-2010-3366 (Mn_Fit 5.13 places a zero-length directory name in the ...)
@@ -92580,7 +92580,7 @@ CVE-2010-3367
CVE-2010-3368
RESERVED
CVE-2010-3369 (The (1) mdb and (2) mdb-symbolreader scripts in mono-debugger 2.4.3, ...)
- TODO: check
+ BUG: 346401
CVE-2010-3370
RESERVED
CVE-2010-3371
@@ -92630,7 +92630,7 @@ CVE-2010-3392
CVE-2010-3393 (magics-config in Magics++ 2.10.0 places a zero-length directory name ...)
NOT-FOR-US: ecmwf magics
CVE-2010-3394 (The (1) texmacs and (2) tm_mupad_help scripts in TeXmacs 1.0.7.4 place ...)
- TODO: check
+ BUG: 337532
CVE-2010-3395
RESERVED
CVE-2010-3396 (Buffer overflow in kavfm.sys in Kingsoft Antivirus 2010.04.26.648 and ...)
@@ -92973,7 +92973,7 @@ CVE-2010-3562 (Unspecified vulnerability in the 2D component in Oracle Java SE a
CVE-2010-3563 (Unspecified vulnerability in the Deployment component in Oracle Java ...)
TODO: check
CVE-2010-3564 (Unspecified vulnerability in the Oracle Communications Messaging ...)
- TODO: check
+ NOT-FOR-US: oracle sun_product_suite
CVE-2010-3565 (Unspecified vulnerability in the 2D component in Oracle Java SE and ...)
TODO: check
CVE-2010-3566 (Unspecified vulnerability in the 2D component in Oracle Java SE and ...)
@@ -93017,7 +93017,7 @@ CVE-2010-3584 (Unspecified vulnerability in the Oracle VM component in Oracle VM
CVE-2010-3585 (Unspecified vulnerability in the OracleVM component in Oracle VM 2.2.1 ...)
NOT-FOR-US: oracle vm
CVE-2010-3586 (Unspecified vulnerability in Oracle Solaris 9 allows local users to ...)
- TODO: check
+ NOT-FOR-US: sunos
CVE-2010-3587 (Unspecified vulnerability in the Oracle Common Applications component ...)
NOT-FOR-US: oracle e business_suite
CVE-2010-3588 (Unspecified vulnerability in the Oracle Discoverer component in Oracle ...)
@@ -93063,7 +93063,7 @@ CVE-2010-3607 (Cross-site scripting (XSS) vulnerability in AGENTS/index.php in N
CVE-2010-3608 (Multiple SQL injection vulnerabilities in wpQuiz 2.7 allow remote ...)
NOT-FOR-US: wire_plastic_design wpquiz
CVE-2010-3609 (Unspecified vulnerability in the Service Location Protocol daemon ...)
- TODO: check
+ NOT-FOR-US: vmware esxi
CVE-2010-3610
RESERVED
CVE-2010-3611 (ISC DHCP server 4.0 before 4.0.2, 4.1 before 4.1.2, and 4.2 before ...)
@@ -93071,17 +93071,17 @@ CVE-2010-3611 (ISC DHCP server 4.0 before 4.0.2, 4.1 before 4.1.2, and 4.2 befor
CVE-2010-3612
RESERVED
CVE-2010-3613 (named in ISC BIND 9.6.2 before 9.6.2-P3, 9.6-ESV before 9.6-ESV-R3, ...)
- TODO: check
+ BUG: 347621
CVE-2010-3614 (named in ISC BIND 9.x before 9.6.2-P3, 9.7.x before 9.7.2-P3, 9.4-ESV ...)
- TODO: check
+ BUG: 347621
CVE-2010-3615 (named in ISC BIND 9.7.2-P2 does not check all intended locations for ...)
- TODO: check
+ BUG: 347621
CVE-2010-3616 (ISC DHCP server 4.2 before 4.2.0-P2, when configured to use failover ...)
