aboutsummaryrefslogtreecommitdiff
path: root/data/CVE
diff options
context:
space:
mode:
authorcvebot <cvebot@localhost>2010-11-08 17:15:37 +0000
committercvebot <cvebot@localhost>2010-11-08 17:15:37 +0000
commitfcc6c6ca2a92e66f3fa7af0b15ab4d2180a06179 (patch)
tree49674c499d58477510b83495e9161665cabc89b3 /data/CVE
parentMITRE sync (diff)
downloadsecurity-fcc6c6ca2a92e66f3fa7af0b15ab4d2180a06179.tar.gz
security-fcc6c6ca2a92e66f3fa7af0b15ab4d2180a06179.tar.bz2
security-fcc6c6ca2a92e66f3fa7af0b15ab4d2180a06179.zip
MITRE sync
svn path=/; revision=2199
Diffstat (limited to 'data/CVE')
-rw-r--r--data/CVE/list226
1 files changed, 143 insertions, 83 deletions
diff --git a/data/CVE/list b/data/CVE/list
index b840c26..d6034ac 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -85668,6 +85668,10 @@ CVE-2009-5012 (ftpserver.py in pyftpdlib before 0.5.2 does not require the l ...
NOT-FOR-US: g rodola pyftpdlib
CVE-2009-5013 (Memory leak in the on_dtp_close function in ftpserver.py in pyftpdlib ...)
NOT-FOR-US: g rodola pyftpdlib
+CVE-2009-5014 (The default quickstart configuration of TurboGears2 (aka tg2) before ...)
+ TODO: check
+CVE-2009-5015 (The URL dispatch mechanism in TurboGears2 (aka tg2) before 2.0.2 ...)
+ TODO: check
CVE-2010-0001 (Integer underflow in the unlzw function in unlzw.c in gzip before 1.4 ...)
BUG: 300943
CVE-2010-0002 (The /etc/profile.d/60alias.sh script in the Mandriva bash package for ...)
@@ -88734,8 +88738,8 @@ CVE-2010-1521 (SQL injection vulnerability in include/classes/tzn_user.php in ..
NOT-FOR-US: taskfreak
CVE-2010-1522 (Multiple SQL injection vulnerabilities in the BookLibrary Basic ...)
NOT-FOR-US: ordasoft com_booklibrary
-CVE-2010-1523
- RESERVED
+CVE-2010-1523 (Multiple heap-based buffer overflows in vp6.w5s (aka the VP6 codec) in ...)
+ TODO: check
CVE-2010-1524 (The SpreadSheet Lotus 123 reader (wkssr.dll) in Autonomy KeyView 10.4 ...)
NOT-FOR-US: autonomy keyview_viewer_sdk
CVE-2010-1525 (Integer underflow in the SpreadSheet Lotus 123 reader (wkssr.dll) in ...)
@@ -89305,7 +89309,7 @@ CVE-2010-1805 (Untrusted search path vulnerability in Apple Safari 4.x before 4.
TODO: check
CVE-2010-1806 (Use-after-free vulnerability in Apple Safari 4.x before 4.1.2 and 5.x ...)
TODO: check
-CVE-2010-1807 (WebKit in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2 does not ...)
+CVE-2010-1807 (WebKit in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2, and ...)
TODO: check
CVE-2010-1808 (Stack-based buffer overflow in Apple Type Services (ATS) in Apple Mac ...)
NOT-FOR-US: apple mac_os_x_server
@@ -90649,8 +90653,8 @@ CVE-2010-2475
RESERVED
CVE-2010-2476
RESERVED
-CVE-2010-2477
- RESERVED
+CVE-2010-2477 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+ TODO: check
CVE-2010-2478 (Integer overflow in the ethtool_get_rxnfc function in ...)
TODO: check
CVE-2010-2479 (Cross-site scripting (XSS) vulnerability in HTML Purifier before ...)
@@ -91577,8 +91581,8 @@ CVE-2010-2939 (Double free vulnerability in the ssl3_get_key_exchange function i
BUG: 332027
CVE-2010-2940 (The auth_send function in providers/ldap/ldap_auth.c in System ...)
NOT-FOR-US: fedoraproject sssd
-CVE-2010-2941
- RESERVED
+CVE-2010-2941 (ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate ...)
+ TODO: check
CVE-2010-2942 (The actions implementation in the network queueing functionality in ...)
TODO: check
CVE-2010-2943 (The xfs implementation in the Linux kernel before 2.6.35 does not look ...)
