aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorcvebot <cvebot@localhost>2010-11-10 17:15:26 +0000
committercvebot <cvebot@localhost>2010-11-10 17:15:26 +0000
commit5383385394efb4061fce416969e2c461f64395a0 (patch)
tree8158968ea4e7515d8ee734d8728546024daeffb9
parentMITRE sync (diff)
downloadsecurity-5383385394efb4061fce416969e2c461f64395a0.tar.gz
security-5383385394efb4061fce416969e2c461f64395a0.tar.bz2
security-5383385394efb4061fce416969e2c461f64395a0.zip
MITRE sync
svn path=/; revision=2201
-rw-r--r--data/CVE/list128
1 files changed, 72 insertions, 56 deletions
diff --git a/data/CVE/list b/data/CVE/list
index 837df92..f7507a9 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -75584,6 +75584,8 @@ CVE-2008-7263 (ftpserver.py in pyftpdlib before 0.5.0 does not delay its respons
NOT-FOR-US: g rodola pyftpdlib
CVE-2008-7264 (The ftp_QUIT function in ftpserver.py in pyftpdlib before 0.5.0 allows ...)
NOT-FOR-US: g rodola pyftpdlib
+CVE-2008-7265 (The pr_data_xfer function in ProFTPD before 1.3.2rc3 allows remote ...)
+ TODO: check
CVE-2009-0001 (Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote ...)
NOT-FOR-US: apple quicktime
CVE-2009-0002 (Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote ...)
@@ -87257,14 +87259,14 @@ CVE-2010-0781 (Unspecified vulnerability in the administrative console in IBM ..
NOT-FOR-US: ibm websphere_application_server
CVE-2010-0782 (IBM WebSphere MQ 6.x before 6.0.2.10 and 7.x before 7.0.1.3 allows ...)
TODO: check
-CVE-2010-0783
- RESERVED
-CVE-2010-0784
- RESERVED
-CVE-2010-0785
- RESERVED
-CVE-2010-0786
- RESERVED
+CVE-2010-0783 (Cross-site scripting (XSS) vulnerability in the Administrative Console ...)
+ TODO: check
+CVE-2010-0784 (Cross-site scripting (XSS) vulnerability in the Administrative Console ...)
+ TODO: check
+CVE-2010-0785 (Cross-site request forgery (CSRF) vulnerability in the Administrative ...)
+ TODO: check
+CVE-2010-0786 (The Web Services Security component in IBM WebSphere Application ...)
+ TODO: check
CVE-2010-0787 (client/mount.cifs.c in mount.cifs in smbfs in Samba 3.0.22, 3.0.28a, ...)
BUG: 308067
CVE-2010-0788 (ncpfs 2.2.6 allows local users to cause a denial of service, obtain ...)
@@ -90843,10 +90845,10 @@ CVE-2010-2570
RESERVED
CVE-2010-2571
RESERVED
-CVE-2010-2572
- RESERVED
-CVE-2010-2573
- RESERVED
+CVE-2010-2572 (Buffer overflow in Microsoft PowerPoint 2002 SP3 and 2003 SP3 allows ...)
+ TODO: check
+CVE-2010-2573 (Integer underflow in Microsoft PowerPoint 2002 SP3 and 2003 SP3, ...)
+ TODO: check
CVE-2010-2574 (Cross-site scripting (XSS) vulnerability in manage_proj_cat_add.php in ...)
BUG: 335850
CVE-2010-2575 (Heap-based buffer overflow in the RLE decompression functionality in ...)
@@ -90969,10 +90971,10 @@ CVE-2010-2633 (Unspecified vulnerability in EMC Disk Library (EDL) before 3.2.7,
NOT-FOR-US: emc disk_library
CVE-2010-2634 (RSA enVision before 3.7 SP1 allows remote authenticated users to cause ...)
NOT-FOR-US: rsa envision
-CVE-2010-2635
- RESERVED
-CVE-2010-2636
- RESERVED
+CVE-2010-2635 (SQL injection vulnerability in IBM WebSphere Commerce 6.0 before ...)
+ TODO: check
+CVE-2010-2636 (Multiple cross-site scripting (XSS) vulnerabilities in sample store ...)
+ TODO: check
CVE-2010-2637
RESERVED
CVE-2010-2638
@@ -91163,12 +91165,12 @@ CVE-2010-2730 (Buffer overflow in Microsoft Internet Information Services (IIS)
NOT-FOR-US: microsoft iis
CVE-2010-2731 (Unspecified vulnerability in Microsoft Internet Information Services ...)
