* [gentoo-commits] proj/security:master commit in: data/CVE/
@ 2014-08-04 23:45 Pavlos Ratis
0 siblings, 0 replies; 20+ messages in thread
From: Pavlos Ratis @ 2014-08-04 23:45 UTC (permalink / raw
To: gentoo-commits
commit: 8003f5feea42653e0ae931ab4a2570c8d83fd21d
Author: Stefan Behte <craig <AT> gentoo <DOT> org>
AuthorDate: Fri Jan 21 11:17:36 2011 +0000
Commit: Pavlos Ratis <dastergon <AT> gentoo <DOT> org>
CommitDate: Fri Jan 21 11:17:36 2011 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/security.git;a=commit;h=8003f5fe
nfu, bug nrs
svn path=/; revision=2220
---
data/CVE/list | 587 +++++++++++++++++++++++++++++-----------------------------
1 file changed, 294 insertions(+), 293 deletions(-)
diff --git a/data/CVE/list b/data/CVE/list
index ffe43d8..28ea497 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -89394,11 +89394,11 @@ CVE-2010-1801 (Heap-based buffer overflow in CoreGraphics in Apple Mac OS X 10.5
CVE-2010-1802 (libsecurity in Apple Mac OS X 10.5.8 and 10.6.4 does not properly ...)
NOT-FOR-US: apple mac_os_x_server
CVE-2010-1803 (Time Machine in Apple Mac OS X 10.6.x before 10.6.5 does not verify ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-1804 (Unspecified vulnerability in the network bridge functionality on the ...)
- TODO: check
+ NOT-FOR-US: apple time_capsule
CVE-2010-1805 (Untrusted search path vulnerability in Apple Safari 4.x before 4.1.2 ...)
- TODO: check
+ NOT-FOR-US: apple safari
CVE-2010-1806 (Use-after-free vulnerability in Apple Safari 4.x before 4.1.2 and 5.x ...)
TODO: check
CVE-2010-1807 (WebKit in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2, and ...)
@@ -89406,11 +89406,11 @@ CVE-2010-1807 (WebKit in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2, and
CVE-2010-1808 (Stack-based buffer overflow in Apple Type Services (ATS) in Apple Mac ...)
NOT-FOR-US: apple mac_os_x_server
CVE-2010-1809 (The Accessibility component in Apple iOS before 4.1 on the iPhone and ...)
- TODO: check
+ NOT-FOR-US: apple iphone_os
CVE-2010-1810 (FaceTime in Apple iOS before 4.1 on the iPhone and iPod touch does not ...)
- TODO: check
+ NOT-FOR-US: apple iphone_os
CVE-2010-1811 (ImageIO in Apple iOS before 4.1 on the iPhone and iPod touch allows ...)
- TODO: check
+ NOT-FOR-US: apple iphone_os
CVE-2010-1812 (Use-after-free vulnerability in WebKit in Apple iOS before 4.1 on the ...)
TODO: check
CVE-2010-1813 (WebKit in Apple iOS before 4.1 on the iPhone and iPod touch allows ...)
@@ -89422,7 +89422,7 @@ CVE-2010-1815 (Use-after-free vulnerability in WebKit in Apple iOS before 4.1 on
CVE-2010-1816
RESERVED
CVE-2010-1817 (Buffer overflow in ImageIO in Apple iOS before 4.1 on the iPhone and ...)
- TODO: check
+ NOT-FOR-US: apple iphone_os
CVE-2010-1818 (The IPersistPropertyBag2::Read function in QTPlugin.ocx in Apple ...)
NOT-FOR-US: apple quicktime
CVE-2010-1819
@@ -90930,7 +90930,7 @@ CVE-2010-2567 (The RPC client implementation in Microsoft Windows XP SP2 and SP3
CVE-2010-2568 (Windows Shell in Microsoft Windows XP SP3, Server 2003 SP2, Vista SP1 ...)
NOT-FOR-US: microsoft windows_xp
CVE-2010-2569 (pubconv.dll (aka the Publisher Converter DLL) in Microsoft Publisher ...)
- TODO: check
+ NOT-FOR-US: microsoft publisher
CVE-2010-2570 (Heap-based buffer overflow in pubconv.dll (aka the Publisher Converter ...)
NOT-FOR-US: microsoft publisher
CVE-2010-2571 (Array index error in pubconv.dll (aka the Publisher Converter DLL) in ...)
@@ -91276,9 +91276,9 @@ CVE-2010-2740 (The OpenType Font (OTF) format driver in Microsoft Windows XP SP2
CVE-2010-2741 (The OpenType Font (OTF) format driver in Microsoft Windows XP SP2 and ...)
NOT-FOR-US: microsoft windows_xp
CVE-2010-2742 (The Netlogon RPC Service in Microsoft Windows Server 2003 SP2 and ...)
- TODO: check
-CVE-2010-2743
- RESERVED
+ NOT-FOR-US: microsoft windows_server_2008
+CVE-2010-2743 (The kernel-mode drivers in Microsoft Windows XP SP3 do not properly ...)
+ NOT-FOR-US: wild in July
CVE-2010-2744 (The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows ...)
NOT-FOR-US: microsoft windows_xp
CVE-2010-2745 (Microsoft Windows Media Player (WMP) 9 through 12 does not properly ...)
@@ -91787,11 +91787,11 @@ CVE-2010-2995 (The SigComp Universal Decompressor Virtual Machine (UDVM) in Wire
CVE-2010-2996 (Array index error in RealNetworks RealPlayer 11.0 through 11.1 on ...)
NOT-FOR-US: realnetworks realplayer
CVE-2010-2997 (Use-after-free vulnerability in RealNetworks RealPlayer 11.0 through ...)
- TODO: check
+ NOT-FOR-US: realnetworks realplayer_sp
CVE-2010-2998 (Array index error in RealNetworks RealPlayer 11.0 through 11.1 and ...)
NOT-FOR-US: realnetworks realplayer_sp
CVE-2010-2999 (Integer overflow in RealNetworks RealPlayer 11.0 through 11.1, ...)
- TODO: check
+ NOT-FOR-US: realnetworks realplayer_sp
CVE-2010-3000 (Multiple integer overflows in the ParseKnownType function in ...)
NOT-FOR-US: realnetworks realplayer_sp
CVE-2010-3001 (Unspecified vulnerability in an ActiveX control in the Internet ...)
@@ -91866,7 +91866,7 @@ CVE-2010-3034 (Cisco Wireless LAN Controller (WLC) software, possibly 6.0.x or .
CVE-2010-3035 (Cisco IOS XR 3.4.0 through 3.9.1, when BGP is enabled, does not ...)
NOT-FOR-US: cisco ios_xr
CVE-2010-3036 (Multiple buffer overflows in the authentication functionality in the ...)
- TODO: check
+ NOT-FOR-US: cisco unified_service_monitor
CVE-2010-3037 (goform/websXMLAdminRequestCgi.cgi in Cisco Unified Videoconferencing ...)
NOT-FOR-US: cisco unified_videoconferencing_system_5230
CVE-2010-3038 (Cisco Unified Videoconferencing (UVC) System 5110 and 5115, when the ...)
@@ -91946,7 +91946,7 @@ CVE-2010-3074 (SSL_Cipher.cpp in EncFS before 1.7.0 uses an improper combination
CVE-2010-3075 (EncFS before 1.7.0 encrypts multiple blocks by means of the CFB cipher ...)
TODO: check
CVE-2010-3076 (The filter function in php/src/include.php in Simple Management for ...)
- TODO: check
+ NOT-FOR-US: blentz smbind
CVE-2010-3077 (Cross-site scripting (XSS) vulnerability in util/icon_browser.php in ...)
TODO: check
CVE-2010-3078 (The xfs_ioc_fsgetxattr function in fs/xfs/linux-2.6/xfs_ioctl.c in the ...)
@@ -92196,7 +92196,7 @@ CVE-2010-3199 (Untrusted search path vulnerability in TortoiseSVN 1.6.10, Build
CVE-2010-3200 (MSO.dll in Microsoft Word 2003 SP3 11.8326.11.8324 allows remote ...)
NOT-FOR-US: microsoft word
CVE-2010-3201 (Cross-site scripting (XSS) vulnerability in NetWin Surgemail before ...)
- TODO: check
+ NOT-FOR-US: netwin surgemail
CVE-2010-3202 (Cross-site scripting (XSS) vulnerability in Flock Browser 3.0.0.3989 ...)
NOT-FOR-US: flock
CVE-2010-3203 (Directory traversal vulnerability in the PicSell (com_picsell) ...)
@@ -92471,27 +92471,27 @@ CVE-2010-3336 (Microsoft Office XP SP3, Office 2004 and 2008 for Mac, Office for
CVE-2010-3337 (Untrusted search path vulnerability in Microsoft Office 2007 SP2 and ...)
NOT-FOR-US: microsoft office
CVE-2010-3338 (The Windows Task Scheduler in Microsoft Windows Vista SP1 and SP2, ...)
- TODO: check
+ NOT-FOR-US: microsoft windows_vista
CVE-2010-3339
RESERVED
CVE-2010-3340 (Microsoft Internet Explorer 6 and 7 does not properly handle objects ...)
- TODO: check
+ NOT-FOR-US: microsoft ie
CVE-2010-3341
RESERVED
CVE-2010-3342 (Microsoft Internet Explorer 6, 7, and 8 does not prevent rendering of ...)
- TODO: check
+ NOT-FOR-US: microsoft ie
CVE-2010-3343 (Microsoft Internet Explorer 6 does not properly handle objects in ...)
- TODO: check
+ NOT-FOR-US: microsoft ie
CVE-2010-3344
RESERVED
CVE-2010-3345 (Microsoft Internet Explorer 8 does not properly handle objects in ...)
- TODO: check
+ NOT-FOR-US: microsoft ie
CVE-2010-3346 (Microsoft Internet Explorer 6, 7, and 8 does not properly handle ...)
- TODO: check
+ NOT-FOR-US: microsoft ie
CVE-2010-3347
RESERVED
CVE-2010-3348 (Microsoft Internet Explorer 6, 7, and 8 does not prevent rendering of ...)
- TODO: check
+ NOT-FOR-US: microsoft ie
CVE-2010-3349 (Ardour 2.8.11 places a zero-length directory name in the ...)
TODO: check
CVE-2010-3350 (bareFTP 0.3.4 places a zero-length directory name in the ...)
@@ -92503,7 +92503,7 @@ CVE-2010-3352
CVE-2010-3353 (Cowbell 0.2.7.1 places a zero-length directory name in the ...)
TODO: check
CVE-2010-3354 (dropboxd in Dropbox 0.7.110 places a zero-length directory name in the ...)
- TODO: check
+ NOT-FOR-US: dropbox
CVE-2010-3355 (Ember 0.5.7 places a zero-length directory name in the ...)
NOT-FOR-US: ember
CVE-2010-3356
@@ -92686,7 +92686,7 @@ CVE-2010-3442 (Multiple integer overflows in the snd_ctl_new function in ...)
CVE-2010-3443
RESERVED
CVE-2010-3444 (Buffer overflow in the log2vis_utf8 function in pyfribidi.c in GNU ...)
- TODO: check
+ NOT-FOR-US: kobi_zamir pyfribidi
CVE-2010-3445 (Stack consumption vulnerability in the dissect_ber_unknown function in ...)
TODO: check
CVE-2010-3446
@@ -92786,7 +92786,7 @@ CVE-2010-3492 (The asyncore module in Python before 3.2 does not properly handle
CVE-2010-3493 (Multiple race conditions in smtpd.py in the smtpd module in Python ...)
TODO: check
CVE-2010-3494 (Race condition in the FTPHandler class in ftpserver.py in pyftpdlib ...)
- TODO: check
+ NOT-FOR-US: g rodola pyftpdlib
CVE-2010-3495 (Race condition in ZEO/StorageServer.py in Zope Object Database (ZODB) ...)
TODO: check
CVE-2010-3496
@@ -92808,7 +92808,7 @@ CVE-2010-3503 (Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris al
CVE-2010-3504 (Unspecified vulnerability in the Oracle Applications Technology Stack ...)
NOT-FOR-US: oracle e business_suite
CVE-2010-3505 (Unspecified vulnerability in the Agile Core component in Oracle Supply ...)
- TODO: check
+ NOT-FOR-US: oracle supply_chain_products_suite
CVE-2010-3506 (Unspecified vulnerability in the Oracle Explorer (Sun Explorer) ...)
NOT-FOR-US: oracle sun_products_suite
CVE-2010-3507 (Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows local ...)
@@ -92818,7 +92818,7 @@ CVE-2010-3508 (Unspecified vulnerability in Oracle Solaris 10 allows local users
CVE-2010-3509 (Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows remote ...)
NOT-FOR-US: oracle solaris
CVE-2010-3510 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
- TODO: check
+ NOT-FOR-US: oracle fusion_middleware
CVE-2010-3511 (Unspecified vulnerability in Oracle OpenSolaris allows local users to ...)
NOT-FOR-US: oracle opensolaris
CVE-2010-3512 (Unspecified vulnerability in the Oracle iPlanet Web Server (Sun Java ...)
@@ -92972,33 +92972,33 @@ CVE-2010-3585 (Unspecified vulnerability in the OracleVM component in Oracle VM
CVE-2010-3586 (Unspecified vulnerability in Oracle Solaris 9 allows local users to ...)
TODO: check
CVE-2010-3587 (Unspecified vulnerability in the Oracle Common Applications component ...)
- TODO: check
+ NOT-FOR-US: oracle e business_suite
CVE-2010-3588 (Unspecified vulnerability in the Oracle Discoverer component in Oracle ...)
- TODO: check
+ NOT-FOR-US: oracle fusion_middleware
CVE-2010-3589 (Unspecified vulnerability in the Oracle Application Object Library ...)
- TODO: check
+ NOT-FOR-US: oracle e business_suite
CVE-2010-3590 (Unspecified vulnerability in the Oracle Spatial component in Oracle ...)
- TODO: check
+ NOT-FOR-US: oracle database_server
CVE-2010-3591 (Unspecified vulnerability in the Oracle Document Capture component in ...)
- TODO: check
+ NOT-FOR-US: oracle fusion_middleware
CVE-2010-3592 (Unspecified vulnerability in the Oracle Document Capture component in ...)
- TODO: check
+ NOT-FOR-US: oracle fusion_middleware
CVE-2010-3593 (Unspecified vulnerability in the Health Sciences - Oracle Argus Safety ...)
- TODO: check
+ NOT-FOR-US: oracle industry_applications
CVE-2010-3594 (Unspecified vulnerability in the Real User Experience Insight ...)
- TODO: check
+ NOT-FOR-US: oracle enterprise_manager_grid_control
CVE-2010-3595 (Unspecified vulnerability in the Oracle Document Capture component in ...)
- TODO: check
+ NOT-FOR-US: oracle fusion_middleware
CVE-2010-3596 (Unspecified vulnerability in the mod_ssl component in Oracle Secure ...)
- TODO: check
+ NOT-FOR-US: oracle secure_backup
CVE-2010-3597 (Unspecified vulnerability in the Oracle Outside In Technology ...)
- TODO: check
+ NOT-FOR-US: oracle fusion_middleware
CVE-2010-3598 (Unspecified vulnerability in the Oracle Document Capture component in ...)
- TODO: check
+ NOT-FOR-US: oracle fusion_middleware
CVE-2010-3599 (Unspecified vulnerability in the Oracle Document Capture component in ...)
- TODO: check
+ NOT-FOR-US: oracle fusion_middleware
CVE-2010-3600 (Unspecified vulnerability in the Client System Analyzer component in ...)
- TODO: check
+ NOT-FOR-US: oracle enterprise_manager_grid_control
CVE-2010-3601 (SQL injection vulnerability in index.php in ibPhotohost 1.1.2 allows ...)
NOT-FOR-US: invisionpower ibphotohost
CVE-2010-3602 (Cross-site scripting (XSS) vulnerability in ProfileView.aspx in ...)
@@ -93104,7 +93104,7 @@ CVE-2010-3651
CVE-2010-3652 (Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and ...)
TODO: check
CVE-2010-3653 (The Director module (dirapi.dll) in Adobe Shockwave Player before ...)
- TODO: check
+ NOT-FOR-US: adobe shockwave_player
CVE-2010-3654 (Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on ...)
TODO: check
CVE-2010-3655 (Stack-based buffer overflow in dirapi.dll in Adobe Shockwave Player ...)
@@ -93452,17 +93452,17 @@ CVE-2010-3825
CVE-2010-3826 (WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and ...)
TODO: check
CVE-2010-3827 (Apple iOS before 4.2 does not properly validate signatures before ...)
- TODO: check
+ NOT-FOR-US: apple iphone_os
CVE-2010-3828 (iAd Content Display in Apple iOS before 4.2 allows man-in-the-middle ...)
- TODO: check
+ NOT-FOR-US: apple iphone_os
CVE-2010-3829 (WebKit in Apple iOS before 4.2 allows remote attackers to bypass the ...)
TODO: check
CVE-2010-3830 (Networking in Apple iOS before 4.2 accesses an invalid pointer during ...)
- TODO: check
+ NOT-FOR-US: apple iphone_os
CVE-2010-3831 (Photos in Apple iOS before 4.2 enables support for HTTP Basic ...)
- TODO: check
+ NOT-FOR-US: apple iphone_os
CVE-2010-3832 (Heap-based buffer overflow in the GSM mobility management ...)
- TODO: check
+ NOT-FOR-US: apple iphone_os
CVE-2010-3833 (MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 does ...)
TODO: check
CVE-2010-3834 (Unspecified vulnerability in MySQL 5.0 before 5.0.92, 5.1 before ...)
@@ -93542,7 +93542,7 @@ CVE-2010-3870 (The utf8_decode function in PHP before 5.3.4 does not properly ha
CVE-2010-3871 (Cross-site scripting (XSS) vulnerability in ...)
NOT-FOR-US: mahara
CVE-2010-3872 (The apr_status_t fcgid_header_bucket_read function in fcgid_bucket.c ...)
- TODO: check
+ BUG: 344685
CVE-2010-3873 (The X.25 implementation in the Linux kernel before 2.6.36.2 does not ...)
TODO: check
CVE-2010-3874 (Heap-based buffer overflow in the bcm_connect function in ...)
@@ -93569,7 +93569,7 @@ CVE-2010-3884 (Cross-site request forgery (CSRF) vulnerability in CMS Made Simpl
NOT-FOR-US: cmsmadesimple cms_made_simple
CVE-2010-3885
REJECTED
- TODO: check
+ NOT-FOR-US: this
CVE-2010-3886 (The CTimeoutEventList::InsertIntoTimeoutList function in Microsoft ...)
NOT-FOR-US: microsoft ie
CVE-2010-3887 (The Limit Mail feature in the Parental Controls functionality in Mail ...)
@@ -93609,7 +93609,7 @@ CVE-2010-3903 (Unspecified vulnerability in OpenConnect before 2.23 allows remot
CVE-2010-3904 (The rds_page_copy_user function in net/rds/page.c in the Reliable ...)
TODO: check
CVE-2010-3905 (The password reset feature in the administrator interface for ...)
- TODO: check
+ NOT-FOR-US: eucalyptus
CVE-2010-3906 (Cross-site scripting (XSS) vulnerability in Gitweb 1.7.3.3 and earlier ...)
TODO: check
CVE-2010-3907 (Multiple integer overflows in real.c in the Real demuxer plugin in ...)
@@ -93645,25 +93645,26 @@ CVE-2010-3921 (Cross-site scripting (XSS) vulnerability in Movable Type 4.x befo
CVE-2010-3922 (SQL injection vulnerability in Movable Type 4.x before 4.35 and 5.x ...)
NOT-FOR-US: sixapart movabletype
CVE-2010-3923 (Untrusted search path vulnerability in AttacheCase before 2.70 allows ...)
- TODO: check
+ NOT-FOR-US: mitsu_hiro_hi_rose attachecase
CVE-2010-3924 (SQL injection vulnerability in Aimluck Aipo before 5.1.0.1 allows ...)
- TODO: check
+ NOT-FOR-US: aimluck aipo
CVE-2010-3925 (Contents-Mall before 15 does not properly handle passwords, which ...)
- TODO: check
+ NOT-FOR-US: wb i contents mall
CVE-2010-3926 (Multiple cross-site scripting (XSS) vulnerabilities in Shop.cgi in ...)
- TODO: check
+ NOT-FOR-US: wb i sgx sp_final_ne
CVE-2010-3927
RESERVED
CVE-2010-3928 (Ruby Version Manager (RVM) before 1.2.1 writes file contents to a ...)
- TODO: check
+ NOT-FOR-US: Ruby
CVE-2010-3929
RESERVED
CVE-2010-3930
RESERVED
CVE-2010-3931 (Cross-site scripting (XSS) vulnerability in multiple Rocomotion ...)
- TODO: check
+ NOT-FOR-US: multiple Rocomotion products including P board
CVE-2010-3932
RESERVED
+ REJECTED
CVE-2010-3933 (Ruby on Rails 2.3.9 and 3.0.0 does not properly handle nested ...)
TODO: check
CVE-2010-3934 (The browser in Research In Motion (RIM) BlackBerry Device Software ...)
@@ -93673,79 +93674,79 @@ CVE-2010-3935
CVE-2010-3936 (Cross-site scripting (XSS) vulnerability in Signurl.asp in Microsoft ...)
NOT-FOR-US: microsoft forefront_unified_access_gateway
CVE-2010-3937 (Microsoft Exchange Server 2007 SP2 on the x64 platform allows remote ...)
- TODO: check
+ NOT-FOR-US: microsoft exchange_server
CVE-2010-3938
RESERVED
CVE-2010-3939 (Buffer overflow in win32k.sys in the kernel-mode drivers in Microsoft ...)
- TODO: check
+ NOT-FOR-US: microsoft windows_xp
CVE-2010-3940 (Double free vulnerability in win32k.sys in the kernel-mode drivers in ...)
- TODO: check
+ NOT-FOR-US: microsoft windows_xp
CVE-2010-3941 (Double free vulnerability in win32k.sys in the kernel-mode drivers in ...)
- TODO: check
+ NOT-FOR-US: microsoft windows_xp
CVE-2010-3942 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
- TODO: check
+ NOT-FOR-US: microsoft windows_xp
CVE-2010-3943 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
- TODO: check
+ NOT-FOR-US: microsoft windows_xp
CVE-2010-3944 (win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2008 ...)
- TODO: check
+ NOT-FOR-US: microsoft windows_server_2008
CVE-2010-3945 (Buffer overflow in the CGM image converter in the graphics filters in ...)
- TODO: check
+ NOT-FOR-US: microsoft office_converter_pack
CVE-2010-3946 (Integer overflow in the PICT image converter in the graphics filters ...)
- TODO: check
+ NOT-FOR-US: microsoft office_converter_pack
CVE-2010-3947 (Heap-based buffer overflow in the TIFF image converter in the graphics ...)
- TODO: check
+ NOT-FOR-US: microsoft works
CVE-2010-3948
RESERVED
CVE-2010-3949 (Buffer overflow in the TIFF image converter in the graphics filters in ...)
- TODO: check
+ NOT-FOR-US: microsoft office_converter_pack
CVE-2010-3950 (The TIFF image converter in the graphics filters in Microsoft Office ...)
- TODO: check
+ NOT-FOR-US: microsoft works
CVE-2010-3951 (Buffer overflow in the FlashPix image converter in the graphics ...)
- TODO: check
+ NOT-FOR-US: microsoft office_converter_pack
CVE-2010-3952 (The FlashPix image converter in the graphics filters in Microsoft ...)
- TODO: check
+ NOT-FOR-US: microsoft office_converter_pack
CVE-2010-3953
RESERVED
CVE-2010-3954 (Microsoft Publisher 2002 SP3, 2003 SP3, and 2010 allows remote ...)
- TODO: check
+ NOT-FOR-US: microsoft publisher
CVE-2010-3955 (pubconv.dll (aka the Publisher Converter DLL) in Microsoft Publisher ...)
- TODO: check
+ NOT-FOR-US: microsoft publisher
CVE-2010-3956 (The OpenType Font (OTF) driver in Microsoft Windows XP SP2 and SP3, ...)
- TODO: check
+ NOT-FOR-US: microsoft windows_xp
CVE-2010-3957 (Double free vulnerability in the OpenType Font (OTF) driver in ...)
- TODO: check
+ NOT-FOR-US: microsoft windows_xp
CVE-2010-3958
RESERVED
CVE-2010-3959 (The OpenType Font (OTF) driver in Microsoft Windows XP SP2 and SP3, ...)
- TODO: check
+ NOT-FOR-US: microsoft windows_xp
CVE-2010-3960 (Hyper-V in Microsoft Windows Server 2008 Gold, SP2, and R2 allows ...)
- TODO: check
+ NOT-FOR-US: microsoft windows_server_2008
CVE-2010-3961 (The Consent User Interface (UI) in Microsoft Windows Vista SP1 and ...)
- TODO: check
+ NOT-FOR-US: microsoft windows_vista
CVE-2010-3962 (Use-after-free vulnerability in Microsoft Internet Explorer 6, 7, and ...)
NOT-FOR-US: microsoft ie
CVE-2010-3963 (Buffer overflow in the Routing and Remote Access NDProxy component in ...)
- TODO: check
+ NOT-FOR-US: microsoft windows_xp
CVE-2010-3964 (Unrestricted file upload vulnerability in the Document Conversions ...)
- TODO: check
+ NOT-FOR-US: microsoft sharepoint_server
CVE-2010-3965 (Untrusted search path vulnerability in Windows Media Encoder 9 on ...)
- TODO: check
+ NOT-FOR-US: microsoft windows_media_encoder
CVE-2010-3966 (Untrusted search path vulnerability in Microsoft Windows Server 2008 ...)
- TODO: check
+ NOT-FOR-US: microsoft windows_server_2008
CVE-2010-3967 (Untrusted search path vulnerability in Microsoft Windows Movie Maker ...)
- TODO: check
+ NOT-FOR-US: microsoft windows_movie_maker
CVE-2010-3968
RESERVED
CVE-2010-3969
RESERVED
CVE-2010-3970 (Stack-based buffer overflow in the CreateSizedDIBSECTION function in ...)
- TODO: check
+ NOT-FOR-US: microsoft windows_xp
CVE-2010-3971 (Use-after-free vulnerability in the CSharedStyleSheet::Notify function ...)
- TODO: check
+ NOT-FOR-US: microsoft ie
CVE-2010-3972 (The TELNET_STREAM_CONTEXT::OnSendData function in the FTP protocol ...)
- TODO: check
+ NOT-FOR-US: microsoft iis
CVE-2010-3973 (The WBEMSingleView.ocx ActiveX control 1.50.1131.0 in Microsoft WMI ...)
- TODO: check
+ NOT-FOR-US: microsoft wmi_administrative_tools
CVE-2010-3974
RESERVED
CVE-2010-3975 (Untrusted search path vulnerability in Adobe Flash Player 9 allows ...)
@@ -93823,9 +93824,9 @@ CVE-2010-4010 (Integer signedness error in Apple Type Services (ATS) in Apple Ma
CVE-2010-4011 (Dovecot in Apple Mac OS X 10.6.5 10H574 does not properly manage ...)
NOT-FOR-US: apple mac_os_x_server
CVE-2010-4012 (Race condition in Apple iOS 4.0 through 4.1 for iPhone 3G and later ...)
- TODO: check
+ NOT-FOR-US: apple iphone_os
CVE-2010-4013 (Format string vulnerability in PackageKit in Apple Mac OS X 10.6.x ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-4014
RESERVED
CVE-2010-4015
@@ -93989,7 +93990,7 @@ CVE-2010-4093
CVE-2010-4094 (The Tomcat server in IBM Rational Quality Manager and Rational Test ...)
NOT-FOR-US: ibm rational_test_lab_manager
CVE-2010-4095 (Directory traversal vulnerability in the FTP client in Serengeti ...)
- TODO: check
+ NOT-FOR-US: robo ftp
CVE-2010-4096 (share/ma/keys_for_user in Monkeysphere 0.31 and 0.32 allows local ...)
NOT-FOR-US: monkeysphere_project monkeysphere
CVE-2010-4097 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
@@ -94019,19 +94020,19 @@ CVE-2010-4108 (HP HP-UX B.11.11, B.11.23, and B.11.31 does not properly support
CVE-2010-4109 (Cross-site scripting (XSS) vulnerability in the Contacts Application ...)
NOT-FOR-US: hp palm_webos
CVE-2010-4110 (Unspecified vulnerability in HP OpenVMS 8.3, 8.3-1H1, and 8.4 on the ...)
- TODO: check
+ NOT-FOR-US: hp openvms
CVE-2010-4111 (Cross-site scripting (XSS) vulnerability in HP Insight Diagnostics ...)
- TODO: check
+ NOT-FOR-US: hp insight_diagnostics
CVE-2010-4112 (HP Insight Management Agents before 8.6 allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: hp insight_management_agents
CVE-2010-4113 (Stack-based buffer overflow in HP Power Manager (HPPM) before 4.3.2 ...)
- TODO: check
+ NOT-FOR-US: hp power_manager
CVE-2010-4114 (Cross-site scripting (XSS) vulnerability in HP Discovery & Dependency ...)
- TODO: check
+ NOT-FOR-US: hp discovery dependency_mapping_inventory
CVE-2010-4115 (HP StorageWorks Modular Smart Array P2000 G3 firmware TS100R011, ...)
- TODO: check
+ NOT-FOR-US: hp storageworks_modular_smart_array_p2000_g3_firmware
CVE-2010-4116 (Unspecified vulnerability in HP StorageWorks Storage Mirroring 5.x ...)
- TODO: check
+ NOT-FOR-US: hp storageworks_storage_mirroring
CVE-2010-4117
RESERVED
CVE-2010-4118
@@ -94143,7 +94144,7 @@ CVE-2010-4170 (The staprun runtime tool in SystemTap 1.3 does not properly clear
CVE-2010-4171 (The staprun runtime tool in SystemTap 1.3 does not verify that a ...)
TODO: check
CVE-2010-4172 (Multiple cross-site scripting (XSS) vulnerabilities in the Manager ...)
- TODO: check
+ BUG: 329937
CVE-2010-4173 (The default configuration of libsdp.conf in libsdp 1.1.104 and earlier ...)
NOT-FOR-US: openfabrics libsdp
CVE-2010-4174
@@ -94151,13 +94152,13 @@ CVE-2010-4174
CVE-2010-4175 (Integer overflow in the rds_cmsg_rdma_args function (net/rds/rdma.c) ...)
TODO: check
CVE-2010-4176 (plymouth-pretrigger.sh in dracut and udev, when running on Fedora 13 ...)
- TODO: check
+ NOT-FOR-US: Fedora only
CVE-2010-4177
RESERVED
CVE-2010-4178
RESERVED
CVE-2010-4179 (The installation documentation for Red Hat Enterprise Messaging, ...)
- TODO: check
+ NOT-FOR-US: redhat enterprise_mrg
CVE-2010-4180 (OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when ...)
TODO: check
CVE-2010-4181 (Directory traversal vulnerability in Yaws 1.89 allows remote attackers ...)
@@ -94200,7 +94201,7 @@ CVE-2010-4199 (Google Chrome before 7.0.517.44 does not properly perform a cast
TODO: check
CVE-2010-4200
REJECTED
- TODO: check
+ NOT-FOR-US: this
CVE-2010-4201 (Use-after-free vulnerability in Google Chrome before 7.0.517.44 allows ...)
TODO: check
CVE-2010-4202 (Multiple integer overflows in Google Chrome before 7.0.517.44 on Linux ...)
@@ -94324,7 +94325,7 @@ CVE-2010-4260 (Multiple unspecified vulnerabilities in pdf.c in libclamav in Cla
CVE-2010-4261 (Off-by-one error in the icon_cb function in pe_icons.c in libclamav in ...)
TODO: check
CVE-2010-4262 (Stack-based buffer overflow in Xfig 3.2.4 and 3.2.5 allows remote ...)
- TODO: check
+ BUG: 348344
CVE-2010-4263 (The igb_receive_skb function in drivers/net/igb/igb_main.c in the ...)
TODO: check
CVE-2010-4264
@@ -94334,7 +94335,7 @@ CVE-2010-4265 (The ...)
CVE-2010-4266
RESERVED
CVE-2010-4267 (Stack-based buffer overflow in the hpmud_get_pml function in ...)
- TODO: check
+ BUG: 352085
CVE-2010-4268 (SQL injection vulnerability in the Pulse Infotech Flip Wall ...)
NOT-FOR-US: pulseinfotech com_flipwall
CVE-2010-4269 (SQL injection vulnerability in managechat.php in Collabtive 0.65 ...)
@@ -94350,11 +94351,11 @@ CVE-2010-4273 (SQL injection vulnerability in imoveis.php in DescargarVista ACC
CVE-2010-4274 (reset_diragent_keys in the Common agent in IBM Systems Director 6.2.0 ...)
NOT-FOR-US: ibm director_agent
CVE-2010-4275 (Multiple cross-site scripting (XSS) vulnerabilities in Radius Manager ...)
- TODO: check
+ NOT-FOR-US: dmasoftlab radius_manager
CVE-2010-4276 (Cross-site scripting (XSS) vulnerability in the lz_tracking_set_sessid ...)
- TODO: check
+ NOT-FOR-US: livezilla
CVE-2010-4277 (Cross-site scripting (XSS) vulnerability in lembedded-video.php in the ...)
- TODO: check
+ NOT-FOR-US: jovelstefan embedded video
CVE-2010-4278 (operation/agentes/networkmap.php in Pandora FMS before 3.1.1 allows ...)
NOT-FOR-US: pandora
CVE-2010-4279 (The default configuration of Pandora FMS 3.1 and earlier specifies an ...)
@@ -94442,13 +94443,13 @@ CVE-2010-4319
CVE-2010-4320
RESERVED
CVE-2010-4321 (Stack-based buffer overflow in an ActiveX control in ienipp.ocx in ...)
- TODO: check
+ NOT-FOR-US: novell iprint_client
CVE-2010-4322 (Cross-site scripting (XSS) vulnerability in gwtTeaming.rpc in Novell ...)
- TODO: check
+ NOT-FOR-US: novell vibe_onprem
CVE-2010-4323
RESERVED
CVE-2010-4324 (Cross-site scripting (XSS) vulnerability in the Approval Form in the ...)
- TODO: check
+ NOT-FOR-US: novell identity_manager_roles_based_provisioning_module
CVE-2010-4325
RESERVED
CVE-2010-4326
@@ -94462,11 +94463,11 @@ CVE-2010-4329 (Cross-site scripting (XSS) vulnerability in the PMA_linkOrButton
CVE-2010-4330 (Directory traversal vulnerability in includes/controller.php in Pulse ...)
NOT-FOR-US: pulsecms pulse_cms
CVE-2010-4331 (Multiple cross-site scripting (XSS) vulnerabilities in Seo Panel 2.2.0 ...)
- TODO: check
+ NOT-FOR-US: Seo Panel
CVE-2010-4332 (Pointter PHP Content Management System 1.0 allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: pangramsoft pointter_php_content_management_system
CVE-2010-4333 (Pointter PHP Micro-Blogging Social Network 1.8 allows remote attackers ...)
- TODO: check
+ NOT-FOR-US: pangramsoft pointter_php_micro blogging_social_network
CVE-2010-4334 (IO::Socket::SSL Perl module 1.35, when verify_mode is not VERIFY_NONE, ...)
TODO: check
CVE-2010-4335 (The _validatePost function in libs/controller/components/security.php ...)
@@ -94474,11 +94475,11 @@ CVE-2010-4335 (The _validatePost function in libs/controller/components/security
CVE-2010-4336 (The cu_rrd_create_file function (src/utils_rrdcreate.c) in collectd ...)
TODO: check
CVE-2010-4337 (The configure script in gnash 0.8.8 allows local users to overwrite ...)
- TODO: check
+ BUG: 351724
CVE-2010-4338 (ocrodjvu 0.4.6-1 on Debian GNU/Linux, when using Cuneiform as the OCR ...)
- TODO: check
+ NOT-FOR-US: ocrodjvu
CVE-2010-4339 (Cross-site scripting (XSS) vulnerability in Hypermail 2.2.0 allows ...)
- TODO: check
+ NOT-FOR-US: hypermail project hypermail
CVE-2010-4340
TODO: check
CVE-2010-4341
@@ -94502,7 +94503,7 @@ CVE-2010-4349 (admin/upgrade_unattended.php in MantisBT before 1.2.4 allows remo
CVE-2010-4350 (Directory traversal vulnerability in admin/upgrade_unattended.php in ...)
TODO: check
CVE-2010-4351 (The JNLP SecurityManager in IcedTea (IcedTea.so) 1.7 before 1.7.7, 1.8 ...)
- TODO: check
+ BUG: 352035
CVE-2010-4352 (Stack consumption vulnerability in D-Bus (aka DBus) before 1.4.1 ...)
TODO: check
CVE-2010-4353
@@ -94550,51 +94551,51 @@ CVE-2010-4373 (The in_mp4 plugin in Winamp before 5.6 allows remote attackers to
CVE-2010-4374 (The in_mkv plugin in Winamp before 5.6 allows remote attackers to ...)
NOT-FOR-US: nullsoft winamp
CVE-2010-4375 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...)
- TODO: check
+ NOT-FOR-US: realnetworks realplayer
CVE-2010-4376 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...)
- TODO: check
+ NOT-FOR-US: realnetworks realplayer_sp
CVE-2010-4377 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...)
- TODO: check
+ NOT-FOR-US: realnetworks realplayer_sp
CVE-2010-4378 (The drv2.dll (aka RV20 decompression) module in RealNetworks ...)
- TODO: check
+ NOT-FOR-US: realnetworks realplayer_sp
CVE-2010-4379 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...)
- TODO: check
+ NOT-FOR-US: realnetworks realplayer_sp
CVE-2010-4380 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...)
- TODO: check
+ NOT-FOR-US: realnetworks realplayer_sp
CVE-2010-4381 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...)
- TODO: check
+ NOT-FOR-US: realnetworks realplayer_sp
CVE-2010-4382 (Multiple heap-based buffer overflows in RealNetworks RealPlayer 11.0 ...)
- TODO: check
+ NOT-FOR-US: realnetworks realplayer_sp
CVE-2010-4383 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...)
- TODO: check
+ NOT-FOR-US: realnetworks realplayer_sp
CVE-2010-4384 (Array index error in RealNetworks RealPlayer 11.0 through 11.1, ...)
- TODO: check
+ NOT-FOR-US: realnetworks realplayer
CVE-2010-4385 (Integer overflow in RealNetworks RealPlayer 11.0 through 11.1, ...)
- TODO: check
+ NOT-FOR-US: realnetworks realplayer_sp
CVE-2010-4386 (RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through ...)
- TODO: check
+ NOT-FOR-US: realnetworks realplayer_sp
CVE-2010-4387 (The RealAudio codec in RealNetworks RealPlayer 11.0 through 11.1, ...)
- TODO: check
+ NOT-FOR-US: realnetworks realplayer_sp
CVE-2010-4388 (The (1) Upsell.htm, (2) Main.html, and (3) Custsupport.html components ...)
- TODO: check
+ NOT-FOR-US: realnetworks realplayer_sp
CVE-2010-4389 (Heap-based buffer overflow in the cook codec in RealNetworks ...)
- TODO: check
+ NOT-FOR-US: realnetworks realplayer_sp
CVE-2010-4390 (Multiple heap-based buffer overflows in RealNetworks RealPlayer 11.0 ...)
- TODO: check
+ NOT-FOR-US: realnetworks realplayer_sp
CVE-2010-4391 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...)
- TODO: check
+ NOT-FOR-US: realnetworks realplayer_sp
CVE-2010-4392 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...)
- TODO: check
+ NOT-FOR-US: realnetworks realplayer_sp
CVE-2010-4393
RESERVED
CVE-2010-4394 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...)
- TODO: check
+ NOT-FOR-US: realnetworks realplayer_sp
CVE-2010-4395 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...)
- TODO: check
+ NOT-FOR-US: realnetworks realplayer_sp
CVE-2010-4396 (Cross-zone scripting vulnerability in the HandleAction method in a ...)
- TODO: check
+ NOT-FOR-US: realnetworks realplayer_sp
CVE-2010-4397 (Integer overflow in the pnen3260.dll module in RealNetworks RealPlayer ...)
- TODO: check
+ NOT-FOR-US: realnetworks realplayer_sp
CVE-2010-4398 (Stack-based buffer overflow in the RtlQueryRegistryValues function in ...)
NOT-FOR-US: microsoft windows_xp
CVE-2010-4399 (Directory traversal vulnerability in languages.inc.php in DynPG CMS ...)
@@ -94626,79 +94627,79 @@ CVE-2010-4411 (Unspecified vulnerability in CGI.pm 3.50 and earlier allows remot
CVE-2010-4412 (Multiple cross-site scripting (XSS) vulnerabilities in pfSense 2 beta ...)
NOT-FOR-US: bsdperimeter pfsense
CVE-2010-4413 (Unspecified vulnerability in the Scheduler Agent component in Oracle ...)
- TODO: check
+ NOT-FOR-US: oracle database_server
CVE-2010-4414 (Unspecified vulnerability in Oracle VM VirtualBox 4.0 allows local ...)
TODO: check
CVE-2010-4415 (Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows local ...)
- TODO: check
+ NOT-FOR-US: sunos
CVE-2010-4416 (Unspecified vulnerability in the Oracle GoldenGate Veridata component ...)
- TODO: check
+ NOT-FOR-US: oracle fusion_middleware
CVE-2010-4417 (Unspecified vulnerability in the Services for Beehive component in ...)
- TODO: check
+ NOT-FOR-US: oracle beehive
CVE-2010-4418 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
- TODO: check
+ NOT-FOR-US: oracle peoplesoft_enterprise
CVE-2010-4419 (Unspecified vulnerability in the PeopleSoft Enterprise CRM component ...)
- TODO: check
+ NOT-FOR-US: oracle peoplesoft_and_jdedwards_product_suite
CVE-2010-4420 (Unspecified vulnerability in the Database Vault component in Oracle ...)
- TODO: check
+ NOT-FOR-US: oracle database_server
CVE-2010-4421 (Unspecified vulnerability in the Database Vault component in Oracle ...)
- TODO: check
+ NOT-FOR-US: oracle database_server
CVE-2010-4422
RESERVED
CVE-2010-4423 (Unspecified vulnerability in the Cluster Verify Utility component in ...)
- TODO: check
+ NOT-FOR-US: oracle database_server
CVE-2010-4424 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
- TODO: check
+ NOT-FOR-US: oracle peoplesoft_enterprise
CVE-2010-4425 (Unspecified vulnerability in the Oracle BI Publisher component in ...)
- TODO: check
+ NOT-FOR-US: oracle fusion_middleware
CVE-2010-4426 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
- TODO: check
+ NOT-FOR-US: oracle peoplesoft_enterprise
CVE-2010-4427 (Unspecified vulnerability in the Oracle BI Publisher component in ...)
- TODO: check
+ NOT-FOR-US: oracle fusion_middleware
CVE-2010-4428 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component ...)
- TODO: check
+ NOT-FOR-US: oracle peoplesoft_and_jdedwards_product_suite
CVE-2010-4429 (Unspecified vulnerability in the Agile Core component in Oracle Supply ...)
- TODO: check
+ NOT-FOR-US: oracle supply_chain_products_suite
CVE-2010-4430 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component ...)
- TODO: check
+ NOT-FOR-US: oracle peoplesoft_and_jdedwards_product_suite
CVE-2010-4431 (Unspecified vulnerability in Oracle Sun Java System Portal Server 7.1 ...)
- TODO: check
+ NOT-FOR-US: sun java_system_portal_server
CVE-2010-4432 (Unspecified vulnerability in the Oracle Transportation Manager ...)
- TODO: check
+ NOT-FOR-US: oracle supply_chain_products_suite
CVE-2010-4433 (Unspecified vulnerability in Oracle Solaris 10 allows remote attackers ...)
- TODO: check
+ NOT-FOR-US: sunos
CVE-2010-4434 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
- TODO: check
+ NOT-FOR-US: oracle peoplesoft_enterprise
CVE-2010-4435 (Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows remote ...)
- TODO: check
+ NOT-FOR-US: sunos
CVE-2010-4436 (Unspecified vulnerability in Oracle Sun Management Center (SunMC) 4.0 ...)
- TODO: check
+ NOT-FOR-US: oracle sunmc
CVE-2010-4437 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
- TODO: check
+ NOT-FOR-US: oracle fusion_middleware
CVE-2010-4438 (Unspecified vulnerability in Oracle GlassFish 2.1, 2.1.1, and 3.0.1, ...)
- TODO: check
+ NOT-FOR-US: oracle sun_glassfish_enterprise_server
CVE-2010-4439 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component ...)
- TODO: check
+ NOT-FOR-US: oracle peoplesoft_and_jdedwards_product_suite
CVE-2010-4440 (Unspecified vulnerability in Oracle 10 and 11 Express allows local ...)
- TODO: check
+ NOT-FOR-US: sunos
CVE-2010-4441 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component ...)
- TODO: check
+ NOT-FOR-US: oracle peoplesoft_and_jdedwards_product_suite
CVE-2010-4442 (Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows ...)
- TODO: check
+ NOT-FOR-US: sunos
CVE-2010-4443 (Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows ...)
- TODO: check
+ NOT-FOR-US: sunos
CVE-2010-4444 (Unspecified vulnerability in Oracle Sun Java System Access Manager and ...)
- TODO: check
+ NOT-FOR-US: sun java_system_access_manager
CVE-2010-4445 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component ...)
- TODO: check
+ NOT-FOR-US: oracle peoplesoft_and_jdedwards_product_suite
CVE-2010-4446 (Unspecified vulnerability in Oracle Solaris 11 Express allows local ...)
- TODO: check
+ NOT-FOR-US: sunos
CVE-2010-4447
RESERVED
CVE-2010-4448
RESERVED
CVE-2010-4449 (Unspecified vulnerability in the Audit Vault component in Oracle Audit ...)
- TODO: check
+ NOT-FOR-US: oracle audit_vault
CVE-2010-4450
RESERVED
CVE-2010-4451
@@ -94706,29 +94707,29 @@ CVE-2010-4451
CVE-2010-4452
RESERVED
CVE-2010-4453 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
- TODO: check
+ NOT-FOR-US: oracle weblogic_server
CVE-2010-4454
RESERVED
CVE-2010-4455 (Unspecified vulnerability in the Oracle HTTP Server component in ...)
- TODO: check
+ NOT-FOR-US: oracle fusion_middleware
CVE-2010-4456 (Unspecified vulnerability in Oracle Sun Java System Communications ...)
TODO: check
CVE-2010-4457 (Unspecified vulnerability in Oracle Solaris 11 Express allows remote ...)
- TODO: check
+ NOT-FOR-US: sunos
CVE-2010-4458 (Unspecified vulnerability in Oracle Solaris 11 Express allows local ...)
- TODO: check
+ NOT-FOR-US: sunos
CVE-2010-4459 (Unspecified vulnerability in Oracle Solaris 11 Express allows local ...)
- TODO: check
+ NOT-FOR-US: sunos
CVE-2010-4460 (Unspecified vulnerability in Oracle Solaris 10 allows local users to ...)
- TODO: check
+ NOT-FOR-US: sunos
CVE-2010-4461 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component ...)
- TODO: check
+ NOT-FOR-US: oracle peoplesoft_and_jdedwards_product_suite
CVE-2010-4462
RESERVED
CVE-2010-4463
RESERVED
CVE-2010-4464 (Unspecified vulnerability in Oracle Sun Convergence 1.0 allows remote ...)
- TODO: check
+ NOT-FOR-US: oracle sun_convergence
CVE-2010-4465
RESERVED
CVE-2010-4466
@@ -94792,18 +94793,18 @@ CVE-2010-4494 (Double free vulnerability in libxml2 2.7.8 and other versions, as
CVE-2010-4495 (Unspecified vulnerability in the ActiveMatrix Runtime component in ...)
TODO: check
CVE-2010-4496 (Multiple SQL injection vulnerabilities in Collaborative Information ...)
- TODO: check
+ NOT-FOR-US: tibco collaborative_information_manager
CVE-2010-4497 (Cross-site scripting (XSS) vulnerability in Collaborative Information ...)
- TODO: check
+ NOT-FOR-US: tibco collaborative_information_manager
CVE-2010-4498 (Unspecified vulnerability in Collaborative Information Manager server, ...)
- TODO: check
+ NOT-FOR-US: tibco collaborative_information_manager
CVE-2010-4499 (Session fixation vulnerability in Collaborative Information Manager ...)
- TODO: check
+ NOT-FOR-US: tibco collaborative_information_manager
CVE-2010-4500 (Multiple SQL injection vulnerabilities in contact.php in MRCGIGUY ...)
NOT-FOR-US: mrcgiguy freeticket
CVE-2010-4501
REJECTED
- TODO: check
+ NOT-FOR-US: this
CVE-2010-4502 (Integer overflow in KmxSbx.sys 6.2.0.22 in CA Internet Security Suite ...)
NOT-FOR-US: ca internet_security_suite_plus_2010
CVE-2010-4503 (SQL injection vulnerability in indexlight.php in Aigaion 1.3.4 allows ...)
@@ -94815,14 +94816,14 @@ CVE-2010-4505 (Multiple SQL injection vulnerabilities in login.php in Injader 2.
CVE-2010-4506
RESERVED
CVE-2010-4507 (Multiple cross-site request forgery (CSRF) vulnerabilities on the ...)
- TODO: check
+ NOT-FOR-US: clear ispot
CVE-2010-4508 (The WebSockets implementation in Mozilla Firefox 4 through 4.0 Beta 7 ...)
TODO: check
CVE-2010-4509 (Multiple unspecified vulnerabilities in Movable Type 4.x before 4.35 ...)
NOT-FOR-US: sixapart movabletype
CVE-2010-4510
REJECTED
- TODO: check
+ NOT-FOR-US: this
CVE-2010-4511 (Unspecified vulnerability in Movable Type 4.x before 4.35 and 5.x ...)
NOT-FOR-US: sixapart movabletype
CVE-2010-4512 (Cobbler before 2.0.4 uses an incorrect umask value, which allows local ...)
@@ -94840,17 +94841,17 @@ CVE-2010-4517 (SQL injection vulnerability in the JExtensions JE Auto (com_jeaut
CVE-2010-4518 (Cross-site scripting (XSS) vulnerability in ...)
NOT-FOR-US: wobeo wp safe search
CVE-2010-4519 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
- TODO: check
+ NOT-FOR-US: earl_miles views
CVE-2010-4520 (Multiple cross-site scripting (XSS) vulnerabilities in the Views ...)
- TODO: check
+ NOT-FOR-US: earl_miles views
CVE-2010-4521 (Cross-site scripting (XSS) vulnerability in the Views module 6.x ...)
- TODO: check
+ NOT-FOR-US: earl_miles views
CVE-2010-4522 (Multiple cross-site scripting (XSS) vulnerabilities in MyBB (aka ...)
- TODO: check
+ NOT-FOR-US: mybb
CVE-2010-4523 (Multiple stack-based buffer overflows in libopensc in OpenSC 0.11.13 ...)
- TODO: check
+ BUG: 349567
CVE-2010-4524 (Cross-site scripting (XSS) vulnerability in lib/mhtxthtml.pl in ...)
- TODO: check
+ BUG: 349563
CVE-2010-4525 (Linux kernel 2.6.33 and 2.6.34.y does not initialize the ...)
TODO: check
CVE-2010-4526 (Race condition in the sctp_icmp_proto_unreachable function in ...)
@@ -94862,9 +94863,9 @@ CVE-2010-4528 (directconn.c in the MSN protocol plugin in libpurple 2.7.6 throug
CVE-2010-4529 (Integer underflow in the irda_getsockopt function in ...)
TODO: check
CVE-2010-4530 (Signedness error in ccid_serial.c in libccid in the USB Chip/Smart ...)
- TODO: check
+ BUG: 349559
CVE-2010-4531 (Stack-based buffer overflow in the ATRDecodeAtr function in the ...)
- TODO: check
+ BUG: 349561
CVE-2010-4532
RESERVED
CVE-2010-4533
@@ -94876,7 +94877,7 @@ CVE-2010-4535 (The password reset functionality in django.contrib.auth in Django
CVE-2010-4536 (Multiple cross-site scripting (XSS) vulnerabilities in KSES, as used ...)
TODO: check
CVE-2010-4537 (Unspecified vulnerability in CrawlTrack before 3.2.7, when a public ...)
- TODO: check
+ NOT-FOR-US: crawltrack
CVE-2010-4538 (Buffer overflow in the sect_enttec_dmx_da function in ...)
TODO: check
CVE-2010-4539 (The walk function in repos.c in the mod_dav_svn module for the Apache ...)
@@ -94890,35 +94891,35 @@ CVE-2010-4542 (Stack-based buffer overflow in the gfig_read_parameter_gimp_rgb .
CVE-2010-4543 (Heap-based buffer overflow in the read_channel_data function in ...)
TODO: check
CVE-2010-4544 (Cross-site scripting (XSS) vulnerability in the servlet in IBM Lotus ...)
- TODO: check
+ NOT-FOR-US: ibm lotus_notes_traveler
CVE-2010-4545 (IBM Lotus Notes Traveler before 8.5.1.2 allows remote authenticated ...)
- TODO: check
+ NOT-FOR-US: ibm lotus_notes_traveler
CVE-2010-4546 (IBM Lotus Notes Traveler before 8.5.1.2 does not reject an attachment ...)
- TODO: check
+ NOT-FOR-US: ibm lotus_notes_traveler
CVE-2010-4547 (IBM Lotus Notes Traveler before 8.5.1.3, when a multidomain ...)
- TODO: check
+ NOT-FOR-US: ibm lotus_notes_traveler
CVE-2010-4548 (IBM Lotus Notes Traveler before 8.5.1.2 allows remote authenticated ...)
- TODO: check
+ NOT-FOR-US: ibm lotus_notes_traveler
CVE-2010-4549 (IBM Lotus Notes Traveler before 8.5.1.3 on the Nokia s60 device ...)
- TODO: check
+ NOT-FOR-US: ibm lotus_notes_traveler
CVE-2010-4550 (IBM Lotus Notes Traveler before 8.5.1.3 allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: ibm lotus_notes_traveler
CVE-2010-4551 (IBM Lotus Notes Traveler before 8.5.1.2 allows remote authenticated ...)
- TODO: check
+ NOT-FOR-US: ibm lotus_notes_traveler
CVE-2010-4552 (Memory leak in IBM Lotus Notes Traveler before 8.5.1.1 allows remote ...)
- TODO: check
+ NOT-FOR-US: ibm lotus_notes_traveler
CVE-2010-4553 (An unspecified Domino API in IBM Lotus Notes Traveler before 8.5.1.1 ...)
- TODO: check
+ NOT-FOR-US: ibm lotus_notes_traveler
CVE-2010-4554
RESERVED
CVE-2010-4555
RESERVED
CVE-2010-4556 (Stack-based buffer overflow in the SapThemeRepository ActiveX control ...)
- TODO: check
+ NOT-FOR-US: sap netweaver_business_client
CVE-2010-4557 (Buffer overflow in the lm_tcp service in Invensys Wonderware InBatch ...)
- TODO: check
+ NOT-FOR-US: invensys wonderware_inbatch
CVE-2010-4558 (phpMyFAQ 2.6.11 and 2.6.12, as distributed between December 4th and ...)
- TODO: check
+ NOT-FOR-US: phpmyfaq
CVE-2010-4559
RESERVED
CVE-2010-4560
@@ -94934,7 +94935,7 @@ CVE-2010-4564
CVE-2010-4565 (The bcm_connect function in net/can/bcm.c (aka the Broadcast Manager) ...)
TODO: check
CVE-2010-4566 (Unspecified vulnerability in the NT4 authentication component in ...)
- TODO: check
+ NOT-FOR-US: citrix access_gateway
CVE-2010-4567
RESERVED
CVE-2010-4568
@@ -94948,7 +94949,7 @@ CVE-2010-4571
CVE-2010-4572
RESERVED
CVE-2010-4573 (The Update Installer in VMware ESXi 4.1, when a modified sfcb.cfg is ...)
- TODO: check
+ NOT-FOR-US: vmware esxi
CVE-2010-4574 (The Pickle::Pickle function in base/pickle.cc in Google Chrome before ...)
TODO: check
CVE-2010-4575 (The ThemeInstalledInfoBarDelegate::Observe function in ...)
@@ -94978,115 +94979,115 @@ CVE-2010-4586 (The default configuration of Opera before 11.00 enables WebSocket
CVE-2010-4587 (Opera before 11.00 on Windows does not properly implement the Insecure ...)
TODO: check
CVE-2010-4588 (The WBEMSingleView.ocx ActiveX control 1.50.1131.0 in Microsoft WMI ...)
- TODO: check
+ NOT-FOR-US: microsoft wmi_administrative_tools
CVE-2010-4589 (Cross-site scripting (XSS) vulnerability in IBM ENOVIA 6 allows remote ...)
- TODO: check
+ NOT-FOR-US: ibm enovia
CVE-2010-4590 (Cross-site scripting (XSS) vulnerability in HTTP Access Services ...)
- TODO: check
+ NOT-FOR-US: ibm lotus_mobile_connect
CVE-2010-4591 (The Connection Manager in IBM Lotus Mobile Connect (LMC) before 6.1.4, ...)
- TODO: check
+ NOT-FOR-US: ibm lotus_mobile_connect
CVE-2010-4592 (The Mobile Network Connections functionality in the Connection Manager ...)
- TODO: check
+ NOT-FOR-US: ibm lotus_mobile_connect
CVE-2010-4593 (The Connection Manager in IBM Lotus Mobile Connect before 6.1.4 does ...)
- TODO: check
+ NOT-FOR-US: ibm lotus_mobile_connect
CVE-2010-4594 (The Connection Manager in IBM Lotus Mobile Connect before 6.1.4, when ...)
- TODO: check
+ NOT-FOR-US: ibm lotus_mobile_connect
CVE-2010-4595 (The Connection Manager in IBM Lotus Mobile Connect before 6.1.4 ...)
- TODO: check
+ NOT-FOR-US: ibm lotus_mobile_connect
CVE-2010-4596
RESERVED
CVE-2010-4597 (Stack-based buffer overflow in the save method in the ...)
- TODO: check
+ NOT-FOR-US: ecava integraxor
CVE-2010-4598 (Directory traversal vulnerability in Ecava IntegraXor 3.6.4000.0 and ...)
- TODO: check
+ NOT-FOR-US: ecava integraxor
CVE-2010-4599 (Untrusted search path vulnerability in Ecava IntegraXor 3.6.4000.0 ...)
- TODO: check
+ NOT-FOR-US: ecava integraxor
CVE-2010-4600 (Dojo Toolkit, as used in the Web client in IBM Rational ClearQuest ...)
- TODO: check
+ NOT-FOR-US: ibm rational_clearquest
CVE-2010-4601 (Multiple unspecified vulnerabilities in IBM Rational ClearQuest 7.0.x ...)
- TODO: check
+ NOT-FOR-US: ibm rational_clearquest
CVE-2010-4602 (The Web client in IBM Rational ClearQuest 7.1.1.x before 7.1.1.4 and ...)
- TODO: check
+ NOT-FOR-US: ibm rational_clearquest
CVE-2010-4603 (IBM Rational ClearQuest 7.0.x before 7.0.1.11, 7.1.1.x before 7.1.1.4, ...)
- TODO: check
+ NOT-FOR-US: ibm rational_clearquest
CVE-2010-4604 (Stack-based buffer overflow in the GeneratePassword function in dsmtca ...)
- TODO: check
+ NOT-FOR-US: ibm tivoli_storage_manager
CVE-2010-4605 (Unspecified vulnerability in the backup-archive client in IBM Tivoli ...)
- TODO: check
+ NOT-FOR-US: ibm tivoli_storage_manager
CVE-2010-4606 (Unspecified vulnerability in the Space Management client in the ...)
- TODO: check
+ NOT-FOR-US: ibm tivoli_storage_manager
CVE-2010-4607 (Multiple cross-site scripting (XSS) vulnerabilities in Habari 0.6.5, ...)
- TODO: check
+ NOT-FOR-US: habariproject habari
CVE-2010-4608 (Habari 0.6.5 allows remote attackers to obtain sensitive information ...)
- TODO: check
+ NOT-FOR-US: habariproject habari
CVE-2010-4609 (SQL injection vulnerability in index.php in Html-edit CMS 3.1.8 allows ...)
- TODO: check
+ NOT-FOR-US: html edit_cms
CVE-2010-4610 (Cross-site scripting (XSS) vulnerability in index.php in Html-edit CMS ...)
- TODO: check
+ NOT-FOR-US: html edit_cms
CVE-2010-4611 (Html-edit CMS 3.1.8 allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: html edit_cms
CVE-2010-4612 (Multiple SQL injection vulnerabilities in index.php in Hycus CMS ...)
- TODO: check
+ NOT-FOR-US: hycus_cms
CVE-2010-4613 (Multiple directory traversal vulnerabilities in Hycus CMS 1.0.3 allow ...)
- TODO: check
+ NOT-FOR-US: hycus_cms
CVE-2010-4614 (SQL injection vulnerability in item.php in Ero Auktion 2010 allows ...)
- TODO: check
+ NOT-FOR-US: mhproducts ero_auktion
CVE-2010-4615 (Multiple SQL injection vulnerabilities in Oto Galeri Sistemi 1.0 allow ...)
- TODO: check
+ NOT-FOR-US: iskenderaltuntas oto_galeri_sistemi
CVE-2010-4616 (Cross-site scripting (XSS) vulnerability in ...)
- TODO: check
+ NOT-FOR-US: impresscms
CVE-2010-4617 (Directory traversal vulnerability in the JotLoader (com_jotloader) ...)
- TODO: check
+ NOT-FOR-US: kanich com_jotloader
CVE-2010-4618 (Cross-site scripting (XSS) vulnerability in the Algis Info ...)
- TODO: check
+ NOT-FOR-US: algisinfo aicontactsafe
CVE-2010-4619 (SQL injection vulnerability in profil.php in Mafya Oyun Scrpti (aka ...)
- TODO: check
+ NOT-FOR-US: webscripti mafya_oyun_scrpti
CVE-2010-4620
RESERVED
CVE-2010-4621
RESERVED
CVE-2010-4622 (Directory traversal vulnerability in WebSEAL in IBM Tivoli Access ...)
- TODO: check
+ NOT-FOR-US: ibm tivoli_access_manager_for_e business
CVE-2010-4623 (WebSEAL in IBM Tivoli Access Manager for e-business 6.1.1 before ...)
- TODO: check
+ NOT-FOR-US: ibm tivoli_access_manager_for_e business
CVE-2010-4624 (MyBB (aka MyBulletinBoard) before 1.4.12 allows remote authenticated ...)
- TODO: check
+ NOT-FOR-US: mybb
CVE-2010-4625 (MyBB (aka MyBulletinBoard) before 1.4.12 does not properly handle a ...)
- TODO: check
+ NOT-FOR-US: mybb
CVE-2010-4626 (The my_rand function in functions.php in MyBB (aka MyBulletinBoard) ...)
- TODO: check
+ NOT-FOR-US: mybb
CVE-2010-4627 (Cross-site request forgery (CSRF) vulnerability in usercp2.php in MyBB ...)
- TODO: check
+ NOT-FOR-US: mybb
CVE-2010-4628 (member.php in MyBB (aka MyBulletinBoard) before 1.4.12 makes a certain ...)
- TODO: check
+ NOT-FOR-US: mybb
CVE-2010-4629 (MyBB (aka MyBulletinBoard) before 1.4.12 does not properly restrict ...)
- TODO: check
+ NOT-FOR-US: mybb
CVE-2010-4630 (Cross-site scripting (XSS) vulnerability in ...)
- TODO: check
+ NOT-FOR-US: fubra wp survey and quiz tool
CVE-2010-4631 (Multiple cross-site scripting (XSS) vulnerabilities in ASPilot Pilot ...)
- TODO: check
+ NOT-FOR-US: pilotcart pilot_cart
CVE-2010-4632 (Multiple SQL injection vulnerabilities in ASPilot Pilot Cart 7.3 allow ...)
- TODO: check
+ NOT-FOR-US: pilotcart pilot_cart
CVE-2010-4633 (SQL injection vulnerability in cart.php in digiSHOP 2.0.2 allows ...)
- TODO: check
+ NOT-FOR-US: sumeffect digishop
CVE-2010-4634 (** DISPUTED ** ...)
- TODO: check
+ NOT-FOR-US: osticket
CVE-2010-4635 (SQL injection vulnerability in detail.asp in Site2Nite Vacation Rental ...)
- TODO: check
+ NOT-FOR-US: site2nite vacation_rental_listings
CVE-2010-4636 (SQL injection vulnerability in detail.asp in Site2Nite Business ...)
- TODO: check
+ NOT-FOR-US: site2nite business_e listings
CVE-2010-4637 (Cross-site scripting (XSS) vulnerability in feedlist/handler_image.php ...)
- TODO: check
+ NOT-FOR-US: finalcut feedlist
CVE-2010-4638 (SQL injection vulnerability in the submitSurvey function in ...)
- TODO: check
+ NOT-FOR-US: iptechinside com_jquarks4s
CVE-2010-4639 (SQL injection vulnerability in index.php in MySource Matrix allows ...)
- TODO: check
+ NOT-FOR-US: intendance mysource_matrix
CVE-2010-4640 (Multiple cross-site scripting (XSS) vulnerabilities in XWiki Watch 1.0 ...)
- TODO: check
+ NOT-FOR-US: xwiki_watch
CVE-2010-4641 (SQL injection vulnerability in XWiki Enterprise before 2.5 allows ...)
- TODO: check
+ NOT-FOR-US: xwiki
CVE-2010-4642 (Cross-site scripting (XSS) vulnerability in XWiki Enterprise before ...)
- TODO: check
+ NOT-FOR-US: xwiki
CVE-2010-4643
RESERVED
CVE-2010-4644 (Multiple memory leaks in rev_hunt.c in Apache Subversion before 1.6.15 ...)
@@ -95094,7 +95095,7 @@ CVE-2010-4644 (Multiple memory leaks in rev_hunt.c in Apache Subversion before 1
CVE-2010-4645 (strtod.c, as used in the zend_strtod function in PHP 5.2 before 5.2.17 ...)
TODO: check
CVE-2010-4646 (Cross-site scripting (XSS) vulnerability in Hastymail2 before 1.01 ...)
- TODO: check
+ NOT-FOR-US: hastymail2
CVE-2010-4647 (Multiple cross-site scripting (XSS) vulnerabilities in the Help ...)
TODO: check
CVE-2010-4648
@@ -95140,59 +95141,59 @@ CVE-2010-4667
CVE-2010-4668 (The blk_rq_map_user_iov function in block/blk-map.c in the Linux ...)
TODO: check
CVE-2010-4669 (The Neighbor Discovery (ND) protocol implementation in the IPv6 stack ...)
- TODO: check
+ NOT-FOR-US: microsoft windows_xp
CVE-2010-4670 (The Neighbor Discovery (ND) protocol implementation in the IPv6 stack ...)
- TODO: check
+ NOT-FOR-US: cisco pix_security_appliance
CVE-2010-4671 (The Neighbor Discovery (ND) protocol implementation in the IPv6 stack ...)
- TODO: check
+ NOT-FOR-US: cisco ios
CVE-2010-4672 (Cisco Adaptive Security Appliances (ASA) 5500 series devices with ...)
- TODO: check
+ NOT-FOR-US: cisco asa_5500
CVE-2010-4673 (Cisco Adaptive Security Appliances (ASA) 5500 series devices with ...)
- TODO: check
+ NOT-FOR-US: cisco asa_5500
CVE-2010-4674 (Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) ...)
- TODO: check
+ NOT-FOR-US: cisco asa_5500
CVE-2010-4675 (Cisco Adaptive Security Appliances (ASA) 5500 series devices with ...)
- TODO: check
+ NOT-FOR-US: cisco asa_5500
CVE-2010-4676 (Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) ...)
- TODO: check
+ NOT-FOR-US: cisco asa_5500
CVE-2010-4677 (emWEB on Cisco Adaptive Security Appliances (ASA) 5500 series devices ...)
- TODO: check
+ NOT-FOR-US: cisco asa_5500
CVE-2010-4678 (Cisco Adaptive Security Appliances (ASA) 5500 series devices with ...)
- TODO: check
+ NOT-FOR-US: cisco asa_5500
CVE-2010-4679 (Cisco Adaptive Security Appliances (ASA) 5500 series devices with ...)
- TODO: check
+ NOT-FOR-US: cisco asa_5500
CVE-2010-4680 (The WebVPN implementation on Cisco Adaptive Security Appliances (ASA) ...)
- TODO: check
+ NOT-FOR-US: cisco asa_5500
CVE-2010-4681 (Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) ...)
- TODO: check
+ NOT-FOR-US: cisco asa_5500
CVE-2010-4682 (Memory leak on Cisco Adaptive Security Appliances (ASA) 5500 series ...)
- TODO: check
+ NOT-FOR-US: cisco asa_5500
CVE-2010-4683 (Memory leak in Cisco IOS before 15.0(1)XA5 might allow remote ...)
- TODO: check
+ NOT-FOR-US: cisco ios
CVE-2010-4684 (Cisco IOS before 15.0(1)XA1, when certain TFTP debugging is enabled, ...)
- TODO: check
+ NOT-FOR-US: cisco ios
CVE-2010-4685 (Cisco IOS before 15.0(1)XA1 does not clear the public key cache upon a ...)
- TODO: check
+ NOT-FOR-US: cisco ios
CVE-2010-4686 (CallManager Express (CME) on Cisco IOS before 15.0(1)XA1 does not ...)
- TODO: check
+ NOT-FOR-US: cisco ios
CVE-2010-4687 (STCAPP (aka the SCCP telephony control application) on Cisco IOS ...)
- TODO: check
+ NOT-FOR-US: cisco ios
CVE-2010-4688 (Unspecified vulnerability in the SIP inspection feature on Cisco ...)
- TODO: check
+ NOT-FOR-US: cisco asa_5500
CVE-2010-4689 (Cisco Adaptive Security Appliances (ASA) 5500 series devices with ...)
- TODO: check
+ NOT-FOR-US: cisco asa_5500
CVE-2010-4690 (The Mobile User Security (MUS) service on Cisco Adaptive Security ...)
- TODO: check
+ NOT-FOR-US: cisco asa_5500
CVE-2010-4691 (Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) ...)
- TODO: check
+ NOT-FOR-US: cisco asa_5500
CVE-2010-4692 (Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) ...)
- TODO: check
+ NOT-FOR-US: cisco asa_5500
CVE-2010-4693 (Multiple cross-site scripting (XSS) vulnerabilities in Coppermine ...)
- TODO: check
+ NOT-FOR-US: coppermine gallery coppermine_photo_gallery
CVE-2010-4694 (Buffer overflow in gif2png.c in gif2png 2.5.3 and earlier might allow ...)
- TODO: check
+ BUG: 351698
CVE-2010-4695 (A certain Fedora patch for gif2png.c in gif2png 2.5.1 and 2.5.2, as ...)
- TODO: check
+ BUG: 351698
CVE-2010-4696 (Multiple SQL injection vulnerabilities in Joomla! 1.5.x before 1.5.22 ...)
TODO: check
CVE-2010-4697 (Use-after-free vulnerability in the Zend engine in PHP before 5.2.15 ...)
@@ -95204,11 +95205,11 @@ CVE-2010-4699 (The iconv_mime_decode_headers function in the Iconv extension in
CVE-2010-4700 (The set_magic_quotes_runtime function in PHP 5.3.2 and 5.3.3, when the ...)
TODO: check
CVE-2010-4701 (Heap-based buffer overflow in the CDrawPoly::Serialize function in ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows Fax Services Cover Page Editor
CVE-2010-4702 (SQL injection vulnerability in JRadio (com_jradio) component before ...)
- TODO: check
+ NOT-FOR-US: JRadio com_jradio component
CVE-2010-4703 (SQL injection vulnerability in default.asp in HotWebScripts HotWeb ...)
- TODO: check
+ NOT-FOR-US: HotWebScripts
CVE-2011-0001
RESERVED
CVE-2011-0002
^ permalink raw reply related [flat|nested] 20+ messages in thread
* [gentoo-commits] proj/security:master commit in: data/CVE/
@ 2014-08-04 23:45 Pavlos Ratis
0 siblings, 0 replies; 20+ messages in thread
From: Pavlos Ratis @ 2014-08-04 23:45 UTC (permalink / raw
To: gentoo-commits
commit: a83b5012e4ea9ae583a60f5d7623f9992368b28b
Author: Stefan Behte <craig <AT> gentoo <DOT> org>
AuthorDate: Fri May 13 08:54:37 2011 +0000
Commit: Pavlos Ratis <dastergon <AT> gentoo <DOT> org>
CommitDate: Fri May 13 08:54:37 2011 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/security.git;a=commit;h=a83b5012
nfu
svn path=/; revision=2225
---
data/CVE/list | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/data/CVE/list b/data/CVE/list
index 405fdf9..39ac9ce 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -85650,7 +85650,7 @@ CVE-2009-4973 (SQL injection vulnerability in rss.php in TotalCalendar 2.4 allow
CVE-2009-4974 (Directory traversal vulnerability in box_display.php in TotalCalendar ...)
NOT-FOR-US: sweetphp totalcalendar
CVE-2009-4975 (Cross-site scripting (XSS) vulnerability in webview.cpp in ...)
- TODO: check
+ NOT-FOR-US: nokia qtdemobrowser
CVE-2009-4976 (Cross-site scripting (XSS) vulnerability in webkitpart.cpp in ...)
BUG: 335869
CVE-2009-4977 (PHP remote file inclusion vulnerability in index.php in MyBackup 1.4.0 ...)
@@ -85830,7 +85830,7 @@ CVE-2009-5063
CVE-2009-5064 (** DISPUTED ** ldd in the GNU C Library (aka glibc or libc6) 2.13 and ...)
TODO: check
CVE-2009-5065 (Cross-site scripting (XSS) vulnerability in feedparser.py in Universal ...)
- TODO: check
+ NOT-FOR-US: mark_pilgrim feedparser
CVE-2009-5066
RESERVED
CVE-2009-5067
@@ -85842,13 +85842,13 @@ CVE-2009-5069
CVE-2009-5070
RESERVED
CVE-2009-5071 (Unspecified vulnerability in Palm Pre WebOS before 1.2.1 has unknown ...)
- TODO: check
+ NOT-FOR-US: hp palm_pre_webos
CVE-2009-5072 (Memory leak in the ldap_explode_dn function in IBM Tivoli Directory ...)
- TODO: check
+ NOT-FOR-US: ibm tivoli_directory_server
CVE-2009-5073 (IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.59 (aka ...)
- TODO: check
+ NOT-FOR-US: ibm tivoli_directory_server
CVE-2009-5074 (Unspecified vulnerability in the MojoX::Dispatcher::Static ...)
- TODO: check
+ NOT-FOR-US: mojolicious
CVE-2010-0001 (Integer underflow in the unlzw function in unlzw.c in gzip before 1.4 ...)
BUG: 300943
CVE-2010-0002 (The /etc/profile.d/60alias.sh script in the Mandriva bash package for ...)
^ permalink raw reply related [flat|nested] 20+ messages in thread
* [gentoo-commits] proj/security:master commit in: data/CVE/
@ 2014-08-04 23:45 Pavlos Ratis
0 siblings, 0 replies; 20+ messages in thread
From: Pavlos Ratis @ 2014-08-04 23:45 UTC (permalink / raw
To: gentoo-commits
commit: 6d197200fc0dcbb8893e1af052711638be030474
Author: Stefan Behte <craig <AT> gentoo <DOT> org>
AuthorDate: Fri May 13 11:45:18 2011 +0000
Commit: Pavlos Ratis <dastergon <AT> gentoo <DOT> org>
CommitDate: Fri May 13 11:45:18 2011 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/security.git;a=commit;h=6d197200
bug numbers, NFU
svn path=/; revision=2226
---
data/CVE/list | 124 +++++++++++++++++++++++++++++-----------------------------
1 file changed, 62 insertions(+), 62 deletions(-)
diff --git a/data/CVE/list b/data/CVE/list
index 39ac9ce..e2a3357 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -86090,7 +86090,7 @@ CVE-2010-0119 (Bournal before 1.4.1 on FreeBSD 8.0, when the -K option is used,
CVE-2010-0120 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...)
NOT-FOR-US: realnetworks realplayer_sp
CVE-2010-0121 (The cook codec in RealNetworks RealPlayer 11.0 through 11.1, ...)
- TODO: check
+ NOT-FOR-US: realnetworks realplayer_sp
CVE-2010-0122 (Multiple SQL injection vulnerabilities in Employee Timeclock Software ...)
NOT-FOR-US: timeclock software employee_timeclock_software
CVE-2010-0123 (The database backup implementation in Employee Timeclock Software 0.99 ...)
@@ -86098,7 +86098,7 @@ CVE-2010-0123 (The database backup implementation in Employee Timeclock Software
CVE-2010-0124 (Employee Timeclock Software 0.99 places the database password on the ...)
NOT-FOR-US: timeclock software employee_timeclock_software
CVE-2010-0125 (RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through ...)
- TODO: check
+ NOT-FOR-US: realnetworks realplayer_sp
CVE-2010-0126 (Heap-based buffer overflow in an unspecified library in Autonomy ...)
NOT-FOR-US: autonomy keyview_viewer_sdk
CVE-2010-0127 (Adobe Shockwave Player before 11.5.7.609 allows remote attackers to ...)
@@ -86301,7 +86301,7 @@ CVE-2010-0214 (The administrative interface on the PolyVision RoomWizard with ..
CVE-2010-0215 (ActiveCollab before 2.3.2 allows remote authenticated users to bypass ...)
NOT-FOR-US: a51dev activecollab
CVE-2010-0216 (authenticate_ad_setup_finished.cfm in MediaCAST 8 and earlier allows ...)
- TODO: check
+ NOT-FOR-US: inventivetec mediacast
CVE-2010-0217
RESERVED
CVE-2010-0218 (ISC BIND 9.7.2 through 9.7.2-P1 uses an incorrect ACL to restrict the ...)
@@ -88886,7 +88886,7 @@ CVE-2010-1506 (The Google V8 bindings in Google Chrome before 4.1.249.1059 allow
CVE-2010-1507 (WebYaST in yast2-webclient in SUSE Linux Enterprise (SLE) 11 on the ...)
NOT-FOR-US: novell suse_linux
CVE-2010-1508 (Heap-based buffer overflow in Apple QuickTime before 7.6.9 on Windows ...)
- TODO: check
+ NOT-FOR-US: apple quicktime
CVE-2010-1509 (IrfanView before 4.27 does not properly handle an unspecified integer ...)
NOT-FOR-US: irfanview
CVE-2010-1510 (Heap-based buffer overflow in IrfanView before 4.27 allows remote ...)
@@ -89219,9 +89219,9 @@ CVE-2010-1672
CVE-2010-1673
RESERVED
CVE-2010-1674 (The extended-community parser in bgpd in Quagga before 0.99.18 allows ...)
- TODO: check
+ BUG: 359903
CVE-2010-1675 (bgpd in Quagga before 0.99.18 allows remote attackers to cause a ...)
- TODO: check
+ BUG: 359903
CVE-2010-1676 (Heap-based buffer overflow in Tor before 0.2.1.28 and 0.2.2.x before ...)
TODO: check
CVE-2010-1677 (MHonArc 2.6.16 allows remote attackers to cause a denial of service ...)
@@ -91051,11 +91051,11 @@ CVE-2010-2585 (Multiple buffer overflows in the RealPage Module Upload ActiveX .
CVE-2010-2586 (Multiple integer overflows in in_nsv.dll in the in_nsv plugin in ...)
NOT-FOR-US: nullsoft winamp
CVE-2010-2587 (The dirapi.dll module in Adobe Shockwave Player before 11.5.9.620 ...)
- TODO: check
+ NOT-FOR-US: adobe shockwave_player
CVE-2010-2588 (The dirapi.dll module in Adobe Shockwave Player before 11.5.9.620 ...)
- TODO: check
+ NOT-FOR-US: adobe shockwave_player
CVE-2010-2589 (Integer overflow in the dirapi.dll module in Adobe Shockwave Player ...)
- TODO: check
+ NOT-FOR-US: adobe shockwave_player
CVE-2010-2590 (Heap-based buffer overflow in the ...)
NOT-FOR-US: sap crystal_reports
CVE-2010-2591
@@ -91399,7 +91399,7 @@ CVE-2010-2759 (Bugzilla 2.23.1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 through
CVE-2010-2760 (Use-after-free vulnerability in the nsTreeSelection function in ...)
TODO: check
CVE-2010-2761 (The multipart_init function in (1) CGI.pm before 3.50 and (2) ...)
- TODO: check
+ NOT-FOR-US: andy_armstrong cgi pm
CVE-2010-2762 (The XPCSafeJSObjectWrapper class in the SafeJSObjectWrapper (aka SJOW) ...)
TODO: check
CVE-2010-2763 (The XPCSafeJSObjectWrapper class in the SafeJSObjectWrapper (aka SJOW) ...)
@@ -91463,7 +91463,7 @@ CVE-2010-2791 (mod_proxy in httpd in Apache HTTP Server 2.2.9, when running on U
CVE-2010-2792 (Race condition in the SPICE (aka spice-xpi) plug-in 2.2 for Firefox ...)
NOT-FOR-US: redhat spice xpi
CVE-2010-2793 (Race condition in the SPICE (aka spice-activex) plug-in for Internet ...)
- TODO: check
+ NOT-FOR-US: redhat spice activex
CVE-2010-2794 (The SPICE (aka spice-xpi) plug-in 2.2 for Firefox allows local users ...)
NOT-FOR-US: redhat spice xpi
CVE-2010-2795 (phpCAS before 1.1.2 allows remote authenticated users to hijack ...)
@@ -91862,13 +91862,13 @@ CVE-2010-2990 (Citrix Online Plug-in for Windows for XenApp & XenDesktop bef
CVE-2010-2991 (The IICAClient interface in the ICAClient library in the ICA Client ...)
NOT-FOR-US: citrix online_plug in_for_windows_for_xenapp_ _xendesktop
CVE-2010-2992 (packet-gsm_a_rr.c in the GSM A RR dissector in Wireshark 1.2.2 through ...)
- TODO: check
+ BUG: 330479
CVE-2010-2993 (The IPMI dissector in Wireshark 1.2.0 through 1.2.9 allows remote ...)
- TODO: check
+ BUG: 330479
CVE-2010-2994 (Stack-based buffer overflow in the ASN.1 BER dissector in Wireshark ...)
- TODO: check
+ BUG: 330479
CVE-2010-2995 (The SigComp Universal Decompressor Virtual Machine (UDVM) in Wireshark ...)
- TODO: check
+ BUG: 330479
CVE-2010-2996 (Array index error in RealNetworks RealPlayer 11.0 through 11.1 on ...)
NOT-FOR-US: realnetworks realplayer
CVE-2010-2997 (Use-after-free vulnerability in RealNetworks RealPlayer 11.0 through ...)
@@ -92399,13 +92399,13 @@ CVE-2010-3258 (The sandbox implementation in Google Chrome before 6.0.472.53 doe
CVE-2010-3259 (WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, ...)
TODO: check
CVE-2010-3260 (oxf/xml/xerces/XercesSAXParserFactoryImpl.java in the xforms-server ...)
- TODO: check
+ NOT-FOR-US: orbeon forms
CVE-2010-3261 (Directory traversal vulnerability in RSA Authentication Agent 7.0 ...)
NOT-FOR-US: rsa authentication_agent_for_web
CVE-2010-3262 (Cross-site scripting (XSS) vulnerability in Flock Browser 3.x before ...)
NOT-FOR-US: flock
CVE-2010-3263 (Cross-site scripting (XSS) vulnerability in setup/frames/index.inc.php ...)
- TODO: check
+ BUG: 336462
CVE-2010-3264 (The engine installer in Novell Identity Manager (aka IDM) 3.6.1 stores ...)
NOT-FOR-US: novell identity_manager
CVE-2010-3265
@@ -92580,7 +92580,7 @@ CVE-2010-3348 (Microsoft Internet Explorer 6, 7, and 8 does not prevent renderin
CVE-2010-3349 (Ardour 2.8.11 places a zero-length directory name in the ...)
BUG: 341567
CVE-2010-3350 (bareFTP 0.3.4 places a zero-length directory name in the ...)
- TODO: check
+ NOT-FOR-US: fixed for long enough
CVE-2010-3351 (startBristol in Bristol 0.60.5 places a zero-length directory name in ...)
TODO: check
CVE-2010-3352
@@ -93591,7 +93591,7 @@ CVE-2010-3852 (The default configuration of Luci 0.22.4 and earlier in Red Hat C
CVE-2010-3853 (pam_namespace.c in the pam_namespace module in Linux-PAM (aka pam) ...)
TODO: check
CVE-2010-3854 (Multiple cross-site scripting (XSS) vulnerabilities in the web ...)
- TODO: check
+ BUG: 353243
CVE-2010-3855 (Buffer overflow in the ft_var_readpackedpoints function in ...)
TODO: check
CVE-2010-3856 (ld.so in the GNU C Library (aka glibc or libc6) before 2.11.3, and ...)
@@ -93800,7 +93800,7 @@ CVE-2010-3956 (The OpenType Font (OTF) driver in Microsoft Windows XP SP2 and SP
CVE-2010-3957 (Double free vulnerability in the OpenType Font (OTF) driver in ...)
NOT-FOR-US: microsoft windows_xp
CVE-2010-3958 (The x86 JIT compiler in Microsoft .NET Framework 2.0 SP2, 3.5 SP1, ...)
- TODO: check
+ NOT-FOR-US: microsoft windows_xp
CVE-2010-3959 (The OpenType Font (OTF) driver in Microsoft Windows XP SP2 and SP3, ...)
NOT-FOR-US: microsoft windows_xp
CVE-2010-3960 (Hyper-V in Microsoft Windows Server 2008 Gold, SP2, and R2 allows ...)
@@ -93832,7 +93832,7 @@ CVE-2010-3972 (Heap-based buffer overflow in the TELNET_STREAM_CONTEXT::OnSendDa
CVE-2010-3973 (The WMITools ActiveX control in WBEMSingleView.ocx 1.50.1131.0 in ...)
NOT-FOR-US: microsoft wmi_administrative_tools
CVE-2010-3974 (fxscover.exe in the Fax Cover Page Editor in Microsoft Windows XP SP2 ...)
- TODO: check
+ NOT-FOR-US: microsoft windows_xp
CVE-2010-3975 (Untrusted search path vulnerability in Adobe Flash Player 9 allows ...)
TODO: check
CVE-2010-3976 (Untrusted search path vulnerability in Adobe Flash Player before ...)
@@ -93852,7 +93852,7 @@ CVE-2010-3982 (SAP BusinessObjects Enterprise XI 3.2 allows remote attackers to
CVE-2010-3983 (CmcApp in SAP BusinessObjects Enterprise XI 3.2 allows remote ...)
NOT-FOR-US: sap businessobjects
CVE-2010-3984 (Buffer overflow in mng_core_com.dll in CA XOsoft Replication r12.0 SP1 ...)
- TODO: check
+ NOT-FOR-US: xosoft_replication
CVE-2010-3985 (Cross-site scripting (XSS) vulnerability in HP Operations ...)
NOT-FOR-US: hp operations_orchestration
CVE-2010-3986 (Unspecified vulnerability in HP Virtual Connect Enterprise Manager ...)
@@ -93902,7 +93902,7 @@ CVE-2010-4007 (Oracle Mojarra uses an encrypted View State without a Message ...
CVE-2010-4008 (libxml2 before 2.7.8, as used in Google Chrome before 7.0.517.44, ...)
TODO: check
CVE-2010-4009 (Integer overflow in Apple QuickTime before 7.6.9 allows remote ...)
- TODO: check
+ NOT-FOR-US: apple quicktime
CVE-2010-4010 (Integer signedness error in Apple Type Services (ATS) in Apple Mac OS ...)
NOT-FOR-US: apple mac_os_x_server
CVE-2010-4011 (Dovecot in Apple Mac OS X 10.6.5 10H574 does not properly manage ...)
@@ -94070,7 +94070,7 @@ CVE-2010-4091 (The EScript.api plugin in Adobe Reader and Acrobat 10.x before 10
CVE-2010-4092 (Use-after-free vulnerability in an unspecified compatibility component ...)
NOT-FOR-US: adobe shockwave_player
CVE-2010-4093 (Adobe Shockwave Player before 11.5.9.620 allows attackers to execute ...)
- TODO: check
+ NOT-FOR-US: adobe shockwave_player
CVE-2010-4094 (The Tomcat server in IBM Rational Quality Manager and Rational Test ...)
NOT-FOR-US: ibm rational_test_lab_manager
CVE-2010-4095 (Directory traversal vulnerability in the FTP client in Serengeti ...)
@@ -94250,7 +94250,7 @@ CVE-2010-4181 (Directory traversal vulnerability in Yaws 1.89 allows remote atta
CVE-2010-4182 (Untrusted search path vulnerability in the Data Access Objects (DAO) ...)
NOT-FOR-US: microsoft windows_xp
CVE-2010-4183 (Multiple cross-site scripting (XSS) vulnerabilities in HTML Purifier ...)
- TODO: check
+ NOT-FOR-US: htmlpurifier
CVE-2010-4184 (NetSupport Manager (NSM) before 11.00.0005 sends HTTP headers with ...)
NOT-FOR-US: netsupportsoftware netsupport_manager
CVE-2010-4185 (SQL injection vulnerability in index.php in Energine, possibly 2.3.8 ...)
@@ -94343,7 +94343,7 @@ CVE-2010-4227 (The xdrDecodeString function in XNFS.NLM in Novell Netware 6.5 be
CVE-2010-4228 (Stack-based buffer overflow in NWFTPD.NLM before 5.10.02 in the FTP ...)
NOT-FOR-US: novell netware
CVE-2010-4229 (Directory traversal vulnerability in an unspecified servlet in the ...)
- TODO: check
+ NOT-FOR-US: novell zenworks_configuration_management
CVE-2010-4230 (Stack-based buffer overflow in a certain ActiveX control for the ...)
NOT-FOR-US: tecvoz cmnc 200
CVE-2010-4231 (Directory traversal vulnerability in the web-based administration ...)
@@ -94355,7 +94355,7 @@ CVE-2010-4233 (The Linux installation on the Camtron CMNC-200 Full HD IP Camera
CVE-2010-4234 (The web server on the Camtron CMNC-200 Full HD IP Camera and TecVoz ...)
NOT-FOR-US: tecvoz cmnc 200
CVE-2010-4235 (Format string vulnerability in RealNetworks Helix Server 12.x, 13.x, ...)
- TODO: check
+ NOT-FOR-US: realnetworks helix_server
CVE-2010-4236 (Untrusted search path vulnerability in estaskwrapper in IBM OmniFind ...)
NOT-FOR-US: ibm omnifind
CVE-2010-4237
@@ -94415,7 +94415,7 @@ CVE-2010-4263 (The igb_receive_skb function in drivers/net/igb/igb_main.c in the
CVE-2010-4264
RESERVED
CVE-2010-4265 (The ...)
- TODO: check
+ NOT-FOR-US: redhat jboss_remoting
CVE-2010-4266
RESERVED
CVE-2010-4267 (Stack-based buffer overflow in the hpmud_get_pml function in ...)
@@ -94453,7 +94453,7 @@ CVE-2010-4282 (Multiple directory traversal vulnerabilities in Pandora FMS befor
CVE-2010-4283 (PHP remote file inclusion vulnerability in extras/pandora_diag.php in ...)
NOT-FOR-US: artica pandora_fms
CVE-2010-4284 (SQL injection vulnerability in the authentication form in the ...)
- TODO: check
+ NOT-FOR-US: samsung data_management_server
CVE-2010-4285
RESERVED
CVE-2010-4286
@@ -94567,7 +94567,7 @@ CVE-2010-4339 (Cross-site scripting (XSS) vulnerability in Hypermail 2.2.0 allow
CVE-2010-4340
TODO: check
CVE-2010-4341 (The pam_parse_in_data_v2 function in src/responder/pam/pamsrv_cmd.c in ...)
- TODO: check
+ NOT-FOR-US: fedoraproject sssd
CVE-2010-4342 (The aun_incoming function in net/econet/af_econet.c in the Linux ...)
TODO: check
CVE-2010-4343 (drivers/scsi/bfa/bfa_core.c in the Linux kernel before 2.6.35 does not ...)
@@ -94671,7 +94671,7 @@ CVE-2010-4391 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 throug
CVE-2010-4392 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...)
NOT-FOR-US: realnetworks realplayer_sp
CVE-2010-4393 (Heap-based buffer overflow in vidplin.dll in RealNetworks RealPlayer ...)
- TODO: check
+ NOT-FOR-US: realnetworks realplayer_sp
CVE-2010-4394 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...)
NOT-FOR-US: realnetworks realplayer_sp
CVE-2010-4395 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...)
@@ -94705,9 +94705,9 @@ CVE-2010-4408 (Apache Archiva 1.0 through 1.0.3, 1.1 through 1.1.4, 1.2 through
CVE-2010-4409 (Integer overflow in the NumberFormatter::getSymbol (aka ...)
TODO: check
CVE-2010-4410 (CRLF injection vulnerability in the header function in (1) CGI.pm ...)
- TODO: check
+ NOT-FOR-US: andy_armstrong cgi pm
CVE-2010-4411 (Unspecified vulnerability in CGI.pm 3.50 and earlier allows remote ...)
- TODO: check
+ NOT-FOR-US: andy_armstrong cgi pm
CVE-2010-4412 (Multiple cross-site scripting (XSS) vulnerabilities in pfSense 2 beta ...)
NOT-FOR-US: bsdperimeter pfsense
CVE-2010-4413 (Unspecified vulnerability in the Scheduler Agent component in Oracle ...)