TODO: check
CVE-2010-3617
RESERVED
CVE-2010-3618 (PGP Desktop 10.0.x before 10.0.3 SP2 and 10.1.0 before 10.1.0 SP1 does ...)
- TODO: check
+ NOT-FOR-US: pgp desktop_for_windows
CVE-2010-3619 (Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on ...)
TODO: check
CVE-2010-3620 (Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, ...)
@@ -93283,7 +93283,7 @@ CVE-2010-3717 (The t3lib_div::validEmail function in TYPO3 4.2.x before 4.2.15,
CVE-2010-3718 (Apache Tomcat 7.0.0 through 7.0.3, 6.0.x, and 5.5.x, when running ...)
TODO: check
CVE-2010-3719 (Eval injection vulnerability in IMAdminSchedTask.asp in the ...)
- TODO: check
+ NOT-FOR-US: symantec im_manager
CVE-2010-3720
RESERVED
CVE-2010-3721
@@ -93700,13 +93700,13 @@ CVE-2010-3925 (Contents-Mall before 15 does not properly handle passwords, which
CVE-2010-3926 (Multiple cross-site scripting (XSS) vulnerabilities in Shop.cgi in ...)
NOT-FOR-US: wb i sgx sp_final_ne
CVE-2010-3927 (Untrusted search path vulnerability in Lunascape before 6.4.0 allows ...)
- TODO: check
+ NOT-FOR-US: lunascape
CVE-2010-3928 (Ruby Version Manager (RVM) before 1.2.1 writes file contents to a ...)
NOT-FOR-US: Ruby
CVE-2010-3929 (SQL injection vulnerability in MODx Evolution 1.0.4 and earlier allows ...)
- TODO: check
+ NOT-FOR-US: modxcms evolution
CVE-2010-3930 (Directory traversal vulnerability in MODx Evolution 1.0.4 and earlier ...)
- TODO: check
+ NOT-FOR-US: modxcms evolution
CVE-2010-3931 (Cross-site scripting (XSS) vulnerability in multiple Rocomotion ...)
NOT-FOR-US: multiple Rocomotion products including P board
CVE-2010-3932
@@ -94220,25 +94220,25 @@ CVE-2010-4185 (SQL injection vulnerability in index.php in Energine, possibly 2.
CVE-2010-4186 (SQL injection vulnerability in process.asp in OnlineTechTools Online ...)
NOT-FOR-US: onlinetechtools com oasys_professional
CVE-2010-4187 (Adobe Shockwave Player before 11.5.9.620 allows attackers to execute ...)
- TODO: check
+ NOT-FOR-US: adobe shockwave_player
CVE-2010-4188 (The dirapi.dll module in Adobe Shockwave Player before 11.5.9.620 ...)
- TODO: check
+ NOT-FOR-US: adobe shockwave_player
CVE-2010-4189 (The IML32 module in Adobe Shockwave Player before 11.5.9.620 allows ...)
- TODO: check
+ NOT-FOR-US: adobe shockwave_player
CVE-2010-4190 (Adobe Shockwave Player before 11.5.9.620 allows attackers to execute ...)
- TODO: check
+ NOT-FOR-US: adobe shockwave_player
CVE-2010-4191 (Adobe Shockwave Player before 11.5.9.620 allows attackers to execute ...)
- TODO: check
+ NOT-FOR-US: adobe shockwave_player
CVE-2010-4192 (Adobe Shockwave Player before 11.5.9.620 allows attackers to execute ...)
- TODO: check
+ NOT-FOR-US: adobe shockwave_player
CVE-2010-4193 (Adobe Shockwave Player before 11.5.9.620 does not properly validate ...)
- TODO: check
+ NOT-FOR-US: adobe shockwave_player
CVE-2010-4194 (The dirapi.dll module in Adobe Shockwave Player before 11.5.9.620 does ...)