@@ -92003,7 +92007,7 @@ CVE-2010-3151 (Untrusted search path vulnerability in Adobe On Location CS4 Buil
NOT-FOR-US: adobe onlocation_cs4
CVE-2010-3152 (Untrusted search path vulnerability in Adobe Illustrator CS4 14.0.0, ...)
NOT-FOR-US: adobe illustrator
-CVE-2010-3153 (Untrusted search path vulnerability in Adobe InDesign CS4 6.0 allows ...)
+CVE-2010-3153 (Untrusted search path vulnerability in Adobe InDesign CS4 6.0, ...)
NOT-FOR-US: adobe indesign_cs4
CVE-2010-3154 (Untrusted search path vulnerability in Adobe Extension Manager CS5 ...)
NOT-FOR-US: adobe extension_manager_cs5
@@ -92041,8 +92045,8 @@ CVE-2010-3170 (Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbir
TODO: check
CVE-2010-3171 (The Math.random function in the JavaScript implementation in Mozilla ...)
TODO: check
-CVE-2010-3172
- RESERVED
+CVE-2010-3172 (CRLF injection vulnerability in Bugzilla before 3.2.9, 3.4.x before ...)
+ TODO: check
CVE-2010-3173 (The SSL implementation in Mozilla Firefox before 3.5.14 and 3.6.x ...)
TODO: check
CVE-2010-3174 (Unspecified vulnerability in the browser engine in Mozilla Firefox ...)
@@ -92973,43 +92977,43 @@ CVE-2010-3634
RESERVED
CVE-2010-3635
RESERVED
-CVE-2010-3636
- RESERVED
-CVE-2010-3637
- RESERVED
-CVE-2010-3638
- RESERVED
-CVE-2010-3639
- RESERVED
-CVE-2010-3640
- RESERVED
-CVE-2010-3641
- RESERVED
-CVE-2010-3642
- RESERVED
-CVE-2010-3643
- RESERVED
-CVE-2010-3644
- RESERVED
-CVE-2010-3645
- RESERVED
-CVE-2010-3646
- RESERVED
-CVE-2010-3647
- RESERVED
-CVE-2010-3648
- RESERVED
-CVE-2010-3649
- RESERVED
-CVE-2010-3650
- RESERVED
+CVE-2010-3636 (Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on ...)
+ TODO: check
+CVE-2010-3637 (An unspecified ActiveX control in Adobe Flash Player before 9.0.289.0 ...)
+ TODO: check
+CVE-2010-3638 (Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and ...)
+ TODO: check
+CVE-2010-3639 (Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and ...)
+ TODO: check
+CVE-2010-3640 (Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and ...)
+ TODO: check
+CVE-2010-3641 (Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and ...)
+ TODO: check
+CVE-2010-3642 (Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and ...)
+ TODO: check
+CVE-2010-3643 (Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and ...)
+ TODO: check
+CVE-2010-3644 (Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and ...)
+ TODO: check
+CVE-2010-3645 (Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and ...)
+ TODO: check
+CVE-2010-3646 (Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and ...)
+ TODO: check
+CVE-2010-3647 (Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and ...)
+ TODO: check
+CVE-2010-3648 (Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and ...)
+ TODO: check
+CVE-2010-3649 (Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and ...)
+ TODO: check
+CVE-2010-3650 (Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and ...)
+ TODO: check
CVE-2010-3651
RESERVED
-CVE-2010-3652
- RESERVED
+CVE-2010-3652 (Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and ...)
+ TODO: check
CVE-2010-3653 (The Director module (dirapi.dll) in Adobe Shockwave Player before ...)
TODO: check
-CVE-2010-3654 (Adobe Flash Player 10.1.85.3 and earlier on Windows, Mac OS X, Linux, ...)
+CVE-2010-3654 (Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on ...)
TODO: check
CVE-2010-3655 (Stack-based buffer overflow in dirapi.dll in Adobe Shockwave Player ...)
TODO: check
@@ -93105,12 +93109,12 @@ CVE-2010-3700 (VMware SpringSource Spring Security 2.x before 2.0.6 and 3.x befo
TODO: check
CVE-2010-3701 (lib/MessageStoreImpl.cpp in Red Hat Enterprise MRG before 1.2.2 allows ...)
TODO: check
-CVE-2010-3702
- RESERVED
-CVE-2010-3703
- RESERVED
-CVE-2010-3704
- RESERVED
+CVE-2010-3702 (The Gfx::getPos function in the PDF parser in xpdf before 3.02pl5, ...)
+ TODO: check
+CVE-2010-3703 (The PostScriptFunction::PostScriptFunction function in ...)
+ TODO: check
+CVE-2010-3704 (The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser ...)