@@ -94875,7 +94875,7 @@ CVE-2010-4493 (Use-after-free vulnerability in Google Chrome before 8.0.552.215
CVE-2010-4494 (Double free vulnerability in libxml2 2.7.8 and other versions, as used ...)
TODO: check
CVE-2010-4495 (Unspecified vulnerability in the ActiveMatrix Runtime component in ...)
- TODO: check
+ NOT-FOR-US: tibco silver_cap_service
CVE-2010-4496 (Multiple SQL injection vulnerabilities in Collaborative Information ...)
NOT-FOR-US: tibco collaborative_information_manager
CVE-2010-4497 (Cross-site scripting (XSS) vulnerability in Collaborative Information ...)
@@ -94963,7 +94963,7 @@ CVE-2010-4536 (Multiple cross-site scripting (XSS) vulnerabilities in KSES, as u
CVE-2010-4537 (Unspecified vulnerability in CrawlTrack before 3.2.7, when a public ...)
NOT-FOR-US: crawltrack
CVE-2010-4538 (Buffer overflow in the sect_enttec_dmx_da function in ...)
- TODO: check
+ BUG: 350551
CVE-2010-4539 (The walk function in repos.c in the mod_dav_svn module for the Apache ...)
TODO: check
CVE-2010-4540 (Stack-based buffer overflow in the load_preset_response function in ...)
@@ -95079,7 +95079,7 @@ CVE-2010-4594 (The Connection Manager in IBM Lotus Mobile Connect before 6.1.4,
CVE-2010-4595 (The Connection Manager in IBM Lotus Mobile Connect before 6.1.4 ...)
NOT-FOR-US: ibm lotus_mobile_connect
CVE-2010-4596 (Stack-based buffer overflow in RealNetworks Helix Server 12.x, 13.x, ...)
- TODO: check
+ NOT-FOR-US: realnetworks helix_server
CVE-2010-4597 (Stack-based buffer overflow in the save method in the ...)
NOT-FOR-US: ecava integraxor
CVE-2010-4598 (Directory traversal vulnerability in Ecava IntegraXor 3.6.4000.0 and ...)
@@ -95379,15 +95379,15 @@ CVE-2010-4744 (Multiple unspecified vulnerabilities in abcm2ps before 5.9.13 hav
CVE-2010-4745 (Cross-site scripting (XSS) vulnerability in nav.html in PHPXref before ...)
NOT-FOR-US: gareth_watts phpxref
CVE-2010-4746 (Multiple memory leaks in the normalization functionality in 389 ...)
- TODO: check
+ NOT-FOR-US: fedoraproject 389_directory_server
CVE-2010-4747 (Cross-site scripting (XSS) vulnerability in ...)
NOT-FOR-US: ahmattox processing_embed_plugin
CVE-2010-4748 (Cross-site scripting (XSS) vulnerability in pmwiki.php in PmWiki ...)
NOT-FOR-US: pmwiki
CVE-2010-4749 (Multiple cross-site scripting (XSS) vulnerabilities in BLOG:CMS ...)
- TODO: check
+ NOT-FOR-US: blogcms blog cms
CVE-2010-4750 (Cross-site request forgery (CSRF) vulnerability in ...)
- TODO: check
+ NOT-FOR-US: blogcms blog cms
CVE-2010-4751 (SQL injection vulnerability in LightNEasy.php in LightNEasy 3.2.1, ...)
NOT-FOR-US: lightneasy
CVE-2010-4752 (SQL injection vulnerability in LightNEasy.php in LightNEasy 3.2.1, ...)
@@ -95445,51 +95445,51 @@ CVE-2010-4777
CVE-2010-4778 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
TODO: check
CVE-2010-4779 (Cross-site scripting (XSS) vulnerability in lib/includes/auth.inc.php ...)
- TODO: check
+ NOT-FOR-US: bravenewcode wptouch
CVE-2010-4780 (SQL injection vulnerability in the check_banlist function in ...)
- TODO: check
+ NOT-FOR-US: enanocms enano_cms
CVE-2010-4781 (index.php in Enano CMS 1.1.7pl1, and possibly other versions before ...)
- TODO: check
+ NOT-FOR-US: enanocms enano_cms
CVE-2010-4782 (Multiple SQL injection vulnerabilities in list.asp in Softwebs Nepal ...)
- TODO: check
+ NOT-FOR-US: softwebsnepal ananda_real_estate
CVE-2010-4783 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
- TODO: check
+ NOT-FOR-US: phpwebscripts easy_banner_free
CVE-2010-4784 (Multiple SQL injection vulnerabilities in member.php in PHP Web ...)
- TODO: check
+ NOT-FOR-US: phpwebscripts easy_banner_free
CVE-2010-4785 (The do_extendedOp function in ibmslapd in IBM Tivoli Directory Server ...)
- TODO: check
+ NOT-FOR-US: ibm tivoli_directory_server
CVE-2010-4786 (IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.63 (aka ...)
- TODO: check
+ NOT-FOR-US: ibm tivoli_directory_server
CVE-2010-4787 (IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.63 (aka ...)
- TODO: check
+ NOT-FOR-US: ibm tivoli_directory_server
CVE-2010-4788 (IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.62 (aka ...)
- TODO: check
+ NOT-FOR-US: ibm tivoli_directory_server
CVE-2010-4789 (Use-after-free vulnerability in the proxy-server implementation in IBM ...)
- TODO: check
+ NOT-FOR-US: ibm tivoli_directory_server
CVE-2010-4790 (Directory traversal vulnerability in FilterFTP 2.0.3, 2.0.5, and ...)
- TODO: check
+ NOT-FOR-US: in mediakg filterftp
CVE-2010-4791 (SQL injection vulnerability in ...)
- TODO: check
+ NOT-FOR-US: marcusg mg_user_fotoalbum_panel
CVE-2010-4792 (Cross-site scripting (XSS) vulnerability in title.php in OPEN IT ...)
- TODO: check
+ NOT-FOR-US: openit overlook
CVE-2010-4793 (SQL injection vulnerability in detail.asp in Site2Nite Auto e-Manager ...)
- TODO: check
+ NOT-FOR-US: site2nite auto_e manager
CVE-2010-4794 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
- TODO: check
+ NOT-FOR-US: joomlaseller com_jscalendar
CVE-2010-4795 (SQL injection vulnerability in the JS Calendar (com_jscalendar) ...)
- TODO: check
+ NOT-FOR-US: joomlaseller com_jscalendar
CVE-2010-4796 (Multiple SQL injection vulnerabilities in PHPYun 1.1.6 allow remote ...)
- TODO: check
+ NOT-FOR-US: phpyun
CVE-2010-4797 (Multiple SQL injection vulnerabilities in the log-in form in Truworth ...)
- TODO: check
+ NOT-FOR-US: truworthit flex_timesheet
CVE-2010-4798 (Directory traversal vulnerability in index.php in OrangeHRM 2.6.0.1 ...)
- TODO: check
+ NOT-FOR-US: orangehrm
CVE-2010-4799 (Multiple SQL injection vulnerabilities in Chipmunk Pwngame 1.0, when ...)
- TODO: check
+ NOT-FOR-US: pwngame
CVE-2010-4800 (SQL injection vulnerability in doadd.php in BaconMap 1.0 allows remote ...)
- TODO: check
+ NOT-FOR-US: baconmap
CVE-2010-4801 (Directory traversal vulnerability in admin/updatelist.php in BaconMap ...)
- TODO: check
+ NOT-FOR-US: baconmap
CVE-2010-4802 (Commands.pm in Mojolicious before 0.999928 does not properly perform ...)
TODO: check
CVE-2010-4803 (Mojolicious before 0.999927 does not properly implement HMAC-MD5 ...)
^ permalink raw reply related [flat|nested] 20+ messages in thread
* [gentoo-commits] proj/security:master commit in: data/CVE/
@ 2014-08-04 23:45 Pavlos Ratis
0 siblings, 0 replies; 20+ messages in thread
From: Pavlos Ratis @ 2014-08-04 23:45 UTC (permalink / raw
To: gentoo-commits
commit: e0fffdd3f0c376996e3c90c05a4dc17184708979
Author: Stefan Behte <craig <AT> gentoo <DOT> org>
AuthorDate: Fri May 13 08:13:43 2011 +0000
Commit: Pavlos Ratis <dastergon <AT> gentoo <DOT> org>
CommitDate: Fri May 13 08:13:43 2011 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/security.git;a=commit;h=e0fffdd3
nfu
svn path=/; revision=2224
---
data/CVE/list | 30 +++++++++++++++---------------
1 file changed, 15 insertions(+), 15 deletions(-)
diff --git a/data/CVE/list b/data/CVE/list
index 95d71d8..405fdf9 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -61011,9 +61011,9 @@ CVE-2007-6740 (The ftp_STOU function in FTPServer.py in pyftpdlib before 0.2.0 d
CVE-2007-6741 (The ftp_PORT function in FTPServer.py in pyftpdlib before 0.2.0 does ...)
NOT-FOR-US: g rodola pyftpdlib
CVE-2007-6742 (The get_filter_list function in IBM Tivoli Directory Server (TDS) 5.2 ...)
- TODO: check
+ NOT-FOR-US: ibm tivoli_directory_server
CVE-2007-6743 (Double free vulnerability in IBM Tivoli Directory Server (TDS) 5.2 ...)
- TODO: check
+ NOT-FOR-US: ibm tivoli_directory_server
CVE-2008-0001 (VFS in the Linux kernel before 2.6.22.16, and 2.6.23.x before ...)
BUG: 205980
CVE-2008-0002 (Apache Tomcat 6.0.0 through 6.0.15 processes parameters in the context ...)
@@ -75612,23 +75612,23 @@ CVE-2008-7273
CVE-2008-7274 (IBM WebSphere Application Server (WAS) 6.1.0.9, when the JAAS Login ...)
NOT-FOR-US: ibm websphere_application_server
CVE-2008-7275 (Multiple cross-site scripting (XSS) vulnerabilities in Open Ticket ...)
- TODO: check
+ NOT-FOR-US: already fixed, unstable anyways
CVE-2008-7276 (Kernel/System/Web/Request.pm in Open Ticket Request System (OTRS) ...)
- TODO: check
+ NOT-FOR-US: already fixed, unstable anyways
CVE-2008-7277 (Open Ticket Request System (OTRS) before 2.3.0-beta4 checks for the rw ...)
- TODO: check
+ NOT-FOR-US: already fixed, unstable anyways
CVE-2008-7278 (The S/MIME feature in Open Ticket Request System (OTRS) before 2.2.5, ...)
- TODO: check
+ NOT-FOR-US: already fixed, unstable anyways
CVE-2008-7279 (The CustomerInterface component in Open Ticket Request System (OTRS) ...)
- TODO: check
+ NOT-FOR-US: already fixed, unstable anyways
CVE-2008-7280 (Kernel/System/EmailParser.pm in PostmasterPOP3.pl in Open Ticket ...)
- TODO: check
+ NOT-FOR-US: already fixed, unstable anyways
CVE-2008-7281 (Open Ticket Request System (OTRS) before 2.2.7 sends e-mail containing ...)
- TODO: check
+ NOT-FOR-US: already fixed, unstable anyways
CVE-2008-7282 (Kernel/Output/HTML/CustomerNewTicketQueueSelectionGeneric.pm in Open ...)
- TODO: check
+ NOT-FOR-US: already fixed, unstable anyways
CVE-2008-7283 (Open Ticket Request System (OTRS) before 2.2.6, when customer group ...)
- TODO: check
+ NOT-FOR-US: already fixed, unstable anyways
CVE-2008-7284 (IBM Lotus Quickr 8.1 before 8100.003 services for Lotus Domino allows ...)
NOT-FOR-US: ibm lotus_quickr
CVE-2008-7285 (Unspecified vulnerability in the docnote string handling ...)
@@ -75636,13 +75636,13 @@ CVE-2008-7285 (Unspecified vulnerability in the docnote string handling ...)
CVE-2008-7286 (IBM Lotus Quickr 8.1 before 8.1.0.2 services for Lotus Domino does not ...)
NOT-FOR-US: ibm lotus_quickr
CVE-2008-7287 (Multiple memory leaks in the (1) ldap_init and (2) ...)
- TODO: check
+ NOT-FOR-US: ibm tivoli_directory_server
CVE-2008-7288 (IBM Tivoli Directory Server (TDS) 5.2 before 5.2.0.5-TIV-ITDS-LA0007 ...)
- TODO: check
+ NOT-FOR-US: ibm tivoli_directory_server
CVE-2008-7289 (IBM Tivoli Directory Server (TDS) 5.2 before 5.2.0.5-TIV-ITDS-LA0007 ...)
- TODO: check
+ NOT-FOR-US: ibm tivoli_directory_server
CVE-2008-7290 (Memory leak in the ldap_explode_rdn API function in IBM Tivoli ...)
- TODO: check
+ NOT-FOR-US: ibm tivoli_directory_server
CVE-2009-0001 (Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote ...)
NOT-FOR-US: apple quicktime
CVE-2009-0002 (Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote ...)
^ permalink raw reply related [flat|nested] 20+ messages in thread
* [gentoo-commits] proj/security:master commit in: data/CVE/
@ 2014-08-04 23:45 Pavlos Ratis
0 siblings, 0 replies; 20+ messages in thread
From: Pavlos Ratis @ 2014-08-04 23:45 UTC (permalink / raw
To: gentoo-commits
commit: 332e7353e9cfbfc0db3a6ad837b7e406441e9311
Author: Stefan Behte <craig <AT> gentoo <DOT> org>
AuthorDate: Mon Mar 28 00:35:51 2011 +0000
Commit: Pavlos Ratis <dastergon <AT> gentoo <DOT> org>
CommitDate: Mon Mar 28 00:35:51 2011 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/security.git;a=commit;h=332e7353
NFU, bug nrs.
svn path=/; revision=2222
---
data/CVE/list | 250 +++++++++++++++++++++++++++++-----------------------------
1 file changed, 125 insertions(+), 125 deletions(-)
diff --git a/data/CVE/list b/data/CVE/list
index b9de8d6..1a27a9e 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -75604,7 +75604,7 @@ CVE-2008-7272
CVE-2008-7273
RESERVED
CVE-2008-7274 (IBM WebSphere Application Server (WAS) 6.1.0.9, when the JAAS Login ...)
- TODO: check
+ NOT-FOR-US: ibm websphere_application_server
CVE-2008-7275 (Multiple cross-site scripting (XSS) vulnerabilities in Open Ticket ...)
TODO: check
CVE-2008-7276 (Kernel/System/Web/Request.pm in Open Ticket Request System (OTRS) ...)
@@ -75624,11 +75624,11 @@ CVE-2008-7282 (Kernel/Output/HTML/CustomerNewTicketQueueSelectionGeneric.pm in O
CVE-2008-7283 (Open Ticket Request System (OTRS) before 2.2.6, when customer group ...)
TODO: check
CVE-2008-7284 (IBM Lotus Quickr 8.1 before 8100.003 services for Lotus Domino allows ...)
- TODO: check
+ NOT-FOR-US: ibm lotus_quickr
CVE-2008-7285 (Unspecified vulnerability in the docnote string handling ...)
- TODO: check
+ NOT-FOR-US: ibm lotus_quickr
CVE-2008-7286 (IBM Lotus Quickr 8.1 before 8.1.0.2 services for Lotus Domino does not ...)
- TODO: check
+ NOT-FOR-US: ibm lotus_quickr
CVE-2009-0001 (Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote ...)
NOT-FOR-US: apple quicktime
CVE-2009-0002 (Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote ...)
@@ -81713,7 +81713,7 @@ CVE-2009-3026 (protocols/jabber/auth.c in libpurple in Pidgin 2.6.0, and possibl
CVE-2009-3027 (VRTSweb.exe in VRTSweb in Symantec Backup Exec Continuous Protection ...)
NOT-FOR-US: VRTSweb in Symantec Backup Exec Continuous Protection Server CPS
CVE-2009-3028 (The Altiris eXpress NS SC Download ActiveX control in ...)
- TODO: check
+ NOT-FOR-US: symantec management_platform
CVE-2009-3029 (Cross-site scripting (XSS) vulnerability in the console in Symantec ...)
NOT-FOR-US: symantec securityexpressions_audit_and_compliance_server
CVE-2009-3030 (Cross-site scripting (XSS) vulnerability in Symantec ...)
@@ -85714,9 +85714,9 @@ CVE-2009-5012 (ftpserver.py in pyftpdlib before 0.5.2 does not require the l ...
CVE-2009-5013 (Memory leak in the on_dtp_close function in ftpserver.py in pyftpdlib ...)
NOT-FOR-US: g rodola pyftpdlib
CVE-2009-5014 (The default quickstart configuration of TurboGears2 (aka tg2) before ...)
- TODO: check
+ NOT-FOR-US: trubogear
CVE-2009-5015 (The URL dispatch mechanism in TurboGears2 (aka tg2) before 2.0.2 ...)
- TODO: check
+ NOT-FOR-US: turbogears2
CVE-2009-5016 (Integer overflow in the xml_utf8_decode function in ext/xml/xml.c in ...)
TODO: check
CVE-2009-5017 (Mozilla Firefox before 3.6 Beta 3 does not properly handle overlong ...)
@@ -85750,23 +85750,23 @@ CVE-2009-5030
CVE-2009-5031
RESERVED
CVE-2009-5032 (The encrypted e-mail feature in IBM Lotus Notes Traveler before ...)
- TODO: check
+ NOT-FOR-US: ibm lotus_notes_traveler
CVE-2009-5033 (IBM Lotus Notes Traveler before 8.5.0.2 does not properly handle a "* ...)
- TODO: check
+ NOT-FOR-US: ibm lotus_notes_traveler
CVE-2009-5034 (IBM Lotus Notes Traveler before 8.5.0.2 allows remote authenticated ...)
- TODO: check
+ NOT-FOR-US: ibm lotus_notes_traveler
CVE-2009-5035 (The Nokia client in IBM Lotus Notes Traveler before 8.5.0.2 does not ...)
- TODO: check
+ NOT-FOR-US: ibm lotus_notes_traveler
CVE-2009-5036 (traveler.exe in IBM Lotus Notes Traveler before 8.0.1.3 CF1 allows ...)
- TODO: check
+ NOT-FOR-US: ibm lotus_notes_traveler
CVE-2009-5037 (Cisco Adaptive Security Appliances (ASA) 5500 series devices with ...)
- TODO: check
+ NOT-FOR-US: cisco asa_5500
CVE-2009-5038 (Cisco IOS before 15.0(1)XA does not properly handle IRC traffic during ...)
- TODO: check
+ NOT-FOR-US: cisco ios
CVE-2009-5039 (Memory leak in the gk_circuit_info_do_in_acf function in the H.323 ...)
- TODO: check
+ NOT-FOR-US: cisco ios
CVE-2009-5040 (CallManager Express (CME) on Cisco IOS before 15.0(1)XA allows remote ...)
- TODO: check
+ NOT-FOR-US: cisco ios
CVE-2009-5041
RESERVED
CVE-2009-5042
@@ -85788,7 +85788,7 @@ CVE-2009-5049
CVE-2009-5050
RESERVED
CVE-2009-5051 (Hastymail2 before RC 8 does not set the secure flag for the session ...)
- TODO: check
+ NOT-FOR-US: hastymail2
CVE-2009-5052 (Multiple unspecified vulnerabilities in Smarty before 3.0.0 beta 6 ...)
TODO: check
CVE-2009-5053 (Unspecified vulnerability in Smarty before 3.0.0 beta 6 allows remote ...)
@@ -85802,15 +85802,15 @@ CVE-2009-5056 (Open Ticket Request System (OTRS) before 2.4.0-beta2 does not pro
CVE-2009-5057 (The S/MIME feature in Open Ticket Request System (OTRS) before 2.3.4 ...)
TODO: check
CVE-2009-5058 (Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.5 ...)
- TODO: check
+ NOT-FOR-US: ibm lotus_quickr
CVE-2009-5059 (Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.10 ...)
- TODO: check
+ NOT-FOR-US: ibm lotus_quickr
CVE-2009-5060 (Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.11 ...)
- TODO: check
+ NOT-FOR-US: ibm lotus_quickr
CVE-2009-5061 (Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.14 ...)
- TODO: check
+ NOT-FOR-US: ibm lotus_quickr
CVE-2009-5062 (IBM Lotus Quickr 8.1 before 8.1.0.15 services for Lotus Domino on AIX ...)
- TODO: check
+ NOT-FOR-US: ibm lotus_quickr
CVE-2010-0001 (Integer underflow in the unlzw function in unlzw.c in gzip before 1.4 ...)
BUG: 300943
CVE-2010-0002 (The /etc/profile.d/60alias.sh script in the Mandriva bash package for ...)
@@ -85888,7 +85888,7 @@ CVE-2010-0037 (Buffer overflow in Image RAW in Apple Mac OS X 10.5.8 and 10.6.2
CVE-2010-0038 (Recovery Mode in Apple iPhone OS 1.0 through 3.1.2, and iPhone OS for ...)
NOT-FOR-US: apple iphone_os
CVE-2010-0039 (The Application-Level Gateway (ALG) on the Apple Time Capsule, AirPort ...)
- TODO: check
+ NOT-FOR-US: apple time_capsule
CVE-2010-0040 (Integer overflow in ColorSync in Apple Safari before 4.0.5 on Windows, ...)
NOT-FOR-US: apple safari
CVE-2010-0041 (ImageIO in Apple Safari before 4.0.5 and iTunes before 9.1 on Windows ...)
@@ -86030,17 +86030,17 @@ CVE-2010-0108 (Buffer overflow in the cliproxy.objects.1 ActiveX control in the
CVE-2010-0109
RESERVED
CVE-2010-0110 (Multiple stack-based buffer overflows in Intel Alert Management System ...)
- TODO: check
+ NOT-FOR-US: symantec system_center
CVE-2010-0111 (HDNLRSVC.EXE in the Intel Alert Handler service (aka Symantec Intel ...)
- TODO: check
+ NOT-FOR-US: symantec system_center
CVE-2010-0112 (Multiple SQL injection vulnerabilities in the Administrative Interface ...)
NOT-FOR-US: symantec im_manager
CVE-2010-0113 (The Symantec Norton Mobile Security application 1.0 Beta for Android ...)
NOT-FOR-US: symantec mobile_security
CVE-2010-0114 (fw_charts.php in the reporting module in the Manager (aka SEPM) ...)
- TODO: check
+ NOT-FOR-US: symantec endpoint_protection
CVE-2010-0115 (SQL injection vulnerability in login.php in the GUI management console ...)
- TODO: check
+ NOT-FOR-US: symantec web_gateway
CVE-2010-0116 (Integer overflow in RealNetworks RealPlayer 11.0 through 11.1 and ...)
NOT-FOR-US: realnetworks realplayer_sp
CVE-2010-0117 (RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 ...)
@@ -86259,7 +86259,7 @@ CVE-2010-0212 (OpenLDAP 2.4.22 allows remote attackers to cause a denial of serv
CVE-2010-0213 (BIND 9.7.1 and 9.7.1-P1, when a recursive validating server has a ...)
NOT-FOR-US: We already have 9.7.1-p2
CVE-2010-0214 (The administrative interface on the PolyVision RoomWizard with ...)
- TODO: check
+ NOT-FOR-US: polyvision roomwizard
CVE-2010-0215 (ActiveCollab before 2.3.2 allows remote authenticated users to bypass ...)
NOT-FOR-US: a51dev activecollab
CVE-2010-0216
@@ -89187,11 +89187,11 @@ CVE-2010-1675
CVE-2010-1676 (Heap-based buffer overflow in Tor before 0.2.1.28 and 0.2.2.x before ...)
TODO: check
CVE-2010-1677 (MHonArc 2.6.16 allows remote attackers to cause a denial of service ...)
- TODO: check
+ BUG: 349563
CVE-2010-1678
RESERVED
CVE-2010-1679 (Directory traversal vulnerability in dpkg-source in dpkg before ...)
- TODO: check
+ BUG: 350877
CVE-2010-1680
RESERVED
CVE-2010-1681 (Buffer overflow in VISIODWG.DLL before 10.0.6880.4 in Microsoft Office ...)
@@ -89289,7 +89289,7 @@ CVE-2010-1726 (SQL injection vulnerability in offers_buy.php in EC21 Clone 3.0 a
CVE-2010-1727 (SQL injection vulnerability in type.asp in JobPost 1.0 allows remote ...)
NOT-FOR-US: aspsiteware jobpost
CVE-2010-1728 (Opera before 10.53 on Windows and Mac OS X does not properly handle a ...)
- TODO: check
+ NOT-FOR-US: opera_browser
CVE-2010-1729 (WebKit.dll in WebKit, as used in Safari.exe 4.531.9.1 in Apple Safari, ...)
TODO: check
CVE-2010-1730 (Dolphin Browser 2.5.0 on the HTC Hero allows remote attackers to cause ...)
@@ -91393,11 +91393,11 @@ CVE-2010-2775
CVE-2010-2776
RESERVED
CVE-2010-2777 (Stack-based buffer overflow in the IMAP server component in GroupWise ...)
- TODO: check
+ NOT-FOR-US: novell groupwise
CVE-2010-2778 (Cross-site scripting (XSS) vulnerability in WebAccess in Novell ...)
- TODO: check
+ NOT-FOR-US: novell groupwise
CVE-2010-2779 (Cross-site scripting (XSS) vulnerability in WebAccess in Novell ...)
- TODO: check
+ NOT-FOR-US: novell groupwise
CVE-2010-2780
RESERVED
CVE-2010-2781
@@ -91695,7 +91695,7 @@ CVE-2010-2926 (SQL injection vulnerability in index.php in sNews 1.7 allows remo
CVE-2010-2927 (The slapi_printmessage function in IBM Tivoli Directory Server (ITDS) ...)
NOT-FOR-US: ibm tivoli_directory_server
CVE-2010-2928 (The vCenter Tomcat Management Application in VMware vCenter Server 4.1 ...)
- TODO: check
+ NOT-FOR-US: vmware vcenter_server
CVE-2010-2929 (Untrusted search path vulnerability in hsolinkcontrol in hsolink ...)
NOT-FOR-US: pharscape hsolink
CVE-2010-2930 (Multiple stack-based buffer overflows in hsolinkcontrol in hsolink ...)
@@ -91923,13 +91923,13 @@ CVE-2010-3039 (/usr/local/cm/bin/pktCap_protectData in Cisco Unified Communicati
CVE-2010-3040 (Multiple stack-based buffer overflows in agent.exe in Setup Manager in ...)
NOT-FOR-US: cisco intelligent_contact_manager
CVE-2010-3041 (Multiple buffer overflows in the Cisco WebEx Recording Format (WRF) ...)
- TODO: check
+ NOT-FOR-US: cisco webex_recording_format_player
CVE-2010-3042 (Multiple buffer overflows in the Cisco WebEx Recording Format (WRF) ...)
- TODO: check
+ NOT-FOR-US: cisco webex_recording_format_player
CVE-2010-3043 (Multiple buffer overflows in the Cisco WebEx Recording Format (WRF) ...)
- TODO: check
+ NOT-FOR-US: cisco webex_recording_format_player
CVE-2010-3044 (Multiple buffer overflows in the Cisco WebEx Recording Format (WRF) ...)
- TODO: check
+ NOT-FOR-US: cisco webex_recording_format_player
CVE-2010-3045
RESERVED
CVE-2010-3046
@@ -91983,7 +91983,7 @@ CVE-2010-3069 (Stack-based buffer overflow in the (1) sid_parse and (2) dom_sid_
CVE-2010-3070 (Cross-site scripting (XSS) vulnerability in NuSOAP 0.9.5, as used in ...)
NOT-FOR-US: dietrich_ayala nusoap
CVE-2010-3071 (bip before 0.8.6 allows remote attackers to cause a denial of service ...)
- TODO: check
+ BUG: 336321
CVE-2010-3072 (The string-comparison functions in String.cci in Squid 3.x before ...)
BUG: 334263
CVE-2010-3073 (SSL_Cipher.cpp in EncFS before 1.7.0 does not properly handle integer ...)
@@ -92377,19 +92377,19 @@ CVE-2010-3266 (Multiple cross-site scripting (XSS) vulnerabilities in BugTracker
CVE-2010-3267 (Multiple SQL injection vulnerabilities in BugTracker.NET before 3.4.5 ...)
NOT-FOR-US: ifdefined bugtracker net
CVE-2010-3268 (The GetStringAMSHandler function in prgxhndl.dll in hndlrsvc.exe in ...)
- TODO: check
+ NOT-FOR-US: symantec endpoint_protection
CVE-2010-3269 (Multiple stack-based buffer overflows in the Cisco WebEx Recording ...)
- TODO: check
+ NOT-FOR-US: cisco webex_recording_format_player
CVE-2010-3270 (Stack-based buffer overflow in Cisco WebEx Meeting Center T27LB before ...)
- TODO: check
+ NOT-FOR-US: cisco webex_meeting_center
CVE-2010-3271
RESERVED
CVE-2010-3272 (accounts/ValidateAnswers in the security-questions implementation in ...)
- TODO: check
+ NOT-FOR-US: zohocorp manageengine_adselfservice_plus
CVE-2010-3273 (ZOHO ManageEngine ADSelfService Plus before 4.5 Build 4500 allows ...)
- TODO: check
+ NOT-FOR-US: zohocorp manageengine_adselfservice_plus
CVE-2010-3274 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
- TODO: check
+ NOT-FOR-US: zohocorp manageengine_adselfservice_plus
CVE-2010-3275
RESERVED
CVE-2010-3276
@@ -92540,7 +92540,7 @@ CVE-2010-3347
CVE-2010-3348 (Microsoft Internet Explorer 6, 7, and 8 does not prevent rendering of ...)
NOT-FOR-US: microsoft ie
CVE-2010-3349 (Ardour 2.8.11 places a zero-length directory name in the ...)
- TODO: check
+ BUG: 341567
CVE-2010-3350 (bareFTP 0.3.4 places a zero-length directory name in the ...)
TODO: check
CVE-2010-3351 (startBristol in Bristol 0.60.5 places a zero-length directory name in ...)
@@ -92570,7 +92570,7 @@ CVE-2010-3362 (lastfm 1.5.4 places a zero-length directory name in the ...)
CVE-2010-3363 (roarify in roaraudio 0.3 places a zero-length directory name in the ...)
NOT-FOR-US: roaraudio
CVE-2010-3364 (The vips-7.22 script in VIPS 7.22.2 places a zero-length directory ...)
- TODO: check
+ BUG: 344561
CVE-2010-3365 (Mistelix 0.31 places a zero-length directory name in the ...)
NOT-FOR-US: mistelix
CVE-2010-3366 (Mn_Fit 5.13 places a zero-length directory name in the ...)
@@ -92580,7 +92580,7 @@ CVE-2010-3367
CVE-2010-3368
RESERVED
CVE-2010-3369 (The (1) mdb and (2) mdb-symbolreader scripts in mono-debugger 2.4.3, ...)
- TODO: check
+ BUG: 346401
CVE-2010-3370
RESERVED
CVE-2010-3371
@@ -92630,7 +92630,7 @@ CVE-2010-3392
CVE-2010-3393 (magics-config in Magics++ 2.10.0 places a zero-length directory name ...)
NOT-FOR-US: ecmwf magics
CVE-2010-3394 (The (1) texmacs and (2) tm_mupad_help scripts in TeXmacs 1.0.7.4 place ...)
- TODO: check
+ BUG: 337532
CVE-2010-3395
RESERVED
CVE-2010-3396 (Buffer overflow in kavfm.sys in Kingsoft Antivirus 2010.04.26.648 and ...)
@@ -92973,7 +92973,7 @@ CVE-2010-3562 (Unspecified vulnerability in the 2D component in Oracle Java SE a
CVE-2010-3563 (Unspecified vulnerability in the Deployment component in Oracle Java ...)
TODO: check
CVE-2010-3564 (Unspecified vulnerability in the Oracle Communications Messaging ...)
- TODO: check
+ NOT-FOR-US: oracle sun_product_suite
CVE-2010-3565 (Unspecified vulnerability in the 2D component in Oracle Java SE and ...)
TODO: check
CVE-2010-3566 (Unspecified vulnerability in the 2D component in Oracle Java SE and ...)
@@ -93017,7 +93017,7 @@ CVE-2010-3584 (Unspecified vulnerability in the Oracle VM component in Oracle VM
CVE-2010-3585 (Unspecified vulnerability in the OracleVM component in Oracle VM 2.2.1 ...)
NOT-FOR-US: oracle vm
CVE-2010-3586 (Unspecified vulnerability in Oracle Solaris 9 allows local users to ...)
- TODO: check
+ NOT-FOR-US: sunos
CVE-2010-3587 (Unspecified vulnerability in the Oracle Common Applications component ...)
NOT-FOR-US: oracle e business_suite
CVE-2010-3588 (Unspecified vulnerability in the Oracle Discoverer component in Oracle ...)
@@ -93063,7 +93063,7 @@ CVE-2010-3607 (Cross-site scripting (XSS) vulnerability in AGENTS/index.php in N
CVE-2010-3608 (Multiple SQL injection vulnerabilities in wpQuiz 2.7 allow remote ...)
NOT-FOR-US: wire_plastic_design wpquiz
CVE-2010-3609 (Unspecified vulnerability in the Service Location Protocol daemon ...)
- TODO: check
+ NOT-FOR-US: vmware esxi
CVE-2010-3610
RESERVED
CVE-2010-3611 (ISC DHCP server 4.0 before 4.0.2, 4.1 before 4.1.2, and 4.2 before ...)
@@ -93071,17 +93071,17 @@ CVE-2010-3611 (ISC DHCP server 4.0 before 4.0.2, 4.1 before 4.1.2, and 4.2 befor
CVE-2010-3612
RESERVED
CVE-2010-3613 (named in ISC BIND 9.6.2 before 9.6.2-P3, 9.6-ESV before 9.6-ESV-R3, ...)
- TODO: check
+ BUG: 347621
CVE-2010-3614 (named in ISC BIND 9.x before 9.6.2-P3, 9.7.x before 9.7.2-P3, 9.4-ESV ...)
- TODO: check
+ BUG: 347621
CVE-2010-3615 (named in ISC BIND 9.7.2-P2 does not check all intended locations for ...)
- TODO: check
+ BUG: 347621
CVE-2010-3616 (ISC DHCP server 4.2 before 4.2.0-P2, when configured to use failover ...)
TODO: check
CVE-2010-3617
RESERVED
CVE-2010-3618 (PGP Desktop 10.0.x before 10.0.3 SP2 and 10.1.0 before 10.1.0 SP1 does ...)
- TODO: check
+ NOT-FOR-US: pgp desktop_for_windows
CVE-2010-3619 (Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on ...)
TODO: check
CVE-2010-3620 (Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, ...)
@@ -93283,7 +93283,7 @@ CVE-2010-3717 (The t3lib_div::validEmail function in TYPO3 4.2.x before 4.2.15,
CVE-2010-3718 (Apache Tomcat 7.0.0 through 7.0.3, 6.0.x, and 5.5.x, when running ...)
TODO: check
CVE-2010-3719 (Eval injection vulnerability in IMAdminSchedTask.asp in the ...)
- TODO: check
+ NOT-FOR-US: symantec im_manager
CVE-2010-3720
RESERVED
CVE-2010-3721
@@ -93700,13 +93700,13 @@ CVE-2010-3925 (Contents-Mall before 15 does not properly handle passwords, which
CVE-2010-3926 (Multiple cross-site scripting (XSS) vulnerabilities in Shop.cgi in ...)
NOT-FOR-US: wb i sgx sp_final_ne
CVE-2010-3927 (Untrusted search path vulnerability in Lunascape before 6.4.0 allows ...)
- TODO: check
+ NOT-FOR-US: lunascape
CVE-2010-3928 (Ruby Version Manager (RVM) before 1.2.1 writes file contents to a ...)
NOT-FOR-US: Ruby
CVE-2010-3929 (SQL injection vulnerability in MODx Evolution 1.0.4 and earlier allows ...)
- TODO: check
+ NOT-FOR-US: modxcms evolution
CVE-2010-3930 (Directory traversal vulnerability in MODx Evolution 1.0.4 and earlier ...)
- TODO: check
+ NOT-FOR-US: modxcms evolution
CVE-2010-3931 (Cross-site scripting (XSS) vulnerability in multiple Rocomotion ...)
NOT-FOR-US: multiple Rocomotion products including P board
CVE-2010-3932
@@ -94220,25 +94220,25 @@ CVE-2010-4185 (SQL injection vulnerability in index.php in Energine, possibly 2.
CVE-2010-4186 (SQL injection vulnerability in process.asp in OnlineTechTools Online ...)
NOT-FOR-US: onlinetechtools com oasys_professional
CVE-2010-4187 (Adobe Shockwave Player before 11.5.9.620 allows attackers to execute ...)
- TODO: check
+ NOT-FOR-US: adobe shockwave_player
CVE-2010-4188 (The dirapi.dll module in Adobe Shockwave Player before 11.5.9.620 ...)
- TODO: check
+ NOT-FOR-US: adobe shockwave_player
CVE-2010-4189 (The IML32 module in Adobe Shockwave Player before 11.5.9.620 allows ...)
- TODO: check
+ NOT-FOR-US: adobe shockwave_player
CVE-2010-4190 (Adobe Shockwave Player before 11.5.9.620 allows attackers to execute ...)
- TODO: check
+ NOT-FOR-US: adobe shockwave_player
CVE-2010-4191 (Adobe Shockwave Player before 11.5.9.620 allows attackers to execute ...)
- TODO: check
+ NOT-FOR-US: adobe shockwave_player
CVE-2010-4192 (Adobe Shockwave Player before 11.5.9.620 allows attackers to execute ...)
- TODO: check
+ NOT-FOR-US: adobe shockwave_player
CVE-2010-4193 (Adobe Shockwave Player before 11.5.9.620 does not properly validate ...)
- TODO: check
+ NOT-FOR-US: adobe shockwave_player
CVE-2010-4194 (The dirapi.dll module in Adobe Shockwave Player before 11.5.9.620 does ...)
- TODO: check
+ NOT-FOR-US: adobe shockwave_player
CVE-2010-4195 (The TextXtra module in Adobe Shockwave Player before 11.5.9.620 does ...)
- TODO: check
+ NOT-FOR-US: adobe shockwave_player
CVE-2010-4196 (The Shockwave 3d Asset module in Adobe Shockwave Player before ...)
- TODO: check
+ NOT-FOR-US: adobe shockwave_player
CVE-2010-4197 (Use-after-free vulnerability in WebKit, as used in Google Chrome ...)
TODO: check
CVE-2010-4198 (WebKit, as used in Google Chrome before 7.0.517.44, webkitgtk before ...)
@@ -94301,9 +94301,9 @@ CVE-2010-4225 (Unspecified vulnerability in the mod_mono module for XSP in Mono
CVE-2010-4226
RESERVED
CVE-2010-4227 (The xdrDecodeString function in XNFS.NLM in Novell Netware 6.5 before ...)
- TODO: check
+ NOT-FOR-US: novell netware
CVE-2010-4228 (Stack-based buffer overflow in NWFTPD.NLM before 5.10.02 in the FTP ...)
- TODO: check
+ NOT-FOR-US: novell netware
CVE-2010-4229
RESERVED
CVE-2010-4230 (Stack-based buffer overflow in a certain ActiveX control for the ...)
@@ -94459,9 +94459,9 @@ CVE-2010-4304 (The web interface in Cisco Unified Videoconferencing (UVC) System
CVE-2010-4305 (Cisco Unified Videoconferencing (UVC) System 3545, 5110, 5115, and ...)
NOT-FOR-US: cisco unified_videoconferencing_system_5230
CVE-2010-4306 (Adobe Shockwave Player before 11.5.9.620 allows attackers to execute ...)
- TODO: check
+ NOT-FOR-US: adobe shockwave_player
CVE-2010-4307 (Buffer overflow in Adobe Shockwave Player before 11.5.9.620 allows ...)
- TODO: check
+ NOT-FOR-US: adobe shockwave_player
CVE-2010-4308
RESERVED
CVE-2010-4309
@@ -94493,17 +94493,17 @@ CVE-2010-4321 (Stack-based buffer overflow in an ActiveX control in ienipp.ocx i
CVE-2010-4322 (Cross-site scripting (XSS) vulnerability in gwtTeaming.rpc in Novell ...)
NOT-FOR-US: novell vibe_onprem
CVE-2010-4323 (Heap-based buffer overflow in novell-tftp.exe in Novell ZENworks ...)
- TODO: check
+ NOT-FOR-US: novell zenworks_configuration_manager
CVE-2010-4324 (Cross-site scripting (XSS) vulnerability in the Approval Form in the ...)
NOT-FOR-US: novell identity_manager_roles_based_provisioning_module
CVE-2010-4325 (Buffer overflow in gwwww1.dll in GroupWise Internet Agent (GWIA) in ...)
- TODO: check
+ NOT-FOR-US: novell groupwise
CVE-2010-4326 (Multiple buffer overflows in gwwww1.dll in GroupWise Internet Agent ...)
- TODO: check
+ NOT-FOR-US: novell groupwise
CVE-2010-4327 (Unspecified vulnerability in the NCP service in Novell eDirectory ...)
- TODO: check
+ NOT-FOR-US: novell edirectory
CVE-2010-4328 (Multiple stack-based buffer overflows in opt/novell/iprint/bin/ipsmd ...)
- TODO: check
+ NOT-FOR-US: novell iprint_open_enterprise_server_2
CVE-2010-4329 (Cross-site scripting (XSS) vulnerability in the PMA_linkOrButton ...)
TODO: check
CVE-2010-4330 (Directory traversal vulnerability in includes/controller.php in Pulse ...)
@@ -94517,7 +94517,7 @@ CVE-2010-4333 (Pointter PHP Micro-Blogging Social Network 1.8 allows remote atta
CVE-2010-4334 (IO::Socket::SSL Perl module 1.35, when verify_mode is not VERIFY_NONE, ...)
TODO: check
CVE-2010-4335 (The _validatePost function in libs/controller/components/security.php ...)
- TODO: check
+ NOT-FOR-US: cakefoundation cakephp
CVE-2010-4336 (The cu_rrd_create_file function (src/utils_rrdcreate.c) in collectd ...)
TODO: check
CVE-2010-4337 (The configure script in gnash 0.8.8 allows local users to overwrite ...)
@@ -94860,7 +94860,7 @@ CVE-2010-4504 (Multiple cross-site scripting (XSS) vulnerabilities in eSyndiCat
CVE-2010-4505 (Multiple SQL injection vulnerabilities in login.php in Injader 2.4.4, ...)
NOT-FOR-US: injader
CVE-2010-4506 (Passlogix v-GO Self-Service Password Reset (SSPR) and OEM before 7.0A ...)
- TODO: check
+ NOT-FOR-US: oracle passlogix_v go_self service_password_reset_and_oem
CVE-2010-4507 (Multiple cross-site request forgery (CSRF) vulnerabilities on the ...)
NOT-FOR-US: clear ispot
CVE-2010-4508 (The WebSockets implementation in Mozilla Firefox 4 through 4.0 Beta 7 ...)
@@ -95267,31 +95267,31 @@ CVE-2010-4707 (The check_acl function in pam_xauth.c in the pam_xauth module in
CVE-2010-4708 (The pam_env module in Linux-PAM (aka pam) 1.1.2 and earlier reads the ...)
TODO: check
CVE-2010-4709 (Heap-based buffer overflow in Automated Solutions Modbus/TCP Master ...)
- TODO: check
+ NOT-FOR-US: automatedsolutions modbus tcp_master_opc_server
CVE-2010-4710 (Cross-site scripting (XSS) vulnerability in the addItem method in the ...)
- TODO: check
+ NOT-FOR-US: yahoo yui
CVE-2010-4711 (Double free vulnerability in the IMAP server component in GroupWise ...)
- TODO: check
+ NOT-FOR-US: novell groupwise
CVE-2010-4712 (Multiple stack-based buffer overflows in gwia.exe in GroupWise ...)
- TODO: check
+ NOT-FOR-US: novell groupwise
CVE-2010-4713 (Integer signedness error in gwia.exe in GroupWise Internet Agent ...)
- TODO: check
+ NOT-FOR-US: novell groupwise
CVE-2010-4714 (Multiple stack-based buffer overflows in Novell GroupWise before ...)
- TODO: check
+ NOT-FOR-US: novell groupwise
CVE-2010-4715 (Multiple directory traversal vulnerabilities in the (1) WebAccess ...)
- TODO: check
+ NOT-FOR-US: novell groupwise
CVE-2010-4716 (Cross-site scripting (XSS) vulnerability in the WebPublisher component ...)
- TODO: check
+ NOT-FOR-US: novell groupwise
CVE-2010-4717 (Multiple stack-based buffer overflows in the IMAP server component in ...)
- TODO: check
+ NOT-FOR-US: novell groupwise
CVE-2010-4718 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
- TODO: check
+ NOT-FOR-US: com_lyftenbloggie
CVE-2010-4719 (Directory traversal vulnerability in JRadio (com_jradio) component ...)
- TODO: check
+ NOT-FOR-US: fxwebdesign com_jradio
CVE-2010-4720 (SQL injection vulnerability in the JExtensions JE Auto (com_jeauto) ...)
- TODO: check
+ NOT-FOR-US: harmistechnology com_jeauto
CVE-2010-4721 (SQL injection vulnerability in news.php in Immo Makler allows remote ...)
- TODO: check
+ NOT-FOR-US: mhproducts immo_makler
CVE-2010-4722 (Unspecified vulnerability in the fetch plugin in Smarty before 3.0.2 ...)
TODO: check
CVE-2010-4723 (Smarty before 3.0.0, when security is enabled, does not prevent access ...)
@@ -95305,57 +95305,57 @@ CVE-2010-4726 (Unspecified vulnerability in the math plugin in Smarty before 3.0
CVE-2010-4727 (Smarty before 3.0.0 beta 7 does not properly handle the <?php and ?> ...)
TODO: check
CVE-2010-4728 (Zikula before 1.3.1 uses the rand and srand PHP functions for random ...)
- TODO: check
+ NOT-FOR-US: zikula_application_framework
CVE-2010-4729 (Zikula before 1.2.3 does not use the authid protection mechanism for ...)
- TODO: check
+ NOT-FOR-US: zikula_application_framework
CVE-2010-4730 (Directory traversal vulnerability in cgi-bin/read.cgi in WebSCADA ...)
- TODO: check
+ NOT-FOR-US: intellicom netbiter_webscada_ws200
CVE-2010-4731 (Absolute path traversal vulnerability in cgi-bin/read.cgi in WebSCADA ...)
- TODO: check
+ NOT-FOR-US: intellicom netbiter_webscada_ws200
CVE-2010-4732 (cgi-bin/read.cgi in WebSCADA WS100 and WS200, Easy Connect EC150, ...)
- TODO: check
+ NOT-FOR-US: intellicom netbiter_webscada_ws200
CVE-2010-4733 (WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway ...)
- TODO: check
+ NOT-FOR-US: intellicom netbiter_webscada_ws200
CVE-2010-4734 (Multiple cross-site scripting (XSS) vulnerabilities in the comment ...)
- TODO: check
+ NOT-FOR-US: amix skeletonz_cms_1 0
CVE-2010-4735 (SQL injection vulnerability in shoppingcart.asp in Ecommercemax ...)
- TODO: check
+ NOT-FOR-US: ecommercemax digital goods_seller
CVE-2010-4736 (SQL injection vulnerability in ECO.asp in GateSoft DocuSafe 4.1.0 and ...)
- TODO: check
+ NOT-FOR-US: gatesoft docusafe
CVE-2010-4737 (SQL injection vulnerability in resorts.asp in HotWebScripts HotWeb ...)
- TODO: check
+ NOT-FOR-US: hotwebscripts hotweb_rentals
CVE-2010-4738 (Multiple SQL injection vulnerabilities in Rae Media INC Real Estate ...)
- TODO: check
+ NOT-FOR-US: raemedia real_estate_single_and_multi_agent_system
CVE-2010-4739 (SQL injection vulnerability in the Maian Media Silver (com_maianmedia) ...)
- TODO: check
+ NOT-FOR-US: aretimes com_maianmedia
CVE-2010-4740 (Stack-based buffer overflow in WTclient.dll in SCADA Engine BACnet OPC ...)
- TODO: check
+ NOT-FOR-US: scadaengine bacnet_opc_client
CVE-2010-4741 (Stack-based buffer overflow in MDMUtil.dll in MDMTool.exe in MDM Tool ...)
- TODO: check
+ NOT-FOR-US: moxa mdm_tool
CVE-2010-4742 (Stack-based buffer overflow in a certain ActiveX control in ...)
- TODO: check
+ NOT-FOR-US: moxa activex_sdk
CVE-2010-4743 (Heap-based buffer overflow in the getarena function in abc2ps.c in ...)
TODO: check
CVE-2010-4744 (Multiple unspecified vulnerabilities in abcm2ps before 5.9.13 have ...)
TODO: check
CVE-2010-4745 (Cross-site scripting (XSS) vulnerability in nav.html in PHPXref before ...)
- TODO: check
+ NOT-FOR-US: gareth_watts phpxref
CVE-2010-4746 (Multiple memory leaks in the normalization functionality in 389 ...)
TODO: check
CVE-2010-4747 (Cross-site scripting (XSS) vulnerability in ...)
- TODO: check
+ NOT-FOR-US: ahmattox processing_embed_plugin
CVE-2010-4748 (Cross-site scripting (XSS) vulnerability in pmwiki.php in PmWiki ...)
- TODO: check
+ NOT-FOR-US: pmwiki
CVE-2010-4749 (Multiple cross-site scripting (XSS) vulnerabilities in BLOG:CMS ...)
TODO: check
CVE-2010-4750 (Cross-site request forgery (CSRF) vulnerability in ...)
TODO: check
CVE-2010-4751 (SQL injection vulnerability in LightNEasy.php in LightNEasy 3.2.1, ...)
- TODO: check
+ NOT-FOR-US: lightneasy
CVE-2010-4752 (SQL injection vulnerability in LightNEasy.php in LightNEasy 3.2.1, ...)
- TODO: check
+ NOT-FOR-US: lightneasy
CVE-2010-4753 (Cross-site scripting (XSS) vulnerability in LightNEasy.php in ...)
- TODO: check
+ NOT-FOR-US: lightneasy
CVE-2010-4754 (The glob implementation in libc in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, ...)
TODO: check
CVE-2010-4755 (The (1) remote_glob function in sftp-glob.c and the (2) process_put ...)
@@ -95363,7 +95363,7 @@ CVE-2010-4755 (The (1) remote_glob function in sftp-glob.c and the (2) process_p
CVE-2010-4756 (The glob implementation in the GNU C Library (aka glibc or libc6) ...)
TODO: check
CVE-2010-4757 (Cross-site scripting (XSS) vulnerability in submitnews.php in e107 ...)
- TODO: check
+ NOT-FOR-US: e107
CVE-2010-4758 (installer.pl in Open Ticket Request System (OTRS) before 3.0.3 has an ...)
TODO: check
CVE-2010-4759 (Open Ticket Request System (OTRS) before 3.0.0-beta7 does not properly ...)
@@ -95387,21 +95387,21 @@ CVE-2010-4767 (Open Ticket Request System (OTRS) before 2.3.6 does not properly
CVE-2010-4768 (Open Ticket Request System (OTRS) before 2.3.5 does not properly ...)
TODO: check
CVE-2010-4769 (Directory traversal vulnerability in the Jimtawl (com_jimtawl) ...)
- TODO: check
+ NOT-FOR-US: janguo com_jimtawl
CVE-2010-4770 (SQL injection vulnerability in index.php in CommodityRentals DVD ...)
- TODO: check
+ NOT-FOR-US: commodityrentals dvd_rentals_script
CVE-2010-4771 (SQL injection vulnerability to viewforum.php in S-CMS 2.5 allows ...)
- TODO: check
+ NOT-FOR-US: matteoiammarrone s cms
CVE-2010-4772 (Cross-site scripting (XSS) vulnerability in blocks/lang.php in S-CMS ...)
- TODO: check
+ NOT-FOR-US: matteoiammarrone s cms
CVE-2010-4773 (Unspecified vulnerability in Hitachi EUR Form Client before 05-10 -/D ...)
- TODO: check
+ NOT-FOR-US: hitachi ucosminexus_eur_form_service
CVE-2010-4774 (SQL injection vulnerability in pdf.php in AuraCMS 1.62 allows remote ...)
- TODO: check
+ NOT-FOR-US: auracms
CVE-2010-4775 (The Relevant Content module 5.x before 5.x-1.4 and 6.x before 6.x-1.5 ...)
- TODO: check
+ NOT-FOR-US: nicholas_thompson relevant_content
CVE-2010-4776 (SQL injection vulnerability in takefreestart.php in PreProjects Pre ...)
- TODO: check
+ NOT-FOR-US: preprojects pre_online_tests_generator
CVE-2011-0001 (Double free vulnerability in the iscsi_rx_handler function ...)
TODO: check
CVE-2011-0002 (libuser before 0.57 uses a cleartext password value of (1) !! or (2) x ...)
^ permalink raw reply related [flat|nested] 20+ messages in thread
* [gentoo-commits] proj/security:master commit in: data/CVE/
@ 2014-08-04 23:45 Pavlos Ratis
0 siblings, 0 replies; 20+ messages in thread
From: Pavlos Ratis @ 2014-08-04 23:45 UTC (permalink / raw
To: gentoo-commits
commit: de7259035c699ff590cfcaddee43c444be849933
Author: Stefan Behte <craig <AT> gentoo <DOT> org>
AuthorDate: Fri May 13 08:11:03 2011 +0000
Commit: Pavlos Ratis <dastergon <AT> gentoo <DOT> org>
CommitDate: Fri May 13 08:11:03 2011 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/security.git;a=commit;h=de725903
MITRE sync
svn path=/; revision=2223
---
data/CVE/list | 2394 +++++++++++++++++++++++++++++++++++++++++++--------------
1 file changed, 1806 insertions(+), 588 deletions(-)
diff --git a/data/CVE/list b/data/CVE/list
index 1a27a9e..95d71d8 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -47347,6 +47347,8 @@ CVE-2006-7242 (The Workplace (aka WP) component in IBM FileNet P8 Application En
NOT-FOR-US: ibm filenet_p8_application_engine
CVE-2006-7243 (PHP before 5.3.4 accepts the \0 character in a pathname, which might ...)
NOT-FOR-US: Data pre-dating the Security Tracker
+CVE-2006-7244
+ RESERVED
CVE-2007-0001 (The file watch implementation in the audit subsystem (auditctl -w) in ...)
TODO: check-old
CVE-2007-0002 (Multiple heap-based buffer overflows in WordPerfect Document ...)
@@ -61008,6 +61010,10 @@ CVE-2007-6740 (The ftp_STOU function in FTPServer.py in pyftpdlib before 0.2.0 d
NOT-FOR-US: g rodola pyftpdlib
CVE-2007-6741 (The ftp_PORT function in FTPServer.py in pyftpdlib before 0.2.0 does ...)
NOT-FOR-US: g rodola pyftpdlib
+CVE-2007-6742 (The get_filter_list function in IBM Tivoli Directory Server (TDS) 5.2 ...)
+ TODO: check
+CVE-2007-6743 (Double free vulnerability in IBM Tivoli Directory Server (TDS) 5.2 ...)
+ TODO: check
CVE-2008-0001 (VFS in the Linux kernel before 2.6.22.16, and 2.6.23.x before ...)
BUG: 205980
CVE-2008-0002 (Apache Tomcat 6.0.0 through 6.0.15 processes parameters in the context ...)
@@ -75629,6 +75635,14 @@ CVE-2008-7285 (Unspecified vulnerability in the docnote string handling ...)
NOT-FOR-US: ibm lotus_quickr
CVE-2008-7286 (IBM Lotus Quickr 8.1 before 8.1.0.2 services for Lotus Domino does not ...)
NOT-FOR-US: ibm lotus_quickr
+CVE-2008-7287 (Multiple memory leaks in the (1) ldap_init and (2) ...)
+ TODO: check
+CVE-2008-7288 (IBM Tivoli Directory Server (TDS) 5.2 before 5.2.0.5-TIV-ITDS-LA0007 ...)
+ TODO: check
+CVE-2008-7289 (IBM Tivoli Directory Server (TDS) 5.2 before 5.2.0.5-TIV-ITDS-LA0007 ...)
+ TODO: check
+CVE-2008-7290 (Memory leak in the ldap_explode_rdn API function in IBM Tivoli ...)
+ TODO: check
CVE-2009-0001 (Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote ...)
NOT-FOR-US: apple quicktime
CVE-2009-0002 (Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote ...)
@@ -77208,8 +77222,8 @@ CVE-2009-0786
REJECTED
CVE-2009-0787 (The ecryptfs_write_metadata_to_contents function in the eCryptfs ...)
BUG: 263424
-CVE-2009-0788
- RESERVED
+CVE-2009-0788 (Red Hat Network (RHN) Satellite Server 5.3 and 5.4 does not properly ...)
+ TODO: check
CVE-2009-0789 (OpenSSL before 0.9.8k on WIN64 and certain other platforms does not ...)
BUG: 263751
CVE-2009-0790 (The pluto IKE daemon in Openswan and Strongswan IPsec 2.6 before ...)
@@ -85729,8 +85743,8 @@ CVE-2009-5020 (Open redirect vulnerability in awredir.pl in AWStats before 6.95
TODO: check
CVE-2009-5021 (Cobbler before 1.6.1 does not properly determine whether an ...)
NOT-FOR-US: cobbler
-CVE-2009-5022
- RESERVED
+CVE-2009-5022 (Heap-based buffer overflow in tif_ojpeg.c in the OJPEG decoder in ...)
+ TODO: check
CVE-2009-5023
RESERVED
CVE-2009-5024
@@ -85811,6 +85825,30 @@ CVE-2009-5061 (Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.14
NOT-FOR-US: ibm lotus_quickr
CVE-2009-5062 (IBM Lotus Quickr 8.1 before 8.1.0.15 services for Lotus Domino on AIX ...)
NOT-FOR-US: ibm lotus_quickr
+CVE-2009-5063
+ RESERVED
+CVE-2009-5064 (** DISPUTED ** ldd in the GNU C Library (aka glibc or libc6) 2.13 and ...)
+ TODO: check
+CVE-2009-5065 (Cross-site scripting (XSS) vulnerability in feedparser.py in Universal ...)
+ TODO: check
+CVE-2009-5066
+ RESERVED
+CVE-2009-5067
+ RESERVED
+CVE-2009-5068
+ RESERVED
+CVE-2009-5069
+ RESERVED
+CVE-2009-5070
+ RESERVED
+CVE-2009-5071 (Unspecified vulnerability in Palm Pre WebOS before 1.2.1 has unknown ...)
+ TODO: check
+CVE-2009-5072 (Memory leak in the ldap_explode_dn function in IBM Tivoli Directory ...)
+ TODO: check
+CVE-2009-5073 (IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.59 (aka ...)
+ TODO: check
+CVE-2009-5074 (Unspecified vulnerability in the MojoX::Dispatcher::Static ...)
+ TODO: check
CVE-2010-0001 (Integer underflow in the unlzw function in unlzw.c in gzip before 1.4 ...)
BUG: 300943
CVE-2010-0002 (The /etc/profile.d/60alias.sh script in the Mandriva bash package for ...)
@@ -86262,8 +86300,8 @@ CVE-2010-0214 (The administrative interface on the PolyVision RoomWizard with ..
NOT-FOR-US: polyvision roomwizard
CVE-2010-0215 (ActiveCollab before 2.3.2 allows remote authenticated users to bypass ...)
NOT-FOR-US: a51dev activecollab
-CVE-2010-0216
- RESERVED
+CVE-2010-0216 (authenticate_ad_setup_finished.cfm in MediaCAST 8 and earlier allows ...)
+ TODO: check
CVE-2010-0217
RESERVED
CVE-2010-0218 (ISC BIND 9.7.2 through 9.7.2-P1 uses an incorrect ACL to restrict the ...)
@@ -87452,7 +87490,7 @@ CVE-2010-0809
RESERVED
CVE-2010-0810 (The kernel in Microsoft Windows Vista Gold, SP1, and SP2, and Windows ...)
NOT-FOR-US: microsoft windows_vista
-CVE-2010-0811 (Unspecified vulnerability in the Microsoft Internet Explorer 8 ...)
+CVE-2010-0811 (Multiple unspecified vulnerabilities in the Microsoft Internet ...)
NOT-FOR-US: Microsoft Internet Explorer
CVE-2010-0812 (Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, ...)
NOT-FOR-US: microsoft windows_xp
@@ -88172,8 +88210,8 @@ CVE-2010-1169 (PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.2
BUG: 320967
CVE-2010-1170 (The PL/Tcl implementation in PostgreSQL 7.4 before 7.4.29, 8.0 before ...)
BUG: 320967
-CVE-2010-1171
- RESERVED
+CVE-2010-1171 (Red Hat Network (RHN) Satellite 5.3 and 5.4 exposes a dangerous, ...)
+ TODO: check
CVE-2010-1172 (DBus-GLib 0.73 disregards the access flag of exported GObject ...)
BUG: 332529
CVE-2010-1173 (The sctp_process_unk_param function in net/sctp/sm_make_chunk.c in the ...)
@@ -89180,10 +89218,10 @@ CVE-2010-1672
RESERVED
CVE-2010-1673
RESERVED
-CVE-2010-1674
- RESERVED
-CVE-2010-1675
- RESERVED
+CVE-2010-1674 (The extended-community parser in bgpd in Quagga before 0.99.18 allows ...)
+ TODO: check
+CVE-2010-1675 (bgpd in Quagga before 0.99.18 allows remote attackers to cause a ...)
+ TODO: check
CVE-2010-1676 (Heap-based buffer overflow in Tor before 0.2.1.28 and 0.2.2.x before ...)
TODO: check
CVE-2010-1677 (MHonArc 2.6.16 allows remote attackers to cause a denial of service ...)
@@ -91412,12 +91450,12 @@ CVE-2010-2785 (The IRC Protocol component in KVIrc 3.x and 4.x before r4693 does
BUG: 330111
CVE-2010-2786 (Directory traversal vulnerability in Piwik 0.6 through 0.6.3 allows ...)
NOT-FOR-US: piwik
-CVE-2010-2787
- RESERVED
-CVE-2010-2788
- RESERVED
-CVE-2010-2789
- RESERVED
+CVE-2010-2787 (api.php in MediaWiki before 1.15.5 does not prevent use of public ...)
+ TODO: check
+CVE-2010-2788 (Cross-site scripting (XSS) vulnerability in profileinfo.php in ...)
+ TODO: check
+CVE-2010-2789 (PHP remote file inclusion vulnerability in MediaWikiParserTest.php in ...)
+ TODO: check
CVE-2010-2790 (Multiple cross-site scripting (XSS) vulnerabilities in the formatQuery ...)
BUG: 335893
CVE-2010-2791 (mod_proxy in httpd in Apache HTTP Server 2.2.9, when running on Unix, ...)
@@ -92220,7 +92258,7 @@ CVE-2010-3188 (SQL injection vulnerability in search.aspx in BugTracker.NET 3.4.
NOT-FOR-US: ifdefined bugtracker net
CVE-2010-3189 (The extSetOwner function in the UfProxyBrowserCtrl ActiveX control ...)
NOT-FOR-US: trendmicro internet_security
-CVE-2010-3190 (Untrusted search path vulnerability in ATL MFC Trace Tool ...)
+CVE-2010-3190 (Untrusted search path vulnerability in the Microsoft Foundation Class ...)
NOT-FOR-US: microsoft visual_studio
CVE-2010-3191 (Untrusted search path vulnerability in Adobe Captivate 5.0.0.596, and ...)
NOT-FOR-US: adobe captivate
@@ -92360,8 +92398,8 @@ CVE-2010-3258 (The sandbox implementation in Google Chrome before 6.0.472.53 doe
TODO: check
CVE-2010-3259 (WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, ...)
TODO: check
-CVE-2010-3260
- RESERVED
+CVE-2010-3260 (oxf/xml/xerces/XercesSAXParserFactoryImpl.java in the xforms-server ...)
+ TODO: check
CVE-2010-3261 (Directory traversal vulnerability in RSA Authentication Agent 7.0 ...)
NOT-FOR-US: rsa authentication_agent_for_web
CVE-2010-3262 (Cross-site scripting (XSS) vulnerability in Flock Browser 3.x before ...)
@@ -92390,10 +92428,10 @@ CVE-2010-3273 (ZOHO ManageEngine ADSelfService Plus before 4.5 Build 4500 allows
NOT-FOR-US: zohocorp manageengine_adselfservice_plus
CVE-2010-3274 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
NOT-FOR-US: zohocorp manageengine_adselfservice_plus
-CVE-2010-3275
- RESERVED
-CVE-2010-3276
- RESERVED
+CVE-2010-3275 (libdirectx_plugin.dll in VideoLAN VLC Media Player before 1.1.8 allows ...)
+ TODO: check
+CVE-2010-3276 (libdirectx_plugin.dll in VideoLAN VLC Media Player before 1.1.8 allows ...)
+ TODO: check
CVE-2010-3277 (The installer in VMware Workstation 7.x before 7.1.2 build 301548 and ...)
TODO: check
CVE-2010-3278
@@ -92738,8 +92776,8 @@ CVE-2010-3445 (Stack consumption vulnerability in the dissect_ber_unknown functi
TODO: check
CVE-2010-3446
RESERVED
-CVE-2010-3447
- RESERVED
+CVE-2010-3447 (Cross-site scripting (XSS) vulnerability in view.php in the file ...)
+ TODO: check
CVE-2010-3448 (drivers/platform/x86/thinkpad_acpi.c in the Linux kernel before 2.6.34 ...)
TODO: check
CVE-2010-3449 (Cross-site request forgery (CSRF) vulnerability in Redback before ...)
@@ -93062,7 +93100,7 @@ CVE-2010-3607 (Cross-site scripting (XSS) vulnerability in AGENTS/index.php in N
NOT-FOR-US: netartmedia real_estate_portal
CVE-2010-3608 (Multiple SQL injection vulnerabilities in wpQuiz 2.7 allow remote ...)
NOT-FOR-US: wire_plastic_design wpquiz
-CVE-2010-3609 (Unspecified vulnerability in the Service Location Protocol daemon ...)
+CVE-2010-3609 (The extension parser in slp_v2message.c in OpenSLP 1.2.1, and other ...)
NOT-FOR-US: vmware esxi
CVE-2010-3610
RESERVED
@@ -93230,12 +93268,12 @@ CVE-2010-3691 (PGTStorage/pgt-file.php in phpCAS before 1.1.3, when proxy mode i
NOT-FOR-US: jasig phpcas
CVE-2010-3692 (Directory traversal vulnerability in the callback function in ...)
NOT-FOR-US: jasig phpcas
-CVE-2010-3693
- RESERVED
+CVE-2010-3693 (Cross-site scripting (XSS) vulnerability in Horde Dynamic IMP (DIMP) ...)
+ TODO: check
CVE-2010-3694 (Cross-site request forgery (CSRF) vulnerability in the Horde ...)
TODO: check
-CVE-2010-3695
- RESERVED
+CVE-2010-3695 (Cross-site scripting (XSS) vulnerability in fetchmailprefs.php in ...)
+ TODO: check
CVE-2010-3696 (The fr_dhcp_decode function in lib/dhcp.c in FreeRADIUS 2.1.9, in ...)
TODO: check
CVE-2010-3697 (The wait_for_child_to_die function in main/event.c in FreeRADIUS 2.1.x ...)
@@ -93761,8 +93799,8 @@ CVE-2010-3956 (The OpenType Font (OTF) driver in Microsoft Windows XP SP2 and SP
NOT-FOR-US: microsoft windows_xp
CVE-2010-3957 (Double free vulnerability in the OpenType Font (OTF) driver in ...)
NOT-FOR-US: microsoft windows_xp
-CVE-2010-3958
- RESERVED
+CVE-2010-3958 (The x86 JIT compiler in Microsoft .NET Framework 2.0 SP2, 3.5 SP1, ...)
+ TODO: check
CVE-2010-3959 (The OpenType Font (OTF) driver in Microsoft Windows XP SP2 and SP3, ...)
NOT-FOR-US: microsoft windows_xp
CVE-2010-3960 (Hyper-V in Microsoft Windows Server 2008 Gold, SP2, and R2 allows ...)
@@ -93791,10 +93829,10 @@ CVE-2010-3971 (Use-after-free vulnerability in the CSharedStyleSheet::Notify fun
NOT-FOR-US: microsoft ie
CVE-2010-3972 (Heap-based buffer overflow in the TELNET_STREAM_CONTEXT::OnSendData ...)
NOT-FOR-US: microsoft iis
-CVE-2010-3973 (The WBEMSingleView.ocx ActiveX control 1.50.1131.0 in Microsoft WMI ...)
+CVE-2010-3973 (The WMITools ActiveX control in WBEMSingleView.ocx 1.50.1131.0 in ...)
NOT-FOR-US: microsoft wmi_administrative_tools
-CVE-2010-3974
- RESERVED
+CVE-2010-3974 (fxscover.exe in the Fax Cover Page Editor in Microsoft Windows XP SP2 ...)
+ TODO: check
CVE-2010-3975 (Untrusted search path vulnerability in Adobe Flash Player 9 allows ...)
TODO: check
CVE-2010-3976 (Untrusted search path vulnerability in Adobe Flash Player before ...)
@@ -94304,8 +94342,8 @@ CVE-2010-4227 (The xdrDecodeString function in XNFS.NLM in Novell Netware 6.5 be
NOT-FOR-US: novell netware
CVE-2010-4228 (Stack-based buffer overflow in NWFTPD.NLM before 5.10.02 in the FTP ...)
NOT-FOR-US: novell netware
-CVE-2010-4229
- RESERVED
+CVE-2010-4229 (Directory traversal vulnerability in an unspecified servlet in the ...)
+ TODO: check
CVE-2010-4230 (Stack-based buffer overflow in a certain ActiveX control for the ...)
NOT-FOR-US: tecvoz cmnc 200
CVE-2010-4231 (Directory traversal vulnerability in the web-based administration ...)
@@ -94316,8 +94354,8 @@ CVE-2010-4233 (The Linux installation on the Camtron CMNC-200 Full HD IP Camera
NOT-FOR-US: tecvoz cmnc 200
CVE-2010-4234 (The web server on the Camtron CMNC-200 Full HD IP Camera and TecVoz ...)
NOT-FOR-US: tecvoz cmnc 200
-CVE-2010-4235
- RESERVED
+CVE-2010-4235 (Format string vulnerability in RealNetworks Helix Server 12.x, 13.x, ...)
+ TODO: check
CVE-2010-4236 (Untrusted search path vulnerability in estaskwrapper in IBM OmniFind ...)
NOT-FOR-US: ibm omnifind
CVE-2010-4237
@@ -94414,8 +94452,8 @@ CVE-2010-4282 (Multiple directory traversal vulnerabilities in Pandora FMS befor
NOT-FOR-US: artica pandora_fms
CVE-2010-4283 (PHP remote file inclusion vulnerability in extras/pandora_diag.php in ...)
NOT-FOR-US: artica pandora_fms
-CVE-2010-4284
- RESERVED
+CVE-2010-4284 (SQL injection vulnerability in the authentication form in the ...)
+ TODO: check
CVE-2010-4285
RESERVED
CVE-2010-4286
@@ -95040,8 +95078,8 @@ CVE-2010-4594 (The Connection Manager in IBM Lotus Mobile Connect before 6.1.4,
NOT-FOR-US: ibm lotus_mobile_connect
CVE-2010-4595 (The Connection Manager in IBM Lotus Mobile Connect before 6.1.4 ...)
NOT-FOR-US: ibm lotus_mobile_connect
-CVE-2010-4596
- RESERVED
+CVE-2010-4596 (Stack-based buffer overflow in RealNetworks Helix Server 12.x, 13.x, ...)
+ TODO: check
CVE-2010-4597 (Stack-based buffer overflow in the save method in the ...)
NOT-FOR-US: ecava integraxor
CVE-2010-4598 (Directory traversal vulnerability in Ecava IntegraXor 3.6.4000.0 and ...)
@@ -95178,8 +95216,8 @@ CVE-2010-4663
RESERVED
CVE-2010-4664
RESERVED
-CVE-2010-4665
- RESERVED
+CVE-2010-4665 (Integer overflow in the ReadDirectory function in tiffdump.c in ...)
+ TODO: check
CVE-2010-4666
RESERVED
CVE-2010-4667
@@ -95402,6 +95440,62 @@ CVE-2010-4775 (The Relevant Content module 5.x before 5.x-1.4 and 6.x before 6.x
NOT-FOR-US: nicholas_thompson relevant_content
CVE-2010-4776 (SQL injection vulnerability in takefreestart.php in PreProjects Pre ...)
NOT-FOR-US: preprojects pre_online_tests_generator
+CVE-2010-4777
+ RESERVED
+CVE-2010-4778 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+ TODO: check
+CVE-2010-4779 (Cross-site scripting (XSS) vulnerability in lib/includes/auth.inc.php ...)
+ TODO: check
+CVE-2010-4780 (SQL injection vulnerability in the check_banlist function in ...)
+ TODO: check
+CVE-2010-4781 (index.php in Enano CMS 1.1.7pl1, and possibly other versions before ...)
+ TODO: check
+CVE-2010-4782 (Multiple SQL injection vulnerabilities in list.asp in Softwebs Nepal ...)
+ TODO: check
+CVE-2010-4783 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+ TODO: check
+CVE-2010-4784 (Multiple SQL injection vulnerabilities in member.php in PHP Web ...)
+ TODO: check
+CVE-2010-4785 (The do_extendedOp function in ibmslapd in IBM Tivoli Directory Server ...)
+ TODO: check
+CVE-2010-4786 (IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.63 (aka ...)
+ TODO: check
+CVE-2010-4787 (IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.63 (aka ...)
+ TODO: check
+CVE-2010-4788 (IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.62 (aka ...)
+ TODO: check
+CVE-2010-4789 (Use-after-free vulnerability in the proxy-server implementation in IBM ...)
+ TODO: check
+CVE-2010-4790 (Directory traversal vulnerability in FilterFTP 2.0.3, 2.0.5, and ...)
+ TODO: check
+CVE-2010-4791 (SQL injection vulnerability in ...)
+ TODO: check
+CVE-2010-4792 (Cross-site scripting (XSS) vulnerability in title.php in OPEN IT ...)
+ TODO: check
+CVE-2010-4793 (SQL injection vulnerability in detail.asp in Site2Nite Auto e-Manager ...)
+ TODO: check
+CVE-2010-4794 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+ TODO: check
+CVE-2010-4795 (SQL injection vulnerability in the JS Calendar (com_jscalendar) ...)
+ TODO: check
+CVE-2010-4796 (Multiple SQL injection vulnerabilities in PHPYun 1.1.6 allow remote ...)
+ TODO: check
+CVE-2010-4797 (Multiple SQL injection vulnerabilities in the log-in form in Truworth ...)
+ TODO: check
+CVE-2010-4798 (Directory traversal vulnerability in index.php in OrangeHRM 2.6.0.1 ...)
+ TODO: check
+CVE-2010-4799 (Multiple SQL injection vulnerabilities in Chipmunk Pwngame 1.0, when ...)
+ TODO: check
+CVE-2010-4800 (SQL injection vulnerability in doadd.php in BaconMap 1.0 allows remote ...)
+ TODO: check
+CVE-2010-4801 (Directory traversal vulnerability in admin/updatelist.php in BaconMap ...)
+ TODO: check
+CVE-2010-4802 (Commands.pm in Mojolicious before 0.999928 does not properly perform ...)
+ TODO: check
+CVE-2010-4803 (Mojolicious before 0.999927 does not properly implement HMAC-MD5 ...)
+ TODO: check
+CVE-2010-4804
+ RESERVED
CVE-2011-0001 (Double free vulnerability in the iscsi_rx_handler function ...)
TODO: check
CVE-2011-0002 (libuser before 0.57 uses a cleartext password value of (1) !! or (2) x ...)
@@ -95424,8 +95518,8 @@ CVE-2011-0010 (check.c in sudo 1.7.x before 1.7.4p5, when a Runas group is ...)
TODO: check
CVE-2011-0011
RESERVED
-CVE-2011-0012
- RESERVED
+CVE-2011-0012 (The SPICE Firefox plug-in (spice-xpi) 2.4, 2.3, 2.2, and possibly ...)
+ TODO: check
CVE-2011-0013 (Multiple cross-site scripting (XSS) vulnerabilities in the HTML ...)
TODO: check
CVE-2011-0014 (ssl/t1_lib.c in OpenSSL 0.9.8h through 0.9.8q and 1.0.0 through 1.0.0c ...)
@@ -95448,16 +95542,16 @@ CVE-2011-0022 (The setup scripts in 389 Directory Server 1.2.x (aka Red Hat Dire
TODO: check
CVE-2011-0023
RESERVED
-CVE-2011-0024
- RESERVED
+CVE-2011-0024 (Heap-based buffer overflow in wiretap/pcapng.c in Wireshark before 1.2 ...)
+ TODO: check
CVE-2011-0025 (IcedTea 1.7 before 1.7.8, 1.8 before 1.8.5, and 1.9 before 1.9.5 does ...)
TODO: check
CVE-2011-0026 (Integer signedness error in the SQLConnectW function in an ODBC API ...)
TODO: check
CVE-2011-0027 (Microsoft Data Access Components (MDAC) 2.8 SP1 and SP2, and Windows ...)
TODO: check
-CVE-2011-0028
- RESERVED
+CVE-2011-0028 (WordPad in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does ...)
+ TODO: check
CVE-2011-0029 (Untrusted search path vulnerability in the client in Microsoft Remote ...)
TODO: check
CVE-2011-0030 (The Client/Server Run-time Subsystem (CSRSS) in Microsoft Windows XP ...)
@@ -95468,8 +95562,8 @@ CVE-2011-0032 (Untrusted search path vulnerability in DirectShow in Microsoft Wi
TODO: check
CVE-2011-0033 (The OpenType Compact Font Format (CFF) driver in Microsoft Windows XP ...)
TODO: check
-CVE-2011-0034
- RESERVED
+CVE-2011-0034 (Stack-based buffer overflow in the OpenType Compact Font Format (aka ...)
+ TODO: check
CVE-2011-0035 (Microsoft Internet Explorer 6, 7, and 8 does not properly handle ...)
TODO: check
CVE-2011-0036 (Microsoft Internet Explorer 6, 7, and 8 does not properly handle ...)
@@ -95482,8 +95576,8 @@ CVE-2011-0039 (The Local Security Authority Subsystem Service (LSASS) in Microso
TODO: check
CVE-2011-0040 (The server in Microsoft Active Directory on Windows Server 2003 SP2 ...)
TODO: check
-CVE-2011-0041
- RESERVED
+CVE-2011-0041 (Integer overflow in gdiplus.dll in GDI+ in Microsoft Windows XP SP2 ...)
+ TODO: check
CVE-2011-0042 (SBE.dll in the Stream Buffer Engine in Windows Media Player and ...)
TODO: check
CVE-2011-0043 (Kerberos in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 ...)
@@ -95530,40 +95624,40 @@ CVE-2011-0063 (The _list_file_get function in lib/Majordomo.pm in Majordomo 2 ..
TODO: check
CVE-2011-0064 (The hb_buffer_ensure function in hb-buffer.c in HarfBuzz, as used in ...)
TODO: check
-CVE-2011-0065
- RESERVED
-CVE-2011-0066
- RESERVED
-CVE-2011-0067
- RESERVED
+CVE-2011-0065 (Use-after-free vulnerability in Mozilla Firefox before 3.5.19 and ...)
+ TODO: check
+CVE-2011-0066 (Use-after-free vulnerability in Mozilla Firefox before 3.5.19 and ...)
+ TODO: check
+CVE-2011-0067 (Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey ...)
+ TODO: check
CVE-2011-0068
RESERVED
-CVE-2011-0069
- RESERVED
-CVE-2011-0070
- RESERVED
-CVE-2011-0071
- RESERVED
-CVE-2011-0072
- RESERVED
-CVE-2011-0073
- RESERVED
-CVE-2011-0074
- RESERVED
-CVE-2011-0075
- RESERVED
-CVE-2011-0076
- RESERVED
-CVE-2011-0077
- RESERVED
-CVE-2011-0078
- RESERVED
-CVE-2011-0079
- RESERVED
-CVE-2011-0080
- RESERVED
-CVE-2011-0081
- RESERVED
+CVE-2011-0069 (Unspecified vulnerability in the browser engine in Mozilla Firefox ...)
+ TODO: check
+CVE-2011-0070 (Unspecified vulnerability in the browser engine in Mozilla Firefox ...)
+ TODO: check
+CVE-2011-0071 (Directory traversal vulnerability in Mozilla Firefox before 3.5.19 and ...)
+ TODO: check
+CVE-2011-0072 (Unspecified vulnerability in the browser engine in Mozilla Firefox ...)
+ TODO: check
+CVE-2011-0073 (Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey ...)
+ TODO: check
+CVE-2011-0074 (Unspecified vulnerability in the browser engine in Mozilla Firefox ...)
+ TODO: check
+CVE-2011-0075 (Unspecified vulnerability in the browser engine in Mozilla Firefox ...)
+ TODO: check
+CVE-2011-0076 (Unspecified vulnerability in the Java Embedding Plugin (JEP) in ...)
+ TODO: check
+CVE-2011-0077 (Unspecified vulnerability in the browser engine in Mozilla Firefox ...)
+ TODO: check
+CVE-2011-0078 (Unspecified vulnerability in the browser engine in Mozilla Firefox ...)
+ TODO: check
+CVE-2011-0079 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+ TODO: check
+CVE-2011-0080 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+ TODO: check
+CVE-2011-0081 (Unspecified vulnerability in the browser engine in Mozilla Firefox ...)
+ TODO: check
CVE-2011-0082
RESERVED
CVE-2011-0083
@@ -95588,34 +95682,34 @@ CVE-2011-0092 (The LZW stream decompression functionality in ORMELEMS.DLL in ...
TODO: check
CVE-2011-0093 (ELEMENTS.DLL in Microsoft Visio 2002 SP2, 2003 SP3, and 2007 SP2 does ...)
TODO: check
-CVE-2011-0094
- RESERVED
+CVE-2011-0094 (Use-after-free vulnerability in Microsoft Internet Explorer 6 and 7 ...)
+ TODO: check
CVE-2011-0095
RESERVED
-CVE-2011-0096 (The MHTML implementation in Microsoft Windows XP SP2 and SP3, Windows ...)
+CVE-2011-0096 (The MHTML protocol handler in Microsoft Windows XP SP2 and SP3, ...)
+ TODO: check
+CVE-2011-0097 (Integer underflow in Microsoft Excel 2002 SP3, 2003 SP3, 2007 SP2, and ...)
+ TODO: check
+CVE-2011-0098 (Integer signedness error in Microsoft Excel 2002 SP3, 2003 SP3, 2007 ...)
TODO: check
-CVE-2011-0097
- RESERVED
-CVE-2011-0098
- RESERVED
CVE-2011-0099
RESERVED
CVE-2011-0100
RESERVED
-CVE-2011-0101
- RESERVED
+CVE-2011-0101 (Microsoft Excel 2002 SP3 allows remote attackers to execute arbitrary ...)
+ TODO: check
CVE-2011-0102
RESERVED
-CVE-2011-0103
- RESERVED
-CVE-2011-0104
- RESERVED
-CVE-2011-0105
- RESERVED
+CVE-2011-0103 (Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, ...)
+ TODO: check
+CVE-2011-0104 (Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, ...)
+ TODO: check
+CVE-2011-0105 (Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML ...)
+ TODO: check
CVE-2011-0106
RESERVED
-CVE-2011-0107
- RESERVED
+CVE-2011-0107 (Untrusted search path vulnerability in Microsoft Office XP SP3, Office ...)
+ TODO: check
CVE-2011-0108
RESERVED
CVE-2011-0109
@@ -95782,7 +95876,7 @@ CVE-2011-0189 (The default configuration of Terminal in Apple Mac OS X 10.6 befo
TODO: check
CVE-2011-0190 (Install Helper in Installer in Apple Mac OS X before 10.6.7 does not ...)
TODO: check
-CVE-2011-0191 (Buffer overflow in LibTIFF in ImageIO in Apple iTunes before 10.2 on ...)
+CVE-2011-0191 (Buffer overflow in LibTIFF 3.9.4 and possibly other versions, as used ...)
TODO: check
CVE-2011-0192 (Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other ...)
TODO: check
@@ -95790,8 +95884,8 @@ CVE-2011-0193 (Multiple buffer overflows in Image RAW in Apple Mac OS X before 1
TODO: check
CVE-2011-0194 (Integer overflow in ImageIO in Apple Mac OS X 10.6 before 10.6.7 ...)
TODO: check
-CVE-2011-0195
- RESERVED
+CVE-2011-0195 (The generate-id XPath function in libxslt in Apple iOS 4.3.x before ...)
+ TODO: check
CVE-2011-0196
RESERVED
CVE-2011-0197
@@ -95970,10 +96064,10 @@ CVE-2011-0283 (The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.
TODO: check
CVE-2011-0284 (Double free vulnerability in the prepare_error_as function in ...)
TODO: check
-CVE-2011-0285
- RESERVED
-CVE-2011-0286
- RESERVED
+CVE-2011-0285 (The process_chpw_request function in schpw.c in the password-changing ...)
+ TODO: check
+CVE-2011-0286 (Cross-site scripting (XSS) vulnerability in webdesktop/app in the ...)
+ TODO: check
CVE-2011-0287
RESERVED
CVE-2011-0288
@@ -96080,8 +96174,8 @@ CVE-2011-0338
RESERVED
CVE-2011-0339
RESERVED
-CVE-2011-0340
- RESERVED
+CVE-2011-0340 (Multiple buffer overflows in the ISSymbol ActiveX control in ...)
+ TODO: check
CVE-2011-0341
RESERVED
CVE-2011-0342
@@ -96224,8 +96318,8 @@ CVE-2011-0410 (CollabNet ScrumWorks Basic 1.8.4 uses cleartext credentials for .
TODO: check
CVE-2011-0411 (The STARTTLS implementation in Postfix 2.4.x before 2.4.16, 2.5.x ...)
TODO: check
-CVE-2011-0412
- RESERVED
+CVE-2011-0412 (Oracle Solaris 8, 9, and 10 stores back-out patch files (undo.Z) ...)
+ TODO: check
CVE-2011-0413 (The DHCPv6 server in ISC DHCP 4.0.x and 4.1.x before 4.1.2-P1, 4.0-ESV ...)
TODO: check
CVE-2011-0414 (ISC BIND 9.7.1 through 9.7.2-P3, when configured as an authoritative ...)
@@ -96252,8 +96346,8 @@ CVE-2011-0424
RESERVED
CVE-2011-0425
RESERVED
-CVE-2011-0426
- RESERVED
+CVE-2011-0426 (Directory traversal vulnerability in vCenter Server in VMware vCenter ...)
+ TODO: check
CVE-2011-0427 (Heap-based buffer overflow in Tor before 0.2.1.29 and 0.2.2.x before ...)
TODO: check
CVE-2011-0428
@@ -96278,12 +96372,12 @@ CVE-2011-0437 (shared/inc/sql/ssh.php in the SSH accounts management implementat
TODO: check
CVE-2011-0438 (nslcd/pam.c in nss-pam-ldapd 0.8.0 PAM module returns a success code ...)
TODO: check
-CVE-2011-0439
- RESERVED
-CVE-2011-0440
- RESERVED
-CVE-2011-0441
- RESERVED
+CVE-2011-0439 (Cross-site scripting (XSS) vulnerability in Mahara 1.2.x before 1.2.7 ...)
+ TODO: check
+CVE-2011-0440 (Cross-site request forgery (CSRF) vulnerability in Mahara 1.2.x before ...)
+ TODO: check
+CVE-2011-0441 (The Debian GNU/Linux /etc/cron.d/php5 cron job for PHP 5.3.5 allows ...)
+ TODO: check
CVE-2011-0442 (The service utility in EMC Avamar 5.x before 5.0.4 uses cleartext to ...)
TODO: check
CVE-2011-0443 (SQL injection vulnerability in inc/tinybb-settings.php in tinyBB 1.2, ...)
@@ -96312,32 +96406,32 @@ CVE-2011-0454 (Buffer overflow in the PPP Access Concentrator (PPPAC) on the SEI
TODO: check
CVE-2011-0455 (Cross-site scripting (XSS) vulnerability in Things BBS before 2.0.3 ...)
TODO: check
-CVE-2011-0456 (Open Ticket Request System (OTRS) 2.3.4 and earlier allows remote ...)
+CVE-2011-0456 (webscript.pl in Open Ticket Request System (OTRS) 2.3.4 and earlier ...)
TODO: check
CVE-2011-0457 (Cross-site scripting (XSS) vulnerability in e107 0.7.22 and earlier ...)
TODO: check
-CVE-2011-0458
- RESERVED
+CVE-2011-0458 (Untrusted search path vulnerability in the Locate on Disk feature in ...)
+ TODO: check
CVE-2011-0459
RESERVED
CVE-2011-0460
RESERVED
-CVE-2011-0461
- RESERVED
-CVE-2011-0462
- RESERVED
-CVE-2011-0463
- RESERVED
+CVE-2011-0461 (/etc/init.d/boot.localfs in the aaa_base package before 11.2-43.48.1 ...)
+ TODO: check
+CVE-2011-0462 (Multiple cross-site scripting (XSS) vulnerabilities in the login page ...)
+ TODO: check
+CVE-2011-0463 (The ocfs2_prepare_page_for_write function in fs/ocfs2/aops.c in the ...)
+ TODO: check
CVE-2011-0464 (Unspecified vulnerability in Novell Vibe OnPrem 3.0 before Hot Patch 1 ...)
TODO: check
-CVE-2011-0465
- RESERVED
-CVE-2011-0466
- RESERVED
+CVE-2011-0465 (xrdb.c in xrdb before 1.0.9 in X.Org X11R7.6 and earlier allows remote ...)
+ TODO: check
+CVE-2011-0466 (The API in SUSE openSUSE Build Service (OBS) 2.0.x before 2.0.8 and ...)
+ TODO: check
CVE-2011-0467
RESERVED
-CVE-2011-0468
- RESERVED
+CVE-2011-0468 (The aaa_base package before 11.3-8.9.1 in SUSE openSUSE 11.3, and ...)
+ TODO: check
CVE-2011-0469
RESERVED
CVE-2011-0470 (Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do ...)
@@ -96472,8 +96566,8 @@ CVE-2011-0534 (Apache Tomcat 7.0.0 through 7.0.6 and 6.0.0 through 6.0.30 does n
TODO: check
CVE-2011-0535 (Cross-site request forgery (CSRF) vulnerability in the Users module in ...)
TODO: check
-CVE-2011-0536
- RESERVED
+CVE-2011-0536 (Multiple untrusted search path vulnerabilities in elf/dl-object.c in ...)
+ TODO: check
CVE-2011-0537 (Multiple directory traversal vulnerabilities in (1) ...)
TODO: check
CVE-2011-0538 (Wireshark 1.2.0 through 1.2.14, 1.4.0 through 1.4.3, and 1.5.0 frees ...)
@@ -96490,8 +96584,8 @@ CVE-2011-0543
RESERVED
CVE-2011-0544
RESERVED
-CVE-2011-0545
- RESERVED
+CVE-2011-0545 (Cross-site request forgery (CSRF) vulnerability in adduser.do in ...)
+ TODO: check
CVE-2011-0546
RESERVED
CVE-2011-0547
@@ -96620,10 +96714,10 @@ CVE-2011-0608 (Adobe Flash Player before 10.2.152.26 allows attackers to execute
TODO: check
CVE-2011-0609 (Unspecified vulnerability in Adobe Flash Player 10.2.154.13 and ...)
TODO: check
-CVE-2011-0610
- RESERVED
-CVE-2011-0611
- RESERVED
+CVE-2011-0610 (The CoolType library in Adobe Reader 9.x before 9.4.4 and 10.x through ...)
+ TODO: check
+CVE-2011-0611 (Adobe Flash Player before 10.2.154.27 on Windows, Mac OS X, Linux, and ...)
+ TODO: check
CVE-2011-0612
RESERVED
CVE-2011-0613
@@ -96711,52 +96805,52 @@ CVE-2011-0653
RESERVED
CVE-2011-0654 (Integer underflow in the BowserWriteErrorLogEntry function in the ...)
TODO: check
-CVE-2011-0655
- RESERVED
-CVE-2011-0656
- RESERVED
-CVE-2011-0657
- RESERVED
+CVE-2011-0655 (Microsoft PowerPoint 2007 SP2 and 2010; Office 2004, 2008, and 2011 ...)
+ TODO: check
+CVE-2011-0656 (Microsoft PowerPoint 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office ...)
+ TODO: check
+CVE-2011-0657 (DNSAPI.dll in the DNS client in Microsoft Windows XP SP2 and SP3, ...)
+ TODO: check
CVE-2011-0658
RESERVED
CVE-2011-0659
RESERVED
-CVE-2011-0660
- RESERVED
-CVE-2011-0661
- RESERVED
-CVE-2011-0662
- RESERVED
-CVE-2011-0663
- RESERVED
+CVE-2011-0660 (The SMB client in Microsoft Windows XP SP2 and SP3, Windows Server ...)
+ TODO: check
+CVE-2011-0661 (The SMB Server service in Microsoft Windows XP SP2 and SP3, Windows ...)
+ TODO: check
+CVE-2011-0662 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers ...)
+ TODO: check
+CVE-2011-0663 (Multiple integer overflows in the Microsoft (1) JScript 5.6 through ...)
+ TODO: check
CVE-2011-0664
RESERVED
-CVE-2011-0665
- RESERVED
-CVE-2011-0666
- RESERVED
-CVE-2011-0667
- RESERVED
+CVE-2011-0665 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers ...)
+ TODO: check
+CVE-2011-0666 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers ...)
+ TODO: check
+CVE-2011-0667 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers ...)