- TODO: check
+ NOT-FOR-US: adobe shockwave_player
CVE-2010-4195 (The TextXtra module in Adobe Shockwave Player before 11.5.9.620 does ...)
- TODO: check
+ NOT-FOR-US: adobe shockwave_player
CVE-2010-4196 (The Shockwave 3d Asset module in Adobe Shockwave Player before ...)
- TODO: check
+ NOT-FOR-US: adobe shockwave_player
CVE-2010-4197 (Use-after-free vulnerability in WebKit, as used in Google Chrome ...)
TODO: check
CVE-2010-4198 (WebKit, as used in Google Chrome before 7.0.517.44, webkitgtk before ...)
@@ -94301,9 +94301,9 @@ CVE-2010-4225 (Unspecified vulnerability in the mod_mono module for XSP in Mono
CVE-2010-4226
RESERVED
CVE-2010-4227 (The xdrDecodeString function in XNFS.NLM in Novell Netware 6.5 before ...)
- TODO: check
+ NOT-FOR-US: novell netware
CVE-2010-4228 (Stack-based buffer overflow in NWFTPD.NLM before 5.10.02 in the FTP ...)
- TODO: check
+ NOT-FOR-US: novell netware
CVE-2010-4229
RESERVED
CVE-2010-4230 (Stack-based buffer overflow in a certain ActiveX control for the ...)
@@ -94459,9 +94459,9 @@ CVE-2010-4304 (The web interface in Cisco Unified Videoconferencing (UVC) System
CVE-2010-4305 (Cisco Unified Videoconferencing (UVC) System 3545, 5110, 5115, and ...)
NOT-FOR-US: cisco unified_videoconferencing_system_5230
CVE-2010-4306 (Adobe Shockwave Player before 11.5.9.620 allows attackers to execute ...)
- TODO: check
+ NOT-FOR-US: adobe shockwave_player
CVE-2010-4307 (Buffer overflow in Adobe Shockwave Player before 11.5.9.620 allows ...)
- TODO: check
+ NOT-FOR-US: adobe shockwave_player
CVE-2010-4308
RESERVED
CVE-2010-4309
@@ -94493,17 +94493,17 @@ CVE-2010-4321 (Stack-based buffer overflow in an ActiveX control in ienipp.ocx i
CVE-2010-4322 (Cross-site scripting (XSS) vulnerability in gwtTeaming.rpc in Novell ...)
NOT-FOR-US: novell vibe_onprem
CVE-2010-4323 (Heap-based buffer overflow in novell-tftp.exe in Novell ZENworks ...)
- TODO: check
+ NOT-FOR-US: novell zenworks_configuration_manager
CVE-2010-4324 (Cross-site scripting (XSS) vulnerability in the Approval Form in the ...)
NOT-FOR-US: novell identity_manager_roles_based_provisioning_module
CVE-2010-4325 (Buffer overflow in gwwww1.dll in GroupWise Internet Agent (GWIA) in ...)
- TODO: check
+ NOT-FOR-US: novell groupwise
CVE-2010-4326 (Multiple buffer overflows in gwwww1.dll in GroupWise Internet Agent ...)
- TODO: check
+ NOT-FOR-US: novell groupwise
CVE-2010-4327 (Unspecified vulnerability in the NCP service in Novell eDirectory ...)
- TODO: check
+ NOT-FOR-US: novell edirectory
CVE-2010-4328 (Multiple stack-based buffer overflows in opt/novell/iprint/bin/ipsmd ...)
- TODO: check
+ NOT-FOR-US: novell iprint_open_enterprise_server_2
CVE-2010-4329 (Cross-site scripting (XSS) vulnerability in the PMA_linkOrButton ...)
TODO: check
CVE-2010-4330 (Directory traversal vulnerability in includes/controller.php in Pulse ...)
@@ -94517,7 +94517,7 @@ CVE-2010-4333 (Pointter PHP Micro-Blogging Social Network 1.8 allows remote atta
CVE-2010-4334 (IO::Socket::SSL Perl module 1.35, when verify_mode is not VERIFY_NONE, ...)