+ TODO: check
CVE-2010-3705
RESERVED
CVE-2010-3706 (plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and ...)
@@ -93229,8 +93233,8 @@ CVE-2010-3762 (ISC BIND before 9.7.2-P2, when DNSSEC validation is enabled, does
TODO: check
CVE-2010-3763 (Cross-site scripting (XSS) vulnerability in core/summary_api.php in ...)
TODO: check
-CVE-2010-3764
- RESERVED
+CVE-2010-3764 (The Old Charts implementation in Bugzilla 2.12 through 3.2.8, 3.4.8, ...)
+ TODO: check
CVE-2010-3765 (Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, when ...)
TODO: check
CVE-2010-3766
@@ -93393,8 +93397,8 @@ CVE-2010-3844
RESERVED
CVE-2010-3845
RESERVED
-CVE-2010-3846
- RESERVED
+CVE-2010-3846 (Array index error in the apply_rcs_change function in rcs.c in CVS ...)
+ TODO: check
CVE-2010-3847
RESERVED
CVE-2010-3848
@@ -93405,8 +93409,8 @@ CVE-2010-3850
RESERVED
CVE-2010-3851 (libguestfs before 1.5.23, as used in virt-v2v, virt-inspector 1.5.3 ...)
TODO: check
-CVE-2010-3852
- RESERVED
+CVE-2010-3852 (The default configuration of Luci 0.22.4 and earlier in Red Hat Conga ...)
+ TODO: check
CVE-2010-3853
RESERVED
CVE-2010-3854
@@ -93427,14 +93431,14 @@ CVE-2010-3861
RESERVED
CVE-2010-3862
RESERVED
-CVE-2010-3863
- RESERVED
+CVE-2010-3863 (Apache Shiro before 1.1.0, and JSecurity 0.9.x, does not canonicalize ...)
+ TODO: check
CVE-2010-3864
RESERVED
CVE-2010-3865
RESERVED
CVE-2010-3866
- RESERVED
+ REJECTED
CVE-2010-3867
RESERVED
CVE-2010-3868
@@ -93528,14 +93532,14 @@ CVE-2010-3911
RESERVED
CVE-2010-3912
RESERVED
-CVE-2010-3913
- RESERVED
+CVE-2010-3913 (CRLF injection vulnerability in TransWARE Active! mail 6 build ...)
+ TODO: check
CVE-2010-3914 (Untrusted search path vulnerability in VIM Development Group GVim ...)
TODO: check
-CVE-2010-3915
- RESERVED
-CVE-2010-3916
- RESERVED
+CVE-2010-3915 (Unspecified vulnerability in JustSystems Ichitaro and Ichitaro ...)
+ TODO: check
+CVE-2010-3916 (Unspecified vulnerability in JustSystems Ichitaro and Ichitaro ...)
+ TODO: check
CVE-2010-3917
RESERVED
CVE-2010-3918
@@ -93626,8 +93630,8 @@ CVE-2010-3960
RESERVED
CVE-2010-3961
RESERVED
-CVE-2010-3962
- RESERVED
+CVE-2010-3962 (Use-after-free vulnerability in Microsoft Internet Explorer 6, 7, and ...)
+ TODO: check
CVE-2010-3963
RESERVED
CVE-2010-3964
@@ -93654,7 +93658,7 @@ CVE-2010-3974
RESERVED
CVE-2010-3975 (Untrusted search path vulnerability in Adobe Flash Player 9 allows ...)
TODO: check
-CVE-2010-3976 (Untrusted search path vulnerability in Adobe Flash Player 10.1.82.76, ...)
+CVE-2010-3976 (Untrusted search path vulnerability in Adobe Flash Player before ...)
TODO: check
CVE-2010-3977 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
TODO: check
@@ -93694,26 +93698,26 @@ CVE-2010-3994 (Cross-site scripting (XSS) vulnerability in HP Version Control ..
TODO: check
CVE-2010-3995
RESERVED
-CVE-2010-3996
- RESERVED
+CVE-2010-3996 (festival_server in Centre for Speech Technology Research (CSTR) ...)
+ TODO: check
CVE-2010-3997
RESERVED
-CVE-2010-3998
- RESERVED
-CVE-2010-3999
- RESERVED
-CVE-2010-4000
- RESERVED
-CVE-2010-4001
- RESERVED
+CVE-2010-3998 (The (1) banshee-1 and (2) muinshee scripts in Banshee 1.8.0 and ...)
+ TODO: check
+CVE-2010-3999 (gnc-test-env in GnuCash 2.3.15 and earlier places a zero-length ...)