+ TODO: check
CVE-2011-0668
RESERVED
CVE-2011-0669
RESERVED
-CVE-2011-0670
- RESERVED
-CVE-2011-0671
- RESERVED
-CVE-2011-0672
- RESERVED
-CVE-2011-0673
- RESERVED
-CVE-2011-0674
- RESERVED
-CVE-2011-0675
- RESERVED
-CVE-2011-0676
- RESERVED
-CVE-2011-0677
- RESERVED
+CVE-2011-0670 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers ...)
+ TODO: check
+CVE-2011-0671 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers ...)
+ TODO: check
+CVE-2011-0672 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers ...)
+ TODO: check
+CVE-2011-0673 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP3 ...)
+ TODO: check
+CVE-2011-0674 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers ...)
+ TODO: check
+CVE-2011-0675 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers ...)
+ TODO: check
+CVE-2011-0676 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
+ TODO: check
+CVE-2011-0677 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
+ TODO: check
CVE-2011-0678 (Unrestricted file upload vulnerability in the EasyEdit module in ...)
TODO: check
CVE-2011-0679 (IBM WebSphere Portal 6.0.1.1 through 7.0.0.0, as used in IBM Lotus Web ...)
@@ -96829,8 +96923,8 @@ CVE-2011-0712 (Multiple buffer overflows in the caiaq Native Instruments USB aud
TODO: check
CVE-2011-0713 (Heap-based buffer overflow in wiretap/dct3trace.c in Wireshark 1.2.0 ...)
TODO: check
-CVE-2011-0714
- RESERVED
+CVE-2011-0714 (Use-after-free vulnerability in a certain Red Hat patch for the RPC ...)
+ TODO: check
CVE-2011-0715 (The mod_dav_svn module for the Apache HTTP Server, as distributed in ...)
TODO: check
CVE-2011-0716
@@ -96841,7 +96935,7 @@ CVE-2011-0718 (Red Hat Network (RHN) Satellite Server 5.4 does not use a time de
TODO: check
CVE-2011-0719 (Samba 3.x before 3.3.15, 3.4.x before 3.4.12, and 3.5.x before 3.5.7 ...)
TODO: check
-CVE-2011-0720 (Unspecified vulnerability in Plone 2.5 through 4.0 allows remote ...)
+CVE-2011-0720 (Unspecified vulnerability in Plone 2.5 through 4.0, as used in Conga, ...)
TODO: check
CVE-2011-0721 (Multiple CRLF injection vulnerabilities in (1) chfn and (2) chsh in ...)
TODO: check
@@ -96855,12 +96949,12 @@ CVE-2011-0725 (Absolute path traversal vulnerability in the ...)
TODO: check
CVE-2011-0726
RESERVED
-CVE-2011-0727
- RESERVED
-CVE-2011-0728
- RESERVED
-CVE-2011-0729
- RESERVED
+CVE-2011-0727 (GNOME Display Manager (gdm) 2.x before 2.32.1 allows local users to ...)
+ TODO: check
+CVE-2011-0728 (Cross-site scripting (XSS) vulnerability in templatefunctions.py in ...)
+ TODO: check
+CVE-2011-0729 (dbus_backend/ls-dbus-backend in the D-Bus backend in language-selector ...)
+ TODO: check
CVE-2011-0730
RESERVED
CVE-2011-0731 (Buffer overflow in the DB2 Administration Server (DAS) component in ...)
@@ -96893,12 +96987,12 @@ CVE-2011-0744
RESERVED
CVE-2011-0745 (SugarCRM before 6.1.3 does not properly handle reloads and direct ...)
TODO: check
-CVE-2011-0746
- RESERVED
+CVE-2011-0746 (Cross-site request forgery (CSRF) vulnerability in ...)
+ TODO: check
CVE-2011-0747
RESERVED
-CVE-2011-0748
- RESERVED
+CVE-2011-0748 (Multiple cross-site request forgery (CSRF) vulnerabilities in phpList ...)
+ TODO: check
CVE-2011-0749
RESERVED
CVE-2011-0750
@@ -96913,26 +97007,26 @@ CVE-2011-0754 (The SplFileInfo::getType function in the Standard PHP Library (SP
TODO: check
CVE-2011-0755 (Integer overflow in the mt_rand function in PHP before 5.3.4 might ...)
TODO: check
-CVE-2011-0756
- RESERVED
+CVE-2011-0756 (The application server in Trustwave WebDefend Enterprise before 5.0 ...)
+ TODO: check
CVE-2011-0757 (IBM DB2 9.1 before FP10, 9.5 before FP6a, and 9.7 before FP2 on Linux, ...)
TODO: check
CVE-2011-0758 (The eCS component (ECSQdmn.exe) in CA ETrust Secure Content Manager ...)
TODO: check
CVE-2011-0759 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
TODO: check
-CVE-2011-0760
- RESERVED
+CVE-2011-0760 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+ TODO: check
CVE-2011-0761
RESERVED
CVE-2011-0762 (The vsf_filename_passes_filter function in ls.c in vsftpd before 2.3.3 ...)
TODO: check
CVE-2011-0763
RESERVED
-CVE-2011-0764
- RESERVED
-CVE-2011-0765
- RESERVED
+CVE-2011-0764 (t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6 and other ...)
+ TODO: check
+CVE-2011-0765 (Unspecified vulnerability in lft in pWhois Layer Four Traceroute (LFT) ...)
+ TODO: check
CVE-2011-0766
RESERVED
CVE-2011-0767
@@ -96971,64 +97065,64 @@ CVE-2011-0783 (Unspecified vulnerability in Google Chrome before 9.0.597.84 allo
TODO: check
CVE-2011-0784 (Race condition in Google Chrome before 9.0.597.84 allows remote ...)
TODO: check
-CVE-2011-0785
- RESERVED
+CVE-2011-0785 (Unspecified vulnerability in the Oracle Help component in Oracle ...)
+ TODO: check
CVE-2011-0786
RESERVED
-CVE-2011-0787
- RESERVED
+CVE-2011-0787 (Unspecified vulnerability in the Application Service Level Management ...)
+ TODO: check
CVE-2011-0788
RESERVED
-CVE-2011-0789
- RESERVED
-CVE-2011-0790
- RESERVED
-CVE-2011-0791
- RESERVED
-CVE-2011-0792
- RESERVED
-CVE-2011-0793
- RESERVED
-CVE-2011-0794
- RESERVED
-CVE-2011-0795
- RESERVED
-CVE-2011-0796
- RESERVED
-CVE-2011-0797
- RESERVED
-CVE-2011-0798
- RESERVED
-CVE-2011-0799
- RESERVED
-CVE-2011-0800
- RESERVED
-CVE-2011-0801
- RESERVED
+CVE-2011-0789 (Unspecified vulnerability in the Oracle HTTP Server component in ...)
+ TODO: check
+CVE-2011-0790 (Unspecified vulnerability in Oracle Solaris 9 and 10 allows local ...)
+ TODO: check
+CVE-2011-0791 (Unspecified vulnerability in the Application Object Library component ...)
+ TODO: check
+CVE-2011-0792 (Unspecified vulnerability in the Oracle Warehouse Builder component in ...)
+ TODO: check
+CVE-2011-0793 (Unspecified vulnerability in the Database Vault component in Oracle ...)
+ TODO: check
+CVE-2011-0794 (Unspecified vulnerability in the Oracle Outside In Technology ...)
+ TODO: check
+CVE-2011-0795 (Unspecified vulnerability in the Single Sign On component in Oracle ...)
+ TODO: check
+CVE-2011-0796 (Unspecified vulnerability in the Applications Install component in ...)
+ TODO: check
+CVE-2011-0797 (Unspecified vulnerability in the Applications Install component in ...)
+ TODO: check
+CVE-2011-0798 (Unspecified vulnerability in the Portal component in Oracle Fusion ...)
+ TODO: check
+CVE-2011-0799 (Unspecified vulnerability in the Oracle Warehouse Builder component in ...)
+ TODO: check
+CVE-2011-0800 (Unspecified vulnerability in the Solaris component in Oracle Solaris ...)
+ TODO: check
+CVE-2011-0801 (Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows ...)
+ TODO: check
CVE-2011-0802
RESERVED
-CVE-2011-0803
- RESERVED
-CVE-2011-0804
- RESERVED
-CVE-2011-0805
- RESERVED
-CVE-2011-0806
- RESERVED
-CVE-2011-0807
- RESERVED
-CVE-2011-0808
- RESERVED
-CVE-2011-0809
- RESERVED
-CVE-2011-0810
- RESERVED
+CVE-2011-0803 (Unspecified vulnerability in the JD Edwards EnterpriseOne Tools ...)
+ TODO: check
+CVE-2011-0804 (Unspecified vulnerability in the Database Vault component in Oracle ...)
+ TODO: check
+CVE-2011-0805 (Unspecified vulnerability in the UIX component in Oracle Database ...)
+ TODO: check
+CVE-2011-0806 (Unspecified vulnerability in the Network Foundation component in ...)
+ TODO: check
+CVE-2011-0807 (Unspecified vulnerability in Oracle Sun GlassFish Enterprise Server ...)
+ TODO: check
+CVE-2011-0808 (Unspecified vulnerability in the Oracle Outside In Technology ...)
+ TODO: check
+CVE-2011-0809 (Unspecified vulnerability in the Web ADI component in Oracle ...)
+ TODO: check
+CVE-2011-0810 (Unspecified vulnerability Oracle JD Edwards EnterpriseOne Tools 8.9 GA ...)
+ TODO: check
CVE-2011-0811
RESERVED
-CVE-2011-0812
- RESERVED
-CVE-2011-0813
- RESERVED
+CVE-2011-0812 (Unspecified vulnerability in the Solaris component in Oracle Solaris ...)
+ TODO: check
+CVE-2011-0813 (Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express ...)
+ TODO: check
CVE-2011-0814
RESERVED
CVE-2011-0815
@@ -97037,94 +97131,94 @@ CVE-2011-0816
RESERVED
CVE-2011-0817
RESERVED
-CVE-2011-0818
- RESERVED
-CVE-2011-0819
- RESERVED
-CVE-2011-0820
- RESERVED
-CVE-2011-0821
- RESERVED
+CVE-2011-0818 (Unspecified vulnerability in Oracle JD Edwards EnterpriseOne Tools 8.9 ...)
+ TODO: check
+CVE-2011-0819 (Unspecified vulnerability in Oracle JD Edwards EnterpriseOne Tools 8.9 ...)
+ TODO: check
+CVE-2011-0820 (Unspecified vulnerability in Oracle Solaris 10, and 11 Express allows ...)
+ TODO: check
+CVE-2011-0821 (Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows local ...)
+ TODO: check
CVE-2011-0822
RESERVED
-CVE-2011-0823
- RESERVED
-CVE-2011-0824
- RESERVED
-CVE-2011-0825
- RESERVED
-CVE-2011-0826
- RESERVED
-CVE-2011-0827
- RESERVED
-CVE-2011-0828
- RESERVED
-CVE-2011-0829
- RESERVED
+CVE-2011-0823 (Unspecified vulnerability in Oracle JD Edwards EnterpriseOne Tools 8.9 ...)
+ TODO: check
+CVE-2011-0824 (Unspecified vulnerability in Oracle JD Edwards EnterpriseOne Tools 8.9 ...)
+ TODO: check
+CVE-2011-0825 (Unspecified vulnerability in Oracle JD Edwards EnterpriseOne Tools 8.9 ...)
+ TODO: check
+CVE-2011-0826 (Unspecified vulnerability in Oracle PeopleSoft Enterprise 8.8 Bundle ...)
+ TODO: check
+CVE-2011-0827 (Unspecified vulnerability in the PeopleSoft Enterprise component in ...)
+ TODO: check
+CVE-2011-0828 (Unspecified vulnerability in Oracle PeopleSoft Enterprise 8.8 Bundle ...)
+ TODO: check
+CVE-2011-0829 (Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows ...)
+ TODO: check
CVE-2011-0830
RESERVED
CVE-2011-0831
RESERVED
CVE-2011-0832
RESERVED
-CVE-2011-0833
- RESERVED
-CVE-2011-0834
- RESERVED
+CVE-2011-0833 (Unspecified vulnerability in the Siebel CRM Core component in Oracle ...)
+ TODO: check
+CVE-2011-0834 (Unspecified vulnerability in the Siebel CRM Core component in Oracle ...)
+ TODO: check
CVE-2011-0835
RESERVED
-CVE-2011-0836
- RESERVED
-CVE-2011-0837
- RESERVED
+CVE-2011-0836 (Unspecified vulnerability in Oracle JD Edwards EnterpriseOne Tools 8.9 ...)
+ TODO: check
+CVE-2011-0837 (Unspecified vulnerability in the Agile Technology Platform component ...)
+ TODO: check
CVE-2011-0838
RESERVED
-CVE-2011-0839
- RESERVED
-CVE-2011-0840
- RESERVED
-CVE-2011-0841
- RESERVED
+CVE-2011-0839 (Unspecified vulnerability in Oracle Solaris 9, 10, and 11 Express ...)
+ TODO: check
+CVE-2011-0840 (Unspecified vulnerability in Oracle PeopleSoft Enterprise PeopleTools ...)
+ TODO: check
+CVE-2011-0841 (Unspecified vulnerability in Oracle Solaris 11 Express allows remote ...)
+ TODO: check
CVE-2011-0842
RESERVED
-CVE-2011-0843
- RESERVED
-CVE-2011-0844
- RESERVED
+CVE-2011-0843 (Unspecified vulnerability in the Siebel CRM Core component in Oracle ...)
+ TODO: check
+CVE-2011-0844 (Unspecified vulnerability in the OpenSSO Enterprise and Sun Java ...)
+ TODO: check
CVE-2011-0845
RESERVED
-CVE-2011-0846
- RESERVED
-CVE-2011-0847
- RESERVED
+CVE-2011-0846 (Unspecified vulnerability in the Oracle Sun Java System Access Manager ...)
+ TODO: check
+CVE-2011-0847 (Unspecified vulnerability in the OpenSSO Enterprise and Sun Java ...)
+ TODO: check
CVE-2011-0848
RESERVED
-CVE-2011-0849
- RESERVED
-CVE-2011-0850
- RESERVED
-CVE-2011-0851
- RESERVED
+CVE-2011-0849 (Unspecified vulnerability in Oracle Java Dynamic Management Kit 5.1 ...)
+ TODO: check
+CVE-2011-0850 (Unspecified vulnerability in Oracle PeopleSoft Enterprise CRM 8.9 ...)
+ TODO: check
+CVE-2011-0851 (Unspecified vulnerability in Oracle PeopleSoft Enterprise ELS 9.0 ...)
+ TODO: check
CVE-2011-0852
RESERVED
-CVE-2011-0853
- RESERVED
-CVE-2011-0854
- RESERVED
-CVE-2011-0855
- RESERVED
-CVE-2011-0856
- RESERVED
-CVE-2011-0857
- RESERVED
-CVE-2011-0858
- RESERVED
-CVE-2011-0859
- RESERVED
-CVE-2011-0860
- RESERVED
-CVE-2011-0861
- RESERVED
+CVE-2011-0853 (Unspecified vulnerability in Oracle PeopleSoft Enterprise HRMS 9.0 ...)
+ TODO: check
+CVE-2011-0854 (Unspecified vulnerability in Oracle PeopleSoft Enterprise HRMS 9.1 ...)
+ TODO: check
+CVE-2011-0855 (Unspecified vulnerability in the InForm component in Oracle Industry ...)
+ TODO: check
+CVE-2011-0856 (Unspecified vulnerability in Oracle PeopleSoft Enterprise 8.49 GA ...)
+ TODO: check
+CVE-2011-0857 (Unspecified vulnerability in Oracle PeopleSoft Enterprise HRMS 9.0 ...)
+ TODO: check
+CVE-2011-0858 (Unspecified vulnerability in Oracle PeopleSoft Enterprise HRMS 9.0 ...)
+ TODO: check
+CVE-2011-0859 (Unspecified vulnerability in Oracle PeopleSoft Enterprise HRMS 9.0 Tax ...)
+ TODO: check
+CVE-2011-0860 (Unspecified vulnerability in Oracle PeopleSoft Enterprise HRMS 9.0 ...)
+ TODO: check
+CVE-2011-0861 (Unspecified vulnerability in Oracle PeopleSoft Enterprise HRMS 9.0 ...)
+ TODO: check
CVE-2011-0862
RESERVED
CVE-2011-0863
@@ -97181,24 +97275,24 @@ CVE-2011-0888
RESERVED
CVE-2011-0889 (Unspecified vulnerability in HP Client Automation Enterprise (aka HPCA ...)
TODO: check
-CVE-2011-0890 (HP Discovery & Dependency Mapping Inventory (DDMI) 7.50, 7.51, 7.60, ...)
+CVE-2011-0890 (HP Discovery & Dependency Mapping Inventory (DDMI) 7.50, 7.51, 7.60, ...)
+ TODO: check
+CVE-2011-0891 (Unspecified vulnerability in the OS-Core.CORE2-KRN fileset in HP HP-UX ...)
+ TODO: check
+CVE-2011-0892 (Cross-site scripting (XSS) vulnerability in HP Diagnostics 7.5x and ...)
+ TODO: check
+CVE-2011-0893 (Cross-site scripting (XSS) vulnerability in HP Operations 9.10 on UNIX ...)
+ TODO: check
+CVE-2011-0894 (Unspecified vulnerability in HP Operations 9.10 on UNIX platforms ...)
+ TODO: check
+CVE-2011-0895 (Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x and ...)
+ TODO: check
+CVE-2011-0896 (Unspecified vulnerability in HP NFS/ONCplus B.11.31.10 and earlier on ...)
+ TODO: check
+CVE-2011-0897 (Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.00 ...)
+ TODO: check
+CVE-2011-0898 (Cross-site scripting (XSS) vulnerability in HP Network Node Manager i ...)
TODO: check
-CVE-2011-0891
- RESERVED
-CVE-2011-0892
- RESERVED
-CVE-2011-0893
- RESERVED
-CVE-2011-0894
- RESERVED
-CVE-2011-0895
- RESERVED
-CVE-2011-0896
- RESERVED
-CVE-2011-0897
- RESERVED
-CVE-2011-0898
- RESERVED
CVE-2011-0899 (The AES encryption module 7.x-1.4 for Drupal leaves certain debugging ...)
TODO: check
CVE-2011-0900 (Stack-based buffer overflow in the tsc_launch_remote function ...)
@@ -97209,10 +97303,10 @@ CVE-2011-0902 (Multiple untrusted search path vulnerabilities in the Java Servic
TODO: check
CVE-2011-0903 (Multiple directory traversal vulnerabilities in AR Web Content Manager ...)
TODO: check
-CVE-2011-0904
- RESERVED
-CVE-2011-0905
- RESERVED
+CVE-2011-0904 (The rfbSendFramebufferUpdate function in ...)
+ TODO: check
+CVE-2011-0905 (The rfbSendFramebufferUpdate function in ...)
+ TODO: check
CVE-2011-0906
RESERVED
CVE-2011-0907
@@ -97271,8 +97365,8 @@ CVE-2011-0933
RESERVED
CVE-2011-0934
RESERVED
-CVE-2011-0935
- RESERVED
+CVE-2011-0935 (The PKI functionality in Cisco IOS 15.0 and 15.1 does not prevent ...)
+ TODO: check
CVE-2011-0936
RESERVED
CVE-2011-0937
@@ -97303,8 +97397,8 @@ CVE-2011-0949
RESERVED
CVE-2011-0950
RESERVED
-CVE-2011-0951
- RESERVED
+CVE-2011-0951 (The web-based management interface in Cisco Secure Access Control ...)
+ TODO: check
CVE-2011-0952
RESERVED
CVE-2011-0953
@@ -97327,8 +97421,8 @@ CVE-2011-0961
RESERVED
CVE-2011-0962
RESERVED
-CVE-2011-0963
- RESERVED
+CVE-2011-0963 (The default configuration of the RADIUS authentication feature on the ...)
+ TODO: check
CVE-2011-0964
RESERVED
CVE-2011-0965
@@ -97353,15 +97447,15 @@ CVE-2011-0974
RESERVED
CVE-2011-0975 (Stack-based buffer overflow in BMC PATROL Agent Service Daemon for in ...)
TODO: check
-CVE-2011-0976 (Microsoft Office PowerPoint 2007 does not properly handle Office Art ...)
+CVE-2011-0976 (Microsoft PowerPoint 2002 SP3, 2003 SP3, and 2007 SP2; Office 2004 and ...)
TODO: check
-CVE-2011-0977 (Use-after-free vulnerability in Microsoft Excel 2007 allows remote ...)
+CVE-2011-0977 (Use-after-free vulnerability in Microsoft Office XP SP3, Office 2003 ...)
TODO: check
-CVE-2011-0978 (Stack-based buffer overflow in Microsoft Office Excel allows remote ...)
+CVE-2011-0978 (Stack-based buffer overflow in Microsoft Excel 2002 SP3, 2003 SP3, and ...)
TODO: check
-CVE-2011-0979 (Microsoft Office Excel does not properly handle errors during the ...)
+CVE-2011-0979 (Microsoft Excel 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004, ...)
TODO: check
-CVE-2011-0980 (Microsoft Office Excel 2003 does not properly parse Office Art ...)
+CVE-2011-0980 (Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, ...)
TODO: check
CVE-2011-0981 (Google Chrome before 9.0.597.94 does not properly perform event ...)
TODO: check
@@ -97377,26 +97471,26 @@ CVE-2011-0986 (phpMyAdmin 2.11.x before 2.11.11.2, and 3.3.x before 3.3.9.1, doe
TODO: check
CVE-2011-0987 (The PMA_Bookmark_get function in libraries/bookmark.lib.php in ...)
TODO: check
-CVE-2011-0988
- RESERVED
-CVE-2011-0989
- RESERVED
-CVE-2011-0990
- RESERVED
-CVE-2011-0991
- RESERVED
-CVE-2011-0992
- RESERVED
+CVE-2011-0988 (pure-ftpd 1.0.22, as used in SUSE Linux Enterprise Server 10 SP3 and ...)
+ TODO: check
+CVE-2011-0989 (The RuntimeHelpers.InitializeArray method in metadata/icall.c in Mono, ...)
+ TODO: check
+CVE-2011-0990 (Race condition in the FastCopy optimization in the Array.Copy method ...)
+ TODO: check
+CVE-2011-0991 (Use-after-free vulnerability in Mono, when Moonlight 2.x before 2.4.1 ...)
+ TODO: check
+CVE-2011-0992 (Use-after-free vulnerability in Mono, when Moonlight 2.x before 2.4.1 ...)
+ TODO: check
CVE-2011-0993
RESERVED
-CVE-2011-0994
- RESERVED
+CVE-2011-0994 (Stack-based buffer overflow in NFRAgent.exe in Novell File Reporter ...)
+ TODO: check
CVE-2011-0995
RESERVED
-CVE-2011-0996
- RESERVED
-CVE-2011-0997
- RESERVED
+CVE-2011-0996 (dhcpcd before 5.2.12 allows remote attackers to execute arbitrary ...)
+ TODO: check
+CVE-2011-0997 (dhclient in ISC DHCP 3.0.x through 4.2.x before 4.2.1-P1, 3.1-ESV ...)
+ TODO: check
CVE-2011-0998
RESERVED
CVE-2011-0999 (mm/huge_memory.c in the Linux kernel before 2.6.38-rc5 does not ...)
@@ -97427,12 +97521,12 @@ CVE-2011-1011 (The seunshare_mount function in sandbox/seunshare.c in seunshare
TODO: check
CVE-2011-1012 (The ldm_parse_vmdb function in fs/partitions/ldm.c in the Linux kernel ...)
TODO: check
-CVE-2011-1013
- RESERVED
+CVE-2011-1013 (Integer signedness error in the drm_modeset_ctl function in (1) ...)
+ TODO: check
CVE-2011-1014
RESERVED
-CVE-2011-1015
- RESERVED
+CVE-2011-1015 (The is_cgi method in CGIHTTPServer.py in the CGIHTTPServer module in ...)
+ TODO: check
CVE-2011-1016 (The Radeon GPU drivers in the Linux kernel before 2.6.38-rc5 do not ...)
TODO: check
CVE-2011-1017 (Heap-based buffer overflow in the ldm_frag_add function in ...)
@@ -97543,8 +97637,8 @@ CVE-2011-1069
RESERVED
CVE-2011-1070
RESERVED
-CVE-2011-1071
- RESERVED
+CVE-2011-1071 (The GNU C Library (aka glibc or libc6) before 2.12.2 and Embedded ...)
+ TODO: check
CVE-2011-1072 (The installer in PEAR before 1.9.2 allows local users to overwrite ...)
TODO: check
CVE-2011-1073 (crontab.c in crontab in FreeBSD and Apple Mac OS X allows local users ...)
@@ -97565,24 +97659,24 @@ CVE-2011-1080
RESERVED
CVE-2011-1081 (modrdn.c in slapd in OpenLDAP 2.4.x before 2.4.24 allows remote ...)
TODO: check
-CVE-2011-1082
- RESERVED
-CVE-2011-1083
- RESERVED
+CVE-2011-1082 (fs/eventpoll.c in the Linux kernel before 2.6.38 places epoll file ...)
+ TODO: check
+CVE-2011-1083 (The epoll implementation in the Linux kernel 2.6.37.2 and earlier does ...)
+ TODO: check
CVE-2011-1084
RESERVED
CVE-2011-1085
RESERVED
CVE-2011-1086
RESERVED
-CVE-2011-1087
- RESERVED
+CVE-2011-1087 (Buffer overflow in VideoLAN VLC media player 1.0.5 allows ...)
+ TODO: check
CVE-2011-1088 (Apache Tomcat 7.x before 7.0.10 does not follow ServletSecurity ...)
TODO: check
-CVE-2011-1089
- RESERVED
-CVE-2011-1090
- RESERVED
+CVE-2011-1089 (The addmntent function in the GNU C Library (aka glibc or libc6) 2.13 ...)
+ TODO: check
+CVE-2011-1090 (The __nfs4_proc_set_acl function in fs/nfs/nfs4proc.c in the Linux ...)
+ TODO: check
CVE-2011-1091 (libymsg.c in the Yahoo! protocol plugin in libpurple in Pidgin 2.6.0 ...)
TODO: check
CVE-2011-1092 (Integer overflow in ext/shmop/shmop.c in PHP before 5.3.6 allows ...)
@@ -97591,14 +97685,14 @@ CVE-2011-1093
RESERVED
CVE-2011-1094 (kio/kio/tcpslavebase.cpp in KDE KSSL in kdelibs before 4.6.1 does not ...)
TODO: check
-CVE-2011-1095
- RESERVED
+CVE-2011-1095 (locale/programs/locale.c in locale in the GNU C Library (aka glibc or ...)
+ TODO: check
CVE-2011-1096
RESERVED
-CVE-2011-1097
- RESERVED
-CVE-2011-1098
- RESERVED
+CVE-2011-1097 (rsync 3.x before 3.0.8, when certain recursion, deletion, and ...)
+ TODO: check
+CVE-2011-1098 (Race condition in the createOutputFile function in logrotate.c in ...)
+ TODO: check
CVE-2011-1099 (Multiple directory traversal vulnerabilities in FocalMedia.Net Quick ...)
TODO: check
CVE-2011-1100 (Multiple SQL injection vulnerabilities in admin/index.php in Pixelpost ...)
@@ -97653,8 +97747,8 @@ CVE-2011-1124 (Use-after-free vulnerability in Google Chrome before 9.0.597.107
TODO: check
CVE-2011-1125 (Google Chrome before 9.0.597.107 does not properly perform layout, ...)
TODO: check
-CVE-2011-1126
- RESERVED
+CVE-2011-1126 (VMware vmrun, as used in VIX API 1.x before 1.10.3 and VMware ...)
+ TODO: check
CVE-2011-1127
RESERVED
CVE-2011-1128
@@ -97699,8 +97793,8 @@ CVE-2011-1147 (Multiple stack-based and heap-based buffer overflows in the (1) .
TODO: check
CVE-2011-1148 (Use-after-free vulnerability in the substr_replace function in PHP ...)
TODO: check
-CVE-2011-1149
- RESERVED
+CVE-2011-1149 (Android before 2.3 does not properly restrict access to the system ...)
+ TODO: check
CVE-2011-1150
RESERVED
CVE-2011-1151
@@ -97709,16 +97803,16 @@ CVE-2011-1152
RESERVED
CVE-2011-1153 (Multiple format string vulnerabilities in phar_object.c in the phar ...)
TODO: check
-CVE-2011-1154
- RESERVED
-CVE-2011-1155
- RESERVED
-CVE-2011-1156
- RESERVED
-CVE-2011-1157
- RESERVED
-CVE-2011-1158
- RESERVED
+CVE-2011-1154 (The shred_file function in logrotate.c in logrotate 3.7.9 and earlier ...)
+ TODO: check
+CVE-2011-1155 (The writeState function in logrotate.c in logrotate 3.7.9 and earlier ...)
+ TODO: check
+CVE-2011-1156 (feedparser.py in Universal Feed Parser (aka feedparser or ...)
+ TODO: check
+CVE-2011-1157 (Cross-site scripting (XSS) vulnerability in feedparser.py in Universal ...)
+ TODO: check
+CVE-2011-1158 (Cross-site scripting (XSS) vulnerability in feedparser.py in Universal ...)
+ TODO: check
CVE-2011-1159
RESERVED
CVE-2011-1160
@@ -97727,20 +97821,20 @@ CVE-2011-1161
RESERVED
CVE-2011-1162
RESERVED
-CVE-2011-1163
- RESERVED
+CVE-2011-1163 (The osf_partition function in fs/partitions/osf.c in the Linux kernel ...)
+ TODO: check
CVE-2011-1164
RESERVED
CVE-2011-1165
RESERVED
CVE-2011-1166
RESERVED
-CVE-2011-1167
- RESERVED
-CVE-2011-1168
- RESERVED
-CVE-2011-1169
- RESERVED
+CVE-2011-1167 (Heap-based buffer overflow in the thunder (aka ThunderScan) decoder in ...)
+ TODO: check
+CVE-2011-1168 (Cross-site scripting (XSS) vulnerability in the KHTMLPart::htmlError ...)
+ TODO: check
+CVE-2011-1169 (Array index error in the asihpi_hpi_ioctl function in ...)
+ TODO: check
CVE-2011-1170
RESERVED
CVE-2011-1171
@@ -97749,26 +97843,26 @@ CVE-2011-1172
RESERVED
CVE-2011-1173
RESERVED
-CVE-2011-1174
- RESERVED
-CVE-2011-1175
- RESERVED
-CVE-2011-1176
- RESERVED
+CVE-2011-1174 (manager.c in Asterisk Open Source 1.6.1.x before 1.6.1.24, 1.6.2.x ...)
+ TODO: check
+CVE-2011-1175 (tcptls.c in the TCP/TLS server in Asterisk Open Source 1.6.1.x before ...)
+ TODO: check
+CVE-2011-1176 (The configuration merger in itk.c in the Steinar H. Gunderson mpm-itk ...)
+ TODO: check
CVE-2011-1177
RESERVED
CVE-2011-1178
RESERVED
-CVE-2011-1179
- RESERVED
+CVE-2011-1179 (The SPICE Firefox plug-in (spice-xpi) 2.4, 2.3, 2.2, and possibly ...)
+ TODO: check
CVE-2011-1180
RESERVED
CVE-2011-1181
RESERVED
CVE-2011-1182
RESERVED
-CVE-2011-1183
- RESERVED
+CVE-2011-1183 (Apache Tomcat 7.0.11, when web.xml has no login configuration, does ...)
+ TODO: check
CVE-2011-1184
RESERVED
CVE-2011-1185 (Google Chrome before 10.0.648.127 does not prevent (1) navigation and ...)
@@ -97805,22 +97899,22 @@ CVE-2011-1200 (Google Chrome before 10.0.648.127 does not properly perform a cas
TODO: check
CVE-2011-1201 (The context implementation in WebKit, as used in Google Chrome before ...)
TODO: check
-CVE-2011-1202 (Unspecified vulnerability in the XSLT implementation in Google Chrome ...)
+CVE-2011-1202 (The xsltGenerateIdFunction function in functions.c in libxslt 1.1.26 ...)
TODO: check
CVE-2011-1203 (Google Chrome before 10.0.648.127 does not properly handle SVG ...)
TODO: check
CVE-2011-1204 (Google Chrome before 10.0.648.127 does not properly handle attributes, ...)
TODO: check
-CVE-2011-1205
- RESERVED
-CVE-2011-1206
- RESERVED
-CVE-2011-1207
- RESERVED
-CVE-2011-1208
- RESERVED
-CVE-2011-1209
- RESERVED
+CVE-2011-1205 (Multiple buffer overflows in unspecified COM objects in Rational ...)
+ TODO: check
+CVE-2011-1206 (Stack-based buffer overflow in the server process in ibmslapd.exe in ...)
+ TODO: check
+CVE-2011-1207 (The ActiveBar1 ActiveX control in the Data Dynamics ActiveBar ActiveX ...)
+ TODO: check
+CVE-2011-1208 (IBM solidDB 4.5.x before 4.5.182, 6.0.x before 6.0.1069, 6.1.x and ...)
+ TODO: check
+CVE-2011-1209 (IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.39 and 7.0 ...)
+ TODO: check
CVE-2011-1210
RESERVED
CVE-2011-1211
@@ -97851,48 +97945,48 @@ CVE-2011-1223
RESERVED
CVE-2011-1224
RESERVED
-CVE-2011-1225
- RESERVED
-CVE-2011-1226
- RESERVED
-CVE-2011-1227
- RESERVED
-CVE-2011-1228
- RESERVED
-CVE-2011-1229
- RESERVED
-CVE-2011-1230
- RESERVED
-CVE-2011-1231
- RESERVED
-CVE-2011-1232
- RESERVED
-CVE-2011-1233
- RESERVED
-CVE-2011-1234
- RESERVED
-CVE-2011-1235
- RESERVED
-CVE-2011-1236
- RESERVED
-CVE-2011-1237
- RESERVED
-CVE-2011-1238
- RESERVED
-CVE-2011-1239
- RESERVED
-CVE-2011-1240
- RESERVED
-CVE-2011-1241
- RESERVED
-CVE-2011-1242
- RESERVED
-CVE-2011-1243
- RESERVED
-CVE-2011-1244
- RESERVED
-CVE-2011-1245
- RESERVED
+CVE-2011-1225 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
+ TODO: check
+CVE-2011-1226 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
+ TODO: check
+CVE-2011-1227 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
+ TODO: check
+CVE-2011-1228 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
+ TODO: check
+CVE-2011-1229 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
+ TODO: check
+CVE-2011-1230 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
+ TODO: check
+CVE-2011-1231 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
+ TODO: check
+CVE-2011-1232 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
+ TODO: check
+CVE-2011-1233 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
+ TODO: check
+CVE-2011-1234 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers ...)
+ TODO: check
+CVE-2011-1235 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers ...)
+ TODO: check
+CVE-2011-1236 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers ...)
+ TODO: check
+CVE-2011-1237 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers ...)
+ TODO: check
+CVE-2011-1238 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers ...)
+ TODO: check
+CVE-2011-1239 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers ...)
+ TODO: check
+CVE-2011-1240 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers ...)
+ TODO: check
+CVE-2011-1241 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers ...)
+ TODO: check
+CVE-2011-1242 (Use-after-free vulnerability in win32k.sys in the kernel-mode drivers ...)
+ TODO: check
+CVE-2011-1243 (The Windows Messenger ActiveX control in msgsc.dll in Microsoft ...)
+ TODO: check
+CVE-2011-1244 (Microsoft Internet Explorer 6, 7, and 8 does not enforce intended ...)
+ TODO: check
+CVE-2011-1245 (Microsoft Internet Explorer 6 and 7 does not properly restrict script ...)
+ TODO: check
CVE-2011-1246
RESERVED
CVE-2011-1247
@@ -97943,8 +98037,8 @@ CVE-2011-1269
RESERVED
CVE-2011-1270
RESERVED
-CVE-2011-1271
- RESERVED
+CVE-2011-1271 (The JIT compiler in Microsoft .NET Framework before 4 beta 2, when ...)
+ TODO: check
CVE-2011-1272
RESERVED
CVE-2011-1273
@@ -98001,18 +98095,18 @@ CVE-2011-1298
RESERVED
CVE-2011-1299
RESERVED
-CVE-2011-1300
- RESERVED
-CVE-2011-1301
- RESERVED
-CVE-2011-1302
- RESERVED
-CVE-2011-1303
- RESERVED
-CVE-2011-1304
- RESERVED
-CVE-2011-1305
- RESERVED
+CVE-2011-1300 (The Program::getActiveUniformMaxLength function in ...)
+ TODO: check
+CVE-2011-1301 (Use-after-free vulnerability in the GPU process in Google Chrome ...)
+ TODO: check
+CVE-2011-1302 (Heap-based buffer overflow in the GPU process in Google Chrome before ...)
+ TODO: check
+CVE-2011-1303 (Google Chrome before 11.0.696.57 does not properly handle floating ...)
+ TODO: check
+CVE-2011-1304 (Unspecified vulnerability in Google Chrome before 11.0.696.57 allows ...)
+ TODO: check
+CVE-2011-1305 (Race condition in Google Chrome before 11.0.696.57 on Linux and Mac OS ...)
+ TODO: check
CVE-2011-1306 (Unspecified vulnerability in the Scratchpad application in Google ...)
TODO: check
CVE-2011-1307 (The installer in IBM WebSphere Application Server (WAS) before ...)
@@ -98047,10 +98141,10 @@ CVE-2011-1321 (The AuthCache purge implementation in the Security component in I
TODO: check
CVE-2011-1322 (The SOAP with Attachments API for Java (SAAJ) implementation in the ...)
TODO: check
-CVE-2011-1323
- RESERVED
-CVE-2011-1324
- RESERVED
+CVE-2011-1323 (Yamaha RTX, RT, SRT, RTV, RTW, and RTA series routers with firmware ...)
+ TODO: check
+CVE-2011-1324 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+ TODO: check
CVE-2011-1325
RESERVED
CVE-2011-1326
@@ -98089,9 +98183,9 @@ CVE-2011-1342
RESERVED
CVE-2011-1343 (SQL injection vulnerability in the Web GUI in IBM Tivoli ...)
TODO: check
-CVE-2011-1344 (Unspecified vulnerability in WebKit, as used in Apple Safari 5.0.4 on ...)
+CVE-2011-1344 (Use-after-free vulnerability in WebKit, as used in Apple Safari before ...)
TODO: check
-CVE-2011-1345 (Unspecified vulnerability in Microsoft Internet Explorer 8 on Windows ...)
+CVE-2011-1345 (Microsoft Internet Explorer 6, 7, and 8 does not properly handle ...)
TODO: check
CVE-2011-1346 (Unspecified vulnerability in Microsoft Internet Explorer 8 on Windows ...)
TODO: check
@@ -98203,8 +98297,8 @@ CVE-2011-1399
RESERVED
CVE-2011-1400 (The default configuration of the shell_escape_commands directive in ...)
TODO: check
-CVE-2011-1401
- RESERVED
+CVE-2011-1401 (ikiwiki before 3.20110328 does not ascertain whether the htmlscrubber ...)
+ TODO: check
CVE-2011-1402
RESERVED
CVE-2011-1403
@@ -98236,26 +98330,26 @@ CVE-2011-1415
TODO: check
CVE-2011-1416 (The Research In Motion (RIM) BlackBerry Torch 9800 with firmware ...)
TODO: check
-CVE-2011-1417 (QuickLook, as used in Apple Mac OS X before 10.6.7 and MobileSafari in ...)
+CVE-2011-1417 (Integer overflow in QuickLook, as used in Apple Mac OS X before 10.6.7 ...)
TODO: check
CVE-2011-1418 (The stateless address autoconfiguration (aka SLAAC) functionality in ...)
TODO: check
CVE-2011-1419 (Apache Tomcat 7.x before 7.0.11, when web.xml has no security ...)
TODO: check
-CVE-2011-1420
- RESERVED
-CVE-2011-1421
- RESERVED
-CVE-2011-1422
- RESERVED
-CVE-2011-1423
- RESERVED
+CVE-2011-1420 (EMC Data Protection Advisor Collector 5.7 and 5.7.1 on Solaris SPARC ...)
+ TODO: check
+CVE-2011-1421 (EMC NetWorker 7.5.x before 7.5.4.3 and 7.6.x before 7.6.1.5, when the ...)
+ TODO: check
+CVE-2011-1422 (Cross-site scripting (XSS) vulnerability in an unspecified Shockwave ...)
+ TODO: check
+CVE-2011-1423 (Cross-site scripting (XSS) vulnerability in RSA Data Loss Prevention ...)
+ TODO: check
CVE-2011-1424
RESERVED
-CVE-2011-1425
- RESERVED
-CVE-2011-1426
- RESERVED
+CVE-2011-1425 (xslt.c in XML Security Library (aka xmlsec) before 1.2.17, as used in ...)
+ TODO: check
+CVE-2011-1426 (The OpenURLInDefaultBrowser method in RealNetworks RealPlayer 11.0 ...)
+ TODO: check
CVE-2011-1427 (Multiple cross-site scripting (XSS) vulnerabilities in Kodak InSite ...)
TODO: check
CVE-2011-1428 (Wee Enhanced Environment for Chat (aka WeeChat) 0.3.4 and earlier does ...)
@@ -98270,52 +98364,52 @@ CVE-2011-1432 (The STARTTLS implementation in SCO SCOoffice Server does not prop
TODO: check
CVE-2011-1433 (The (1) AgentInterface and (2) CustomerInterface components in Open ...)
TODO: check
-CVE-2011-1434
- RESERVED
-CVE-2011-1435
- RESERVED
-CVE-2011-1436
- RESERVED
-CVE-2011-1437
- RESERVED
-CVE-2011-1438
- RESERVED
-CVE-2011-1439
- RESERVED
-CVE-2011-1440
- RESERVED
-CVE-2011-1441
- RESERVED
-CVE-2011-1442
- RESERVED
-CVE-2011-1443
- RESERVED
-CVE-2011-1444
- RESERVED
-CVE-2011-1445
- RESERVED
-CVE-2011-1446
- RESERVED
-CVE-2011-1447
- RESERVED
-CVE-2011-1448
- RESERVED
-CVE-2011-1449
- RESERVED
-CVE-2011-1450
- RESERVED
-CVE-2011-1451
- RESERVED
-CVE-2011-1452
- RESERVED
+CVE-2011-1434 (Google Chrome before 11.0.696.57 does not ensure thread safety during ...)
+ TODO: check
+CVE-2011-1435 (Google Chrome before 11.0.696.57 does not properly implement the tabs ...)
+ TODO: check
+CVE-2011-1436 (Google Chrome before 11.0.696.57 on Linux does not properly interact ...)
+ TODO: check
+CVE-2011-1437 (Multiple integer overflows in Google Chrome before 11.0.696.57 allow ...)
+ TODO: check
+CVE-2011-1438 (Google Chrome before 11.0.696.57 allows remote attackers to bypass the ...)
+ TODO: check
+CVE-2011-1439 (Google Chrome before 11.0.696.57 on Linux does not properly isolate ...)
+ TODO: check
+CVE-2011-1440 (Use-after-free vulnerability in Google Chrome before 11.0.696.57 ...)
+ TODO: check
+CVE-2011-1441 (Google Chrome before 11.0.696.57 does not properly perform a cast of ...)
+ TODO: check
+CVE-2011-1442 (Google Chrome before 11.0.696.57 does not properly handle mutation ...)
+ TODO: check
+CVE-2011-1443 (Google Chrome before 11.0.696.57 does not properly implement layering, ...)
+ TODO: check
+CVE-2011-1444 (Race condition in the sandbox launcher implementation in Google Chrome ...)
+ TODO: check
+CVE-2011-1445 (Google Chrome before 11.0.696.57 does not properly handle SVG ...)
+ TODO: check
+CVE-2011-1446 (Google Chrome before 11.0.696.57 allows remote attackers to spoof the ...)
+ TODO: check
+CVE-2011-1447 (Google Chrome before 11.0.696.57 does not properly handle drop-down ...)
+ TODO: check
+CVE-2011-1448 (Google Chrome before 11.0.696.57 does not properly perform height ...)
+ TODO: check
+CVE-2011-1449 (Use-after-free vulnerability in the WebSockets implementation in ...)
+ TODO: check
+CVE-2011-1450 (Google Chrome before 11.0.696.57 does not properly present file ...)
+ TODO: check
+CVE-2011-1451 (Google Chrome before 11.0.696.57 does not properly handle DOM id maps, ...)
+ TODO: check
+CVE-2011-1452 (Google Chrome before 11.0.696.57 allows user-assisted remote attackers ...)
+ TODO: check
CVE-2011-1453
RESERVED
-CVE-2011-1454
- RESERVED
-CVE-2011-1455
- RESERVED
-CVE-2011-1456
- RESERVED
+CVE-2011-1454 (Use-after-free vulnerability in the DOM id handling functionality in ...)
+ TODO: check
+CVE-2011-1455 (Google Chrome before 11.0.696.57 does not properly handle PDF ...)
+ TODO: check
+CVE-2011-1456 (Google Chrome before 11.0.696.57 does not properly handle PDF forms, ...)
+ TODO: check
CVE-2011-1457
RESERVED
CVE-2011-1458
@@ -98346,14 +98440,14 @@ CVE-2011-1470 (The Zip extension in PHP before 5.3.6 allows context-dependent ..
TODO: check
CVE-2011-1471 (Integer signedness error in zip_stream.c in the Zip extension in PHP ...)
TODO: check
-CVE-2011-1472
- RESERVED
+CVE-2011-1472 (The Nokia E75 phone with firmware before 211.12.01 allows physically ...)
+ TODO: check
CVE-2011-1473
RESERVED
CVE-2011-1474
RESERVED
-CVE-2011-1475
- RESERVED
+CVE-2011-1475 (The HTTP BIO connector in Apache Tomcat 7.0.x before 7.0.12 does not ...)
+ TODO: check
CVE-2011-1476
RESERVED
CVE-2011-1477
@@ -98376,48 +98470,48 @@ CVE-2011-1485
RESERVED
CVE-2011-1486
RESERVED
-CVE-2011-1487
- RESERVED
+CVE-2011-1487 (The (1) lc, (2) lcfirst, (3) uc, and (4) ucfirst functions in Perl ...)
+ TODO: check
CVE-2011-1488
RESERVED
CVE-2011-1489
RESERVED
CVE-2011-1490
RESERVED
-CVE-2011-1491
- RESERVED
-CVE-2011-1492
- RESERVED
+CVE-2011-1491 (The login form in Roundcube Webmail before 0.5.1 does not properly ...)
+ TODO: check
+CVE-2011-1492 (steps/utils/modcss.inc in Roundcube Webmail before 0.5.1 does not ...)
+ TODO: check
CVE-2011-1493
RESERVED
-CVE-2011-1494
- RESERVED
-CVE-2011-1495
- RESERVED
-CVE-2011-1496
- RESERVED
+CVE-2011-1494 (Integer overflow in the _ctl_do_mpt_command function in ...)
+ TODO: check
+CVE-2011-1495 (drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Linux kernel 2.6.38 and ...)
+ TODO: check
+CVE-2011-1496 (tmux 1.3 and 1.4 does not properly drop group privileges, which allows ...)
+ TODO: check
CVE-2011-1497
RESERVED
CVE-2011-1498
RESERVED
-CVE-2011-1499
- RESERVED
-CVE-2011-1500
- RESERVED
+CVE-2011-1499 (acl.c in Tinyproxy before 1.8.3, when an Allow configuration setting ...)
+ TODO: check
+CVE-2011-1500 (PreferencesPithosDialog.py in Pithos 0.3.7 does not properly restrict ...)
+ TODO: check
CVE-2011-1501
- RESERVED
-CVE-2011-1502
- RESERVED
-CVE-2011-1503
- RESERVED
-CVE-2011-1504
- RESERVED
+ REJECTED
+CVE-2011-1502 (Liferay Portal Community Edition (CE) 6.x before 6.0.6 GA, when Apache ...)
+ TODO: check
+CVE-2011-1503 (The XSL Content portlet in Liferay Portal Community Edition (CE) 5.x ...)
+ TODO: check
+CVE-2011-1504 (Cross-site scripting (XSS) vulnerability in Liferay Portal Community ...)
+ TODO: check
CVE-2011-1505 (Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.27 ...)
TODO: check
CVE-2011-1506 (The STARTTLS implementation in Kerio Connect 7.1.4 build 2985 and ...)
TODO: check
-CVE-2011-1507
- RESERVED
+CVE-2011-1507 (Asterisk Open Source 1.4.x before 1.4.40.1, 1.6.1.x before 1.6.1.25, ...)
+ TODO: check
CVE-2011-1508
RESERVED
CVE-2011-1509
@@ -98438,7 +98532,1131 @@ CVE-2011-1516
RESERVED
CVE-2011-1517
RESERVED
-CVE-2011-1519 (The remote console in the Server Controller in IBM Lotus Domino 7.x and ...)
+CVE-2011-1518 (Multiple cross-site scripting (XSS) vulnerabilities in Open Ticket ...)
+ TODO: check
+CVE-2011-1519 (The remote console in the Server Controller in IBM Lotus Domino 7.x ...)
TODO: check
CVE-2011-1520 (The default configuration of the server console in IBM Lotus Domino ...)
TODO: check
+CVE-2011-1521
+ RESERVED
+CVE-2011-1522 (Multiple SQL injection vulnerabilities in the ...)
+ TODO: check
+CVE-2011-1523 (Cross-site scripting (XSS) vulnerability in statusmap.c in ...)
+ TODO: check
+CVE-2011-1524 (Cross-site scripting (XSS) vulnerability in the management login GUI ...)
+ TODO: check
+CVE-2011-1525 (Heap-based buffer overflow in rvrender.dll in RealNetworks RealPlayer ...)
+ TODO: check
+CVE-2011-1526
+ RESERVED
+CVE-2011-1527
+ RESERVED
+CVE-2011-1528
+ RESERVED
+CVE-2011-1529
+ RESERVED
+CVE-2011-1530
+ RESERVED
+CVE-2011-1531 (The webscan component in the Embedded Web Server (EWS) on the HP ...)
+ TODO: check
+CVE-2011-1532 (Unspecified vulnerability in the SNMP component on the HP Photosmart ...)
+ TODO: check
+CVE-2011-1533 (Cross-site scripting (XSS) vulnerability on the HP Photosmart D110 and ...)
+ TODO: check
+CVE-2011-1534 (Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x ...)
+ TODO: check
+CVE-2011-1535 (Unspecified vulnerability in HP Insight Control for Linux (aka ...)
+ TODO: check
+CVE-2011-1536 (Unspecified vulnerability in HP Performance Insight 5.0, 5.1x. 5.2x, ...)
+ TODO: check
+CVE-2011-1537 (Cross-site scripting (XSS) vulnerability in HP Proliant Support Pack ...)
+ TODO: check
+CVE-2011-1538 (Open redirect vulnerability in HP Proliant Support Pack (PSP) before ...)
+ TODO: check
+CVE-2011-1539 (Unspecified vulnerability in HP Proliant Support Pack (PSP) before 8.7 ...)
+ TODO: check
+CVE-2011-1540 (Unspecified vulnerability in HP System Management Homepage (SMH) ...)
+ TODO: check
+CVE-2011-1541 (Unspecified vulnerability in HP System Management Homepage (SMH) ...)
+ TODO: check
+CVE-2011-1542 (Cross-site scripting (XSS) vulnerability in HP Systems Insight Manager ...)
+ TODO: check
+CVE-2011-1543 (Cross-site request forgery (CSRF) vulnerability in HP Systems Insight ...)
+ TODO: check
+CVE-2011-1544 (Unspecified vulnerability in HP Insight Control Performance Management ...)
+ TODO: check
+CVE-2011-1545 (Cross-site request forgery (CSRF) vulnerability in HP Insight Control ...)
+ TODO: check
+CVE-2011-1546 (Multiple SQL injection vulnerabilities in Andy's PHP Knowledgebase ...)
+ TODO: check
+CVE-2011-1547 (Multiple stack consumption vulnerabilities in the kernel in NetBSD ...)
+ TODO: check
+CVE-2011-1548 (The default configuration of logrotate on Debian GNU/Linux uses root ...)
+ TODO: check
+CVE-2011-1549 (The default configuration of logrotate on Gentoo Linux uses root ...)
+ TODO: check
+CVE-2011-1550 (The default configuration of logrotate on SUSE openSUSE Factory uses ...)
+ TODO: check
+CVE-2011-1551 (SUSE openSUSE Factory assigns ownership of the /var/log/cobbler/ ...)
+ TODO: check
+CVE-2011-1552 (t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6 and other ...)
+ TODO: check
+CVE-2011-1553 (Use-after-free vulnerability in t1lib 5.1.2 and earlier, as used in ...)
+ TODO: check
+CVE-2011-1554 (Off-by-one error in t1lib 5.1.2 and earlier, as used in Xpdf before ...)
+ TODO: check
+CVE-2011-1555 (SQL injection vulnerability in saa.php in Andy's PHP Knowledgebase ...)
+ TODO: check
+CVE-2011-1556 (SQL injection vulnerability in plugins/pdfClasses/pdfgen.php in Andy's ...)
+ TODO: check
+CVE-2011-1557 (SQL injection vulnerability in ICloudCenter ICJobSite 1.1 allows ...)
+ TODO: check
+CVE-2011-1558 (Multiple cross-site scripting (XSS) vulnerabilities in the IBM Web ...)
+ TODO: check
+CVE-2011-1559 (Unspecified vulnerability in the IBM Web Interface for Content ...)
+ TODO: check
+CVE-2011-1560 (solid.exe in IBM solidDB before 4.5.181, 6.0.x before 6.0.1067, 6.1.x ...)
+ TODO: check
+CVE-2011-1561 (The LDAP login feature in bos.rte.security 6.1.6.4 in IBM AIX 6.1, ...)
+ TODO: check
+CVE-2011-1562 (Ecava IntegraXor HMI before n 3.60 (Build 4032) allows remote ...)
+ TODO: check
+CVE-2011-1563 (Multiple stack-based buffer overflows in the HMI application in DATAC ...)
+ TODO: check
+CVE-2011-1564 (Multiple integer overflows in the HMI application in DATAC RealFlex ...)
+ TODO: check
+CVE-2011-1565 (Directory traversal vulnerability in IGSSdataServer.exe 9.00.00.11063 ...)
+ TODO: check
+CVE-2011-1566 (Directory traversal vulnerability in dc.exe 9.00.00.11059 and earlier ...)
+ TODO: check
+CVE-2011-1567 (Multiple stack-based buffer overflows in IGSSdataServer.exe ...)
+ TODO: check
+CVE-2011-1568 (Format string vulnerability in the logText function in shmemmgr9.dll ...)
+ TODO: check
+CVE-2011-1569 (download.aspx in Douran Portal 3.9.7.8 allows remote attackers to ...)
+ TODO: check
+CVE-2011-1570 (Cross-site scripting (XSS) vulnerability in Liferay Portal Community ...)
+ TODO: check
+CVE-2011-1571 (Unspecified vulnerability in the XSL Content portlet in Liferay Portal ...)
+ TODO: check
+CVE-2011-1572
+ RESERVED
+CVE-2011-1573
+ RESERVED
+CVE-2011-1574 (Stack-based buffer overflow in the ReadS3M method in load_s3m.cpp in ...)
+ TODO: check
+CVE-2011-1575
+ RESERVED
+CVE-2011-1576
+ RESERVED
+CVE-2011-1577 (Heap-based buffer overflow in the is_gpt_valid function in ...)
+ TODO: check
+CVE-2011-1578 (Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.3, ...)
+ TODO: check
+CVE-2011-1579 (The checkCss function in includes/Sanitizer.php in the wikitext parser ...)
+ TODO: check
+CVE-2011-1580 (The transwiki import functionality in MediaWiki before 1.16.3 does not ...)
+ TODO: check
+CVE-2011-1581
+ RESERVED
+CVE-2011-1582
+ RESERVED
+CVE-2011-1583
+ RESERVED
+CVE-2011-1584
+ RESERVED
+CVE-2011-1585
+ RESERVED
+CVE-2011-1586 (Directory traversal vulnerability in the ...)
+ TODO: check
+CVE-2011-1587 (Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.4, ...)
+ TODO: check
+CVE-2011-1588
+ RESERVED
+CVE-2011-1589 (Directory traversal vulnerability in Path.pm in Mojolicious before ...)
+ TODO: check
+CVE-2011-1590 (The X.509if dissector in Wireshark 1.2.x before 1.2.16 and 1.4.x ...)
+ TODO: check
+CVE-2011-1591 (Stack-based buffer overflow in the DECT dissector in ...)
+ TODO: check
+CVE-2011-1592 (The NFS dissector in epan/dissectors/packet-nfs.c in Wireshark 1.4.x ...)
+ TODO: check
+CVE-2011-1593 (Multiple integer overflows in the next_pidmap function in kernel/pid.c ...)
+ TODO: check
+CVE-2011-1594
+ RESERVED
+CVE-2011-1595
+ RESERVED
+CVE-2011-1596
+ RESERVED
+CVE-2011-1597
+ RESERVED
+CVE-2011-1598 (The bcm_release function in net/can/bcm.c in the Linux kernel before ...)
+ TODO: check
+CVE-2011-1599 (manager.c in the Manager Interface in Asterisk Open Source 1.4.x ...)
+ TODO: check
+CVE-2011-1600
+ RESERVED
+CVE-2011-1601
+ RESERVED
+CVE-2011-1602
+ RESERVED
+CVE-2011-1603
+ RESERVED
+CVE-2011-1604 (Memory leak in Cisco Unified Communications Manager (aka CUCM, ...)
+ TODO: check
+CVE-2011-1605 (Unspecified vulnerability in Cisco Unified Communications Manager (aka ...)
+ TODO: check
+CVE-2011-1606 (Unspecified vulnerability in Cisco Unified Communications Manager (aka ...)
+ TODO: check
+CVE-2011-1607 (Directory traversal vulnerability in Cisco Unified Communications ...)
+ TODO: check
+CVE-2011-1608
+ RESERVED
+CVE-2011-1609 (SQL injection vulnerability in Cisco Unified Communications Manager ...)
+ TODO: check
+CVE-2011-1610 (Multiple SQL injection vulnerabilities in xmldirectorylist.jsp in the ...)
+ TODO: check
+CVE-2011-1611
+ RESERVED
+CVE-2011-1612
+ RESERVED
+CVE-2011-1613 (Unspecified vulnerability in Cisco Wireless LAN Controller (WLC) ...)
+ TODO: check
+CVE-2011-1614
+ RESERVED
+CVE-2011-1615
+ RESERVED
+CVE-2011-1616
+ RESERVED
+CVE-2011-1617
+ RESERVED
+CVE-2011-1618
+ RESERVED
+CVE-2011-1619
+ RESERVED
+CVE-2011-1620
+ RESERVED
+CVE-2011-1621
+ RESERVED
+CVE-2011-1622
+ RESERVED
+CVE-2011-1623
+ RESERVED
+CVE-2011-1624
+ RESERVED
+CVE-2011-1625
+ RESERVED
+CVE-2011-1626
+ RESERVED
+CVE-2011-1627
+ RESERVED
+CVE-2011-1628
+ RESERVED
+CVE-2011-1629
+ RESERVED
+CVE-2011-1630
+ RESERVED
+CVE-2011-1631
+ RESERVED
+CVE-2011-1632
+ RESERVED
+CVE-2011-1633
+ RESERVED
+CVE-2011-1634
+ RESERVED
+CVE-2011-1635
+ RESERVED
+CVE-2011-1636
+ RESERVED
+CVE-2011-1637
+ RESERVED
+CVE-2011-1638
+ RESERVED
+CVE-2011-1639
+ RESERVED
+CVE-2011-1640
+ RESERVED
+CVE-2011-1641
+ RESERVED
+CVE-2011-1642
+ RESERVED
+CVE-2011-1643
+ RESERVED
+CVE-2011-1644
+ RESERVED
+CVE-2011-1645
+ RESERVED
+CVE-2011-1646
+ RESERVED
+CVE-2011-1647
+ RESERVED
+CVE-2011-1648
+ RESERVED
+CVE-2011-1649
+ RESERVED
+CVE-2011-1650
+ RESERVED
+CVE-2011-1651
+ RESERVED
+CVE-2011-1652 (** DISPUTED ** The default configuration of Microsoft Windows 7 ...)
+ TODO: check
+CVE-2011-1653 (Multiple SQL injection vulnerabilities in the Unified Network Control ...)
+ TODO: check
+CVE-2011-1654 (Directory traversal vulnerability in the Heartbeat Web Service in ...)
+ TODO: check
+CVE-2011-1655 (The management.asmx module in the Management Web Service in the ...)
+ TODO: check
+CVE-2011-1656
+ RESERVED
+CVE-2011-1657
+ RESERVED
+CVE-2011-1658 (ld.so in the GNU C Library (aka glibc or libc6) 2.13 and earlier ...)
+ TODO: check
+CVE-2011-1659 (Integer overflow in posix/fnmatch.c in the GNU C Library (aka glibc or ...)
+ TODO: check
+CVE-2011-1660 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+ TODO: check
+CVE-2011-1661 (The Node Quick Find module 6.x-1.1 for Drupal does not use ...)
+ TODO: check
+CVE-2011-1662 (Cross-site scripting (XSS) vulnerability in Translation Management ...)
+ TODO: check
+CVE-2011-1663 (SQL injection vulnerability in Translation Management module 6.x ...)
+ TODO: check
+CVE-2011-1664 (Cross-site request forgery (CSRF) vulnerability in Translation ...)
+ TODO: check
+CVE-2011-1665 (PHPBoost 3.0 stores sensitive information under the web root with ...)
+ TODO: check
+CVE-2011-1666 (Metaways Tine 2.0 allows remote attackers to obtain sensitive ...)
+ TODO: check
+CVE-2011-1667 (SQL injection vulnerability in index.php in Anzeigenmarkt 2011 allows ...)
+ TODO: check
+CVE-2011-1668 (Cross-site scripting (XSS) vulnerability in search.php in AR Web ...)
+ TODO: check
+CVE-2011-1669 (Directory traversal vulnerability in wp-download.php in WP Custom ...)
+ TODO: check
+CVE-2011-1670 (Cross-site scripting (XSS) vulnerability in actions/add.php in InTerra ...)
+ TODO: check
+CVE-2011-1671 (Cross-site scripting (XSS) vulnerability in ...)
+ TODO: check
+CVE-2011-1672 (The Dell KACE K2000 Systems Deployment Appliance 3.3.36822 and earlier ...)
+ TODO: check
+CVE-2011-1673 (BackupConfig.php on the NetGear ProSafe WNAP210 allows remote ...)
+ TODO: check
+CVE-2011-1674 (The NetGear ProSafe WNAP210 with firmware 2.0.12 allows remote ...)
+ TODO: check
+CVE-2011-1675 (mount in util-linux 2.19 and earlier attempts to append to the ...)
+ TODO: check
+CVE-2011-1676 (mount in util-linux 2.19 and earlier does not remove the /etc/mtab.tmp ...)
+ TODO: check
+CVE-2011-1677 (mount in util-linux 2.19 and earlier does not remove the /etc/mtab~ ...)
+ TODO: check
+CVE-2011-1678 (smbfs in Samba 3.5.8 and earlier attempts to use (1) mount.cifs to ...)
+ TODO: check
+CVE-2011-1679 (ncpfs 2.2.6 and earlier attempts to use (1) ncpmount to append to the ...)
+ TODO: check
+CVE-2011-1680 (ncpmount in ncpfs 2.2.6 and earlier does not remove the /etc/mtab~ ...)
+ TODO: check
+CVE-2011-1681 (vmware-hgfsmounter in VMware Open Virtual Machine Tools (aka ...)
+ TODO: check
+CVE-2011-1682 (Multiple cross-site request forgery (CSRF) vulnerabilities in phpList ...)
+ TODO: check
+CVE-2011-1683 (IBM WebSphere Application Server (WAS) 6.0.x through 6.0.2.43, 6.1.x ...)
+ TODO: check
+CVE-2011-1684 (Heap-based buffer overflow in the MP4_ReadBox_skcr function in ...)
+ TODO: check
+CVE-2011-1685 (Best Practical Solutions RT 3.8.0 through 3.8.9 and 4.0.0rc through ...)
+ TODO: check
+CVE-2011-1686 (Multiple SQL injection vulnerabilities in Best Practical Solutions RT ...)
+ TODO: check
+CVE-2011-1687 (Best Practical Solutions RT 3.0.0 through 3.6.10, 3.8.0 through 3.8.9, ...)
+ TODO: check
+CVE-2011-1688 (Directory traversal vulnerability in Best Practical Solutions RT 3.2.0 ...)
+ TODO: check
+CVE-2011-1689 (Multiple cross-site scripting (XSS) vulnerabilities in Best Practical ...)
+ TODO: check
+CVE-2011-1690 (Best Practical Solutions RT 3.6.0 through 3.6.10 and 3.8.0 through ...)
+ TODO: check
+CVE-2011-1691 (The counterToCSSValue function in CSSComputedStyleDeclaration.cpp in ...)
+ TODO: check
+CVE-2011-1692
+ RESERVED
+CVE-2011-1693
+ RESERVED
+CVE-2011-1694
+ RESERVED
+CVE-2011-1695
+ RESERVED
+CVE-2011-1696
+ RESERVED
+CVE-2011-1697
+ RESERVED
+CVE-2011-1698
+ RESERVED
+CVE-2011-1699
+ RESERVED
+CVE-2011-1700
+ RESERVED
+CVE-2011-1701
+ RESERVED
+CVE-2011-1702
+ RESERVED
+CVE-2011-1703
+ RESERVED
+CVE-2011-1704
+ RESERVED
+CVE-2011-1705
+ RESERVED
+CVE-2011-1706
+ RESERVED
+CVE-2011-1707
+ RESERVED
+CVE-2011-1708
+ RESERVED
+CVE-2011-1709
+ RESERVED
+CVE-2011-1710
+ RESERVED
+CVE-2011-1711
+ RESERVED
+CVE-2011-1712 (The txXPathNodeUtils::getXSLTId function in ...)
+ TODO: check
+CVE-2011-1713 (Microsoft msxml.dll, as used in Internet Explorer 8 on Windows 7, ...)
+ TODO: check
+CVE-2011-1714 (Cross-site scripting (XSS) vulnerability in ...)
+ TODO: check
+CVE-2011-1715 (Directory traversal vulnerability in ...)
+ TODO: check
+CVE-2011-1716 (Multiple cross-site scripting (XSS) vulnerabilities in the Web UI in ...)
+ TODO: check
+CVE-2011-1717 (Skype for Android stores sensitive user data without encryption in ...)
+ TODO: check
+CVE-2011-1718 (The Web Agents component in CA SiteMinder R6 before SP6 CR2 and R12 ...)
+ TODO: check
+CVE-2011-1719 (Multiple stack-based buffer overflows in the Web Viewer ActiveX ...)
+ TODO: check
+CVE-2011-1720
+ RESERVED
+CVE-2011-1721 (Cross-site request forgery (CSRF) vulnerability in ...)
+ TODO: check
+CVE-2011-1722 (Multiple SQL injection vulnerabilities in WEC Discussion Forum ...)
+ TODO: check
+CVE-2011-1723 (Cross-site scripting (XSS) vulnerability in ...)
+ TODO: check
+CVE-2011-1724 (Unspecified vulnerability in HP Virtual Server Environment before 6.3 ...)
+ TODO: check
+CVE-2011-1725 (Unspecified vulnerability in HP Network Automation 7.2x, 7.5x, 7.6x, ...)
+ TODO: check
+CVE-2011-1726 (Cross-site scripting (XSS) vulnerability in HP SiteScope 9.54, 10.13, ...)
+ TODO: check
+CVE-2011-1727 (Cross-site scripting (XSS) vulnerability in HP SiteScope 9.54, 10.13, ...)
+ TODO: check
+CVE-2011-1728 (Stack-based buffer overflow in OmniInet.exe in the Backup Client ...)
+ TODO: check
+CVE-2011-1729 (Stack-based buffer overflow in OmniInet.exe in the Backup Client ...)
+ TODO: check
+CVE-2011-1730 (Stack-based buffer overflow in OmniInet.exe in the Backup Client ...)
+ TODO: check
+CVE-2011-1731 (Stack-based buffer overflow in OmniInet.exe in the Backup Client ...)
+ TODO: check
+CVE-2011-1732 (Stack-based buffer overflow in OmniInet.exe in the Backup Client ...)
+ TODO: check
+CVE-2011-1733 (Stack-based buffer overflow in OmniInet.exe in the Backup Client ...)
+ TODO: check
+CVE-2011-1734 (Stack-based buffer overflow in OmniInet.exe in the Backup Client ...)
+ TODO: check
+CVE-2011-1735 (Stack-based buffer overflow in OmniInet.exe in the Backup Client ...)
+ TODO: check
+CVE-2011-1736 (Directory traversal vulnerability in OmniInet.exe in the Backup Client ...)
+ TODO: check
+CVE-2011-1737
+ RESERVED
+CVE-2011-1738
+ RESERVED
+CVE-2011-1739 (The makemask function in mountd.c in mountd in FreeBSD 7.4 through 8.2 ...)
+ TODO: check
+CVE-2011-1740
+ RESERVED
+CVE-2011-1741
+ RESERVED
+CVE-2011-1742
+ RESERVED
+CVE-2011-1743
+ RESERVED
+CVE-2011-1744
+ RESERVED
+CVE-2011-1745 (Integer overflow in the agp_generic_insert_memory function in ...)
+ TODO: check
+CVE-2011-1746 (Multiple integer overflows in the (1) agp_allocate_memory and (2) ...)
+ TODO: check
+CVE-2011-1747 (The agp subsystem in the Linux kernel 2.6.38.5 and earlier does not ...)
+ TODO: check
+CVE-2011-1748 (The raw_release function in net/can/raw.c in the Linux kernel before ...)
+ TODO: check
+CVE-2011-1749
+ RESERVED
+CVE-2011-1750
+ RESERVED
+CVE-2011-1751
+ RESERVED
+CVE-2011-1752
+ RESERVED
+CVE-2011-1753
+ RESERVED
+CVE-2011-1754
+ RESERVED
+CVE-2011-1755
+ RESERVED
+CVE-2011-1756
+ RESERVED
+CVE-2011-1757
+ RESERVED
+CVE-2011-1758
+ RESERVED
+CVE-2011-1759
+ RESERVED
+CVE-2011-1760
+ RESERVED
+CVE-2011-1761
+ RESERVED
+CVE-2011-1762
+ RESERVED
+CVE-2011-1763
+ RESERVED
+CVE-2011-1764
+ RESERVED
+CVE-2011-1765
+ RESERVED
+CVE-2011-1766
+ RESERVED
+CVE-2011-1767
+ RESERVED
+CVE-2011-1768
+ RESERVED
+CVE-2011-1769
+ RESERVED
+CVE-2011-1770
+ RESERVED
+CVE-2011-1771
+ RESERVED
+CVE-2011-1772
+ RESERVED
+CVE-2011-1773
+ RESERVED
+CVE-2011-1774
+ RESERVED
+CVE-2011-1775
+ RESERVED
+CVE-2011-1776
+ RESERVED
+CVE-2011-1777
+ RESERVED
+CVE-2011-1778
+ RESERVED
+CVE-2011-1779
+ RESERVED
+CVE-2011-1780
+ RESERVED
+CVE-2011-1781
+ RESERVED
+CVE-2011-1782
+ RESERVED
+CVE-2011-1783
+ RESERVED
+CVE-2011-1784
+ RESERVED
+CVE-2011-1785 (VMware ESXi 4.0 and 4.1 and ESX 4.0 and 4.1 allow remote attackers to ...)
+ TODO: check
+CVE-2011-1786 (lsassd in Likewise Open /Enterprise 5.3 before build 7845, Open 6.0 ...)
+ TODO: check
+CVE-2011-1787
+ RESERVED
+CVE-2011-1788 (vCenter Server in VMware vCenter 4.0 before Update 3 and 4.1 before ...)
+ TODO: check
+CVE-2011-1789 (The self-extracting installer in the vSphere Client Installer package ...)
+ TODO: check
+CVE-2011-1790
+ RESERVED
+CVE-2011-1791
+ RESERVED
+CVE-2011-1792
+ RESERVED
+CVE-2011-1793
+ RESERVED
+CVE-2011-1794
+ RESERVED
+CVE-2011-1795
+ RESERVED
+CVE-2011-1796
+ RESERVED
+CVE-2011-1797
+ RESERVED
+CVE-2011-1798
+ RESERVED
+CVE-2011-1799
+ RESERVED
+CVE-2011-1800
+ RESERVED
+CVE-2011-1801
+ RESERVED
+CVE-2011-1802
+ RESERVED
+CVE-2011-1803
+ RESERVED
+CVE-2011-1804
+ RESERVED
+CVE-2011-1805
+ RESERVED
+CVE-2011-1806
+ RESERVED
+CVE-2011-1807
+ RESERVED
+CVE-2011-1808
+ RESERVED
+CVE-2011-1809
+ RESERVED
+CVE-2011-1810
+ RESERVED
+CVE-2011-1811
+ RESERVED
+CVE-2011-1812
+ RESERVED
+CVE-2011-1813
+ RESERVED
+CVE-2011-1814
+ RESERVED
+CVE-2011-1815
+ RESERVED
+CVE-2011-1816
+ RESERVED
+CVE-2011-1817
+ RESERVED
+CVE-2011-1818
+ RESERVED
+CVE-2011-1819
+ RESERVED
+CVE-2011-1820 (IBM Tivoli Directory Server (TDS) 5.2 before 5.2.0.5-TIV-ITDS-IF0010, ...)
+ TODO: check
+CVE-2011-1821 (IBM Tivoli Directory Server (TDS) 5.2 before 5.2.0.5-TIV-ITDS-IF0010 ...)
+ TODO: check
+CVE-2011-1822 (The LDAP_ADD implementation in IBM Tivoli Directory Server (TDS) 5.2 ...)
+ TODO: check
+CVE-2011-1823
+ RESERVED
+CVE-2011-1824 (The VEGAOpBitmap::AddLine function in Opera before 10.61 does not ...)
+ TODO: check
+CVE-2011-1825 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+ TODO: check
+CVE-2011-1826 (Open redirect vulnerability in the Administrative Console in CA Arcot ...)
+ TODO: check
+CVE-2011-1827
+ RESERVED
+CVE-2011-1828
+ RESERVED
+CVE-2011-1829
+ RESERVED
+CVE-2011-1830
+ RESERVED
+CVE-2011-1831
+ RESERVED
+CVE-2011-1832
+ RESERVED
+CVE-2011-1833
+ RESERVED
+CVE-2011-1834
+ RESERVED
+CVE-2011-1835
+ RESERVED
+CVE-2011-1836
+ RESERVED
+CVE-2011-1837
+ RESERVED
+CVE-2011-1838
+ RESERVED
+CVE-2011-1839 (IBM Rational Build Forge 7.1.0 uses the HTTP GET method during ...)
+ TODO: check
+CVE-2011-1840
+ RESERVED
+CVE-2011-1841 (Cross-site scripting (XSS) vulnerability in the link_to helper in ...)
+ TODO: check
+CVE-2011-1842 (dbus_backend/lsd.py in the D-Bus backend in language-selector before ...)
+ TODO: check
+CVE-2011-1843 (Integer overflow in conf.c in Tinyproxy before 1.8.3 might allow ...)
+ TODO: check
+CVE-2011-1844 (Memory leak in Microsoft Silverlight 4 before 4.0.60310.0 allows ...)
+ TODO: check
+CVE-2011-1845 (Multiple memory leaks in the DataGrid control implementation in ...)
+ TODO: check
+CVE-2011-1846 (IBM DB2 9.5 before FP7 and 9.7 before FP4 on Linux, UNIX, and Windows ...)
+ TODO: check
+CVE-2011-1847 (IBM DB2 9.5 before FP7 and 9.7 before FP4 on Linux, UNIX, and Windows ...)
+ TODO: check
+CVE-2011-1848
+ RESERVED
+CVE-2011-1849
+ RESERVED
+CVE-2011-1850
+ RESERVED
+CVE-2011-1851
+ RESERVED
+CVE-2011-1852
+ RESERVED
+CVE-2011-1853
+ RESERVED
+CVE-2011-1854
+ RESERVED
+CVE-2011-1855
+ RESERVED
+CVE-2011-1856
+ RESERVED
+CVE-2011-1857
+ RESERVED
+CVE-2011-1858
+ RESERVED
+CVE-2011-1859
+ RESERVED
+CVE-2011-1860
+ RESERVED
+CVE-2011-1861
+ RESERVED
+CVE-2011-1862
+ RESERVED
+CVE-2011-1863
+ RESERVED
+CVE-2011-1864
+ RESERVED
+CVE-2011-1865
+ RESERVED
+CVE-2011-1866
+ RESERVED
+CVE-2011-1867
+ RESERVED
+CVE-2011-1868
+ RESERVED
+CVE-2011-1869
+ RESERVED
+CVE-2011-1870
+ RESERVED
+CVE-2011-1871
+ RESERVED
+CVE-2011-1872
+ RESERVED
+CVE-2011-1873
+ RESERVED
+CVE-2011-1874
+ RESERVED
+CVE-2011-1875
+ RESERVED
+CVE-2011-1876
+ RESERVED
+CVE-2011-1877
+ RESERVED
+CVE-2011-1878
+ RESERVED
+CVE-2011-1879
+ RESERVED
+CVE-2011-1880
+ RESERVED
+CVE-2011-1881
+ RESERVED
+CVE-2011-1882
+ RESERVED
+CVE-2011-1883
+ RESERVED
+CVE-2011-1884
+ RESERVED
+CVE-2011-1885
+ RESERVED
+CVE-2011-1886
+ RESERVED
+CVE-2011-1887
+ RESERVED
+CVE-2011-1888
+ RESERVED
+CVE-2011-1889
+ RESERVED
+CVE-2011-1890
+ RESERVED
+CVE-2011-1891
+ RESERVED
+CVE-2011-1892
+ RESERVED
+CVE-2011-1893
+ RESERVED
+CVE-2011-1894
+ RESERVED
+CVE-2011-1895
+ RESERVED
+CVE-2011-1896
+ RESERVED
+CVE-2011-1897
+ RESERVED
+CVE-2011-1898
+ RESERVED
+CVE-2011-1899
+ RESERVED
+CVE-2011-1900 (Directory traversal vulnerability in NTWebServer in InduSoft Web ...)
+ TODO: check
+CVE-2011-1901 (The mail-filter web interface in Proofpoint Messaging Security Gateway ...)
+ TODO: check
+CVE-2011-1902 (Directory traversal vulnerability in the web interface in Proofpoint ...)
+ TODO: check
+CVE-2011-1903 (SQL injection vulnerability in an unspecified function in Proofpoint ...)
+ TODO: check
+CVE-2011-1904 (An unspecified function in the web interface in Proofpoint Messaging ...)
+ TODO: check
+CVE-2011-1905 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
+ TODO: check
+CVE-2011-1906 (Trustwave WebDefend Enterprise before 5.0 7.01.903-1.4 stores specific ...)
+ TODO: check
+CVE-2011-1907 (ISC BIND 9.8.x before 9.8.0-P1, when Response Policy Zones (RPZ) RRset ...)
+ TODO: check
+CVE-2011-1908
+ RESERVED
+CVE-2011-1909
+ RESERVED
+CVE-2011-1910
+ RESERVED
+CVE-2011-1911
+ RESERVED
+CVE-2011-1912
+ RESERVED
+CVE-2011-1913
+ RESERVED
+CVE-2011-1914
+ RESERVED
+CVE-2011-1915
+ RESERVED
+CVE-2011-1916
+ RESERVED
+CVE-2011-1917
+ RESERVED
+CVE-2011-1918
+ RESERVED
+CVE-2011-1919
+ RESERVED
+CVE-2011-1920
+ RESERVED
+CVE-2011-1921
+ RESERVED
+CVE-2011-1922
+ RESERVED
+CVE-2011-1923
+ RESERVED
+CVE-2011-1924
+ RESERVED
+CVE-2011-1925
+ RESERVED
+CVE-2011-1926
+ RESERVED
+CVE-2011-1927
+ RESERVED
+CVE-2011-1928
+ RESERVED
+CVE-2011-1929
+ RESERVED
+CVE-2011-1930
+ RESERVED
+CVE-2011-1931
+ RESERVED
+CVE-2011-1932
+ RESERVED
+CVE-2011-1933
+ RESERVED
+CVE-2011-1934
+ RESERVED
+CVE-2011-1935
+ RESERVED
+CVE-2011-1936
+ RESERVED
+CVE-2011-1937
+ RESERVED
+CVE-2011-1938
+ RESERVED
+CVE-2011-1939
+ RESERVED
+CVE-2011-1940
+ RESERVED
+CVE-2011-1941
+ RESERVED
+CVE-2011-1942
+ RESERVED
+CVE-2011-1943
+ RESERVED
+CVE-2011-1944
+ RESERVED
+CVE-2011-1945
+ RESERVED
+CVE-2011-1946
+ RESERVED
+CVE-2011-1947
+ RESERVED
+CVE-2011-1948
+ RESERVED
+CVE-2011-1949
+ RESERVED
+CVE-2011-1950
+ RESERVED
+CVE-2011-1951
+ RESERVED
+CVE-2011-1952
+ RESERVED
+CVE-2011-1953
+ RESERVED
+CVE-2011-1954
+ RESERVED
+CVE-2011-1955
+ RESERVED
+CVE-2011-1956
+ RESERVED
+CVE-2011-1957
+ RESERVED
+CVE-2011-1958
+ RESERVED
+CVE-2011-1959
+ RESERVED
+CVE-2011-1960
+ RESERVED
+CVE-2011-1961
+ RESERVED
+CVE-2011-1962
+ RESERVED
+CVE-2011-1963
+ RESERVED
+CVE-2011-1964
+ RESERVED
+CVE-2011-1965
+ RESERVED
+CVE-2011-1966
+ RESERVED
+CVE-2011-1967
+ RESERVED
+CVE-2011-1968
+ RESERVED
+CVE-2011-1969
+ RESERVED
+CVE-2011-1970
+ RESERVED
+CVE-2011-1971
+ RESERVED
+CVE-2011-1972
+ RESERVED
+CVE-2011-1973
+ RESERVED
+CVE-2011-1974
+ RESERVED
+CVE-2011-1975
+ RESERVED
+CVE-2011-1976
+ RESERVED
+CVE-2011-1977
+ RESERVED
+CVE-2011-1978
+ RESERVED
+CVE-2011-1979
+ RESERVED
+CVE-2011-1980
+ RESERVED
+CVE-2011-1981
+ RESERVED
+CVE-2011-1982
+ RESERVED
+CVE-2011-1983
+ RESERVED
+CVE-2011-1984
+ RESERVED
+CVE-2011-1985
+ RESERVED
+CVE-2011-1986
+ RESERVED
+CVE-2011-1987
+ RESERVED
+CVE-2011-1988
+ RESERVED
+CVE-2011-1989
+ RESERVED
+CVE-2011-1990
+ RESERVED
+CVE-2011-1991
+ RESERVED
+CVE-2011-1992
+ RESERVED
+CVE-2011-1993
+ RESERVED
+CVE-2011-1994
+ RESERVED
+CVE-2011-1995
+ RESERVED
+CVE-2011-1996
+ RESERVED
+CVE-2011-1997
+ RESERVED
+CVE-2011-1998
+ RESERVED
+CVE-2011-1999
+ RESERVED
+CVE-2011-2000
+ RESERVED
+CVE-2011-2001
+ RESERVED
+CVE-2011-2002
+ RESERVED
+CVE-2011-2003
+ RESERVED
+CVE-2011-2004
+ RESERVED
+CVE-2011-2005
+ RESERVED
+CVE-2011-2006
+ RESERVED
+CVE-2011-2007
+ RESERVED
+CVE-2011-2008
+ RESERVED
+CVE-2011-2009
+ RESERVED
+CVE-2011-2010
+ RESERVED
+CVE-2011-2011
+ RESERVED
+CVE-2011-2012
+ RESERVED
+CVE-2011-2013
+ RESERVED
+CVE-2011-2014
+ RESERVED
+CVE-2011-2015
+ RESERVED
+CVE-2011-2016
+ RESERVED
+CVE-2011-2017
+ RESERVED
+CVE-2011-2018
+ RESERVED
+CVE-2011-2019
+ RESERVED
+CVE-2011-2020
+ RESERVED
+CVE-2011-2021
+ RESERVED
+CVE-2011-2022 (The agp_generic_remove_memory function in drivers/char/agp/generic.c ...)
+ TODO: check
+CVE-2011-2023
+ RESERVED
+CVE-2011-2024
+ RESERVED
+CVE-2011-2025
+ RESERVED
+CVE-2011-2026
+ RESERVED
+CVE-2011-2027
+ RESERVED
+CVE-2011-2028
+ RESERVED
+CVE-2011-2029
+ RESERVED
+CVE-2011-2030
+ RESERVED
+CVE-2011-2031
+ RESERVED
+CVE-2011-2032
+ RESERVED
+CVE-2011-2033
+ RESERVED
+CVE-2011-2034
+ RESERVED
+CVE-2011-2035
+ RESERVED
+CVE-2011-2036
+ RESERVED
+CVE-2011-2037
+ RESERVED
+CVE-2011-2038
+ RESERVED
+CVE-2011-2039
+ RESERVED
+CVE-2011-2040
+ RESERVED
+CVE-2011-2041
+ RESERVED
+CVE-2011-2042
+ RESERVED
+CVE-2011-2043
+ RESERVED
+CVE-2011-2044
+ RESERVED
+CVE-2011-2045
+ RESERVED
+CVE-2011-2046
+ RESERVED
+CVE-2011-2047
+ RESERVED
+CVE-2011-2048
+ RESERVED
+CVE-2011-2049
+ RESERVED
+CVE-2011-2050
+ RESERVED
+CVE-2011-2051
+ RESERVED
+CVE-2011-2052
+ RESERVED
+CVE-2011-2053
+ RESERVED
+CVE-2011-2054
+ RESERVED
+CVE-2011-2055
+ RESERVED
+CVE-2011-2056
+ RESERVED
+CVE-2011-2057
+ RESERVED
+CVE-2011-2058
+ RESERVED
+CVE-2011-2059
+ RESERVED
+CVE-2011-2060
+ RESERVED
+CVE-2011-2061
+ RESERVED
+CVE-2011-2062
+ RESERVED
+CVE-2011-2063
+ RESERVED
+CVE-2011-2064
+ RESERVED
+CVE-2011-2065
+ RESERVED
+CVE-2011-2066
+ RESERVED
+CVE-2011-2067
+ RESERVED
+CVE-2011-2068
+ RESERVED
+CVE-2011-2069
+ RESERVED
+CVE-2011-2070
+ RESERVED
+CVE-2011-2071
+ RESERVED
+CVE-2011-2072
+ RESERVED
+CVE-2011-2073
+ RESERVED
+CVE-2011-2074 (Unspecified vulnerability in the client in Skype 5.x before 5.1.0.922 ...)
+ TODO: check
+CVE-2011-2075 (Unspecified vulnerability in Google Chrome 11.0.696.65 on Windows 7 ...)
+ TODO: check
+CVE-2011-2076 (MediaCAST 8 and earlier stores passwords in cleartext, which makes it ...)
+ TODO: check
+CVE-2011-2077 (The default configuration of the New Atlanta BlueDragon administrative ...)
+ TODO: check
+CVE-2011-2078 (Multiple cross-site scripting (XSS) vulnerabilities in the New Atlanta ...)
+ TODO: check
+CVE-2011-2079 (MediaCAST 8 and earlier allows remote attackers to have an unspecified ...)
+ TODO: check
+CVE-2011-2080 (Multiple SQL injection vulnerabilities in MediaCAST 8 and earlier ...)
+ TODO: check
+CVE-2011-2081 (MediaCAST 8 and earlier does not properly handle requests for ...)
+ TODO: check
^ permalink raw reply related [flat|nested] 20+ messages in thread
* [gentoo-commits] proj/security:master commit in: data/CVE/
@ 2014-08-04 23:45 Pavlos Ratis
0 siblings, 0 replies; 20+ messages in thread
From: Pavlos Ratis @ 2014-08-04 23:45 UTC (permalink / raw
To: gentoo-commits
commit: 8b953fe2c9b5ed6958a74c464ee607b7ec8f80da
Author: Stefan Behte <craig <AT> gentoo <DOT> org>
AuthorDate: Sun Mar 27 23:51:55 2011 +0000
Commit: Pavlos Ratis <dastergon <AT> gentoo <DOT> org>
CommitDate: Sun Mar 27 23:51:55 2011 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/security.git;a=commit;h=8b953fe2
MITRE sync
svn path=/; revision=2221
---
data/CVE/list | 3536 ++++++++++++++++++++++++++++++++++++++++++++++-----------
1 file changed, 2865 insertions(+), 671 deletions(-)
diff --git a/data/CVE/list b/data/CVE/list
index 28ea497..b9de8d6 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -18316,8 +18316,7 @@ CVE-2004-0692 (The XPM parser in the QT library (qt3) before 3.3.3 allows remote
BUG: 60855
CVE-2004-0693 (The GIF parser in the QT library (qt3) before 3.3.3 allows remote ...)
BUG: 60855
-CVE-2004-0694
- RESERVED
+CVE-2004-0694 (Buffer overflow in LHA 1.14 and earlier allows remote attackers to ...)
BUG: 62618
CVE-2004-0695 (Stack-based buffer overflow in the FTP service for 4D WebSTAR 5.3.2 ...)
NOT-FOR-US: Data pre-dating the Security Tracker
@@ -50938,7 +50937,7 @@ CVE-2007-1781 (Minna De Office 1.x and 2.x does not properly restrict user acces
CVE-2007-1782 (CruiseWorks 1.09e and earlier does not properly restrict user access ...)
TODO: check-old
CVE-2007-1783
- RESERVED
+ REJECTED
CVE-2007-1784 (The JNILoader ActiveX control (STJNILoader.ocx) 3.1.0.26 in IBM Lotus ...)
TODO: check-old
CVE-2007-1785 (The RPC service in mediasvr.exe in CA BrightStor ARCserve Backup 11.5 ...)
@@ -66941,7 +66940,7 @@ CVE-2008-2954 (client/NmdcHub.cpp in Linux DC++ (linuxdcpp) before 0.707 allows
BUG: 230075
CVE-2008-2955 (Pidgin 2.4.1 allows remote attackers to cause a denial of service ...)
BUG: 230045
-CVE-2008-2956 (Memory leak in Pidgin 2.0.0, and possibly other versions, allows ...)
+CVE-2008-2956 (** DISPUTED ** ...)
BUG: 230045
CVE-2008-2957 (The UPnP functionality in Pidgin 2.0.0, and possibly other versions, ...)
BUG: 230045
@@ -67852,7 +67851,7 @@ CVE-2008-3406 (SQL injection vulnerability in showcat.php in phpLinkat 0.1 allow
NOT-FOR-US: phpLinkat
CVE-2008-3407 (phpLinkat 0.1 allows remote attackers to bypass authentication and ...)
NOT-FOR-US: phpLinkat
-CVE-2008-3408 (Stack-based buffer overflow in CoolPlayer allows user-assisted remote ...)
+CVE-2008-3408 (Stack-based buffer overflow in CoolPlayer 2.18, and possibly other ...)
NOT-FOR-US: CoolPlayer
CVE-2008-3409 (Buffer overflow in Unreal Tournament 3 1.3beta4 and earlier allows ...)
NOT-FOR-US: not in tree
@@ -75604,6 +75603,32 @@ CVE-2008-7272
RESERVED
CVE-2008-7273
RESERVED
+CVE-2008-7274 (IBM WebSphere Application Server (WAS) 6.1.0.9, when the JAAS Login ...)
+ TODO: check
+CVE-2008-7275 (Multiple cross-site scripting (XSS) vulnerabilities in Open Ticket ...)
+ TODO: check
+CVE-2008-7276 (Kernel/System/Web/Request.pm in Open Ticket Request System (OTRS) ...)
+ TODO: check
+CVE-2008-7277 (Open Ticket Request System (OTRS) before 2.3.0-beta4 checks for the rw ...)
+ TODO: check
+CVE-2008-7278 (The S/MIME feature in Open Ticket Request System (OTRS) before 2.2.5, ...)
+ TODO: check
+CVE-2008-7279 (The CustomerInterface component in Open Ticket Request System (OTRS) ...)
+ TODO: check
+CVE-2008-7280 (Kernel/System/EmailParser.pm in PostmasterPOP3.pl in Open Ticket ...)
+ TODO: check
+CVE-2008-7281 (Open Ticket Request System (OTRS) before 2.2.7 sends e-mail containing ...)
+ TODO: check
+CVE-2008-7282 (Kernel/Output/HTML/CustomerNewTicketQueueSelectionGeneric.pm in Open ...)
+ TODO: check
+CVE-2008-7283 (Open Ticket Request System (OTRS) before 2.2.6, when customer group ...)
+ TODO: check
+CVE-2008-7284 (IBM Lotus Quickr 8.1 before 8100.003 services for Lotus Domino allows ...)
+ TODO: check
+CVE-2008-7285 (Unspecified vulnerability in the docnote string handling ...)
+ TODO: check
+CVE-2008-7286 (IBM Lotus Quickr 8.1 before 8.1.0.2 services for Lotus Domino does not ...)
+ TODO: check
CVE-2009-0001 (Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote ...)
NOT-FOR-US: apple quicktime
CVE-2009-0002 (Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote ...)
@@ -75982,9 +76007,9 @@ CVE-2009-0187 (Stack-based buffer overflow in Orbit Downloader 2.8.2 and 2.8.3,
CVE-2009-0188 (Apple QuickTime before 7.6.2 allows remote attackers to execute ...)