TODO: check
CVE-2010-4335 (The _validatePost function in libs/controller/components/security.php ...)
- TODO: check
+ NOT-FOR-US: cakefoundation cakephp
CVE-2010-4336 (The cu_rrd_create_file function (src/utils_rrdcreate.c) in collectd ...)
TODO: check
CVE-2010-4337 (The configure script in gnash 0.8.8 allows local users to overwrite ...)
@@ -94860,7 +94860,7 @@ CVE-2010-4504 (Multiple cross-site scripting (XSS) vulnerabilities in eSyndiCat
CVE-2010-4505 (Multiple SQL injection vulnerabilities in login.php in Injader 2.4.4, ...)
NOT-FOR-US: injader
CVE-2010-4506 (Passlogix v-GO Self-Service Password Reset (SSPR) and OEM before 7.0A ...)
- TODO: check
+ NOT-FOR-US: oracle passlogix_v go_self service_password_reset_and_oem
CVE-2010-4507 (Multiple cross-site request forgery (CSRF) vulnerabilities on the ...)
NOT-FOR-US: clear ispot
CVE-2010-4508 (The WebSockets implementation in Mozilla Firefox 4 through 4.0 Beta 7 ...)
@@ -95267,31 +95267,31 @@ CVE-2010-4707 (The check_acl function in pam_xauth.c in the pam_xauth module in
CVE-2010-4708 (The pam_env module in Linux-PAM (aka pam) 1.1.2 and earlier reads the ...)
TODO: check
CVE-2010-4709 (Heap-based buffer overflow in Automated Solutions Modbus/TCP Master ...)
- TODO: check
+ NOT-FOR-US: automatedsolutions modbus tcp_master_opc_server
CVE-2010-4710 (Cross-site scripting (XSS) vulnerability in the addItem method in the ...)
- TODO: check
+ NOT-FOR-US: yahoo yui
CVE-2010-4711 (Double free vulnerability in the IMAP server component in GroupWise ...)
- TODO: check
+ NOT-FOR-US: novell groupwise
CVE-2010-4712 (Multiple stack-based buffer overflows in gwia.exe in GroupWise ...)
- TODO: check
+ NOT-FOR-US: novell groupwise
CVE-2010-4713 (Integer signedness error in gwia.exe in GroupWise Internet Agent ...)
- TODO: check
+ NOT-FOR-US: novell groupwise
CVE-2010-4714 (Multiple stack-based buffer overflows in Novell GroupWise before ...)
- TODO: check
+ NOT-FOR-US: novell groupwise
CVE-2010-4715 (Multiple directory traversal vulnerabilities in the (1) WebAccess ...)
- TODO: check
+ NOT-FOR-US: novell groupwise
CVE-2010-4716 (Cross-site scripting (XSS) vulnerability in the WebPublisher component ...)
- TODO: check
+ NOT-FOR-US: novell groupwise
CVE-2010-4717 (Multiple stack-based buffer overflows in the IMAP server component in ...)
- TODO: check
+ NOT-FOR-US: novell groupwise
CVE-2010-4718 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
- TODO: check
+ NOT-FOR-US: com_lyftenbloggie
CVE-2010-4719 (Directory traversal vulnerability in JRadio (com_jradio) component ...)
- TODO: check
+ NOT-FOR-US: fxwebdesign com_jradio
CVE-2010-4720 (SQL injection vulnerability in the JExtensions JE Auto (com_jeauto) ...)
- TODO: check
+ NOT-FOR-US: harmistechnology com_jeauto
CVE-2010-4721 (SQL injection vulnerability in news.php in Immo Makler allows remote ...)
- TODO: check
+ NOT-FOR-US: mhproducts immo_makler
CVE-2010-4722 (Unspecified vulnerability in the fetch plugin in Smarty before 3.0.2 ...)