NOT-FOR-US: microsoft iis
-CVE-2010-2732
- RESERVED
-CVE-2010-2733
- RESERVED
-CVE-2010-2734
- RESERVED
+CVE-2010-2732 (Open redirect vulnerability in the web interface in Microsoft ...)
+ TODO: check
+CVE-2010-2733 (Cross-site scripting (XSS) vulnerability in the Web Monitor in ...)
+ TODO: check
+CVE-2010-2734 (Cross-site scripting (XSS) vulnerability in the mobile portal in ...)
+ TODO: check
CVE-2010-2735
RESERVED
CVE-2010-2736
@@ -91779,10 +91781,10 @@ CVE-2010-3037
RESERVED
CVE-2010-3038
RESERVED
-CVE-2010-3039
- RESERVED
-CVE-2010-3040
- RESERVED
+CVE-2010-3039 (/usr/local/cm/bin/pktCap_protectData in Cisco Unified Communications ...)
+ TODO: check
+CVE-2010-3040 (Multiple stack-based buffer overflows in agent.exe in Setup Manager in ...)
+ TODO: check
CVE-2010-3041
RESERVED
CVE-2010-3042
@@ -91855,8 +91857,8 @@ CVE-2010-3075 (EncFS before 1.7.0 encrypts multiple blocks by means of the CFB c
TODO: check
CVE-2010-3076 (The filter function in php/src/include.php in Simple Management for ...)
TODO: check
-CVE-2010-3077
- RESERVED
+CVE-2010-3077 (Cross-site scripting (XSS) vulnerability in util/icon_browser.php in ...)
+ TODO: check
CVE-2010-3078 (The xfs_ioc_fsgetxattr function in fs/xfs/linux-2.6/xfs_ioctl.c in the ...)
TODO: check
CVE-2010-3079 (kernel/trace/ftrace.c in the Linux kernel before 2.6.35.5, when ...)
@@ -91983,7 +91985,7 @@ CVE-2010-3139 (Untrusted search path vulnerability in Microsoft Windows Progman
NOT-FOR-US: microsoft windows
CVE-2010-3140 (Untrusted search path vulnerability in Microsoft Windows Internet ...)
NOT-FOR-US: microsoft windows_xp
-CVE-2010-3141 (Untrusted search path vulnerability in Microsoft Power Point 2010 ...)
+CVE-2010-3141 (Untrusted search path vulnerability in Microsoft PowerPoint 2010 ...)
NOT-FOR-US: microsoft powerpoint
CVE-2010-3142 (Untrusted search path vulnerability in Microsoft Office PowerPoint ...)
NOT-FOR-US: microsoft powerpoint
@@ -92368,16 +92370,16 @@ CVE-2010-3331 (Microsoft Internet Explorer 6 through 8 does not properly handle
TODO: check
CVE-2010-3332 (Microsoft .NET Framework 1.1 SP1, 2.0 SP1 and SP2, 3.5, 3.5 SP1, ...)
NOT-FOR-US: microsoft net_framework
-CVE-2010-3333
- RESERVED
-CVE-2010-3334
- RESERVED
-CVE-2010-3335
- RESERVED
-CVE-2010-3336
- RESERVED
-CVE-2010-3337
- RESERVED
+CVE-2010-3333 (Stack-based buffer overflow in Microsoft Office XP SP3, Office 2003 ...)
+ TODO: check
+CVE-2010-3334 (Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office ...)
+ TODO: check
+CVE-2010-3335 (Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office ...)
+ TODO: check
+CVE-2010-3336 (Microsoft Office XP SP3, Office 2004 and 2008 for Mac, Office for Mac ...)
+ TODO: check
+CVE-2010-3337 (Untrusted search path vulnerability in Microsoft Office 2007 SP2 and ...)
+ TODO: check
CVE-2010-3338
RESERVED
CVE-2010-3339
@@ -92971,12 +92973,12 @@ CVE-2010-3631 (Array index error in Adobe Reader and Acrobat 8.x before 8.2.5 an
TODO: check
CVE-2010-3632 (Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on ...)
TODO: check
-CVE-2010-3633
- RESERVED
-CVE-2010-3634
- RESERVED
-CVE-2010-3635
- RESERVED
+CVE-2010-3633 (Memory leak in Adobe Flash Media Server (FMS) 3.0.x before 3.0.7, ...)