NOT-FOR-US: apple quicktime
CVE-2009-0189
- RESERVED
+ REJECTED
CVE-2009-0190
- RESERVED
+ REJECTED
CVE-2009-0191 (Foxit Reader 2.3 before Build 3902 and 3.0 before Build 1506, ...)
NOT-FOR-US: foxitsoftware foxit_reader
CVE-2009-0192 (Off-by-one error in the iMonitor component in Novell eDirectory 8.8 ...)
@@ -81687,8 +81712,8 @@ CVE-2009-3026 (protocols/jabber/auth.c in libpurple in Pidgin 2.6.0, and possibl
BUG: 283324
CVE-2009-3027 (VRTSweb.exe in VRTSweb in Symantec Backup Exec Continuous Protection ...)
NOT-FOR-US: VRTSweb in Symantec Backup Exec Continuous Protection Server CPS
-CVE-2009-3028
- RESERVED
+CVE-2009-3028 (The Altiris eXpress NS SC Download ActiveX control in ...)
+ TODO: check
CVE-2009-3029 (Cross-site scripting (XSS) vulnerability in the console in Symantec ...)
NOT-FOR-US: symantec securityexpressions_audit_and_compliance_server
CVE-2009-3030 (Cross-site scripting (XSS) vulnerability in Symantec ...)
@@ -85764,6 +85789,28 @@ CVE-2009-5050
RESERVED
CVE-2009-5051 (Hastymail2 before RC 8 does not set the secure flag for the session ...)
TODO: check
+CVE-2009-5052 (Multiple unspecified vulnerabilities in Smarty before 3.0.0 beta 6 ...)
+ TODO: check
+CVE-2009-5053 (Unspecified vulnerability in Smarty before 3.0.0 beta 6 allows remote ...)
+ TODO: check
+CVE-2009-5054 (Smarty before 3.0.0 beta 4 does not consider the umask value when ...)
+ TODO: check
+CVE-2009-5055 (Open Ticket Request System (OTRS) before 2.4.4 grants ticket access on ...)
+ TODO: check
+CVE-2009-5056 (Open Ticket Request System (OTRS) before 2.4.0-beta2 does not properly ...)
+ TODO: check
+CVE-2009-5057 (The S/MIME feature in Open Ticket Request System (OTRS) before 2.3.4 ...)
+ TODO: check
+CVE-2009-5058 (Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.5 ...)
+ TODO: check
+CVE-2009-5059 (Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.10 ...)
+ TODO: check
+CVE-2009-5060 (Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.11 ...)
+ TODO: check
+CVE-2009-5061 (Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.14 ...)
+ TODO: check
+CVE-2009-5062 (IBM Lotus Quickr 8.1 before 8.1.0.15 services for Lotus Domino on AIX ...)
+ TODO: check
CVE-2010-0001 (Integer underflow in the unlzw function in unlzw.c in gzip before 1.4 ...)
BUG: 300943
CVE-2010-0002 (The /etc/profile.d/60alias.sh script in the Mandriva bash package for ...)
@@ -85982,10 +86029,10 @@ CVE-2010-0108 (Buffer overflow in the cliproxy.objects.1 ActiveX control in the
NOT-FOR-US: symantec endpoint_protection
CVE-2010-0109
RESERVED
-CVE-2010-0110
- RESERVED
-CVE-2010-0111
- RESERVED
+CVE-2010-0110 (Multiple stack-based buffer overflows in Intel Alert Management System ...)
+ TODO: check
+CVE-2010-0111 (HDNLRSVC.EXE in the Intel Alert Handler service (aka Symantec Intel ...)
+ TODO: check
CVE-2010-0112 (Multiple SQL injection vulnerabilities in the Administrative Interface ...)
NOT-FOR-US: symantec im_manager
CVE-2010-0113 (The Symantec Norton Mobile Security application 1.0 Beta for Android ...)
@@ -88955,7 +89002,7 @@ CVE-2010-1583 (SQL injection vulnerability in the loadByKey function in the ...)
NOT-FOR-US: tirzen_framework
CVE-2010-1584 (Cross-site scripting (XSS) vulnerability in the Context module before ...)
NOT-FOR-US: steven_jones context
-CVE-2010-1585 (The nsIScriptableUnescapeHTML.parseFragment method in Mozilla Firefox ...)
+CVE-2010-1585 (The nsIScriptableUnescapeHTML.parseFragment method in the ...)
TODO: check
CVE-2010-1586 (Open redirect vulnerability in red2301.html in HP System Management ...)
NOT-FOR-US: hp system_management_homepage
@@ -89401,7 +89448,7 @@ CVE-2010-1805 (Untrusted search path vulnerability in Apple Safari 4.x before 4.
NOT-FOR-US: apple safari
CVE-2010-1806 (Use-after-free vulnerability in Apple Safari 4.x before 4.1.2 and 5.x ...)
TODO: check
-CVE-2010-1807 (WebKit in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2, and ...)
+CVE-2010-1807 (WebKit in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2; Android ...)
TODO: check
CVE-2010-1808 (Stack-based buffer overflow in Apple Type Services (ATS) in Apple Mac ...)
NOT-FOR-US: apple mac_os_x_server
@@ -89415,7 +89462,7 @@ CVE-2010-1812 (Use-after-free vulnerability in WebKit in Apple iOS before 4.1 on
TODO: check
CVE-2010-1813 (WebKit in Apple iOS before 4.1 on the iPhone and iPod touch allows ...)
TODO: check
-CVE-2010-1814 (WebKit in Apple iOS before 4.1 on the iPhone and iPod touch allows ...)
+CVE-2010-1814 (WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and ...)
TODO: check
CVE-2010-1815 (Use-after-free vulnerability in WebKit in Apple iOS before 4.1 on the ...)
TODO: check
@@ -89435,7 +89482,7 @@ CVE-2010-1822 (WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0
TODO: check
CVE-2010-1823 (Use-after-free vulnerability in WebKit before r65958, as used in ...)
TODO: check
-CVE-2010-1824 (Use-after-free vulnerability in WebKit, as used in Google Chrome ...)
+CVE-2010-1824 (Use-after-free vulnerability in WebKit, as used in Apple iTunes before ...)
TODO: check
CVE-2010-1825 (Use-after-free vulnerability in WebKit, as used in Google Chrome ...)
TODO: check
@@ -89595,7 +89642,7 @@ CVE-2010-1902 (Buffer overflow in Microsoft Office Word 2002 SP3, 2003 SP3, and
NOT-FOR-US: microsoft word
CVE-2010-1903 (Microsoft Office Word 2002 SP3 and 2003 SP3, and Office Word Viewer, ...)
NOT-FOR-US: microsoft word
-CVE-2010-1904 (SQL injection vulnerability in EMC RSA Key Manager Client 1.5.x allows ...)
+CVE-2010-1904 (SQL injection vulnerability in EMC RSA Key Manager (RKM) C Client ...)
NOT-FOR-US: emc rsa_key_manager_client
CVE-2010-1905 (Multiple cross-site scripting (XSS) vulnerabilities in Consona Live ...)
NOT-FOR-US: consona_subscriber_assistance
@@ -90965,12 +91012,12 @@ CVE-2010-2585 (Multiple buffer overflows in the RealPage Module Upload ActiveX .
NOT-FOR-US: realpage module_activex_control
CVE-2010-2586 (Multiple integer overflows in in_nsv.dll in the in_nsv plugin in ...)
NOT-FOR-US: nullsoft winamp
-CVE-2010-2587
- RESERVED
-CVE-2010-2588
- RESERVED
-CVE-2010-2589
- RESERVED
+CVE-2010-2587 (The dirapi.dll module in Adobe Shockwave Player before 11.5.9.620 ...)
+ TODO: check
+CVE-2010-2588 (The dirapi.dll module in Adobe Shockwave Player before 11.5.9.620 ...)
+ TODO: check
+CVE-2010-2589 (Integer overflow in the dirapi.dll module in Adobe Shockwave Player ...)
+ TODO: check
CVE-2010-2590 (Heap-based buffer overflow in the ...)
NOT-FOR-US: sap crystal_reports
CVE-2010-2591
@@ -91345,12 +91392,12 @@ CVE-2010-2775
RESERVED
CVE-2010-2776
RESERVED
-CVE-2010-2777
- RESERVED
-CVE-2010-2778
- RESERVED
-CVE-2010-2779
- RESERVED
+CVE-2010-2777 (Stack-based buffer overflow in the IMAP server component in GroupWise ...)
+ TODO: check
+CVE-2010-2778 (Cross-site scripting (XSS) vulnerability in WebAccess in Novell ...)
+ TODO: check
+CVE-2010-2779 (Cross-site scripting (XSS) vulnerability in WebAccess in Novell ...)
+ TODO: check
CVE-2010-2780
RESERVED
CVE-2010-2781
@@ -91647,8 +91694,8 @@ CVE-2010-2926 (SQL injection vulnerability in index.php in sNews 1.7 allows remo
NOT-FOR-US: solucija snews
CVE-2010-2927 (The slapi_printmessage function in IBM Tivoli Directory Server (ITDS) ...)
NOT-FOR-US: ibm tivoli_directory_server
-CVE-2010-2928
- RESERVED
+CVE-2010-2928 (The vCenter Tomcat Management Application in VMware vCenter Server 4.1 ...)
+ TODO: check
CVE-2010-2929 (Untrusted search path vulnerability in hsolinkcontrol in hsolink ...)
NOT-FOR-US: pharscape hsolink
CVE-2010-2930 (Multiple stack-based buffer overflows in hsolinkcontrol in hsolink ...)
@@ -91661,7 +91708,7 @@ CVE-2010-2933 (SQL injection vulnerability in AV Scripts AV Arcade 3 allows remo
NOT-FOR-US: AV Scripts AV Arcade
CVE-2010-2934 (Multiple unspecified vulnerabilities in ZNC 0.092 allow remote ...)
BUG: 332535
-CVE-2010-2935 (simpress.bin in the Impress module in OpenOffice.org (OOo) 3.2.1 on ...)
+CVE-2010-2935 (simpress.bin in the Impress module in OpenOffice.org (OOo) 2.x and 3.x ...)
NOT-FOR-US: Windows only.
CVE-2010-2936 (Integer overflow in simpress.bin in the Impress module in ...)
NOT-FOR-US: Windows only.
@@ -91875,14 +91922,14 @@ CVE-2010-3039 (/usr/local/cm/bin/pktCap_protectData in Cisco Unified Communicati
NOT-FOR-US: cisco unified_communications_manager
CVE-2010-3040 (Multiple stack-based buffer overflows in agent.exe in Setup Manager in ...)
NOT-FOR-US: cisco intelligent_contact_manager
-CVE-2010-3041
- RESERVED
-CVE-2010-3042
- RESERVED
-CVE-2010-3043
- RESERVED
-CVE-2010-3044
- RESERVED
+CVE-2010-3041 (Multiple buffer overflows in the Cisco WebEx Recording Format (WRF) ...)
+ TODO: check
+CVE-2010-3042 (Multiple buffer overflows in the Cisco WebEx Recording Format (WRF) ...)
+ TODO: check
+CVE-2010-3043 (Multiple buffer overflows in the Cisco WebEx Recording Format (WRF) ...)
+ TODO: check
+CVE-2010-3044 (Multiple buffer overflows in the Cisco WebEx Recording Format (WRF) ...)
+ TODO: check
CVE-2010-3045
RESERVED
CVE-2010-3046
@@ -92019,11 +92066,11 @@ CVE-2010-3111 (Google Chrome before 6.0.472.53 does not properly mitigate an ...
TODO: check
CVE-2010-3112 (Google Chrome before 5.0.375.127 does not properly implement file ...)
TODO: check
-CVE-2010-3113 (Google Chrome before 5.0.375.127 does not properly handle SVG ...)
+CVE-2010-3113 (Google Chrome before 5.0.375.127, and webkitgtk before 1.2.5, does not ...)
TODO: check
-CVE-2010-3114 (The text-editing implementation in Google Chrome before 5.0.375.127 ...)
+CVE-2010-3114 (The text-editing implementation in Google Chrome before 5.0.375.127, ...)
TODO: check
-CVE-2010-3115 (Google Chrome before 5.0.375.127 does not properly implement the ...)
+CVE-2010-3115 (Google Chrome before 5.0.375.127, and webkitgtk before 1.2.6, does not ...)
TODO: check
CVE-2010-3116 (Multiple use-after-free vulnerabilities in WebKit, as used in Apple ...)
TODO: check
@@ -92031,7 +92078,7 @@ CVE-2010-3117 (Google Chrome before 5.0.375.127 does not properly implement the
TODO: check
CVE-2010-3118 (The autosuggest feature in the Omnibox implementation in Google Chrome ...)
TODO: check
-CVE-2010-3119 (Google Chrome before 5.0.375.127 does not properly support the Ruby ...)
+CVE-2010-3119 (Google Chrome before 5.0.375.127 and webkitgtk before 1.2.6 do not ...)
TODO: check
CVE-2010-3120 (Google Chrome before 5.0.375.127 does not properly implement the ...)
TODO: check
@@ -92085,7 +92132,7 @@ CVE-2010-3144 (Untrusted search path vulnerability in the Internet Connection Si
NOT-FOR-US: microsoft windows
CVE-2010-3145 (Untrusted search path vulnerability in the BitLocker Drive Encryption ...)
NOT-FOR-US: microsoft windows_vista
-CVE-2010-3146 (Untrusted search path vulnerability in Microsoft Office Groove 2007 ...)
+CVE-2010-3146 (Multiple untrusted search path vulnerabilities in Microsoft Groove ...)
NOT-FOR-US: microsoft groove
CVE-2010-3147 (Untrusted search path vulnerability in wab.exe 6.00.2900.5512 in ...)
NOT-FOR-US: microsoft outlook_express
@@ -92303,7 +92350,7 @@ CVE-2010-3253 (The implementation of notification permissions in Google Chrome b
TODO: check
CVE-2010-3254 (The WebSockets implementation in Google Chrome before 6.0.472.53 does ...)
TODO: check
-CVE-2010-3255 (Google Chrome before 6.0.472.53 does not properly handle counter ...)
+CVE-2010-3255 (Google Chrome before 6.0.472.53 and webkitgtk before 1.2.6 do not ...)
TODO: check
CVE-2010-3256 (Google Chrome before 6.0.472.53 does not properly limit the number of ...)
TODO: check
@@ -92311,7 +92358,7 @@ CVE-2010-3257 (Use-after-free vulnerability in WebKit, as used in Apple Safari b
TODO: check
CVE-2010-3258 (The sandbox implementation in Google Chrome before 6.0.472.53 does not ...)
TODO: check
-CVE-2010-3259 (WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3 ...)
+CVE-2010-3259 (WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, ...)
TODO: check
CVE-2010-3260
RESERVED
@@ -92331,18 +92378,18 @@ CVE-2010-3267 (Multiple SQL injection vulnerabilities in BugTracker.NET before 3
NOT-FOR-US: ifdefined bugtracker net
CVE-2010-3268 (The GetStringAMSHandler function in prgxhndl.dll in hndlrsvc.exe in ...)
TODO: check
-CVE-2010-3269
- RESERVED
-CVE-2010-3270
- RESERVED
+CVE-2010-3269 (Multiple stack-based buffer overflows in the Cisco WebEx Recording ...)
+ TODO: check
+CVE-2010-3270 (Stack-based buffer overflow in Cisco WebEx Meeting Center T27LB before ...)
+ TODO: check
CVE-2010-3271
RESERVED
-CVE-2010-3272
- RESERVED
-CVE-2010-3273
- RESERVED
-CVE-2010-3274
- RESERVED
+CVE-2010-3272 (accounts/ValidateAnswers in the security-questions implementation in ...)
+ TODO: check
+CVE-2010-3273 (ZOHO ManageEngine ADSelfService Plus before 4.5 Build 4500 allows ...)
+ TODO: check
+CVE-2010-3274 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+ TODO: check
CVE-2010-3275
RESERVED
CVE-2010-3276
@@ -92426,8 +92473,8 @@ CVE-2010-3314 (Cross-site scripting (XSS) vulnerability in login.php in EGroupwa
TODO: check
CVE-2010-3315 (authz.c in the mod_dav_svn module for the Apache HTTP Server, as ...)
TODO: check
-CVE-2010-3316
- RESERVED
+CVE-2010-3316 (The run_coprocess function in pam_xauth.c in the pam_xauth module in ...)
+ TODO: check
CVE-2010-3317 (Cross-site scripting (XSS) vulnerability in IBM Records Manager (RM) ...)
NOT-FOR-US: ibm filenet_content_manager
CVE-2010-3318 (IBM Records Manager (RM) 4.5.x before 4.5.1.1-IER-FP001 transmits ...)
@@ -92657,18 +92704,18 @@ CVE-2010-3428 (SQL injection vulnerability in modules/notes/json.php in Intermes
NOT-FOR-US: intermesh group office
CVE-2010-3429 (flicvideo.c in libavcodec 0.6 and earlier in FFmpeg, as used in ...)
TODO: check
-CVE-2010-3430
- RESERVED
-CVE-2010-3431
- RESERVED
+CVE-2010-3430 (The privilege-dropping implementation in the (1) pam_env and (2) ...)
+ TODO: check
+CVE-2010-3431 (The privilege-dropping implementation in the (1) pam_env and (2) ...)
+ TODO: check
CVE-2010-3432 (The sctp_packet_config function in net/sctp/output.c in the Linux ...)
TODO: check
CVE-2010-3433 (The PL/perl and PL/Tcl implementations in PostgreSQL 7.4 before ...)
TODO: check
CVE-2010-3434 (Buffer overflow in the find_stream_bounds function in pdf.c in ...)
TODO: check
-CVE-2010-3435
- RESERVED
+CVE-2010-3435 (The (1) pam_env and (2) pam_mail modules in Linux-PAM (aka pam) before ...)
+ TODO: check
CVE-2010-3436 (fopen_wrappers.c in PHP 5.3.x through 5.3.3 might allow remote ...)
TODO: check
CVE-2010-3437 (Integer signedness error in the pkt_find_dev_from_minor function in ...)
@@ -92679,8 +92726,8 @@ CVE-2010-3439
RESERVED
CVE-2010-3440
RESERVED
-CVE-2010-3441
- RESERVED
+CVE-2010-3441 (Multiple buffer overflows in abcm2ps before 5.9.12 might allow remote ...)
+ TODO: check
CVE-2010-3442 (Multiple integer overflows in the snd_ctl_new function in ...)
TODO: check
CVE-2010-3443
@@ -92697,16 +92744,16 @@ CVE-2010-3448 (drivers/platform/x86/thinkpad_acpi.c in the Linux kernel before 2
TODO: check
CVE-2010-3449 (Cross-site request forgery (CSRF) vulnerability in Redback before ...)
NOT-FOR-US: codehaus redback
-CVE-2010-3450
- RESERVED
-CVE-2010-3451
- RESERVED
-CVE-2010-3452
- RESERVED
-CVE-2010-3453
- RESERVED
-CVE-2010-3454
- RESERVED
+CVE-2010-3450 (Multiple directory traversal vulnerabilities in OpenOffice.org (OOo) ...)
+ TODO: check
+CVE-2010-3451 (Use-after-free vulnerability in oowriter in OpenOffice.org (OOo) 2.x ...)
+ TODO: check
+CVE-2010-3452 (Use-after-free vulnerability in oowriter in OpenOffice.org (OOo) 2.x ...)
+ TODO: check
+CVE-2010-3453 (The WW8ListManager::WW8ListManager function in oowriter in ...)
+ TODO: check
+CVE-2010-3454 (Multiple off-by-one errors in the WW8DopTypography::ReadFromMem ...)
+ TODO: check
CVE-2010-3455 (Cross-site scripting (XSS) vulnerability in index.php in AChecker 1.0 ...)
NOT-FOR-US: atutor achecker
CVE-2010-3456 (Directory traversal vulnerability in download.php in EnergyScripts ...)
@@ -93015,8 +93062,8 @@ CVE-2010-3607 (Cross-site scripting (XSS) vulnerability in AGENTS/index.php in N
NOT-FOR-US: netartmedia real_estate_portal
CVE-2010-3608 (Multiple SQL injection vulnerabilities in wpQuiz 2.7 allow remote ...)
NOT-FOR-US: wire_plastic_design wpquiz
-CVE-2010-3609
- RESERVED
+CVE-2010-3609 (Unspecified vulnerability in the Service Location Protocol daemon ...)
+ TODO: check
CVE-2010-3610
RESERVED
CVE-2010-3611 (ISC DHCP server 4.0 before 4.0.2, 4.1 before 4.1.2, and 4.2 before ...)
@@ -93175,8 +93222,8 @@ CVE-2010-3687 (Unspecified vulnerability in the powermail extension 1.5.3 and ea
NOT-FOR-US: powermail extension
CVE-2010-3688 (Directory traversal vulnerability in ADMIN/login.php in NetArtMEDIA ...)
NOT-FOR-US: websiteadmin
-CVE-2010-3689
- RESERVED
+CVE-2010-3689 (soffice in OpenOffice.org (OOo) 3.x before 3.3 places a zero-length ...)
+ TODO: check
CVE-2010-3690 (Multiple cross-site scripting (XSS) vulnerabilities in phpCAS before ...)
NOT-FOR-US: jasig phpcas
CVE-2010-3691 (PGTStorage/pgt-file.php in phpCAS before 1.1.3, when proxy mode is ...)
@@ -93233,10 +93280,10 @@ CVE-2010-3716 (The be_user_creation task in TYPO3 4.2.x before 4.2.15 and 4.3.x
NOT-FOR-US: typo3
CVE-2010-3717 (The t3lib_div::validEmail function in TYPO3 4.2.x before 4.2.15, 4.3.x ...)
NOT-FOR-US: typo3
-CVE-2010-3718
- RESERVED
-CVE-2010-3719
- RESERVED
+CVE-2010-3718 (Apache Tomcat 7.0.0 through 7.0.3, 6.0.x, and 5.5.x, when running ...)
+ TODO: check
+CVE-2010-3719 (Eval injection vulnerability in IMAdminSchedTask.asp in the ...)
+ TODO: check
CVE-2010-3720
RESERVED
CVE-2010-3721
@@ -93259,7 +93306,7 @@ CVE-2010-3729 (The SPDY protocol implementation in Google Chrome before 6.0.472.
TODO: check
CVE-2010-3730 (Google Chrome before 6.0.472.62 does not properly use information ...)
TODO: check
-CVE-2010-3731 (Buffer overflow in the Administration Server component in IBM DB2 UDB ...)
+CVE-2010-3731 (Stack-based buffer overflow in the validateUser implementation in the ...)
NOT-FOR-US: ibm db2
CVE-2010-3732 (The DRDA Services component in IBM DB2 UDB 9.5 before FP6a allows ...)
NOT-FOR-US: ibm db2
@@ -93421,9 +93468,9 @@ CVE-2010-3810 (WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6
TODO: check
CVE-2010-3811 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on ...)
TODO: check
-CVE-2010-3812 (Integer overflow in the wholeText method in WebKit in Apple Safari ...)
+CVE-2010-3812 (Integer overflow in the Text::wholeText method in dom/Text.cpp in ...)
TODO: check
-CVE-2010-3813 (WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and ...)
+CVE-2010-3813 (The WebCore::HTMLLinkElement::process function in ...)
TODO: check
CVE-2010-3814 (Heap-based buffer overflow in the Ins_SHZ function in ttinterp.c in ...)
TODO: check
@@ -93503,10 +93550,10 @@ CVE-2010-3851 (libguestfs before 1.5.23, as used in virt-v2v, virt-inspector 1.5
NOT-FOR-US: libguestfs
CVE-2010-3852 (The default configuration of Luci 0.22.4 and earlier in Red Hat Conga ...)
NOT-FOR-US: redhat luci
-CVE-2010-3853
- RESERVED
-CVE-2010-3854
- RESERVED
+CVE-2010-3853 (pam_namespace.c in the pam_namespace module in Linux-PAM (aka pam) ...)
+ TODO: check
+CVE-2010-3854 (Multiple cross-site scripting (XSS) vulnerabilities in the web ...)
+ TODO: check
CVE-2010-3855 (Buffer overflow in the ft_var_readpackedpoints function in ...)
TODO: check
CVE-2010-3856 (ld.so in the GNU C Library (aka glibc or libc6) before 2.11.3, and ...)
@@ -93517,7 +93564,7 @@ CVE-2010-3858 (The setup_arg_pages function in fs/exec.c in the Linux kernel bef
TODO: check
CVE-2010-3859 (Multiple integer signedness errors in the TIPC implementation in the ...)
TODO: check
-CVE-2010-3860 (IcedTea before 1.9.2, as based on OpenJDK 6, declares multiple ...)
+CVE-2010-3860 (IcedTea 1.7.x before 1.7.6, 1.8.x before 1.8.3, and 1.9.x before ...)
TODO: check
CVE-2010-3861 (The ethtool_get_rxnfc function in net/core/ethtool.c in the Linux ...)
TODO: check
@@ -93555,8 +93602,8 @@ CVE-2010-3877 (The get_name function in net/tipc/socket.c in the Linux kernel be
TODO: check
CVE-2010-3878 (Cross-site request forgery (CSRF) vulnerability in the JMX Console in ...)
TODO: check
-CVE-2010-3879
- RESERVED
+CVE-2010-3879 (FUSE, possibly 2.8.5 and earlier, allows local users to create mtab ...)
+ TODO: check
CVE-2010-3880 (net/ipv4/inet_diag.c in the Linux kernel before 2.6.37-rc2 does not ...)
TODO: check
CVE-2010-3881 (arch/x86/kvm/x86.c in the Linux kernel before 2.6.36.2 does not ...)
@@ -93652,18 +93699,17 @@ CVE-2010-3925 (Contents-Mall before 15 does not properly handle passwords, which
NOT-FOR-US: wb i contents mall
CVE-2010-3926 (Multiple cross-site scripting (XSS) vulnerabilities in Shop.cgi in ...)
NOT-FOR-US: wb i sgx sp_final_ne
-CVE-2010-3927
- RESERVED
+CVE-2010-3927 (Untrusted search path vulnerability in Lunascape before 6.4.0 allows ...)
+ TODO: check
CVE-2010-3928 (Ruby Version Manager (RVM) before 1.2.1 writes file contents to a ...)
NOT-FOR-US: Ruby
-CVE-2010-3929
- RESERVED
-CVE-2010-3930
- RESERVED
+CVE-2010-3929 (SQL injection vulnerability in MODx Evolution 1.0.4 and earlier allows ...)
+ TODO: check
+CVE-2010-3930 (Directory traversal vulnerability in MODx Evolution 1.0.4 and earlier ...)
+ TODO: check
CVE-2010-3931 (Cross-site scripting (XSS) vulnerability in multiple Rocomotion ...)
NOT-FOR-US: multiple Rocomotion products including P board
CVE-2010-3932
- RESERVED
REJECTED
CVE-2010-3933 (Ruby on Rails 2.3.9 and 3.0.0 does not properly handle nested ...)
TODO: check
@@ -93743,7 +93789,7 @@ CVE-2010-3970 (Stack-based buffer overflow in the CreateSizedDIBSECTION function
NOT-FOR-US: microsoft windows_xp
CVE-2010-3971 (Use-after-free vulnerability in the CSharedStyleSheet::Notify function ...)
NOT-FOR-US: microsoft ie
-CVE-2010-3972 (The TELNET_STREAM_CONTEXT::OnSendData function in the FTP protocol ...)
+CVE-2010-3972 (Heap-based buffer overflow in the TELNET_STREAM_CONTEXT::OnSendData ...)
NOT-FOR-US: microsoft iis
CVE-2010-3973 (The WBEMSingleView.ocx ActiveX control 1.50.1131.0 in Microsoft WMI ...)
NOT-FOR-US: microsoft wmi_administrative_tools
@@ -93829,8 +93875,8 @@ CVE-2010-4013 (Format string vulnerability in PackageKit in Apple Mac OS X 10.6.
NOT-FOR-US: apple mac_os_x_server
CVE-2010-4014
RESERVED
-CVE-2010-4015
- RESERVED
+CVE-2010-4015 (Buffer overflow in the gettoken function in ...)
+ TODO: check
CVE-2010-4016
RESERVED
CVE-2010-4017
@@ -93843,8 +93889,8 @@ CVE-2010-4020 (MIT Kerberos 5 (aka krb5) 1.8.x through 1.8.3 does not reject RC4
TODO: check
CVE-2010-4021 (The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.7 ...)
TODO: check
-CVE-2010-4022
- RESERVED
+CVE-2010-4022 (The do_standalone function in the MIT krb5 KDC database propagation ...)
+ TODO: check
CVE-2010-4023 (Cross-site scripting (XSS) vulnerability in HP Insight Control Power ...)
NOT-FOR-US: hp insight_control_power_management
CVE-2010-4024 (Cross-site request forgery (CSRF) vulnerability in HP Insight Control ...)
@@ -93981,12 +94027,12 @@ CVE-2010-4089 (IML32.dll in Adobe Shockwave Player before 11.5.9.615 allows atta
NOT-FOR-US: adobe shockwave_player
CVE-2010-4090 (Adobe Shockwave Player before 11.5.9.615 allows attackers to execute ...)
NOT-FOR-US: adobe shockwave_player
-CVE-2010-4091 (The EScript.api plugin in Adobe Acrobat Reader 9.4.0, 8.1.7, and ...)
+CVE-2010-4091 (The EScript.api plugin in Adobe Reader and Acrobat 10.x before 10.0.1, ...)
TODO: check
CVE-2010-4092 (Use-after-free vulnerability in an unspecified compatibility component ...)
NOT-FOR-US: adobe shockwave_player
-CVE-2010-4093
- RESERVED
+CVE-2010-4093 (Adobe Shockwave Player before 11.5.9.620 allows attackers to execute ...)
+ TODO: check
CVE-2010-4094 (The Tomcat server in IBM Rational Quality Manager and Rational Test ...)
NOT-FOR-US: ibm rational_test_lab_manager
CVE-2010-4095 (Directory traversal vulnerability in the FTP client in Serengeti ...)
@@ -94173,29 +94219,29 @@ CVE-2010-4185 (SQL injection vulnerability in index.php in Energine, possibly 2.
NOT-FOR-US: energine
CVE-2010-4186 (SQL injection vulnerability in process.asp in OnlineTechTools Online ...)
NOT-FOR-US: onlinetechtools com oasys_professional
-CVE-2010-4187
- RESERVED
-CVE-2010-4188
- RESERVED
-CVE-2010-4189
- RESERVED
-CVE-2010-4190
- RESERVED
-CVE-2010-4191
- RESERVED
-CVE-2010-4192
- RESERVED
-CVE-2010-4193
- RESERVED
-CVE-2010-4194
- RESERVED
-CVE-2010-4195
- RESERVED
-CVE-2010-4196
- RESERVED
-CVE-2010-4197 (Use-after-free vulnerability in Google Chrome before 7.0.517.44 allows ...)
+CVE-2010-4187 (Adobe Shockwave Player before 11.5.9.620 allows attackers to execute ...)
+ TODO: check
+CVE-2010-4188 (The dirapi.dll module in Adobe Shockwave Player before 11.5.9.620 ...)
+ TODO: check
+CVE-2010-4189 (The IML32 module in Adobe Shockwave Player before 11.5.9.620 allows ...)
+ TODO: check
+CVE-2010-4190 (Adobe Shockwave Player before 11.5.9.620 allows attackers to execute ...)
+ TODO: check
+CVE-2010-4191 (Adobe Shockwave Player before 11.5.9.620 allows attackers to execute ...)
+ TODO: check
+CVE-2010-4192 (Adobe Shockwave Player before 11.5.9.620 allows attackers to execute ...)
+ TODO: check
+CVE-2010-4193 (Adobe Shockwave Player before 11.5.9.620 does not properly validate ...)
+ TODO: check
+CVE-2010-4194 (The dirapi.dll module in Adobe Shockwave Player before 11.5.9.620 does ...)
+ TODO: check
+CVE-2010-4195 (The TextXtra module in Adobe Shockwave Player before 11.5.9.620 does ...)
+ TODO: check
+CVE-2010-4196 (The Shockwave 3d Asset module in Adobe Shockwave Player before ...)
TODO: check
-CVE-2010-4198 (Google Chrome before 7.0.517.44 does not properly handle large text ...)
+CVE-2010-4197 (Use-after-free vulnerability in WebKit, as used in Google Chrome ...)
+ TODO: check
+CVE-2010-4198 (WebKit, as used in Google Chrome before 7.0.517.44, webkitgtk before ...)
TODO: check
CVE-2010-4199 (Google Chrome before 7.0.517.44 does not properly perform a cast of an ...)
TODO: check
@@ -94208,11 +94254,11 @@ CVE-2010-4202 (Multiple integer overflows in Google Chrome before 7.0.517.44 on
TODO: check
CVE-2010-4203 (WebM libvpx (aka the VP8 Codec SDK) before 0.9.5, as used in Google ...)
TODO: check
-CVE-2010-4204 (Google Chrome before 7.0.517.44 accesses a frame object after this ...)
+CVE-2010-4204 (WebKit, as used in Google Chrome before 7.0.517.44, webkitgtk before ...)
TODO: check
CVE-2010-4205 (Google Chrome before 7.0.517.44 does not properly handle the data ...)
TODO: check
-CVE-2010-4206 (Google Chrome before 7.0.517.44 accesses memory at an out-of-bounds ...)
+CVE-2010-4206 (Array index error in the FEBlend::apply function in ...)
TODO: check
CVE-2010-4207 (Cross-site scripting (XSS) vulnerability in the Flash component ...)
NOT-FOR-US: yahoo yui
@@ -94254,10 +94300,10 @@ CVE-2010-4225 (Unspecified vulnerability in the mod_mono module for XSP in Mono
TODO: check
CVE-2010-4226
RESERVED
-CVE-2010-4227
- RESERVED
-CVE-2010-4228
- RESERVED
+CVE-2010-4227 (The xdrDecodeString function in XNFS.NLM in Novell Netware 6.5 before ...)
+ TODO: check
+CVE-2010-4228 (Stack-based buffer overflow in NWFTPD.NLM before 5.10.02 in the FTP ...)
+ TODO: check
CVE-2010-4229
RESERVED
CVE-2010-4230 (Stack-based buffer overflow in a certain ActiveX control for the ...)
@@ -94276,8 +94322,8 @@ CVE-2010-4236 (Untrusted search path vulnerability in estaskwrapper in IBM OmniF
NOT-FOR-US: ibm omnifind
CVE-2010-4237
RESERVED
-CVE-2010-4238
- RESERVED
+CVE-2010-4238 (The vbd_create function in Xen 3.1.2, when the Linux kernel 2.6.18 on ...)
+ TODO: check
CVE-2010-4239
RESERVED
CVE-2010-4240
@@ -94286,8 +94332,8 @@ CVE-2010-4241
RESERVED
CVE-2010-4242 (The hci_uart_tty_open function in the HCI UART driver ...)
TODO: check
-CVE-2010-4243
- RESERVED
+CVE-2010-4243 (fs/exec.c in the Linux kernel before 2.6.37 does not enable the OOM ...)
+ TODO: check
CVE-2010-4244
RESERVED
CVE-2010-4245
@@ -94306,14 +94352,14 @@ CVE-2010-4251
RESERVED
CVE-2010-4252 (OpenSSL before 1.0.0c, when J-PAKE is enabled, does not properly ...)
TODO: check
-CVE-2010-4253
- RESERVED
+CVE-2010-4253 (Heap-based buffer overflow in Impress in OpenOffice.org (OOo) 2.x and ...)
+ TODO: check
CVE-2010-4254 (Mono, when Moonlight before 2.3.0.1 or 2.99.x before 2.99.0.10 is ...)
TODO: check
-CVE-2010-4255
- RESERVED
-CVE-2010-4256
- RESERVED
+CVE-2010-4255 (The fixup_page_fault function in arch/x86/traps.c in Xen 4.0.1 and ...)
+ TODO: check
+CVE-2010-4256 (The pipe_fcntl function in fs/pipe.c in the Linux kernel before 2.6.37 ...)
+ TODO: check
CVE-2010-4257 (SQL injection vulnerability in the do_trackbacks function in ...)
TODO: check
CVE-2010-4258 (The do_exit function in kernel/exit.c in the Linux kernel before ...)
@@ -94412,10 +94458,10 @@ CVE-2010-4304 (The web interface in Cisco Unified Videoconferencing (UVC) System
NOT-FOR-US: cisco unified_videoconferencing_system_5230
CVE-2010-4305 (Cisco Unified Videoconferencing (UVC) System 3545, 5110, 5115, and ...)
NOT-FOR-US: cisco unified_videoconferencing_system_5230
-CVE-2010-4306
- RESERVED
-CVE-2010-4307
- RESERVED
+CVE-2010-4306 (Adobe Shockwave Player before 11.5.9.620 allows attackers to execute ...)
+ TODO: check
+CVE-2010-4307 (Buffer overflow in Adobe Shockwave Player before 11.5.9.620 allows ...)
+ TODO: check
CVE-2010-4308
RESERVED
CVE-2010-4309
@@ -94446,18 +94492,18 @@ CVE-2010-4321 (Stack-based buffer overflow in an ActiveX control in ienipp.ocx i
NOT-FOR-US: novell iprint_client
CVE-2010-4322 (Cross-site scripting (XSS) vulnerability in gwtTeaming.rpc in Novell ...)
NOT-FOR-US: novell vibe_onprem
-CVE-2010-4323
- RESERVED
+CVE-2010-4323 (Heap-based buffer overflow in novell-tftp.exe in Novell ZENworks ...)
+ TODO: check
CVE-2010-4324 (Cross-site scripting (XSS) vulnerability in the Approval Form in the ...)
NOT-FOR-US: novell identity_manager_roles_based_provisioning_module
-CVE-2010-4325
- RESERVED
-CVE-2010-4326
- RESERVED
-CVE-2010-4327
- RESERVED
-CVE-2010-4328
- RESERVED
+CVE-2010-4325 (Buffer overflow in gwwww1.dll in GroupWise Internet Agent (GWIA) in ...)
+ TODO: check
+CVE-2010-4326 (Multiple buffer overflows in gwwww1.dll in GroupWise Internet Agent ...)
+ TODO: check
+CVE-2010-4327 (Unspecified vulnerability in the NCP service in Novell eDirectory ...)
+ TODO: check
+CVE-2010-4328 (Multiple stack-based buffer overflows in opt/novell/iprint/bin/ipsmd ...)
+ TODO: check
CVE-2010-4329 (Cross-site scripting (XSS) vulnerability in the PMA_linkOrButton ...)
TODO: check
CVE-2010-4330 (Directory traversal vulnerability in includes/controller.php in Pulse ...)
@@ -94476,14 +94522,14 @@ CVE-2010-4336 (The cu_rrd_create_file function (src/utils_rrdcreate.c) in collec
TODO: check
CVE-2010-4337 (The configure script in gnash 0.8.8 allows local users to overwrite ...)
BUG: 351724
-CVE-2010-4338 (ocrodjvu 0.4.6-1 on Debian GNU/Linux, when using Cuneiform as the OCR ...)
+CVE-2010-4338 (ocrodjvu 0.4.6-1 on Debian GNU/Linux allows local users to modify ...)
NOT-FOR-US: ocrodjvu
CVE-2010-4339 (Cross-site scripting (XSS) vulnerability in Hypermail 2.2.0 allows ...)
NOT-FOR-US: hypermail project hypermail
CVE-2010-4340
TODO: check
-CVE-2010-4341
- RESERVED
+CVE-2010-4341 (The pam_parse_in_data_v2 function in src/responder/pam/pamsrv_cmd.c in ...)
+ TODO: check
CVE-2010-4342 (The aun_incoming function in net/econet/af_econet.c in the Linux ...)
TODO: check
CVE-2010-4343 (drivers/scsi/bfa/bfa_core.c in the Linux kernel before 2.6.35 does not ...)
@@ -94506,8 +94552,8 @@ CVE-2010-4351 (The JNLP SecurityManager in IcedTea (IcedTea.so) 1.7 before 1.7.7
BUG: 352035
CVE-2010-4352 (Stack consumption vulnerability in D-Bus (aka DBus) before 1.4.1 ...)
TODO: check
-CVE-2010-4353
- RESERVED
+CVE-2010-4353 (Unrestricted file upload vulnerability in ...)
+ TODO: check
CVE-2010-4354 (The remote-access IPSec VPN implementation on Cisco Adaptive Security ...)
NOT-FOR-US: cisco vpn_3080_concentrator
CVE-2010-4355 (Cross-site scripting (XSS) vulnerability in DaDaBIK before 4.3 beta2, ...)
@@ -94586,8 +94632,8 @@ CVE-2010-4391 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 throug
NOT-FOR-US: realnetworks realplayer_sp
CVE-2010-4392 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...)
NOT-FOR-US: realnetworks realplayer_sp
-CVE-2010-4393
- RESERVED
+CVE-2010-4393 (Heap-based buffer overflow in vidplin.dll in RealNetworks RealPlayer ...)
+ TODO: check
CVE-2010-4394 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...)
NOT-FOR-US: realnetworks realplayer_sp
CVE-2010-4395 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...)
@@ -94644,8 +94690,8 @@ CVE-2010-4420 (Unspecified vulnerability in the Database Vault component in Orac
NOT-FOR-US: oracle database_server
CVE-2010-4421 (Unspecified vulnerability in the Database Vault component in Oracle ...)
NOT-FOR-US: oracle database_server
-CVE-2010-4422
- RESERVED
+CVE-2010-4422 (Unspecified vulnerability in the Java Runtime Environment (JRE) in ...)
+ TODO: check
CVE-2010-4423 (Unspecified vulnerability in the Cluster Verify Utility component in ...)
NOT-FOR-US: oracle database_server
CVE-2010-4424 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
@@ -94694,22 +94740,22 @@ CVE-2010-4445 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS compo
NOT-FOR-US: oracle peoplesoft_and_jdedwards_product_suite
CVE-2010-4446 (Unspecified vulnerability in Oracle Solaris 11 Express allows local ...)
NOT-FOR-US: sunos
-CVE-2010-4447
- RESERVED
-CVE-2010-4448
- RESERVED
+CVE-2010-4447 (Unspecified vulnerability in the Java Runtime Environment (JRE) in ...)
+ TODO: check
+CVE-2010-4448 (Unspecified vulnerability in the Java Runtime Environment (JRE) in ...)
+ TODO: check
CVE-2010-4449 (Unspecified vulnerability in the Audit Vault component in Oracle Audit ...)
NOT-FOR-US: oracle audit_vault
-CVE-2010-4450
- RESERVED
-CVE-2010-4451
- RESERVED
-CVE-2010-4452
- RESERVED
+CVE-2010-4450 (Unspecified vulnerability in the Java Runtime Environment (JRE) in ...)
+ TODO: check
+CVE-2010-4451 (Unspecified vulnerability in the Java Runtime Environment (JRE) in ...)
+ TODO: check
+CVE-2010-4452 (Unspecified vulnerability in the Deployment component in Java Runtime ...)
+ TODO: check
CVE-2010-4453 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
NOT-FOR-US: oracle weblogic_server
-CVE-2010-4454
- RESERVED
+CVE-2010-4454 (Unspecified vulnerability in the Java Runtime Environment (JRE) in ...)
+ TODO: check
CVE-2010-4455 (Unspecified vulnerability in the Oracle HTTP Server component in ...)
NOT-FOR-US: oracle fusion_middleware
CVE-2010-4456 (Unspecified vulnerability in Oracle Sun Java System Communications ...)
@@ -94724,36 +94770,36 @@ CVE-2010-4460 (Unspecified vulnerability in Oracle Solaris 10 allows local users
NOT-FOR-US: sunos
CVE-2010-4461 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component ...)
NOT-FOR-US: oracle peoplesoft_and_jdedwards_product_suite
-CVE-2010-4462
- RESERVED
-CVE-2010-4463
- RESERVED
+CVE-2010-4462 (Unspecified vulnerability in the Java Runtime Environment (JRE) in ...)
+ TODO: check
+CVE-2010-4463 (Unspecified vulnerability in the Java Runtime Environment (JRE) in ...)
+ TODO: check
CVE-2010-4464 (Unspecified vulnerability in Oracle Sun Convergence 1.0 allows remote ...)
NOT-FOR-US: oracle sun_convergence
-CVE-2010-4465
- RESERVED
-CVE-2010-4466
- RESERVED
-CVE-2010-4467
- RESERVED
-CVE-2010-4468
- RESERVED
-CVE-2010-4469
- RESERVED
-CVE-2010-4470
- RESERVED
-CVE-2010-4471
- RESERVED
-CVE-2010-4472
- RESERVED
-CVE-2010-4473
- RESERVED
-CVE-2010-4474
- RESERVED
-CVE-2010-4475
- RESERVED
-CVE-2010-4476
- RESERVED
+CVE-2010-4465 (Unspecified vulnerability in the Java Runtime Environment (JRE) in ...)
+ TODO: check
+CVE-2010-4466 (Unspecified vulnerability in the Java Runtime Environment (JRE) in ...)
+ TODO: check
+CVE-2010-4467 (Unspecified vulnerability in the Java Runtime Environment (JRE) in ...)
+ TODO: check
+CVE-2010-4468 (Unspecified vulnerability in the Java Runtime Environment (JRE) in ...)
+ TODO: check
+CVE-2010-4469 (Unspecified vulnerability in the Java Runtime Environment (JRE) in ...)
+ TODO: check
+CVE-2010-4470 (Unspecified vulnerability in the Java Runtime Environment (JRE) in ...)
+ TODO: check
+CVE-2010-4471 (Unspecified vulnerability in the Java Runtime Environment (JRE) in ...)
+ TODO: check
+CVE-2010-4472 (Unspecified vulnerability in the Java Runtime Environment (JRE) in ...)
+ TODO: check
+CVE-2010-4473 (Unspecified vulnerability in the Java Runtime Environment (JRE) in ...)
+ TODO: check
+CVE-2010-4474 (Unspecified vulnerability in the Java DB component in Oracle Java SE ...)
+ TODO: check
+CVE-2010-4475 (Unspecified vulnerability in the Java Runtime Environment (JRE) in ...)
+ TODO: check
+CVE-2010-4476 (The Double.parseDouble method in Java Runtime Environment (JRE) in ...)
+ TODO: check
CVE-2010-4477
RESERVED
CVE-2010-4478 (OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly ...)
@@ -94778,7 +94824,7 @@ CVE-2010-4487 (Incomplete blacklist vulnerability in Google Chrome before 8.0.55
TODO: check
CVE-2010-4488 (Google Chrome before 8.0.552.215 does not properly handle HTTP proxy ...)
TODO: check
-CVE-2010-4489 (Google Chrome before 8.0.552.215 does not properly handle WebM video, ...)
+CVE-2010-4489 (libvpx, as used in Google Chrome before 8.0.552.215 and possibly other ...)
TODO: check
CVE-2010-4490 (Google Chrome before 8.0.552.215 allows remote attackers to cause a ...)
TODO: check
@@ -94813,8 +94859,8 @@ CVE-2010-4504 (Multiple cross-site scripting (XSS) vulnerabilities in eSyndiCat
NOT-FOR-US: intelliants esyndicat
CVE-2010-4505 (Multiple SQL injection vulnerabilities in login.php in Injader 2.4.4, ...)
NOT-FOR-US: injader
-CVE-2010-4506
- RESERVED
+CVE-2010-4506 (Passlogix v-GO Self-Service Password Reset (SSPR) and OEM before 7.0A ...)
+ TODO: check
CVE-2010-4507 (Multiple cross-site request forgery (CSRF) vulnerabilities on the ...)
NOT-FOR-US: clear ispot
CVE-2010-4508 (The WebSockets implementation in Mozilla Firefox 4 through 4.0 Beta 7 ...)
@@ -94934,20 +94980,20 @@ CVE-2010-4564
RESERVED
CVE-2010-4565 (The bcm_connect function in net/can/bcm.c (aka the Broadcast Manager) ...)
TODO: check
-CVE-2010-4566 (Unspecified vulnerability in the NT4 authentication component in ...)
+CVE-2010-4566 (The web authentication form in the NT4 authentication component in ...)
NOT-FOR-US: citrix access_gateway
-CVE-2010-4567
- RESERVED
-CVE-2010-4568
- RESERVED
-CVE-2010-4569
- RESERVED
-CVE-2010-4570
- RESERVED
+CVE-2010-4567 (Bugzilla before 3.2.10, 3.4.x before 3.4.10, 3.6.x before 3.6.4, and ...)
+ TODO: check
+CVE-2010-4568 (Bugzilla 2.14 through 2.22.7; 3.0.x, 3.1.x, and 3.2.x before 3.2.10; ...)
+ TODO: check
+CVE-2010-4569 (Cross-site scripting (XSS) vulnerability in Bugzilla 3.7.1, 3.7.2, ...)
+ TODO: check
+CVE-2010-4570 (Cross-site scripting (XSS) vulnerability in the duplicate-detection ...)
+ TODO: check
CVE-2010-4571
RESERVED
-CVE-2010-4572
- RESERVED
+CVE-2010-4572 (CRLF injection vulnerability in chart.cgi in Bugzilla before 3.2.10, ...)
+ TODO: check
CVE-2010-4573 (The Update Installer in VMware ESXi 4.1, when a modified sfcb.cfg is ...)
NOT-FOR-US: vmware esxi
CVE-2010-4574 (The Pickle::Pickle function in base/pickle.cc in Google Chrome before ...)
@@ -94956,7 +95002,7 @@ CVE-2010-4575 (The ThemeInstalledInfoBarDelegate::Observe function in ...)
TODO: check
CVE-2010-4576 (browser/worker_host/message_port_dispatcher.cc in Google Chrome before ...)
TODO: check
-CVE-2010-4577 (Google Chrome before 8.0.552.224 and Chrome OS before 8.0.552.343 do ...)
+CVE-2010-4577 (The CSSParser::parseFontFaceSrc function in WebCore/css/CSSParser.cpp ...)
TODO: check
CVE-2010-4578 (Google Chrome before 8.0.552.224 and Chrome OS before 8.0.552.343 do ...)
TODO: check
@@ -95088,8 +95134,8 @@ CVE-2010-4641 (SQL injection vulnerability in XWiki Enterprise before 2.5 allows
NOT-FOR-US: xwiki
CVE-2010-4642 (Cross-site scripting (XSS) vulnerability in XWiki Enterprise before ...)
NOT-FOR-US: xwiki
-CVE-2010-4643
- RESERVED
+CVE-2010-4643 (Heap-based buffer overflow in Impress in OpenOffice.org (OOo) 2.x and ...)
+ TODO: check
CVE-2010-4644 (Multiple memory leaks in rev_hunt.c in Apache Subversion before 1.6.15 ...)
TODO: check
CVE-2010-4645 (strtod.c, as used in the zend_strtod function in PHP 5.2 before 5.2.17 ...)
@@ -95100,14 +95146,14 @@ CVE-2010-4647 (Multiple cross-site scripting (XSS) vulnerabilities in the Help .
TODO: check
CVE-2010-4648
RESERVED
-CVE-2010-4649
- RESERVED
+CVE-2010-4649 (Integer overflow in the ib_uverbs_poll_cq function in ...)
+ TODO: check
CVE-2010-4650
RESERVED
-CVE-2010-4651
- RESERVED
-CVE-2010-4652
- RESERVED
+CVE-2010-4651 (Directory traversal vulnerability in util.c in GNU patch 2.6.1 and ...)
+ TODO: check
+CVE-2010-4652 (Heap-based buffer overflow in the sql_prepare_where function ...)
+ TODO: check
CVE-2010-4653
RESERVED
CVE-2010-4654
@@ -95210,10 +95256,156 @@ CVE-2010-4702 (SQL injection vulnerability in JRadio (com_jradio) component befo
NOT-FOR-US: JRadio com_jradio component
CVE-2010-4703 (SQL injection vulnerability in default.asp in HotWebScripts HotWeb ...)
NOT-FOR-US: HotWebScripts
-CVE-2011-0001
- RESERVED
-CVE-2011-0002
- RESERVED
+CVE-2010-4704 (libavcodec/vorbis_dec.c in the Vorbis decoder in FFmpeg 0.6.1 and ...)
+ TODO: check
+CVE-2010-4705 (Integer overflow in the vorbis_residue_decode_internal function in ...)
+ TODO: check
+CVE-2010-4706 (The pam_sm_close_session function in pam_xauth.c in the pam_xauth ...)
+ TODO: check
+CVE-2010-4707 (The check_acl function in pam_xauth.c in the pam_xauth module in ...)
+ TODO: check
+CVE-2010-4708 (The pam_env module in Linux-PAM (aka pam) 1.1.2 and earlier reads the ...)
+ TODO: check
+CVE-2010-4709 (Heap-based buffer overflow in Automated Solutions Modbus/TCP Master ...)
+ TODO: check
+CVE-2010-4710 (Cross-site scripting (XSS) vulnerability in the addItem method in the ...)
+ TODO: check
+CVE-2010-4711 (Double free vulnerability in the IMAP server component in GroupWise ...)
+ TODO: check
+CVE-2010-4712 (Multiple stack-based buffer overflows in gwia.exe in GroupWise ...)
+ TODO: check
+CVE-2010-4713 (Integer signedness error in gwia.exe in GroupWise Internet Agent ...)
+ TODO: check
+CVE-2010-4714 (Multiple stack-based buffer overflows in Novell GroupWise before ...)
+ TODO: check
+CVE-2010-4715 (Multiple directory traversal vulnerabilities in the (1) WebAccess ...)
+ TODO: check
+CVE-2010-4716 (Cross-site scripting (XSS) vulnerability in the WebPublisher component ...)
+ TODO: check
+CVE-2010-4717 (Multiple stack-based buffer overflows in the IMAP server component in ...)
+ TODO: check
+CVE-2010-4718 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+ TODO: check
+CVE-2010-4719 (Directory traversal vulnerability in JRadio (com_jradio) component ...)
+ TODO: check
+CVE-2010-4720 (SQL injection vulnerability in the JExtensions JE Auto (com_jeauto) ...)
+ TODO: check
+CVE-2010-4721 (SQL injection vulnerability in news.php in Immo Makler allows remote ...)
+ TODO: check
+CVE-2010-4722 (Unspecified vulnerability in the fetch plugin in Smarty before 3.0.2 ...)
+ TODO: check
+CVE-2010-4723 (Smarty before 3.0.0, when security is enabled, does not prevent access ...)
+ TODO: check
+CVE-2010-4724 (Multiple unspecified vulnerabilities in the parser implementation in ...)
+ TODO: check
+CVE-2010-4725 (Smarty before 3.0.0 RC3 does not properly handle an on value of the ...)
+ TODO: check
+CVE-2010-4726 (Unspecified vulnerability in the math plugin in Smarty before 3.0.0 ...)
+ TODO: check
+CVE-2010-4727 (Smarty before 3.0.0 beta 7 does not properly handle the <?php and ?> ...)
+ TODO: check
+CVE-2010-4728 (Zikula before 1.3.1 uses the rand and srand PHP functions for random ...)
+ TODO: check
+CVE-2010-4729 (Zikula before 1.2.3 does not use the authid protection mechanism for ...)
+ TODO: check
+CVE-2010-4730 (Directory traversal vulnerability in cgi-bin/read.cgi in WebSCADA ...)
+ TODO: check
+CVE-2010-4731 (Absolute path traversal vulnerability in cgi-bin/read.cgi in WebSCADA ...)
+ TODO: check
+CVE-2010-4732 (cgi-bin/read.cgi in WebSCADA WS100 and WS200, Easy Connect EC150, ...)
+ TODO: check
+CVE-2010-4733 (WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway ...)
+ TODO: check
+CVE-2010-4734 (Multiple cross-site scripting (XSS) vulnerabilities in the comment ...)
+ TODO: check
+CVE-2010-4735 (SQL injection vulnerability in shoppingcart.asp in Ecommercemax ...)
+ TODO: check
+CVE-2010-4736 (SQL injection vulnerability in ECO.asp in GateSoft DocuSafe 4.1.0 and ...)
+ TODO: check
+CVE-2010-4737 (SQL injection vulnerability in resorts.asp in HotWebScripts HotWeb ...)
+ TODO: check
+CVE-2010-4738 (Multiple SQL injection vulnerabilities in Rae Media INC Real Estate ...)
+ TODO: check
+CVE-2010-4739 (SQL injection vulnerability in the Maian Media Silver (com_maianmedia) ...)
+ TODO: check
+CVE-2010-4740 (Stack-based buffer overflow in WTclient.dll in SCADA Engine BACnet OPC ...)
+ TODO: check
+CVE-2010-4741 (Stack-based buffer overflow in MDMUtil.dll in MDMTool.exe in MDM Tool ...)
+ TODO: check
+CVE-2010-4742 (Stack-based buffer overflow in a certain ActiveX control in ...)
+ TODO: check
+CVE-2010-4743 (Heap-based buffer overflow in the getarena function in abc2ps.c in ...)
+ TODO: check
+CVE-2010-4744 (Multiple unspecified vulnerabilities in abcm2ps before 5.9.13 have ...)
+ TODO: check
+CVE-2010-4745 (Cross-site scripting (XSS) vulnerability in nav.html in PHPXref before ...)
+ TODO: check
+CVE-2010-4746 (Multiple memory leaks in the normalization functionality in 389 ...)
+ TODO: check
+CVE-2010-4747 (Cross-site scripting (XSS) vulnerability in ...)
+ TODO: check
+CVE-2010-4748 (Cross-site scripting (XSS) vulnerability in pmwiki.php in PmWiki ...)
+ TODO: check
+CVE-2010-4749 (Multiple cross-site scripting (XSS) vulnerabilities in BLOG:CMS ...)
+ TODO: check
+CVE-2010-4750 (Cross-site request forgery (CSRF) vulnerability in ...)
+ TODO: check
+CVE-2010-4751 (SQL injection vulnerability in LightNEasy.php in LightNEasy 3.2.1, ...)
+ TODO: check
+CVE-2010-4752 (SQL injection vulnerability in LightNEasy.php in LightNEasy 3.2.1, ...)
+ TODO: check
+CVE-2010-4753 (Cross-site scripting (XSS) vulnerability in LightNEasy.php in ...)
+ TODO: check
+CVE-2010-4754 (The glob implementation in libc in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, ...)
+ TODO: check
+CVE-2010-4755 (The (1) remote_glob function in sftp-glob.c and the (2) process_put ...)
+ TODO: check
+CVE-2010-4756 (The glob implementation in the GNU C Library (aka glibc or libc6) ...)
+ TODO: check
+CVE-2010-4757 (Cross-site scripting (XSS) vulnerability in submitnews.php in e107 ...)
+ TODO: check
+CVE-2010-4758 (installer.pl in Open Ticket Request System (OTRS) before 3.0.3 has an ...)
+ TODO: check
+CVE-2010-4759 (Open Ticket Request System (OTRS) before 3.0.0-beta7 does not properly ...)
+ TODO: check
+CVE-2010-4760 (Open Ticket Request System (OTRS) before 3.0.0-beta6 adds ...)
+ TODO: check
+CVE-2010-4761 (The customer-interface ticket-print dialog in Open Ticket Request ...)
+ TODO: check
+CVE-2010-4762 (Cross-site scripting (XSS) vulnerability in the rich-text-editor ...)
+ TODO: check
+CVE-2010-4763 (The ACL-customer-status Ticket Type setting in Open Ticket Request ...)
+ TODO: check
+CVE-2010-4764 (Open Ticket Request System (OTRS) before 2.4.10, and 3.x before 3.0.3, ...)
+ TODO: check
+CVE-2010-4765 (Race condition in the Kernel::System::Main::FileWrite method in Open ...)
+ TODO: check
+CVE-2010-4766 (The AgentTicketForward feature in Open Ticket Request System (OTRS) ...)
+ TODO: check
+CVE-2010-4767 (Open Ticket Request System (OTRS) before 2.3.6 does not properly ...)
+ TODO: check
+CVE-2010-4768 (Open Ticket Request System (OTRS) before 2.3.5 does not properly ...)
+ TODO: check
+CVE-2010-4769 (Directory traversal vulnerability in the Jimtawl (com_jimtawl) ...)
+ TODO: check
+CVE-2010-4770 (SQL injection vulnerability in index.php in CommodityRentals DVD ...)
+ TODO: check
+CVE-2010-4771 (SQL injection vulnerability to viewforum.php in S-CMS 2.5 allows ...)
+ TODO: check
+CVE-2010-4772 (Cross-site scripting (XSS) vulnerability in blocks/lang.php in S-CMS ...)
+ TODO: check
+CVE-2010-4773 (Unspecified vulnerability in Hitachi EUR Form Client before 05-10 -/D ...)
+ TODO: check
+CVE-2010-4774 (SQL injection vulnerability in pdf.php in AuraCMS 1.62 allows remote ...)
+ TODO: check
+CVE-2010-4775 (The Relevant Content module 5.x before 5.x-1.4 and 6.x before 6.x-1.5 ...)
+ TODO: check
+CVE-2010-4776 (SQL injection vulnerability in takefreestart.php in PreProjects Pre ...)
+ TODO: check
+CVE-2011-0001 (Double free vulnerability in the iscsi_rx_handler function ...)
+ TODO: check
+CVE-2011-0002 (libuser before 0.57 uses a cleartext password value of (1) !! or (2) x ...)
+ TODO: check
CVE-2011-0003 (MediaWiki before 1.16.1, when user or site JavaScript or CSS is ...)
TODO: check
CVE-2011-0004 (Multiple cross-site scripting (XSS) vulnerabilities in Piwik before ...)
@@ -95226,118 +95418,118 @@ CVE-2011-0007 (pimd 2.1.5 and possibly earlier versions allows user-assisted loc
TODO: check
CVE-2011-0008 (A certain Fedora patch for parse.c in sudo before 1.7.4p5-1.fc14 on ...)
TODO: check
-CVE-2011-0009
- RESERVED
+CVE-2011-0009 (Best Practical Solutions RT 3.x before 3.8.9rc2 and 4.x before ...)
+ TODO: check
CVE-2011-0010 (check.c in sudo 1.7.x before 1.7.4p5, when a Runas group is ...)
TODO: check
CVE-2011-0011
RESERVED
CVE-2011-0012
RESERVED
-CVE-2011-0013
- RESERVED
-CVE-2011-0014
- RESERVED
+CVE-2011-0013 (Multiple cross-site scripting (XSS) vulnerabilities in the HTML ...)
+ TODO: check
+CVE-2011-0014 (ssl/t1_lib.c in OpenSSL 0.9.8h through 0.9.8q and 1.0.0 through 1.0.0c ...)
+ TODO: check
CVE-2011-0015 (Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha does not ...)
TODO: check
CVE-2011-0016 (Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha does not ...)
TODO: check
-CVE-2011-0017
- RESERVED
-CVE-2011-0018
- RESERVED
-CVE-2011-0019
- RESERVED
-CVE-2011-0020
- RESERVED
-CVE-2011-0021
- RESERVED
-CVE-2011-0022
- RESERVED
+CVE-2011-0017 (The open_log function in log.c in Exim 4.72 and earlier does not check ...)
+ TODO: check
+CVE-2011-0018 (The email function in manage_sql.c in OpenVAS Manager 1.0.x through ...)
+ TODO: check
+CVE-2011-0019 (slapd (aka ns-slapd) in 389 Directory Server 1.2.7.5 (aka Red Hat ...)
+ TODO: check
+CVE-2011-0020 (Heap-based buffer overflow in the pango_ft2_font_render_box_glyph ...)
+ TODO: check
+CVE-2011-0021 (Multiple heap-based buffer overflows in cdg.c in the CDG decoder in ...)
+ TODO: check
+CVE-2011-0022 (The setup scripts in 389 Directory Server 1.2.x (aka Red Hat Directory ...)
+ TODO: check
CVE-2011-0023
RESERVED
CVE-2011-0024
RESERVED
-CVE-2011-0025
- RESERVED
+CVE-2011-0025 (IcedTea 1.7 before 1.7.8, 1.8 before 1.8.5, and 1.9 before 1.9.5 does ...)
+ TODO: check
CVE-2011-0026 (Integer signedness error in the SQLConnectW function in an ODBC API ...)
TODO: check
CVE-2011-0027 (Microsoft Data Access Components (MDAC) 2.8 SP1 and SP2, and Windows ...)
TODO: check
CVE-2011-0028
RESERVED
-CVE-2011-0029
- RESERVED
-CVE-2011-0030
- RESERVED
-CVE-2011-0031
- RESERVED
-CVE-2011-0032
- RESERVED
-CVE-2011-0033
- RESERVED
+CVE-2011-0029 (Untrusted search path vulnerability in the client in Microsoft Remote ...)
+ TODO: check
+CVE-2011-0030 (The Client/Server Run-time Subsystem (CSRSS) in Microsoft Windows XP ...)
+ TODO: check
+CVE-2011-0031 (The (1) JScript 5.8 and (2) VBScript 5.8 scripting engines in ...)
+ TODO: check
+CVE-2011-0032 (Untrusted search path vulnerability in DirectShow in Microsoft Windows ...)
+ TODO: check
+CVE-2011-0033 (The OpenType Compact Font Format (CFF) driver in Microsoft Windows XP ...)
+ TODO: check
CVE-2011-0034
RESERVED
-CVE-2011-0035
- RESERVED
-CVE-2011-0036
- RESERVED
-CVE-2011-0037
- RESERVED
-CVE-2011-0038
- RESERVED
-CVE-2011-0039
- RESERVED
-CVE-2011-0040
- RESERVED
+CVE-2011-0035 (Microsoft Internet Explorer 6, 7, and 8 does not properly handle ...)
+ TODO: check
+CVE-2011-0036 (Microsoft Internet Explorer 6, 7, and 8 does not properly handle ...)
+ TODO: check
+CVE-2011-0037 (Microsoft Malware Protection Engine before 1.1.6603.0, as used in ...)
+ TODO: check
+CVE-2011-0038 (Untrusted search path vulnerability in Microsoft Internet Explorer 8 ...)
+ TODO: check
+CVE-2011-0039 (The Local Security Authority Subsystem Service (LSASS) in Microsoft ...)
+ TODO: check
+CVE-2011-0040 (The server in Microsoft Active Directory on Windows Server 2003 SP2 ...)
+ TODO: check
CVE-2011-0041
RESERVED
-CVE-2011-0042
- RESERVED
-CVE-2011-0043
- RESERVED
+CVE-2011-0042 (SBE.dll in the Stream Buffer Engine in Windows Media Player and ...)
+ TODO: check
+CVE-2011-0043 (Kerberos in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 ...)
+ TODO: check
CVE-2011-0044
RESERVED
-CVE-2011-0045
- RESERVED
-CVE-2011-0046
- RESERVED
-CVE-2011-0047
- RESERVED
-CVE-2011-0048
- RESERVED
-CVE-2011-0049
- RESERVED
-CVE-2011-0050
- RESERVED
-CVE-2011-0051
- RESERVED
+CVE-2011-0045 (The Trace Events functionality in the kernel in Microsoft Windows XP ...)
+ TODO: check
+CVE-2011-0046 (Multiple cross-site request forgery (CSRF) vulnerabilities in Bugzilla ...)
+ TODO: check
+CVE-2011-0047 (Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.2 ...)
+ TODO: check
+CVE-2011-0048 (Bugzilla before 3.2.10, 3.4.x before 3.4.10, 3.6.x before 3.6.4, and ...)
+ TODO: check
+CVE-2011-0049 (Directory traversal vulnerability in the _list_file_get function in ...)
+ TODO: check
+CVE-2011-0050 (Cross-site scripting (XSS) vulnerability in the nonjs interface ...)
+ TODO: check
+CVE-2011-0051 (Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey ...)
+ TODO: check
CVE-2011-0052
RESERVED
-CVE-2011-0053
- RESERVED
-CVE-2011-0054
- RESERVED
-CVE-2011-0055
- RESERVED
-CVE-2011-0056
- RESERVED
-CVE-2011-0057
- RESERVED
-CVE-2011-0058
- RESERVED
-CVE-2011-0059
- RESERVED
+CVE-2011-0053 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+ TODO: check
+CVE-2011-0054 (Buffer overflow in the JavaScript engine in Mozilla Firefox before ...)
+ TODO: check
+CVE-2011-0055 (Use-after-free vulnerability in the JSON.stringify method in ...)
+ TODO: check
+CVE-2011-0056 (Buffer overflow in the JavaScript engine in Mozilla Firefox before ...)
+ TODO: check
+CVE-2011-0057 (Use-after-free vulnerability in the Web Workers implementation in ...)
+ TODO: check
+CVE-2011-0058 (Buffer overflow in Mozilla Firefox before 3.5.17 and 3.6.x before ...)
+ TODO: check
+CVE-2011-0059 (Cross-site request forgery (CSRF) vulnerability in Mozilla Firefox ...)
+ TODO: check
CVE-2011-0060
RESERVED
-CVE-2011-0061
- RESERVED
-CVE-2011-0062
- RESERVED
-CVE-2011-0063
- RESERVED
-CVE-2011-0064
- RESERVED
+CVE-2011-0061 (Buffer overflow in Mozilla Firefox 3.6.x before 3.6.14, Thunderbird ...)
+ TODO: check
+CVE-2011-0062 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+ TODO: check
+CVE-2011-0063 (The _list_file_get function in lib/Majordomo.pm in Majordomo 2 ...)
+ TODO: check
+CVE-2011-0064 (The hb_buffer_ensure function in hb-buffer.c in HarfBuzz, as used in ...)
+ TODO: check
CVE-2011-0065
RESERVED
CVE-2011-0066
@@ -95380,28 +95572,28 @@ CVE-2011-0084
RESERVED
CVE-2011-0085
RESERVED
-CVE-2011-0086
- RESERVED
-CVE-2011-0087
- RESERVED
-CVE-2011-0088
- RESERVED
-CVE-2011-0089
- RESERVED
-CVE-2011-0090
- RESERVED
-CVE-2011-0091
- RESERVED
-CVE-2011-0092
- RESERVED
-CVE-2011-0093
- RESERVED
+CVE-2011-0086 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
+ TODO: check
+CVE-2011-0087 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
+ TODO: check
+CVE-2011-0088 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
+ TODO: check
+CVE-2011-0089 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
+ TODO: check
+CVE-2011-0090 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
+ TODO: check
+CVE-2011-0091 (Kerberos in Microsoft Windows Server 2008 R2 and Windows 7 does not ...)
+ TODO: check
+CVE-2011-0092 (The LZW stream decompression functionality in ORMELEMS.DLL in ...)
+ TODO: check
+CVE-2011-0093 (ELEMENTS.DLL in Microsoft Visio 2002 SP2, 2003 SP3, and 2007 SP2 does ...)
+ TODO: check
CVE-2011-0094
RESERVED
CVE-2011-0095
RESERVED
-CVE-2011-0096
- RESERVED
+CVE-2011-0096 (The MHTML implementation in Microsoft Windows XP SP2 and SP3, Windows ...)
+ TODO: check
CVE-2011-0097
RESERVED
CVE-2011-0098
@@ -95430,174 +95622,174 @@ CVE-2011-0109
RESERVED
CVE-2011-0110
RESERVED
-CVE-2011-0111
- RESERVED
-CVE-2011-0112
- RESERVED
-CVE-2011-0113
- RESERVED
-CVE-2011-0114
- RESERVED
-CVE-2011-0115
- RESERVED
-CVE-2011-0116
- RESERVED
-CVE-2011-0117
- RESERVED
-CVE-2011-0118
- RESERVED
-CVE-2011-0119
- RESERVED
-CVE-2011-0120
- RESERVED
-CVE-2011-0121
- RESERVED
-CVE-2011-0122
- RESERVED
-CVE-2011-0123
- RESERVED
-CVE-2011-0124
- RESERVED
-CVE-2011-0125
- RESERVED
-CVE-2011-0126
- RESERVED
-CVE-2011-0127
- RESERVED
-CVE-2011-0128
- RESERVED
-CVE-2011-0129
- RESERVED
-CVE-2011-0130
- RESERVED
-CVE-2011-0131
- RESERVED
-CVE-2011-0132
- RESERVED
-CVE-2011-0133
- RESERVED
-CVE-2011-0134
- RESERVED
-CVE-2011-0135
- RESERVED
-CVE-2011-0136
- RESERVED
-CVE-2011-0137
- RESERVED
-CVE-2011-0138
- RESERVED
-CVE-2011-0139
- RESERVED
-CVE-2011-0140
- RESERVED
-CVE-2011-0141
- RESERVED
-CVE-2011-0142
- RESERVED
-CVE-2011-0143
- RESERVED
-CVE-2011-0144
- RESERVED
-CVE-2011-0145
- RESERVED
-CVE-2011-0146
- RESERVED
-CVE-2011-0147
- RESERVED
-CVE-2011-0148
- RESERVED
-CVE-2011-0149
- RESERVED
-CVE-2011-0150
- RESERVED
-CVE-2011-0151
- RESERVED
-CVE-2011-0152
- RESERVED
-CVE-2011-0153
- RESERVED
-CVE-2011-0154
- RESERVED
-CVE-2011-0155
- RESERVED
-CVE-2011-0156
- RESERVED
-CVE-2011-0157
- RESERVED
-CVE-2011-0158
- RESERVED
-CVE-2011-0159
- RESERVED
-CVE-2011-0160
- RESERVED
-CVE-2011-0161
- RESERVED
-CVE-2011-0162
- RESERVED
-CVE-2011-0163
- RESERVED
-CVE-2011-0164
- RESERVED
-CVE-2011-0165
- RESERVED
-CVE-2011-0166
- RESERVED
-CVE-2011-0167
- RESERVED
-CVE-2011-0168
- RESERVED
-CVE-2011-0169
- RESERVED
-CVE-2011-0170
- RESERVED
+CVE-2011-0111 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+ TODO: check
+CVE-2011-0112 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+ TODO: check
+CVE-2011-0113 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+ TODO: check
+CVE-2011-0114 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+ TODO: check
+CVE-2011-0115 (The DOM level 2 implementation in WebKit, as used in Apple iTunes ...)
+ TODO: check
+CVE-2011-0116 (Use-after-free vulnerability in the setOuterText method in the ...)
+ TODO: check
+CVE-2011-0117 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+ TODO: check
+CVE-2011-0118 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+ TODO: check
+CVE-2011-0119 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+ TODO: check
+CVE-2011-0120 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+ TODO: check
+CVE-2011-0121 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+ TODO: check
+CVE-2011-0122 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+ TODO: check
+CVE-2011-0123 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+ TODO: check
+CVE-2011-0124 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+ TODO: check
+CVE-2011-0125 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+ TODO: check
+CVE-2011-0126 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+ TODO: check
+CVE-2011-0127 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+ TODO: check
+CVE-2011-0128 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+ TODO: check
+CVE-2011-0129 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+ TODO: check
+CVE-2011-0130 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+ TODO: check
+CVE-2011-0131 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+ TODO: check
+CVE-2011-0132 (Use-after-free vulnerability in the Runin box functionality in the ...)
+ TODO: check
+CVE-2011-0133 (WebKit, as used in Apple iTunes before 10.2 on Windows, does not ...)
+ TODO: check
+CVE-2011-0134 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+ TODO: check
+CVE-2011-0135 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+ TODO: check
+CVE-2011-0136 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+ TODO: check
+CVE-2011-0137 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+ TODO: check
+CVE-2011-0138 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+ TODO: check
+CVE-2011-0139 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+ TODO: check
+CVE-2011-0140 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+ TODO: check
+CVE-2011-0141 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+ TODO: check
+CVE-2011-0142 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+ TODO: check
+CVE-2011-0143 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+ TODO: check
+CVE-2011-0144 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+ TODO: check
+CVE-2011-0145 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+ TODO: check
+CVE-2011-0146 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+ TODO: check
+CVE-2011-0147 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+ TODO: check
+CVE-2011-0148 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+ TODO: check
+CVE-2011-0149 (WebKit, as used in Apple iTunes before 10.2 on Windows, does not ...)
+ TODO: check
+CVE-2011-0150 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+ TODO: check
+CVE-2011-0151 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+ TODO: check
+CVE-2011-0152 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+ TODO: check
+CVE-2011-0153 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+ TODO: check
+CVE-2011-0154 (WebKit, as used in Apple iTunes before 10.2 on Windows and Apple iOS, ...)
+ TODO: check
+CVE-2011-0155 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+ TODO: check
+CVE-2011-0156 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+ TODO: check
+CVE-2011-0157 (WebKit, as used in Apple iOS before 4.3, allows remote attackers to ...)
+ TODO: check
+CVE-2011-0158 (MobileSafari in Apple iOS before 4.3 does not properly implement ...)
+ TODO: check
+CVE-2011-0159 (The Safari Settings feature in Safari in Apple iOS 4.x before 4.3 does ...)
+ TODO: check
+CVE-2011-0160 (WebKit, as used in Apple Safari before 5.0.4 and iOS before 4.3, does ...)
+ TODO: check
+CVE-2011-0161 (WebKit, as used in Apple Safari before 5.0.4 and iOS before 4.3, does ...)
+ TODO: check
+CVE-2011-0162 (Wi-Fi in Apple iOS before 4.3 and Apple TV before 4.2 does not ...)
+ TODO: check
+CVE-2011-0163 (WebKit, as used in Apple Safari before 5.0.4 and iOS before 4.3, does ...)
+ TODO: check
+CVE-2011-0164 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+ TODO: check
+CVE-2011-0165 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+ TODO: check
+CVE-2011-0166 (The HTML5 drag and drop functionality in WebKit in Apple Safari before ...)
+ TODO: check
+CVE-2011-0167 (The windows functionality in WebKit in Apple Safari before 5.0.4 ...)
+ TODO: check
+CVE-2011-0168 (WebKit, as used in Apple iTunes before 10.2 on Windows, allows ...)
+ TODO: check
+CVE-2011-0169 (WebKit in Apple Safari before 5.0.4, when the Web Inspector is used, ...)
+ TODO: check
+CVE-2011-0170 (Heap-based buffer overflow in ImageIO in CoreGraphics in Apple iTunes ...)
+ TODO: check
CVE-2011-0171
RESERVED
-CVE-2011-0172
- RESERVED
-CVE-2011-0173
- RESERVED
-CVE-2011-0174
- RESERVED
-CVE-2011-0175
- RESERVED
-CVE-2011-0176
- RESERVED
-CVE-2011-0177
- RESERVED
-CVE-2011-0178
- RESERVED
-CVE-2011-0179
- RESERVED
-CVE-2011-0180
- RESERVED
-CVE-2011-0181
- RESERVED
-CVE-2011-0182
- RESERVED
-CVE-2011-0183
- RESERVED
-CVE-2011-0184
- RESERVED
+CVE-2011-0172 (AirPort in Apple Mac OS X 10.6 before 10.6.7 allows remote attackers ...)
+ TODO: check
+CVE-2011-0173 (Multiple format string vulnerabilities in AppleScript in Apple Mac OS ...)
+ TODO: check
+CVE-2011-0174 (Heap-based buffer overflow in Apple Type Services (ATS) in Apple Mac ...)
+ TODO: check
+CVE-2011-0175 (Multiple buffer overflows in Apple Type Services (ATS) in Apple Mac OS ...)
+ TODO: check
+CVE-2011-0176 (Multiple buffer overflows in Apple Type Services (ATS) in Apple Mac OS ...)
+ TODO: check
+CVE-2011-0177 (Multiple buffer overflows in Apple Type Services (ATS) in Apple Mac OS ...)
+ TODO: check
+CVE-2011-0178 (The FSFindFolder API in CarbonCore in Apple Mac OS X before 10.6.7 ...)
+ TODO: check
+CVE-2011-0179 (CoreText in Apple Mac OS X before 10.6.7 allows remote attackers to ...)
+ TODO: check
+CVE-2011-0180 (Integer overflow in HFS in Apple Mac OS X before 10.6.7 allows local ...)
+ TODO: check
+CVE-2011-0181 (Integer overflow in ImageIO in Apple Mac OS X before 10.6.7 allows ...)
+ TODO: check
+CVE-2011-0182 (The i386_set_ldt system call in the kernel in Apple Mac OS X before ...)
+ TODO: check
+CVE-2011-0183 (Libinfo in Apple Mac OS X before 10.6.7 does not properly handle an ...)
+ TODO: check
+CVE-2011-0184 (QuickLook in Apple Mac OS X 10.6 before 10.6.7 allows remote attackers ...)
+ TODO: check
CVE-2011-0185
RESERVED
-CVE-2011-0186
- RESERVED
-CVE-2011-0187
- RESERVED
-CVE-2011-0188
- RESERVED
-CVE-2011-0189
- RESERVED
-CVE-2011-0190
- RESERVED
-CVE-2011-0191
- RESERVED
-CVE-2011-0192
- RESERVED
-CVE-2011-0193
- RESERVED
-CVE-2011-0194
- RESERVED
+CVE-2011-0186 (QuickTime in Apple Mac OS X before 10.6.7 allows remote attackers to ...)
+ TODO: check
+CVE-2011-0187 (The plug-in in QuickTime in Apple Mac OS X before 10.6.7 allows remote ...)
+ TODO: check
+CVE-2011-0188 (The VpMemAlloc function in bigdecimal.c in the BigDecimal class in ...)
+ TODO: check
+CVE-2011-0189 (The default configuration of Terminal in Apple Mac OS X 10.6 before ...)
+ TODO: check
+CVE-2011-0190 (Install Helper in Installer in Apple Mac OS X before 10.6.7 does not ...)
+ TODO: check
+CVE-2011-0191 (Buffer overflow in LibTIFF in ImageIO in Apple iTunes before 10.2 on ...)
+ TODO: check
+CVE-2011-0192 (Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other ...)
+ TODO: check
+CVE-2011-0193 (Multiple buffer overflows in Image RAW in Apple Mac OS X before 10.6.7 ...)
+ TODO: check
+CVE-2011-0194 (Integer overflow in ImageIO in Apple Mac OS X 10.6 before 10.6.7 ...)
+ TODO: check
CVE-2011-0195
RESERVED
CVE-2011-0196
@@ -95754,30 +95946,30 @@ CVE-2011-0271 (The CGI scripts in HP OpenView Network Node Manager (OV NNM) 7.51
TODO: check
CVE-2011-0272 (Unspecified vulnerability in HP LoadRunner 9.52 allows remote ...)
TODO: check
-CVE-2011-0273
- RESERVED
-CVE-2011-0274
- RESERVED
-CVE-2011-0275
- RESERVED
-CVE-2011-0276
- RESERVED
-CVE-2011-0277
- RESERVED
-CVE-2011-0278
- RESERVED
-CVE-2011-0279
- RESERVED
-CVE-2011-0280
- RESERVED
-CVE-2011-0281
- RESERVED
-CVE-2011-0282
- RESERVED
-CVE-2011-0283
- RESERVED
-CVE-2011-0284
- RESERVED
+CVE-2011-0273 (Buffer overflow in crs.exe in HP OpenView Storage Data Protector Cell ...)
+ TODO: check
+CVE-2011-0274 (Cross-site scripting (XSS) vulnerability in HP Business Availability ...)
+ TODO: check
+CVE-2011-0275 (Unspecified vulnerability in HP OpenView Storage Data Protector 6.0, ...)
+ TODO: check
+CVE-2011-0276 (HP OpenView Performance Insight Server 5.2, 5.3, 5.31, 5.4, and 5.41 ...)
+ TODO: check
+CVE-2011-0277 (Cross-site request forgery (CSRF) vulnerability in HP Power Manager ...)
+ TODO: check
+CVE-2011-0278 (Unspecified vulnerability in HP Web Jetadmin 10.2 Service Release 3 ...)
+ TODO: check
+CVE-2011-0279 (HP Multifunction Peripheral (MFP) Digital Sending Software (DSS) ...)
+ TODO: check
+CVE-2011-0280 (Multiple cross-site scripting (XSS) vulnerabilities in HP Power ...)
+ TODO: check
+CVE-2011-0281 (The unparse implementation in the Key Distribution Center (KDC) in MIT ...)
+ TODO: check
+CVE-2011-0282 (The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x ...)
+ TODO: check
+CVE-2011-0283 (The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.9 ...)
+ TODO: check
+CVE-2011-0284 (Double free vulnerability in the prepare_error_as function in ...)
+ TODO: check
CVE-2011-0285
RESERVED
CVE-2011-0286
@@ -95850,14 +96042,14 @@ CVE-2011-0319
RESERVED
CVE-2011-0320
RESERVED
-CVE-2011-0321
- RESERVED
-CVE-2011-0322
- RESERVED
-CVE-2011-0323
- RESERVED
-CVE-2011-0324
- RESERVED
+CVE-2011-0321 (librpc.dll in nsrexecd in EMC NetWorker before 7.5 SP4, 7.5.3.x before ...)
+ TODO: check
+CVE-2011-0322 (Unspecified vulnerability in EMC RSA Access Manager Server 5.5.x, ...)
+ TODO: check
+CVE-2011-0323 (Topaz Systems SigPlus Pro ActiveX Control 3.95, and possibly other ...)
+ TODO: check
+CVE-2011-0324 (Multiple heap-based buffer overflows in Topaz Systems SigPlus Pro ...)
+ TODO: check
CVE-2011-0325
RESERVED
CVE-2011-0326
@@ -95866,14 +96058,14 @@ CVE-2011-0327
RESERVED
CVE-2011-0328
RESERVED
-CVE-2011-0329
- RESERVED
-CVE-2011-0330
- RESERVED
-CVE-2011-0331
- RESERVED
-CVE-2011-0332
- RESERVED
+CVE-2011-0329 (Directory traversal vulnerability in the GetData method in the Dell ...)
+ TODO: check
+CVE-2011-0330 (The Dell DellSystemLite.Scanner ActiveX control in DellSystemLite.ocx ...)
+ TODO: check
+CVE-2011-0331 (Use-after-free vulnerability in the addOSPLext method in the Honeywell ...)
+ TODO: check
+CVE-2011-0332 (Integer overflow in Foxit Reader before 4.3.1.0218 and Foxit Phantom ...)
+ TODO: check
CVE-2011-0333
RESERVED
CVE-2011-0334
@@ -95894,32 +96086,32 @@ CVE-2011-0341
RESERVED
CVE-2011-0342
RESERVED
-CVE-2011-0343
- RESERVED
-CVE-2011-0344
- RESERVED
-CVE-2011-0345
- RESERVED
+CVE-2011-0343 (Balabit syslog-ng 2.0, 3.0, 3.1, 3.2 OSE and PE, when running on ...)
+ TODO: check
+CVE-2011-0344 (Multiple stack-based buffer overflows in unspecified CGI programs in ...)
+ TODO: check
+CVE-2011-0345 (Directory traversal vulnerability in the NMS server in Alcatel-Lucent ...)
+ TODO: check
CVE-2011-0346 (Use-after-free vulnerability in the ReleaseInterface function in ...)
TODO: check
CVE-2011-0347 (Microsoft Internet Explorer on Windows XP allows remote attackers to ...)
TODO: check
-CVE-2011-0348
- RESERVED
-CVE-2011-0349
- RESERVED
-CVE-2011-0350
- RESERVED
+CVE-2011-0348 (Cisco IOS 12.4(11)MD, 12.4(15)MD, 12.4(22)MD, 12.4(24)MD before ...)
+ TODO: check
+CVE-2011-0349 (Unspecified vulnerability in Cisco IOS 12.4(24)MD before 12.4(24)MD2 ...)
+ TODO: check
+CVE-2011-0350 (Unspecified vulnerability in Cisco IOS 12.4(24)MD before 12.4(24)MD2 ...)
+ TODO: check
CVE-2011-0351
RESERVED
-CVE-2011-0352
- RESERVED
+CVE-2011-0352 (Buffer overflow in the web-based management interface on the Cisco ...)
+ TODO: check
CVE-2011-0353
RESERVED
-CVE-2011-0354
- RESERVED
-CVE-2011-0355
- RESERVED
+CVE-2011-0354 (The default configuration of Cisco Tandberg C Series Endpoints, and ...)
+ TODO: check
+CVE-2011-0355 (Cisco Nexus 1000V Virtual Ethernet Module (VEM) 4.0(4) SV1(1) through ...)
+ TODO: check
CVE-2011-0356
RESERVED
CVE-2011-0357
@@ -95936,8 +96128,8 @@ CVE-2011-0362
RESERVED
CVE-2011-0363
RESERVED
-CVE-2011-0364
- RESERVED
+CVE-2011-0364 (The Management Console (webagent.exe) in Cisco Security Agent 5.1, ...)
+ TODO: check
CVE-2011-0365
RESERVED
CVE-2011-0366
@@ -95952,56 +96144,56 @@ CVE-2011-0370
RESERVED
CVE-2011-0371
RESERVED
-CVE-2011-0372
- RESERVED
-CVE-2011-0373
- RESERVED
-CVE-2011-0374
- RESERVED
-CVE-2011-0375
- RESERVED
-CVE-2011-0376
- RESERVED
-CVE-2011-0377
- RESERVED
-CVE-2011-0378
- RESERVED
-CVE-2011-0379
- RESERVED
-CVE-2011-0380
- RESERVED
-CVE-2011-0381
- RESERVED
-CVE-2011-0382
- RESERVED
-CVE-2011-0383
- RESERVED
-CVE-2011-0384
- RESERVED
-CVE-2011-0385
- RESERVED
-CVE-2011-0386
- RESERVED
-CVE-2011-0387
- RESERVED
-CVE-2011-0388
- RESERVED
-CVE-2011-0389
- RESERVED
-CVE-2011-0390
- RESERVED
-CVE-2011-0391
- RESERVED
-CVE-2011-0392
- RESERVED
-CVE-2011-0393
- RESERVED
-CVE-2011-0394
- RESERVED
-CVE-2011-0395
- RESERVED
-CVE-2011-0396
- RESERVED
+CVE-2011-0372 (The CGI implementation on Cisco TelePresence endpoint devices with ...)
+ TODO: check
+CVE-2011-0373 (The CGI implementation on Cisco TelePresence endpoint devices with ...)
+ TODO: check
+CVE-2011-0374 (The CGI implementation on Cisco TelePresence endpoint devices with ...)
+ TODO: check
+CVE-2011-0375 (The CGI implementation on Cisco TelePresence endpoint devices with ...)
+ TODO: check
+CVE-2011-0376 (The TFTP implementation on Cisco TelePresence endpoint devices with ...)
+ TODO: check
+CVE-2011-0377 (Cisco TelePresence endpoint devices with software 1.2.x through 1.6.x ...)
+ TODO: check
+CVE-2011-0378 (The XML-RPC implementation on Cisco TelePresence endpoint devices with ...)
+ TODO: check
+CVE-2011-0379 (Buffer overflow on Cisco Adaptive Security Appliances (ASA) 5500 ...)
+ TODO: check
+CVE-2011-0380 (Cisco TelePresence Manager 1.2.x through 1.6.x allows remote attackers ...)
+ TODO: check
+CVE-2011-0381 (Cisco TelePresence Manager 1.2.x through 1.6.x allows remote attackers ...)
+ TODO: check
+CVE-2011-0382 (The CGI subsystem on Cisco TelePresence Recording Server devices with ...)
+ TODO: check
+CVE-2011-0383 (The Java Servlet framework on Cisco TelePresence Recording Server ...)
+ TODO: check
+CVE-2011-0384 (The Java Servlet framework on Cisco TelePresence Multipoint Switch ...)
+ TODO: check
+CVE-2011-0385 (The administrative web interface on Cisco TelePresence Recording ...)
+ TODO: check
+CVE-2011-0386 (The XML-RPC implementation on Cisco TelePresence Recording Server ...)
+ TODO: check
+CVE-2011-0387 (The administrative web interface on Cisco TelePresence Multipoint ...)
+ TODO: check
+CVE-2011-0388 (Cisco TelePresence Recording Server devices with software 1.6.x and ...)
+ TODO: check
+CVE-2011-0389 (Cisco TelePresence Multipoint Switch (CTMS) devices with software ...)
+ TODO: check
+CVE-2011-0390 (The XML-RPC implementation on Cisco TelePresence Multipoint Switch ...)
+ TODO: check
+CVE-2011-0391 (Cisco TelePresence Recording Server devices with software 1.6.x allow ...)
+ TODO: check
+CVE-2011-0392 (Cisco TelePresence Recording Server devices with software 1.6.x do not ...)
+ TODO: check
+CVE-2011-0393 (Cisco Adaptive Security Appliances (ASA) 5500 series devices with ...)
+ TODO: check
+CVE-2011-0394 (Cisco Adaptive Security Appliances (ASA) 5500 series devices with ...)
+ TODO: check
+CVE-2011-0395 (Cisco Adaptive Security Appliances (ASA) 5500 series devices with ...)
+ TODO: check
+CVE-2011-0396 (Cisco Adaptive Security Appliances (ASA) 5500 series devices with ...)
+ TODO: check
CVE-2011-0397
RESERVED
CVE-2011-0398 (The Piwik_Common::getIP function in Piwik before 1.1 does not properly ...)
@@ -96028,16 +96220,16 @@ CVE-2011-0408 (pngrtran.c in libpng 1.5.x before 1.5.1 allows remote attackers t
TODO: check
CVE-2011-0409
RESERVED
-CVE-2011-0410
- RESERVED
-CVE-2011-0411
- RESERVED
+CVE-2011-0410 (CollabNet ScrumWorks Basic 1.8.4 uses cleartext credentials for ...)
+ TODO: check
+CVE-2011-0411 (The STARTTLS implementation in Postfix 2.4.x before 2.4.16, 2.5.x ...)
+ TODO: check
CVE-2011-0412
RESERVED
-CVE-2011-0413
- RESERVED
-CVE-2011-0414
- RESERVED
+CVE-2011-0413 (The DHCPv6 server in ISC DHCP 4.0.x and 4.1.x before 4.1.2-P1, 4.0-ESV ...)
+ TODO: check
+CVE-2011-0414 (ISC BIND 9.7.1 through 9.7.2-P3, when configured as an authoritative ...)