TODO: check
CVE-2010-4723 (Smarty before 3.0.0, when security is enabled, does not prevent access ...)
@@ -95305,57 +95305,57 @@ CVE-2010-4726 (Unspecified vulnerability in the math plugin in Smarty before 3.0
CVE-2010-4727 (Smarty before 3.0.0 beta 7 does not properly handle the &lt;?php and ?&gt; ...)
TODO: check
CVE-2010-4728 (Zikula before 1.3.1 uses the rand and srand PHP functions for random ...)
- TODO: check
+ NOT-FOR-US: zikula_application_framework
CVE-2010-4729 (Zikula before 1.2.3 does not use the authid protection mechanism for ...)
- TODO: check
+ NOT-FOR-US: zikula_application_framework
CVE-2010-4730 (Directory traversal vulnerability in cgi-bin/read.cgi in WebSCADA ...)
- TODO: check
+ NOT-FOR-US: intellicom netbiter_webscada_ws200
CVE-2010-4731 (Absolute path traversal vulnerability in cgi-bin/read.cgi in WebSCADA ...)
- TODO: check
+ NOT-FOR-US: intellicom netbiter_webscada_ws200
CVE-2010-4732 (cgi-bin/read.cgi in WebSCADA WS100 and WS200, Easy Connect EC150, ...)
- TODO: check
+ NOT-FOR-US: intellicom netbiter_webscada_ws200
CVE-2010-4733 (WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway ...)
- TODO: check
+ NOT-FOR-US: intellicom netbiter_webscada_ws200
CVE-2010-4734 (Multiple cross-site scripting (XSS) vulnerabilities in the comment ...)
- TODO: check
+ NOT-FOR-US: amix skeletonz_cms_1 0
CVE-2010-4735 (SQL injection vulnerability in shoppingcart.asp in Ecommercemax ...)
- TODO: check
+ NOT-FOR-US: ecommercemax digital goods_seller
CVE-2010-4736 (SQL injection vulnerability in ECO.asp in GateSoft DocuSafe 4.1.0 and ...)
- TODO: check
+ NOT-FOR-US: gatesoft docusafe
CVE-2010-4737 (SQL injection vulnerability in resorts.asp in HotWebScripts HotWeb ...)
- TODO: check
+ NOT-FOR-US: hotwebscripts hotweb_rentals
CVE-2010-4738 (Multiple SQL injection vulnerabilities in Rae Media INC Real Estate ...)
- TODO: check
+ NOT-FOR-US: raemedia real_estate_single_and_multi_agent_system
CVE-2010-4739 (SQL injection vulnerability in the Maian Media Silver (com_maianmedia) ...)
- TODO: check
+ NOT-FOR-US: aretimes com_maianmedia
CVE-2010-4740 (Stack-based buffer overflow in WTclient.dll in SCADA Engine BACnet OPC ...)
- TODO: check
+ NOT-FOR-US: scadaengine bacnet_opc_client
CVE-2010-4741 (Stack-based buffer overflow in MDMUtil.dll in MDMTool.exe in MDM Tool ...)
- TODO: check
+ NOT-FOR-US: moxa mdm_tool
CVE-2010-4742 (Stack-based buffer overflow in a certain ActiveX control in ...)
- TODO: check
+ NOT-FOR-US: moxa activex_sdk
CVE-2010-4743 (Heap-based buffer overflow in the getarena function in abc2ps.c in ...)
TODO: check
CVE-2010-4744 (Multiple unspecified vulnerabilities in abcm2ps before 5.9.13 have ...)
TODO: check
CVE-2010-4745 (Cross-site scripting (XSS) vulnerability in nav.html in PHPXref before ...)
- TODO: check
+ NOT-FOR-US: gareth_watts phpxref
CVE-2010-4746 (Multiple memory leaks in the normalization functionality in 389 ...)
TODO: check
CVE-2010-4747 (Cross-site scripting (XSS) vulnerability in ...)