+ TODO: check
+CVE-2010-3634 (Unspecified vulnerability in the edge process in Adobe Flash Media ...)
+ TODO: check
+CVE-2010-3635 (Adobe Flash Media Server (FMS) 3.0.x before 3.0.7, 3.5.x before 3.5.5, ...)
+ TODO: check
CVE-2010-3636 (Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on ...)
TODO: check
CVE-2010-3637 (An unspecified ActiveX control in Adobe Flash Player before 9.0.289.0 ...)
@@ -93093,8 +93095,8 @@ CVE-2010-3692 (Directory traversal vulnerability in the callback function in ...
NOT-FOR-US: jasig phpcas
CVE-2010-3693
RESERVED
-CVE-2010-3694
- RESERVED
+CVE-2010-3694 (Cross-site request forgery (CSRF) vulnerability in the Horde ...)
+ TODO: check
CVE-2010-3695
RESERVED
CVE-2010-3696 (The fr_dhcp_decode function in lib/dhcp.c in FreeRADIUS 2.1.9, in ...)
@@ -93235,7 +93237,7 @@ CVE-2010-3763 (Cross-site scripting (XSS) vulnerability in core/summary_api.php
TODO: check
CVE-2010-3764 (The Old Charts implementation in Bugzilla 2.12 through 3.2.8, 3.4.8, ...)
TODO: check
-CVE-2010-3765 (Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, when ...)
+CVE-2010-3765 (Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, ...)
TODO: check
CVE-2010-3766
RESERVED
@@ -93439,16 +93441,16 @@ CVE-2010-3865
RESERVED
CVE-2010-3866
REJECTED
-CVE-2010-3867
- RESERVED
+CVE-2010-3867 (Multiple directory traversal vulnerabilities in the mod_site_misc ...)
+ TODO: check
CVE-2010-3868
RESERVED
CVE-2010-3869
RESERVED
CVE-2010-3870
RESERVED
-CVE-2010-3871
- RESERVED
+CVE-2010-3871 (Cross-site scripting (XSS) vulnerability in ...)
+ TODO: check
CVE-2010-3872
RESERVED
CVE-2010-3873
@@ -93578,8 +93580,8 @@ CVE-2010-3934 (The browser in Research In Motion (RIM) BlackBerry Device Softwar
TODO: check
CVE-2010-3935
RESERVED
-CVE-2010-3936
- RESERVED
+CVE-2010-3936 (Cross-site scripting (XSS) vulnerability in Signurl.asp in Microsoft ...)
+ TODO: check
CVE-2010-3937
RESERVED
CVE-2010-3938
@@ -94018,8 +94020,8 @@ CVE-2010-4154 (Directory traversal vulnerability in Rhino Software, Inc. FTP Voy
TODO: check
CVE-2010-4155 (Multiple cross-site scripting (XSS) vulnerabilities in eXV2 CMS 2.10 ...)
TODO: check
-CVE-2010-4156
- RESERVED
+CVE-2010-4156 (The mb_strcut function in Libmbfl 1.1.0, as used in PHP 5.3.x through ...)
+ TODO: check
CVE-2010-4157
RESERVED
CVE-2010-4158
@@ -94136,3 +94138,17 @@ CVE-2010-4213 (The Bank of America application 2.12 for Android stores a securit
TODO: check
CVE-2010-4214 (The Wells Fargo Mobile application 1.1 for Android stores a username ...)
TODO: check
+CVE-2010-4215
+ RESERVED
+CVE-2010-4216 (IBM Tivoli Directory Server (TDS) 6.0.0.x before ...)
+ TODO: check
+CVE-2010-4217 (Use-after-free vulnerability in the proxy server in IBM Tivoli ...)
+ TODO: check
+CVE-2010-4218 (Unspecified vulnerability in Web Services in IBM ENOVIA 6 has unknown ...)
+ TODO: check
+CVE-2010-4219 (Cross-site scripting (XSS) vulnerability in SemanticTagService.js in ...)
+ TODO: check
+CVE-2010-4220 (Cross-site scripting (XSS) vulnerability in the Integrated Solution ...)
+ TODO: check
+CVE-2010-4221 (Multiple stack-based buffer overflows in the pr_netio_telnet_gets ...)
+ TODO: check