+ TODO: check
CVE-2011-0415
RESERVED
CVE-2011-0416
@@ -96048,10 +96240,10 @@ CVE-2011-0418
RESERVED
CVE-2011-0419
RESERVED
-CVE-2011-0420
- RESERVED
-CVE-2011-0421
- RESERVED
+CVE-2011-0420 (The grapheme_extract function in the Internationalization extension ...)
+ TODO: check
+CVE-2011-0421 (The _zip_name_locate function in zip_name_locate.c in the Zip ...)
+ TODO: check
CVE-2011-0422
RESERVED
CVE-2011-0423 (The PolyVision RoomWizard with firmware 3.2.3 has a default password ...)
@@ -96068,62 +96260,62 @@ CVE-2011-0428
RESERVED
CVE-2011-0429
RESERVED
-CVE-2011-0430
- RESERVED
-CVE-2011-0431
- RESERVED
-CVE-2011-0432
- RESERVED
+CVE-2011-0430 (Double free vulnerability in the Rx server process in OpenAFS 1.4.14, ...)
+ TODO: check
+CVE-2011-0431 (The afs_linux_lock function in afs/LINUX/osi_vnodeops.c in the kernel ...)
+ TODO: check
+CVE-2011-0432 (Multiple SQL injection vulnerabilities in the get_userinfo method in ...)
+ TODO: check
CVE-2011-0433
RESERVED
-CVE-2011-0434
- RESERVED
-CVE-2011-0435
- RESERVED
-CVE-2011-0436
- RESERVED
-CVE-2011-0437
- RESERVED
-CVE-2011-0438
- RESERVED
+CVE-2011-0434 (Multiple SQL injection vulnerabilities in Domain Technologie Control ...)
+ TODO: check
+CVE-2011-0435 (Domain Technologie Control (DTC) before 0.32.9 does not require ...)
+ TODO: check
+CVE-2011-0436 (The register_user function in client/new_account_form.php in Domain ...)
+ TODO: check
+CVE-2011-0437 (shared/inc/sql/ssh.php in the SSH accounts management implementation ...)
+ TODO: check
+CVE-2011-0438 (nslcd/pam.c in nss-pam-ldapd 0.8.0 PAM module returns a success code ...)
+ TODO: check
CVE-2011-0439
RESERVED
CVE-2011-0440
RESERVED
CVE-2011-0441
RESERVED
-CVE-2011-0442
- RESERVED
+CVE-2011-0442 (The service utility in EMC Avamar 5.x before 5.0.4 uses cleartext to ...)
+ TODO: check
CVE-2011-0443 (SQL injection vulnerability in inc/tinybb-settings.php in tinyBB 1.2, ...)
TODO: check
CVE-2011-0444 (Buffer overflow in the MAC-LTE dissector ...)
TODO: check
CVE-2011-0445 (The ASN.1 BER dissector in Wireshark 1.4.0 through 1.4.2 allows remote ...)
TODO: check
-CVE-2011-0446
- RESERVED
-CVE-2011-0447
- RESERVED
-CVE-2011-0448
- RESERVED
-CVE-2011-0449
- RESERVED
-CVE-2011-0450
- RESERVED
-CVE-2011-0451
- RESERVED
-CVE-2011-0452
- RESERVED
-CVE-2011-0453
- RESERVED
-CVE-2011-0454
- RESERVED
-CVE-2011-0455
- RESERVED
-CVE-2011-0456
- RESERVED
-CVE-2011-0457
- RESERVED
+CVE-2011-0446 (Multiple cross-site scripting (XSS) vulnerabilities in the mail_to ...)
+ TODO: check
+CVE-2011-0447 (Ruby on Rails 2.1.x, 2.2.x, and 2.3.x before 2.3.11, and 3.x before ...)
+ TODO: check
+CVE-2011-0448 (Ruby on Rails 3.0.x before 3.0.4 does not ensure that arguments to the ...)
+ TODO: check
+CVE-2011-0449 (actionpack/lib/action_view/template/resolver.rb in Ruby on Rails 3.0.x ...)
+ TODO: check
+CVE-2011-0450 (The downloads manager in Opera before 11.01 on Windows does not ...)
+ TODO: check
+CVE-2011-0451 (Multiple cross-site scripting (XSS) vulnerabilities in (1) ...)
+ TODO: check
+CVE-2011-0452 (Untrusted search path vulnerability in the script function in ...)
+ TODO: check
+CVE-2011-0453 (F-Secure Internet Gatekeeper for Linux 3.x before 3.03 does not ...)
+ TODO: check
+CVE-2011-0454 (Buffer overflow in the PPP Access Concentrator (PPPAC) on the SEIL/x86 ...)
+ TODO: check
+CVE-2011-0455 (Cross-site scripting (XSS) vulnerability in Things BBS before 2.0.3 ...)
+ TODO: check
+CVE-2011-0456 (Open Ticket Request System (OTRS) 2.3.4 and earlier allows remote ...)
+ TODO: check
+CVE-2011-0457 (Cross-site scripting (XSS) vulnerability in e107 0.7.22 and earlier ...)
+ TODO: check
CVE-2011-0458
RESERVED
CVE-2011-0459
@@ -96136,8 +96328,8 @@ CVE-2011-0462
RESERVED
CVE-2011-0463
RESERVED
-CVE-2011-0464
- RESERVED
+CVE-2011-0464 (Unspecified vulnerability in Novell Vibe OnPrem 3.0 before Hot Patch 1 ...)
+ TODO: check
CVE-2011-0465
RESERVED
CVE-2011-0466
@@ -96168,7 +96360,7 @@ CVE-2011-0478 (Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344
TODO: check
CVE-2011-0479 (Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do ...)
TODO: check
-CVE-2011-0480 (Multiple buffer overflows in the Vorbis decoder in Google Chrome ...)
+CVE-2011-0480 (Multiple buffer overflows in vorbis_dec.c in the Vorbis decoder in ...)
TODO: check
CVE-2011-0481 (Buffer overflow in Google Chrome before 8.0.552.237 and Chrome OS ...)
TODO: check
@@ -96214,7 +96406,7 @@ CVE-2011-0501 (Stack-based buffer overflow in Music Animation Machine MIDI Playe
TODO: check
CVE-2011-0502 (Music Animation Machine MIDI Player 2006aug19 Release 035 and possibly ...)
TODO: check
-CVE-2011-0503 (Cross-site request forgery (CSRF) vulnerability in VaM Shop 1.6, 1.6.1, ...)
+CVE-2011-0503 (Cross-site request forgery (CSRF) vulnerability in VaM Shop 1.6, ...)
TODO: check
CVE-2011-0504 (Multiple cross-site scripting (XSS) vulnerabilities in VaM Shop 1.6, ...)
TODO: check
@@ -96248,3 +96440,2005 @@ CVE-2011-0518 (Directory traversal vulnerability in core/lib/router.php in Lotus
TODO: check
CVE-2011-0519 (SQL injection vulnerability in gallery.php in Gallarific PHP Photo ...)
TODO: check
+CVE-2011-0520 (The compress_add_dlabel_points function in dns/Compress.c in MaraDNS ...)
+ TODO: check
+CVE-2011-0521 (The dvb_ca_ioctl function in drivers/media/dvb/ttpci/av7110_ca.c in ...)
+ TODO: check
+CVE-2011-0522 (The StripTags function in (1) the USF decoder ...)
+ TODO: check
+CVE-2011-0523
+ RESERVED
+CVE-2011-0524
+ RESERVED
+CVE-2011-0525
+ RESERVED
+CVE-2011-0526 (Cross-site scripting (XSS) vulnerability in index.php in Vanilla ...)
+ TODO: check
+CVE-2011-0527
+ RESERVED
+CVE-2011-0528
+ RESERVED
+CVE-2011-0529
+ RESERVED
+CVE-2011-0530 (Buffer overflow in the mainloop function in nbd-server.c in the server ...)
+ TODO: check
+CVE-2011-0531 (demux/mkv/mkv.hpp in the MKV demuxer plugin in VideoLAN VLC media ...)
+ TODO: check
+CVE-2011-0532 (The (1) backup and restore scripts, (2) main initialization script, ...)
+ TODO: check
+CVE-2011-0533 (Cross-site scripting (XSS) vulnerability in Apache Continuum 1.1 ...)
+ TODO: check
+CVE-2011-0534 (Apache Tomcat 7.0.0 through 7.0.6 and 6.0.0 through 6.0.30 does not ...)
+ TODO: check
+CVE-2011-0535 (Cross-site request forgery (CSRF) vulnerability in the Users module in ...)
+ TODO: check
+CVE-2011-0536
+ RESERVED
+CVE-2011-0537 (Multiple directory traversal vulnerabilities in (1) ...)
+ TODO: check
+CVE-2011-0538 (Wireshark 1.2.0 through 1.2.14, 1.4.0 through 1.4.3, and 1.5.0 frees ...)
+ TODO: check
+CVE-2011-0539 (The key_certify function in usr.bin/ssh/key.c in OpenSSH 5.6 and 5.7, ...)
+ TODO: check
+CVE-2011-0540
+ RESERVED
+CVE-2011-0541
+ RESERVED
+CVE-2011-0542
+ RESERVED
+CVE-2011-0543
+ RESERVED
+CVE-2011-0544
+ RESERVED
+CVE-2011-0545
+ RESERVED
+CVE-2011-0546
+ RESERVED
+CVE-2011-0547
+ RESERVED
+CVE-2011-0548
+ RESERVED
+CVE-2011-0549
+ RESERVED
+CVE-2011-0550
+ RESERVED
+CVE-2011-0551
+ RESERVED
+CVE-2011-0552
+ RESERVED
+CVE-2011-0553
+ RESERVED
+CVE-2011-0554
+ RESERVED
+CVE-2011-0555 (The TextXtra.x32 module in Adobe Shockwave Player before 11.5.9.620 ...)
+ TODO: check
+CVE-2011-0556 (The Font Xtra.x32 module in Adobe Shockwave Player before 11.5.9.620 ...)
+ TODO: check
+CVE-2011-0557 (Integer overflow in Adobe Shockwave Player before 11.5.9.620 allows ...)
+ TODO: check
+CVE-2011-0558 (Integer overflow in Adobe Flash Player before 10.2.152.26 allows ...)
+ TODO: check
+CVE-2011-0559 (Adobe Flash Player before 10.2.152.26 allows attackers to execute ...)
+ TODO: check
+CVE-2011-0560 (Adobe Flash Player before 10.2.152.26 allows attackers to execute ...)
+ TODO: check
+CVE-2011-0561 (Adobe Flash Player before 10.2.152.26 allows attackers to execute ...)
+ TODO: check
+CVE-2011-0562 (Untrusted search path vulnerability in Adobe Reader and Acrobat 10.x ...)
+ TODO: check
+CVE-2011-0563 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x ...)
+ TODO: check
+CVE-2011-0564 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x ...)
+ TODO: check
+CVE-2011-0565 (Unspecified vulnerability in Adobe Reader and Acrobat 10.x before ...)
+ TODO: check
+CVE-2011-0566 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x ...)
+ TODO: check
+CVE-2011-0567 (AcroRd32.dll in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x ...)
+ TODO: check
+CVE-2011-0568 (Unspecified vulnerability in Adobe Reader and Acrobat 10.x before ...)
+ TODO: check
+CVE-2011-0569 (The Font Xtra.x32 module in Adobe Shockwave Player before 11.5.9.620 ...)
+ TODO: check
+CVE-2011-0570 (Untrusted search path vulnerability in Adobe Reader and Acrobat 10.x ...)
+ TODO: check
+CVE-2011-0571 (Adobe Flash Player before 10.2.152.26 allows attackers to execute ...)
+ TODO: check
+CVE-2011-0572 (Adobe Flash Player before 10.2.152.26 allows attackers to execute ...)
+ TODO: check
+CVE-2011-0573 (Adobe Flash Player before 10.2.152.26 allows attackers to execute ...)
+ TODO: check
+CVE-2011-0574 (Adobe Flash Player before 10.2.152.26 allows attackers to execute ...)
+ TODO: check
+CVE-2011-0575 (Untrusted search path vulnerability in Adobe Flash Player before ...)
+ TODO: check
+CVE-2011-0576
+ RESERVED
+CVE-2011-0577 (Unspecified vulnerability in Adobe Flash Player before 10.2.152.26 ...)
+ TODO: check
+CVE-2011-0578 (Adobe Flash Player before 10.2.152.26 allows attackers to execute ...)
+ TODO: check
+CVE-2011-0579
+ RESERVED
+CVE-2011-0580 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+ TODO: check
+CVE-2011-0581 (Multiple CRLF injection vulnerabilities in Adobe ColdFusion 8.0 ...)
+ TODO: check
+CVE-2011-0582 (Unspecified vulnerability in the administrator console in Adobe ...)
+ TODO: check
+CVE-2011-0583 (Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 8.0 ...)
+ TODO: check
+CVE-2011-0584 (Session fixation vulnerability in Adobe ColdFusion 8.0 through 9.0.1 ...)
+ TODO: check
+CVE-2011-0585 (Unspecified vulnerability in Adobe Reader and Acrobat 10.x before ...)
+ TODO: check
+CVE-2011-0586 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x ...)
+ TODO: check
+CVE-2011-0587 (Cross-site scripting (XSS) vulnerability in Adobe Reader and Acrobat ...)
+ TODO: check
+CVE-2011-0588 (Untrusted search path vulnerability in Adobe Reader and Acrobat 10.x ...)
+ TODO: check
+CVE-2011-0589 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x ...)
+ TODO: check
+CVE-2011-0590 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x ...)
+ TODO: check
+CVE-2011-0591 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x ...)
+ TODO: check
+CVE-2011-0592 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x ...)
+ TODO: check
+CVE-2011-0593 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x ...)
+ TODO: check
+CVE-2011-0594 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x ...)
+ TODO: check
+CVE-2011-0595 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x ...)
+ TODO: check
+CVE-2011-0596 (The Bitmap parsing component in 2d.dll in Adobe Reader and Acrobat ...)
+ TODO: check
+CVE-2011-0597
+ RESERVED
+CVE-2011-0598 (Integer overflow in ACE.dll in Adobe Reader and Acrobat 10.x before ...)
+ TODO: check
+CVE-2011-0599 (The Bitmap parsing component in rt3d.dll in Adobe Reader and Acrobat ...)
+ TODO: check
+CVE-2011-0600 (The U3D component in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x ...)
+ TODO: check
+CVE-2011-0601
+ RESERVED
+CVE-2011-0602 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x ...)
+ TODO: check
+CVE-2011-0603 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x ...)
+ TODO: check
+CVE-2011-0604 (Cross-site scripting (XSS) vulnerability in Adobe Reader and Acrobat ...)
+ TODO: check
+CVE-2011-0605 (Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x ...)
+ TODO: check
+CVE-2011-0606 (Stack-based buffer overflow in rt3d.dll in Adobe Reader and Acrobat ...)
+ TODO: check
+CVE-2011-0607 (Adobe Flash Player before 10.2.152.26 allows attackers to execute ...)
+ TODO: check
+CVE-2011-0608 (Adobe Flash Player before 10.2.152.26 allows attackers to execute ...)
+ TODO: check
+CVE-2011-0609 (Unspecified vulnerability in Adobe Flash Player 10.2.154.13 and ...)
+ TODO: check
+CVE-2011-0610
+ RESERVED
+CVE-2011-0611
+ RESERVED
+CVE-2011-0612
+ RESERVED
+CVE-2011-0613
+ RESERVED
+CVE-2011-0614
+ RESERVED
+CVE-2011-0615
+ RESERVED
+CVE-2011-0616
+ RESERVED
+CVE-2011-0617
+ RESERVED
+CVE-2011-0618
+ RESERVED
+CVE-2011-0619
+ RESERVED
+CVE-2011-0620
+ RESERVED
+CVE-2011-0621
+ RESERVED
+CVE-2011-0622
+ RESERVED
+CVE-2011-0623
+ RESERVED
+CVE-2011-0624
+ RESERVED
+CVE-2011-0625
+ RESERVED
+CVE-2011-0626
+ RESERVED
+CVE-2011-0627
+ RESERVED
+CVE-2011-0628
+ RESERVED
+CVE-2011-0629
+ RESERVED
+CVE-2011-0630
+ RESERVED
+CVE-2011-0631
+ RESERVED
+CVE-2011-0632
+ RESERVED
+CVE-2011-0633
+ RESERVED
+CVE-2011-0634
+ REJECTED
+ TODO: check
+CVE-2011-0635 (Static code injection vulnerability in Simploo CMS 1.7.1 and earlier ...)
+ TODO: check
+CVE-2011-0636 (The (1) cudaHostAlloc and (2) cuMemHostAlloc functions in the NVIDIA ...)
+ TODO: check
+CVE-2011-0637 (The FC SCSI protocol driver in IBM AIX 6.1 does not verify that a ...)
+ TODO: check
+CVE-2011-0638 (Microsoft Windows does not properly warn the user before enabling ...)
+ TODO: check
+CVE-2011-0639 (Apple Mac OS X does not properly warn the user before enabling ...)
+ TODO: check
+CVE-2011-0640 (The default configuration of udev on Linux does not warn the user ...)
+ TODO: check
+CVE-2011-0641 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+ TODO: check
+CVE-2011-0642 (Cross-site request forgery (CSRF) vulnerability in news/admin.php in ...)
+ TODO: check
+CVE-2011-0643 (Cross-site request forgery (CSRF) vulnerability in ...)
+ TODO: check
+CVE-2011-0644 (SQL injection vulnerability in include/admin/model_field.class.php in ...)
+ TODO: check
+CVE-2011-0645 (SQL injection vulnerability in data.php in PHPCMS 2008 V2 allows ...)
+ TODO: check
+CVE-2011-0646 (SQL injection vulnerability in viewfaqs.php in PHP LOW BIDS allows ...)
+ TODO: check
+CVE-2011-0647 (The irccd.exe service in EMC Replication Manager Client before 5.3 and ...)
+ TODO: check
+CVE-2011-0648 (Unspecified vulnerability in EMC Avamar before 5.0.4-30 allows remote ...)
+ TODO: check
+CVE-2011-0649 (Multiple unspecified vulnerabilities in TIBCO Rendezvous 8.2.1 through ...)
+ TODO: check
+CVE-2011-0650 (Cross-site request forgery (CSRF) vulnerability in Greenbone Security ...)
+ TODO: check
+CVE-2011-0651 (Buffer overflow in the key exchange functionality in Icon Labs ...)
+ TODO: check
+CVE-2011-0652 (lnsfw1.sys 6.0.2900.5512 in Look 'n' Stop Firewall 2.06p4 and 2.07 ...)
+ TODO: check
+CVE-2011-0653
+ RESERVED
+CVE-2011-0654 (Integer underflow in the BowserWriteErrorLogEntry function in the ...)
+ TODO: check
+CVE-2011-0655
+ RESERVED
+CVE-2011-0656
+ RESERVED
+CVE-2011-0657
+ RESERVED
+CVE-2011-0658
+ RESERVED
+CVE-2011-0659
+ RESERVED
+CVE-2011-0660
+ RESERVED
+CVE-2011-0661
+ RESERVED
+CVE-2011-0662
+ RESERVED
+CVE-2011-0663
+ RESERVED
+CVE-2011-0664
+ RESERVED
+CVE-2011-0665
+ RESERVED
+CVE-2011-0666
+ RESERVED
+CVE-2011-0667
+ RESERVED
+CVE-2011-0668
+ RESERVED
+CVE-2011-0669
+ RESERVED
+CVE-2011-0670
+ RESERVED
+CVE-2011-0671
+ RESERVED
+CVE-2011-0672
+ RESERVED
+CVE-2011-0673
+ RESERVED
+CVE-2011-0674
+ RESERVED
+CVE-2011-0675
+ RESERVED
+CVE-2011-0676
+ RESERVED
+CVE-2011-0677
+ RESERVED
+CVE-2011-0678 (Unrestricted file upload vulnerability in the EasyEdit module in ...)
+ TODO: check
+CVE-2011-0679 (IBM WebSphere Portal 6.0.1.1 through 7.0.0.0, as used in IBM Lotus Web ...)
+ TODO: check
+CVE-2011-0680 (data/WorkingMessage.java in the Mms application in Android before ...)
+ TODO: check
+CVE-2011-0681 (The Cascading Style Sheets (CSS) Extensions for XML implementation in ...)
+ TODO: check
+CVE-2011-0682 (Integer truncation error in opera.dll in Opera before 11.01 allows ...)
+ TODO: check
+CVE-2011-0683 (Opera before 11.01 does not properly restrict the use of opera: URLs, ...)
+ TODO: check
+CVE-2011-0684 (Opera before 11.01 does not properly handle redirections and ...)
+ TODO: check
+CVE-2011-0685 (The Delete Private Data feature in Opera before 11.01 does not ...)
+ TODO: check
+CVE-2011-0686 (Unspecified vulnerability in Opera before 11.01 allows remote ...)
+ TODO: check
+CVE-2011-0687 (Opera before 11.01 does not properly implement Wireless Application ...)
+ TODO: check
+CVE-2011-0688 (Intel Alert Management System (aka AMS or AMS2), as used in Symantec ...)
+ TODO: check
+CVE-2011-0689
+ RESERVED
+CVE-2011-0690
+ RESERVED
+CVE-2011-0691
+ RESERVED
+CVE-2011-0692
+ RESERVED
+CVE-2011-0693
+ RESERVED
+CVE-2011-0694 (RealNetworks RealPlayer 11.0 through 11.1, SP 1.0 through 1.1.5, and ...)
+ TODO: check
+CVE-2011-0695 (Race condition in the cm_work_handler function in the InfiniBand ...)
+ TODO: check
+CVE-2011-0696 (Django 1.1.x before 1.1.4 and 1.2.x before 1.2.5 does not properly ...)
+ TODO: check
+CVE-2011-0697 (Cross-site scripting (XSS) vulnerability in Django 1.1.x before 1.1.4 ...)
+ TODO: check
+CVE-2011-0698 (Directory traversal vulnerability in Django 1.1.x before 1.1.4 and ...)
+ TODO: check
+CVE-2011-0699
+ RESERVED
+CVE-2011-0700 (Multiple cross-site scripting (XSS) vulnerabilities in WordPress ...)
+ TODO: check
+CVE-2011-0701 (wp-admin/async-upload.php in the media uploader in WordPress before ...)
+ TODO: check
+CVE-2011-0702 (The feh_unique_filename function in utils.c in feh before 1.11.2 might ...)
+ TODO: check
+CVE-2011-0703
+ RESERVED
+CVE-2011-0704
+ RESERVED
+CVE-2011-0705
+ RESERVED
+CVE-2011-0706 (The JNLPClassLoader class in IcedTea-Web before 1.0.1, as used in ...)
+ TODO: check
+CVE-2011-0707 (Multiple cross-site scripting (XSS) vulnerabilities in Cgi/confirm.py ...)
+ TODO: check
+CVE-2011-0708 (exif.c in the Exif extension in PHP before 5.3.6 on 64-bit platforms ...)
+ TODO: check
+CVE-2011-0709 (The br_mdb_ip_get function in net/bridge/br_multicast.c in the Linux ...)
+ TODO: check
+CVE-2011-0710 (The task_show_regs function in arch/s390/kernel/traps.c in the Linux ...)
+ TODO: check
+CVE-2011-0711 (The xfs_fs_geometry function in fs/xfs/xfs_fsops.c in the Linux kernel ...)
+ TODO: check
+CVE-2011-0712 (Multiple buffer overflows in the caiaq Native Instruments USB audio ...)
+ TODO: check
+CVE-2011-0713 (Heap-based buffer overflow in wiretap/dct3trace.c in Wireshark 1.2.0 ...)
+ TODO: check
+CVE-2011-0714
+ RESERVED
+CVE-2011-0715 (The mod_dav_svn module for the Apache HTTP Server, as distributed in ...)
+ TODO: check
+CVE-2011-0716
+ RESERVED
+CVE-2011-0717 (Session fixation vulnerability in Red Hat Network (RHN) Satellite ...)
+ TODO: check
+CVE-2011-0718 (Red Hat Network (RHN) Satellite Server 5.4 does not use a time delay ...)
+ TODO: check
+CVE-2011-0719 (Samba 3.x before 3.3.15, 3.4.x before 3.4.12, and 3.5.x before 3.5.7 ...)
+ TODO: check
+CVE-2011-0720 (Unspecified vulnerability in Plone 2.5 through 4.0 allows remote ...)
+ TODO: check
+CVE-2011-0721 (Multiple CRLF injection vulnerabilities in (1) chfn and (2) chsh in ...)
+ TODO: check
+CVE-2011-0722
+ RESERVED
+CVE-2011-0723
+ RESERVED
+CVE-2011-0724 (The Live DVD for Edubuntu 9.10, 10.04 LTS, and 10.10 does not ...)
+ TODO: check
+CVE-2011-0725 (Absolute path traversal vulnerability in the ...)
+ TODO: check
+CVE-2011-0726
+ RESERVED
+CVE-2011-0727
+ RESERVED
+CVE-2011-0728
+ RESERVED
+CVE-2011-0729
+ RESERVED
+CVE-2011-0730
+ RESERVED
+CVE-2011-0731 (Buffer overflow in the DB2 Administration Server (DAS) component in ...)
+ TODO: check
+CVE-2011-0732 (Multiple unspecified vulnerabilities in IBM Tivoli Integrated Portal ...)
+ TODO: check
+CVE-2011-0733 (Cross-site scripting (XSS) vulnerability in Adobe ColdFusion, possibly ...)
+ TODO: check
+CVE-2011-0734 (Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 9.0.1 ...)
+ TODO: check
+CVE-2011-0735 (Cross-site scripting (XSS) vulnerability in Adobe ColdFusion before ...)
+ TODO: check
+CVE-2011-0736 (Adobe ColdFusion 9.0.1 CHF1 and earlier, when a web application is ...)
+ TODO: check
+CVE-2011-0737 (Adobe ColdFusion 9.0.1 CHF1 and earlier allows remote attackers to ...)
+ TODO: check
+CVE-2011-0738 (MyProxy 5.0 through 5.2, as used in Globus Toolkit 5.0.0 through ...)
+ TODO: check
+CVE-2011-0739 (The deliver function in the sendmail delivery agent ...)
+ TODO: check
+CVE-2011-0740 (Cross-site scripting (XSS) vulnerability in ...)
+ TODO: check
+CVE-2011-0741 (Multiple cross-site scripting (XSS) vulnerabilities in ModX Evolution ...)
+ TODO: check
+CVE-2011-0742 (Buffer overflow in ZfHIPCND.exe in Novell ZENworks Handheld Management ...)
+ TODO: check
+CVE-2011-0743
+ RESERVED
+CVE-2011-0744
+ RESERVED
+CVE-2011-0745 (SugarCRM before 6.1.3 does not properly handle reloads and direct ...)
+ TODO: check
+CVE-2011-0746
+ RESERVED
+CVE-2011-0747
+ RESERVED
+CVE-2011-0748
+ RESERVED
+CVE-2011-0749
+ RESERVED
+CVE-2011-0750
+ RESERVED
+CVE-2011-0751 (Directory traversal vulnerability in nhttpd (aka Nostromo webserver) ...)
+ TODO: check
+CVE-2011-0752 (The extract function in PHP before 5.2.15 does not prevent use of the ...)
+ TODO: check
+CVE-2011-0753 (Race condition in the PCNTL extension in PHP before 5.3.4, when a ...)
+ TODO: check
+CVE-2011-0754 (The SplFileInfo::getType function in the Standard PHP Library (SPL) ...)
+ TODO: check
+CVE-2011-0755 (Integer overflow in the mt_rand function in PHP before 5.3.4 might ...)
+ TODO: check
+CVE-2011-0756
+ RESERVED
+CVE-2011-0757 (IBM DB2 9.1 before FP10, 9.5 before FP6a, and 9.7 before FP2 on Linux, ...)
+ TODO: check
+CVE-2011-0758 (The eCS component (ECSQdmn.exe) in CA ETrust Secure Content Manager ...)
+ TODO: check
+CVE-2011-0759 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+ TODO: check
+CVE-2011-0760
+ RESERVED
+CVE-2011-0761
+ RESERVED
+CVE-2011-0762 (The vsf_filename_passes_filter function in ls.c in vsftpd before 2.3.3 ...)
+ TODO: check
+CVE-2011-0763
+ RESERVED
+CVE-2011-0764
+ RESERVED
+CVE-2011-0765
+ RESERVED
+CVE-2011-0766
+ RESERVED
+CVE-2011-0767
+ RESERVED
+CVE-2011-0768
+ RESERVED
+CVE-2011-0769
+ RESERVED
+CVE-2011-0770
+ RESERVED
+CVE-2011-0771 (Janrain Engage (formerly RPX) module 6.x-1.3 for Drupal does not ...)
+ TODO: check
+CVE-2011-0772 (Multiple cross-site scripting (XSS) vulnerabilities in PivotX 2.2.0, ...)
+ TODO: check
+CVE-2011-0773 (Cross-site scripting (XSS) vulnerability in ...)
+ TODO: check
+CVE-2011-0774 (PivotX before 2.2.2 allows remote attackers to obtain sensitive ...)
+ TODO: check
+CVE-2011-0775 (pivotx/modules/module_image.php in PivotX 2.2.2 allows remote ...)
+ TODO: check
+CVE-2011-0776 (The sandbox implementation in Google Chrome before 9.0.597.84 on Mac ...)
+ TODO: check
+CVE-2011-0777 (Use-after-free vulnerability in Google Chrome before 9.0.597.84 allows ...)
+ TODO: check
+CVE-2011-0778 (Google Chrome before 9.0.597.84 does not properly restrict drag and ...)
+ TODO: check
+CVE-2011-0779 (Google Chrome before 9.0.597.84 does not properly handle a missing key ...)
+ TODO: check
+CVE-2011-0780 (The PDF event handler in Google Chrome before 9.0.597.84 does not ...)
+ TODO: check
+CVE-2011-0781 (Google Chrome before 9.0.597.84 does not properly handle autofill ...)
+ TODO: check
+CVE-2011-0782 (Google Chrome before 9.0.597.84 on Mac OS X does not properly mitigate ...)
+ TODO: check
+CVE-2011-0783 (Unspecified vulnerability in Google Chrome before 9.0.597.84 allows ...)
+ TODO: check
+CVE-2011-0784 (Race condition in Google Chrome before 9.0.597.84 allows remote ...)
+ TODO: check
+CVE-2011-0785
+ RESERVED
+CVE-2011-0786
+ RESERVED
+CVE-2011-0787
+ RESERVED
+CVE-2011-0788
+ RESERVED
+CVE-2011-0789
+ RESERVED
+CVE-2011-0790
+ RESERVED
+CVE-2011-0791
+ RESERVED
+CVE-2011-0792
+ RESERVED
+CVE-2011-0793
+ RESERVED
+CVE-2011-0794
+ RESERVED
+CVE-2011-0795
+ RESERVED
+CVE-2011-0796
+ RESERVED
+CVE-2011-0797
+ RESERVED
+CVE-2011-0798
+ RESERVED
+CVE-2011-0799
+ RESERVED
+CVE-2011-0800
+ RESERVED
+CVE-2011-0801
+ RESERVED
+CVE-2011-0802
+ RESERVED
+CVE-2011-0803
+ RESERVED
+CVE-2011-0804
+ RESERVED
+CVE-2011-0805
+ RESERVED
+CVE-2011-0806
+ RESERVED
+CVE-2011-0807
+ RESERVED
+CVE-2011-0808
+ RESERVED
+CVE-2011-0809
+ RESERVED
+CVE-2011-0810
+ RESERVED
+CVE-2011-0811
+ RESERVED
+CVE-2011-0812
+ RESERVED
+CVE-2011-0813
+ RESERVED
+CVE-2011-0814
+ RESERVED
+CVE-2011-0815
+ RESERVED
+CVE-2011-0816
+ RESERVED
+CVE-2011-0817
+ RESERVED
+CVE-2011-0818
+ RESERVED
+CVE-2011-0819
+ RESERVED
+CVE-2011-0820
+ RESERVED
+CVE-2011-0821
+ RESERVED
+CVE-2011-0822
+ RESERVED
+CVE-2011-0823
+ RESERVED
+CVE-2011-0824
+ RESERVED
+CVE-2011-0825
+ RESERVED
+CVE-2011-0826
+ RESERVED
+CVE-2011-0827
+ RESERVED
+CVE-2011-0828
+ RESERVED
+CVE-2011-0829
+ RESERVED
+CVE-2011-0830
+ RESERVED
+CVE-2011-0831
+ RESERVED
+CVE-2011-0832
+ RESERVED
+CVE-2011-0833
+ RESERVED
+CVE-2011-0834
+ RESERVED
+CVE-2011-0835
+ RESERVED
+CVE-2011-0836
+ RESERVED
+CVE-2011-0837
+ RESERVED
+CVE-2011-0838
+ RESERVED
+CVE-2011-0839
+ RESERVED
+CVE-2011-0840
+ RESERVED
+CVE-2011-0841
+ RESERVED
+CVE-2011-0842
+ RESERVED
+CVE-2011-0843
+ RESERVED
+CVE-2011-0844
+ RESERVED
+CVE-2011-0845
+ RESERVED
+CVE-2011-0846
+ RESERVED
+CVE-2011-0847
+ RESERVED
+CVE-2011-0848
+ RESERVED
+CVE-2011-0849
+ RESERVED
+CVE-2011-0850
+ RESERVED
+CVE-2011-0851
+ RESERVED
+CVE-2011-0852
+ RESERVED
+CVE-2011-0853
+ RESERVED
+CVE-2011-0854
+ RESERVED
+CVE-2011-0855
+ RESERVED
+CVE-2011-0856
+ RESERVED
+CVE-2011-0857
+ RESERVED
+CVE-2011-0858
+ RESERVED
+CVE-2011-0859
+ RESERVED
+CVE-2011-0860
+ RESERVED
+CVE-2011-0861
+ RESERVED
+CVE-2011-0862
+ RESERVED
+CVE-2011-0863
+ RESERVED
+CVE-2011-0864
+ RESERVED
+CVE-2011-0865
+ RESERVED
+CVE-2011-0866
+ RESERVED
+CVE-2011-0867
+ RESERVED
+CVE-2011-0868
+ RESERVED
+CVE-2011-0869
+ RESERVED
+CVE-2011-0870
+ RESERVED
+CVE-2011-0871
+ RESERVED
+CVE-2011-0872
+ RESERVED
+CVE-2011-0873
+ RESERVED
+CVE-2011-0874
+ RESERVED
+CVE-2011-0875
+ RESERVED
+CVE-2011-0876
+ RESERVED
+CVE-2011-0877
+ RESERVED
+CVE-2011-0878
+ RESERVED
+CVE-2011-0879
+ RESERVED
+CVE-2011-0880
+ RESERVED
+CVE-2011-0881
+ RESERVED
+CVE-2011-0882
+ RESERVED
+CVE-2011-0883
+ RESERVED
+CVE-2011-0884
+ RESERVED
+CVE-2011-0885 (A certain Comcast Business Gateway configuration of the SMC SMCD3G-CCR ...)
+ TODO: check
+CVE-2011-0886 (Multiple cross-site request forgery (CSRF) vulnerabilities in the web ...)
+ TODO: check
+CVE-2011-0887 (The web management portal on the SMC SMCD3G-CCR (aka Comcast Business ...)
+ TODO: check
+CVE-2011-0888
+ RESERVED
+CVE-2011-0889 (Unspecified vulnerability in HP Client Automation Enterprise (aka HPCA ...)
+ TODO: check
+CVE-2011-0890 (HP Discovery & Dependency Mapping Inventory (DDMI) 7.50, 7.51, 7.60, ...)
+ TODO: check
+CVE-2011-0891
+ RESERVED
+CVE-2011-0892
+ RESERVED
+CVE-2011-0893
+ RESERVED
+CVE-2011-0894
+ RESERVED
+CVE-2011-0895
+ RESERVED
+CVE-2011-0896
+ RESERVED
+CVE-2011-0897
+ RESERVED
+CVE-2011-0898
+ RESERVED
+CVE-2011-0899 (The AES encryption module 7.x-1.4 for Drupal leaves certain debugging ...)
+ TODO: check
+CVE-2011-0900 (Stack-based buffer overflow in the tsc_launch_remote function ...)
+ TODO: check
+CVE-2011-0901 (Multiple stack-based buffer overflows in the tsc_launch_remote ...)
+ TODO: check
+CVE-2011-0902 (Multiple untrusted search path vulnerabilities in the Java Service in ...)
+ TODO: check
+CVE-2011-0903 (Multiple directory traversal vulnerabilities in AR Web Content Manager ...)
+ TODO: check
+CVE-2011-0904
+ RESERVED
+CVE-2011-0905
+ RESERVED
+CVE-2011-0906
+ RESERVED
+CVE-2011-0907
+ RESERVED
+CVE-2011-0908 (Open redirect vulnerability in Vanilla Forums before 2.0.17.6 allows ...)
+ TODO: check
+CVE-2011-0909 (Cross-site scripting (XSS) vulnerability in Vanilla Forums before ...)
+ TODO: check
+CVE-2011-0910 (The cookie implementation in Vanilla Forums before 2.0.17.6 makes it ...)
+ TODO: check
+CVE-2011-0911 (Cross-site scripting (XSS) vulnerability in the Users module in Zikula ...)
+ TODO: check
+CVE-2011-0912 (Argument injection vulnerability in IBM Lotus Notes 8.0.x before 8.0.2 ...)
+ TODO: check
+CVE-2011-0913 (Stack-based buffer overflow in ndiiop.exe in the DIIOP implementation ...)
+ TODO: check
+CVE-2011-0914 (Integer signedness error in ndiiop.exe in the DIIOP implementation in ...)
+ TODO: check
+CVE-2011-0915 (Stack-based buffer overflow in nrouter.exe in IBM Lotus Domino before ...)
+ TODO: check
+CVE-2011-0916 (Stack-based buffer overflow in the SMTP service in IBM Lotus Domino ...)
+ TODO: check
+CVE-2011-0917 (Buffer overflow in nLDAP.exe in IBM Lotus Domino allows remote ...)
+ TODO: check
+CVE-2011-0918 (Stack-based buffer overflow in the NRouter (aka Router) service in IBM ...)
+ TODO: check
+CVE-2011-0919 (Multiple stack-based buffer overflows in the (1) POP3 and (2) IMAP ...)
+ TODO: check
+CVE-2011-0920 (The Remote Console in IBM Lotus Domino, when a certain unsupported ...)
+ TODO: check
+CVE-2011-0921 (crs.exe in the Cell Manager Service in the client in HP Data Protector ...)
+ TODO: check
+CVE-2011-0922 (The client in HP Data Protector allows remote attackers to execute ...)
+ TODO: check
+CVE-2011-0923 (The client in HP Data Protector does not properly validate EXEC_CMD ...)
+ TODO: check
+CVE-2011-0924 (The client in HP Data Protector does not verify the contents of files ...)
+ TODO: check
+CVE-2011-0925 (The CSDWebInstallerCtrl ActiveX control in CSDWebInstaller.ocx in ...)
+ TODO: check
+CVE-2011-0926 (A certain ActiveX control in CSDWebInstaller.ocx in Cisco Secure ...)
+ TODO: check
+CVE-2011-0927
+ RESERVED
+CVE-2011-0928
+ RESERVED
+CVE-2011-0929
+ RESERVED
+CVE-2011-0930
+ RESERVED
+CVE-2011-0931
+ RESERVED
+CVE-2011-0932
+ RESERVED
+CVE-2011-0933
+ RESERVED
+CVE-2011-0934
+ RESERVED
+CVE-2011-0935
+ RESERVED
+CVE-2011-0936
+ RESERVED
+CVE-2011-0937
+ RESERVED
+CVE-2011-0938
+ RESERVED
+CVE-2011-0939
+ RESERVED
+CVE-2011-0940
+ RESERVED
+CVE-2011-0941
+ RESERVED
+CVE-2011-0942
+ RESERVED
+CVE-2011-0943
+ RESERVED
+CVE-2011-0944
+ RESERVED
+CVE-2011-0945
+ RESERVED
+CVE-2011-0946
+ RESERVED
+CVE-2011-0947
+ RESERVED
+CVE-2011-0948
+ RESERVED
+CVE-2011-0949
+ RESERVED
+CVE-2011-0950
+ RESERVED
+CVE-2011-0951
+ RESERVED
+CVE-2011-0952
+ RESERVED
+CVE-2011-0953
+ RESERVED
+CVE-2011-0954
+ RESERVED
+CVE-2011-0955
+ RESERVED
+CVE-2011-0956
+ RESERVED
+CVE-2011-0957
+ RESERVED
+CVE-2011-0958
+ RESERVED
+CVE-2011-0959
+ RESERVED
+CVE-2011-0960
+ RESERVED
+CVE-2011-0961
+ RESERVED
+CVE-2011-0962
+ RESERVED
+CVE-2011-0963
+ RESERVED
+CVE-2011-0964
+ RESERVED
+CVE-2011-0965
+ RESERVED
+CVE-2011-0966
+ RESERVED
+CVE-2011-0967
+ RESERVED
+CVE-2011-0968
+ RESERVED
+CVE-2011-0969
+ RESERVED
+CVE-2011-0970
+ RESERVED
+CVE-2011-0971
+ RESERVED
+CVE-2011-0972
+ RESERVED
+CVE-2011-0973
+ RESERVED
+CVE-2011-0974
+ RESERVED
+CVE-2011-0975 (Stack-based buffer overflow in BMC PATROL Agent Service Daemon for in ...)
+ TODO: check
+CVE-2011-0976 (Microsoft Office PowerPoint 2007 does not properly handle Office Art ...)
+ TODO: check
+CVE-2011-0977 (Use-after-free vulnerability in Microsoft Excel 2007 allows remote ...)
+ TODO: check
+CVE-2011-0978 (Stack-based buffer overflow in Microsoft Office Excel allows remote ...)
+ TODO: check
+CVE-2011-0979 (Microsoft Office Excel does not properly handle errors during the ...)
+ TODO: check
+CVE-2011-0980 (Microsoft Office Excel 2003 does not properly parse Office Art ...)
+ TODO: check
+CVE-2011-0981 (Google Chrome before 9.0.597.94 does not properly perform event ...)
+ TODO: check
+CVE-2011-0982 (Use-after-free vulnerability in Google Chrome before 9.0.597.94 allows ...)
+ TODO: check
+CVE-2011-0983 (Google Chrome before 9.0.597.94 does not properly handle anonymous ...)
+ TODO: check
+CVE-2011-0984 (Google Chrome before 9.0.597.94 does not properly handle plug-ins, ...)
+ TODO: check
+CVE-2011-0985 (Google Chrome before 9.0.597.94 does not properly perform process ...)
+ TODO: check
+CVE-2011-0986 (phpMyAdmin 2.11.x before 2.11.11.2, and 3.3.x before 3.3.9.1, does not ...)
+ TODO: check
+CVE-2011-0987 (The PMA_Bookmark_get function in libraries/bookmark.lib.php in ...)
+ TODO: check
+CVE-2011-0988
+ RESERVED
+CVE-2011-0989
+ RESERVED
+CVE-2011-0990
+ RESERVED
+CVE-2011-0991
+ RESERVED
+CVE-2011-0992
+ RESERVED
+CVE-2011-0993
+ RESERVED
+CVE-2011-0994
+ RESERVED
+CVE-2011-0995
+ RESERVED
+CVE-2011-0996
+ RESERVED
+CVE-2011-0997
+ RESERVED
+CVE-2011-0998
+ RESERVED
+CVE-2011-0999 (mm/huge_memory.c in the Linux kernel before 2.6.38-rc5 does not ...)
+ TODO: check
+CVE-2011-1000 (jingle-factory.c in Telepathy Gabble 0.11 before 0.11.7, 0.10 before ...)
+ TODO: check
+CVE-2011-1001
+ RESERVED
+CVE-2011-1002 (avahi-core/socket.c in avahi-daemon in Avahi before 0.6.29 allows ...)
+ TODO: check
+CVE-2011-1003 (Double free vulnerability in the vba_read_project_strings function in ...)
+ TODO: check
+CVE-2011-1004 (The FileUtils.remove_entry_secure method in Ruby 1.8.6 through ...)
+ TODO: check
+CVE-2011-1005 (The safe-level feature in Ruby 1.8.6 through 1.8.6-420, 1.8.7 through ...)
+ TODO: check
+CVE-2011-1006 (Heap-based buffer overflow in the parse_cgroup_spec function in ...)
+ TODO: check
+CVE-2011-1007 (Best Practical Solutions RT before 3.8.9 does not perform certain ...)
+ TODO: check
+CVE-2011-1008 (Scrips_Overlay.pm in Best Practical Solutions RT before 3.8.9 does not ...)
+ TODO: check
+CVE-2011-1009
+ RESERVED
+CVE-2011-1010 (Buffer overflow in the mac_partition function in fs/partitions/mac.c ...)
+ TODO: check
+CVE-2011-1011 (The seunshare_mount function in sandbox/seunshare.c in seunshare in ...)
+ TODO: check
+CVE-2011-1012 (The ldm_parse_vmdb function in fs/partitions/ldm.c in the Linux kernel ...)
+ TODO: check
+CVE-2011-1013
+ RESERVED
+CVE-2011-1014
+ RESERVED
+CVE-2011-1015
+ RESERVED
+CVE-2011-1016 (The Radeon GPU drivers in the Linux kernel before 2.6.38-rc5 do not ...)
+ TODO: check
+CVE-2011-1017 (Heap-based buffer overflow in the ldm_frag_add function in ...)
+ TODO: check
+CVE-2011-1018 (logwatch.pl in Logwatch 7.3.6 allows remote attackers to execute ...)
+ TODO: check
+CVE-2011-1019
+ RESERVED
+CVE-2011-1020 (The proc filesystem implementation in the Linux kernel 2.6.37 and ...)
+ TODO: check
+CVE-2011-1021
+ RESERVED
+CVE-2011-1022 (The cgre_receive_netlink_msg function in daemon/cgrulesengd.c in ...)
+ TODO: check
+CVE-2011-1023
+ RESERVED
+CVE-2011-1024 (chain.c in back-ldap in OpenLDAP 2.4.x before 2.4.24, when a ...)
+ TODO: check
+CVE-2011-1025 (bind.cpp in back-ndb in OpenLDAP 2.4.x before 2.4.24 does not require ...)
+ TODO: check
+CVE-2011-1026
+ RESERVED
+CVE-2011-1027 (Off-by-one error in the convert_query_hexchar function in html.c in ...)
+ TODO: check
+CVE-2011-1028
+ RESERVED
+CVE-2011-1029 (Cross-site scripting (XSS) vulnerability in IBM Rational Team Concert ...)
+ TODO: check
+CVE-2011-1030 (Cross-site scripting (XSS) vulnerability in the Wikis component in IBM ...)
+ TODO: check
+CVE-2011-1031 (The feh_unique_filename function in utils.c in feh 1.11.2 and earlier ...)
+ TODO: check
+CVE-2011-1032 (IBM Lotus Connections 3.0, when IBM WebSphere Application Server ...)
+ TODO: check
+CVE-2011-1033 (Stack-based buffer overflow in oninit in IBM Informix Dynamic Server ...)
+ TODO: check
+CVE-2011-1034 (Cross-site scripting (XSS) vulnerability in the UI in IBM Rational ...)
+ TODO: check
+CVE-2011-1035 (The password reset in PivotX before 2.2.4 allows remote attackers to ...)
+ TODO: check
+CVE-2011-1036 (The XML Security Database Parser class in the XMLSecDB ActiveX control ...)
+ TODO: check
+CVE-2011-1037
+ RESERVED
+CVE-2011-1038 (Multiple cross-site scripting (XSS) vulnerabilities in stconf.nsf in ...)
+ TODO: check
+CVE-2011-1039
+ RESERVED
+CVE-2011-1040
+ RESERVED
+CVE-2011-1041
+ RESERVED
+CVE-2011-1042 (Use-after-free vulnerability in flimflamd in flimflam in Google Chrome ...)
+ TODO: check
+CVE-2011-1043
+ RESERVED
+CVE-2011-1044 (The ib_uverbs_poll_cq function in drivers/infiniband/core/uverbs_cmd.c ...)
+ TODO: check
+CVE-2011-1045 (Unspecified vulnerability in the Rendition Engine (aka P8RE) 4.0.1 ...)
+ TODO: check
+CVE-2011-1046 (IBM FileNet P8 Content Engine (aka P8CE) 4.0.1 through 5.0.0, as used ...)
+ TODO: check
+CVE-2011-1047 (Multiple SQL injection vulnerabilities in VastHTML Forum Server (aka ...)
+ TODO: check
+CVE-2011-1048 (SQL injection vulnerability in product.php in MihanTools 1.33 allows ...)
+ TODO: check
+CVE-2011-1049 (Buffer overflow in the Mach-O input file loader in Hex-Rays IDA Pro ...)
+ TODO: check
+CVE-2011-1050 (Unspecified vulnerability in Hex-Rays IDA Pro 5.7 and 6.0 has unknown ...)
+ TODO: check
+CVE-2011-1051 (Integer overflow in the COFF/EPOC/EXPLOAD input file loaders in ...)
+ TODO: check
+CVE-2011-1052 (Integer overflow in the PSX/GEOS input file loaders in Hex-Rays IDA ...)
+ TODO: check
+CVE-2011-1053 (Unspecified vulnerability in the Mach-O input file loader in Hex-Rays ...)
+ TODO: check
+CVE-2011-1054 (Unspecified vulnerability in the PEF input file loader in Hex-Rays IDA ...)
+ TODO: check
+CVE-2011-1055 (SQL injection vulnerability in api/ice_media.cfc in Lingxia I.C.E CMS ...)
+ TODO: check
+CVE-2011-1056 (The installer for Metasploit Framework 3.5.1, when running on Windows, ...)
+ TODO: check
+CVE-2011-1057 (The installer for Metasploit Framework 3.5.1, when running on Windows, ...)
+ TODO: check
+CVE-2011-1058 (Cross-site scripting (XSS) vulnerability in the reStructuredText (rst) ...)
+ TODO: check
+CVE-2011-1059 (Use-after-free vulnerability in WebCore in WebKit before r77705, as ...)
+ TODO: check
+CVE-2011-1060 (SQL injection vulnerability in the member function in ...)
+ TODO: check
+CVE-2011-1061 (SQL injection vulnerability in memberlist.php in WSN Guest 1.24 allows ...)
+ TODO: check
+CVE-2011-1062 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+ TODO: check
+CVE-2011-1063 (Multiple cross-site scripting (XSS) vulnerabilities in Cherry-Design ...)
+ TODO: check
+CVE-2011-1064 (SQL injection vulnerability in member/list.php in qibosoft Qi Bo CMS 7 ...)
+ TODO: check
+CVE-2011-1065 (Multiple stack-based buffer overflows in the PIPIWebPlayer ActiveX ...)
+ TODO: check
+CVE-2011-1066 (Cross-site scripting (XSS) vulnerability in the Messaging module ...)
+ TODO: check
+CVE-2011-1067 (slapd (aka ns-slapd) in 389 Directory Server before 1.2.8.a2 does not ...)
+ TODO: check
+CVE-2011-1068 (Microsoft Windows Azure Software Development Kit (SDK) 1.3.x before ...)
+ TODO: check
+CVE-2011-1069
+ RESERVED
+CVE-2011-1070
+ RESERVED
+CVE-2011-1071
+ RESERVED
+CVE-2011-1072 (The installer in PEAR before 1.9.2 allows local users to overwrite ...)
+ TODO: check
+CVE-2011-1073 (crontab.c in crontab in FreeBSD and Apple Mac OS X allows local users ...)
+ TODO: check
+CVE-2011-1074 (crontab.c in crontab in FreeBSD allows local users to determine the ...)
+ TODO: check
+CVE-2011-1075
+ RESERVED
+CVE-2011-1076
+ RESERVED
+CVE-2011-1077
+ RESERVED
+CVE-2011-1078
+ RESERVED
+CVE-2011-1079
+ RESERVED
+CVE-2011-1080
+ RESERVED
+CVE-2011-1081 (modrdn.c in slapd in OpenLDAP 2.4.x before 2.4.24 allows remote ...)
+ TODO: check
+CVE-2011-1082
+ RESERVED
+CVE-2011-1083
+ RESERVED
+CVE-2011-1084
+ RESERVED
+CVE-2011-1085
+ RESERVED
+CVE-2011-1086
+ RESERVED
+CVE-2011-1087
+ RESERVED
+CVE-2011-1088 (Apache Tomcat 7.x before 7.0.10 does not follow ServletSecurity ...)
+ TODO: check
+CVE-2011-1089
+ RESERVED
+CVE-2011-1090
+ RESERVED
+CVE-2011-1091 (libymsg.c in the Yahoo! protocol plugin in libpurple in Pidgin 2.6.0 ...)
+ TODO: check
+CVE-2011-1092 (Integer overflow in ext/shmop/shmop.c in PHP before 5.3.6 allows ...)
+ TODO: check
+CVE-2011-1093
+ RESERVED
+CVE-2011-1094 (kio/kio/tcpslavebase.cpp in KDE KSSL in kdelibs before 4.6.1 does not ...)
+ TODO: check
+CVE-2011-1095
+ RESERVED
+CVE-2011-1096
+ RESERVED
+CVE-2011-1097
+ RESERVED
+CVE-2011-1098
+ RESERVED
+CVE-2011-1099 (Multiple directory traversal vulnerabilities in FocalMedia.Net Quick ...)
+ TODO: check
+CVE-2011-1100 (Multiple SQL injection vulnerabilities in admin/index.php in Pixelpost ...)
+ TODO: check
+CVE-2011-1101 (Multiple unspecified vulnerabilities in a third-party component of the ...)
+ TODO: check
+CVE-2011-1102 (Cross-site scripting (XSS) vulnerability in the WebReporting module in ...)
+ TODO: check
+CVE-2011-1103 (The WebReporting module in F-Secure Policy Manager 7.x, 8.00 before ...)
+ TODO: check
+CVE-2011-1104 (Multiple cross-site request forgery (CSRF) vulnerabilities in Mutare ...)
+ TODO: check
+CVE-2011-1105 (Multiple cross-site scripting (XSS) vulnerabilities in Mutare EVM ...)
+ TODO: check
+CVE-2011-1106 (Cross-site scripting (XSS) vulnerability in stcenter.nsf in the server ...)
+ TODO: check
+CVE-2011-1107 (Unspecified vulnerability in Google Chrome before 9.0.597.107 allows ...)
+ TODO: check
+CVE-2011-1108 (Google Chrome before 9.0.597.107 does not properly implement ...)
+ TODO: check
+CVE-2011-1109 (Google Chrome before 9.0.597.107 does not properly process nodes in ...)
+ TODO: check
+CVE-2011-1110 (Google Chrome before 9.0.597.107 does not properly implement key frame ...)
+ TODO: check
+CVE-2011-1111 (Google Chrome before 9.0.597.107 does not properly implement forms ...)
+ TODO: check
+CVE-2011-1112 (Google Chrome before 9.0.597.107 does not properly perform SVG ...)
+ TODO: check
+CVE-2011-1113 (Google Chrome before 9.0.597.107 on 64-bit Linux platforms does not ...)
+ TODO: check
+CVE-2011-1114 (Google Chrome before 9.0.597.107 does not properly handle tables, ...)
+ TODO: check
+CVE-2011-1115 (Google Chrome before 9.0.597.107 does not properly render tables, ...)
+ TODO: check
+CVE-2011-1116 (Google Chrome before 9.0.597.107 does not properly handle SVG ...)
+ TODO: check
+CVE-2011-1117 (Google Chrome before 9.0.597.107 does not properly handle XHTML ...)
+ TODO: check
+CVE-2011-1118 (Google Chrome before 9.0.597.107 does not properly handle TEXTAREA ...)
+ TODO: check
+CVE-2011-1119 (Google Chrome before 9.0.597.107 does not properly determine device ...)
+ TODO: check
+CVE-2011-1120 (The WebGL implementation in Google Chrome before 9.0.597.107 allows ...)
+ TODO: check
+CVE-2011-1121 (Integer overflow in Google Chrome before 9.0.597.107 allows remote ...)
+ TODO: check
+CVE-2011-1122 (The WebGL implementation in Google Chrome before 9.0.597.107 allows ...)
+ TODO: check
+CVE-2011-1123 (Google Chrome before 9.0.597.107 does not properly restrict access to ...)
+ TODO: check
+CVE-2011-1124 (Use-after-free vulnerability in Google Chrome before 9.0.597.107 ...)
+ TODO: check
+CVE-2011-1125 (Google Chrome before 9.0.597.107 does not properly perform layout, ...)
+ TODO: check
+CVE-2011-1126
+ RESERVED
+CVE-2011-1127
+ RESERVED
+CVE-2011-1128
+ RESERVED
+CVE-2011-1129
+ RESERVED
+CVE-2011-1130
+ RESERVED
+CVE-2011-1131
+ RESERVED
+CVE-2011-1132
+ RESERVED
+CVE-2011-1133
+ RESERVED
+CVE-2011-1134
+ RESERVED
+CVE-2011-1135
+ RESERVED
+CVE-2011-1136
+ RESERVED
+CVE-2011-1137 (Integer overflow in the mod_sftp (aka SFTP) module in ProFTPD 1.3.3d ...)
+ TODO: check
+CVE-2011-1138 (Off-by-one error in the dissect_6lowpan_iphc function in ...)
+ TODO: check
+CVE-2011-1139 (wiretap/pcapng.c in Wireshark 1.2.0 through 1.2.14 and 1.4.0 through ...)
+ TODO: check
+CVE-2011-1140 (Multiple stack consumption vulnerabilities in the ...)
+ TODO: check
+CVE-2011-1141 (epan/dissectors/packet-ldap.c in Wireshark 1.0.x, 1.2.0 through ...)
+ TODO: check
+CVE-2011-1142 (Stack consumption vulnerability in the dissect_ber_choice function in ...)
+ TODO: check
+CVE-2011-1143 (epan/dissectors/packet-ntlmssp.c in the NTLMSSP dissector in Wireshark ...)
+ TODO: check
+CVE-2011-1144 (The installer in PEAR 1.9.2 and earlier allows local users to ...)
+ TODO: check
+CVE-2011-1145
+ RESERVED
+CVE-2011-1146 (libvirt.c in the API in Red Hat libvirt 0.8.8 does not properly ...)
+ TODO: check
+CVE-2011-1147 (Multiple stack-based and heap-based buffer overflows in the (1) ...)
+ TODO: check
+CVE-2011-1148 (Use-after-free vulnerability in the substr_replace function in PHP ...)
+ TODO: check
+CVE-2011-1149
+ RESERVED
+CVE-2011-1150
+ RESERVED
+CVE-2011-1151
+ RESERVED
+CVE-2011-1152
+ RESERVED
+CVE-2011-1153 (Multiple format string vulnerabilities in phar_object.c in the phar ...)
+ TODO: check
+CVE-2011-1154
+ RESERVED
+CVE-2011-1155
+ RESERVED
+CVE-2011-1156
+ RESERVED
+CVE-2011-1157
+ RESERVED
+CVE-2011-1158
+ RESERVED
+CVE-2011-1159
+ RESERVED
+CVE-2011-1160
+ RESERVED
+CVE-2011-1161
+ RESERVED
+CVE-2011-1162
+ RESERVED
+CVE-2011-1163
+ RESERVED
+CVE-2011-1164
+ RESERVED
+CVE-2011-1165
+ RESERVED
+CVE-2011-1166
+ RESERVED
+CVE-2011-1167
+ RESERVED
+CVE-2011-1168
+ RESERVED
+CVE-2011-1169
+ RESERVED
+CVE-2011-1170
+ RESERVED
+CVE-2011-1171
+ RESERVED
+CVE-2011-1172
+ RESERVED
+CVE-2011-1173
+ RESERVED
+CVE-2011-1174
+ RESERVED
+CVE-2011-1175
+ RESERVED
+CVE-2011-1176
+ RESERVED
+CVE-2011-1177
+ RESERVED
+CVE-2011-1178
+ RESERVED
+CVE-2011-1179
+ RESERVED
+CVE-2011-1180
+ RESERVED
+CVE-2011-1181
+ RESERVED
+CVE-2011-1182
+ RESERVED
+CVE-2011-1183
+ RESERVED
+CVE-2011-1184
+ RESERVED
+CVE-2011-1185 (Google Chrome before 10.0.648.127 does not prevent (1) navigation and ...)
+ TODO: check
+CVE-2011-1186 (Google Chrome before 10.0.648.127 on Linux does not properly handle ...)
+ TODO: check
+CVE-2011-1187 (Google Chrome before 10.0.648.127 allows remote attackers to bypass ...)
+ TODO: check
+CVE-2011-1188 (Google Chrome before 10.0.648.127 does not properly handle counter ...)
+ TODO: check
+CVE-2011-1189 (Google Chrome before 10.0.648.127 does not properly perform box ...)
+ TODO: check
+CVE-2011-1190 (The Web Workers implementation in Google Chrome before 10.0.648.127 ...)
+ TODO: check
+CVE-2011-1191 (Use-after-free vulnerability in Google Chrome before 10.0.648.127 ...)
+ TODO: check
+CVE-2011-1192 (Google Chrome before 10.0.648.127 on Linux does not properly handle ...)
+ TODO: check
+CVE-2011-1193 (Google V8, as used in Google Chrome before 10.0.648.127, allows remote ...)
+ TODO: check
+CVE-2011-1194 (Multiple unspecified vulnerabilities in Google Chrome before ...)
+ TODO: check
+CVE-2011-1195 (Use-after-free vulnerability in Google Chrome before 10.0.648.127 ...)
+ TODO: check
+CVE-2011-1196 (The OGG container implementation in Google Chrome before 10.0.648.127 ...)
+ TODO: check
+CVE-2011-1197 (Google Chrome before 10.0.648.127 does not properly perform table ...)
+ TODO: check
+CVE-2011-1198 (The video functionality in Google Chrome before 10.0.648.127 allows ...)
+ TODO: check
+CVE-2011-1199 (Google Chrome before 10.0.648.127 does not properly handle DataView ...)
+ TODO: check
+CVE-2011-1200 (Google Chrome before 10.0.648.127 does not properly perform a cast of ...)
+ TODO: check
+CVE-2011-1201 (The context implementation in WebKit, as used in Google Chrome before ...)
+ TODO: check
+CVE-2011-1202 (Unspecified vulnerability in the XSLT implementation in Google Chrome ...)
+ TODO: check
+CVE-2011-1203 (Google Chrome before 10.0.648.127 does not properly handle SVG ...)
+ TODO: check
+CVE-2011-1204 (Google Chrome before 10.0.648.127 does not properly handle attributes, ...)
+ TODO: check
+CVE-2011-1205
+ RESERVED
+CVE-2011-1206
+ RESERVED
+CVE-2011-1207
+ RESERVED
+CVE-2011-1208
+ RESERVED
+CVE-2011-1209
+ RESERVED
+CVE-2011-1210
+ RESERVED
+CVE-2011-1211
+ RESERVED
+CVE-2011-1212
+ RESERVED
+CVE-2011-1213
+ RESERVED
+CVE-2011-1214
+ RESERVED
+CVE-2011-1215
+ RESERVED
+CVE-2011-1216
+ RESERVED
+CVE-2011-1217
+ RESERVED
+CVE-2011-1218
+ RESERVED
+CVE-2011-1219
+ RESERVED
+CVE-2011-1220
+ RESERVED
+CVE-2011-1221
+ RESERVED
+CVE-2011-1222
+ RESERVED
+CVE-2011-1223
+ RESERVED
+CVE-2011-1224
+ RESERVED
+CVE-2011-1225
+ RESERVED
+CVE-2011-1226
+ RESERVED
+CVE-2011-1227
+ RESERVED
+CVE-2011-1228
+ RESERVED
+CVE-2011-1229
+ RESERVED
+CVE-2011-1230
+ RESERVED
+CVE-2011-1231
+ RESERVED
+CVE-2011-1232
+ RESERVED
+CVE-2011-1233
+ RESERVED
+CVE-2011-1234
+ RESERVED
+CVE-2011-1235
+ RESERVED
+CVE-2011-1236
+ RESERVED
+CVE-2011-1237
+ RESERVED
+CVE-2011-1238
+ RESERVED
+CVE-2011-1239
+ RESERVED
+CVE-2011-1240
+ RESERVED
+CVE-2011-1241
+ RESERVED
+CVE-2011-1242
+ RESERVED
+CVE-2011-1243
+ RESERVED
+CVE-2011-1244
+ RESERVED
+CVE-2011-1245
+ RESERVED
+CVE-2011-1246
+ RESERVED
+CVE-2011-1247
+ RESERVED
+CVE-2011-1248
+ RESERVED
+CVE-2011-1249
+ RESERVED
+CVE-2011-1250
+ RESERVED
+CVE-2011-1251
+ RESERVED
+CVE-2011-1252
+ RESERVED
+CVE-2011-1253
+ RESERVED
+CVE-2011-1254
+ RESERVED
+CVE-2011-1255
+ RESERVED
+CVE-2011-1256
+ RESERVED
+CVE-2011-1257
+ RESERVED
+CVE-2011-1258
+ RESERVED
+CVE-2011-1259
+ RESERVED
+CVE-2011-1260
+ RESERVED
+CVE-2011-1261
+ RESERVED
+CVE-2011-1262
+ RESERVED
+CVE-2011-1263
+ RESERVED
+CVE-2011-1264
+ RESERVED
+CVE-2011-1265
+ RESERVED
+CVE-2011-1266
+ RESERVED
+CVE-2011-1267
+ RESERVED
+CVE-2011-1268
+ RESERVED
+CVE-2011-1269
+ RESERVED
+CVE-2011-1270
+ RESERVED
+CVE-2011-1271
+ RESERVED
+CVE-2011-1272
+ RESERVED
+CVE-2011-1273
+ RESERVED
+CVE-2011-1274
+ RESERVED
+CVE-2011-1275
+ RESERVED
+CVE-2011-1276
+ RESERVED
+CVE-2011-1277
+ RESERVED
+CVE-2011-1278
+ RESERVED
+CVE-2011-1279
+ RESERVED
+CVE-2011-1280
+ RESERVED
+CVE-2011-1281
+ RESERVED
+CVE-2011-1282
+ RESERVED
+CVE-2011-1283
+ RESERVED
+CVE-2011-1284
+ RESERVED
+CVE-2011-1285 (The regular-expression functionality in Google Chrome before ...)
+ TODO: check
+CVE-2011-1286 (Google V8, as used in Google Chrome before 10.0.648.127, allows remote ...)
+ TODO: check
+CVE-2011-1287
+ RESERVED
+CVE-2011-1288
+ RESERVED
+CVE-2011-1289
+ RESERVED
+CVE-2011-1290 (Integer overflow in WebKit, as used on the Research In Motion (RIM) ...)
+ TODO: check
+CVE-2011-1291 (Google Chrome before 10.0.648.204 does not properly handle base ...)
+ TODO: check
+CVE-2011-1292 (Use-after-free vulnerability in the frame-loader implementation in ...)
+ TODO: check
+CVE-2011-1293 (Use-after-free vulnerability in the HTMLCollection implementation in ...)
+ TODO: check
+CVE-2011-1294 (Google Chrome before 10.0.648.204 does not properly handle Cascading ...)
+ TODO: check
+CVE-2011-1295 (Google Chrome before 10.0.648.204 does not properly handle node ...)
+ TODO: check
+CVE-2011-1296 (Google Chrome before 10.0.648.204 does not properly handle SVG text, ...)
+ TODO: check
+CVE-2011-1297
+ RESERVED
+CVE-2011-1298
+ RESERVED
+CVE-2011-1299
+ RESERVED
+CVE-2011-1300
+ RESERVED
+CVE-2011-1301
+ RESERVED
+CVE-2011-1302
+ RESERVED
+CVE-2011-1303
+ RESERVED
+CVE-2011-1304
+ RESERVED
+CVE-2011-1305
+ RESERVED
+CVE-2011-1306 (Unspecified vulnerability in the Scratchpad application in Google ...)
+ TODO: check
+CVE-2011-1307 (The installer in IBM WebSphere Application Server (WAS) before ...)
+ TODO: check
+CVE-2011-1308 (Cross-site scripting (XSS) vulnerability in the Installation ...)
+ TODO: check
+CVE-2011-1309 (The Plug-in component in IBM WebSphere Application Server (WAS) before ...)
+ TODO: check
+CVE-2011-1310 (The Administrative Scripting Tools component in IBM WebSphere ...)
+ TODO: check
+CVE-2011-1311 (The Security component in IBM WebSphere Application Server (WAS) ...)
+ TODO: check
+CVE-2011-1312 (The Administrative Console component in IBM WebSphere Application ...)
+ TODO: check
+CVE-2011-1313 (Double free vulnerability in IBM WebSphere Application Server (WAS) ...)
+ TODO: check
+CVE-2011-1314 (The Service Integration Bus (SIB) messaging engine in IBM WebSphere ...)
+ TODO: check
+CVE-2011-1315 (Memory leak in the messaging engine in IBM WebSphere Application ...)
+ TODO: check
+CVE-2011-1316 (The Session Initiation Protocol (SIP) Proxy in the HTTP Transport ...)
+ TODO: check
+CVE-2011-1317 (Memory leak in com.ibm.ws.jsp.runtime.WASJSPStrBufferImpl in the ...)
+ TODO: check
+CVE-2011-1318 (Memory leak in org.apache.jasper.runtime.JspWriterImpl.response in the ...)
+ TODO: check
+CVE-2011-1319 (The Security component in IBM WebSphere Application Server (WAS) ...)
+ TODO: check
+CVE-2011-1320 (The Security component in IBM WebSphere Application Server (WAS) ...)
+ TODO: check
+CVE-2011-1321 (The AuthCache purge implementation in the Security component in IBM ...)
+ TODO: check
+CVE-2011-1322 (The SOAP with Attachments API for Java (SAAJ) implementation in the ...)
+ TODO: check
+CVE-2011-1323
+ RESERVED
+CVE-2011-1324
+ RESERVED
+CVE-2011-1325
+ RESERVED
+CVE-2011-1326
+ RESERVED
+CVE-2011-1327
+ RESERVED
+CVE-2011-1328
+ RESERVED
+CVE-2011-1329
+ RESERVED
+CVE-2011-1330
+ RESERVED
+CVE-2011-1331
+ RESERVED
+CVE-2011-1332
+ RESERVED
+CVE-2011-1333
+ RESERVED
+CVE-2011-1334
+ RESERVED
+CVE-2011-1335
+ RESERVED
+CVE-2011-1336
+ RESERVED
+CVE-2011-1337
+ RESERVED
+CVE-2011-1338
+ RESERVED
+CVE-2011-1339
+ RESERVED
+CVE-2011-1340
+ RESERVED
+CVE-2011-1341
+ RESERVED
+CVE-2011-1342
+ RESERVED
+CVE-2011-1343 (SQL injection vulnerability in the Web GUI in IBM Tivoli ...)
+ TODO: check
+CVE-2011-1344 (Unspecified vulnerability in WebKit, as used in Apple Safari 5.0.4 on ...)
+ TODO: check
+CVE-2011-1345 (Unspecified vulnerability in Microsoft Internet Explorer 8 on Windows ...)
+ TODO: check
+CVE-2011-1346 (Unspecified vulnerability in Microsoft Internet Explorer 8 on Windows ...)
+ TODO: check
+CVE-2011-1347 (Unspecified vulnerability in Microsoft Internet Explorer 8 on Windows ...)
+ TODO: check
+CVE-2011-1348
+ RESERVED
+CVE-2011-1349
+ RESERVED
+CVE-2011-1350
+ RESERVED
+CVE-2011-1351
+ RESERVED
+CVE-2011-1352
+ RESERVED
+CVE-2011-1353
+ RESERVED
+CVE-2011-1354
+ RESERVED
+CVE-2011-1355
+ RESERVED
+CVE-2011-1356
+ RESERVED
+CVE-2011-1357
+ RESERVED
+CVE-2011-1358
+ RESERVED
+CVE-2011-1359
+ RESERVED
+CVE-2011-1360
+ RESERVED
+CVE-2011-1361
+ RESERVED
+CVE-2011-1362
+ RESERVED
+CVE-2011-1363
+ RESERVED
+CVE-2011-1364
+ RESERVED
+CVE-2011-1365
+ RESERVED
+CVE-2011-1366
+ RESERVED
+CVE-2011-1367
+ RESERVED
+CVE-2011-1368
+ RESERVED
+CVE-2011-1369
+ RESERVED
+CVE-2011-1370
+ RESERVED
+CVE-2011-1371
+ RESERVED
+CVE-2011-1372
+ RESERVED
+CVE-2011-1373
+ RESERVED
+CVE-2011-1374
+ RESERVED
+CVE-2011-1375
+ RESERVED
+CVE-2011-1376
+ RESERVED
+CVE-2011-1377
+ RESERVED
+CVE-2011-1378
+ RESERVED
+CVE-2011-1379
+ RESERVED
+CVE-2011-1380
+ RESERVED
+CVE-2011-1381
+ RESERVED
+CVE-2011-1382
+ RESERVED
+CVE-2011-1383
+ RESERVED
+CVE-2011-1384
+ RESERVED
+CVE-2011-1385
+ RESERVED
+CVE-2011-1386
+ RESERVED
+CVE-2011-1387
+ RESERVED
+CVE-2011-1388
+ RESERVED
+CVE-2011-1389
+ RESERVED
+CVE-2011-1390
+ RESERVED
+CVE-2011-1391
+ RESERVED
+CVE-2011-1392
+ RESERVED
+CVE-2011-1393
+ RESERVED
+CVE-2011-1394
+ RESERVED
+CVE-2011-1395
+ RESERVED
+CVE-2011-1396
+ RESERVED
+CVE-2011-1397
+ RESERVED
+CVE-2011-1398
+ RESERVED
+CVE-2011-1399
+ RESERVED
+CVE-2011-1400 (The default configuration of the shell_escape_commands directive in ...)
+ TODO: check
+CVE-2011-1401
+ RESERVED
+CVE-2011-1402
+ RESERVED
+CVE-2011-1403
+ RESERVED
+CVE-2011-1404
+ RESERVED
+CVE-2011-1405
+ RESERVED
+CVE-2011-1406
+ RESERVED
+CVE-2011-1407
+ RESERVED
+CVE-2011-1408
+ RESERVED
+CVE-2011-1409
+ RESERVED
+CVE-2011-1410
+ RESERVED
+CVE-2011-1411
+ RESERVED
+CVE-2011-1412
+ RESERVED
+CVE-2011-1413 (Google Chrome before 10.0.648.127 on Linux does not properly mitigate ...)
+ TODO: check
+CVE-2011-1414 (Cross-site scripting (XSS) vulnerability in the tibbr web server, as ...)
+ TODO: check
+CVE-2011-1415
+ REJECTED
+ TODO: check
+CVE-2011-1416 (The Research In Motion (RIM) BlackBerry Torch 9800 with firmware ...)
+ TODO: check
+CVE-2011-1417 (QuickLook, as used in Apple Mac OS X before 10.6.7 and MobileSafari in ...)
+ TODO: check
+CVE-2011-1418 (The stateless address autoconfiguration (aka SLAAC) functionality in ...)
+ TODO: check
+CVE-2011-1419 (Apache Tomcat 7.x before 7.0.11, when web.xml has no security ...)
+ TODO: check
+CVE-2011-1420
+ RESERVED
+CVE-2011-1421
+ RESERVED
+CVE-2011-1422
+ RESERVED
+CVE-2011-1423
+ RESERVED
+CVE-2011-1424
+ RESERVED
+CVE-2011-1425
+ RESERVED
+CVE-2011-1426
+ RESERVED
+CVE-2011-1427 (Multiple cross-site scripting (XSS) vulnerabilities in Kodak InSite ...)
+ TODO: check
+CVE-2011-1428 (Wee Enhanced Environment for Chat (aka WeeChat) 0.3.4 and earlier does ...)
+ TODO: check
+CVE-2011-1429 (Mutt does not verify that the smtps server hostname matches the domain ...)
+ TODO: check
+CVE-2011-1430 (The STARTTLS implementation in the server in Ipswitch IMail 11.03 and ...)
+ TODO: check
+CVE-2011-1431 (The STARTTLS implementation in qmail-smtpd.c in qmail-smtpd in the ...)
+ TODO: check
+CVE-2011-1432 (The STARTTLS implementation in SCO SCOoffice Server does not properly ...)
+ TODO: check
+CVE-2011-1433 (The (1) AgentInterface and (2) CustomerInterface components in Open ...)
+ TODO: check
+CVE-2011-1434
+ RESERVED
+CVE-2011-1435
+ RESERVED
+CVE-2011-1436
+ RESERVED
+CVE-2011-1437
+ RESERVED
+CVE-2011-1438
+ RESERVED
+CVE-2011-1439
+ RESERVED
+CVE-2011-1440
+ RESERVED
+CVE-2011-1441
+ RESERVED
+CVE-2011-1442
+ RESERVED
+CVE-2011-1443
+ RESERVED
+CVE-2011-1444
+ RESERVED
+CVE-2011-1445
+ RESERVED
+CVE-2011-1446
+ RESERVED
+CVE-2011-1447
+ RESERVED
+CVE-2011-1448
+ RESERVED
+CVE-2011-1449
+ RESERVED
+CVE-2011-1450
+ RESERVED
+CVE-2011-1451
+ RESERVED
+CVE-2011-1452
+ RESERVED
+CVE-2011-1453
+ RESERVED
+CVE-2011-1454
+ RESERVED
+CVE-2011-1455
+ RESERVED
+CVE-2011-1456
+ RESERVED
+CVE-2011-1457
+ RESERVED
+CVE-2011-1458
+ RESERVED
+CVE-2011-1459
+ RESERVED
+CVE-2011-1460
+ RESERVED
+CVE-2011-1461
+ RESERVED
+CVE-2011-1462
+ RESERVED
+CVE-2011-1463
+ RESERVED
+CVE-2011-1464 (Buffer overflow in the strval function in PHP before 5.3.6, when the ...)
+ TODO: check
+CVE-2011-1465 (The SPDY implementation in net/http/http_network_transaction.cc in ...)
+ TODO: check
+CVE-2011-1466 (Integer overflow in the SdnToJulian function in the Calendar extension ...)
+ TODO: check
+CVE-2011-1467 (Unspecified vulnerability in the NumberFormatter::setSymbol (aka ...)
+ TODO: check
+CVE-2011-1468 (Multiple memory leaks in the OpenSSL extension in PHP before 5.3.6 ...)
+ TODO: check
+CVE-2011-1469 (Unspecified vulnerability in the Streams component in PHP before 5.3.6 ...)
+ TODO: check
+CVE-2011-1470 (The Zip extension in PHP before 5.3.6 allows context-dependent ...)
+ TODO: check
+CVE-2011-1471 (Integer signedness error in zip_stream.c in the Zip extension in PHP ...)
+ TODO: check
+CVE-2011-1472
+ RESERVED
+CVE-2011-1473
+ RESERVED
+CVE-2011-1474
+ RESERVED
+CVE-2011-1475
+ RESERVED
+CVE-2011-1476
+ RESERVED
+CVE-2011-1477
+ RESERVED
+CVE-2011-1478
+ RESERVED
+CVE-2011-1479
+ RESERVED
+CVE-2011-1480
+ RESERVED
+CVE-2011-1481
+ RESERVED
+CVE-2011-1482
+ RESERVED
+CVE-2011-1483
+ RESERVED
+CVE-2011-1484
+ RESERVED
+CVE-2011-1485
+ RESERVED
+CVE-2011-1486
+ RESERVED
+CVE-2011-1487
+ RESERVED
+CVE-2011-1488
+ RESERVED
+CVE-2011-1489
+ RESERVED
+CVE-2011-1490
+ RESERVED
+CVE-2011-1491
+ RESERVED
+CVE-2011-1492
+ RESERVED
+CVE-2011-1493
+ RESERVED
+CVE-2011-1494
+ RESERVED
+CVE-2011-1495
+ RESERVED
+CVE-2011-1496
+ RESERVED
+CVE-2011-1497
+ RESERVED
+CVE-2011-1498
+ RESERVED
+CVE-2011-1499
+ RESERVED
+CVE-2011-1500
+ RESERVED
+CVE-2011-1501
+ RESERVED
+CVE-2011-1502
+ RESERVED
+CVE-2011-1503
+ RESERVED
+CVE-2011-1504
+ RESERVED
+CVE-2011-1505 (Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.27 ...)
+ TODO: check
+CVE-2011-1506 (The STARTTLS implementation in Kerio Connect 7.1.4 build 2985 and ...)
+ TODO: check
+CVE-2011-1507
+ RESERVED
+CVE-2011-1508
+ RESERVED
+CVE-2011-1509
+ RESERVED
+CVE-2011-1510
+ RESERVED
+CVE-2011-1511
+ RESERVED
+CVE-2011-1512
+ RESERVED
+CVE-2011-1513
+ RESERVED
+CVE-2011-1514
+ RESERVED
+CVE-2011-1515
+ RESERVED
+CVE-2011-1516
+ RESERVED
+CVE-2011-1517
+ RESERVED
+CVE-2011-1519 (The remote console in the Server Controller in IBM Lotus Domino 7.x and ...)
+ TODO: check
+CVE-2011-1520 (The default configuration of the server console in IBM Lotus Domino ...)
+ TODO: check
^ permalink raw reply related [flat|nested] 20+ messages in thread
* [gentoo-commits] proj/security:master commit in: data/CVE/
@ 2014-08-04 23:45 Pavlos Ratis
0 siblings, 0 replies; 20+ messages in thread
From: Pavlos Ratis @ 2014-08-04 23:45 UTC (permalink / raw
To: gentoo-commits
commit: 711a0f0d93cc5daced1ce1795fbb48d46cb54748
Author: Stefan Behte <craig <AT> gentoo <DOT> org>
AuthorDate: Thu Jan 20 21:25:35 2011 +0000
Commit: Pavlos Ratis <dastergon <AT> gentoo <DOT> org>
CommitDate: Thu Jan 20 21:25:35 2011 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/security.git;a=commit;h=711a0f0d
NFU
svn path=/; revision=2219
---
data/CVE/list | 2469 +++++++++++++++++++++++++++++++++++++++++++--------------
1 file changed, 1892 insertions(+), 577 deletions(-)
diff --git a/data/CVE/list b/data/CVE/list
index 9a3167f..ffe43d8 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -47346,8 +47346,8 @@ CVE-2006-7241 (The Image Viewer component in IBM FileNet P8 Application Engine (
NOT-FOR-US: ibm filenet_p8_application_engine
CVE-2006-7242 (The Workplace (aka WP) component in IBM FileNet P8 Application Engine ...)
NOT-FOR-US: ibm filenet_p8_application_engine
-CVE-2006-7243
- RESERVED
+CVE-2006-7243 (PHP before 5.3.4 accepts the \0 character in a pathname, which might ...)
+ NOT-FOR-US: Data pre-dating the Security Tracker
CVE-2007-0001 (The file watch implementation in the audit subsystem (auditctl -w) in ...)
TODO: check-old
CVE-2007-0002 (Multiple heap-based buffer overflows in WordPerfect Document ...)
@@ -59533,7 +59533,7 @@ CVE-2007-6010 (Unspecified vulnerability in pioneers (formerly gnocatan) 0.11.3
BUG: 198807
CVE-2007-6011 (Unspecified vulnerability in main.php of BugHotel Reservation System ...)
NOT-FOR-US: bug software bughotel reservation system
-CVE-2007-6012 (SQL injection vulnerability in SearchR.asp in DocuSafe 4.1.0 allows ...)
+CVE-2007-6012 (SQL injection vulnerability in SearchR.asp in DocuSafe 4.1.0 and 4.1.2 ...)
NOT-FOR-US: DocuSafe
CVE-2007-6013 (Wordpress 1.5 through 2.3.1 uses cookie values based on the MD5 hash ...)
BUG: 199833
@@ -75598,6 +75598,12 @@ CVE-2008-7269 (Open redirect vulnerability in api.php in SiteEngine 5.x allows .
NOT-FOR-US: boka siteengine
CVE-2008-7270 (OpenSSL before 0.9.8j, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is ...)
TODO: check
+CVE-2008-7271 (Multiple cross-site scripting (XSS) vulnerabilities in the Help ...)
+ TODO: check
+CVE-2008-7272
+ RESERVED
+CVE-2008-7273
+ RESERVED
CVE-2009-0001 (Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote ...)
NOT-FOR-US: apple quicktime
CVE-2009-0002 (Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote ...)
@@ -79993,8 +79999,8 @@ CVE-2009-2187 (Multiple memory leaks in the (1) IP and (2) IPv6 multicast ...)
NOT-FOR-US: kernel in Sun Solaris
CVE-2009-2188 (Buffer overflow in ImageIO in Apple Mac OS X 10.5 before 10.5.8, and ...)
NOT-FOR-US: apple mac_os_x_server
-CVE-2009-2189
- RESERVED
+CVE-2009-2189 (The ICMPv6 implementation on the Apple Time Capsule, AirPort Extreme ...)
+ NOT-FOR-US: apple time_capsule
CVE-2009-2190 (launchd in Apple Mac OS X 10.5 before 10.5.8 allows remote attackers ...)
NOT-FOR-US: apple mac_os_x_server
CVE-2009-2191 (Format string vulnerability in Login Window in Apple Mac OS X 10.4.11 ...)
@@ -85690,8 +85696,8 @@ CVE-2009-5016 (Integer overflow in the xml_utf8_decode function in ext/xml/xml.c
TODO: check
CVE-2009-5017 (Mozilla Firefox before 3.6 Beta 3 does not properly handle overlong ...)
TODO: check
-CVE-2009-5018
- RESERVED
+CVE-2009-5018 (Stack-based buffer overflow in gif2png.c in gif2png 2.5.3 and earlier ...)
+ TODO: check
CVE-2009-5019 (Web Wiz NewsPad stores sensitive information under the web root with ...)
NOT-FOR-US: webwiz web_wiz_newspad
CVE-2009-5020 (Open redirect vulnerability in awredir.pl in AWStats before 6.95 ...)
@@ -85718,6 +85724,46 @@ CVE-2009-5030
RESERVED
CVE-2009-5031
RESERVED
+CVE-2009-5032 (The encrypted e-mail feature in IBM Lotus Notes Traveler before ...)
+ TODO: check
+CVE-2009-5033 (IBM Lotus Notes Traveler before 8.5.0.2 does not properly handle a "* ...)
+ TODO: check
+CVE-2009-5034 (IBM Lotus Notes Traveler before 8.5.0.2 allows remote authenticated ...)
+ TODO: check
+CVE-2009-5035 (The Nokia client in IBM Lotus Notes Traveler before 8.5.0.2 does not ...)
+ TODO: check
+CVE-2009-5036 (traveler.exe in IBM Lotus Notes Traveler before 8.0.1.3 CF1 allows ...)
+ TODO: check
+CVE-2009-5037 (Cisco Adaptive Security Appliances (ASA) 5500 series devices with ...)
+ TODO: check
+CVE-2009-5038 (Cisco IOS before 15.0(1)XA does not properly handle IRC traffic during ...)
+ TODO: check
+CVE-2009-5039 (Memory leak in the gk_circuit_info_do_in_acf function in the H.323 ...)
+ TODO: check
+CVE-2009-5040 (CallManager Express (CME) on Cisco IOS before 15.0(1)XA allows remote ...)
+ TODO: check
+CVE-2009-5041
+ RESERVED
+CVE-2009-5042
+ RESERVED
+CVE-2009-5043
+ RESERVED
+CVE-2009-5044
+ RESERVED
+CVE-2009-5045
+ RESERVED
+CVE-2009-5046
+ RESERVED
+CVE-2009-5047
+ RESERVED
+CVE-2009-5048
+ RESERVED
+CVE-2009-5049
+ RESERVED
+CVE-2009-5050
+ RESERVED
+CVE-2009-5051 (Hastymail2 before RC 8 does not set the secure flag for the session ...)
+ TODO: check
CVE-2010-0001 (Integer underflow in the unlzw function in unlzw.c in gzip before 1.4 ...)
BUG: 300943
CVE-2010-0002 (The /etc/profile.d/60alias.sh script in the Mandriva bash package for ...)
@@ -85794,8 +85840,8 @@ CVE-2010-0037 (Buffer overflow in Image RAW in Apple Mac OS X 10.5.8 and 10.6.2
NOT-FOR-US: apple mac_os_x_server
CVE-2010-0038 (Recovery Mode in Apple iPhone OS 1.0 through 3.1.2, and iPhone OS for ...)
NOT-FOR-US: apple iphone_os
-CVE-2010-0039
- RESERVED
+CVE-2010-0039 (The Application-Level Gateway (ALG) on the Apple Time Capsule, AirPort ...)
+ TODO: check
CVE-2010-0040 (Integer overflow in ColorSync in Apple Safari before 4.0.5 on Windows, ...)
NOT-FOR-US: apple safari
CVE-2010-0041 (ImageIO in Apple Safari before 4.0.5 and iTunes before 9.1 on Windows ...)
@@ -85944,10 +85990,10 @@ CVE-2010-0112 (Multiple SQL injection vulnerabilities in the Administrative Inte
NOT-FOR-US: symantec im_manager
CVE-2010-0113 (The Symantec Norton Mobile Security application 1.0 Beta for Android ...)
NOT-FOR-US: symantec mobile_security
-CVE-2010-0114
- RESERVED
-CVE-2010-0115
- RESERVED
+CVE-2010-0114 (fw_charts.php in the reporting module in the Manager (aka SEPM) ...)
+ TODO: check
+CVE-2010-0115 (SQL injection vulnerability in login.php in the GUI management console ...)
+ TODO: check
CVE-2010-0116 (Integer overflow in RealNetworks RealPlayer 11.0 through 11.1 and ...)
NOT-FOR-US: realnetworks realplayer_sp
CVE-2010-0117 (RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 ...)
@@ -85958,16 +86004,16 @@ CVE-2010-0119 (Bournal before 1.4.1 on FreeBSD 8.0, when the -K option is used,
NOT-FOR-US: becauseinter bournal
CVE-2010-0120 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...)
NOT-FOR-US: realnetworks realplayer_sp
-CVE-2010-0121
- RESERVED
+CVE-2010-0121 (The cook codec in RealNetworks RealPlayer 11.0 through 11.1, ...)
+ TODO: check
CVE-2010-0122 (Multiple SQL injection vulnerabilities in Employee Timeclock Software ...)
NOT-FOR-US: timeclock software employee_timeclock_software
CVE-2010-0123 (The database backup implementation in Employee Timeclock Software 0.99 ...)
NOT-FOR-US: timeclock software employee_timeclock_software
CVE-2010-0124 (Employee Timeclock Software 0.99 places the database password on the ...)
NOT-FOR-US: timeclock software employee_timeclock_software
-CVE-2010-0125
- RESERVED
+CVE-2010-0125 (RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through ...)
+ TODO: check
CVE-2010-0126 (Heap-based buffer overflow in an unspecified library in Autonomy ...)
NOT-FOR-US: autonomy keyview_viewer_sdk
CVE-2010-0127 (Adobe Shockwave Player before 11.5.7.609 allows remote attackers to ...)
@@ -86165,10 +86211,10 @@ CVE-2010-0212 (OpenLDAP 2.4.22 allows remote attackers to cause a denial of serv
BUG: 323777
CVE-2010-0213 (BIND 9.7.1 and 9.7.1-P1, when a recursive validating server has a ...)
NOT-FOR-US: We already have 9.7.1-p2
-CVE-2010-0214
- RESERVED
-CVE-2010-0215
- RESERVED
+CVE-2010-0214 (The administrative interface on the PolyVision RoomWizard with ...)
+ TODO: check
+CVE-2010-0215 (ActiveCollab before 2.3.2 allows remote authenticated users to bypass ...)
+ NOT-FOR-US: a51dev activecollab
CVE-2010-0216
RESERVED
CVE-2010-0217
@@ -89091,14 +89137,14 @@ CVE-2010-1674
RESERVED
CVE-2010-1675
RESERVED
-CVE-2010-1676
- RESERVED
-CVE-2010-1677
- RESERVED
+CVE-2010-1676 (Heap-based buffer overflow in Tor before 0.2.1.28 and 0.2.2.x before ...)
+ TODO: check
+CVE-2010-1677 (MHonArc 2.6.16 allows remote attackers to cause a denial of service ...)
+ TODO: check
CVE-2010-1678
RESERVED
-CVE-2010-1679
- RESERVED
+CVE-2010-1679 (Directory traversal vulnerability in dpkg-source in dpkg before ...)
+ TODO: check
CVE-2010-1680
RESERVED
CVE-2010-1681 (Buffer overflow in VISIODWG.DLL before 10.0.6880.4 in Microsoft Office ...)
@@ -89349,8 +89395,8 @@ CVE-2010-1802 (libsecurity in Apple Mac OS X 10.5.8 and 10.6.4 does not properly
NOT-FOR-US: apple mac_os_x_server
CVE-2010-1803 (Time Machine in Apple Mac OS X 10.6.x before 10.6.5 does not verify ...)
TODO: check
-CVE-2010-1804
- RESERVED
+CVE-2010-1804 (Unspecified vulnerability in the network bridge functionality on the ...)
+ TODO: check
CVE-2010-1805 (Untrusted search path vulnerability in Apple Safari 4.x before 4.1.2 ...)
TODO: check
CVE-2010-1806 (Use-after-free vulnerability in Apple Safari 4.x before 4.1.2 and 5.x ...)
@@ -90574,7 +90620,7 @@ CVE-2010-2412 (Unspecified vulnerability in the OLAP component in Oracle Databas
CVE-2010-2413 (Unspecified vulnerability in the BI Publisher component in Oracle ...)
NOT-FOR-US: oracle fusion_middleware
CVE-2010-2414 (Unspecified vulnerability in the (1) Sun Convergence 1 and (2) Sun ...)
- TODO: check
+ NOT-FOR-US: oracle sun_products_suite
CVE-2010-2415 (Unspecified vulnerability in the Change Data Capture component in ...)
NOT-FOR-US: oracle database_server
CVE-2010-2416 (Unspecified vulnerability in the Oracle E-Business Intelligence ...)