+ TODO: check
+CVE-2010-4000 (gnome-shell in GNOME Shell 2.31.5 places a zero-length directory name ...)
+ TODO: check
+CVE-2010-4001 (** DISPUTED ** GMXRC.bash in Gromacs 4.5.1 and earlier places a ...)
+ TODO: check
CVE-2010-4002
RESERVED
CVE-2010-4003
RESERVED
CVE-2010-4004
RESERVED
-CVE-2010-4005
- RESERVED
+CVE-2010-4005 (The (1) tomboy and (2) tomboy-panel scripts in GNOME Tomboy 1.5.2 and ...)
+ TODO: check
CVE-2010-4006 (Multiple SQL injection vulnerabilities in search.php in WSN Links ...)
TODO: check
CVE-2010-4007 (Oracle Mojarra uses an encrypted View State without a Message ...)
@@ -93884,10 +93888,10 @@ CVE-2010-4089 (IML32.dll in Adobe Shockwave Player before 11.5.9.615 allows atta
TODO: check
CVE-2010-4090 (Adobe Shockwave Player before 11.5.9.615 allows attackers to execute ...)
TODO: check
-CVE-2010-4091
- RESERVED
-CVE-2010-4092
- RESERVED
+CVE-2010-4091 (The EScript.api plugin in Adobe Acrobat Reader 9.4.0, 8.1.7, and ...)
+ TODO: check
+CVE-2010-4092 (Use-after-free vulnerability in an unspecified compatibility component ...)
+ TODO: check
CVE-2010-4093
RESERVED
CVE-2010-4094 (The Tomcat server in IBM Rational Quality Manager and Rational Test ...)
@@ -94068,3 +94072,59 @@ CVE-2010-4181 (Directory traversal vulnerability in Yaws 1.89 allows remote atta
TODO: check
CVE-2010-4182 (Untrusted search path vulnerability in the Data Access Objects (DAO) ...)
TODO: check
+CVE-2010-4183 (Multiple cross-site scripting (XSS) vulnerabilities in HTML Purifier ...)
+ TODO: check
+CVE-2010-4184 (NetSupport Manager (NSM) before 11.00.0005 sends HTTP headers with ...)
+ TODO: check
+CVE-2010-4185 (SQL injection vulnerability in index.php in Energine, possibly 2.3.8 ...)
+ TODO: check
+CVE-2010-4186 (SQL injection vulnerability in process.asp in OnlineTechTools Online ...)
+ TODO: check
+CVE-2010-4187
+ RESERVED
+CVE-2010-4188
+ RESERVED
+CVE-2010-4189
+ RESERVED
+CVE-2010-4190
+ RESERVED
+CVE-2010-4191
+ RESERVED
+CVE-2010-4192
+ RESERVED
+CVE-2010-4193
+ RESERVED
+CVE-2010-4194
+ RESERVED
+CVE-2010-4195
+ RESERVED
+CVE-2010-4196
+ RESERVED
+CVE-2010-4197 (Use-after-free vulnerability in Google Chrome before 7.0.517.44 allows ...)
+ TODO: check
+CVE-2010-4198 (Google Chrome before 7.0.517.44 does not properly handle large text ...)
+ TODO: check
+CVE-2010-4199 (Google Chrome before 7.0.517.44 does not properly perform a cast of an ...)
+ TODO: check
+CVE-2010-4200 (Google Chrome before 7.0.517.44 reads from invalid memory locations ...)
+ TODO: check
+CVE-2010-4201 (Use-after-free vulnerability in Google Chrome before 7.0.517.44 allows ...)
+ TODO: check
+CVE-2010-4202 (Multiple integer overflows in Google Chrome before 7.0.517.44 on Linux ...)
+ TODO: check
+CVE-2010-4203 (WebM libvpx (aka the VP8 Codec SDK), as used in Google Chrome before ...)
+ TODO: check
+CVE-2010-4204 (Google Chrome before 7.0.517.44 accesses a frame object after this ...)
+ TODO: check
+CVE-2010-4205 (Google Chrome before 7.0.517.44 does not properly handle the data ...)
+ TODO: check
+CVE-2010-4206 (Google Chrome before 7.0.517.44 accesses memory at an out-of-bounds ...)
+ TODO: check
+CVE-2010-4207 (Cross-site scripting (XSS) vulnerability in the Flash component ...)
+ TODO: check
+CVE-2010-4208 (Cross-site scripting (XSS) vulnerability in the Flash component ...)
+ TODO: check
+CVE-2010-4209 (Cross-site scripting (XSS) vulnerability in the Flash component ...)
+ TODO: check
+CVE-2010-4210
+ RESERVED