- TODO: check
+ NOT-FOR-US: ahmattox processing_embed_plugin
CVE-2010-4748 (Cross-site scripting (XSS) vulnerability in pmwiki.php in PmWiki ...)
- TODO: check
+ NOT-FOR-US: pmwiki
CVE-2010-4749 (Multiple cross-site scripting (XSS) vulnerabilities in BLOG:CMS ...)
TODO: check
CVE-2010-4750 (Cross-site request forgery (CSRF) vulnerability in ...)
TODO: check
CVE-2010-4751 (SQL injection vulnerability in LightNEasy.php in LightNEasy 3.2.1, ...)
- TODO: check
+ NOT-FOR-US: lightneasy
CVE-2010-4752 (SQL injection vulnerability in LightNEasy.php in LightNEasy 3.2.1, ...)
- TODO: check
+ NOT-FOR-US: lightneasy
CVE-2010-4753 (Cross-site scripting (XSS) vulnerability in LightNEasy.php in ...)
- TODO: check
+ NOT-FOR-US: lightneasy
CVE-2010-4754 (The glob implementation in libc in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, ...)
TODO: check
CVE-2010-4755 (The (1) remote_glob function in sftp-glob.c and the (2) process_put ...)
@@ -95363,7 +95363,7 @@ CVE-2010-4755 (The (1) remote_glob function in sftp-glob.c and the (2) process_p
CVE-2010-4756 (The glob implementation in the GNU C Library (aka glibc or libc6) ...)
TODO: check
CVE-2010-4757 (Cross-site scripting (XSS) vulnerability in submitnews.php in e107 ...)
- TODO: check
+ NOT-FOR-US: e107
CVE-2010-4758 (installer.pl in Open Ticket Request System (OTRS) before 3.0.3 has an ...)
TODO: check
CVE-2010-4759 (Open Ticket Request System (OTRS) before 3.0.0-beta7 does not properly ...)
@@ -95387,21 +95387,21 @@ CVE-2010-4767 (Open Ticket Request System (OTRS) before 2.3.6 does not properly
CVE-2010-4768 (Open Ticket Request System (OTRS) before 2.3.5 does not properly ...)
TODO: check
CVE-2010-4769 (Directory traversal vulnerability in the Jimtawl (com_jimtawl) ...)
- TODO: check
+ NOT-FOR-US: janguo com_jimtawl
CVE-2010-4770 (SQL injection vulnerability in index.php in CommodityRentals DVD ...)
- TODO: check
+ NOT-FOR-US: commodityrentals dvd_rentals_script
CVE-2010-4771 (SQL injection vulnerability to viewforum.php in S-CMS 2.5 allows ...)
- TODO: check
+ NOT-FOR-US: matteoiammarrone s cms
CVE-2010-4772 (Cross-site scripting (XSS) vulnerability in blocks/lang.php in S-CMS ...)
- TODO: check
+ NOT-FOR-US: matteoiammarrone s cms
CVE-2010-4773 (Unspecified vulnerability in Hitachi EUR Form Client before 05-10 -/D ...)
- TODO: check
+ NOT-FOR-US: hitachi ucosminexus_eur_form_service
CVE-2010-4774 (SQL injection vulnerability in pdf.php in AuraCMS 1.62 allows remote ...)
- TODO: check
+ NOT-FOR-US: auracms
CVE-2010-4775 (The Relevant Content module 5.x before 5.x-1.4 and 6.x before 6.x-1.5 ...)
- TODO: check
+ NOT-FOR-US: nicholas_thompson relevant_content
CVE-2010-4776 (SQL injection vulnerability in takefreestart.php in PreProjects Pre ...)
- TODO: check
+ NOT-FOR-US: preprojects pre_online_tests_generator
CVE-2011-0001 (Double free vulnerability in the iscsi_rx_handler function ...)
TODO: check
CVE-2011-0002 (libuser before 0.57 uses a cleartext password value of (1) !! or (2) x ...)