@@ -90883,12 +90929,12 @@ CVE-2010-2567 (The RPC client implementation in Microsoft Windows XP SP2 and SP3
NOT-FOR-US: microsoft windows_xp
CVE-2010-2568 (Windows Shell in Microsoft Windows XP SP3, Server 2003 SP2, Vista SP1 ...)
NOT-FOR-US: microsoft windows_xp
-CVE-2010-2569
- RESERVED
-CVE-2010-2570
- RESERVED
-CVE-2010-2571
- RESERVED
+CVE-2010-2569 (pubconv.dll (aka the Publisher Converter DLL) in Microsoft Publisher ...)
+ TODO: check
+CVE-2010-2570 (Heap-based buffer overflow in pubconv.dll (aka the Publisher Converter ...)
+ NOT-FOR-US: microsoft publisher
+CVE-2010-2571 (Array index error in pubconv.dll (aka the Publisher Converter DLL) in ...)
+ NOT-FOR-US: microsoft publisher
CVE-2010-2572 (Buffer overflow in Microsoft PowerPoint 2002 SP3 and 2003 SP3 allows ...)
NOT-FOR-US: microsoft powerpoint
CVE-2010-2573 (Integer underflow in Microsoft PowerPoint 2002 SP3 and 2003 SP3, ...)
@@ -90903,8 +90949,8 @@ CVE-2010-2577 (Multiple SQL injection vulnerabilities in Pligg before 1.1.1 allo
NOT-FOR-US: pligg
CVE-2010-2578 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...)
NOT-FOR-US: realnetworks realplayer_sp
-CVE-2010-2579
- RESERVED
+CVE-2010-2579 (The cook codec in RealNetworks RealPlayer 11.0 through 11.1, ...)
+ NOT-FOR-US: realnetworks realplayer_sp
CVE-2010-2580 (The SMTP service (MESMTPC.exe) in MailEnable 3.x and 4.25 does not ...)
NOT-FOR-US: mailenable
CVE-2010-2581 (dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows remote ...)
@@ -90925,8 +90971,8 @@ CVE-2010-2588
RESERVED
CVE-2010-2589
RESERVED
-CVE-2010-2590
- RESERVED
+CVE-2010-2590 (Heap-based buffer overflow in the ...)
+ NOT-FOR-US: sap crystal_reports
CVE-2010-2591
RESERVED
CVE-2010-2592
@@ -90943,18 +90989,18 @@ CVE-2010-2597 (The TIFFVStripSize function in tif_strip.c in LibTIFF 3.9.0 and 3
TODO: check
CVE-2010-2598 (LibTIFF in Red Hat Enterprise Linux (RHEL) 3 on x86_64 platforms, as ...)
TODO: check
-CVE-2010-2599
- RESERVED
+CVE-2010-2599 (Unspecified vulnerability in Research In Motion (RIM) BlackBerry ...)
+ NOT-FOR-US: rim blackberry_software
CVE-2010-2600 (Untrusted search path vulnerability in BlackBerry Desktop Software ...)
NOT-FOR-US: rim blackberry_desktop_software
CVE-2010-2601 (Multiple buffer overflows in the PDF distiller in the Attachment ...)
- TODO: check
-CVE-2010-2602
- RESERVED
-CVE-2010-2603
- RESERVED
-CVE-2010-2604
- RESERVED
+ NOT-FOR-US: rim blackberry_professional_software
+CVE-2010-2602 (Multiple buffer overflows in the PDF distiller component in the ...)
+ NOT-FOR-US: rim blackberry_enterprise_server
+CVE-2010-2603 (RIM BlackBerry Desktop Software 4.7 through 6.0 for PC, and 1.0 for ...)
+ NOT-FOR-US: rim blackberry_desktop_software
+CVE-2010-2604 (Multiple buffer overflows in the PDF Distiller in the BlackBerry ...)
+ NOT-FOR-US: rim blackberry_enterprise_server_express
CVE-2010-2605
RESERVED
CVE-2010-2606
@@ -91009,8 +91055,8 @@ CVE-2010-2630 (The TIFFReadDirectory function in LibTIFF 3.9.0 does not properly
TODO: check
CVE-2010-2631 (LibTIFF 3.9.0 ignores tags in certain situations during the first ...)
TODO: check
-CVE-2010-2632
- RESERVED
+CVE-2010-2632 (Unspecified vulnerability in the FTP Server in Oracle Solaris 8, 9, ...)
+ NOT-FOR-US: sunos
CVE-2010-2633 (Unspecified vulnerability in EMC Disk Library (EDL) before 3.2.7, ...)
NOT-FOR-US: emc disk_library
CVE-2010-2634 (RSA enVision before 3.7 SP1 allows remote authenticated users to cause ...)
@@ -91025,16 +91071,16 @@ CVE-2010-2638 (Unspecified vulnerability in IBM WebSphere MQ 7.0 before 7.0.1.5
NOT-FOR-US: ibm websphere_mq
CVE-2010-2639 (IBM WebSphere Commerce Enterprise 7.0 before 7.0.0.2 allows remote ...)
NOT-FOR-US: ibm websphere_commerce
-CVE-2010-2640
- RESERVED
-CVE-2010-2641
- RESERVED
-CVE-2010-2642
- RESERVED
-CVE-2010-2643
- RESERVED
-CVE-2010-2644
- RESERVED
+CVE-2010-2640 (Array index error in the PK font parser in the dvi-backend component ...)
+ TODO: check
+CVE-2010-2641 (Array index error in the VF font parser in the dvi-backend component ...)
+ TODO: check
+CVE-2010-2642 (Heap-based buffer overflow in the AFM font parser in the dvi-backend ...)
+ TODO: check
+CVE-2010-2643 (Integer overflow in the TFM font parser in the dvi-backend component ...)
+ TODO: check
+CVE-2010-2644 (IBM WebSphere Service Registry and Repository (WSRR) 7.0.0 before FP1 ...)
+ NOT-FOR-US: ibm websphere_service_registry_and_repository
CVE-2010-2645 (Unspecified vulnerability in Google Chrome before 5.0.375.99, when ...)
TODO: check
CVE-2010-2646 (Google Chrome before 5.0.375.99 does not properly isolate sandboxed ...)
@@ -91229,8 +91275,8 @@ CVE-2010-2740 (The OpenType Font (OTF) format driver in Microsoft Windows XP SP2
NOT-FOR-US: microsoft windows_xp
CVE-2010-2741 (The OpenType Font (OTF) format driver in Microsoft Windows XP SP2 and ...)
NOT-FOR-US: microsoft windows_xp
-CVE-2010-2742
- RESERVED
+CVE-2010-2742 (The Netlogon RPC Service in Microsoft Windows Server 2003 SP2 and ...)
+ TODO: check
CVE-2010-2743
RESERVED
CVE-2010-2744 (The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows ...)
@@ -91740,12 +91786,12 @@ CVE-2010-2995 (The SigComp Universal Decompressor Virtual Machine (UDVM) in Wire
TODO: check
CVE-2010-2996 (Array index error in RealNetworks RealPlayer 11.0 through 11.1 on ...)
NOT-FOR-US: realnetworks realplayer
-CVE-2010-2997
- RESERVED
+CVE-2010-2997 (Use-after-free vulnerability in RealNetworks RealPlayer 11.0 through ...)
+ TODO: check
CVE-2010-2998 (Array index error in RealNetworks RealPlayer 11.0 through 11.1 and ...)
NOT-FOR-US: realnetworks realplayer_sp
-CVE-2010-2999
- RESERVED
+CVE-2010-2999 (Integer overflow in RealNetworks RealPlayer 11.0 through 11.1, ...)
+ TODO: check
CVE-2010-3000 (Multiple integer overflows in the ParseKnownType function in ...)
NOT-FOR-US: realnetworks realplayer_sp
CVE-2010-3001 (Unspecified vulnerability in an ActiveX control in the Internet ...)
@@ -91919,8 +91965,8 @@ CVE-2010-3084 (Buffer overflow in the niu_get_ethtool_tcam_all function in ...)
TODO: check
CVE-2010-3085 (The network-play implementation in Mednafen before 0.8.D might allow ...)
TODO: check
-CVE-2010-3086
- RESERVED
+CVE-2010-3086 (include/asm-x86/futex.h in the Linux kernel before 2.6.25 does not ...)
+ TODO: check
CVE-2010-3087 (LibTIFF before 3.9.2-5.2.1 in SUSE openSUSE 11.3 allows remote ...)
TODO: check
CVE-2010-3088 (The notify function in pidgin-knotify.c in the pidgin-knotify plugin ...)
@@ -92035,13 +92081,13 @@ CVE-2010-3142 (Untrusted search path vulnerability in Microsoft Office PowerPoin
NOT-FOR-US: microsoft powerpoint
CVE-2010-3143 (Untrusted search path vulnerability in Microsoft Windows Contacts ...)
NOT-FOR-US: microsoft windows
-CVE-2010-3144 (Untrusted search path vulnerability in Microsoft Internet Connection ...)
+CVE-2010-3144 (Untrusted search path vulnerability in the Internet Connection Signup ...)
NOT-FOR-US: microsoft windows
-CVE-2010-3145 (Untrusted search path vulnerability in the Microsoft Vista BitLocker ...)
+CVE-2010-3145 (Untrusted search path vulnerability in the BitLocker Drive Encryption ...)
NOT-FOR-US: microsoft windows_vista
CVE-2010-3146 (Untrusted search path vulnerability in Microsoft Office Groove 2007 ...)
NOT-FOR-US: microsoft groove
-CVE-2010-3147 (Untrusted search path vulnerability in Microsoft Address Book ...)
+CVE-2010-3147 (Untrusted search path vulnerability in wab.exe 6.00.2900.5512 in ...)
NOT-FOR-US: microsoft outlook_express
CVE-2010-3148 (Untrusted search path vulnerability in Microsoft Visio 2003 allows ...)
NOT-FOR-US: microsoft visio
@@ -92113,7 +92159,7 @@ CVE-2010-3181 (Untrusted search path vulnerability in Mozilla Firefox before 3.5
TODO: check
CVE-2010-3182 (A certain application-launch script in Mozilla Firefox before 3.5.14 ...)
TODO: check
-CVE-2010-3183 (The LookupGetterOrSetter function in Mozilla Firefox before 3.5.14 and ...)
+CVE-2010-3183 (The LookupGetterOrSetter function in js3250.dll in Mozilla Firefox ...)
TODO: check
CVE-2010-3184
RESERVED
@@ -92149,8 +92195,8 @@ CVE-2010-3199 (Untrusted search path vulnerability in TortoiseSVN 1.6.10, Build
NOT-FOR-US: windows only
CVE-2010-3200 (MSO.dll in Microsoft Word 2003 SP3 11.8326.11.8324 allows remote ...)
NOT-FOR-US: microsoft word
-CVE-2010-3201
- RESERVED
+CVE-2010-3201 (Cross-site scripting (XSS) vulnerability in NetWin Surgemail before ...)
+ TODO: check
CVE-2010-3202 (Cross-site scripting (XSS) vulnerability in Flock Browser 3.0.0.3989 ...)
NOT-FOR-US: flock
CVE-2010-3203 (Directory traversal vulnerability in the PicSell (com_picsell) ...)
@@ -92181,7 +92227,7 @@ CVE-2010-3215 (Microsoft Word 2002 SP3 and Office 2004 for Mac do not properly h
NOT-FOR-US: microsoft word
CVE-2010-3216 (Microsoft Word 2002 SP3 and Office 2004 for Mac allow remote attackers ...)
NOT-FOR-US: microsoft word
-CVE-2010-3217 (Microsoft Word 2002 SP3 allows remote attackers to execute arbitrary ...)
+CVE-2010-3217 (Double free vulnerability in Microsoft Word 2002 SP3 allows remote ...)
NOT-FOR-US: microsoft word
CVE-2010-3218 (Heap-based buffer overflow in Microsoft Word 2002 SP3 allows remote ...)
NOT-FOR-US: microsoft word
@@ -92283,8 +92329,8 @@ CVE-2010-3266 (Multiple cross-site scripting (XSS) vulnerabilities in BugTracker
NOT-FOR-US: ifdefined bugtracker net
CVE-2010-3267 (Multiple SQL injection vulnerabilities in BugTracker.NET before 3.4.5 ...)
NOT-FOR-US: ifdefined bugtracker net
-CVE-2010-3268
- RESERVED
+CVE-2010-3268 (The GetStringAMSHandler function in prgxhndl.dll in hndlrsvc.exe in ...)
+ TODO: check
CVE-2010-3269
RESERVED
CVE-2010-3270
@@ -92370,8 +92416,8 @@ CVE-2010-3309
RESERVED
CVE-2010-3310 (Multiple integer signedness errors in net/rose/af_rose.c in the Linux ...)
TODO: check
-CVE-2010-3311
- RESERVED
+CVE-2010-3311 (Integer overflow in base/ftstream.c in libXft (aka the X FreeType ...)
+ TODO: check
CVE-2010-3312 (Epiphany 2.28 and 2.29, when WebKit and LibSoup are used, ...)
TODO: check
CVE-2010-3313 (phpgwapi/js/fckeditor/editor/dialog/fck_spellerpages/spellerpages/serverscripts/spellchecker.php ...)
@@ -92424,28 +92470,28 @@ CVE-2010-3336 (Microsoft Office XP SP3, Office 2004 and 2008 for Mac, Office for
NOT-FOR-US: microsoft open_xml_file_format_converter
CVE-2010-3337 (Untrusted search path vulnerability in Microsoft Office 2007 SP2 and ...)
NOT-FOR-US: microsoft office
-CVE-2010-3338
- RESERVED
+CVE-2010-3338 (The Windows Task Scheduler in Microsoft Windows Vista SP1 and SP2, ...)
+ TODO: check
CVE-2010-3339
RESERVED
-CVE-2010-3340
- RESERVED
+CVE-2010-3340 (Microsoft Internet Explorer 6 and 7 does not properly handle objects ...)
+ TODO: check
CVE-2010-3341
RESERVED
-CVE-2010-3342
- RESERVED
-CVE-2010-3343
- RESERVED
+CVE-2010-3342 (Microsoft Internet Explorer 6, 7, and 8 does not prevent rendering of ...)
+ TODO: check
+CVE-2010-3343 (Microsoft Internet Explorer 6 does not properly handle objects in ...)
+ TODO: check
CVE-2010-3344
RESERVED
-CVE-2010-3345
- RESERVED
-CVE-2010-3346
- RESERVED
+CVE-2010-3345 (Microsoft Internet Explorer 8 does not properly handle objects in ...)
+ TODO: check
+CVE-2010-3346 (Microsoft Internet Explorer 6, 7, and 8 does not properly handle ...)
+ TODO: check
CVE-2010-3347
RESERVED
-CVE-2010-3348
- RESERVED
+CVE-2010-3348 (Microsoft Internet Explorer 6, 7, and 8 does not prevent rendering of ...)
+ TODO: check
CVE-2010-3349 (Ardour 2.8.11 places a zero-length directory name in the ...)
TODO: check
CVE-2010-3350 (bareFTP 0.3.4 places a zero-length directory name in the ...)
@@ -92639,16 +92685,16 @@ CVE-2010-3442 (Multiple integer overflows in the snd_ctl_new function in ...)
TODO: check
CVE-2010-3443
RESERVED
-CVE-2010-3444
- RESERVED
+CVE-2010-3444 (Buffer overflow in the log2vis_utf8 function in pyfribidi.c in GNU ...)
+ TODO: check
CVE-2010-3445 (Stack consumption vulnerability in the dissect_ber_unknown function in ...)
TODO: check
CVE-2010-3446
RESERVED
CVE-2010-3447
RESERVED
-CVE-2010-3448
- RESERVED
+CVE-2010-3448 (drivers/platform/x86/thinkpad_acpi.c in the Linux kernel before 2.6.34 ...)
+ TODO: check
CVE-2010-3449 (Cross-site request forgery (CSRF) vulnerability in Redback before ...)
NOT-FOR-US: codehaus redback
CVE-2010-3450
@@ -92761,8 +92807,8 @@ CVE-2010-3503 (Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris al
NOT-FOR-US: oracle solaris
CVE-2010-3504 (Unspecified vulnerability in the Oracle Applications Technology Stack ...)
NOT-FOR-US: oracle e business_suite
-CVE-2010-3505
- RESERVED
+CVE-2010-3505 (Unspecified vulnerability in the Agile Core component in Oracle Supply ...)
+ TODO: check
CVE-2010-3506 (Unspecified vulnerability in the Oracle Explorer (Sun Explorer) ...)
NOT-FOR-US: oracle sun_products_suite
CVE-2010-3507 (Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows local ...)
@@ -92771,8 +92817,8 @@ CVE-2010-3508 (Unspecified vulnerability in Oracle Solaris 10 allows local users
NOT-FOR-US: oracle solaris
CVE-2010-3509 (Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows remote ...)
NOT-FOR-US: oracle solaris
-CVE-2010-3510
- RESERVED
+CVE-2010-3510 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
+ TODO: check
CVE-2010-3511 (Unspecified vulnerability in Oracle OpenSolaris allows local users to ...)
NOT-FOR-US: oracle opensolaris
CVE-2010-3512 (Unspecified vulnerability in the Oracle iPlanet Web Server (Sun Java ...)
@@ -92923,36 +92969,36 @@ CVE-2010-3584 (Unspecified vulnerability in the Oracle VM component in Oracle VM
NOT-FOR-US: oracle vm
CVE-2010-3585 (Unspecified vulnerability in the OracleVM component in Oracle VM 2.2.1 ...)
NOT-FOR-US: oracle vm
-CVE-2010-3586
- RESERVED
-CVE-2010-3587
- RESERVED
-CVE-2010-3588
- RESERVED
-CVE-2010-3589
- RESERVED
-CVE-2010-3590
- RESERVED
-CVE-2010-3591
- RESERVED
-CVE-2010-3592
- RESERVED
-CVE-2010-3593
- RESERVED
-CVE-2010-3594
- RESERVED
-CVE-2010-3595
- RESERVED
-CVE-2010-3596
- RESERVED
-CVE-2010-3597
- RESERVED
-CVE-2010-3598
- RESERVED
-CVE-2010-3599
- RESERVED
-CVE-2010-3600
- RESERVED
+CVE-2010-3586 (Unspecified vulnerability in Oracle Solaris 9 allows local users to ...)
+ TODO: check
+CVE-2010-3587 (Unspecified vulnerability in the Oracle Common Applications component ...)
+ TODO: check
+CVE-2010-3588 (Unspecified vulnerability in the Oracle Discoverer component in Oracle ...)
+ TODO: check
+CVE-2010-3589 (Unspecified vulnerability in the Oracle Application Object Library ...)
+ TODO: check
+CVE-2010-3590 (Unspecified vulnerability in the Oracle Spatial component in Oracle ...)
+ TODO: check
+CVE-2010-3591 (Unspecified vulnerability in the Oracle Document Capture component in ...)
+ TODO: check
+CVE-2010-3592 (Unspecified vulnerability in the Oracle Document Capture component in ...)
+ TODO: check
+CVE-2010-3593 (Unspecified vulnerability in the Health Sciences - Oracle Argus Safety ...)
+ TODO: check
+CVE-2010-3594 (Unspecified vulnerability in the Real User Experience Insight ...)
+ TODO: check
+CVE-2010-3595 (Unspecified vulnerability in the Oracle Document Capture component in ...)
+ TODO: check
+CVE-2010-3596 (Unspecified vulnerability in the mod_ssl component in Oracle Secure ...)
+ TODO: check
+CVE-2010-3597 (Unspecified vulnerability in the Oracle Outside In Technology ...)
+ TODO: check
+CVE-2010-3598 (Unspecified vulnerability in the Oracle Document Capture component in ...)
+ TODO: check
+CVE-2010-3599 (Unspecified vulnerability in the Oracle Document Capture component in ...)
+ TODO: check
+CVE-2010-3600 (Unspecified vulnerability in the Client System Analyzer component in ...)
+ TODO: check
CVE-2010-3601 (SQL injection vulnerability in index.php in ibPhotohost 1.1.2 allows ...)
NOT-FOR-US: invisionpower ibphotohost
CVE-2010-3602 (Cross-site scripting (XSS) vulnerability in ProfileView.aspx in ...)
@@ -92983,8 +93029,8 @@ CVE-2010-3614 (named in ISC BIND 9.x before 9.6.2-P3, 9.7.x before 9.7.2-P3, 9.4
TODO: check
CVE-2010-3615 (named in ISC BIND 9.7.2-P2 does not check all intended locations for ...)
TODO: check
-CVE-2010-3616
- RESERVED
+CVE-2010-3616 (ISC DHCP server 4.2 before 4.2.0-P2, when configured to use failover ...)
+ TODO: check
CVE-2010-3617
RESERVED
CVE-2010-3618 (PGP Desktop 10.0.x before 10.0.3 SP2 and 10.1.0 before 10.1.0 SP1 does ...)
@@ -93103,22 +93149,22 @@ CVE-2010-3674
RESERVED
CVE-2010-3675
RESERVED
-CVE-2010-3676
- RESERVED
-CVE-2010-3677
- RESERVED
-CVE-2010-3678
- RESERVED
-CVE-2010-3679
- RESERVED
-CVE-2010-3680
- RESERVED
-CVE-2010-3681
- RESERVED
-CVE-2010-3682
- RESERVED
-CVE-2010-3683
- RESERVED
+CVE-2010-3676 (storage/innobase/dict/dict0crea.c in mysqld in Oracle MySQL 5.1 before ...)
+ TODO: check
+CVE-2010-3677 (Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote ...)
+ TODO: check
+CVE-2010-3678 (Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to ...)
+ TODO: check
+CVE-2010-3679 (Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to ...)
+ TODO: check
+CVE-2010-3680 (Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to ...)
+ TODO: check
+CVE-2010-3681 (Oracle MySQL 5.1 before 5.1.49 and 5.5 before 5.5.5 allows remote ...)
+ TODO: check
+CVE-2010-3682 (Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote ...)
+ TODO: check
+CVE-2010-3683 (Oracle MySQL 5.1 before 5.1.49 and 5.5 before 5.5.5 sends an OK packet ...)
+ TODO: check
CVE-2010-3684 (The FTP authentication module in Synology Disk Station 2.x logs ...)
NOT-FOR-US: Synology Disk Station
CVE-2010-3685 (The OpenID module in Drupal 6.x before 6.18, and the OpenID module 5.x ...)
@@ -93167,8 +93213,8 @@ CVE-2010-3706 (plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 an
TODO: check
CVE-2010-3707 (plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and ...)
TODO: check
-CVE-2010-3708
- RESERVED
+CVE-2010-3708 (The serialization implementation in JBoss Drools in Red Hat JBoss ...)
+ TODO: check
CVE-2010-3709 (The ZipArchive::getArchiveComment function in PHP 5.2.x through 5.2.14 ...)
TODO: check
CVE-2010-3710 (Stack consumption vulnerability in the filter_var function in PHP ...)
@@ -93417,22 +93463,22 @@ CVE-2010-3831 (Photos in Apple iOS before 4.2 enables support for HTTP Basic ...
TODO: check
CVE-2010-3832 (Heap-based buffer overflow in the GSM mobility management ...)
TODO: check
-CVE-2010-3833
- RESERVED
-CVE-2010-3834
- RESERVED
-CVE-2010-3835
- RESERVED
-CVE-2010-3836
- RESERVED
-CVE-2010-3837
- RESERVED
-CVE-2010-3838
- RESERVED
-CVE-2010-3839
- RESERVED
-CVE-2010-3840
- RESERVED
+CVE-2010-3833 (MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 does ...)
+ TODO: check
+CVE-2010-3834 (Unspecified vulnerability in MySQL 5.0 before 5.0.92, 5.1 before ...)
+ TODO: check
+CVE-2010-3835 (MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote ...)
+ TODO: check
+CVE-2010-3836 (MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 ...)
+ TODO: check
+CVE-2010-3837 (MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 ...)
+ TODO: check
+CVE-2010-3838 (MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 ...)
+ TODO: check
+CVE-2010-3839 (MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote ...)
+ TODO: check
+CVE-2010-3840 (The Gis_line_string::init_from_wkb function in sql/spatial.cc in MySQL ...)
+ TODO: check
CVE-2010-3841 (Multiple cross-site scripting (XSS) vulnerabilities in lib/TWiki.pm in ...)
TODO: check
CVE-2010-3842 (Absolute path traversal vulnerability in curl 7.20.0 through 7.21.1, ...)
@@ -93445,14 +93491,14 @@ CVE-2010-3845
RESERVED
CVE-2010-3846 (Array index error in the apply_rcs_change function in rcs.c in CVS ...)
TODO: check
-CVE-2010-3847
- RESERVED
-CVE-2010-3848
- RESERVED
-CVE-2010-3849
- RESERVED
-CVE-2010-3850
- RESERVED
+CVE-2010-3847 (elf/dl-load.c in ld.so in the GNU C Library (aka glibc or libc6) ...)
+ TODO: check
+CVE-2010-3848 (Stack-based buffer overflow in the econet_sendmsg function in ...)
+ TODO: check
+CVE-2010-3849 (The econet_sendmsg function in net/econet/af_econet.c in the Linux ...)
+ TODO: check
+CVE-2010-3850 (The ec_dev_ioctl function in net/econet/af_econet.c in the Linux ...)
+ TODO: check
CVE-2010-3851 (libguestfs before 1.5.23, as used in virt-v2v, virt-inspector 1.5.3 ...)
NOT-FOR-US: libguestfs
CVE-2010-3852 (The default configuration of Luci 0.22.4 and earlier in Red Hat Conga ...)
@@ -93463,26 +93509,26 @@ CVE-2010-3854
RESERVED
CVE-2010-3855 (Buffer overflow in the ft_var_readpackedpoints function in ...)
TODO: check
-CVE-2010-3856
- RESERVED
+CVE-2010-3856 (ld.so in the GNU C Library (aka glibc or libc6) before 2.11.3, and ...)
+ TODO: check
CVE-2010-3857
RESERVED
CVE-2010-3858 (The setup_arg_pages function in fs/exec.c in the Linux kernel before ...)
TODO: check
-CVE-2010-3859
- RESERVED
+CVE-2010-3859 (Multiple integer signedness errors in the TIPC implementation in the ...)
+ TODO: check
CVE-2010-3860 (IcedTea before 1.9.2, as based on OpenJDK 6, declares multiple ...)
TODO: check
CVE-2010-3861 (The ethtool_get_rxnfc function in net/core/ethtool.c in the Linux ...)
TODO: check
-CVE-2010-3862
- RESERVED
+CVE-2010-3862 (The ...)
+ TODO: check
CVE-2010-3863 (Apache Shiro before 1.1.0, and JSecurity 0.9.x, does not canonicalize ...)
NOT-FOR-US: shiro
CVE-2010-3864 (Multiple race conditions in ssl/t1_lib.c in OpenSSL 0.9.8f through ...)
TODO: check
-CVE-2010-3865
- RESERVED
+CVE-2010-3865 (Integer overflow in the rds_rdma_pages function in net/rds/rdma.c in ...)
+ TODO: check
CVE-2010-3866
REJECTED
CVE-2010-3867 (Multiple directory traversal vulnerabilities in the mod_site_misc ...)
@@ -93497,24 +93543,24 @@ CVE-2010-3871 (Cross-site scripting (XSS) vulnerability in ...)
NOT-FOR-US: mahara
CVE-2010-3872 (The apr_status_t fcgid_header_bucket_read function in fcgid_bucket.c ...)
TODO: check
-CVE-2010-3873
- RESERVED
-CVE-2010-3874
- RESERVED
-CVE-2010-3875
- RESERVED
-CVE-2010-3876
- RESERVED
-CVE-2010-3877
- RESERVED
-CVE-2010-3878
- RESERVED
+CVE-2010-3873 (The X.25 implementation in the Linux kernel before 2.6.36.2 does not ...)
+ TODO: check
+CVE-2010-3874 (Heap-based buffer overflow in the bcm_connect function in ...)
+ TODO: check
+CVE-2010-3875 (The ax25_getname function in net/ax25/af_ax25.c in the Linux kernel ...)
+ TODO: check
+CVE-2010-3876 (net/packet/af_packet.c in the Linux kernel before 2.6.37-rc2 does not ...)
+ TODO: check
+CVE-2010-3877 (The get_name function in net/tipc/socket.c in the Linux kernel before ...)
+ TODO: check
+CVE-2010-3878 (Cross-site request forgery (CSRF) vulnerability in the JMX Console in ...)
+ TODO: check
CVE-2010-3879
RESERVED
CVE-2010-3880 (net/ipv4/inet_diag.c in the Linux kernel before 2.6.37-rc2 does not ...)
TODO: check
-CVE-2010-3881
- RESERVED
+CVE-2010-3881 (arch/x86/kvm/x86.c in the Linux kernel before 2.6.36.2 does not ...)
+ TODO: check
CVE-2010-3882 (Multiple cross-site scripting (XSS) vulnerabilities in CMS Made Simple ...)
NOT-FOR-US: cmsmadesimple cms_made_simple
CVE-2010-3883 (Cross-site request forgery (CSRF) vulnerability in the Change Group ...)
@@ -93562,12 +93608,12 @@ CVE-2010-3903 (Unspecified vulnerability in OpenConnect before 2.23 allows remot
NOT-FOR-US: infradead openconnect
CVE-2010-3904 (The rds_page_copy_user function in net/rds/page.c in the Reliable ...)
TODO: check
-CVE-2010-3905
- RESERVED
-CVE-2010-3906
- RESERVED
-CVE-2010-3907
- RESERVED
+CVE-2010-3905 (The password reset feature in the administrator interface for ...)
+ TODO: check
+CVE-2010-3906 (Cross-site scripting (XSS) vulnerability in Gitweb 1.7.3.3 and earlier ...)
+ TODO: check
+CVE-2010-3907 (Multiple integer overflows in real.c in the Real demuxer plugin in ...)
+ TODO: check
CVE-2010-3908
RESERVED
CVE-2010-3909 (Incomplete blacklist vulnerability in config.template.php in vtiger ...)
@@ -93576,8 +93622,8 @@ CVE-2010-3910 (Multiple directory traversal vulnerabilities in the ...)
NOT-FOR-US: vtiger_crm
CVE-2010-3911 (Multiple cross-site scripting (XSS) vulnerabilities in vtiger CRM ...)
NOT-FOR-US: vtiger_crm
-CVE-2010-3912
- RESERVED
+CVE-2010-3912 (The supportconfig script in supportutils in SUSE Linux Enterprise 11 ...)
+ TODO: check
CVE-2010-3913 (CRLF injection vulnerability in TransWARE Active! mail 6 build ...)
NOT-FOR-US: transware active _mail
CVE-2010-3914 (Untrusted search path vulnerability in VIM Development Group GVim ...)
@@ -93598,24 +93644,24 @@ CVE-2010-3921 (Cross-site scripting (XSS) vulnerability in Movable Type 4.x befo
NOT-FOR-US: sixapart movabletype
CVE-2010-3922 (SQL injection vulnerability in Movable Type 4.x before 4.35 and 5.x ...)
NOT-FOR-US: sixapart movabletype
-CVE-2010-3923
- RESERVED
-CVE-2010-3924
- RESERVED
-CVE-2010-3925
- RESERVED
-CVE-2010-3926
- RESERVED
+CVE-2010-3923 (Untrusted search path vulnerability in AttacheCase before 2.70 allows ...)
+ TODO: check
+CVE-2010-3924 (SQL injection vulnerability in Aimluck Aipo before 5.1.0.1 allows ...)
+ TODO: check
+CVE-2010-3925 (Contents-Mall before 15 does not properly handle passwords, which ...)
+ TODO: check
+CVE-2010-3926 (Multiple cross-site scripting (XSS) vulnerabilities in Shop.cgi in ...)
+ TODO: check
CVE-2010-3927
RESERVED
-CVE-2010-3928
- RESERVED
+CVE-2010-3928 (Ruby Version Manager (RVM) before 1.2.1 writes file contents to a ...)
+ TODO: check
CVE-2010-3929
RESERVED
CVE-2010-3930
RESERVED
-CVE-2010-3931
- RESERVED
+CVE-2010-3931 (Cross-site scripting (XSS) vulnerability in multiple Rocomotion ...)
+ TODO: check
CVE-2010-3932
RESERVED
CVE-2010-3933 (Ruby on Rails 2.3.9 and 3.0.0 does not properly handle nested ...)
@@ -93626,80 +93672,80 @@ CVE-2010-3935
RESERVED
CVE-2010-3936 (Cross-site scripting (XSS) vulnerability in Signurl.asp in Microsoft ...)
NOT-FOR-US: microsoft forefront_unified_access_gateway
-CVE-2010-3937
- RESERVED
+CVE-2010-3937 (Microsoft Exchange Server 2007 SP2 on the x64 platform allows remote ...)
+ TODO: check
CVE-2010-3938
RESERVED
-CVE-2010-3939
- RESERVED
-CVE-2010-3940
- RESERVED
-CVE-2010-3941
- RESERVED
-CVE-2010-3942
- RESERVED
-CVE-2010-3943
- RESERVED
-CVE-2010-3944
- RESERVED
-CVE-2010-3945
- RESERVED
-CVE-2010-3946
- RESERVED
-CVE-2010-3947
- RESERVED
+CVE-2010-3939 (Buffer overflow in win32k.sys in the kernel-mode drivers in Microsoft ...)
+ TODO: check
+CVE-2010-3940 (Double free vulnerability in win32k.sys in the kernel-mode drivers in ...)
+ TODO: check
+CVE-2010-3941 (Double free vulnerability in win32k.sys in the kernel-mode drivers in ...)
+ TODO: check
+CVE-2010-3942 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
+ TODO: check
+CVE-2010-3943 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
+ TODO: check
+CVE-2010-3944 (win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2008 ...)
+ TODO: check
+CVE-2010-3945 (Buffer overflow in the CGM image converter in the graphics filters in ...)
+ TODO: check
+CVE-2010-3946 (Integer overflow in the PICT image converter in the graphics filters ...)
+ TODO: check
+CVE-2010-3947 (Heap-based buffer overflow in the TIFF image converter in the graphics ...)
+ TODO: check
CVE-2010-3948
RESERVED
-CVE-2010-3949
- RESERVED
-CVE-2010-3950
- RESERVED
-CVE-2010-3951
- RESERVED
-CVE-2010-3952
- RESERVED
+CVE-2010-3949 (Buffer overflow in the TIFF image converter in the graphics filters in ...)
+ TODO: check
+CVE-2010-3950 (The TIFF image converter in the graphics filters in Microsoft Office ...)
+ TODO: check
+CVE-2010-3951 (Buffer overflow in the FlashPix image converter in the graphics ...)
+ TODO: check
+CVE-2010-3952 (The FlashPix image converter in the graphics filters in Microsoft ...)
+ TODO: check
CVE-2010-3953
RESERVED
-CVE-2010-3954
- RESERVED
-CVE-2010-3955
- RESERVED
-CVE-2010-3956
- RESERVED
-CVE-2010-3957
- RESERVED
+CVE-2010-3954 (Microsoft Publisher 2002 SP3, 2003 SP3, and 2010 allows remote ...)
+ TODO: check
+CVE-2010-3955 (pubconv.dll (aka the Publisher Converter DLL) in Microsoft Publisher ...)
+ TODO: check
+CVE-2010-3956 (The OpenType Font (OTF) driver in Microsoft Windows XP SP2 and SP3, ...)
+ TODO: check
+CVE-2010-3957 (Double free vulnerability in the OpenType Font (OTF) driver in ...)
+ TODO: check
CVE-2010-3958
RESERVED
-CVE-2010-3959
- RESERVED
-CVE-2010-3960
- RESERVED
-CVE-2010-3961
- RESERVED
+CVE-2010-3959 (The OpenType Font (OTF) driver in Microsoft Windows XP SP2 and SP3, ...)
+ TODO: check
+CVE-2010-3960 (Hyper-V in Microsoft Windows Server 2008 Gold, SP2, and R2 allows ...)
+ TODO: check
+CVE-2010-3961 (The Consent User Interface (UI) in Microsoft Windows Vista SP1 and ...)
+ TODO: check
CVE-2010-3962 (Use-after-free vulnerability in Microsoft Internet Explorer 6, 7, and ...)
NOT-FOR-US: microsoft ie
-CVE-2010-3963
- RESERVED
-CVE-2010-3964
- RESERVED
-CVE-2010-3965
- RESERVED
-CVE-2010-3966
- RESERVED
-CVE-2010-3967
- RESERVED
+CVE-2010-3963 (Buffer overflow in the Routing and Remote Access NDProxy component in ...)
+ TODO: check
+CVE-2010-3964 (Unrestricted file upload vulnerability in the Document Conversions ...)
+ TODO: check
+CVE-2010-3965 (Untrusted search path vulnerability in Windows Media Encoder 9 on ...)
+ TODO: check
+CVE-2010-3966 (Untrusted search path vulnerability in Microsoft Windows Server 2008 ...)
+ TODO: check
+CVE-2010-3967 (Untrusted search path vulnerability in Microsoft Windows Movie Maker ...)
+ TODO: check
CVE-2010-3968
RESERVED
CVE-2010-3969
RESERVED
-CVE-2010-3970
- RESERVED
-CVE-2010-3971
- RESERVED
-CVE-2010-3972
- RESERVED
-CVE-2010-3973
- RESERVED
+CVE-2010-3970 (Stack-based buffer overflow in the CreateSizedDIBSECTION function in ...)
+ TODO: check
+CVE-2010-3971 (Use-after-free vulnerability in the CSharedStyleSheet::Notify function ...)
+ TODO: check
+CVE-2010-3972 (The TELNET_STREAM_CONTEXT::OnSendData function in the FTP protocol ...)
+ TODO: check
+CVE-2010-3973 (The WBEMSingleView.ocx ActiveX control 1.50.1131.0 in Microsoft WMI ...)
+ TODO: check
CVE-2010-3974
RESERVED
CVE-2010-3975 (Untrusted search path vulnerability in Adobe Flash Player 9 allows ...)
@@ -93720,8 +93766,8 @@ CVE-2010-3982 (SAP BusinessObjects Enterprise XI 3.2 allows remote attackers to
NOT-FOR-US: sap businessobjects
CVE-2010-3983 (CmcApp in SAP BusinessObjects Enterprise XI 3.2 allows remote ...)
NOT-FOR-US: sap businessobjects
-CVE-2010-3984
- RESERVED
+CVE-2010-3984 (Buffer overflow in mng_core_com.dll in CA XOsoft Replication r12.0 SP1 ...)
+ TODO: check
CVE-2010-3985 (Cross-site scripting (XSS) vulnerability in HP Operations ...)
NOT-FOR-US: hp operations_orchestration
CVE-2010-3986 (Unspecified vulnerability in HP Virtual Connect Enterprise Manager ...)
@@ -93778,8 +93824,8 @@ CVE-2010-4011 (Dovecot in Apple Mac OS X 10.6.5 10H574 does not properly manage
NOT-FOR-US: apple mac_os_x_server
CVE-2010-4012 (Race condition in Apple iOS 4.0 through 4.1 for iPhone 3G and later ...)
TODO: check
-CVE-2010-4013
- RESERVED
+CVE-2010-4013 (Format string vulnerability in PackageKit in Apple Mac OS X 10.6.x ...)
+ TODO: check
CVE-2010-4014
RESERVED
CVE-2010-4015
@@ -93854,10 +93900,10 @@ CVE-2010-4049 (Opera before 10.63 allows remote attackers to cause a denial of .
TODO: check
CVE-2010-4050 (Opera before 10.63 allows remote attackers to cause a denial of ...)
TODO: check
-CVE-2010-4051
- RESERVED
-CVE-2010-4052
- RESERVED
+CVE-2010-4051 (The regcomp implementation in the GNU C Library (aka glibc or libc6) ...)
+ TODO: check
+CVE-2010-4052 (Stack consumption vulnerability in the regcomp implementation in the ...)
+ TODO: check
CVE-2010-4053 (Stack-based buffer overflow in an unspecified logging function in ...)
NOT-FOR-US: ibm informix_dynamic_server
CVE-2010-4054 (The gs_type2_interpret function in Ghostscript allows remote attackers ...)
@@ -93894,8 +93940,8 @@ CVE-2010-4069 (Stack-based buffer overflow in IBM Informix Dynamic Server (IDS)
NOT-FOR-US: ibm informix_dynamic_server
CVE-2010-4070 (Integer overflow in librpc.dll in portmap.exe (aka the ISM Portmapper ...)
NOT-FOR-US: ibm informix_dynamic_server
-CVE-2010-4071
- RESERVED
+CVE-2010-4071 (Cross-site scripting (XSS) vulnerability in AgentTicketZoom in OTRS ...)
+ TODO: check
CVE-2010-4072 (The copy_shmid_to_user function in ipc/shm.c in the Linux kernel ...)
TODO: check
CVE-2010-4073 (The ipc subsystem in the Linux kernel before 2.6.37-rc1 does not ...)
@@ -93972,20 +94018,20 @@ CVE-2010-4108 (HP HP-UX B.11.11, B.11.23, and B.11.31 does not properly support
NOT-FOR-US: hp ux
CVE-2010-4109 (Cross-site scripting (XSS) vulnerability in the Contacts Application ...)
NOT-FOR-US: hp palm_webos
-CVE-2010-4110
- RESERVED
-CVE-2010-4111
- RESERVED
-CVE-2010-4112
- RESERVED
-CVE-2010-4113
- RESERVED
-CVE-2010-4114
- RESERVED
-CVE-2010-4115
- RESERVED
-CVE-2010-4116
- RESERVED
+CVE-2010-4110 (Unspecified vulnerability in HP OpenVMS 8.3, 8.3-1H1, and 8.4 on the ...)
+ TODO: check
+CVE-2010-4111 (Cross-site scripting (XSS) vulnerability in HP Insight Diagnostics ...)
+ TODO: check
+CVE-2010-4112 (HP Insight Management Agents before 8.6 allows remote attackers to ...)
+ TODO: check
+CVE-2010-4113 (Stack-based buffer overflow in HP Power Manager (HPPM) before 4.3.2 ...)
+ TODO: check
+CVE-2010-4114 (Cross-site scripting (XSS) vulnerability in HP Discovery & Dependency ...)
+ TODO: check
+CVE-2010-4115 (HP StorageWorks Modular Smart Array P2000 G3 firmware TS100R011, ...)
+ TODO: check
+CVE-2010-4116 (Unspecified vulnerability in HP StorageWorks Storage Mirroring 5.x ...)
+ TODO: check
CVE-2010-4117
RESERVED
CVE-2010-4118
@@ -94068,24 +94114,24 @@ CVE-2010-4156 (The mb_strcut function in Libmbfl 1.1.0, as used in PHP 5.3.x thr
NOT-FOR-US: libmbfl
CVE-2010-4157 (Integer overflow in the ioc_general function in drivers/scsi/gdth.c in ...)
TODO: check
-CVE-2010-4158
- RESERVED
+CVE-2010-4158 (The sk_run_filter function in net/core/filter.c in the Linux kernel ...)
+ TODO: check
CVE-2010-4159 (Untrusted search path vulnerability in metadata/loader.c in Mono 2.8 ...)
TODO: check
-CVE-2010-4160
- RESERVED
-CVE-2010-4161
- RESERVED
-CVE-2010-4162
- RESERVED
-CVE-2010-4163
- RESERVED
-CVE-2010-4164
- RESERVED
+CVE-2010-4160 (Multiple integer overflows in the (1) pppol2tp_sendmsg function in ...)
+ TODO: check
+CVE-2010-4161 (The udp_queue_rcv_skb function in net/ipv4/udp.c in a certain Red Hat ...)
+ TODO: check
+CVE-2010-4162 (Multiple integer overflows in fs/bio.c in the Linux kernel before ...)
+ TODO: check
+CVE-2010-4163 (The blk_rq_map_user_iov function in block/blk-map.c in the Linux ...)
+ TODO: check
+CVE-2010-4164 (Multiple integer underflows in the x25_parse_facilities function in ...)
+ TODO: check
CVE-2010-4165 (The do_tcp_setsockopt function in net/ipv4/tcp.c in the Linux kernel ...)
TODO: check
-CVE-2010-4166
- RESERVED
+CVE-2010-4166 (Multiple SQL injection vulnerabilities in Joomla! 1.5.x before 1.5.22 ...)
+ TODO: check
CVE-2010-4167 (Untrusted search path vulnerability in configure.c in ImageMagick ...)
TODO: check
CVE-2010-4168 (Multiple use-after-free vulnerabilities in OpenTTD 1.0.x before 1.0.5 ...)
@@ -94102,8 +94148,8 @@ CVE-2010-4173 (The default configuration of libsdp.conf in libsdp 1.1.104 and ea
NOT-FOR-US: openfabrics libsdp
CVE-2010-4174
RESERVED
-CVE-2010-4175
- RESERVED
+CVE-2010-4175 (Integer overflow in the rds_cmsg_rdma_args function (net/rds/rdma.c) ...)
+ TODO: check
CVE-2010-4176 (plymouth-pretrigger.sh in dracut and udev, when running on Fedora 13 ...)
TODO: check
CVE-2010-4177
@@ -94203,8 +94249,8 @@ CVE-2010-4223
RESERVED
CVE-2010-4224
RESERVED
-CVE-2010-4225
- RESERVED
+CVE-2010-4225 (Unspecified vulnerability in the mod_mono module for XSP in Mono 2.8.x ...)
+ TODO: check
CVE-2010-4226
RESERVED
CVE-2010-4227
@@ -94237,8 +94283,8 @@ CVE-2010-4240
RESERVED
CVE-2010-4241
RESERVED
-CVE-2010-4242
- RESERVED
+CVE-2010-4242 (The hci_uart_tty_open function in the HCI UART driver ...)
+ TODO: check
CVE-2010-4243
RESERVED
CVE-2010-4244
@@ -94247,8 +94293,8 @@ CVE-2010-4245
RESERVED
CVE-2010-4246 (Multiple cross-site scripting (XSS) vulnerabilities in graph.php in ...)
NOT-FOR-US: bsdperimeter pfsense
-CVE-2010-4247
- RESERVED
+CVE-2010-4247 (The do_block_io_op function in (1) drivers/xen/blkback/blkback.c and ...)
+ TODO: check
CVE-2010-4248 (Race condition in the __exit_signal function in kernel/exit.c in the ...)
TODO: check
CVE-2010-4249 (The wait_for_unix_gc function in net/unix/garbage.c in the Linux ...)
@@ -94269,26 +94315,26 @@ CVE-2010-4256
RESERVED
CVE-2010-4257 (SQL injection vulnerability in the do_trackbacks function in ...)
TODO: check
-CVE-2010-4258
- RESERVED
+CVE-2010-4258 (The do_exit function in kernel/exit.c in the Linux kernel before ...)
+ TODO: check
CVE-2010-4259 (Stack-based buffer overflow in FontForge 20100501 allows remote ...)
TODO: check
CVE-2010-4260 (Multiple unspecified vulnerabilities in pdf.c in libclamav in ClamAV ...)
TODO: check
CVE-2010-4261 (Off-by-one error in the icon_cb function in pe_icons.c in libclamav in ...)
TODO: check
-CVE-2010-4262
- RESERVED
-CVE-2010-4263
- RESERVED
+CVE-2010-4262 (Stack-based buffer overflow in Xfig 3.2.4 and 3.2.5 allows remote ...)
+ TODO: check
+CVE-2010-4263 (The igb_receive_skb function in drivers/net/igb/igb_main.c in the ...)
+ TODO: check
CVE-2010-4264
RESERVED
-CVE-2010-4265
- RESERVED
+CVE-2010-4265 (The ...)
+ TODO: check
CVE-2010-4266
RESERVED
-CVE-2010-4267
- RESERVED
+CVE-2010-4267 (Stack-based buffer overflow in the hpmud_get_pml function in ...)
+ TODO: check
CVE-2010-4268 (SQL injection vulnerability in the Pulse Infotech Flip Wall ...)
NOT-FOR-US: pulseinfotech com_flipwall
CVE-2010-4269 (SQL injection vulnerability in managechat.php in Collabtive 0.65 ...)
@@ -94303,12 +94349,12 @@ CVE-2010-4273 (SQL injection vulnerability in imoveis.php in DescargarVista ACC
NOT-FOR-US: accimoveis descargarvista_acc_imoveis
CVE-2010-4274 (reset_diragent_keys in the Common agent in IBM Systems Director 6.2.0 ...)
NOT-FOR-US: ibm director_agent
-CVE-2010-4275
- RESERVED
-CVE-2010-4276
- RESERVED
-CVE-2010-4277
- RESERVED
+CVE-2010-4275 (Multiple cross-site scripting (XSS) vulnerabilities in Radius Manager ...)
+ TODO: check
+CVE-2010-4276 (Cross-site scripting (XSS) vulnerability in the lz_tracking_set_sessid ...)
+ TODO: check
+CVE-2010-4277 (Cross-site scripting (XSS) vulnerability in lembedded-video.php in the ...)
+ TODO: check
CVE-2010-4278 (operation/agentes/networkmap.php in Pandora FMS before 3.1.1 allows ...)
NOT-FOR-US: pandora
CVE-2010-4279 (The default configuration of Pandora FMS 3.1 and earlier specifies an ...)
@@ -94395,14 +94441,14 @@ CVE-2010-4319
RESERVED
CVE-2010-4320
RESERVED
-CVE-2010-4321
- RESERVED
-CVE-2010-4322
- RESERVED
+CVE-2010-4321 (Stack-based buffer overflow in an ActiveX control in ienipp.ocx in ...)
+ TODO: check
+CVE-2010-4322 (Cross-site scripting (XSS) vulnerability in gwtTeaming.rpc in Novell ...)
+ TODO: check
CVE-2010-4323
RESERVED
-CVE-2010-4324
- RESERVED
+CVE-2010-4324 (Cross-site scripting (XSS) vulnerability in the Approval Form in the ...)
+ TODO: check
CVE-2010-4325
RESERVED
CVE-2010-4326
@@ -94415,50 +94461,50 @@ CVE-2010-4329 (Cross-site scripting (XSS) vulnerability in the PMA_linkOrButton
TODO: check
CVE-2010-4330 (Directory traversal vulnerability in includes/controller.php in Pulse ...)
NOT-FOR-US: pulsecms pulse_cms
-CVE-2010-4331
- RESERVED
-CVE-2010-4332
- RESERVED
-CVE-2010-4333
- RESERVED
-CVE-2010-4334
- RESERVED
-CVE-2010-4335
- RESERVED
-CVE-2010-4336
- RESERVED
-CVE-2010-4337
- RESERVED
-CVE-2010-4338
- RESERVED
-CVE-2010-4339
- RESERVED
+CVE-2010-4331 (Multiple cross-site scripting (XSS) vulnerabilities in Seo Panel 2.2.0 ...)
+ TODO: check
+CVE-2010-4332 (Pointter PHP Content Management System 1.0 allows remote attackers to ...)
+ TODO: check
+CVE-2010-4333 (Pointter PHP Micro-Blogging Social Network 1.8 allows remote attackers ...)
+ TODO: check
+CVE-2010-4334 (IO::Socket::SSL Perl module 1.35, when verify_mode is not VERIFY_NONE, ...)
+ TODO: check
+CVE-2010-4335 (The _validatePost function in libs/controller/components/security.php ...)
+ TODO: check
+CVE-2010-4336 (The cu_rrd_create_file function (src/utils_rrdcreate.c) in collectd ...)
+ TODO: check
+CVE-2010-4337 (The configure script in gnash 0.8.8 allows local users to overwrite ...)
+ TODO: check
+CVE-2010-4338 (ocrodjvu 0.4.6-1 on Debian GNU/Linux, when using Cuneiform as the OCR ...)
+ TODO: check
+CVE-2010-4339 (Cross-site scripting (XSS) vulnerability in Hypermail 2.2.0 allows ...)
+ TODO: check
CVE-2010-4340
- RESERVED
+ TODO: check
CVE-2010-4341
RESERVED
-CVE-2010-4342
- RESERVED
-CVE-2010-4343
- RESERVED
-CVE-2010-4344
- RESERVED
-CVE-2010-4345
- RESERVED
-CVE-2010-4346
- RESERVED
-CVE-2010-4347
- RESERVED
-CVE-2010-4348
- RESERVED
-CVE-2010-4349
- RESERVED
-CVE-2010-4350
- RESERVED
-CVE-2010-4351
- RESERVED
-CVE-2010-4352
- RESERVED
+CVE-2010-4342 (The aun_incoming function in net/econet/af_econet.c in the Linux ...)
+ TODO: check
+CVE-2010-4343 (drivers/scsi/bfa/bfa_core.c in the Linux kernel before 2.6.35 does not ...)
+ TODO: check
+CVE-2010-4344 (Heap-based buffer overflow in the string_vformat function in string.c ...)
+ TODO: check
+CVE-2010-4345 (Exim 4.72 and earlier allows local users to gain privileges by ...)
+ TODO: check
+CVE-2010-4346 (The install_special_mapping function in mm/mmap.c in the Linux kernel ...)
+ TODO: check
+CVE-2010-4347 (The ACPI subsystem in the Linux kernel before 2.6.36.2 uses 0222 ...)
+ TODO: check
+CVE-2010-4348 (Cross-site scripting (XSS) vulnerability in ...)
+ TODO: check
+CVE-2010-4349 (admin/upgrade_unattended.php in MantisBT before 1.2.4 allows remote ...)
+ TODO: check
+CVE-2010-4350 (Directory traversal vulnerability in admin/upgrade_unattended.php in ...)
+ TODO: check
+CVE-2010-4351 (The JNLP SecurityManager in IcedTea (IcedTea.so) 1.7 before 1.7.7, 1.8 ...)
+ TODO: check
+CVE-2010-4352 (Stack consumption vulnerability in D-Bus (aka DBus) before 1.4.1 ...)
+ TODO: check
CVE-2010-4353
RESERVED
CVE-2010-4354 (The remote-access IPSec VPN implementation on Cisco Adaptive Security ...)
@@ -94503,52 +94549,52 @@ CVE-2010-4373 (The in_mp4 plugin in Winamp before 5.6 allows remote attackers to
NOT-FOR-US: nullsoft winamp
CVE-2010-4374 (The in_mkv plugin in Winamp before 5.6 allows remote attackers to ...)
NOT-FOR-US: nullsoft winamp
-CVE-2010-4375
- RESERVED
-CVE-2010-4376
- RESERVED
-CVE-2010-4377
- RESERVED
-CVE-2010-4378
- RESERVED
-CVE-2010-4379
- RESERVED
-CVE-2010-4380
- RESERVED
-CVE-2010-4381
- RESERVED
-CVE-2010-4382
- RESERVED
-CVE-2010-4383
- RESERVED
-CVE-2010-4384
- RESERVED
-CVE-2010-4385
- RESERVED
-CVE-2010-4386
- RESERVED
-CVE-2010-4387
- RESERVED
-CVE-2010-4388
- RESERVED
-CVE-2010-4389
- RESERVED
-CVE-2010-4390
- RESERVED
-CVE-2010-4391
- RESERVED
-CVE-2010-4392
- RESERVED
+CVE-2010-4375 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...)
+ TODO: check
+CVE-2010-4376 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...)
+ TODO: check
+CVE-2010-4377 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...)
+ TODO: check
+CVE-2010-4378 (The drv2.dll (aka RV20 decompression) module in RealNetworks ...)
+ TODO: check
+CVE-2010-4379 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...)
+ TODO: check
+CVE-2010-4380 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...)
+ TODO: check
+CVE-2010-4381 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...)
+ TODO: check
+CVE-2010-4382 (Multiple heap-based buffer overflows in RealNetworks RealPlayer 11.0 ...)
+ TODO: check
+CVE-2010-4383 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...)
+ TODO: check
+CVE-2010-4384 (Array index error in RealNetworks RealPlayer 11.0 through 11.1, ...)
+ TODO: check
+CVE-2010-4385 (Integer overflow in RealNetworks RealPlayer 11.0 through 11.1, ...)
+ TODO: check
+CVE-2010-4386 (RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through ...)
+ TODO: check
+CVE-2010-4387 (The RealAudio codec in RealNetworks RealPlayer 11.0 through 11.1, ...)
+ TODO: check
+CVE-2010-4388 (The (1) Upsell.htm, (2) Main.html, and (3) Custsupport.html components ...)
+ TODO: check
+CVE-2010-4389 (Heap-based buffer overflow in the cook codec in RealNetworks ...)
+ TODO: check
+CVE-2010-4390 (Multiple heap-based buffer overflows in RealNetworks RealPlayer 11.0 ...)
+ TODO: check
+CVE-2010-4391 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...)
+ TODO: check
+CVE-2010-4392 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...)
+ TODO: check
CVE-2010-4393
RESERVED
-CVE-2010-4394
- RESERVED
-CVE-2010-4395
- RESERVED
-CVE-2010-4396
- RESERVED
-CVE-2010-4397
- RESERVED
+CVE-2010-4394 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...)
+ TODO: check
+CVE-2010-4395 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...)
+ TODO: check
+CVE-2010-4396 (Cross-zone scripting vulnerability in the HandleAction method in a ...)
+ TODO: check
+CVE-2010-4397 (Integer overflow in the pnen3260.dll module in RealNetworks RealPlayer ...)
+ TODO: check
CVE-2010-4398 (Stack-based buffer overflow in the RtlQueryRegistryValues function in ...)
NOT-FOR-US: microsoft windows_xp
CVE-2010-4399 (Directory traversal vulnerability in languages.inc.php in DynPG CMS ...)
@@ -94579,110 +94625,110 @@ CVE-2010-4411 (Unspecified vulnerability in CGI.pm 3.50 and earlier allows remot
TODO: check
CVE-2010-4412 (Multiple cross-site scripting (XSS) vulnerabilities in pfSense 2 beta ...)
NOT-FOR-US: bsdperimeter pfsense
-CVE-2010-4413
- RESERVED
-CVE-2010-4414
- RESERVED
-CVE-2010-4415
- RESERVED
-CVE-2010-4416
- RESERVED
-CVE-2010-4417
- RESERVED
-CVE-2010-4418
- RESERVED
-CVE-2010-4419
- RESERVED
-CVE-2010-4420
- RESERVED
-CVE-2010-4421
- RESERVED
+CVE-2010-4413 (Unspecified vulnerability in the Scheduler Agent component in Oracle ...)
+ TODO: check
+CVE-2010-4414 (Unspecified vulnerability in Oracle VM VirtualBox 4.0 allows local ...)
+ TODO: check
+CVE-2010-4415 (Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows local ...)
+ TODO: check
+CVE-2010-4416 (Unspecified vulnerability in the Oracle GoldenGate Veridata component ...)
+ TODO: check
+CVE-2010-4417 (Unspecified vulnerability in the Services for Beehive component in ...)
+ TODO: check
+CVE-2010-4418 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+ TODO: check
+CVE-2010-4419 (Unspecified vulnerability in the PeopleSoft Enterprise CRM component ...)
+ TODO: check
+CVE-2010-4420 (Unspecified vulnerability in the Database Vault component in Oracle ...)
+ TODO: check
+CVE-2010-4421 (Unspecified vulnerability in the Database Vault component in Oracle ...)
+ TODO: check
CVE-2010-4422
RESERVED
-CVE-2010-4423
- RESERVED
-CVE-2010-4424
- RESERVED
-CVE-2010-4425
- RESERVED
-CVE-2010-4426
- RESERVED
-CVE-2010-4427
- RESERVED
-CVE-2010-4428
- RESERVED
-CVE-2010-4429
- RESERVED
-CVE-2010-4430
- RESERVED
-CVE-2010-4431
- RESERVED
-CVE-2010-4432
- RESERVED
-CVE-2010-4433
- RESERVED
-CVE-2010-4434
- RESERVED
-CVE-2010-4435
- RESERVED
-CVE-2010-4436
- RESERVED
-CVE-2010-4437
- RESERVED
-CVE-2010-4438
- RESERVED
-CVE-2010-4439
- RESERVED
-CVE-2010-4440
- RESERVED
-CVE-2010-4441
- RESERVED
-CVE-2010-4442
- RESERVED
-CVE-2010-4443
- RESERVED
-CVE-2010-4444
- RESERVED
-CVE-2010-4445
- RESERVED
-CVE-2010-4446
- RESERVED
+CVE-2010-4423 (Unspecified vulnerability in the Cluster Verify Utility component in ...)
+ TODO: check
+CVE-2010-4424 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+ TODO: check
+CVE-2010-4425 (Unspecified vulnerability in the Oracle BI Publisher component in ...)
+ TODO: check
+CVE-2010-4426 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+ TODO: check
+CVE-2010-4427 (Unspecified vulnerability in the Oracle BI Publisher component in ...)
+ TODO: check
+CVE-2010-4428 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component ...)
+ TODO: check
+CVE-2010-4429 (Unspecified vulnerability in the Agile Core component in Oracle Supply ...)
+ TODO: check
+CVE-2010-4430 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component ...)
+ TODO: check
+CVE-2010-4431 (Unspecified vulnerability in Oracle Sun Java System Portal Server 7.1 ...)
+ TODO: check
+CVE-2010-4432 (Unspecified vulnerability in the Oracle Transportation Manager ...)
+ TODO: check
+CVE-2010-4433 (Unspecified vulnerability in Oracle Solaris 10 allows remote attackers ...)
+ TODO: check
+CVE-2010-4434 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
+ TODO: check
+CVE-2010-4435 (Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows remote ...)
+ TODO: check
+CVE-2010-4436 (Unspecified vulnerability in Oracle Sun Management Center (SunMC) 4.0 ...)
+ TODO: check
+CVE-2010-4437 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
+ TODO: check
+CVE-2010-4438 (Unspecified vulnerability in Oracle GlassFish 2.1, 2.1.1, and 3.0.1, ...)
+ TODO: check
+CVE-2010-4439 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component ...)
+ TODO: check
+CVE-2010-4440 (Unspecified vulnerability in Oracle 10 and 11 Express allows local ...)
+ TODO: check
+CVE-2010-4441 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component ...)
+ TODO: check
+CVE-2010-4442 (Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows ...)
+ TODO: check
+CVE-2010-4443 (Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows ...)
+ TODO: check
+CVE-2010-4444 (Unspecified vulnerability in Oracle Sun Java System Access Manager and ...)
+ TODO: check
+CVE-2010-4445 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component ...)
+ TODO: check
+CVE-2010-4446 (Unspecified vulnerability in Oracle Solaris 11 Express allows local ...)
+ TODO: check
CVE-2010-4447
RESERVED
CVE-2010-4448
RESERVED
-CVE-2010-4449
- RESERVED
+CVE-2010-4449 (Unspecified vulnerability in the Audit Vault component in Oracle Audit ...)
+ TODO: check
CVE-2010-4450
RESERVED
CVE-2010-4451
RESERVED
CVE-2010-4452
RESERVED
-CVE-2010-4453
- RESERVED
+CVE-2010-4453 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
+ TODO: check
CVE-2010-4454
RESERVED
-CVE-2010-4455
- RESERVED
-CVE-2010-4456
- RESERVED
-CVE-2010-4457
- RESERVED
-CVE-2010-4458
- RESERVED
-CVE-2010-4459
- RESERVED
-CVE-2010-4460
- RESERVED
-CVE-2010-4461
- RESERVED
+CVE-2010-4455 (Unspecified vulnerability in the Oracle HTTP Server component in ...)
+ TODO: check
+CVE-2010-4456 (Unspecified vulnerability in Oracle Sun Java System Communications ...)
+ TODO: check
+CVE-2010-4457 (Unspecified vulnerability in Oracle Solaris 11 Express allows remote ...)
+ TODO: check
+CVE-2010-4458 (Unspecified vulnerability in Oracle Solaris 11 Express allows local ...)
+ TODO: check
+CVE-2010-4459 (Unspecified vulnerability in Oracle Solaris 11 Express allows local ...)
+ TODO: check
+CVE-2010-4460 (Unspecified vulnerability in Oracle Solaris 10 allows local users to ...)
+ TODO: check
+CVE-2010-4461 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component ...)
+ TODO: check
CVE-2010-4462
RESERVED
CVE-2010-4463
RESERVED
-CVE-2010-4464
- RESERVED
+CVE-2010-4464 (Unspecified vulnerability in Oracle Sun Convergence 1.0 allows remote ...)
+ TODO: check
CVE-2010-4465
RESERVED
CVE-2010-4466
@@ -94713,10 +94759,10 @@ CVE-2010-4478 (OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properl
TODO: check
CVE-2010-4479 (Unspecified vulnerability in pdf.c in libclamav in ClamAV before ...)
TODO: check
-CVE-2010-4480 (error.php in PhpMyAdmin 3.3.8.1 and earlier allows remote attackers to ...)
+CVE-2010-4480 (error.php in PhpMyAdmin 3.3.8.1, and other versions before ...)
+ TODO: check
+CVE-2010-4481 (phpMyAdmin before 3.4.0-beta1 allows remote attackers to bypass ...)
TODO: check
-CVE-2010-4481
- RESERVED
CVE-2010-4482 (Unspecified vulnerability in Google Chrome before 8.0.552.215 allows ...)
TODO: check
CVE-2010-4483 (Google Chrome before 8.0.552.215 does not properly restrict read ...)
@@ -94741,21 +94787,22 @@ CVE-2010-4492 (Use-after-free vulnerability in Google Chrome before 8.0.552.215
TODO: check
CVE-2010-4493 (Use-after-free vulnerability in Google Chrome before 8.0.552.215 ...)
TODO: check
-CVE-2010-4494 (Double free vulnerability in Google Chrome before 8.0.552.215 allows ...)
+CVE-2010-4494 (Double free vulnerability in libxml2 2.7.8 and other versions, as used ...)
+ TODO: check
+CVE-2010-4495 (Unspecified vulnerability in the ActiveMatrix Runtime component in ...)
+ TODO: check
+CVE-2010-4496 (Multiple SQL injection vulnerabilities in Collaborative Information ...)
+ TODO: check
+CVE-2010-4497 (Cross-site scripting (XSS) vulnerability in Collaborative Information ...)
+ TODO: check
+CVE-2010-4498 (Unspecified vulnerability in Collaborative Information Manager server, ...)
+ TODO: check
+CVE-2010-4499 (Session fixation vulnerability in Collaborative Information Manager ...)
TODO: check
-CVE-2010-4495
- RESERVED
-CVE-2010-4496
- RESERVED
-CVE-2010-4497
- RESERVED
-CVE-2010-4498
- RESERVED
-CVE-2010-4499
- RESERVED
CVE-2010-4500 (Multiple SQL injection vulnerabilities in contact.php in MRCGIGUY ...)
NOT-FOR-US: mrcgiguy freeticket
-CVE-2010-4501 (IO::Socket::SSL Perl module 1.35, when verify_mode is not VERIFY_NONE, ...)
+CVE-2010-4501
+ REJECTED
TODO: check
CVE-2010-4502 (Integer overflow in KmxSbx.sys 6.2.0.22 in CA Internet Security Suite ...)
NOT-FOR-US: ca internet_security_suite_plus_2010
@@ -94767,8 +94814,8 @@ CVE-2010-4505 (Multiple SQL injection vulnerabilities in login.php in Injader 2.
NOT-FOR-US: injader
CVE-2010-4506
RESERVED
-CVE-2010-4507
- RESERVED
+CVE-2010-4507 (Multiple cross-site request forgery (CSRF) vulnerabilities on the ...)
+ TODO: check
CVE-2010-4508 (The WebSockets implementation in Mozilla Firefox 4 through 4.0 Beta 7 ...)
TODO: check
CVE-2010-4509 (Multiple unspecified vulnerabilities in Movable Type 4.x before 4.35 ...)
@@ -94792,76 +94839,396 @@ CVE-2010-4517 (SQL injection vulnerability in the JExtensions JE Auto (com_jeaut
NOT-FOR-US: harmistechnology com_jeauto
CVE-2010-4518 (Cross-site scripting (XSS) vulnerability in ...)
NOT-FOR-US: wobeo wp safe search
-CVE-2010-4519
+CVE-2010-4519 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+ TODO: check
+CVE-2010-4520 (Multiple cross-site scripting (XSS) vulnerabilities in the Views ...)
+ TODO: check
+CVE-2010-4521 (Cross-site scripting (XSS) vulnerability in the Views module 6.x ...)
+ TODO: check
+CVE-2010-4522 (Multiple cross-site scripting (XSS) vulnerabilities in MyBB (aka ...)
+ TODO: check
+CVE-2010-4523 (Multiple stack-based buffer overflows in libopensc in OpenSC 0.11.13 ...)
+ TODO: check
+CVE-2010-4524 (Cross-site scripting (XSS) vulnerability in lib/mhtxthtml.pl in ...)
+ TODO: check
+CVE-2010-4525 (Linux kernel 2.6.33 and 2.6.34.y does not initialize the ...)
+ TODO: check
+CVE-2010-4526 (Race condition in the sctp_icmp_proto_unreachable function in ...)
+ TODO: check
+CVE-2010-4527 (The load_mixer_volumes function in sound/oss/soundcard.c in the OSS ...)
+ TODO: check
+CVE-2010-4528 (directconn.c in the MSN protocol plugin in libpurple 2.7.6 through ...)
+ TODO: check
+CVE-2010-4529 (Integer underflow in the irda_getsockopt function in ...)
+ TODO: check
+CVE-2010-4530 (Signedness error in ccid_serial.c in libccid in the USB Chip/Smart ...)
+ TODO: check
+CVE-2010-4531 (Stack-based buffer overflow in the ATRDecodeAtr function in the ...)
+ TODO: check
+CVE-2010-4532
RESERVED
-CVE-2010-4520
+CVE-2010-4533
RESERVED
-CVE-2010-4521
+CVE-2010-4534 (The administrative interface in django.contrib.admin in Django before ...)
+ TODO: check
+CVE-2010-4535 (The password reset functionality in django.contrib.auth in Django ...)
+ TODO: check
+CVE-2010-4536 (Multiple cross-site scripting (XSS) vulnerabilities in KSES, as used ...)
+ TODO: check
+CVE-2010-4537 (Unspecified vulnerability in CrawlTrack before 3.2.7, when a public ...)
+ TODO: check
+CVE-2010-4538 (Buffer overflow in the sect_enttec_dmx_da function in ...)
+ TODO: check
+CVE-2010-4539 (The walk function in repos.c in the mod_dav_svn module for the Apache ...)
+ TODO: check
+CVE-2010-4540 (Stack-based buffer overflow in the load_preset_response function in ...)
+ TODO: check
+CVE-2010-4541 (Stack-based buffer overflow in the loadit function in ...)
+ TODO: check
+CVE-2010-4542 (Stack-based buffer overflow in the gfig_read_parameter_gimp_rgb ...)
+ TODO: check
+CVE-2010-4543 (Heap-based buffer overflow in the read_channel_data function in ...)
+ TODO: check
+CVE-2010-4544 (Cross-site scripting (XSS) vulnerability in the servlet in IBM Lotus ...)
+ TODO: check
+CVE-2010-4545 (IBM Lotus Notes Traveler before 8.5.1.2 allows remote authenticated ...)
+ TODO: check
+CVE-2010-4546 (IBM Lotus Notes Traveler before 8.5.1.2 does not reject an attachment ...)
+ TODO: check
+CVE-2010-4547 (IBM Lotus Notes Traveler before 8.5.1.3, when a multidomain ...)
+ TODO: check
+CVE-2010-4548 (IBM Lotus Notes Traveler before 8.5.1.2 allows remote authenticated ...)
+ TODO: check
+CVE-2010-4549 (IBM Lotus Notes Traveler before 8.5.1.3 on the Nokia s60 device ...)
+ TODO: check
+CVE-2010-4550 (IBM Lotus Notes Traveler before 8.5.1.3 allows remote attackers to ...)
+ TODO: check
+CVE-2010-4551 (IBM Lotus Notes Traveler before 8.5.1.2 allows remote authenticated ...)
+ TODO: check
+CVE-2010-4552 (Memory leak in IBM Lotus Notes Traveler before 8.5.1.1 allows remote ...)
+ TODO: check
+CVE-2010-4553 (An unspecified Domino API in IBM Lotus Notes Traveler before 8.5.1.1 ...)
+ TODO: check
+CVE-2010-4554
RESERVED
-CVE-2010-4522
+CVE-2010-4555
RESERVED
-CVE-2010-4523
+CVE-2010-4556 (Stack-based buffer overflow in the SapThemeRepository ActiveX control ...)
+ TODO: check
+CVE-2010-4557 (Buffer overflow in the lm_tcp service in Invensys Wonderware InBatch ...)
+ TODO: check
+CVE-2010-4558 (phpMyFAQ 2.6.11 and 2.6.12, as distributed between December 4th and ...)
+ TODO: check
+CVE-2010-4559
RESERVED
-CVE-2010-4524
+CVE-2010-4560
RESERVED
-CVE-2010-4525
+CVE-2010-4561
RESERVED
-CVE-2010-4526
+CVE-2010-4562
RESERVED
-CVE-2010-4527
+CVE-2010-4563
RESERVED
-CVE-2010-4528
+CVE-2010-4564
RESERVED
-CVE-2010-4529
+CVE-2010-4565 (The bcm_connect function in net/can/bcm.c (aka the Broadcast Manager) ...)
+ TODO: check
+CVE-2010-4566 (Unspecified vulnerability in the NT4 authentication component in ...)
+ TODO: check
+CVE-2010-4567
RESERVED
-CVE-2010-4530
+CVE-2010-4568
RESERVED
-CVE-2010-4531
+CVE-2010-4569
RESERVED
-CVE-2010-4532
+CVE-2010-4570
RESERVED
-CVE-2010-4533
+CVE-2010-4571
RESERVED
-CVE-2010-4534
+CVE-2010-4572
RESERVED
-CVE-2010-4535
+CVE-2010-4573 (The Update Installer in VMware ESXi 4.1, when a modified sfcb.cfg is ...)
+ TODO: check
+CVE-2010-4574 (The Pickle::Pickle function in base/pickle.cc in Google Chrome before ...)
+ TODO: check
+CVE-2010-4575 (The ThemeInstalledInfoBarDelegate::Observe function in ...)
+ TODO: check
+CVE-2010-4576 (browser/worker_host/message_port_dispatcher.cc in Google Chrome before ...)
+ TODO: check
+CVE-2010-4577 (Google Chrome before 8.0.552.224 and Chrome OS before 8.0.552.343 do ...)
+ TODO: check
+CVE-2010-4578 (Google Chrome before 8.0.552.224 and Chrome OS before 8.0.552.343 do ...)
+ TODO: check
+CVE-2010-4579 (Opera before 11.00 does not properly constrain dialogs to appear on ...)
+ TODO: check
+CVE-2010-4580 (Opera before 11.00 does not clear WAP WML form fields after manual ...)
+ TODO: check
+CVE-2010-4581 (Unspecified vulnerability in Opera before 11.00 has unknown impact and ...)
+ TODO: check
+CVE-2010-4582 (Opera before 11.00 does not properly handle security policies during ...)
+ TODO: check
+CVE-2010-4583 (Opera before 11.00, when Opera Turbo is enabled, does not display a ...)
+ TODO: check
+CVE-2010-4584 (Opera before 11.00, when Opera Turbo is used, does not properly ...)
+ TODO: check
+CVE-2010-4585 (Unspecified vulnerability in the auto-update functionality in Opera ...)
+ TODO: check
+CVE-2010-4586 (The default configuration of Opera before 11.00 enables WebSockets ...)
+ TODO: check
+CVE-2010-4587 (Opera before 11.00 on Windows does not properly implement the Insecure ...)
+ TODO: check
+CVE-2010-4588 (The WBEMSingleView.ocx ActiveX control 1.50.1131.0 in Microsoft WMI ...)
+ TODO: check
+CVE-2010-4589 (Cross-site scripting (XSS) vulnerability in IBM ENOVIA 6 allows remote ...)
+ TODO: check
+CVE-2010-4590 (Cross-site scripting (XSS) vulnerability in HTTP Access Services ...)
+ TODO: check
+CVE-2010-4591 (The Connection Manager in IBM Lotus Mobile Connect (LMC) before 6.1.4, ...)
+ TODO: check
+CVE-2010-4592 (The Mobile Network Connections functionality in the Connection Manager ...)
+ TODO: check
+CVE-2010-4593 (The Connection Manager in IBM Lotus Mobile Connect before 6.1.4 does ...)
+ TODO: check
+CVE-2010-4594 (The Connection Manager in IBM Lotus Mobile Connect before 6.1.4, when ...)
+ TODO: check
+CVE-2010-4595 (The Connection Manager in IBM Lotus Mobile Connect before 6.1.4 ...)
+ TODO: check
+CVE-2010-4596
RESERVED
-CVE-2010-4536
+CVE-2010-4597 (Stack-based buffer overflow in the save method in the ...)
+ TODO: check
+CVE-2010-4598 (Directory traversal vulnerability in Ecava IntegraXor 3.6.4000.0 and ...)
+ TODO: check
+CVE-2010-4599 (Untrusted search path vulnerability in Ecava IntegraXor 3.6.4000.0 ...)
+ TODO: check
+CVE-2010-4600 (Dojo Toolkit, as used in the Web client in IBM Rational ClearQuest ...)
+ TODO: check
+CVE-2010-4601 (Multiple unspecified vulnerabilities in IBM Rational ClearQuest 7.0.x ...)
+ TODO: check
+CVE-2010-4602 (The Web client in IBM Rational ClearQuest 7.1.1.x before 7.1.1.4 and ...)
+ TODO: check
+CVE-2010-4603 (IBM Rational ClearQuest 7.0.x before 7.0.1.11, 7.1.1.x before 7.1.1.4, ...)
+ TODO: check
+CVE-2010-4604 (Stack-based buffer overflow in the GeneratePassword function in dsmtca ...)
+ TODO: check
+CVE-2010-4605 (Unspecified vulnerability in the backup-archive client in IBM Tivoli ...)
+ TODO: check
+CVE-2010-4606 (Unspecified vulnerability in the Space Management client in the ...)
+ TODO: check
+CVE-2010-4607 (Multiple cross-site scripting (XSS) vulnerabilities in Habari 0.6.5, ...)
+ TODO: check
+CVE-2010-4608 (Habari 0.6.5 allows remote attackers to obtain sensitive information ...)
+ TODO: check
+CVE-2010-4609 (SQL injection vulnerability in index.php in Html-edit CMS 3.1.8 allows ...)
+ TODO: check
+CVE-2010-4610 (Cross-site scripting (XSS) vulnerability in index.php in Html-edit CMS ...)
+ TODO: check
+CVE-2010-4611 (Html-edit CMS 3.1.8 allows remote attackers to obtain sensitive ...)
+ TODO: check
+CVE-2010-4612 (Multiple SQL injection vulnerabilities in index.php in Hycus CMS ...)
+ TODO: check
+CVE-2010-4613 (Multiple directory traversal vulnerabilities in Hycus CMS 1.0.3 allow ...)
+ TODO: check
+CVE-2010-4614 (SQL injection vulnerability in item.php in Ero Auktion 2010 allows ...)
+ TODO: check
+CVE-2010-4615 (Multiple SQL injection vulnerabilities in Oto Galeri Sistemi 1.0 allow ...)
+ TODO: check
+CVE-2010-4616 (Cross-site scripting (XSS) vulnerability in ...)
+ TODO: check
+CVE-2010-4617 (Directory traversal vulnerability in the JotLoader (com_jotloader) ...)
+ TODO: check
+CVE-2010-4618 (Cross-site scripting (XSS) vulnerability in the Algis Info ...)
+ TODO: check
+CVE-2010-4619 (SQL injection vulnerability in profil.php in Mafya Oyun Scrpti (aka ...)
+ TODO: check
+CVE-2010-4620
RESERVED
-CVE-2010-4537
+CVE-2010-4621
RESERVED
-CVE-2010-4538
+CVE-2010-4622 (Directory traversal vulnerability in WebSEAL in IBM Tivoli Access ...)
+ TODO: check
+CVE-2010-4623 (WebSEAL in IBM Tivoli Access Manager for e-business 6.1.1 before ...)
+ TODO: check
+CVE-2010-4624 (MyBB (aka MyBulletinBoard) before 1.4.12 allows remote authenticated ...)
+ TODO: check
+CVE-2010-4625 (MyBB (aka MyBulletinBoard) before 1.4.12 does not properly handle a ...)
+ TODO: check
+CVE-2010-4626 (The my_rand function in functions.php in MyBB (aka MyBulletinBoard) ...)
+ TODO: check
+CVE-2010-4627 (Cross-site request forgery (CSRF) vulnerability in usercp2.php in MyBB ...)
+ TODO: check
+CVE-2010-4628 (member.php in MyBB (aka MyBulletinBoard) before 1.4.12 makes a certain ...)
+ TODO: check
+CVE-2010-4629 (MyBB (aka MyBulletinBoard) before 1.4.12 does not properly restrict ...)
+ TODO: check
+CVE-2010-4630 (Cross-site scripting (XSS) vulnerability in ...)
+ TODO: check
+CVE-2010-4631 (Multiple cross-site scripting (XSS) vulnerabilities in ASPilot Pilot ...)
+ TODO: check
+CVE-2010-4632 (Multiple SQL injection vulnerabilities in ASPilot Pilot Cart 7.3 allow ...)
+ TODO: check
+CVE-2010-4633 (SQL injection vulnerability in cart.php in digiSHOP 2.0.2 allows ...)
+ TODO: check
+CVE-2010-4634 (** DISPUTED ** ...)
+ TODO: check
+CVE-2010-4635 (SQL injection vulnerability in detail.asp in Site2Nite Vacation Rental ...)
+ TODO: check
+CVE-2010-4636 (SQL injection vulnerability in detail.asp in Site2Nite Business ...)
+ TODO: check
+CVE-2010-4637 (Cross-site scripting (XSS) vulnerability in feedlist/handler_image.php ...)
+ TODO: check
+CVE-2010-4638 (SQL injection vulnerability in the submitSurvey function in ...)
+ TODO: check
+CVE-2010-4639 (SQL injection vulnerability in index.php in MySource Matrix allows ...)
+ TODO: check
+CVE-2010-4640 (Multiple cross-site scripting (XSS) vulnerabilities in XWiki Watch 1.0 ...)
+ TODO: check
+CVE-2010-4641 (SQL injection vulnerability in XWiki Enterprise before 2.5 allows ...)
+ TODO: check
+CVE-2010-4642 (Cross-site scripting (XSS) vulnerability in XWiki Enterprise before ...)
+ TODO: check
+CVE-2010-4643
RESERVED
-CVE-2010-4539
+CVE-2010-4644 (Multiple memory leaks in rev_hunt.c in Apache Subversion before 1.6.15 ...)
+ TODO: check
+CVE-2010-4645 (strtod.c, as used in the zend_strtod function in PHP 5.2 before 5.2.17 ...)
+ TODO: check
+CVE-2010-4646 (Cross-site scripting (XSS) vulnerability in Hastymail2 before 1.01 ...)
+ TODO: check
+CVE-2010-4647 (Multiple cross-site scripting (XSS) vulnerabilities in the Help ...)
+ TODO: check
+CVE-2010-4648
RESERVED
-CVE-2010-4540
+CVE-2010-4649
RESERVED
-CVE-2010-4541
+CVE-2010-4650
RESERVED
-CVE-2010-4542
+CVE-2010-4651
RESERVED
-CVE-2010-4543
+CVE-2010-4652
RESERVED
-CVE-2011-0001
+CVE-2010-4653
RESERVED
-CVE-2011-0002
+CVE-2010-4654
RESERVED
-CVE-2011-0003
+CVE-2010-4655
RESERVED
-CVE-2011-0004
+CVE-2010-4656
RESERVED
-CVE-2011-0005
+CVE-2010-4657
RESERVED
-CVE-2011-0006
+CVE-2010-4658
RESERVED
-CVE-2011-0007
+CVE-2010-4659
RESERVED
-CVE-2011-0008
+CVE-2010-4660
RESERVED
-CVE-2011-0009
+CVE-2010-4661
RESERVED
-CVE-2011-0010
+CVE-2010-4662
RESERVED
+CVE-2010-4663
+ RESERVED
+CVE-2010-4664
+ RESERVED
+CVE-2010-4665
+ RESERVED
+CVE-2010-4666
+ RESERVED
+CVE-2010-4667
+ RESERVED
+CVE-2010-4668 (The blk_rq_map_user_iov function in block/blk-map.c in the Linux ...)
+ TODO: check
+CVE-2010-4669 (The Neighbor Discovery (ND) protocol implementation in the IPv6 stack ...)
+ TODO: check
+CVE-2010-4670 (The Neighbor Discovery (ND) protocol implementation in the IPv6 stack ...)
+ TODO: check
+CVE-2010-4671 (The Neighbor Discovery (ND) protocol implementation in the IPv6 stack ...)
+ TODO: check
+CVE-2010-4672 (Cisco Adaptive Security Appliances (ASA) 5500 series devices with ...)
+ TODO: check
+CVE-2010-4673 (Cisco Adaptive Security Appliances (ASA) 5500 series devices with ...)
+ TODO: check
+CVE-2010-4674 (Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) ...)
+ TODO: check
+CVE-2010-4675 (Cisco Adaptive Security Appliances (ASA) 5500 series devices with ...)
+ TODO: check
+CVE-2010-4676 (Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) ...)
+ TODO: check
+CVE-2010-4677 (emWEB on Cisco Adaptive Security Appliances (ASA) 5500 series devices ...)
+ TODO: check
+CVE-2010-4678 (Cisco Adaptive Security Appliances (ASA) 5500 series devices with ...)
+ TODO: check
+CVE-2010-4679 (Cisco Adaptive Security Appliances (ASA) 5500 series devices with ...)
+ TODO: check
+CVE-2010-4680 (The WebVPN implementation on Cisco Adaptive Security Appliances (ASA) ...)
+ TODO: check
+CVE-2010-4681 (Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) ...)
+ TODO: check
+CVE-2010-4682 (Memory leak on Cisco Adaptive Security Appliances (ASA) 5500 series ...)
+ TODO: check
+CVE-2010-4683 (Memory leak in Cisco IOS before 15.0(1)XA5 might allow remote ...)
+ TODO: check
+CVE-2010-4684 (Cisco IOS before 15.0(1)XA1, when certain TFTP debugging is enabled, ...)
+ TODO: check
+CVE-2010-4685 (Cisco IOS before 15.0(1)XA1 does not clear the public key cache upon a ...)
+ TODO: check
+CVE-2010-4686 (CallManager Express (CME) on Cisco IOS before 15.0(1)XA1 does not ...)
+ TODO: check
+CVE-2010-4687 (STCAPP (aka the SCCP telephony control application) on Cisco IOS ...)
+ TODO: check
+CVE-2010-4688 (Unspecified vulnerability in the SIP inspection feature on Cisco ...)
+ TODO: check
+CVE-2010-4689 (Cisco Adaptive Security Appliances (ASA) 5500 series devices with ...)
+ TODO: check
+CVE-2010-4690 (The Mobile User Security (MUS) service on Cisco Adaptive Security ...)
+ TODO: check
+CVE-2010-4691 (Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) ...)
+ TODO: check
+CVE-2010-4692 (Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) ...)
+ TODO: check
+CVE-2010-4693 (Multiple cross-site scripting (XSS) vulnerabilities in Coppermine ...)
+ TODO: check
+CVE-2010-4694 (Buffer overflow in gif2png.c in gif2png 2.5.3 and earlier might allow ...)
+ TODO: check
+CVE-2010-4695 (A certain Fedora patch for gif2png.c in gif2png 2.5.1 and 2.5.2, as ...)
+ TODO: check
+CVE-2010-4696 (Multiple SQL injection vulnerabilities in Joomla! 1.5.x before 1.5.22 ...)
+ TODO: check
+CVE-2010-4697 (Use-after-free vulnerability in the Zend engine in PHP before 5.2.15 ...)
+ TODO: check
+CVE-2010-4698 (Stack-based buffer overflow in the GD extension in PHP before 5.2.15 ...)
+ TODO: check
+CVE-2010-4699 (The iconv_mime_decode_headers function in the Iconv extension in PHP ...)
+ TODO: check
+CVE-2010-4700 (The set_magic_quotes_runtime function in PHP 5.3.2 and 5.3.3, when the ...)
+ TODO: check
+CVE-2010-4701 (Heap-based buffer overflow in the CDrawPoly::Serialize function in ...)
+ TODO: check
+CVE-2010-4702 (SQL injection vulnerability in JRadio (com_jradio) component before ...)
+ TODO: check
+CVE-2010-4703 (SQL injection vulnerability in default.asp in HotWebScripts HotWeb ...)
+ TODO: check
+CVE-2011-0001
+ RESERVED
+CVE-2011-0002
+ RESERVED
+CVE-2011-0003 (MediaWiki before 1.16.1, when user or site JavaScript or CSS is ...)
+ TODO: check
+CVE-2011-0004 (Multiple cross-site scripting (XSS) vulnerabilities in Piwik before ...)
+ TODO: check
+CVE-2011-0005 (Cross-site scripting (XSS) vulnerability in the com_search module for ...)
+ TODO: check
+CVE-2011-0006
+ RESERVED
+CVE-2011-0007 (pimd 2.1.5 and possibly earlier versions allows user-assisted local ...)
+ TODO: check
+CVE-2011-0008 (A certain Fedora patch for parse.c in sudo before 1.7.4p5-1.fc14 on ...)
+ TODO: check
+CVE-2011-0009
+ RESERVED
+CVE-2011-0010 (check.c in sudo 1.7.x before 1.7.4p5, when a Runas group is ...)
+ TODO: check
CVE-2011-0011
RESERVED
CVE-2011-0012
@@ -94870,10 +95237,10 @@ CVE-2011-0013
RESERVED
CVE-2011-0014
RESERVED
-CVE-2011-0015
- RESERVED
-CVE-2011-0016
- RESERVED
+CVE-2011-0015 (Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha does not ...)
+ TODO: check
+CVE-2011-0016 (Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha does not ...)
+ TODO: check
CVE-2011-0017
RESERVED
CVE-2011-0018
@@ -94892,10 +95259,10 @@ CVE-2011-0024
RESERVED
CVE-2011-0025
RESERVED
-CVE-2011-0026
- RESERVED
-CVE-2011-0027
- RESERVED
+CVE-2011-0026 (Integer signedness error in the SQLConnectW function in an ODBC API ...)
+ TODO: check
+CVE-2011-0027 (Microsoft Data Access Components (MDAC) 2.8 SP1 and SP2, and Windows ...)
+ TODO: check
CVE-2011-0028
RESERVED
CVE-2011-0029
@@ -94932,3 +95299,951 @@ CVE-2011-0044
RESERVED
CVE-2011-0045
RESERVED
+CVE-2011-0046
+ RESERVED
+CVE-2011-0047
+ RESERVED
+CVE-2011-0048
+ RESERVED
+CVE-2011-0049
+ RESERVED
+CVE-2011-0050
+ RESERVED
+CVE-2011-0051
+ RESERVED
+CVE-2011-0052
+ RESERVED
+CVE-2011-0053
+ RESERVED
+CVE-2011-0054
+ RESERVED
+CVE-2011-0055
+ RESERVED
+CVE-2011-0056
+ RESERVED
+CVE-2011-0057
+ RESERVED
+CVE-2011-0058
+ RESERVED
+CVE-2011-0059
+ RESERVED
+CVE-2011-0060
+ RESERVED
+CVE-2011-0061
+ RESERVED
+CVE-2011-0062
+ RESERVED
+CVE-2011-0063
+ RESERVED
+CVE-2011-0064
+ RESERVED
+CVE-2011-0065
+ RESERVED
+CVE-2011-0066
+ RESERVED
+CVE-2011-0067
+ RESERVED
+CVE-2011-0068
+ RESERVED
+CVE-2011-0069
+ RESERVED
+CVE-2011-0070
+ RESERVED
+CVE-2011-0071
+ RESERVED
+CVE-2011-0072
+ RESERVED
+CVE-2011-0073
+ RESERVED
+CVE-2011-0074
+ RESERVED
+CVE-2011-0075
+ RESERVED
+CVE-2011-0076
+ RESERVED
+CVE-2011-0077
+ RESERVED
+CVE-2011-0078
+ RESERVED
+CVE-2011-0079
+ RESERVED
+CVE-2011-0080
+ RESERVED
+CVE-2011-0081
+ RESERVED
+CVE-2011-0082
+ RESERVED
+CVE-2011-0083
+ RESERVED
+CVE-2011-0084
+ RESERVED
+CVE-2011-0085
+ RESERVED
+CVE-2011-0086
+ RESERVED
+CVE-2011-0087
+ RESERVED
+CVE-2011-0088
+ RESERVED
+CVE-2011-0089
+ RESERVED
+CVE-2011-0090
+ RESERVED
+CVE-2011-0091
+ RESERVED
+CVE-2011-0092
+ RESERVED
+CVE-2011-0093
+ RESERVED
+CVE-2011-0094
+ RESERVED
+CVE-2011-0095
+ RESERVED
+CVE-2011-0096
+ RESERVED
+CVE-2011-0097
+ RESERVED
+CVE-2011-0098
+ RESERVED
+CVE-2011-0099
+ RESERVED
+CVE-2011-0100
+ RESERVED
+CVE-2011-0101
+ RESERVED
+CVE-2011-0102
+ RESERVED
+CVE-2011-0103
+ RESERVED
+CVE-2011-0104
+ RESERVED
+CVE-2011-0105
+ RESERVED
+CVE-2011-0106
+ RESERVED
+CVE-2011-0107
+ RESERVED
+CVE-2011-0108
+ RESERVED
+CVE-2011-0109
+ RESERVED
+CVE-2011-0110
+ RESERVED
+CVE-2011-0111
+ RESERVED
+CVE-2011-0112
+ RESERVED
+CVE-2011-0113
+ RESERVED
+CVE-2011-0114
+ RESERVED
+CVE-2011-0115
+ RESERVED
+CVE-2011-0116
+ RESERVED
+CVE-2011-0117
+ RESERVED
+CVE-2011-0118
+ RESERVED
+CVE-2011-0119
+ RESERVED
+CVE-2011-0120
+ RESERVED
+CVE-2011-0121
+ RESERVED
+CVE-2011-0122
+ RESERVED
+CVE-2011-0123
+ RESERVED
+CVE-2011-0124
+ RESERVED
+CVE-2011-0125
+ RESERVED
+CVE-2011-0126
+ RESERVED
+CVE-2011-0127
+ RESERVED
+CVE-2011-0128
+ RESERVED
+CVE-2011-0129
+ RESERVED
+CVE-2011-0130
+ RESERVED
+CVE-2011-0131
+ RESERVED
+CVE-2011-0132
+ RESERVED
+CVE-2011-0133
+ RESERVED
+CVE-2011-0134
+ RESERVED
+CVE-2011-0135
+ RESERVED
+CVE-2011-0136
+ RESERVED
+CVE-2011-0137
+ RESERVED
+CVE-2011-0138
+ RESERVED
+CVE-2011-0139
+ RESERVED
+CVE-2011-0140
+ RESERVED
+CVE-2011-0141
+ RESERVED
+CVE-2011-0142
+ RESERVED
+CVE-2011-0143
+ RESERVED
+CVE-2011-0144
+ RESERVED
+CVE-2011-0145
+ RESERVED
+CVE-2011-0146
+ RESERVED
+CVE-2011-0147
+ RESERVED
+CVE-2011-0148
+ RESERVED
+CVE-2011-0149
+ RESERVED
+CVE-2011-0150
+ RESERVED
+CVE-2011-0151
+ RESERVED
+CVE-2011-0152
+ RESERVED
+CVE-2011-0153
+ RESERVED
+CVE-2011-0154
+ RESERVED
+CVE-2011-0155
+ RESERVED
+CVE-2011-0156
+ RESERVED
+CVE-2011-0157
+ RESERVED
+CVE-2011-0158
+ RESERVED
+CVE-2011-0159
+ RESERVED
+CVE-2011-0160
+ RESERVED
+CVE-2011-0161
+ RESERVED
+CVE-2011-0162
+ RESERVED
+CVE-2011-0163
+ RESERVED
+CVE-2011-0164
+ RESERVED
+CVE-2011-0165
+ RESERVED
+CVE-2011-0166
+ RESERVED
+CVE-2011-0167
+ RESERVED
+CVE-2011-0168
+ RESERVED
+CVE-2011-0169
+ RESERVED
+CVE-2011-0170
+ RESERVED
+CVE-2011-0171
+ RESERVED
+CVE-2011-0172
+ RESERVED
+CVE-2011-0173
+ RESERVED
+CVE-2011-0174
+ RESERVED
+CVE-2011-0175
+ RESERVED
+CVE-2011-0176
+ RESERVED
+CVE-2011-0177
+ RESERVED
+CVE-2011-0178
+ RESERVED
+CVE-2011-0179
+ RESERVED
+CVE-2011-0180
+ RESERVED
+CVE-2011-0181
+ RESERVED
+CVE-2011-0182
+ RESERVED
+CVE-2011-0183
+ RESERVED
+CVE-2011-0184
+ RESERVED
+CVE-2011-0185
+ RESERVED
+CVE-2011-0186
+ RESERVED
+CVE-2011-0187
+ RESERVED
+CVE-2011-0188
+ RESERVED
+CVE-2011-0189
+ RESERVED
+CVE-2011-0190
+ RESERVED
+CVE-2011-0191
+ RESERVED
+CVE-2011-0192
+ RESERVED
+CVE-2011-0193
+ RESERVED
+CVE-2011-0194
+ RESERVED
+CVE-2011-0195
+ RESERVED
+CVE-2011-0196
+ RESERVED
+CVE-2011-0197
+ RESERVED
+CVE-2011-0198
+ RESERVED
+CVE-2011-0199
+ RESERVED
+CVE-2011-0200
+ RESERVED
+CVE-2011-0201
+ RESERVED
+CVE-2011-0202
+ RESERVED
+CVE-2011-0203
+ RESERVED
+CVE-2011-0204
+ RESERVED
+CVE-2011-0205
+ RESERVED
+CVE-2011-0206
+ RESERVED
+CVE-2011-0207
+ RESERVED
+CVE-2011-0208
+ RESERVED
+CVE-2011-0209
+ RESERVED
+CVE-2011-0210
+ RESERVED
+CVE-2011-0211
+ RESERVED
+CVE-2011-0212
+ RESERVED
+CVE-2011-0213
+ RESERVED
+CVE-2011-0214
+ RESERVED
+CVE-2011-0215
+ RESERVED
+CVE-2011-0216
+ RESERVED
+CVE-2011-0217
+ RESERVED
+CVE-2011-0218
+ RESERVED
+CVE-2011-0219
+ RESERVED
+CVE-2011-0220
+ RESERVED
+CVE-2011-0221
+ RESERVED
+CVE-2011-0222
+ RESERVED
+CVE-2011-0223
+ RESERVED
+CVE-2011-0224
+ RESERVED
+CVE-2011-0225
+ RESERVED
+CVE-2011-0226
+ RESERVED
+CVE-2011-0227
+ RESERVED
+CVE-2011-0228
+ RESERVED
+CVE-2011-0229
+ RESERVED
+CVE-2011-0230
+ RESERVED
+CVE-2011-0231
+ RESERVED
+CVE-2011-0232
+ RESERVED
+CVE-2011-0233
+ RESERVED
+CVE-2011-0234
+ RESERVED
+CVE-2011-0235
+ RESERVED
+CVE-2011-0236
+ RESERVED
+CVE-2011-0237
+ RESERVED
+CVE-2011-0238
+ RESERVED
+CVE-2011-0239
+ RESERVED
+CVE-2011-0240
+ RESERVED
+CVE-2011-0241
+ RESERVED
+CVE-2011-0242
+ RESERVED
+CVE-2011-0243
+ RESERVED
+CVE-2011-0244
+ RESERVED
+CVE-2011-0245
+ RESERVED
+CVE-2011-0246
+ RESERVED
+CVE-2011-0247
+ RESERVED
+CVE-2011-0248
+ RESERVED
+CVE-2011-0249
+ RESERVED
+CVE-2011-0250
+ RESERVED
+CVE-2011-0251
+ RESERVED
+CVE-2011-0252
+ RESERVED
+CVE-2011-0253
+ RESERVED
+CVE-2011-0254
+ RESERVED
+CVE-2011-0255
+ RESERVED
+CVE-2011-0256
+ RESERVED
+CVE-2011-0257
+ RESERVED
+CVE-2011-0258
+ RESERVED
+CVE-2011-0259
+ RESERVED
+CVE-2011-0260
+ RESERVED
+CVE-2011-0261 (Unspecified vulnerability in jovgraph.exe in jovgraph in HP OpenView ...)
+ TODO: check
+CVE-2011-0262 (Buffer overflow in the stringToSeconds function in ovutil.dll in ...)
+ TODO: check
+CVE-2011-0263 (Multiple stack-based buffer overflows in ovas.exe in the OVAS service ...)
+ TODO: check
+CVE-2011-0264 (Stack-based buffer overflow in ovutil.dll in HP OpenView Network Node ...)
+ TODO: check
+CVE-2011-0265 (Buffer overflow in nnmRptConfig.exe in HP OpenView Network Node ...)
+ TODO: check
+CVE-2011-0266 (Buffer overflow in nnmRptConfig.exe in HP OpenView Network Node ...)
+ TODO: check
+CVE-2011-0267 (Multiple buffer overflows in nnmRptConfig.exe in HP OpenView Network ...)
+ TODO: check
+CVE-2011-0268 (Buffer overflow in nnmRptConfig.exe in HP OpenView Network Node ...)
+ TODO: check
+CVE-2011-0269 (Buffer overflow in nnmRptConfig.exe in HP OpenView Network Node ...)
+ TODO: check
+CVE-2011-0270 (Format string vulnerability in nnmRptConfig.exe in HP OpenView Network ...)
+ TODO: check
+CVE-2011-0271 (The CGI scripts in HP OpenView Network Node Manager (OV NNM) 7.51 and ...)
+ TODO: check
+CVE-2011-0272 (Unspecified vulnerability in HP LoadRunner 9.52 allows remote ...)
+ TODO: check
+CVE-2011-0273
+ RESERVED
+CVE-2011-0274
+ RESERVED
+CVE-2011-0275
+ RESERVED
+CVE-2011-0276
+ RESERVED
+CVE-2011-0277
+ RESERVED
+CVE-2011-0278
+ RESERVED
+CVE-2011-0279
+ RESERVED
+CVE-2011-0280
+ RESERVED
+CVE-2011-0281
+ RESERVED
+CVE-2011-0282
+ RESERVED
+CVE-2011-0283
+ RESERVED
+CVE-2011-0284
+ RESERVED
+CVE-2011-0285
+ RESERVED
+CVE-2011-0286
+ RESERVED
+CVE-2011-0287
+ RESERVED
+CVE-2011-0288
+ RESERVED
+CVE-2011-0289
+ RESERVED
+CVE-2011-0290
+ RESERVED
+CVE-2011-0291
+ RESERVED
+CVE-2011-0292
+ RESERVED
+CVE-2011-0293
+ RESERVED
+CVE-2011-0294
+ RESERVED
+CVE-2011-0295
+ RESERVED
+CVE-2011-0296
+ RESERVED
+CVE-2011-0297
+ RESERVED
+CVE-2011-0298
+ RESERVED
+CVE-2011-0299
+ RESERVED
+CVE-2011-0300
+ RESERVED
+CVE-2011-0301
+ RESERVED
+CVE-2011-0302
+ RESERVED
+CVE-2011-0303
+ RESERVED
+CVE-2011-0304
+ RESERVED
+CVE-2011-0305
+ RESERVED
+CVE-2011-0306
+ RESERVED
+CVE-2011-0307
+ RESERVED
+CVE-2011-0308
+ RESERVED
+CVE-2011-0309
+ RESERVED
+CVE-2011-0310 (Buffer overflow in IBM WebSphere MQ 7.0 before 7.0.1.4 allows remote ...)
+ TODO: check
+CVE-2011-0311
+ RESERVED
+CVE-2011-0312
+ RESERVED
+CVE-2011-0313
+ RESERVED
+CVE-2011-0314 (Heap-based buffer overflow in IBM WebSphere MQ 6.0 before 6.0.2.11 and ...)
+ TODO: check
+CVE-2011-0315 (Cross-site scripting (XSS) vulnerability in the Servlet Engine / Web ...)
+ TODO: check
+CVE-2011-0316 (The Administrative Console component in IBM WebSphere Application ...)
+ TODO: check
+CVE-2011-0317
+ RESERVED
+CVE-2011-0318
+ RESERVED
+CVE-2011-0319
+ RESERVED
+CVE-2011-0320
+ RESERVED
+CVE-2011-0321
+ RESERVED
+CVE-2011-0322
+ RESERVED
+CVE-2011-0323
+ RESERVED
+CVE-2011-0324
+ RESERVED
+CVE-2011-0325
+ RESERVED
+CVE-2011-0326
+ RESERVED
+CVE-2011-0327
+ RESERVED
+CVE-2011-0328
+ RESERVED
+CVE-2011-0329
+ RESERVED
+CVE-2011-0330
+ RESERVED
+CVE-2011-0331
+ RESERVED
+CVE-2011-0332
+ RESERVED
+CVE-2011-0333
+ RESERVED
+CVE-2011-0334
+ RESERVED
+CVE-2011-0335
+ RESERVED
+CVE-2011-0336
+ RESERVED
+CVE-2011-0337
+ RESERVED
+CVE-2011-0338
+ RESERVED
+CVE-2011-0339
+ RESERVED
+CVE-2011-0340
+ RESERVED
+CVE-2011-0341
+ RESERVED
+CVE-2011-0342
+ RESERVED
+CVE-2011-0343
+ RESERVED
+CVE-2011-0344
+ RESERVED
+CVE-2011-0345
+ RESERVED
+CVE-2011-0346 (Use-after-free vulnerability in the ReleaseInterface function in ...)
+ TODO: check
+CVE-2011-0347 (Microsoft Internet Explorer on Windows XP allows remote attackers to ...)
+ TODO: check
+CVE-2011-0348
+ RESERVED
+CVE-2011-0349
+ RESERVED
+CVE-2011-0350
+ RESERVED
+CVE-2011-0351
+ RESERVED
+CVE-2011-0352
+ RESERVED
+CVE-2011-0353
+ RESERVED
+CVE-2011-0354
+ RESERVED
+CVE-2011-0355
+ RESERVED
+CVE-2011-0356
+ RESERVED
+CVE-2011-0357
+ RESERVED
+CVE-2011-0358
+ RESERVED
+CVE-2011-0359
+ RESERVED
+CVE-2011-0360
+ RESERVED
+CVE-2011-0361
+ RESERVED
+CVE-2011-0362
+ RESERVED
+CVE-2011-0363
+ RESERVED
+CVE-2011-0364
+ RESERVED
+CVE-2011-0365
+ RESERVED
+CVE-2011-0366
+ RESERVED
+CVE-2011-0367
+ RESERVED
+CVE-2011-0368
+ RESERVED
+CVE-2011-0369
+ RESERVED
+CVE-2011-0370
+ RESERVED
+CVE-2011-0371
+ RESERVED
+CVE-2011-0372
+ RESERVED
+CVE-2011-0373
+ RESERVED
+CVE-2011-0374
+ RESERVED
+CVE-2011-0375
+ RESERVED
+CVE-2011-0376
+ RESERVED
+CVE-2011-0377
+ RESERVED
+CVE-2011-0378
+ RESERVED
+CVE-2011-0379
+ RESERVED
+CVE-2011-0380
+ RESERVED
+CVE-2011-0381
+ RESERVED
+CVE-2011-0382
+ RESERVED
+CVE-2011-0383
+ RESERVED
+CVE-2011-0384
+ RESERVED
+CVE-2011-0385
+ RESERVED
+CVE-2011-0386
+ RESERVED
+CVE-2011-0387
+ RESERVED
+CVE-2011-0388
+ RESERVED
+CVE-2011-0389
+ RESERVED
+CVE-2011-0390
+ RESERVED
+CVE-2011-0391
+ RESERVED
+CVE-2011-0392
+ RESERVED
+CVE-2011-0393
+ RESERVED
+CVE-2011-0394
+ RESERVED
+CVE-2011-0395
+ RESERVED
+CVE-2011-0396
+ RESERVED
+CVE-2011-0397
+ RESERVED
+CVE-2011-0398 (The Piwik_Common::getIP function in Piwik before 1.1 does not properly ...)
+ TODO: check
+CVE-2011-0399 (Piwik before 1.1 does not prevent the rendering of the login form ...)
+ TODO: check
+CVE-2011-0400 (Cookie.php in Piwik before 1.1 does not set the secure flag for the ...)
+ TODO: check
+CVE-2011-0401 (Piwik before 1.1 does not properly limit the number of files stored ...)
+ TODO: check
+CVE-2011-0402 (dpkg-source in dpkg before 1.14.31 and 1.15.x allows user-assisted ...)
+ TODO: check
+CVE-2011-0403 (Untrusted search path vulnerability in ImgBurn.exe in ImgBurn 2.4.0.0, ...)
+ TODO: check
+CVE-2011-0404 (Stack-based buffer overflow in NetSupport Manager Agent for Linux ...)
+ TODO: check
+CVE-2011-0405 (Directory traversal vulnerability in module.php in PhpGedView 4.2.3 ...)
+ TODO: check
+CVE-2011-0406 (Heap-based buffer overflow in HistorySvr.exe in WellinTech KingView ...)
+ TODO: check
+CVE-2011-0407 (SQL injection vulnerability in the store function in ...)
+ TODO: check
+CVE-2011-0408 (pngrtran.c in libpng 1.5.x before 1.5.1 allows remote attackers to ...)
+ TODO: check
+CVE-2011-0409
+ RESERVED
+CVE-2011-0410
+ RESERVED
+CVE-2011-0411
+ RESERVED
+CVE-2011-0412
+ RESERVED
+CVE-2011-0413
+ RESERVED
+CVE-2011-0414
+ RESERVED
+CVE-2011-0415
+ RESERVED
+CVE-2011-0416
+ RESERVED
+CVE-2011-0417
+ RESERVED
+CVE-2011-0418
+ RESERVED
+CVE-2011-0419
+ RESERVED
+CVE-2011-0420
+ RESERVED
+CVE-2011-0421
+ RESERVED
+CVE-2011-0422
+ RESERVED
+CVE-2011-0423 (The PolyVision RoomWizard with firmware 3.2.3 has a default password ...)
+ TODO: check
+CVE-2011-0424
+ RESERVED
+CVE-2011-0425
+ RESERVED
+CVE-2011-0426
+ RESERVED
+CVE-2011-0427 (Heap-based buffer overflow in Tor before 0.2.1.29 and 0.2.2.x before ...)
+ TODO: check
+CVE-2011-0428
+ RESERVED
+CVE-2011-0429
+ RESERVED
+CVE-2011-0430
+ RESERVED
+CVE-2011-0431
+ RESERVED
+CVE-2011-0432
+ RESERVED
+CVE-2011-0433
+ RESERVED
+CVE-2011-0434
+ RESERVED
+CVE-2011-0435
+ RESERVED
+CVE-2011-0436
+ RESERVED
+CVE-2011-0437
+ RESERVED
+CVE-2011-0438
+ RESERVED
+CVE-2011-0439
+ RESERVED
+CVE-2011-0440
+ RESERVED
+CVE-2011-0441
+ RESERVED
+CVE-2011-0442
+ RESERVED
+CVE-2011-0443 (SQL injection vulnerability in inc/tinybb-settings.php in tinyBB 1.2, ...)
+ TODO: check
+CVE-2011-0444 (Buffer overflow in the MAC-LTE dissector ...)
+ TODO: check
+CVE-2011-0445 (The ASN.1 BER dissector in Wireshark 1.4.0 through 1.4.2 allows remote ...)
+ TODO: check
+CVE-2011-0446
+ RESERVED
+CVE-2011-0447
+ RESERVED
+CVE-2011-0448
+ RESERVED
+CVE-2011-0449
+ RESERVED
+CVE-2011-0450
+ RESERVED
+CVE-2011-0451
+ RESERVED
+CVE-2011-0452
+ RESERVED
+CVE-2011-0453
+ RESERVED
+CVE-2011-0454
+ RESERVED
+CVE-2011-0455
+ RESERVED
+CVE-2011-0456
+ RESERVED
+CVE-2011-0457
+ RESERVED
+CVE-2011-0458
+ RESERVED
+CVE-2011-0459
+ RESERVED
+CVE-2011-0460
+ RESERVED
+CVE-2011-0461
+ RESERVED
+CVE-2011-0462
+ RESERVED
+CVE-2011-0463
+ RESERVED
+CVE-2011-0464
+ RESERVED
+CVE-2011-0465
+ RESERVED
+CVE-2011-0466
+ RESERVED
+CVE-2011-0467
+ RESERVED
+CVE-2011-0468
+ RESERVED
+CVE-2011-0469
+ RESERVED
+CVE-2011-0470 (Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do ...)
+ TODO: check
+CVE-2011-0471 (The node-iteration implementation in Google Chrome before 8.0.552.237 ...)
+ TODO: check
+CVE-2011-0472 (Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do ...)
+ TODO: check
+CVE-2011-0473 (Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do ...)
+ TODO: check
+CVE-2011-0474 (Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do ...)
+ TODO: check
+CVE-2011-0475 (Use-after-free vulnerability in Google Chrome before 8.0.552.237 and ...)
+ TODO: check
+CVE-2011-0476 (Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 ...)
+ TODO: check
+CVE-2011-0477 (Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do ...)
+ TODO: check
+CVE-2011-0478 (Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do ...)
+ TODO: check
+CVE-2011-0479 (Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do ...)
+ TODO: check
+CVE-2011-0480 (Multiple buffer overflows in the Vorbis decoder in Google Chrome ...)
+ TODO: check
+CVE-2011-0481 (Buffer overflow in Google Chrome before 8.0.552.237 and Chrome OS ...)
+ TODO: check
+CVE-2011-0482 (Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do ...)
+ TODO: check
+CVE-2011-0483 (Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do ...)
+ TODO: check
+CVE-2011-0484 (Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do ...)
+ TODO: check
+CVE-2011-0485 (Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do ...)
+ TODO: check
+CVE-2011-0486 (Cross-site scripting (XSS) vulnerability in cognos.cgi in IBM Cognos 8 ...)
+ TODO: check
+CVE-2011-0487 (ICQ 7 does not verify the authenticity of updates, which allows ...)
+ TODO: check
+CVE-2011-0488 (Stack-based buffer overflow in NTWebServer.exe in the test web service ...)
+ TODO: check
+CVE-2011-0489 (The server components in Objectivity/DB 10.0 do not require ...)
+ TODO: check
+CVE-2011-0490 (Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha makes calls to ...)
+ TODO: check
+CVE-2011-0491 (The tor_realloc function in Tor before 0.2.1.29 and 0.2.2.x before ...)
+ TODO: check
+CVE-2011-0492 (Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha allows remote ...)
+ TODO: check
+CVE-2011-0493 (Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha might allow ...)
+ TODO: check
+CVE-2011-0494 (Directory traversal vulnerability in WebSEAL in IBM Tivoli Access ...)
+ TODO: check
+CVE-2011-0495 (Stack-based buffer overflow in the ast_uri_encode function in ...)
+ TODO: check
+CVE-2011-0496 (Unspecified vulnerability in Sybase EAServer 5.x and 6.x before 6.3 ...)
+ TODO: check
+CVE-2011-0497 (Directory traversal vulnerability in Sybase EAServer 6.x before 6.3 ...)
+ TODO: check
+CVE-2011-0498 (Stack-based buffer overflow in Nokia Multimedia Player 1.00.55.5010, ...)
+ TODO: check
+CVE-2011-0499 (Buffer overflow in VideoSpirit Pro 1.6.8.1 and possibly earlier ...)
+ TODO: check
+CVE-2011-0500 (Buffer overflow in VideoSpirit Pro 1.6.8.1, 1.68, and earlier; and ...)
+ TODO: check
+CVE-2011-0501 (Stack-based buffer overflow in Music Animation Machine MIDI Player ...)
+ TODO: check
+CVE-2011-0502 (Music Animation Machine MIDI Player 2006aug19 Release 035 and possibly ...)
+ TODO: check
+CVE-2011-0503 (Cross-site request forgery (CSRF) vulnerability in VaM Shop 1.6, 1.6.1, ...)
+ TODO: check
+CVE-2011-0504 (Multiple cross-site scripting (XSS) vulnerabilities in VaM Shop 1.6, ...)
+ TODO: check
+CVE-2011-0505 (Directory traversal vulnerability in system/system.php in Zwii 2.1.1, ...)
+ TODO: check
+CVE-2011-0506 (Directory traversal vulnerability in modules/profile/user.php in Ax ...)
+ TODO: check
+CVE-2011-0507 (FTPService.exe in Blackmoon FTP 3.1 Build 1735 and Build 1736 ...)
+ TODO: check
+CVE-2011-0508 (Cross-site scripting (XSS) vulnerability in ...)
+ TODO: check
+CVE-2011-0509 (Cross-site scripting (XSS) vulnerability in Vaadin before 6.4.9 allows ...)
+ TODO: check
+CVE-2011-0510 (SQL injection vulnerability in cart.php in Advanced Webhost Billing ...)
+ TODO: check
+CVE-2011-0511 (SQL injection vulnerability in the allCineVid component ...)
+ TODO: check
+CVE-2011-0512 (SQL injection vulnerability in team.php in the Teams Structure module ...)
+ TODO: check
+CVE-2011-0513 (DCR.sys driver in SecurStar DriveCrypt 5.4, 5.3, and earlier allows ...)
+ TODO: check
+CVE-2011-0514 (The RDS service (rds.exe) in HP Data Protector Manager 6.11 allows ...)
+ TODO: check
+CVE-2011-0515 (KisKrnl.sys 2011.1.13.89 and earlier in Kingsoft AntiVirus 2011 SP5.2 ...)
+ TODO: check
+CVE-2011-0516 (SQL injection vulnerability in mainx_a.php in E-PROMPT C BetMore Site ...)
+ TODO: check
+CVE-2011-0517 (Stack-based buffer overflow in Sielco Sistemi Winlog Pro 2.07.00 and ...)
+ TODO: check
+CVE-2011-0518 (Directory traversal vulnerability in core/lib/router.php in LotusCMS ...)
+ TODO: check
+CVE-2011-0519 (SQL injection vulnerability in gallery.php in Gallarific PHP Photo ...)
+ TODO: check
^ permalink raw reply related [flat|nested] 20+ messages in thread
* [gentoo-commits] proj/security:master commit in: data/CVE/
@ 2014-08-04 23:45 Pavlos Ratis
0 siblings, 0 replies; 20+ messages in thread
From: Pavlos Ratis @ 2014-08-04 23:45 UTC (permalink / raw
To: gentoo-commits
commit: 3e3c4e556cbe556a413490a39ab9b8de1765d6f4
Author: Stefan Behte <craig <AT> gentoo <DOT> org>
AuthorDate: Mon Dec 13 23:53:38 2010 +0000
Commit: Pavlos Ratis <dastergon <AT> gentoo <DOT> org>
CommitDate: Mon Dec 13 23:53:38 2010 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/security.git;a=commit;h=3e3c4e55
MITRE sync
svn path=/; revision=2218
---
data/CVE/list | 42 +++++++++++++++++++++++++++++++++++++++++-
1 file changed, 41 insertions(+), 1 deletion(-)
diff --git a/data/CVE/list b/data/CVE/list
index e0f8065..9a3167f 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -93283,7 +93283,7 @@ CVE-2010-3764 (The Old Charts implementation in Bugzilla 2.12 through 3.2.8, 3.4
TODO: check
CVE-2010-3765 (Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, ...)
TODO: check
-CVE-2010-3766 (Use-after-free vulnerability in Mozilla Firefox before 3.5.16 and 3.6.x ...)
+CVE-2010-3766 (Use-after-free vulnerability in Mozilla Firefox before 3.5.16 and ...)
TODO: check
CVE-2010-3767 (Integer overflow in the NewIdArray function in Mozilla Firefox before ...)
TODO: check
@@ -94892,3 +94892,43 @@ CVE-2011-0024
RESERVED
CVE-2011-0025
RESERVED
+CVE-2011-0026
+ RESERVED
+CVE-2011-0027
+ RESERVED
+CVE-2011-0028
+ RESERVED
+CVE-2011-0029
+ RESERVED
+CVE-2011-0030
+ RESERVED
+CVE-2011-0031
+ RESERVED
+CVE-2011-0032
+ RESERVED
+CVE-2011-0033
+ RESERVED
+CVE-2011-0034
+ RESERVED
+CVE-2011-0035
+ RESERVED
+CVE-2011-0036
+ RESERVED
+CVE-2011-0037
+ RESERVED
+CVE-2011-0038
+ RESERVED
+CVE-2011-0039
+ RESERVED
+CVE-2011-0040
+ RESERVED
+CVE-2011-0041
+ RESERVED
+CVE-2011-0042
+ RESERVED
+CVE-2011-0043
+ RESERVED
+CVE-2011-0044
+ RESERVED
+CVE-2011-0045
+ RESERVED
^ permalink raw reply related [flat|nested] 20+ messages in thread
* [gentoo-commits] proj/security:master commit in: data/CVE/
@ 2014-08-04 23:45 Pavlos Ratis
0 siblings, 0 replies; 20+ messages in thread
From: Pavlos Ratis @ 2014-08-04 23:45 UTC (permalink / raw
To: gentoo-commits
commit: e4f069728dae68ad3d31a96115b9cd85c9ceb830
Author: Stefan Behte <craig <AT> gentoo <DOT> org>
AuthorDate: Sat Dec 11 17:04:26 2010 +0000
Commit: Pavlos Ratis <dastergon <AT> gentoo <DOT> org>
CommitDate: Sat Dec 11 17:04:26 2010 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/security.git;a=commit;h=e4f06972
MITRE sync
svn path=/; revision=2216
---
data/CVE/list | 995 +++++++++++++++++++++++++++++++++++++++++++++-------------
1 file changed, 774 insertions(+), 221 deletions(-)
diff --git a/data/CVE/list b/data/CVE/list
index 93d1ee7..c7916e6 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -47346,6 +47346,8 @@ CVE-2006-7241 (The Image Viewer component in IBM FileNet P8 Application Engine (
NOT-FOR-US: ibm filenet_p8_application_engine
CVE-2006-7242 (The Workplace (aka WP) component in IBM FileNet P8 Application Engine ...)
NOT-FOR-US: ibm filenet_p8_application_engine
+CVE-2006-7243
+ RESERVED
CVE-2007-0001 (The file watch implementation in the audit subsystem (auditctl -w) in ...)
TODO: check-old
CVE-2007-0002 (Multiple heap-based buffer overflows in WordPerfect Document ...)
@@ -75586,8 +75588,16 @@ CVE-2008-7264 (The ftp_QUIT function in ftpserver.py in pyftpdlib before 0.5.0 a
NOT-FOR-US: g rodola pyftpdlib
CVE-2008-7265 (The pr_data_xfer function in ProFTPD before 1.3.2rc3 allows remote ...)
TODO: check
-CVE-2008-7266
- RESERVED
+CVE-2008-7266 (Cross-site scripting (XSS) vulnerability in an unspecified Shockwave ...)
+ TODO: check
+CVE-2008-7267 (SQL injection vulnerability in announcements.php in SiteEngine 5.x ...)
+ TODO: check
+CVE-2008-7268 (The phpinfo function in SiteEngine 5.x allows remote attackers to ...)
+ TODO: check
+CVE-2008-7269 (Open redirect vulnerability in api.php in SiteEngine 5.x allows ...)
+ TODO: check
+CVE-2008-7270 (OpenSSL before 0.9.8j, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is ...)
+ TODO: check
CVE-2009-0001 (Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote ...)
NOT-FOR-US: apple quicktime
CVE-2009-0002 (Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote ...)
@@ -83110,7 +83120,7 @@ CVE-2009-3741
RESERVED
CVE-2009-3742 (Cross-site scripting (XSS) vulnerability in Liferay Portal before ...)
NOT-FOR-US: Liferay Portal
-CVE-2009-3743 (Off-by-one error in the TrueType bytecode interpreter in Ghostscript ...)
+CVE-2009-3743 (Off-by-one error in the Ins_MINDEX function in the TrueType bytecode ...)
TODO: check
CVE-2009-3744 (rep_serv.exe 6.3.1.3 in the server in EMC RepliStor allows remote ...)
NOT-FOR-US: server in EMC RepliStor allows remote attackers to cause a denial of service via a crafted packet to TCP port
@@ -85682,6 +85692,32 @@ CVE-2009-5017 (Mozilla Firefox before 3.6 Beta 3 does not properly handle overlo
TODO: check
CVE-2009-5018
RESERVED
+CVE-2009-5019 (Web Wiz NewsPad stores sensitive information under the web root with ...)
+ TODO: check
+CVE-2009-5020 (Open redirect vulnerability in awredir.pl in AWStats before 6.95 ...)
+ TODO: check
+CVE-2009-5021 (Cobbler before 1.6.1 does not properly determine whether an ...)
+ TODO: check
+CVE-2009-5022
+ RESERVED
+CVE-2009-5023
+ RESERVED
+CVE-2009-5024
+ RESERVED
+CVE-2009-5025
+ RESERVED
+CVE-2009-5026
+ RESERVED
+CVE-2009-5027
+ RESERVED
+CVE-2009-5028
+ RESERVED
+CVE-2009-5029
+ RESERVED
+CVE-2009-5030
+ RESERVED
+CVE-2009-5031
+ RESERVED
CVE-2010-0001 (Integer underflow in the unlzw function in unlzw.c in gzip before 1.4 ...)
BUG: 300943
CVE-2010-0002 (The /etc/profile.d/60alias.sh script in the Mandriva bash package for ...)
@@ -86761,8 +86797,8 @@ CVE-2010-0528 (Apple QuickTime before 7.6.6 on Windows allows remote attackers t
NOT-FOR-US: apple quicktime
CVE-2010-0529 (Heap-based buffer overflow in QuickTime.qts in Apple QuickTime before ...)
NOT-FOR-US: apple quicktime
-CVE-2010-0530
- RESERVED
+CVE-2010-0530 (Apple QuickTime before 7.6.9 on Windows sets weak permissions for the ...)
+ TODO: check
CVE-2010-0531 (Apple iTunes before 9.1 allows remote attackers to cause a denial of ...)
NOT-FOR-US: apple itunes
CVE-2010-0532 (Race condition in the installation package in Apple iTunes before 9.1 ...)
@@ -88347,10 +88383,10 @@ CVE-2010-1321 (The kg_accept_krb5 function in krb5/accept_sec_context.c in the .
BUG: 323525
CVE-2010-1322 (The merge_authdata function in kdc_authdata.c in the Key Distribution ...)
TODO: check
-CVE-2010-1323
- RESERVED
-CVE-2010-1324
- RESERVED
+CVE-2010-1323 (MIT Kerberos 5 (aka krb5) 1.3.x, 1.4.x, 1.5.x, 1.6.x, 1.7.x, and 1.8.x ...)
+ TODO: check
+CVE-2010-1324 (MIT Kerberos 5 (aka krb5) 1.7.x and 1.8.x through 1.8.3 does not ...)
+ TODO: check
CVE-2010-1325 (Cross-site request forgery (CSRF) vulnerability in the apache2-slms ...)
NOT-FOR-US: novell suse_lifecycle_management_server
CVE-2010-1326 (perms.cpp in March Hare Software CVSNT 2.0.58, 2.5.01, 2.5.02, 2.5.03 ...)
@@ -88718,8 +88754,8 @@ CVE-2010-1506 (The Google V8 bindings in Google Chrome before 4.1.249.1059 allow
TODO: check
CVE-2010-1507 (WebYaST in yast2-webclient in SUSE Linux Enterprise (SLE) 11 on the ...)
NOT-FOR-US: novell suse_linux
-CVE-2010-1508
- RESERVED
+CVE-2010-1508 (Heap-based buffer overflow in Apple QuickTime before 7.6.9 on Windows ...)
+ TODO: check
CVE-2010-1509 (IrfanView before 4.27 does not properly handle an unspecified integer ...)
NOT-FOR-US: irfanview
CVE-2010-1510 (Heap-based buffer overflow in IrfanView before 4.27 allows remote ...)
@@ -90177,8 +90213,8 @@ CVE-2010-2233 (tif_getimage.c in LibTIFF 3.9.0 and 3.9.2 on 64-bit platforms, as
TODO: check
CVE-2010-2234 (Cross-site request forgery (CSRF) vulnerability in Apache CouchDB ...)
BUG: 335881
-CVE-2010-2235
- RESERVED
+CVE-2010-2235 (template_api.py in Cobbler before 2.0.7, as used in Red Hat Network ...)
+ TODO: check
CVE-2010-2236
RESERVED
CVE-2010-2237 (Red Hat libvirt, possibly 0.6.1 through 0.8.2, looks up disk backing ...)
@@ -90881,8 +90917,8 @@ CVE-2010-2584 (The Upload method in the RealPage Module Upload ActiveX control i
TODO: check
CVE-2010-2585 (Multiple buffer overflows in the RealPage Module Upload ActiveX ...)
TODO: check
-CVE-2010-2586
- RESERVED
+CVE-2010-2586 (Multiple integer overflows in in_nsv.dll in the in_nsv plugin in ...)
+ TODO: check
CVE-2010-2587
RESERVED
CVE-2010-2588
@@ -90987,8 +91023,8 @@ CVE-2010-2637 (IBM WebSphere MQ 6.0 before 6.0.2.9 and 7.0 before 7.0.1.1 does n
TODO: check
CVE-2010-2638 (Unspecified vulnerability in IBM WebSphere MQ 7.0 before 7.0.1.5 ...)
TODO: check
-CVE-2010-2639
- RESERVED
+CVE-2010-2639 (IBM WebSphere Commerce Enterprise 7.0 before 7.0.0.2 allows remote ...)
+ TODO: check
CVE-2010-2640
RESERVED
CVE-2010-2641
@@ -91231,8 +91267,8 @@ CVE-2010-2759 (Bugzilla 2.23.1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 through
BUG: 332193
CVE-2010-2760 (Use-after-free vulnerability in the nsTreeSelection function in ...)
TODO: check
-CVE-2010-2761
- RESERVED
+CVE-2010-2761 (The multipart_init function in (1) CGI.pm before 3.50 and (2) ...)
+ TODO: check
CVE-2010-2762 (The XPCSafeJSObjectWrapper class in the SafeJSObjectWrapper (aka SJOW) ...)
TODO: check
CVE-2010-2763 (The XPCSafeJSObjectWrapper class in the SafeJSObjectWrapper (aka SJOW) ...)
@@ -91295,8 +91331,8 @@ CVE-2010-2791 (mod_proxy in httpd in Apache HTTP Server 2.2.9, when running on U
BUG: 330195
CVE-2010-2792 (Race condition in the SPICE (aka spice-xpi) plug-in 2.2 for Firefox ...)
NOT-FOR-US: redhat spice xpi
-CVE-2010-2793
- RESERVED
+CVE-2010-2793 (Race condition in the SPICE (aka spice-activex) plug-in for Internet ...)
+ TODO: check
CVE-2010-2794 (The SPICE (aka spice-xpi) plug-in 2.2 for Firefox allows local users ...)
NOT-FOR-US: redhat spice xpi
CVE-2010-2795 (phpCAS before 1.1.2 allows remote authenticated users to hijack ...)
@@ -91633,10 +91669,10 @@ CVE-2010-2960 (The keyctl_session_to_parent function in security/keys/keyctl.c i
TODO: check
CVE-2010-2961 (mountall.c in mountall before 2.15.2 uses 0666 permissions for the ...)
NOT-FOR-US: scott_james_remnant mountall
-CVE-2010-2962
- RESERVED
-CVE-2010-2963
- RESERVED
+CVE-2010-2962 (drivers/gpu/drm/i915/i915_gem.c in the Graphics Execution Manager ...)
+ TODO: check
+CVE-2010-2963 (drivers/media/video/v4l2-compat-ioctl32.c in the Video4Linux (V4L) ...)
+ TODO: check
CVE-2010-2964
RESERVED
CVE-2010-2965 (The WDB target agent debug service in Wind River VxWorks 6.x, 5.x, and ...)
@@ -91843,8 +91879,8 @@ CVE-2010-3064 (Stack-based buffer overflow in the php_mysqlnd_auth_write functio
TODO: check
CVE-2010-3065 (The default session serializer in PHP 5.2 through 5.2.13 and 5.3 ...)
TODO: check
-CVE-2010-3066
- RESERVED
+CVE-2010-3066 (The io_submit_one function in fs/aio.c in the Linux kernel before ...)
+ TODO: check
CVE-2010-3067 (Integer overflow in the do_io_submit function in fs/aio.c in the Linux ...)
TODO: check
CVE-2010-3068
@@ -92243,10 +92279,10 @@ CVE-2010-3264 (The engine installer in Novell Identity Manager (aka IDM) 3.6.1 s
NOT-FOR-US: novell identity_manager
CVE-2010-3265
RESERVED
-CVE-2010-3266
- RESERVED
-CVE-2010-3267
- RESERVED
+CVE-2010-3266 (Multiple cross-site scripting (XSS) vulnerabilities in BugTracker.NET ...)
+ TODO: check
+CVE-2010-3267 (Multiple SQL injection vulnerabilities in BugTracker.NET before 3.4.5 ...)
+ TODO: check
CVE-2010-3268
RESERVED
CVE-2010-3269
@@ -92450,14 +92486,14 @@ CVE-2010-3367
RESERVED
CVE-2010-3368
RESERVED
-CVE-2010-3369 (The (1) mdb and (2) mdb-symbolreader scripts in mono-debugger 2.4.3 ...)
+CVE-2010-3369 (The (1) mdb and (2) mdb-symbolreader scripts in mono-debugger 2.4.3, ...)
TODO: check
CVE-2010-3370
RESERVED
CVE-2010-3371
RESERVED
-CVE-2010-3372
- RESERVED
+CVE-2010-3372 (Untrusted search path vulnerability in NorduGrid Advanced Resource ...)
+ TODO: check
CVE-2010-3373
RESERVED
CVE-2010-3374 (Qt Creator before 2.0.1 places a zero-length directory name in the ...)
@@ -92605,16 +92641,16 @@ CVE-2010-3443
RESERVED
CVE-2010-3444
RESERVED
-CVE-2010-3445
- RESERVED
+CVE-2010-3445 (Stack consumption vulnerability in the dissect_ber_unknown function in ...)
+ TODO: check
CVE-2010-3446
RESERVED
CVE-2010-3447
RESERVED
CVE-2010-3448
RESERVED
-CVE-2010-3449
- RESERVED
+CVE-2010-3449 (Cross-site request forgery (CSRF) vulnerability in Redback before ...)
+ TODO: check
CVE-2010-3450
RESERVED
CVE-2010-3451
@@ -92941,12 +92977,12 @@ CVE-2010-3611 (ISC DHCP server 4.0 before 4.0.2, 4.1 before 4.1.2, and 4.2 befor
TODO: check
CVE-2010-3612
RESERVED
-CVE-2010-3613
- RESERVED
-CVE-2010-3614
- RESERVED
-CVE-2010-3615
- RESERVED
+CVE-2010-3613 (named in ISC BIND 9.6.2 before 9.6.2-P3, 9.6-ESV before 9.6-ESV-R3, ...)
+ TODO: check
+CVE-2010-3614 (named in ISC BIND 9.x before 9.6.2-P3, 9.7.x before 9.7.2-P3, 9.4-ESV ...)
+ TODO: check
+CVE-2010-3615 (named in ISC BIND 9.7.2-P2 does not check all intended locations for ...)
+ TODO: check
CVE-2010-3616
RESERVED
CVE-2010-3617
@@ -93111,10 +93147,10 @@ CVE-2010-3696 (The fr_dhcp_decode function in lib/dhcp.c in FreeRADIUS 2.1.9, in
TODO: check
CVE-2010-3697 (The wait_for_child_to_die function in main/event.c in FreeRADIUS 2.1.x ...)
TODO: check
-CVE-2010-3698
- RESERVED
-CVE-2010-3699
- RESERVED
+CVE-2010-3698 (The KVM implementation in the Linux kernel before 2.6.36 does not ...)
+ TODO: check
+CVE-2010-3699 (The backend driver in Xen 3.x allows guest OS users to cause a denial ...)
+ TODO: check
CVE-2010-3700 (VMware SpringSource Spring Security 2.x before 2.0.6 and 3.x before ...)
TODO: check
CVE-2010-3701 (lib/MessageStoreImpl.cpp in Red Hat Enterprise MRG before 1.2.2 allows ...)
@@ -93125,8 +93161,8 @@ CVE-2010-3703 (The PostScriptFunction::PostScriptFunction function in ...)
TODO: check
CVE-2010-3704 (The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser ...)
TODO: check
-CVE-2010-3705
- RESERVED
+CVE-2010-3705 (The sctp_auth_asoc_get_hmac function in net/sctp/auth.c in the Linux ...)
+ TODO: check
CVE-2010-3706 (plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and ...)
TODO: check
CVE-2010-3707 (plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and ...)
@@ -93247,32 +93283,32 @@ CVE-2010-3764 (The Old Charts implementation in Bugzilla 2.12 through 3.2.8, 3.4
TODO: check
CVE-2010-3765 (Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, ...)
TODO: check
-CVE-2010-3766
- RESERVED
-CVE-2010-3767
- RESERVED
-CVE-2010-3768
- RESERVED
-CVE-2010-3769
- RESERVED
-CVE-2010-3770
- RESERVED
-CVE-2010-3771
- RESERVED
-CVE-2010-3772
- RESERVED
-CVE-2010-3773
- RESERVED
-CVE-2010-3774
- RESERVED
-CVE-2010-3775
- RESERVED
-CVE-2010-3776
- RESERVED
-CVE-2010-3777
- RESERVED
-CVE-2010-3778
- RESERVED
+CVE-2010-3766 (Use-after-free vulnerability in Mozilla Firefox before 3.5.16 and 3.6.x ...)
+ TODO: check
+CVE-2010-3767 (Integer overflow in the NewIdArray function in Mozilla Firefox before ...)
+ TODO: check
+CVE-2010-3768 (Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbird ...)
+ TODO: check
+CVE-2010-3769 (The line-breaking implementation in Mozilla Firefox before 3.5.16 and ...)
+ TODO: check
+CVE-2010-3770 (Multiple cross-site scripting (XSS) vulnerabilities in the rendering ...)
+ TODO: check
+CVE-2010-3771 (Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey ...)
+ TODO: check
+CVE-2010-3772 (Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey ...)
+ TODO: check
+CVE-2010-3773 (Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey ...)
+ TODO: check
+CVE-2010-3774 (The NS_SecurityCompareURIs function in netwerk/base/public/nsNetUtil.h ...)
+ TODO: check
+CVE-2010-3775 (Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey ...)
+ TODO: check
+CVE-2010-3776 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+ TODO: check
+CVE-2010-3777 (Unspecified vulnerability in Mozilla Firefox 3.6.x before 3.6.13 and ...)
+ TODO: check
+CVE-2010-3778 (Unspecified vulnerability in Mozilla Firefox 3.5.x before 3.5.16, ...)
+ TODO: check
CVE-2010-3779 (Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.beta2 grants the ...)
TODO: check
CVE-2010-3780 (Dovecot 1.2.x before 1.2.15 allows remote authenticated users to cause ...)
@@ -93315,12 +93351,12 @@ CVE-2010-3798 (Heap-based buffer overflow in xar in Apple Mac OS X 10.6.x before
TODO: check
CVE-2010-3799
RESERVED
-CVE-2010-3800
- RESERVED
-CVE-2010-3801
- RESERVED
-CVE-2010-3802
- RESERVED
+CVE-2010-3800 (Apple QuickTime before 7.6.9 allows remote attackers to execute ...)
+ TODO: check
+CVE-2010-3801 (Apple QuickTime before 7.6.9 allows remote attackers to execute ...)
+ TODO: check
+CVE-2010-3802 (Integer signedness error in Apple QuickTime before 7.6.9 allows remote ...)
+ TODO: check
CVE-2010-3803 (Integer overflow in WebKit in Apple Safari before 5.0.3 on Mac OS X ...)
TODO: check
CVE-2010-3804 (The JavaScript implementation in WebKit in Apple Safari before 5.0.3 ...)
@@ -93339,12 +93375,12 @@ CVE-2010-3810 (WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6
TODO: check
CVE-2010-3811 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on ...)
TODO: check
-CVE-2010-3812 (Integer overflow in WebKit in Apple Safari before 5.0.3 on Mac OS X ...)
+CVE-2010-3812 (Integer overflow in the wholeText method in WebKit in Apple Safari ...)
TODO: check
CVE-2010-3813 (WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and ...)
TODO: check
-CVE-2010-3814
- RESERVED
+CVE-2010-3814 (Heap-based buffer overflow in the Ins_SHZ function in ttinterp.c in ...)
+ TODO: check
CVE-2010-3815
RESERVED
CVE-2010-3816 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on ...)
@@ -93369,18 +93405,18 @@ CVE-2010-3825
RESERVED
CVE-2010-3826 (WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and ...)
TODO: check
-CVE-2010-3827
- RESERVED
-CVE-2010-3828
- RESERVED
-CVE-2010-3829
- RESERVED
-CVE-2010-3830
- RESERVED
-CVE-2010-3831
- RESERVED
-CVE-2010-3832
- RESERVED
+CVE-2010-3827 (Apple iOS before 4.2 does not properly validate signatures before ...)
+ TODO: check
+CVE-2010-3828 (iAd Content Display in Apple iOS before 4.2 allows man-in-the-middle ...)
+ TODO: check
+CVE-2010-3829 (WebKit in Apple iOS before 4.2 allows remote attackers to bypass the ...)
+ TODO: check
+CVE-2010-3830 (Networking in Apple iOS before 4.2 accesses an invalid pointer during ...)
+ TODO: check
+CVE-2010-3831 (Photos in Apple iOS before 4.2 enables support for HTTP Basic ...)
+ TODO: check
+CVE-2010-3832 (Heap-based buffer overflow in the GSM mobility management ...)
+ TODO: check
CVE-2010-3833
RESERVED
CVE-2010-3834
@@ -93425,20 +93461,20 @@ CVE-2010-3853
RESERVED
CVE-2010-3854
RESERVED
-CVE-2010-3855
- RESERVED
+CVE-2010-3855 (Buffer overflow in the ft_var_readpackedpoints function in ...)
+ TODO: check
CVE-2010-3856
RESERVED
CVE-2010-3857
RESERVED
-CVE-2010-3858
- RESERVED
+CVE-2010-3858 (The setup_arg_pages function in fs/exec.c in the Linux kernel before ...)
+ TODO: check
CVE-2010-3859
RESERVED
-CVE-2010-3860
- RESERVED
-CVE-2010-3861
- RESERVED
+CVE-2010-3860 (IcedTea before 1.9.2, as based on OpenJDK 6, declares multiple ...)
+ TODO: check
+CVE-2010-3861 (The ethtool_get_rxnfc function in net/core/ethtool.c in the Linux ...)
+ TODO: check
CVE-2010-3862
RESERVED
CVE-2010-3863 (Apache Shiro before 1.1.0, and JSecurity 0.9.x, does not canonicalize ...)
@@ -93475,8 +93511,8 @@ CVE-2010-3878
RESERVED
CVE-2010-3879
RESERVED
-CVE-2010-3880
- RESERVED
+CVE-2010-3880 (net/ipv4/inet_diag.c in the Linux kernel before 2.6.37-rc2 does not ...)
+ TODO: check
CVE-2010-3881
RESERVED
CVE-2010-3882 (Multiple cross-site scripting (XSS) vulnerabilities in CMS Made Simple ...)
@@ -93524,8 +93560,8 @@ CVE-2010-3902 (OpenConnect before 2.26 places the webvpn cookie value in the ...
TODO: check
CVE-2010-3903 (Unspecified vulnerability in OpenConnect before 2.23 allows remote ...)
TODO: check
-CVE-2010-3904
- RESERVED
+CVE-2010-3904 (The rds_page_copy_user function in net/rds/page.c in the Reliable ...)
+ TODO: check
CVE-2010-3905
RESERVED
CVE-2010-3906
@@ -93534,12 +93570,12 @@ CVE-2010-3907
RESERVED
CVE-2010-3908
RESERVED
-CVE-2010-3909
- RESERVED
-CVE-2010-3910
- RESERVED
-CVE-2010-3911
- RESERVED
+CVE-2010-3909 (Incomplete blacklist vulnerability in config.template.php in vtiger ...)
+ TODO: check
+CVE-2010-3910 (Multiple directory traversal vulnerabilities in the ...)
+ TODO: check
+CVE-2010-3911 (Multiple cross-site scripting (XSS) vulnerabilities in vtiger CRM ...)
+ TODO: check
CVE-2010-3912
RESERVED
CVE-2010-3913 (CRLF injection vulnerability in TransWARE Active! mail 6 build ...)
@@ -93552,16 +93588,16 @@ CVE-2010-3916 (Unspecified vulnerability in JustSystems Ichitaro and Ichitaro ..
TODO: check
CVE-2010-3917
RESERVED
-CVE-2010-3918
- RESERVED
-CVE-2010-3919
- RESERVED
-CVE-2010-3920
- RESERVED
-CVE-2010-3921
- RESERVED
-CVE-2010-3922
- RESERVED
+CVE-2010-3918 (Fenrir Sleipnir 2.9.6 and earlier does not prevent interaction between ...)
+ TODO: check
+CVE-2010-3919 (Fenrir Grani 4.5 and earlier does not prevent interaction between web ...)
+ TODO: check
+CVE-2010-3920 (The Seiko Epson printer driver installers for LP-S9000 before 4.1.11 ...)
+ TODO: check
+CVE-2010-3921 (Cross-site scripting (XSS) vulnerability in Movable Type 4.x before ...)
+ TODO: check
+CVE-2010-3922 (SQL injection vulnerability in Movable Type 4.x before 4.35 and 5.x ...)
+ TODO: check
CVE-2010-3923
RESERVED
CVE-2010-3924
@@ -93734,14 +93770,14 @@ CVE-2010-4007 (Oracle Mojarra uses an encrypted View State without a Message ...
NOT-FOR-US: oracle mojarra
CVE-2010-4008 (libxml2 before 2.7.8, as used in Google Chrome before 7.0.517.44, ...)
TODO: check
-CVE-2010-4009
- RESERVED
+CVE-2010-4009 (Integer overflow in Apple QuickTime before 7.6.9 allows remote ...)
+ TODO: check
CVE-2010-4010 (Integer signedness error in Apple Type Services (ATS) in Apple Mac OS ...)
TODO: check
CVE-2010-4011 (Dovecot in Apple Mac OS X 10.6.5 10H574 does not properly manage ...)
TODO: check
-CVE-2010-4012
- RESERVED
+CVE-2010-4012 (Race condition in Apple iOS 4.0 through 4.1 for iPhone 3G and later ...)
+ TODO: check
CVE-2010-4013
RESERVED
CVE-2010-4014
@@ -93756,10 +93792,10 @@ CVE-2010-4018
RESERVED
CVE-2010-4019
RESERVED
-CVE-2010-4020
- RESERVED
-CVE-2010-4021
- RESERVED
+CVE-2010-4020 (MIT Kerberos 5 (aka krb5) 1.8.x through 1.8.3 does not reject RC4 ...)
+ TODO: check
+CVE-2010-4021 (The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.7 ...)
+ TODO: check
CVE-2010-4022
RESERVED
CVE-2010-4023 (Cross-site scripting (XSS) vulnerability in HP Insight Control Power ...)
@@ -93860,30 +93896,30 @@ CVE-2010-4070 (Integer overflow in librpc.dll in portmap.exe (aka the ISM Portma
TODO: check
CVE-2010-4071
RESERVED
-CVE-2010-4072
- RESERVED
-CVE-2010-4073
- RESERVED
-CVE-2010-4074
- RESERVED
-CVE-2010-4075
- RESERVED
-CVE-2010-4076
- RESERVED
-CVE-2010-4077
- RESERVED
-CVE-2010-4078
- RESERVED
-CVE-2010-4079
- RESERVED
-CVE-2010-4080
- RESERVED
-CVE-2010-4081
- RESERVED
-CVE-2010-4082
- RESERVED
-CVE-2010-4083
- RESERVED
+CVE-2010-4072 (The copy_shmid_to_user function in ipc/shm.c in the Linux kernel ...)
+ TODO: check
+CVE-2010-4073 (The ipc subsystem in the Linux kernel before 2.6.37-rc1 does not ...)
+ TODO: check
+CVE-2010-4074 (The USB subsystem in the Linux kernel before 2.6.36-rc5 does not ...)
+ TODO: check
+CVE-2010-4075 (The uart_get_count function in drivers/serial/serial_core.c in the ...)
+ TODO: check
+CVE-2010-4076 (The rs_ioctl function in drivers/char/amiserial.c in the Linux kernel ...)
+ TODO: check
+CVE-2010-4077 (The ntty_ioctl_tiocgicount function in drivers/char/nozomi.c in the ...)
+ TODO: check
+CVE-2010-4078 (The sisfb_ioctl function in drivers/video/sis/sis_main.c in the Linux ...)
+ TODO: check
+CVE-2010-4079 (The ivtvfb_ioctl function in drivers/media/video/ivtv/ivtvfb.c in the ...)
+ TODO: check
+CVE-2010-4080 (The snd_hdsp_hwdep_ioctl function in sound/pci/rme9652/hdsp.c in the ...)
+ TODO: check
+CVE-2010-4081 (The snd_hdspm_hwdep_ioctl function in sound/pci/rme9652/hdspm.c in the ...)
+ TODO: check
+CVE-2010-4082 (The viafb_ioctl_get_viafb_info function in drivers/video/via/ioctl.c ...)
+ TODO: check
+CVE-2010-4083 (The copy_semid_to_user function in ipc/sem.c in the Linux kernel ...)
+ TODO: check
CVE-2010-4084 (dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows ...)
TODO: check
CVE-2010-4085 (dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows ...)
@@ -93932,10 +93968,10 @@ CVE-2010-4106 (Cross-site request forgery (CSRF) vulnerability in HP Insight Con
TODO: check
CVE-2010-4107 (The default configuration of the PJL Access value in the File System ...)
TODO: check
-CVE-2010-4108
- RESERVED
-CVE-2010-4109
- RESERVED
+CVE-2010-4108 (HP HP-UX B.11.11, B.11.23, and B.11.31 does not properly support ...)
+ TODO: check
+CVE-2010-4109 (Cross-site scripting (XSS) vulnerability in the Contacts Application ...)
+ TODO: check
CVE-2010-4110
RESERVED
CVE-2010-4111
@@ -94016,8 +94052,8 @@ CVE-2010-4148 (Directory traversal vulnerability in AnyConnect 1.2.3.0, and poss
TODO: check
CVE-2010-4149 (Directory traversal vulnerability in FreshWebMaster Fresh FTP 5.36, ...)
TODO: check
-CVE-2010-4150
- RESERVED
+CVE-2010-4150 (Double free vulnerability in the imap_do_open function in the IMAP ...)
+ TODO: check
CVE-2010-4151 (SQL injection vulnerability in misc.php in DeluxeBB 1.3, and possibly ...)
TODO: check
CVE-2010-4152 (SQL injection vulnerability in catalog/index.shtml in 4site CMS 2.6, ...)
@@ -94030,8 +94066,8 @@ CVE-2010-4155 (Multiple cross-site scripting (XSS) vulnerabilities in eXV2 CMS 2
TODO: check
CVE-2010-4156 (The mb_strcut function in Libmbfl 1.1.0, as used in PHP 5.3.x through ...)
TODO: check
-CVE-2010-4157
- RESERVED
+CVE-2010-4157 (Integer overflow in the ioc_general function in drivers/scsi/gdth.c in ...)
+ TODO: check
CVE-2010-4158
RESERVED
CVE-2010-4159 (Untrusted search path vulnerability in metadata/loader.c in Mono 2.8 ...)
@@ -94056,28 +94092,28 @@ CVE-2010-4168 (Multiple use-after-free vulnerabilities in OpenTTD 1.0.x before 1
TODO: check
CVE-2010-4169 (Use-after-free vulnerability in mm/mprotect.c in the Linux kernel ...)
TODO: check
-CVE-2010-4170
- RESERVED
-CVE-2010-4171
- RESERVED
-CVE-2010-4172
- RESERVED
+CVE-2010-4170 (The staprun runtime tool in SystemTap 1.3 does not properly clear the ...)
+ TODO: check
+CVE-2010-4171 (The staprun runtime tool in SystemTap 1.3 does not verify that a ...)
+ TODO: check
+CVE-2010-4172 (Multiple cross-site scripting (XSS) vulnerabilities in the Manager ...)
+ TODO: check
CVE-2010-4173 (The default configuration of libsdp.conf in libsdp 1.1.104 and earlier ...)
TODO: check
CVE-2010-4174
RESERVED
CVE-2010-4175
RESERVED
-CVE-2010-4176
- RESERVED
+CVE-2010-4176 (plymouth-pretrigger.sh in dracut and udev, when running on Fedora 13 ...)
+ TODO: check
CVE-2010-4177
RESERVED
CVE-2010-4178
RESERVED
-CVE-2010-4179
- RESERVED
-CVE-2010-4180
- RESERVED
+CVE-2010-4179 (The installation documentation for Red Hat Enterprise Messaging, ...)
+ TODO: check
+CVE-2010-4180 (OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when ...)
+ TODO: check
CVE-2010-4181 (Directory traversal vulnerability in Yaws 1.89 allows remote attackers ...)
TODO: check
CVE-2010-4182 (Untrusted search path vulnerability in the Data Access Objects (DAO) ...)
@@ -94209,38 +94245,38 @@ CVE-2010-4244
RESERVED
CVE-2010-4245
RESERVED
-CVE-2010-4246
- RESERVED
+CVE-2010-4246 (Multiple cross-site scripting (XSS) vulnerabilities in graph.php in ...)
+ TODO: check
CVE-2010-4247
RESERVED
-CVE-2010-4248
- RESERVED
-CVE-2010-4249
- RESERVED
+CVE-2010-4248 (Race condition in the __exit_signal function in kernel/exit.c in the ...)
+ TODO: check
+CVE-2010-4249 (The wait_for_unix_gc function in net/unix/garbage.c in the Linux ...)
+ TODO: check
CVE-2010-4250
RESERVED
CVE-2010-4251
RESERVED
-CVE-2010-4252
- RESERVED
+CVE-2010-4252 (OpenSSL before 1.0.0c, when J-PAKE is enabled, does not properly ...)
+ TODO: check
CVE-2010-4253
RESERVED
-CVE-2010-4254
- RESERVED
+CVE-2010-4254 (Mono, when Moonlight before 2.3.0.1 or 2.99.x before 2.99.0.10 is ...)
+ TODO: check
CVE-2010-4255
RESERVED
CVE-2010-4256
RESERVED
-CVE-2010-4257
- RESERVED
+CVE-2010-4257 (SQL injection vulnerability in the do_trackbacks function in ...)
+ TODO: check
CVE-2010-4258
RESERVED
-CVE-2010-4259
- RESERVED
-CVE-2010-4260
- RESERVED
-CVE-2010-4261
- RESERVED
+CVE-2010-4259 (Stack-based buffer overflow in FontForge 20100501 allows remote ...)
+ TODO: check
+CVE-2010-4260 (Multiple unspecified vulnerabilities in pdf.c in libclamav in ClamAV ...)
+ TODO: check
+CVE-2010-4261 (Off-by-one error in the icon_cb function in pe_icons.c in libclamav in ...)
+ TODO: check
CVE-2010-4262
RESERVED
CVE-2010-4263
@@ -94273,18 +94309,18 @@ CVE-2010-4276
RESERVED
CVE-2010-4277
RESERVED
-CVE-2010-4278
- RESERVED
-CVE-2010-4279
- RESERVED
-CVE-2010-4280
- RESERVED
-CVE-2010-4281
- RESERVED
-CVE-2010-4282
- RESERVED
-CVE-2010-4283
- RESERVED
+CVE-2010-4278 (operation/agentes/networkmap.php in Pandora FMS before 3.1.1 allows ...)
+ TODO: check
+CVE-2010-4279 (The default configuration of Pandora FMS 3.1 and earlier specifies an ...)
+ TODO: check
+CVE-2010-4280 (Multiple SQL injection vulnerabilities in Pandora FMS before 3.1.1 ...)
+ TODO: check
+CVE-2010-4281 (Incomplete blacklist vulnerability in the safe_url_extraclean function ...)
+ TODO: check
+CVE-2010-4282 (Multiple directory traversal vulnerabilities in Pandora FMS before ...)
+ TODO: check
+CVE-2010-4283 (PHP remote file inclusion vulnerability in extras/pandora_diag.php in ...)
+ TODO: check
CVE-2010-4284
RESERVED
CVE-2010-4285
@@ -94305,22 +94341,22 @@ CVE-2010-4292
RESERVED
CVE-2010-4293
RESERVED
-CVE-2010-4294
- RESERVED
-CVE-2010-4295
- RESERVED
-CVE-2010-4296
- RESERVED
-CVE-2010-4297
- RESERVED
-CVE-2010-4298
- RESERVED
+CVE-2010-4294 (The frame decompression functionality in the VMnc media codec in ...)
+ TODO: check
+CVE-2010-4295 (Race condition in the mounting process in vmware-mount in VMware ...)
+ TODO: check
+CVE-2010-4296 (vmware-mount in VMware Workstation 7.x before 7.1.2 build 301548 on ...)
+ TODO: check
+CVE-2010-4297 (The VMware Tools update functionality in VMware Workstation 6.5.x ...)
+ TODO: check
+CVE-2010-4298 (SQL injection vulnerability in the download module in Free Simple ...)
+ TODO: check
CVE-2010-4299 (Heap-based buffer overflow in ZfHIPCND.exe in Novell Zenworks 7 ...)
TODO: check
-CVE-2010-4300
- RESERVED
-CVE-2010-4301
- RESERVED
+CVE-2010-4300 (Heap-based buffer overflow in the dissect_ldss_transfer function ...)
+ TODO: check
+CVE-2010-4301 (epan/dissectors/packet-zbee-zcl.c in the ZigBee ZCL dissector in ...)
+ TODO: check
CVE-2010-4302 (/opt/rv/Versions/CurrentVersion/Mcu/Config/Mcu.val in Cisco Unified ...)
TODO: check
CVE-2010-4303 (Cisco Unified Videoconferencing (UVC) System 5110 and 5115, when the ...)
@@ -94339,3 +94375,520 @@ CVE-2010-4309
RESERVED
CVE-2010-4310
RESERVED
+CVE-2010-4311 (Free Simple Software 1.0 stores passwords in cleartext, which allows ...)
+ TODO: check
+CVE-2010-4312 (The default configuration of Apache Tomcat 6.x does not include the ...)
+ TODO: check
+CVE-2010-4313 (Unrestricted file upload vulnerability in fileman_file_upload.php in ...)
+ TODO: check
+CVE-2010-4314
+ RESERVED
+CVE-2010-4315
+ RESERVED
+CVE-2010-4316
+ RESERVED
+CVE-2010-4317
+ RESERVED
+CVE-2010-4318
+ RESERVED
+CVE-2010-4319
+ RESERVED
+CVE-2010-4320
+ RESERVED
+CVE-2010-4321
+ RESERVED
+CVE-2010-4322
+ RESERVED
+CVE-2010-4323
+ RESERVED
+CVE-2010-4324
+ RESERVED
+CVE-2010-4325
+ RESERVED
+CVE-2010-4326
+ RESERVED
+CVE-2010-4327
+ RESERVED
+CVE-2010-4328
+ RESERVED
+CVE-2010-4329 (Cross-site scripting (XSS) vulnerability in the PMA_linkOrButton ...)
+ TODO: check
+CVE-2010-4330 (Directory traversal vulnerability in includes/controller.php in Pulse ...)
+ TODO: check
+CVE-2010-4331
+ RESERVED
+CVE-2010-4332
+ RESERVED
+CVE-2010-4333
+ RESERVED
+CVE-2010-4334
+ RESERVED
+CVE-2010-4335
+ RESERVED
+CVE-2010-4336
+ RESERVED
+CVE-2010-4337
+ RESERVED
+CVE-2010-4338
+ RESERVED
+CVE-2010-4339
+ RESERVED
+CVE-2010-4340
+ RESERVED
+CVE-2010-4341
+ RESERVED
+CVE-2010-4342
+ RESERVED
+CVE-2010-4343
+ RESERVED
+CVE-2010-4344
+ RESERVED
+CVE-2010-4345
+ RESERVED
+CVE-2010-4346
+ RESERVED
+CVE-2010-4347
+ RESERVED
+CVE-2010-4348
+ RESERVED
+CVE-2010-4349
+ RESERVED
+CVE-2010-4350
+ RESERVED
+CVE-2010-4351
+ RESERVED
+CVE-2010-4352
+ RESERVED
+CVE-2010-4353
+ RESERVED
+CVE-2010-4354 (The remote-access IPSec VPN implementation on Cisco Adaptive Security ...)
+ TODO: check
+CVE-2010-4355 (Cross-site scripting (XSS) vulnerability in DaDaBIK before 4.3 beta2, ...)
+ TODO: check
+CVE-2010-4356 (SQL injection vulnerability in news_default.asp in Site2Nite Big Truck ...)
+ TODO: check
+CVE-2010-4357 (SQL injection vulnerability in comments.php in SiteEngine 7.1 allows ...)
+ TODO: check
+CVE-2010-4358 (Multiple cross-site scripting (XSS) vulnerabilities in gb.cgi in ...)
+ TODO: check
+CVE-2010-4359 (SQL injection vulnerability in index.php in Jurpopage 0.2.0 allows ...)
+ TODO: check
+CVE-2010-4360 (Multiple SQL injection vulnerabilities in index.php in Jurpopage 0.2.0 ...)
+ TODO: check
+CVE-2010-4361 (Cross-site scripting (XSS) vulnerability in url-gateway.php in ...)
+ TODO: check
+CVE-2010-4362 (Multiple SQL injection vulnerabilities in MicroNetsoft RV Dealer ...)
+ TODO: check
+CVE-2010-4363 (Multiple SQL injection vulnerabilities in contact.php in MRCGIGUY ...)
+ TODO: check
+CVE-2010-4364 (DaDaBIK 4.3 beta3, when running in a case-sensitive environment, does ...)
+ TODO: check
+CVE-2010-4365 (SQL injection vulnerability in JE Ajax Event Calendar ...)
+ TODO: check
+CVE-2010-4366 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+ TODO: check
+CVE-2010-4367 (awstats.cgi in AWStats before 7.0 accepts a configdir parameter in the ...)
+ TODO: check
+CVE-2010-4368 (awstats.cgi in AWStats before 7.0 on Windows accepts a configdir ...)
+ TODO: check
+CVE-2010-4369 (Directory traversal vulnerability in AWStats before 7.0 allows remote ...)
+ TODO: check
+CVE-2010-4370 (Multiple integer overflows in the in_midi plugin in Winamp before 5.6 ...)
+ TODO: check
+CVE-2010-4371 (Buffer overflow in the in_mod plugin in Winamp before 5.6 allows ...)
+ TODO: check
+CVE-2010-4372 (Integer overflow in the in_nsv plugin in Winamp before 5.6 allows ...)
+ TODO: check
+CVE-2010-4373 (The in_mp4 plugin in Winamp before 5.6 allows remote attackers to ...)
+ TODO: check
+CVE-2010-4374 (The in_mkv plugin in Winamp before 5.6 allows remote attackers to ...)
+ TODO: check
+CVE-2010-4375
+ RESERVED
+CVE-2010-4376
+ RESERVED
+CVE-2010-4377
+ RESERVED
+CVE-2010-4378
+ RESERVED
+CVE-2010-4379
+ RESERVED
+CVE-2010-4380
+ RESERVED
+CVE-2010-4381
+ RESERVED
+CVE-2010-4382
+ RESERVED
+CVE-2010-4383
+ RESERVED
+CVE-2010-4384
+ RESERVED
+CVE-2010-4385
+ RESERVED
+CVE-2010-4386
+ RESERVED
+CVE-2010-4387
+ RESERVED
+CVE-2010-4388
+ RESERVED
+CVE-2010-4389
+ RESERVED
+CVE-2010-4390
+ RESERVED
+CVE-2010-4391
+ RESERVED
+CVE-2010-4392
+ RESERVED
+CVE-2010-4393
+ RESERVED
+CVE-2010-4394
+ RESERVED
+CVE-2010-4395
+ RESERVED
+CVE-2010-4396
+ RESERVED
+CVE-2010-4397
+ RESERVED
+CVE-2010-4398 (Stack-based buffer overflow in the RtlQueryRegistryValues function in ...)
+ TODO: check
+CVE-2010-4399 (Directory traversal vulnerability in languages.inc.php in DynPG CMS ...)
+ TODO: check
+CVE-2010-4400 (SQL injection vulnerability in _rights.php in DynPG CMS 4.2.0 allows ...)
+ TODO: check
+CVE-2010-4401 (languages.inc.php in DynPG CMS 4.2.0 allows remote attackers to obtain ...)
+ TODO: check
+CVE-2010-4402 (Multiple cross-site scripting (XSS) vulnerabilities in wp-login.php in ...)
+ TODO: check
+CVE-2010-4403 (The Register Plus plugin 3.5.1 and earlier for WordPress allows remote ...)
+ TODO: check
+CVE-2010-4404 (SQL injection vulnerability in the Yannick Gaultier sh404SEF component ...)
+ TODO: check
+CVE-2010-4405 (Cross-site scripting (XSS) vulnerability in the Yannick Gaultier ...)
+ TODO: check
+CVE-2010-4406 (Directory traversal vulnerability in gallery.php in Brunetton ...)
+ TODO: check
+CVE-2010-4407 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+ TODO: check
+CVE-2010-4408 (Apache Archiva 1.0 through 1.0.3, 1.1 through 1.1.4, 1.2 through ...)
+ TODO: check
+CVE-2010-4409 (Integer overflow in the NumberFormatter::getSymbol (aka ...)
+ TODO: check
+CVE-2010-4410 (CRLF injection vulnerability in the header function in (1) CGI.pm ...)
+ TODO: check
+CVE-2010-4411 (Unspecified vulnerability in CGI.pm 3.50 and earlier allows remote ...)
+ TODO: check
+CVE-2010-4412 (Multiple cross-site scripting (XSS) vulnerabilities in pfSense 2 beta ...)
+ TODO: check
+CVE-2010-4413
+ RESERVED
+CVE-2010-4414
+ RESERVED
+CVE-2010-4415
+ RESERVED
+CVE-2010-4416
+ RESERVED
+CVE-2010-4417
+ RESERVED
+CVE-2010-4418
+ RESERVED
+CVE-2010-4419
+ RESERVED
+CVE-2010-4420
+ RESERVED
+CVE-2010-4421
+ RESERVED
+CVE-2010-4422
+ RESERVED
+CVE-2010-4423
+ RESERVED
+CVE-2010-4424
+ RESERVED
+CVE-2010-4425
+ RESERVED
+CVE-2010-4426
+ RESERVED
+CVE-2010-4427
+ RESERVED
+CVE-2010-4428
+ RESERVED
+CVE-2010-4429
+ RESERVED
+CVE-2010-4430
+ RESERVED
+CVE-2010-4431
+ RESERVED
+CVE-2010-4432
+ RESERVED
+CVE-2010-4433
+ RESERVED
+CVE-2010-4434
+ RESERVED
+CVE-2010-4435
+ RESERVED
+CVE-2010-4436
+ RESERVED
+CVE-2010-4437
+ RESERVED
+CVE-2010-4438
+ RESERVED
+CVE-2010-4439
+ RESERVED
+CVE-2010-4440
+ RESERVED
+CVE-2010-4441
+ RESERVED
+CVE-2010-4442
+ RESERVED
+CVE-2010-4443
+ RESERVED
+CVE-2010-4444
+ RESERVED
+CVE-2010-4445
+ RESERVED
+CVE-2010-4446
+ RESERVED
+CVE-2010-4447
+ RESERVED
+CVE-2010-4448
+ RESERVED
+CVE-2010-4449
+ RESERVED
+CVE-2010-4450
+ RESERVED
+CVE-2010-4451
+ RESERVED
+CVE-2010-4452
+ RESERVED
+CVE-2010-4453
+ RESERVED
+CVE-2010-4454
+ RESERVED
+CVE-2010-4455
+ RESERVED
+CVE-2010-4456
+ RESERVED
+CVE-2010-4457
+ RESERVED
+CVE-2010-4458
+ RESERVED
+CVE-2010-4459
+ RESERVED
+CVE-2010-4460
+ RESERVED
+CVE-2010-4461
+ RESERVED
+CVE-2010-4462
+ RESERVED
+CVE-2010-4463
+ RESERVED
+CVE-2010-4464
+ RESERVED
+CVE-2010-4465
+ RESERVED
+CVE-2010-4466
+ RESERVED
+CVE-2010-4467
+ RESERVED
+CVE-2010-4468
+ RESERVED
+CVE-2010-4469
+ RESERVED
+CVE-2010-4470
+ RESERVED
+CVE-2010-4471
+ RESERVED
+CVE-2010-4472
+ RESERVED
+CVE-2010-4473
+ RESERVED
+CVE-2010-4474
+ RESERVED
+CVE-2010-4475
+ RESERVED
+CVE-2010-4476
+ RESERVED
+CVE-2010-4477
+ RESERVED
+CVE-2010-4478 (OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly ...)
+ TODO: check
+CVE-2010-4479 (Unspecified vulnerability in pdf.c in libclamav in ClamAV before ...)
+ TODO: check
+CVE-2010-4480 (error.php in PhpMyAdmin 3.3.8.1 and earlier allows remote attackers to ...)
+ TODO: check
+CVE-2010-4481
+ RESERVED
+CVE-2010-4482 (Unspecified vulnerability in Google Chrome before 8.0.552.215 allows ...)
+ TODO: check
+CVE-2010-4483 (Google Chrome before 8.0.552.215 does not properly restrict read ...)
+ TODO: check
+CVE-2010-4484 (Google Chrome before 8.0.552.215 does not properly handle HTML5 ...)
+ TODO: check
+CVE-2010-4485 (Google Chrome before 8.0.552.215 does not properly restrict the ...)
+ TODO: check
+CVE-2010-4486 (Use-after-free vulnerability in Google Chrome before 8.0.552.215 ...)
+ TODO: check
+CVE-2010-4487 (Incomplete blacklist vulnerability in Google Chrome before 8.0.552.215 ...)
+ TODO: check
+CVE-2010-4488 (Google Chrome before 8.0.552.215 does not properly handle HTTP proxy ...)
+ TODO: check
+CVE-2010-4489 (Google Chrome before 8.0.552.215 does not properly handle WebM video, ...)
+ TODO: check
+CVE-2010-4490 (Google Chrome before 8.0.552.215 allows remote attackers to cause a ...)
+ TODO: check
+CVE-2010-4491 (Google Chrome before 8.0.552.215 does not properly restrict privileged ...)
+ TODO: check
+CVE-2010-4492 (Use-after-free vulnerability in Google Chrome before 8.0.552.215 ...)
+ TODO: check
+CVE-2010-4493 (Use-after-free vulnerability in Google Chrome before 8.0.552.215 ...)
+ TODO: check
+CVE-2010-4494 (Double free vulnerability in Google Chrome before 8.0.552.215 allows ...)
+ TODO: check
+CVE-2010-4495
+ RESERVED
+CVE-2010-4496
+ RESERVED
+CVE-2010-4497
+ RESERVED
+CVE-2010-4498
+ RESERVED
+CVE-2010-4499
+ RESERVED
+CVE-2010-4500 (Multiple SQL injection vulnerabilities in contact.php in MRCGIGUY ...)
+ TODO: check
+CVE-2010-4501 (IO::Socket::SSL Perl module 1.35, when verify_mode is not VERIFY_NONE, ...)
+ TODO: check
+CVE-2010-4502 (Integer overflow in KmxSbx.sys 6.2.0.22 in CA Internet Security Suite ...)
+ TODO: check
+CVE-2010-4503 (SQL injection vulnerability in indexlight.php in Aigaion 1.3.4 allows ...)
+ TODO: check
+CVE-2010-4504 (Multiple cross-site scripting (XSS) vulnerabilities in eSyndiCat ...)
+ TODO: check
+CVE-2010-4505 (Multiple SQL injection vulnerabilities in login.php in Injader 2.4.4, ...)
+ TODO: check
+CVE-2010-4506
+ RESERVED
+CVE-2010-4507
+ RESERVED
+CVE-2010-4508 (The WebSockets implementation in Mozilla Firefox 4 through 4.0 Beta 7 ...)
+ TODO: check
+CVE-2010-4509 (Multiple unspecified vulnerabilities in Movable Type 4.x before 4.35 ...)
+ TODO: check
+CVE-2010-4510
+ REJECTED
+ TODO: check
+CVE-2010-4511 (Unspecified vulnerability in Movable Type 4.x before 4.35 and 5.x ...)
+ TODO: check
+CVE-2010-4512 (Cobbler before 2.0.4 uses an incorrect umask value, which allows local ...)
+ TODO: check
+CVE-2010-4513 (Multiple cross-site scripting (XSS) vulnerabilities in Zimplit CMS ...)
+ TODO: check
+CVE-2010-4514 (Cross-site scripting (XSS) vulnerability in Install/InstallWizard.aspx ...)
+ TODO: check
+CVE-2010-4515 (Cross-site scripting (XSS) vulnerability in Citrix Web Interface 5.0, ...)
+ TODO: check
+CVE-2010-4516 (Multiple cross-site scripting (XSS) vulnerabilities in the JXtended ...)
+ TODO: check
+CVE-2010-4517 (SQL injection vulnerability in the JExtensions JE Auto (com_jeauto) ...)
+ TODO: check
+CVE-2010-4518 (Cross-site scripting (XSS) vulnerability in ...)
+ TODO: check
+CVE-2010-4519
+ RESERVED
+CVE-2010-4520
+ RESERVED
+CVE-2010-4521
+ RESERVED
+CVE-2010-4522
+ RESERVED
+CVE-2010-4523
+ RESERVED
+CVE-2010-4524
+ RESERVED
+CVE-2010-4525
+ RESERVED
+CVE-2010-4526
+ RESERVED
+CVE-2010-4527
+ RESERVED
+CVE-2010-4528
+ RESERVED
+CVE-2010-4529
+ RESERVED
+CVE-2010-4530
+ RESERVED
+CVE-2010-4531
+ RESERVED
+CVE-2010-4532
+ RESERVED
+CVE-2010-4533
+ RESERVED
+CVE-2010-4534
+ RESERVED
+CVE-2010-4535
+ RESERVED
+CVE-2010-4536
+ RESERVED
+CVE-2010-4537
+ RESERVED
+CVE-2010-4538
+ RESERVED
+CVE-2010-4539
+ RESERVED
+CVE-2010-4540
+ RESERVED
+CVE-2010-4541
+ RESERVED
+CVE-2010-4542
+ RESERVED
+CVE-2010-4543
+ RESERVED
+CVE-2011-0001
+ RESERVED
+CVE-2011-0002
+ RESERVED
+CVE-2011-0003
+ RESERVED
+CVE-2011-0004
+ RESERVED
+CVE-2011-0005
+ RESERVED
+CVE-2011-0006
+ RESERVED
+CVE-2011-0007
+ RESERVED
+CVE-2011-0008
+ RESERVED
+CVE-2011-0009
+ RESERVED
+CVE-2011-0010
+ RESERVED
+CVE-2011-0011
+ RESERVED
+CVE-2011-0012
+ RESERVED
+CVE-2011-0013
+ RESERVED
+CVE-2011-0014
+ RESERVED
+CVE-2011-0015
+ RESERVED
+CVE-2011-0016
+ RESERVED
+CVE-2011-0017
+ RESERVED
+CVE-2011-0018
+ RESERVED
+CVE-2011-0019
+ RESERVED
+CVE-2011-0020
+ RESERVED
+CVE-2011-0021
+ RESERVED
+CVE-2011-0022
+ RESERVED
+CVE-2011-0023
+ RESERVED
+CVE-2011-0024
+ RESERVED
+CVE-2011-0025
+ RESERVED
^ permalink raw reply related [flat|nested] 20+ messages in thread
* [gentoo-commits] proj/security:master commit in: data/CVE/
@ 2014-08-04 23:45 Pavlos Ratis
0 siblings, 0 replies; 20+ messages in thread
From: Pavlos Ratis @ 2014-08-04 23:45 UTC (permalink / raw
To: gentoo-commits
commit: 63c603c81defbc71ed4631268e0f7d9bb9b47776
Author: Stefan Behte <craig <AT> gentoo <DOT> org>
AuthorDate: Sat Dec 11 17:59:20 2010 +0000
Commit: Pavlos Ratis <dastergon <AT> gentoo <DOT> org>
CommitDate: Sat Dec 11 17:59:20 2010 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/security.git;a=commit;h=63c603c8
nfu
svn path=/; revision=2217
---
data/CVE/list | 822 +++++++++++++++++++++++++++++-----------------------------
1 file changed, 411 insertions(+), 411 deletions(-)
diff --git a/data/CVE/list b/data/CVE/list
index c7916e6..e0f8065 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -47341,7 +47341,7 @@ CVE-2006-7238 (Cross-site scripting (XSS) vulnerability in MyShoutPro before 1.2
CVE-2006-7239 (The _gnutls_x509_oid2mac_algorithm function in lib/gnutls_algorithms.c ...)
NOT-FOR-US: Obsolete
CVE-2006-7240 (gnome-power-manager 2.14.0 does not properly implement the ...)
- TODO: check
+ NOT-FOR-US: age old version
CVE-2006-7241 (The Image Viewer component in IBM FileNet P8 Application Engine (P8AE) ...)
NOT-FOR-US: ibm filenet_p8_application_engine
CVE-2006-7242 (The Workplace (aka WP) component in IBM FileNet P8 Application Engine ...)
@@ -75589,13 +75589,13 @@ CVE-2008-7264 (The ftp_QUIT function in ftpserver.py in pyftpdlib before 0.5.0 a
CVE-2008-7265 (The pr_data_xfer function in ProFTPD before 1.3.2rc3 allows remote ...)
TODO: check
CVE-2008-7266 (Cross-site scripting (XSS) vulnerability in an unspecified Shockwave ...)
- TODO: check
+ NOT-FOR-US: rsa adaptive_authentication
CVE-2008-7267 (SQL injection vulnerability in announcements.php in SiteEngine 5.x ...)
- TODO: check
+ NOT-FOR-US: boka siteengine
CVE-2008-7268 (The phpinfo function in SiteEngine 5.x allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: boka siteengine
CVE-2008-7269 (Open redirect vulnerability in api.php in SiteEngine 5.x allows ...)
- TODO: check
+ NOT-FOR-US: boka siteengine
CVE-2008-7270 (OpenSSL before 0.9.8j, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is ...)
TODO: check
CVE-2009-0001 (Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote ...)
@@ -85693,11 +85693,11 @@ CVE-2009-5017 (Mozilla Firefox before 3.6 Beta 3 does not properly handle overlo
CVE-2009-5018
RESERVED
CVE-2009-5019 (Web Wiz NewsPad stores sensitive information under the web root with ...)
- TODO: check
+ NOT-FOR-US: webwiz web_wiz_newspad
CVE-2009-5020 (Open redirect vulnerability in awredir.pl in AWStats before 6.95 ...)
TODO: check
CVE-2009-5021 (Cobbler before 1.6.1 does not properly determine whether an ...)
- TODO: check
+ NOT-FOR-US: cobbler
CVE-2009-5022
RESERVED
CVE-2009-5023
@@ -85941,9 +85941,9 @@ CVE-2010-0110
CVE-2010-0111
RESERVED
CVE-2010-0112 (Multiple SQL injection vulnerabilities in the Administrative Interface ...)
- TODO: check
+ NOT-FOR-US: symantec im_manager
CVE-2010-0113 (The Symantec Norton Mobile Security application 1.0 Beta for Android ...)
- TODO: check
+ NOT-FOR-US: symantec mobile_security
CVE-2010-0114
RESERVED
CVE-2010-0115
@@ -86176,7 +86176,7 @@ CVE-2010-0217
CVE-2010-0218 (ISC BIND 9.7.2 through 9.7.2-P1 uses an incorrect ACL to restrict the ...)
NOT-FOR-US: We only have 9.7.2_p2, and it's still unstable.
CVE-2010-0219 (Apache Axis2, as used in dswsbobje.war in SAP BusinessObjects ...)
- TODO: check
+ NOT-FOR-US: sap businessobjects
CVE-2010-0220 (The nsObserverList::FillObserverArray function in ...)
BUG: 312679
CVE-2010-0221 (Kingston DataTraveler BlackBox (DTBB), DataTraveler Secure Privacy ...)
@@ -86798,7 +86798,7 @@ CVE-2010-0528 (Apple QuickTime before 7.6.6 on Windows allows remote attackers t
CVE-2010-0529 (Heap-based buffer overflow in QuickTime.qts in Apple QuickTime before ...)
NOT-FOR-US: apple quicktime
CVE-2010-0530 (Apple QuickTime before 7.6.9 on Windows sets weak permissions for the ...)
- TODO: check
+ NOT-FOR-US: apple quicktime
CVE-2010-0531 (Apple iTunes before 9.1 allows remote attackers to cause a denial of ...)
NOT-FOR-US: apple itunes
CVE-2010-0532 (Race condition in the installation package in Apple iTunes before 9.1 ...)
@@ -87302,15 +87302,15 @@ CVE-2010-0780
CVE-2010-0781 (Unspecified vulnerability in the administrative console in IBM ...)
NOT-FOR-US: ibm websphere_application_server
CVE-2010-0782 (IBM WebSphere MQ 6.x before 6.0.2.10 and 7.x before 7.0.1.3 allows ...)
- TODO: check
+ NOT-FOR-US: ibm websphere_mq
CVE-2010-0783 (Cross-site scripting (XSS) vulnerability in the Administrative Console ...)
- TODO: check
+ NOT-FOR-US: ibm websphere_application_server
CVE-2010-0784 (Cross-site scripting (XSS) vulnerability in the Administrative Console ...)
- TODO: check
+ NOT-FOR-US: ibm websphere_application_server
CVE-2010-0785 (Cross-site request forgery (CSRF) vulnerability in the Administrative ...)
- TODO: check
+ NOT-FOR-US: ibm websphere_application_server
CVE-2010-0786 (The Web Services Security component in IBM WebSphere Application ...)
- TODO: check
+ NOT-FOR-US: ibm websphere_application_server
CVE-2010-0787 (client/mount.cifs.c in mount.cifs in smbfs in Samba 3.0.22, 3.0.28a, ...)
BUG: 308067
CVE-2010-0788 (ncpfs 2.2.6 allows local users to cause a denial of service, obtain ...)
@@ -88785,7 +88785,7 @@ CVE-2010-1521 (SQL injection vulnerability in include/classes/tzn_user.php in ..
CVE-2010-1522 (Multiple SQL injection vulnerabilities in the BookLibrary Basic ...)
NOT-FOR-US: ordasoft com_booklibrary
CVE-2010-1523 (Multiple heap-based buffer overflows in vp6.w5s (aka the VP6 codec) in ...)
- TODO: check
+ NOT-FOR-US: nullsoft winamp
CVE-2010-1524 (The SpreadSheet Lotus 123 reader (wkssr.dll) in Autonomy KeyView 10.4 ...)
NOT-FOR-US: autonomy keyview_viewer_sdk
CVE-2010-1525 (Integer underflow in the SpreadSheet Lotus 123 reader (wkssr.dll) in ...)
@@ -89126,7 +89126,7 @@ CVE-2010-1691
CVE-2010-1692
RESERVED
CVE-2010-1693 (openibd in OpenFabrics Enterprise Distribution (OFED) 1.5.2 allows ...)
- TODO: check
+ NOT-FOR-US: openfabrics enterprise_distribution
CVE-2010-1694
RESERVED
CVE-2010-1695
@@ -89398,45 +89398,45 @@ CVE-2010-1826
CVE-2010-1827
RESERVED
CVE-2010-1828 (AFP Server in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-1829 (Directory traversal vulnerability in AFP Server in Apple Mac OS X ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-1830 (AFP Server in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 generates ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-1831 (Buffer overflow in Apple Type Services (ATS) in Apple Mac OS X 10.5.8 ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-1832 (Stack-based buffer overflow in Apple Type Services (ATS) in Apple Mac ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-1833 (Apple Type Services (ATS) in Apple Mac OS X 10.6.x before 10.6.5 ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-1834 (CFNetwork in Apple Mac OS X 10.6.x before 10.6.5 does not properly ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-1835
RESERVED
CVE-2010-1836 (Stack-based buffer overflow in CoreGraphics in Apple Mac OS X 10.5.8 ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-1837 (CoreText in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-1838 (Directory Services in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-1839
RESERVED
CVE-2010-1840 (Stack-based buffer overflow in the password-validation functionality ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-1841 (Disk Images in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-1842 (Buffer overflow in AppKit in Apple Mac OS X 10.6.x before 10.6.5 ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-1843 (Networking in Apple Mac OS X 10.6.2 through 10.6.4 allows remote ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-1844 (Unspecified vulnerability in Image Capture in Apple Mac OS X 10.6.x ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-1845 (ImageIO in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-1846 (Heap-based buffer overflow in Image RAW in Apple Mac OS X 10.5.8 and ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-1847 (The kernel in Apple Mac OS X 10.6.x before 10.6.5 does not properly ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-1848 (Directory traversal vulnerability in MySQL 5.0 through 5.0.91 and 5.1 ...)
BUG: 321791
CVE-2010-1849 (The my_net_skip_rest function in sql/net_serv.cc in MySQL 5.0 through ...)
@@ -90214,7 +90214,7 @@ CVE-2010-2233 (tif_getimage.c in LibTIFF 3.9.0 and 3.9.2 on 64-bit platforms, as
CVE-2010-2234 (Cross-site request forgery (CSRF) vulnerability in Apache CouchDB ...)
BUG: 335881
CVE-2010-2235 (template_api.py in Cobbler before 2.0.7, as used in Red Hat Network ...)
- TODO: check
+ NOT-FOR-US: michael_dehaan cobbler
CVE-2010-2236
RESERVED
CVE-2010-2237 (Red Hat libvirt, possibly 0.6.1 through 0.8.2, looks up disk backing ...)
@@ -90480,11 +90480,11 @@ CVE-2010-2365 (Cross-site scripting (XSS) vulnerability in Free CGI Moo moobbs2
CVE-2010-2366 (Cross-site scripting (XSS) vulnerability in futomi CGI Cafe Access ...)
NOT-FOR-US: futomi access_analyzer_cgi
CVE-2010-2367 (Cross-site scripting (XSS) vulnerability in search.cgi in AD-EDIT2 ...)
- TODO: check
+ NOT-FOR-US: norenz ad edit2
CVE-2010-2368 (Untrusted search path vulnerability in Lhaplus before 1.58 allows ...)
- TODO: check
+ NOT-FOR-US: lhaplus
CVE-2010-2369 (Untrusted search path vulnerability in Lhasa 0.19 and earlier allows ...)
- TODO: check
+ NOT-FOR-US: susie_ro lhasa
CVE-2010-2370 (Unspecified vulnerability in the Oracle Business Process Management ...)
NOT-FOR-US: oracle fusion_middleware
CVE-2010-2371 (Unspecified vulnerability in the Oracle Transportation Management ...)
@@ -90522,13 +90522,13 @@ CVE-2010-2386 (Unspecified vulnerability in Oracle Solaris 8, 9, and 10, and ...
CVE-2010-2387
RESERVED
CVE-2010-2388 (Unspecified vulnerability in the Oracle Applications Manager component ...)
- TODO: check
+ NOT-FOR-US: oracle e business_suite
CVE-2010-2389 (Unspecified vulnerability in the Perl component in Oracle Database ...)
- TODO: check
+ NOT-FOR-US: oracle fusion_middleware
CVE-2010-2390 (Unspecified vulnerability in the Database Control component in EM ...)
- TODO: check
+ NOT-FOR-US: oracle fusion_middleware
CVE-2010-2391 (Unspecified vulnerability in the Core RDBMS component in Oracle ...)
- TODO: check
+ NOT-FOR-US: oracle database_server
CVE-2010-2392 (Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows ...)
NOT-FOR-US: oracle solaris
CVE-2010-2393 (Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows ...)
@@ -90536,9 +90536,9 @@ CVE-2010-2393 (Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris al
CVE-2010-2394 (Unspecified vulnerability in Oracle Solaris 10 allows local users to ...)
NOT-FOR-US: oracle solaris
CVE-2010-2395 (Unspecified vulnerability in the Cabo/UIX component in Oracle Fusion ...)
- TODO: check
+ NOT-FOR-US: oracle fusion_middleware
CVE-2010-2396 (Unspecified vulnerability in the Forms component in Oracle Fusion ...)
- TODO: check
+ NOT-FOR-US: oracle fusion_middleware
CVE-2010-2397 (Unspecified vulnerability in Oracle Sun Java System Application Server ...)
NOT-FOR-US: oracle sun_glassfish_enterprise_server
CVE-2010-2398 (Unspecified vulnerability in the PeopleSoft Enterprise HCM component ...)
@@ -90554,37 +90554,37 @@ CVE-2010-2402 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTool
CVE-2010-2403 (Unspecified vulnerability in the PeopleSoft Enterprise Campus ...)
NOT-FOR-US: oracle peoplesoft_and_jdedwards_suite_campus_solutions
CVE-2010-2404 (Unspecified vulnerability in the Oracle iRecruitment component in ...)
- TODO: check
+ NOT-FOR-US: oracle e business_suite
CVE-2010-2405 (Unspecified vulnerability in the Siebel Core - Highly Interactive ...)
- TODO: check
+ NOT-FOR-US: oracle siebel_suite
CVE-2010-2406 (Unspecified vulnerability in the Siebel Core - Highly Interactive ...)
- TODO: check
+ NOT-FOR-US: oracle siebel_suite
CVE-2010-2407 (Unspecified vulnerability in the XDK component in Oracle Database ...)
- TODO: check
+ NOT-FOR-US: oracle database_server
CVE-2010-2408 (Unspecified vulnerability in the Oracle iRecruitment component in ...)
- TODO: check
+ NOT-FOR-US: oracle e business_suite
CVE-2010-2409 (Unspecified vulnerability in the Cabo/UIX component in Oracle Fusion ...)
- TODO: check
+ NOT-FOR-US: oracle fusion_middleware
CVE-2010-2410 (Unspecified vulnerability in the Cabo/UIX component in Oracle Fusion ...)
- TODO: check
+ NOT-FOR-US: oracle fusion_middleware
CVE-2010-2411 (Unspecified vulnerability in the Job Queue component in Oracle ...)
- TODO: check
+ NOT-FOR-US: oracle database_server
CVE-2010-2412 (Unspecified vulnerability in the OLAP component in Oracle Database ...)
- TODO: check
+ NOT-FOR-US: oracle database_server
CVE-2010-2413 (Unspecified vulnerability in the BI Publisher component in Oracle ...)
- TODO: check
+ NOT-FOR-US: oracle fusion_middleware
CVE-2010-2414 (Unspecified vulnerability in the (1) Sun Convergence 1 and (2) Sun ...)
TODO: check
CVE-2010-2415 (Unspecified vulnerability in the Change Data Capture component in ...)
- TODO: check
+ NOT-FOR-US: oracle database_server
CVE-2010-2416 (Unspecified vulnerability in the Oracle E-Business Intelligence ...)
- TODO: check
+ NOT-FOR-US: oracle e business_suite
CVE-2010-2417 (Unspecified vulnerability in the Agile PLM component in Oracle Supply ...)
- TODO: check
+ NOT-FOR-US: oracle supply_chain_products_suite
CVE-2010-2418 (Unspecified vulnerability in the Oracle Territory Management component ...)
- TODO: check
+ NOT-FOR-US: oracle e business_suite
CVE-2010-2419 (Unspecified vulnerability in the Java Virtual Machine component in ...)
- TODO: check
+ NOT-FOR-US: oracle database_server
CVE-2010-2420 (Multiple unspecified vulnerabilities in Fenrir Inc. ActiveGeckoBrowser ...)
NOT-FOR-US: fenrir inc activegeckobrowser
CVE-2010-2421 (Multiple unspecified vulnerabilities in Opera before 10.54 have ...)
@@ -90700,7 +90700,7 @@ CVE-2010-2475
CVE-2010-2476
RESERVED
CVE-2010-2477 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
- TODO: check
+ NOT-FOR-US: pythonpaste paste
CVE-2010-2478 (Integer overflow in the ethtool_get_rxnfc function in ...)
TODO: check
CVE-2010-2479 (Cross-site scripting (XSS) vulnerability in HTML Purifier before ...)
@@ -90806,7 +90806,7 @@ CVE-2010-2528 (The clientautoresp function in family_icbm.c in the oscar protoco
CVE-2010-2529 (Unspecified vulnerability in ping.c in iputils 20020927, 20070202, ...)
BUG: 332527
CVE-2010-2530 (Multiple integer signedness errors in smb_subr.c in the netsmb module ...)
- TODO: check
+ NOT-FOR-US: netbsd
CVE-2010-2531 (The var_export function in PHP 5.2 before 5.2.14 and 5.3 before 5.3.3 ...)
BUG: 332039
CVE-2010-2532 (** DISPUTED ** ...)
@@ -90816,7 +90816,7 @@ CVE-2010-2533
CVE-2010-2534 (The NetworkSyncCommandQueue function in network/network_command.cpp in ...)
BUG: 320955
CVE-2010-2535 (Multiple cross-site scripting (XSS) vulnerabilities in the Back End in ...)
- TODO: check
+ NOT-FOR-US: joomla
CVE-2010-2536 (Multiple cross-site scripting (XSS) vulnerabilities in rekonq 0.5 and ...)
BUG: 332069
CVE-2010-2537 (The btrfs_ioctl_clone function in fs/btrfs/ioctl.c in the Linux kernel ...)
@@ -90890,9 +90890,9 @@ CVE-2010-2570
CVE-2010-2571
RESERVED
CVE-2010-2572 (Buffer overflow in Microsoft PowerPoint 2002 SP3 and 2003 SP3 allows ...)
- TODO: check
+ NOT-FOR-US: microsoft powerpoint
CVE-2010-2573 (Integer underflow in Microsoft PowerPoint 2002 SP3 and 2003 SP3, ...)
- TODO: check
+ NOT-FOR-US: microsoft powerpoint_viewer
CVE-2010-2574 (Cross-site scripting (XSS) vulnerability in manage_proj_cat_add.php in ...)
BUG: 335850
CVE-2010-2575 (Heap-based buffer overflow in the RLE decompression functionality in ...)
@@ -90902,23 +90902,23 @@ CVE-2010-2576 (Opera before 10.61 does not properly suppress clicks on download
CVE-2010-2577 (Multiple SQL injection vulnerabilities in Pligg before 1.1.1 allow ...)
NOT-FOR-US: pligg
CVE-2010-2578 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...)
- TODO: check
+ NOT-FOR-US: realnetworks realplayer_sp
CVE-2010-2579
RESERVED
CVE-2010-2580 (The SMTP service (MESMTPC.exe) in MailEnable 3.x and 4.25 does not ...)
NOT-FOR-US: mailenable
CVE-2010-2581 (dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows remote ...)
- TODO: check
+ NOT-FOR-US: adobe shockwave_player
CVE-2010-2582 (An unspecified function in TextXtra.x32 in Adobe Shockwave Player ...)
- TODO: check
+ NOT-FOR-US: adobe shockwave_player
CVE-2010-2583 (Stack-based buffer overflow in SonicWALL SSL-VPN End-Point ...)
- TODO: check
+ NOT-FOR-US: sonicwall ssl vpn_end point_interrogator installer_activex_control
CVE-2010-2584 (The Upload method in the RealPage Module Upload ActiveX control in ...)
- TODO: check
+ NOT-FOR-US: realpage module_activex_controls
CVE-2010-2585 (Multiple buffer overflows in the RealPage Module Upload ActiveX ...)
- TODO: check
+ NOT-FOR-US: realpage module_activex_control
CVE-2010-2586 (Multiple integer overflows in in_nsv.dll in the in_nsv plugin in ...)
- TODO: check
+ NOT-FOR-US: nullsoft winamp
CVE-2010-2587
RESERVED
CVE-2010-2588
@@ -91016,15 +91016,15 @@ CVE-2010-2633 (Unspecified vulnerability in EMC Disk Library (EDL) before 3.2.7,
CVE-2010-2634 (RSA enVision before 3.7 SP1 allows remote authenticated users to cause ...)
NOT-FOR-US: rsa envision
CVE-2010-2635 (SQL injection vulnerability in IBM WebSphere Commerce 6.0 before ...)
- TODO: check
+ NOT-FOR-US: ibm websphere_commerce
CVE-2010-2636 (Multiple cross-site scripting (XSS) vulnerabilities in sample store ...)
- TODO: check
+ NOT-FOR-US: ibm websphere_commerce
CVE-2010-2637 (IBM WebSphere MQ 6.0 before 6.0.2.9 and 7.0 before 7.0.1.1 does not ...)
- TODO: check
+ NOT-FOR-US: ibm websphere_mq
CVE-2010-2638 (Unspecified vulnerability in IBM WebSphere MQ 7.0 before 7.0.1.5 ...)
- TODO: check
+ NOT-FOR-US: ibm websphere_mq
CVE-2010-2639 (IBM WebSphere Commerce Enterprise 7.0 before 7.0.0.2 allows remote ...)
- TODO: check
+ NOT-FOR-US: ibm websphere_commerce
CVE-2010-2640
RESERVED
CVE-2010-2641
@@ -91210,11 +91210,11 @@ CVE-2010-2730 (Buffer overflow in Microsoft Internet Information Services (IIS)
CVE-2010-2731 (Unspecified vulnerability in Microsoft Internet Information Services ...)
NOT-FOR-US: microsoft iis
CVE-2010-2732 (Open redirect vulnerability in the web interface in Microsoft ...)
- TODO: check
+ NOT-FOR-US: microsoft forefront_unified_access_gateway
CVE-2010-2733 (Cross-site scripting (XSS) vulnerability in the Web Monitor in ...)
- TODO: check
+ NOT-FOR-US: microsoft forefront_unified_access_gateway
CVE-2010-2734 (Cross-site scripting (XSS) vulnerability in the mobile portal in ...)
- TODO: check
+ NOT-FOR-US: microsoft forefront_unified_access_gateway
CVE-2010-2735
RESERVED
CVE-2010-2736
@@ -91226,27 +91226,27 @@ CVE-2010-2738 (The Uniscribe (aka new Unicode Script Processor) implementation i
CVE-2010-2739 (Buffer overflow in the CreateDIBPalette function in win32k.sys in ...)
NOT-FOR-US: microsoft windows_xp
CVE-2010-2740 (The OpenType Font (OTF) format driver in Microsoft Windows XP SP2 and ...)
- TODO: check
+ NOT-FOR-US: microsoft windows_xp
CVE-2010-2741 (The OpenType Font (OTF) format driver in Microsoft Windows XP SP2 and ...)
- TODO: check
+ NOT-FOR-US: microsoft windows_xp
CVE-2010-2742
RESERVED
CVE-2010-2743
RESERVED
CVE-2010-2744 (The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows ...)
- TODO: check
+ NOT-FOR-US: microsoft windows_xp
CVE-2010-2745 (Microsoft Windows Media Player (WMP) 9 through 12 does not properly ...)
- TODO: check
+ NOT-FOR-US: microsoft windows_media_player
CVE-2010-2746 (Heap-based buffer overflow in Comctl32.dll (aka the common control ...)
- TODO: check
+ NOT-FOR-US: microsoft windows_xp
CVE-2010-2747 (Microsoft Word 2002 SP3 and Office 2004 for Mac do not properly handle ...)
- TODO: check
+ NOT-FOR-US: microsoft word
CVE-2010-2748 (Microsoft Word 2002 SP3 and Office 2004 for Mac do not properly check ...)
- TODO: check
+ NOT-FOR-US: microsoft word
CVE-2010-2749
RESERVED
CVE-2010-2750 (Array index error in Microsoft Word 2002 SP3 and Office 2004 for Mac ...)
- TODO: check
+ NOT-FOR-US: microsoft word
CVE-2010-2751 (The nsDocShell::OnRedirectStateChange function in ...)
TODO: check
CVE-2010-2752 (Integer overflow in an array class in Mozilla Firefox 3.5.x before ...)
@@ -91340,7 +91340,7 @@ CVE-2010-2795 (phpCAS before 1.1.2 allows remote authenticated users to hijack .
CVE-2010-2796 (Cross-site scripting (XSS) vulnerability in phpCAS before 1.1.2, when ...)
NOT-FOR-US: phpCAS
CVE-2010-2797 (Directory traversal vulnerability in lib/translation.functions.php in ...)
- TODO: check
+ NOT-FOR-US: cmsmadesimple cms_made_simple
CVE-2010-2798 (The gfs2_dirent_find_space function in fs/gfs2/dir.c in the Linux ...)
TODO: check
CVE-2010-2799 (Stack-based buffer overflow in the nestlex function in nestlex.c in ...)
@@ -91516,9 +91516,9 @@ CVE-2010-2883 (Stack-based buffer overflow in CoolType.dll in Adobe Reader and .
CVE-2010-2884 (Adobe Flash Player 10.1.82.76 and earlier on Windows, Mac OS X, Linux, ...)
BUG: 337204
CVE-2010-2885 (Cross-site scripting (XSS) vulnerability in Adobe RoboHelp 7 and 8, ...)
- TODO: check
+ NOT-FOR-US: adobe robohelp_server
CVE-2010-2886 (Multiple cross-site scripting (XSS) vulnerabilities in Adobe RoboHelp ...)
- TODO: check
+ NOT-FOR-US: adobe robohelp_server
CVE-2010-2887 (Multiple unspecified vulnerabilities in Adobe Reader and Acrobat 9.x ...)
TODO: check
CVE-2010-2888 (Multiple unspecified vulnerabilities in an ActiveX control in Adobe ...)
@@ -91530,7 +91530,7 @@ CVE-2010-2890 (Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on
CVE-2010-2891 (Buffer overflow in the smiGetNode function in lib/smi.c in libsmi ...)
TODO: check
CVE-2010-2892 (gsb/drivers.php in LANDesk Management Gateway 4.0 through 4.0-1.48 and ...)
- TODO: check
+ NOT-FOR-US: landesk management_gateway
CVE-2010-2893
RESERVED
CVE-2010-2894
@@ -91743,7 +91743,7 @@ CVE-2010-2996 (Array index error in RealNetworks RealPlayer 11.0 through 11.1 on
CVE-2010-2997
RESERVED
CVE-2010-2998 (Array index error in RealNetworks RealPlayer 11.0 through 11.1 and ...)
- TODO: check
+ NOT-FOR-US: realnetworks realplayer_sp
CVE-2010-2999
RESERVED
CVE-2010-3000 (Multiple integer overflows in the ParseKnownType function in ...)
@@ -91822,13 +91822,13 @@ CVE-2010-3035 (Cisco IOS XR 3.4.0 through 3.9.1, when BGP is enabled, does not .
CVE-2010-3036 (Multiple buffer overflows in the authentication functionality in the ...)
TODO: check
CVE-2010-3037 (goform/websXMLAdminRequestCgi.cgi in Cisco Unified Videoconferencing ...)
- TODO: check
+ NOT-FOR-US: cisco unified_videoconferencing_system_5230
CVE-2010-3038 (Cisco Unified Videoconferencing (UVC) System 5110 and 5115, when the ...)
- TODO: check
+ NOT-FOR-US: cisco unified_videoconferencing_system_5115
CVE-2010-3039 (/usr/local/cm/bin/pktCap_protectData in Cisco Unified Communications ...)
- TODO: check
+ NOT-FOR-US: cisco unified_communications_manager
CVE-2010-3040 (Multiple stack-based buffer overflows in agent.exe in Setup Manager in ...)
- TODO: check
+ NOT-FOR-US: cisco intelligent_contact_manager
CVE-2010-3041
RESERVED
CVE-2010-3042
@@ -91888,7 +91888,7 @@ CVE-2010-3068
CVE-2010-3069 (Stack-based buffer overflow in the (1) sid_parse and (2) dom_sid_parse ...)
TODO: check
CVE-2010-3070 (Cross-site scripting (XSS) vulnerability in NuSOAP 0.9.5, as used in ...)
- TODO: check
+ NOT-FOR-US: dietrich_ayala nusoap
CVE-2010-3071 (bip before 0.8.6 allows remote attackers to cause a denial of service ...)
TODO: check
CVE-2010-3072 (The string-comparison functions in String.cci in Squid 3.x before ...)
@@ -91930,13 +91930,13 @@ CVE-2010-3089 (Multiple cross-site scripting (XSS) vulnerabilities in GNU Mailma
CVE-2010-3090
RESERVED
CVE-2010-3091 (The OpenID module in Drupal 6.x before 6.18, and the OpenID module 5.x ...)
- TODO: check
+ NOT-FOR-US: peter_wolanin openid
CVE-2010-3092 (The upload module in Drupal 5.x before 5.23 and 6.x before 6.18 does ...)
- TODO: check
+ NOT-FOR-US: drupal
CVE-2010-3093 (The comment module in Drupal 5.x before 5.23 and 6.x before 6.18 ...)
- TODO: check
+ NOT-FOR-US: drupal
CVE-2010-3094 (Multiple cross-site scripting (XSS) vulnerabilities in Drupal 6.x ...)
- TODO: check
+ NOT-FOR-US: drupal
CVE-2010-3095
RESERVED
CVE-2010-3096 (Directory traversal vulnerability in SoftX FTP Client 3.3 and possibly ...)
@@ -91968,7 +91968,7 @@ CVE-2010-3108 (Buffer overflow in the browser plugin in Novell iPrint Client bef
CVE-2010-3109 (Stack-based buffer overflow in the browser plugin in Novell iPrint ...)
NOT-FOR-US: novell iprint
CVE-2010-3110 (Multiple buffer overflows in the Novell Client novfs module for the ...)
- TODO: check
+ NOT-FOR-US: novfs
CVE-2010-3111 (Google Chrome before 6.0.472.53 does not properly mitigate an ...)
TODO: check
CVE-2010-3112 (Google Chrome before 5.0.375.127 does not properly implement file ...)
@@ -92060,25 +92060,25 @@ CVE-2010-3154 (Untrusted search path vulnerability in Adobe Extension Manager CS
CVE-2010-3155 (Untrusted search path vulnerability in Adobe ExtendScript Toolkit ...)
NOT-FOR-US: adobe extendedscript_toolkit_cs5
CVE-2010-3156 (Untrusted search path vulnerability in K2 K2Editor before 1.5.9 allows ...)
- TODO: check
+ NOT-FOR-US: k2top k2editor
CVE-2010-3157 (Untrusted search path vulnerability in XacRett before 50 allows ...)
- TODO: check
+ NOT-FOR-US: kmonos xacrett
CVE-2010-3158 (Untrusted search path vulnerability in Lhaplus before 1.58 allows ...)
- TODO: check
+ NOT-FOR-US: lhaplus
CVE-2010-3159 (Untrusted search path vulnerability in Explzh 5.67 and earlier allows ...)
- TODO: check
+ NOT-FOR-US: explzh
CVE-2010-3160 (Untrusted search path vulnerability in Archive Decoder 1.23 and ...)
- TODO: check
+ NOT-FOR-US: ponsoftware archive_decoder
CVE-2010-3161 (Untrusted search path vulnerability in TeraPad before 1.00 allows ...)
- TODO: check
+ NOT-FOR-US: susumu_terao terapad
CVE-2010-3162 (Untrusted search path vulnerability in Apsaly before 3.74 allows local ...)
- TODO: check
+ NOT-FOR-US: masahiko_watanabe apsaly
CVE-2010-3163 (Untrusted search path vulnerability in Fenrir Sleipnir before 2.9.5 ...)
- TODO: check
+ NOT-FOR-US: fenrir sleipnir
CVE-2010-3164 (Untrusted search path vulnerability in Fenrir Sleipnir 2.9.4 and ...)
- TODO: check
+ NOT-FOR-US: fenrir sleipnir
CVE-2010-3165 (Untrusted search path vulnerability in Yokka NoEditor 1.33.1.1 and ...)
- TODO: check
+ NOT-FOR-US: yokkasoft uneditor
CVE-2010-3166 (Heap-based buffer overflow in the nsTextFrameUtils::TransformText ...)
TODO: check
CVE-2010-3167 (The nsTreeContentView function in Mozilla Firefox before 3.5.12 and ...)
@@ -92176,65 +92176,65 @@ CVE-2010-3212 (SQL injection vulnerability in index.php in Seagull 0.6.7 and ear
CVE-2010-3213 (Cross-site request forgery (CSRF) vulnerability in Microsoft Outlook ...)
NOT-FOR-US: microsoft outlook_web_access
CVE-2010-3214 (Stack-based buffer overflow in Microsoft Word 2002 SP3, 2003 SP3, 2007 ...)
- TODO: check
+ NOT-FOR-US: microsoft word_web_app
CVE-2010-3215 (Microsoft Word 2002 SP3 and Office 2004 for Mac do not properly handle ...)
- TODO: check
+ NOT-FOR-US: microsoft word
CVE-2010-3216 (Microsoft Word 2002 SP3 and Office 2004 for Mac allow remote attackers ...)
- TODO: check
+ NOT-FOR-US: microsoft word
CVE-2010-3217 (Microsoft Word 2002 SP3 allows remote attackers to execute arbitrary ...)
- TODO: check
+ NOT-FOR-US: microsoft word
CVE-2010-3218 (Heap-based buffer overflow in Microsoft Word 2002 SP3 allows remote ...)
- TODO: check
+ NOT-FOR-US: microsoft word
CVE-2010-3219 (Array index vulnerability in Microsoft Word 2002 SP3 allows remote ...)
- TODO: check
+ NOT-FOR-US: microsoft word
CVE-2010-3220 (Unspecified vulnerability in Microsoft Word 2002 SP3 and Office 2004 ...)
- TODO: check
+ NOT-FOR-US: microsoft word
CVE-2010-3221 (Microsoft Word 2002 SP3 and 2003 SP3, Office 2004 for Mac, and Word ...)
- TODO: check
+ NOT-FOR-US: microsoft word_viewer
CVE-2010-3222 (Stack-based buffer overflow in the Remote Procedure Call Subsystem ...)
- TODO: check
+ NOT-FOR-US: microsoft windows_xp
CVE-2010-3223 (The user interface in Microsoft Cluster Service (MSCS) in Microsoft ...)
- TODO: check
+ NOT-FOR-US: microsoft windows_server_2008
CVE-2010-3224
RESERVED
CVE-2010-3225 (Use-after-free vulnerability in the Media Player Network Sharing ...)
- TODO: check
+ NOT-FOR-US: microsoft windows_vista
CVE-2010-3226
RESERVED
CVE-2010-3227 (Stack-based buffer overflow in the UpdateFrameTitleForDocument method ...)
- TODO: check
+ NOT-FOR-US: microsoft windows_xp
CVE-2010-3228 (The JIT compiler in Microsoft .NET Framework 4.0 on 64-bit platforms ...)
- TODO: check
+ NOT-FOR-US: microsoft net_framework
CVE-2010-3229 (The Secure Channel (aka SChannel) security package in Microsoft ...)
- TODO: check
+ NOT-FOR-US: microsoft windows_vista
CVE-2010-3230 (Integer overflow in Microsoft Excel 2002 SP3 allows remote attackers ...)
- TODO: check
+ NOT-FOR-US: microsoft excel
CVE-2010-3231 (Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML ...)
- TODO: check
+ NOT-FOR-US: microsoft open_xml_file_format_converter
CVE-2010-3232 (Microsoft Excel 2003 SP3 and 2007 SP2; Office 2004 and 2008 for Mac; ...)
- TODO: check
+ NOT-FOR-US: microsoft open_xml_file_format_converter
CVE-2010-3233 (Microsoft Excel 2002 SP3 and 2003 SP3 does not properly validate ...)
- TODO: check
+ NOT-FOR-US: microsoft excel
CVE-2010-3234 (Microsoft Excel 2002 SP3 does not properly validate formula ...)
- TODO: check
+ NOT-FOR-US: microsoft excel
CVE-2010-3235 (Microsoft Excel 2002 SP3 does not properly validate formula ...)
- TODO: check
+ NOT-FOR-US: microsoft excel
CVE-2010-3236 (Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, ...)
- TODO: check
+ NOT-FOR-US: microsoft open_xml_file_format_converter
CVE-2010-3237 (Microsoft Excel 2002 SP3 and Office 2004 for Mac do not properly ...)
- TODO: check
+ NOT-FOR-US: microsoft office
CVE-2010-3238 (Microsoft Excel 2002 SP3 and 2003 SP3, and Office 2004 for Mac, does ...)
- TODO: check
+ NOT-FOR-US: microsoft office
CVE-2010-3239 (Microsoft Excel 2002 SP3 does not properly validate record ...)
- TODO: check
+ NOT-FOR-US: microsoft excel
CVE-2010-3240 (Microsoft Excel 2002 SP3 and 2007 SP2; Excel Viewer SP2; and Office ...)
- TODO: check
+ NOT-FOR-US: microsoft office_compatibility_pack
CVE-2010-3241 (Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML ...)
- TODO: check
+ NOT-FOR-US: microsoft open_xml_file_format_converter
CVE-2010-3242 (Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML ...)
- TODO: check
+ NOT-FOR-US: microsoft open_xml_file_format_converter
CVE-2010-3243 (Cross-site scripting (XSS) vulnerability in the toStaticHTML function ...)
- TODO: check
+ NOT-FOR-US: microsoft sharepoint_services
CVE-2010-3244 (BbtsConnection_Edit.exe in Blackboard Transact Suite (formerly ...)
NOT-FOR-US: blackboard transact_suite
CVE-2010-3245 (The automated-backup functionality in Blackboard Transact Suite ...)
@@ -92280,9 +92280,9 @@ CVE-2010-3264 (The engine installer in Novell Identity Manager (aka IDM) 3.6.1 s
CVE-2010-3265
RESERVED
CVE-2010-3266 (Multiple cross-site scripting (XSS) vulnerabilities in BugTracker.NET ...)
- TODO: check
+ NOT-FOR-US: ifdefined bugtracker net
CVE-2010-3267 (Multiple SQL injection vulnerabilities in BugTracker.NET before 3.4.5 ...)
- TODO: check
+ NOT-FOR-US: ifdefined bugtracker net
CVE-2010-3268
RESERVED
CVE-2010-3269
@@ -92321,17 +92321,17 @@ CVE-2010-3284 (Unspecified vulnerability in HP System Management Homepage (SMH)
CVE-2010-3285 (Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) ...)
NOT-FOR-US: hp openview_network_node_manager
CVE-2010-3286 (Unspecified vulnerability in HP Systems Insight Manager (SIM) 6.0 and ...)
- TODO: check
+ NOT-FOR-US: hp systems_insight_manager
CVE-2010-3287 (Unspecified vulnerability on HP ProCurve Access Points, Access ...)
- TODO: check
+ NOT-FOR-US: hp procurve_access_point_software
CVE-2010-3288 (Cross-site request forgery (CSRF) vulnerability in HP Systems Insight ...)
- TODO: check
+ NOT-FOR-US: hp systems_insight_manager
CVE-2010-3289 (Cross-site scripting (XSS) vulnerability in HP Systems Insight Manager ...)
- TODO: check
+ NOT-FOR-US: hp systems_insight_manager
CVE-2010-3290 (Unspecified vulnerability in HP Systems Insight Manager (SIM) before ...)
- TODO: check
+ NOT-FOR-US: hp systems_insight_manager
CVE-2010-3291 (Cross-site scripting (XSS) vulnerability in HP AssetCenter 5.0x ...)
- TODO: check
+ NOT-FOR-US: hp assetmanager
CVE-2010-3292
RESERVED
CVE-2010-3293
@@ -92363,7 +92363,7 @@ CVE-2010-3305
CVE-2010-3306 (Directory traversal vulnerability in the modURL function in instance.c ...)
NOT-FOR-US: salvo_g _tomaselli weborf
CVE-2010-3307 (Multiple PHP remote file inclusion vulnerabilities in ...)
- TODO: check
+ NOT-FOR-US: dustincowell free_simple_cms
CVE-2010-3308 (Buffer overflow in programs/pluto/xauth.c in the client in Openswan ...)
TODO: check
CVE-2010-3309
@@ -92391,7 +92391,7 @@ CVE-2010-3319 (IBM Records Manager (RM) 4.5.x before 4.5.1.1-IER-FP001 places a
CVE-2010-3320 (Open redirect vulnerability in IBM Records Manager (RM) 4.5.x before ...)
NOT-FOR-US: ibm filenet_content_manager
CVE-2010-3321 (RSA Authentication Client 2.0.x, 3.0, and 3.5.x before 3.5.3 does not ...)
- TODO: check
+ NOT-FOR-US: rsa authentication_client
CVE-2010-3322 (The XML parser in Splunk 4.0.0 through 4.1.4 allows remote ...)
NOT-FOR-US: splunk
CVE-2010-3323 (Splunk 4.0.0 through 4.1.4 allows remote attackers to conduct session ...)
@@ -92399,31 +92399,31 @@ CVE-2010-3323 (Splunk 4.0.0 through 4.1.4 allows remote attackers to conduct ses
CVE-2010-3324 (The toStaticHTML function in Microsoft Internet Explorer 8, and the ...)
NOT-FOR-US: microsoft ie
CVE-2010-3325 (Microsoft Internet Explorer 6 through 8 does not properly handle ...)
- TODO: check
+ NOT-FOR-US: microsoft ie
CVE-2010-3326 (Microsoft Internet Explorer 6 does not properly handle objects in ...)
- TODO: check
+ NOT-FOR-US: microsoft ie
CVE-2010-3327 (The implementation of HTML content creation in Microsoft Internet ...)
- TODO: check
+ NOT-FOR-US: microsoft ie
CVE-2010-3328 (Use-after-free vulnerability in the CAttrArray::PrivateFind function ...)
- TODO: check
+ NOT-FOR-US: microsoft ie
CVE-2010-3329 (mshtmled.dll in Microsoft Internet Explorer 7 and 8 allows remote ...)
- TODO: check
+ NOT-FOR-US: microsoft ie
CVE-2010-3330 (Microsoft Internet Explorer 6 through 8 does not properly restrict ...)
- TODO: check
+ NOT-FOR-US: microsoft ie
CVE-2010-3331 (Microsoft Internet Explorer 6 through 8 does not properly handle ...)
- TODO: check
+ NOT-FOR-US: microsoft ie
CVE-2010-3332 (Microsoft .NET Framework 1.1 SP1, 2.0 SP1 and SP2, 3.5, 3.5 SP1, ...)
NOT-FOR-US: microsoft net_framework
CVE-2010-3333 (Stack-based buffer overflow in Microsoft Office XP SP3, Office 2003 ...)
- TODO: check
+ NOT-FOR-US: microsoft open_xml_file_format_converter
CVE-2010-3334 (Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office ...)
- TODO: check
+ NOT-FOR-US: microsoft open_xml_file_format_converter
CVE-2010-3335 (Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office ...)
- TODO: check
+ NOT-FOR-US: microsoft open_xml_file_format_converter
CVE-2010-3336 (Microsoft Office XP SP3, Office 2004 and 2008 for Mac, Office for Mac ...)
- TODO: check
+ NOT-FOR-US: microsoft open_xml_file_format_converter
CVE-2010-3337 (Untrusted search path vulnerability in Microsoft Office 2007 SP2 and ...)
- TODO: check
+ NOT-FOR-US: microsoft office
CVE-2010-3338
RESERVED
CVE-2010-3339
@@ -92459,7 +92459,7 @@ CVE-2010-3353 (Cowbell 0.2.7.1 places a zero-length directory name in the ...)
CVE-2010-3354 (dropboxd in Dropbox 0.7.110 places a zero-length directory name in the ...)
TODO: check
CVE-2010-3355 (Ember 0.5.7 places a zero-length directory name in the ...)
- TODO: check
+ NOT-FOR-US: ember
CVE-2010-3356
RESERVED
CVE-2010-3357 (gnome-subtitles 1.0 places a zero-length directory name in the ...)
@@ -92469,19 +92469,19 @@ CVE-2010-3358 (HenPlus JDBC SQL-Shell 0.9.7 places a zero-length directory name
CVE-2010-3359
RESERVED
CVE-2010-3360 (Hipo 0.6.1 places a zero-length directory name in the LD_LIBRARY_PATH, ...)
- TODO: check
+ NOT-FOR-US: pedro_villavicencio_garrido hipo
CVE-2010-3361 (The (1) iked, (2) ikea, and (3) ikec scripts in Shrew Soft IKE 2.1.5 ...)
- TODO: check
+ NOT-FOR-US: shrew vpn_client
CVE-2010-3362 (lastfm 1.5.4 places a zero-length directory name in the ...)
TODO: check
CVE-2010-3363 (roarify in roaraudio 0.3 places a zero-length directory name in the ...)
- TODO: check
+ NOT-FOR-US: roaraudio
CVE-2010-3364 (The vips-7.22 script in VIPS 7.22.2 places a zero-length directory ...)
TODO: check
CVE-2010-3365 (Mistelix 0.31 places a zero-length directory name in the ...)
- TODO: check
+ NOT-FOR-US: mistelix
CVE-2010-3366 (Mn_Fit 5.13 places a zero-length directory name in the ...)
- TODO: check
+ NOT-FOR-US: zeus physik uni bonn mn_fit
CVE-2010-3367
RESERVED
CVE-2010-3368
@@ -92493,7 +92493,7 @@ CVE-2010-3370
CVE-2010-3371
RESERVED
CVE-2010-3372 (Untrusted search path vulnerability in NorduGrid Advanced Resource ...)
- TODO: check
+ NOT-FOR-US: nordugrid arc
CVE-2010-3373
RESERVED
CVE-2010-3374 (Qt Creator before 2.0.1 places a zero-length directory name in the ...)
@@ -92503,7 +92503,7 @@ CVE-2010-3375
CVE-2010-3376 (The (1) proofserv, (2) xrdcp, (3) xrdpwdadmin, and (4) xrd scripts in ...)
TODO: check
CVE-2010-3377 (The (1) runSalome, (2) runTestMedCorba, (3) runLightSalome, and (4) ...)
- TODO: check
+ NOT-FOR-US: salome platform salome
CVE-2010-3378 (The (1) scilab, (2) scilab-cli, and (3) scilab-adv-cli scripts in ...)
TODO: check
CVE-2010-3379
@@ -92513,15 +92513,15 @@ CVE-2010-3380 (The (1) init.d/slurm and (2) init.d/slurmdbd scripts in SLURM bef
CVE-2010-3381 (The (1) tangerine and (2) tangerine-properties scripts in Tangerine ...)
TODO: check
CVE-2010-3382 (tauex in Tuning and Analysis Utilities (TAU) 2.16.4 places a ...)
- TODO: check
+ NOT-FOR-US: uoregon tau
CVE-2010-3383 (The (1) teamspeak and (2) teamspeak-server scripts in TeamSpeak 2.0.32 ...)
TODO: check
CVE-2010-3384 (The (1) torcs, (2) nfsperf, (3) accc, (4) texmapper, (5) trackgen, and ...)
TODO: check
CVE-2010-3385 (TuxGuitar 1.2 places a zero-length directory name in the ...)
- TODO: check
+ NOT-FOR-US: herac tuxguitar
CVE-2010-3386 (usttrace in LTTng Userspace Tracer (aka UST) 0.7 places a zero-length ...)
- TODO: check
+ NOT-FOR-US: lttng ust
CVE-2010-3387 (** DISPUTED ** ...)
TODO: check
CVE-2010-3388
@@ -92535,7 +92535,7 @@ CVE-2010-3391
CVE-2010-3392
RESERVED
CVE-2010-3393 (magics-config in Magics++ 2.10.0 places a zero-length directory name ...)
- TODO: check
+ NOT-FOR-US: ecmwf magics
CVE-2010-3394 (The (1) texmacs and (2) tm_mupad_help scripts in TeXmacs 1.0.7.4 place ...)
TODO: check
CVE-2010-3395
@@ -92650,7 +92650,7 @@ CVE-2010-3447
CVE-2010-3448
RESERVED
CVE-2010-3449 (Cross-site request forgery (CSRF) vulnerability in Redback before ...)
- TODO: check
+ NOT-FOR-US: codehaus redback
CVE-2010-3450
RESERVED
CVE-2010-3451
@@ -92734,7 +92734,7 @@ CVE-2010-3489 (Cross-site scripting (XSS) vulnerability in ...)
CVE-2010-3490 (Directory traversal vulnerability in page.recordings.php in the System ...)
NOT-FOR-US: freepbx
CVE-2010-3491 (The (1) ActiveMatrix Runtime and (2) ActiveMatrix Administrator ...)
- TODO: check
+ NOT-FOR-US: tibco activematrix_service_performance_manager
CVE-2010-3492 (The asyncore module in Python before 3.2 does not properly handle ...)
TODO: check
CVE-2010-3493 (Multiple race conditions in smtpd.py in the smtpd module in Python ...)
@@ -93018,11 +93018,11 @@ CVE-2010-3631 (Array index error in Adobe Reader and Acrobat 8.x before 8.2.5 an
CVE-2010-3632 (Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on ...)
TODO: check
CVE-2010-3633 (Memory leak in Adobe Flash Media Server (FMS) 3.0.x before 3.0.7, ...)
- TODO: check
+ NOT-FOR-US: adobe flash_media_server
CVE-2010-3634 (Unspecified vulnerability in the edge process in Adobe Flash Media ...)
- TODO: check
+ NOT-FOR-US: adobe flash_media_server
CVE-2010-3635 (Adobe Flash Media Server (FMS) 3.0.x before 3.0.7, 3.5.x before 3.5.5, ...)
- TODO: check
+ NOT-FOR-US: adobe flash_media_server
CVE-2010-3636 (Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on ...)
TODO: check
CVE-2010-3637 (An unspecified ActiveX control in Adobe Flash Player before 9.0.289.0 ...)
@@ -93062,7 +93062,7 @@ CVE-2010-3653 (The Director module (dirapi.dll) in Adobe Shockwave Player before
CVE-2010-3654 (Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on ...)
TODO: check
CVE-2010-3655 (Stack-based buffer overflow in dirapi.dll in Adobe Shockwave Player ...)
- TODO: check
+ NOT-FOR-US: adobe shockwave_player
CVE-2010-3656 (Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, ...)
TODO: check
CVE-2010-3657 (Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, ...)
@@ -93132,9 +93132,9 @@ CVE-2010-3688 (Directory traversal vulnerability in ADMIN/login.php in NetArtMED
CVE-2010-3689
RESERVED
CVE-2010-3690 (Multiple cross-site scripting (XSS) vulnerabilities in phpCAS before ...)
- TODO: check
+ NOT-FOR-US: jasig phpcas
CVE-2010-3691 (PGTStorage/pgt-file.php in phpCAS before 1.1.3, when proxy mode is ...)
- TODO: check
+ NOT-FOR-US: jasig phpcas
CVE-2010-3692 (Directory traversal vulnerability in the callback function in ...)
NOT-FOR-US: jasig phpcas
CVE-2010-3693
@@ -93178,15 +93178,15 @@ CVE-2010-3711 (libpurple in Pidgin before 2.7.4 does not properly validate the r
CVE-2010-3712 (Cross-site scripting (XSS) vulnerability in Joomla! 1.5.x before ...)
TODO: check
CVE-2010-3713 (rss.php in UseBB before 1.0.11 does not properly handle forum ...)
- TODO: check
+ NOT-FOR-US: usebb
CVE-2010-3714 (The jumpUrl (aka access tracking) implementation in ...)
- TODO: check
+ NOT-FOR-US: typo3
CVE-2010-3715 (Multiple cross-site scripting (XSS) vulnerabilities in TYPO3 4.2.x ...)
- TODO: check
+ NOT-FOR-US: typo3
CVE-2010-3716 (The be_user_creation task in TYPO3 4.2.x before 4.2.15 and 4.3.x ...)
- TODO: check
+ NOT-FOR-US: typo3
CVE-2010-3717 (The t3lib_div::validEmail function in TYPO3 4.2.x before 4.2.15, 4.3.x ...)
- TODO: check
+ NOT-FOR-US: typo3
CVE-2010-3718
RESERVED
CVE-2010-3719
@@ -93218,7 +93218,7 @@ CVE-2010-3731 (Buffer overflow in the Administration Server component in IBM DB2
CVE-2010-3732 (The DRDA Services component in IBM DB2 UDB 9.5 before FP6a allows ...)
NOT-FOR-US: ibm db2
CVE-2010-3733 (The Engine Utilities component in IBM DB2 UDB 9.5 before FP6a uses ...)
- TODO: check
+ NOT-FOR-US: ibm db2
CVE-2010-3734 (The Install component in IBM DB2 UDB 9.5 before FP6a on Linux, UNIX, ...)
NOT-FOR-US: ibm db2
CVE-2010-3735 (The "Query Compiler, Rewrite, Optimizer" component in IBM DB2 UDB 9.5 ...)
@@ -93318,45 +93318,45 @@ CVE-2010-3781 (The PL/php add-on 1.4 and earlier for PostgreSQL does not properl
CVE-2010-3782
RESERVED
CVE-2010-3783 (Password Server in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 does ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-3784 (The PMPageFormatCreateWithDataRepresentation API in Printing in Apple ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-3785 (Buffer overflow in QuickLook in Apple Mac OS X 10.5.8 and 10.6.x ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-3786 (QuickLook in Apple Mac OS X 10.6.x before 10.6.5 allows remote ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-3787 (Heap-based buffer overflow in QuickTime in Apple Mac OS X 10.6.x ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-3788 (QuickTime in Apple Mac OS X 10.6.x before 10.6.5 accesses ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-3789 (QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-3790 (QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-3791 (Buffer overflow in QuickTime in Apple Mac OS X 10.6.x before 10.6.5 ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-3792 (Integer signedness error in QuickTime in Apple Mac OS X 10.6.x before ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-3793 (QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-3794 (QuickTime in Apple Mac OS X 10.6.x before 10.6.5 accesses ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-3795 (QuickTime in Apple Mac OS X 10.6.x before 10.6.5 accesses ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-3796 (Safari RSS in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 does not ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-3797 (Cross-site scripting (XSS) vulnerability in Wiki Server in Apple Mac ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-3798 (Heap-based buffer overflow in xar in Apple Mac OS X 10.6.x before ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-3799
RESERVED
CVE-2010-3800 (Apple QuickTime before 7.6.9 allows remote attackers to execute ...)
- TODO: check
+ NOT-FOR-US: apple quicktime
CVE-2010-3801 (Apple QuickTime before 7.6.9 allows remote attackers to execute ...)
- TODO: check
+ NOT-FOR-US: apple quicktime
CVE-2010-3802 (Integer signedness error in Apple QuickTime before 7.6.9 allows remote ...)
- TODO: check
+ NOT-FOR-US: apple quicktime
CVE-2010-3803 (Integer overflow in WebKit in Apple Safari before 5.0.3 on Mac OS X ...)
TODO: check
CVE-2010-3804 (The JavaScript implementation in WebKit in Apple Safari before 5.0.3 ...)
@@ -93454,9 +93454,9 @@ CVE-2010-3849
CVE-2010-3850
RESERVED
CVE-2010-3851 (libguestfs before 1.5.23, as used in virt-v2v, virt-inspector 1.5.3 ...)
- TODO: check
+ NOT-FOR-US: libguestfs
CVE-2010-3852 (The default configuration of Luci 0.22.4 and earlier in Red Hat Conga ...)
- TODO: check
+ NOT-FOR-US: redhat luci
CVE-2010-3853
RESERVED
CVE-2010-3854
@@ -93478,7 +93478,7 @@ CVE-2010-3861 (The ethtool_get_rxnfc function in net/core/ethtool.c in the Linux
CVE-2010-3862
RESERVED
CVE-2010-3863 (Apache Shiro before 1.1.0, and JSecurity 0.9.x, does not canonicalize ...)
- TODO: check
+ NOT-FOR-US: shiro
CVE-2010-3864 (Multiple race conditions in ssl/t1_lib.c in OpenSSL 0.9.8f through ...)
TODO: check
CVE-2010-3865
@@ -93488,13 +93488,13 @@ CVE-2010-3866
CVE-2010-3867 (Multiple directory traversal vulnerabilities in the mod_site_misc ...)
TODO: check
CVE-2010-3868 (Red Hat Certificate System (RHCS) 7.3 and 8 and Dogtag Certificate ...)
- TODO: check
+ NOT-FOR-US: redhat dogtag_certificate_system
CVE-2010-3869 (Red Hat Certificate System (RHCS) 7.3 and 8 and Dogtag Certificate ...)
- TODO: check
+ NOT-FOR-US: redhat dogtag_certificate_system
CVE-2010-3870 (The utf8_decode function in PHP before 5.3.4 does not properly handle ...)
TODO: check
CVE-2010-3871 (Cross-site scripting (XSS) vulnerability in ...)
- TODO: check
+ NOT-FOR-US: mahara
CVE-2010-3872 (The apr_status_t fcgid_header_bucket_read function in fcgid_bucket.c ...)
TODO: check
CVE-2010-3873
@@ -93516,50 +93516,50 @@ CVE-2010-3880 (net/ipv4/inet_diag.c in the Linux kernel before 2.6.37-rc2 does n
CVE-2010-3881
RESERVED
CVE-2010-3882 (Multiple cross-site scripting (XSS) vulnerabilities in CMS Made Simple ...)
- TODO: check
+ NOT-FOR-US: cmsmadesimple cms_made_simple
CVE-2010-3883 (Cross-site request forgery (CSRF) vulnerability in the Change Group ...)
- TODO: check
+ NOT-FOR-US: cmsmadesimple cms_made_simple
CVE-2010-3884 (Cross-site request forgery (CSRF) vulnerability in CMS Made Simple ...)
- TODO: check
+ NOT-FOR-US: cmsmadesimple cms_made_simple
CVE-2010-3885
REJECTED
TODO: check
CVE-2010-3886 (The CTimeoutEventList::InsertIntoTimeoutList function in Microsoft ...)
- TODO: check
+ NOT-FOR-US: microsoft ie
CVE-2010-3887 (The Limit Mail feature in the Parental Controls functionality in Mail ...)
- TODO: check
+ NOT-FOR-US: apple mail
CVE-2010-3888 (Unspecified vulnerability in Microsoft Windows on 32-bit platforms ...)
- TODO: check
+ NOT-FOR-US: microsoft windows
CVE-2010-3889 (Unspecified vulnerability in Microsoft Windows on 32-bit platforms ...)
- TODO: check
+ NOT-FOR-US: microsoft windows
CVE-2010-3890 (Cross-site scripting (XSS) vulnerability in IBM OmniFind Enterprise ...)
- TODO: check
+ NOT-FOR-US: ibm omnifind
CVE-2010-3891 (Cross-site request forgery (CSRF) vulnerability in ESAdmin/security.do ...)
- TODO: check
+ NOT-FOR-US: ibm omnifind
CVE-2010-3892 (Session fixation vulnerability in the login form in the administrator ...)
- TODO: check
+ NOT-FOR-US: ibm omnifind
CVE-2010-3893 (The administrator interface in IBM OmniFind Enterprise Edition 8.x and ...)
- TODO: check
+ NOT-FOR-US: ibm omnifind
CVE-2010-3894 (Stack-based buffer overflow in the ...)
- TODO: check
+ NOT-FOR-US: ibm omnifind
CVE-2010-3895 (esRunCommand in IBM OmniFind Enterprise Edition before 9.1 allows ...)
- TODO: check
+ NOT-FOR-US: ibm omnifind
CVE-2010-3896 (The ESSearchApplication directory tree in IBM OmniFind Enterprise ...)
- TODO: check
+ NOT-FOR-US: ibm omnifind
CVE-2010-3897 (ESSearchApplication/palette.do in IBM OmniFind Enterprise Edition 8.x ...)
- TODO: check
+ NOT-FOR-US: ibm omnifind
CVE-2010-3898 (IBM OmniFind Enterprise Edition 8.x and 9.x does not properly restrict ...)
- TODO: check
+ NOT-FOR-US: ibm omnifind
CVE-2010-3899 (IBM OmniFind Enterprise Edition 8.x and 9.x performs web crawls with ...)
- TODO: check
+ NOT-FOR-US: ibm omnifind
CVE-2010-3900 (Midori before 0.2.5, when WebKitGTK+ before 1.1.14 or LibSoup before ...)
TODO: check
CVE-2010-3901 (OpenConnect before 2.25 does not properly validate X.509 certificates, ...)
- TODO: check
+ NOT-FOR-US: infradead openconnect
CVE-2010-3902 (OpenConnect before 2.26 places the webvpn cookie value in the ...)
- TODO: check
+ NOT-FOR-US: infradead openconnect
CVE-2010-3903 (Unspecified vulnerability in OpenConnect before 2.23 allows remote ...)
- TODO: check
+ NOT-FOR-US: infradead openconnect
CVE-2010-3904 (The rds_page_copy_user function in net/rds/page.c in the Reliable ...)
TODO: check
CVE-2010-3905
@@ -93571,33 +93571,33 @@ CVE-2010-3907
CVE-2010-3908
RESERVED
CVE-2010-3909 (Incomplete blacklist vulnerability in config.template.php in vtiger ...)
- TODO: check
+ NOT-FOR-US: vtiger_crm
CVE-2010-3910 (Multiple directory traversal vulnerabilities in the ...)
- TODO: check
+ NOT-FOR-US: vtiger_crm
CVE-2010-3911 (Multiple cross-site scripting (XSS) vulnerabilities in vtiger CRM ...)
- TODO: check
+ NOT-FOR-US: vtiger_crm
CVE-2010-3912
RESERVED
CVE-2010-3913 (CRLF injection vulnerability in TransWARE Active! mail 6 build ...)
- TODO: check
+ NOT-FOR-US: transware active _mail
CVE-2010-3914 (Untrusted search path vulnerability in VIM Development Group GVim ...)
TODO: check
CVE-2010-3915 (Unspecified vulnerability in JustSystems Ichitaro and Ichitaro ...)
- TODO: check
+ NOT-FOR-US: justsystems ichitaro
CVE-2010-3916 (Unspecified vulnerability in JustSystems Ichitaro and Ichitaro ...)
- TODO: check
+ NOT-FOR-US: justsystems ichitaro
CVE-2010-3917
RESERVED
CVE-2010-3918 (Fenrir Sleipnir 2.9.6 and earlier does not prevent interaction between ...)
- TODO: check
+ NOT-FOR-US: Fenrir
CVE-2010-3919 (Fenrir Grani 4.5 and earlier does not prevent interaction between web ...)
- TODO: check
+ NOT-FOR-US: Fenrir
CVE-2010-3920 (The Seiko Epson printer driver installers for LP-S9000 before 4.1.11 ...)
- TODO: check
+ NOT-FOR-US: epson lp s9000_driver_4 1 11
CVE-2010-3921 (Cross-site scripting (XSS) vulnerability in Movable Type 4.x before ...)
- TODO: check
+ NOT-FOR-US: sixapart movabletype
CVE-2010-3922 (SQL injection vulnerability in Movable Type 4.x before 4.35 and 5.x ...)
- TODO: check
+ NOT-FOR-US: sixapart movabletype
CVE-2010-3923
RESERVED
CVE-2010-3924
@@ -93621,11 +93621,11 @@ CVE-2010-3932
CVE-2010-3933 (Ruby on Rails 2.3.9 and 3.0.0 does not properly handle nested ...)
TODO: check
CVE-2010-3934 (The browser in Research In Motion (RIM) BlackBerry Device Software ...)
- TODO: check
+ NOT-FOR-US: rim blackberry_device_software
CVE-2010-3935
RESERVED
CVE-2010-3936 (Cross-site scripting (XSS) vulnerability in Signurl.asp in Microsoft ...)
- TODO: check
+ NOT-FOR-US: microsoft forefront_unified_access_gateway
CVE-2010-3937
RESERVED
CVE-2010-3938
@@ -93677,7 +93677,7 @@ CVE-2010-3960
CVE-2010-3961
RESERVED
CVE-2010-3962 (Use-after-free vulnerability in Microsoft Internet Explorer 6, 7, and ...)
- TODO: check
+ NOT-FOR-US: microsoft ie
CVE-2010-3963
RESERVED
CVE-2010-3964
@@ -93707,9 +93707,9 @@ CVE-2010-3975 (Untrusted search path vulnerability in Adobe Flash Player 9 allow
CVE-2010-3976 (Untrusted search path vulnerability in Adobe Flash Player before ...)
TODO: check
CVE-2010-3977 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
- TODO: check
+ NOT-FOR-US: deliciousdays cforms
CVE-2010-3978 (Spree 0.11.x before 0.11.2 and 0.30.x before 0.30.0 exchanges data ...)
- TODO: check
+ NOT-FOR-US: spree
CVE-2010-3979 (Dswsbobje in SAP BusinessObjects Enterprise XI 3.2 generates different ...)
NOT-FOR-US: sap businessobjects
CVE-2010-3980 (Dswsbobje in SAP BusinessObjects Enterprise XI 3.2 does not limit the ...)
@@ -93723,25 +93723,25 @@ CVE-2010-3983 (CmcApp in SAP BusinessObjects Enterprise XI 3.2 allows remote ...
CVE-2010-3984
RESERVED
CVE-2010-3985 (Cross-site scripting (XSS) vulnerability in HP Operations ...)
- TODO: check
+ NOT-FOR-US: hp operations_orchestration
CVE-2010-3986 (Unspecified vulnerability in HP Virtual Connect Enterprise Manager ...)
- TODO: check
+ NOT-FOR-US: hp virtual_connect_enterprise_manager
CVE-2010-3987 (Cross-site scripting (XSS) vulnerability in HP Insight Control Virtual ...)
- TODO: check
+ NOT-FOR-US: hp insight_control_virtual_machine_management
CVE-2010-3988 (Unspecified vulnerability in HP Insight Control Virtual Machine ...)
- TODO: check
+ NOT-FOR-US: hp insight_control_virtual_machine_management
CVE-2010-3989 (Cross-site request forgery (CSRF) vulnerability in HP Insight Control ...)
- TODO: check
+ NOT-FOR-US: hp insight_control_virtual_machine_management
CVE-2010-3990 (Unspecified vulnerability in HP Virtual Server Environment before 6.2 ...)
- TODO: check
+ NOT-FOR-US: hp virtual_server_environment
CVE-2010-3991 (Cross-site scripting (XSS) vulnerability in HP Insight Control Server ...)
- TODO: check
+ NOT-FOR-US: hp insight_control_server_migration6 0 1
CVE-2010-3992 (Unspecified vulnerability in HP Insight Control Server Migration ...)
- TODO: check
+ NOT-FOR-US: hp insight_control_server_migration6 0 1
CVE-2010-3993 (Unspecified vulnerability in HP Insight Control Server Migration ...)
- TODO: check
+ NOT-FOR-US: hp insight_control_server_migration6 0 1
CVE-2010-3994 (Cross-site scripting (XSS) vulnerability in HP Version Control ...)
- TODO: check
+ NOT-FOR-US: hp version_control_repository_manager
CVE-2010-3995
RESERVED
CVE-2010-3996 (festival_server in Centre for Speech Technology Research (CSTR) ...)
@@ -93765,7 +93765,7 @@ CVE-2010-4004
CVE-2010-4005 (The (1) tomboy and (2) tomboy-panel scripts in GNOME Tomboy 1.5.2 and ...)
TODO: check
CVE-2010-4006 (Multiple SQL injection vulnerabilities in search.php in WSN Links ...)
- TODO: check
+ NOT-FOR-US: wsnlinks wsn_links
CVE-2010-4007 (Oracle Mojarra uses an encrypted View State without a Message ...)
NOT-FOR-US: oracle mojarra
CVE-2010-4008 (libxml2 before 2.7.8, as used in Google Chrome before 7.0.517.44, ...)
@@ -93773,9 +93773,9 @@ CVE-2010-4008 (libxml2 before 2.7.8, as used in Google Chrome before 7.0.517.44,
CVE-2010-4009 (Integer overflow in Apple QuickTime before 7.6.9 allows remote ...)
TODO: check
CVE-2010-4010 (Integer signedness error in Apple Type Services (ATS) in Apple Mac OS ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-4011 (Dovecot in Apple Mac OS X 10.6.5 10H574 does not properly manage ...)
- TODO: check
+ NOT-FOR-US: apple mac_os_x_server
CVE-2010-4012 (Race condition in Apple iOS 4.0 through 4.1 for iPhone 3G and later ...)
TODO: check
CVE-2010-4013
@@ -93799,25 +93799,25 @@ CVE-2010-4021 (The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.
CVE-2010-4022
RESERVED
CVE-2010-4023 (Cross-site scripting (XSS) vulnerability in HP Insight Control Power ...)
- TODO: check
+ NOT-FOR-US: hp insight_control_power_management
CVE-2010-4024 (Cross-site request forgery (CSRF) vulnerability in HP Insight Control ...)
- TODO: check
+ NOT-FOR-US: hp insight_control_power_management
CVE-2010-4025 (Unspecified vulnerability in Doc Viewer in HP Palm webOS 1.4.1 allows ...)
- TODO: check
+ NOT-FOR-US: hp palm_webos
CVE-2010-4026 (Unspecified vulnerability in the service API in HP Palm webOS 1.4.1 ...)
- TODO: check
+ NOT-FOR-US: hp palm_webos
CVE-2010-4027 (Unspecified vulnerability in the camera application in HP Palm webOS ...)
- TODO: check
+ NOT-FOR-US: hp palm_webos
CVE-2010-4028 (Unspecified vulnerability in LoadRunner Web Tours 9.10 in HP ...)
- TODO: check
+ NOT-FOR-US: hp loadrunner_web_tours
CVE-2010-4029 (Unspecified vulnerability in HP Storage Essentials before 6.3.0, when ...)
- TODO: check
+ NOT-FOR-US: hp storage_essentials
CVE-2010-4030 (Cross-site scripting (XSS) vulnerability in HP Insight Control ...)
- TODO: check
+ NOT-FOR-US: hp insight_control_performance_management
CVE-2010-4031 (Unspecified vulnerability in HP Insight Control Performance Management ...)
- TODO: check
+ NOT-FOR-US: hp insight_control_performance_management
CVE-2010-4032 (Cross-site request forgery (CSRF) vulnerability in HP Insight Control ...)
- TODO: check
+ NOT-FOR-US: hp insight_control_performance_management
CVE-2010-4033 (Google Chrome before 7.0.517.41 does not properly implement the ...)
TODO: check
CVE-2010-4034 (Google Chrome before 7.0.517.41 does not properly handle forms, which ...)
@@ -93859,15 +93859,15 @@ CVE-2010-4051
CVE-2010-4052
RESERVED
CVE-2010-4053 (Stack-based buffer overflow in an unspecified logging function in ...)
- TODO: check
+ NOT-FOR-US: ibm informix_dynamic_server
CVE-2010-4054 (The gs_type2_interpret function in Ghostscript allows remote attackers ...)
TODO: check
CVE-2010-4055 (Stack consumption vulnerability in solid.exe in IBM solidDB 6.5.0.3 ...)
- TODO: check
+ NOT-FOR-US: ibm soliddb
CVE-2010-4056 (solid.exe in IBM solidDB 6.5.0.3 and earlier does not properly perform ...)
- TODO: check
+ NOT-FOR-US: ibm soliddb
CVE-2010-4057 (solid.exe in IBM solidDB 6.5.0.3 and earlier does not properly perform ...)
- TODO: check
+ NOT-FOR-US: ibm soliddb
CVE-2010-4058
RESERVED
CVE-2010-4059
@@ -93889,11 +93889,11 @@ CVE-2010-4066
CVE-2010-4067
RESERVED
CVE-2010-4068 (Unspecified vulnerability in the Extension Manager in TYPO3 4.2.x ...)
- TODO: check
+ NOT-FOR-US: typo3
CVE-2010-4069 (Stack-based buffer overflow in IBM Informix Dynamic Server (IDS) 7.x ...)
- TODO: check
+ NOT-FOR-US: ibm informix_dynamic_server
CVE-2010-4070 (Integer overflow in librpc.dll in portmap.exe (aka the ISM Portmapper ...)
- TODO: check
+ NOT-FOR-US: ibm informix_dynamic_server
CVE-2010-4071
RESERVED
CVE-2010-4072 (The copy_shmid_to_user function in ipc/shm.c in the Linux kernel ...)
@@ -93921,57 +93921,57 @@ CVE-2010-4082 (The viafb_ioctl_get_viafb_info function in drivers/video/via/ioct
CVE-2010-4083 (The copy_semid_to_user function in ipc/sem.c in the Linux kernel ...)
TODO: check
CVE-2010-4084 (dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows ...)
- TODO: check
+ NOT-FOR-US: adobe shockwave_player
CVE-2010-4085 (dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows ...)
- TODO: check
+ NOT-FOR-US: adobe shockwave_player
CVE-2010-4086 (dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows ...)
- TODO: check
+ NOT-FOR-US: adobe shockwave_player
CVE-2010-4087 (IML32.dll in Adobe Shockwave Player before 11.5.9.615 allows attackers ...)
- TODO: check
+ NOT-FOR-US: adobe shockwave_player
CVE-2010-4088 (dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows ...)
- TODO: check
+ NOT-FOR-US: adobe shockwave_player
CVE-2010-4089 (IML32.dll in Adobe Shockwave Player before 11.5.9.615 allows attackers ...)
- TODO: check
+ NOT-FOR-US: adobe shockwave_player
CVE-2010-4090 (Adobe Shockwave Player before 11.5.9.615 allows attackers to execute ...)
- TODO: check
+ NOT-FOR-US: adobe shockwave_player
CVE-2010-4091 (The EScript.api plugin in Adobe Acrobat Reader 9.4.0, 8.1.7, and ...)
TODO: check
CVE-2010-4092 (Use-after-free vulnerability in an unspecified compatibility component ...)
- TODO: check
+ NOT-FOR-US: adobe shockwave_player
CVE-2010-4093
RESERVED
CVE-2010-4094 (The Tomcat server in IBM Rational Quality Manager and Rational Test ...)
- TODO: check
+ NOT-FOR-US: ibm rational_test_lab_manager
CVE-2010-4095 (Directory traversal vulnerability in the FTP client in Serengeti ...)
TODO: check
CVE-2010-4096 (share/ma/keys_for_user in Monkeysphere 0.31 and 0.32 allows local ...)
- TODO: check
+ NOT-FOR-US: monkeysphere_project monkeysphere
CVE-2010-4097 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
- TODO: check
+ NOT-FOR-US: avatic aardvark_topsites_php
CVE-2010-4098 (monotone before 0.48.1, when configured to allow remote commands, ...)
TODO: check
CVE-2010-4099 (ess.pm in NitroSecurity NitroView ESM 8.4.0a, when ESSPMDebug is ...)
- TODO: check
+ NOT-FOR-US: nitrosecurity nitroview_esm_software
CVE-2010-4100 (Unspecified vulnerability in HP Insight Control Performance Management ...)
- TODO: check
+ NOT-FOR-US: hp insight_control_performance_management
CVE-2010-4101 (Cross-site scripting (XSS) vulnerability in HP Insight Recovery before ...)
- TODO: check
+ NOT-FOR-US: hp insight_recovery
CVE-2010-4102 (Unspecified vulnerability in HP Insight Recovery before 6.2 allows ...)
- TODO: check
+ NOT-FOR-US: hp insight_recovery
CVE-2010-4103 (Unspecified vulnerability in HP Insight Managed System Setup Wizard ...)
- TODO: check
+ NOT-FOR-US: hp insight_managed_system_setup_wizard
CVE-2010-4104 (Unspecified vulnerability in HP Insight Orchestration before 6.2 ...)
- TODO: check
+ NOT-FOR-US: hp insight_orchestration
CVE-2010-4105 (Unspecified vulnerability in HP Insight Orchestration before 6.2 ...)
- TODO: check
+ NOT-FOR-US: hp insight_orchestration
CVE-2010-4106 (Cross-site request forgery (CSRF) vulnerability in HP Insight Control ...)
- TODO: check
+ NOT-FOR-US: hp insight_control_for_linux
CVE-2010-4107 (The default configuration of the PJL Access value in the File System ...)
- TODO: check
+ NOT-FOR-US: hp laserjet_mfp
CVE-2010-4108 (HP HP-UX B.11.11, B.11.23, and B.11.31 does not properly support ...)
- TODO: check
+ NOT-FOR-US: hp ux
CVE-2010-4109 (Cross-site scripting (XSS) vulnerability in the Contacts Application ...)
- TODO: check
+ NOT-FOR-US: hp palm_webos
CVE-2010-4110
RESERVED
CVE-2010-4111
@@ -93993,9 +93993,9 @@ CVE-2010-4118
CVE-2010-4119
RESERVED
CVE-2010-4120 (Multiple cross-site scripting (XSS) vulnerabilities in the TAM console ...)
- TODO: check
+ NOT-FOR-US: ibm tivoli_access_manager_for_e business
CVE-2010-4121 (** DISPUTED ** The TCP-to-ODBC gateway in IBM Tivoli Provisioning ...)
- TODO: check
+ NOT-FOR-US: ibm tivoli_provisioning_manager_os_deployment
CVE-2010-4122
RESERVED
CVE-2010-4123
@@ -94037,35 +94037,35 @@ CVE-2010-4140
CVE-2010-4141
RESERVED
CVE-2010-4142 (Multiple stack-based buffer overflows in DATAC RealWin 2.0 Build ...)
- TODO: check
+ NOT-FOR-US: realflex realwin
CVE-2010-4143 (SQL injection vulnerability in chart.php in phpCheckZ 1.1.0, when ...)
- TODO: check
+ NOT-FOR-US: phpcheckz
CVE-2010-4144 (SQL injection vulnerability in radyo.asp in Kisisel Radyo Script ...)
- TODO: check
+ NOT-FOR-US: aspindir kisisel_radyo_script
CVE-2010-4145 (Kisisel Radyo Script stores sensitive information under the web root ...)
- TODO: check
+ NOT-FOR-US: aspindir kisisel_radyo_script
CVE-2010-4146 (Cross-site scripting (XSS) vulnerability in Attachmate Reflection for ...)
- TODO: check
+ NOT-FOR-US: attachmate reflection_for_the_web
CVE-2010-4147 (Multiple SQL injection vulnerabilities in Pentasoft Avactis Shopping ...)
- TODO: check
+ NOT-FOR-US: avactis_shopping_cart
CVE-2010-4148 (Directory traversal vulnerability in AnyConnect 1.2.3.0, and possibly ...)
- TODO: check
+ NOT-FOR-US: anyconnect
CVE-2010-4149 (Directory traversal vulnerability in FreshWebMaster Fresh FTP 5.36, ...)
- TODO: check
+ NOT-FOR-US: freshwebmaster fresh_ftp
CVE-2010-4150 (Double free vulnerability in the imap_do_open function in the IMAP ...)
TODO: check
CVE-2010-4151 (SQL injection vulnerability in misc.php in DeluxeBB 1.3, and possibly ...)
- TODO: check
+ NOT-FOR-US: deluxebb
CVE-2010-4152 (SQL injection vulnerability in catalog/index.shtml in 4site CMS 2.6, ...)
- TODO: check
+ NOT-FOR-US: 4site_cms
CVE-2010-4153 (Directory traversal vulnerability in CrossFTP Pro 1.65a, and probably ...)
- TODO: check
+ NOT-FOR-US: crossftp_pro
CVE-2010-4154 (Directory traversal vulnerability in Rhino Software, Inc. FTP Voyager ...)
- TODO: check
+ NOT-FOR-US: rhinosoft ftp_voyager
CVE-2010-4155 (Multiple cross-site scripting (XSS) vulnerabilities in eXV2 CMS 2.10 ...)
- TODO: check
+ NOT-FOR-US: exv2
CVE-2010-4156 (The mb_strcut function in Libmbfl 1.1.0, as used in PHP 5.3.x through ...)
- TODO: check
+ NOT-FOR-US: libmbfl
CVE-2010-4157 (Integer overflow in the ioc_general function in drivers/scsi/gdth.c in ...)
TODO: check
CVE-2010-4158
@@ -94099,7 +94099,7 @@ CVE-2010-4171 (The staprun runtime tool in SystemTap 1.3 does not verify that a
CVE-2010-4172 (Multiple cross-site scripting (XSS) vulnerabilities in the Manager ...)
TODO: check
CVE-2010-4173 (The default configuration of libsdp.conf in libsdp 1.1.104 and earlier ...)
- TODO: check
+ NOT-FOR-US: openfabrics libsdp
CVE-2010-4174
RESERVED
CVE-2010-4175
@@ -94115,17 +94115,17 @@ CVE-2010-4179 (The installation documentation for Red Hat Enterprise Messaging,
CVE-2010-4180 (OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when ...)
TODO: check
CVE-2010-4181 (Directory traversal vulnerability in Yaws 1.89 allows remote attackers ...)
- TODO: check
+ NOT-FOR-US: yaws
CVE-2010-4182 (Untrusted search path vulnerability in the Data Access Objects (DAO) ...)
- TODO: check
+ NOT-FOR-US: microsoft windows_xp
CVE-2010-4183 (Multiple cross-site scripting (XSS) vulnerabilities in HTML Purifier ...)
TODO: check
CVE-2010-4184 (NetSupport Manager (NSM) before 11.00.0005 sends HTTP headers with ...)
- TODO: check
+ NOT-FOR-US: netsupportsoftware netsupport_manager
CVE-2010-4185 (SQL injection vulnerability in index.php in Energine, possibly 2.3.8 ...)
- TODO: check
+ NOT-FOR-US: energine
CVE-2010-4186 (SQL injection vulnerability in process.asp in OnlineTechTools Online ...)
- TODO: check
+ NOT-FOR-US: onlinetechtools com oasys_professional
CVE-2010-4187
RESERVED
CVE-2010-4188
@@ -94168,33 +94168,33 @@ CVE-2010-4205 (Google Chrome before 7.0.517.44 does not properly handle the data
CVE-2010-4206 (Google Chrome before 7.0.517.44 accesses memory at an out-of-bounds ...)
TODO: check
CVE-2010-4207 (Cross-site scripting (XSS) vulnerability in the Flash component ...)
- TODO: check
+ NOT-FOR-US: yahoo yui
CVE-2010-4208 (Cross-site scripting (XSS) vulnerability in the Flash component ...)
- TODO: check
+ NOT-FOR-US: yahoo yui
CVE-2010-4209 (Cross-site scripting (XSS) vulnerability in the Flash component ...)
- TODO: check
+ NOT-FOR-US: yahoo yui
CVE-2010-4210 (The pfs_getextattr function in FreeBSD 7.x before 7.3-RELEASE and 8.x ...)
TODO: check
CVE-2010-4211 (The PayPal app before 3.0.1 for iOS does not verify that the server ...)
- TODO: check
+ NOT-FOR-US: ebay paypal
CVE-2010-4212 (The USAA application 3.0 for Android stores a mirror image of each ...)
- TODO: check
+ NOT-FOR-US: usaa
CVE-2010-4213 (The Bank of America application 2.12 for Android stores a security ...)
- TODO: check
+ NOT-FOR-US: bankofamerica bank_of_america
CVE-2010-4214 (The Wells Fargo Mobile application 1.1 for Android stores a username ...)
- TODO: check
+ NOT-FOR-US: wellsfargo wells_fargo_mobile
CVE-2010-4215 (UI/Manage.pm in Foswiki 1.1.0 and 1.1.1 allows remote authenticated ...)
- TODO: check
+ NOT-FOR-US: foswiki
CVE-2010-4216 (IBM Tivoli Directory Server (TDS) 6.0.0.x before ...)
- TODO: check
+ NOT-FOR-US: ibm tivoli_directory_server
CVE-2010-4217 (Use-after-free vulnerability in the proxy server in IBM Tivoli ...)
- TODO: check
+ NOT-FOR-US: ibm tivoli_directory_server
CVE-2010-4218 (Unspecified vulnerability in Web Services in IBM ENOVIA 6 has unknown ...)
- TODO: check
+ NOT-FOR-US: ibm enovia
CVE-2010-4219 (Cross-site scripting (XSS) vulnerability in SemanticTagService.js in ...)
- TODO: check
+ NOT-FOR-US: ibm websphere_portal
CVE-2010-4220 (Cross-site scripting (XSS) vulnerability in the Integrated Solution ...)
- TODO: check
+ NOT-FOR-US: ibm websphere_application_server
CVE-2010-4221 (Multiple stack-based buffer overflows in the pr_netio_telnet_gets ...)
TODO: check
CVE-2010-4222
@@ -94214,19 +94214,19 @@ CVE-2010-4228
CVE-2010-4229
RESERVED
CVE-2010-4230 (Stack-based buffer overflow in a certain ActiveX control for the ...)
- TODO: check
+ NOT-FOR-US: tecvoz cmnc 200
CVE-2010-4231 (Directory traversal vulnerability in the web-based administration ...)
- TODO: check
+ NOT-FOR-US: tecvoz cmnc 200
CVE-2010-4232 (The web-based administration interface on the Camtron CMNC-200 Full HD ...)
- TODO: check
+ NOT-FOR-US: tecvoz cmnc 200
CVE-2010-4233 (The Linux installation on the Camtron CMNC-200 Full HD IP Camera and ...)
- TODO: check
+ NOT-FOR-US: tecvoz cmnc 200
CVE-2010-4234 (The web server on the Camtron CMNC-200 Full HD IP Camera and TecVoz ...)
- TODO: check
+ NOT-FOR-US: tecvoz cmnc 200
CVE-2010-4235
RESERVED
CVE-2010-4236 (Untrusted search path vulnerability in estaskwrapper in IBM OmniFind ...)
- TODO: check
+ NOT-FOR-US: ibm omnifind
CVE-2010-4237
RESERVED
CVE-2010-4238
@@ -94246,7 +94246,7 @@ CVE-2010-4244
CVE-2010-4245
RESERVED
CVE-2010-4246 (Multiple cross-site scripting (XSS) vulnerabilities in graph.php in ...)
- TODO: check
+ NOT-FOR-US: bsdperimeter pfsense
CVE-2010-4247
RESERVED
CVE-2010-4248 (Race condition in the __exit_signal function in kernel/exit.c in the ...)
@@ -94290,19 +94290,19 @@ CVE-2010-4266
CVE-2010-4267
RESERVED
CVE-2010-4268 (SQL injection vulnerability in the Pulse Infotech Flip Wall ...)
- TODO: check
+ NOT-FOR-US: pulseinfotech com_flipwall
CVE-2010-4269 (SQL injection vulnerability in managechat.php in Collabtive 0.65 ...)
- TODO: check
+ NOT-FOR-US: o dyn collabtive
CVE-2010-4270 (Directory traversal vulnerability in the nBill (com_netinvoice) ...)
- TODO: check
+ NOT-FOR-US: netshinesoftware com_netinvoice
CVE-2010-4271 (SQL injection vulnerability in ImpressCMS before 1.2.3 RC2 allows ...)
- TODO: check
+ NOT-FOR-US: impresscms
CVE-2010-4272 (SQL injection vulnerability in the Pulse Infotech Sponsor Wall ...)
- TODO: check
+ NOT-FOR-US: pulseinfotech com_sponsorwall
CVE-2010-4273 (SQL injection vulnerability in imoveis.php in DescargarVista ACC ...)
- TODO: check
+ NOT-FOR-US: accimoveis descargarvista_acc_imoveis
CVE-2010-4274 (reset_diragent_keys in the Common agent in IBM Systems Director 6.2.0 ...)
- TODO: check
+ NOT-FOR-US: ibm director_agent
CVE-2010-4275
RESERVED
CVE-2010-4276
@@ -94310,17 +94310,17 @@ CVE-2010-4276
CVE-2010-4277
RESERVED
CVE-2010-4278 (operation/agentes/networkmap.php in Pandora FMS before 3.1.1 allows ...)
- TODO: check
+ NOT-FOR-US: pandora
CVE-2010-4279 (The default configuration of Pandora FMS 3.1 and earlier specifies an ...)
- TODO: check
+ NOT-FOR-US: artica pandora_fms
CVE-2010-4280 (Multiple SQL injection vulnerabilities in Pandora FMS before 3.1.1 ...)
- TODO: check
+ NOT-FOR-US: artica pandora_fms
CVE-2010-4281 (Incomplete blacklist vulnerability in the safe_url_extraclean function ...)
- TODO: check
+ NOT-FOR-US: artica pandora_fms
CVE-2010-4282 (Multiple directory traversal vulnerabilities in Pandora FMS before ...)
- TODO: check
+ NOT-FOR-US: artica pandora_fms
CVE-2010-4283 (PHP remote file inclusion vulnerability in extras/pandora_diag.php in ...)
- TODO: check
+ NOT-FOR-US: artica pandora_fms
CVE-2010-4284
RESERVED
CVE-2010-4285
@@ -94350,21 +94350,21 @@ CVE-2010-4296 (vmware-mount in VMware Workstation 7.x before 7.1.2 build 301548
CVE-2010-4297 (The VMware Tools update functionality in VMware Workstation 6.5.x ...)
TODO: check
CVE-2010-4298 (SQL injection vulnerability in the download module in Free Simple ...)
- TODO: check
+ NOT-FOR-US: dustincowell free_simple_software
CVE-2010-4299 (Heap-based buffer overflow in ZfHIPCND.exe in Novell Zenworks 7 ...)
- TODO: check
+ NOT-FOR-US: novell zenworks_handheld_management
CVE-2010-4300 (Heap-based buffer overflow in the dissect_ldss_transfer function ...)
TODO: check
CVE-2010-4301 (epan/dissectors/packet-zbee-zcl.c in the ZigBee ZCL dissector in ...)
TODO: check
CVE-2010-4302 (/opt/rv/Versions/CurrentVersion/Mcu/Config/Mcu.val in Cisco Unified ...)
- TODO: check
+ NOT-FOR-US: cisco unified_videoconferencing_system_5115
CVE-2010-4303 (Cisco Unified Videoconferencing (UVC) System 5110 and 5115, when the ...)
- TODO: check
+ NOT-FOR-US: cisco unified_videoconferencing_system_5115
CVE-2010-4304 (The web interface in Cisco Unified Videoconferencing (UVC) System ...)
- TODO: check
+ NOT-FOR-US: cisco unified_videoconferencing_system_5230
CVE-2010-4305 (Cisco Unified Videoconferencing (UVC) System 3545, 5110, 5115, and ...)
- TODO: check
+ NOT-FOR-US: cisco unified_videoconferencing_system_5230
CVE-2010-4306
RESERVED
CVE-2010-4307
@@ -94376,11 +94376,11 @@ CVE-2010-4309
CVE-2010-4310
RESERVED
CVE-2010-4311 (Free Simple Software 1.0 stores passwords in cleartext, which allows ...)
- TODO: check
+ NOT-FOR-US: dustincowell free_simple_software
CVE-2010-4312 (The default configuration of Apache Tomcat 6.x does not include the ...)
TODO: check
CVE-2010-4313 (Unrestricted file upload vulnerability in fileman_file_upload.php in ...)
- TODO: check
+ NOT-FOR-US: novo ws orbis_cms
CVE-2010-4314
RESERVED
CVE-2010-4315
@@ -94414,7 +94414,7 @@ CVE-2010-4328
CVE-2010-4329 (Cross-site scripting (XSS) vulnerability in the PMA_linkOrButton ...)
TODO: check
CVE-2010-4330 (Directory traversal vulnerability in includes/controller.php in Pulse ...)
- TODO: check
+ NOT-FOR-US: pulsecms pulse_cms
CVE-2010-4331
RESERVED
CVE-2010-4332
@@ -94462,31 +94462,31 @@ CVE-2010-4352
CVE-2010-4353
RESERVED
CVE-2010-4354 (The remote-access IPSec VPN implementation on Cisco Adaptive Security ...)
- TODO: check
+ NOT-FOR-US: cisco vpn_3080_concentrator
CVE-2010-4355 (Cross-site scripting (XSS) vulnerability in DaDaBIK before 4.3 beta2, ...)
- TODO: check
+ NOT-FOR-US: dadabik
CVE-2010-4356 (SQL injection vulnerability in news_default.asp in Site2Nite Big Truck ...)
- TODO: check
+ NOT-FOR-US: site2nite big_truck_broker
CVE-2010-4357 (SQL injection vulnerability in comments.php in SiteEngine 7.1 allows ...)
- TODO: check
+ NOT-FOR-US: boka siteengine
CVE-2010-4358 (Multiple cross-site scripting (XSS) vulnerabilities in gb.cgi in ...)
- TODO: check
+ NOT-FOR-US: mrcgiguy guestbook
CVE-2010-4359 (SQL injection vulnerability in index.php in Jurpopage 0.2.0 allows ...)
- TODO: check
+ NOT-FOR-US: jurpopage
CVE-2010-4360 (Multiple SQL injection vulnerabilities in index.php in Jurpopage 0.2.0 ...)
- TODO: check
+ NOT-FOR-US: jurpopage
CVE-2010-4361 (Cross-site scripting (XSS) vulnerability in url-gateway.php in ...)
- TODO: check
+ NOT-FOR-US: jurpopage
CVE-2010-4362 (Multiple SQL injection vulnerabilities in MicroNetsoft RV Dealer ...)
- TODO: check
+ NOT-FOR-US: micronetsoft rv_dealer_website
CVE-2010-4363 (Multiple SQL injection vulnerabilities in contact.php in MRCGIGUY ...)
- TODO: check
+ NOT-FOR-US: mrcgiguy freeticket
CVE-2010-4364 (DaDaBIK 4.3 beta3, when running in a case-sensitive environment, does ...)
- TODO: check
+ NOT-FOR-US: dadabik
CVE-2010-4365 (SQL injection vulnerability in JE Ajax Event Calendar ...)
- TODO: check
+ NOT-FOR-US: harmistechnology com_jeajaxeventcalendar
CVE-2010-4366 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
- TODO: check
+ NOT-FOR-US: abk soft chameleon_social_networking
CVE-2010-4367 (awstats.cgi in AWStats before 7.0 accepts a configdir parameter in the ...)
TODO: check
CVE-2010-4368 (awstats.cgi in AWStats before 7.0 on Windows accepts a configdir ...)
@@ -94494,15 +94494,15 @@ CVE-2010-4368 (awstats.cgi in AWStats before 7.0 on Windows accepts a configdir
CVE-2010-4369 (Directory traversal vulnerability in AWStats before 7.0 allows remote ...)
TODO: check
CVE-2010-4370 (Multiple integer overflows in the in_midi plugin in Winamp before 5.6 ...)
- TODO: check
+ NOT-FOR-US: nullsoft winamp
CVE-2010-4371 (Buffer overflow in the in_mod plugin in Winamp before 5.6 allows ...)
- TODO: check
+ NOT-FOR-US: nullsoft winamp
CVE-2010-4372 (Integer overflow in the in_nsv plugin in Winamp before 5.6 allows ...)
- TODO: check
+ NOT-FOR-US: nullsoft winamp
CVE-2010-4373 (The in_mp4 plugin in Winamp before 5.6 allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: nullsoft winamp
CVE-2010-4374 (The in_mkv plugin in Winamp before 5.6 allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: nullsoft winamp
CVE-2010-4375
RESERVED
CVE-2010-4376
@@ -94550,27 +94550,27 @@ CVE-2010-4396
CVE-2010-4397
RESERVED
CVE-2010-4398 (Stack-based buffer overflow in the RtlQueryRegistryValues function in ...)
- TODO: check
+ NOT-FOR-US: microsoft windows_xp
CVE-2010-4399 (Directory traversal vulnerability in languages.inc.php in DynPG CMS ...)
- TODO: check
+ NOT-FOR-US: dynpg_cms
CVE-2010-4400 (SQL injection vulnerability in _rights.php in DynPG CMS 4.2.0 allows ...)
- TODO: check
+ NOT-FOR-US: dynpg_cms
CVE-2010-4401 (languages.inc.php in DynPG CMS 4.2.0 allows remote attackers to obtain ...)
- TODO: check
+ NOT-FOR-US: dynpg_cms
CVE-2010-4402 (Multiple cross-site scripting (XSS) vulnerabilities in wp-login.php in ...)
- TODO: check
+ NOT-FOR-US: wordpress register_plus_plugin
CVE-2010-4403 (The Register Plus plugin 3.5.1 and earlier for WordPress allows remote ...)
- TODO: check
+ NOT-FOR-US: wordpress register_plus_plugin
CVE-2010-4404 (SQL injection vulnerability in the Yannick Gaultier sh404SEF component ...)
- TODO: check
+ NOT-FOR-US: anything digital sh404sef
CVE-2010-4405 (Cross-site scripting (XSS) vulnerability in the Yannick Gaultier ...)
- TODO: check
+ NOT-FOR-US: anything digital sh404sef
CVE-2010-4406 (Directory traversal vulnerability in gallery.php in Brunetton ...)
- TODO: check
+ NOT-FOR-US: brunetton littlephpgallery
CVE-2010-4407 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
- TODO: check
+ NOT-FOR-US: alguest
CVE-2010-4408 (Apache Archiva 1.0 through 1.0.3, 1.1 through 1.1.4, 1.2 through ...)
- TODO: check
+ NOT-FOR-US: apache archiva
CVE-2010-4409 (Integer overflow in the NumberFormatter::getSymbol (aka ...)
TODO: check
CVE-2010-4410 (CRLF injection vulnerability in the header function in (1) CGI.pm ...)
@@ -94578,7 +94578,7 @@ CVE-2010-4410 (CRLF injection vulnerability in the header function in (1) CGI.pm
CVE-2010-4411 (Unspecified vulnerability in CGI.pm 3.50 and earlier allows remote ...)
TODO: check
CVE-2010-4412 (Multiple cross-site scripting (XSS) vulnerabilities in pfSense 2 beta ...)
- TODO: check
+ NOT-FOR-US: bsdperimeter pfsense
CVE-2010-4413
RESERVED
CVE-2010-4414
@@ -94754,17 +94754,17 @@ CVE-2010-4498
CVE-2010-4499
RESERVED
CVE-2010-4500 (Multiple SQL injection vulnerabilities in contact.php in MRCGIGUY ...)
- TODO: check
+ NOT-FOR-US: mrcgiguy freeticket
CVE-2010-4501 (IO::Socket::SSL Perl module 1.35, when verify_mode is not VERIFY_NONE, ...)
TODO: check
CVE-2010-4502 (Integer overflow in KmxSbx.sys 6.2.0.22 in CA Internet Security Suite ...)
- TODO: check
+ NOT-FOR-US: ca internet_security_suite_plus_2010
CVE-2010-4503 (SQL injection vulnerability in indexlight.php in Aigaion 1.3.4 allows ...)
- TODO: check
+ NOT-FOR-US: aigaion
CVE-2010-4504 (Multiple cross-site scripting (XSS) vulnerabilities in eSyndiCat ...)
- TODO: check
+ NOT-FOR-US: intelliants esyndicat
CVE-2010-4505 (Multiple SQL injection vulnerabilities in login.php in Injader 2.4.4, ...)
- TODO: check
+ NOT-FOR-US: injader
CVE-2010-4506
RESERVED
CVE-2010-4507
@@ -94772,26 +94772,26 @@ CVE-2010-4507
CVE-2010-4508 (The WebSockets implementation in Mozilla Firefox 4 through 4.0 Beta 7 ...)
TODO: check
CVE-2010-4509 (Multiple unspecified vulnerabilities in Movable Type 4.x before 4.35 ...)
- TODO: check
+ NOT-FOR-US: sixapart movabletype
CVE-2010-4510
REJECTED
TODO: check
CVE-2010-4511 (Unspecified vulnerability in Movable Type 4.x before 4.35 and 5.x ...)
- TODO: check
+ NOT-FOR-US: sixapart movabletype
CVE-2010-4512 (Cobbler before 2.0.4 uses an incorrect umask value, which allows local ...)
- TODO: check
+ NOT-FOR-US: michael_dehaan cobbler
CVE-2010-4513 (Multiple cross-site scripting (XSS) vulnerabilities in Zimplit CMS ...)
- TODO: check
+ NOT-FOR-US: zimplit_cms
CVE-2010-4514 (Cross-site scripting (XSS) vulnerability in Install/InstallWizard.aspx ...)
- TODO: check
+ NOT-FOR-US: dotnetnuke
CVE-2010-4515 (Cross-site scripting (XSS) vulnerability in Citrix Web Interface 5.0, ...)
- TODO: check
+ NOT-FOR-US: citrix web_interface
CVE-2010-4516 (Multiple cross-site scripting (XSS) vulnerabilities in the JXtended ...)
- TODO: check
+ NOT-FOR-US: jxtended_comments
CVE-2010-4517 (SQL injection vulnerability in the JExtensions JE Auto (com_jeauto) ...)
- TODO: check
+ NOT-FOR-US: harmistechnology com_jeauto
CVE-2010-4518 (Cross-site scripting (XSS) vulnerability in ...)
- TODO: check
+ NOT-FOR-US: wobeo wp safe search
CVE-2010-4519
RESERVED
CVE-2010-4520
^ permalink raw reply related [flat|nested] 20+ messages in thread
* [gentoo-commits] proj/security:master commit in: data/CVE/
@ 2014-08-04 23:45 Pavlos Ratis
0 siblings, 0 replies; 20+ messages in thread
From: Pavlos Ratis @ 2014-08-04 23:45 UTC (permalink / raw
To: gentoo-commits
commit: 2696dac8d04765df3790f3d73ac9560c51935f4f
Author: cvebot <cvebot <AT> localhost>
AuthorDate: Tue Nov 23 17:15:25 2010 +0000
Commit: Pavlos Ratis <dastergon <AT> gentoo <DOT> org>
CommitDate: Tue Nov 23 17:15:25 2010 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/security.git;a=commit;h=2696dac8
MITRE sync
svn path=/; revision=2215
---
data/CVE/list | 18 +++++++++++++++++-
1 file changed, 17 insertions(+), 1 deletion(-)
diff --git a/data/CVE/list b/data/CVE/list
index af5f076..93d1ee7 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -85680,6 +85680,8 @@ CVE-2009-5016 (Integer overflow in the xml_utf8_decode function in ext/xml/xml.c
TODO: check
CVE-2009-5017 (Mozilla Firefox before 3.6 Beta 3 does not properly handle overlong ...)
TODO: check
+CVE-2009-5018
+ RESERVED
CVE-2010-0001 (Integer underflow in the unlzw function in unlzw.c in gzip before 1.4 ...)
BUG: 300943
CVE-2010-0002 (The /etc/profile.d/60alias.sh script in the Mandriva bash package for ...)
@@ -94315,11 +94317,25 @@ CVE-2010-4298
RESERVED
CVE-2010-4299 (Heap-based buffer overflow in ZfHIPCND.exe in Novell Zenworks 7 ...)
TODO: check
+CVE-2010-4300
+ RESERVED
+CVE-2010-4301
+ RESERVED
CVE-2010-4302 (/opt/rv/Versions/CurrentVersion/Mcu/Config/Mcu.val in Cisco Unified ...)
TODO: check
CVE-2010-4303 (Cisco Unified Videoconferencing (UVC) System 5110 and 5115, when the ...)
TODO: check
-CVE-2010-4304 (The web interface in Cisco Unified Videoconferencing (UVC) System 3545, ...)
+CVE-2010-4304 (The web interface in Cisco Unified Videoconferencing (UVC) System ...)
TODO: check
CVE-2010-4305 (Cisco Unified Videoconferencing (UVC) System 3545, 5110, 5115, and ...)
TODO: check
+CVE-2010-4306
+ RESERVED
+CVE-2010-4307
+ RESERVED
+CVE-2010-4308
+ RESERVED
+CVE-2010-4309
+ RESERVED
+CVE-2010-4310
+ RESERVED
^ permalink raw reply related [flat|nested] 20+ messages in thread
* [gentoo-commits] proj/security:master commit in: data/CVE/
@ 2014-08-04 23:45 Pavlos Ratis
0 siblings, 0 replies; 20+ messages in thread
From: Pavlos Ratis @ 2014-08-04 23:45 UTC (permalink / raw
To: gentoo-commits
commit: 50da2d5d92421331d5687705d1c0dde7727ea73b
Author: cvebot <cvebot <AT> localhost>
AuthorDate: Mon Nov 22 23:15:29 2010 +0000
Commit: Pavlos Ratis <dastergon <AT> gentoo <DOT> org>
CommitDate: Mon Nov 22 23:15:29 2010 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/security.git;a=commit;h=50da2d5d
MITRE sync
svn path=/; revision=2214
---
data/CVE/list | 24 ++++++++++++++++--------
1 file changed, 16 insertions(+), 8 deletions(-)
diff --git a/data/CVE/list b/data/CVE/list
index 71df11c..af5f076 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -91783,10 +91783,10 @@ CVE-2010-3035 (Cisco IOS XR 3.4.0 through 3.9.1, when BGP is enabled, does not .
NOT-FOR-US: cisco ios_xr
CVE-2010-3036 (Multiple buffer overflows in the authentication functionality in the ...)
TODO: check
-CVE-2010-3037
- RESERVED
-CVE-2010-3038
- RESERVED
+CVE-2010-3037 (goform/websXMLAdminRequestCgi.cgi in Cisco Unified Videoconferencing ...)
+ TODO: check
+CVE-2010-3038 (Cisco Unified Videoconferencing (UVC) System 5110 and 5115, when the ...)
+ TODO: check
CVE-2010-3039 (/usr/local/cm/bin/pktCap_protectData in Cisco Unified Communications ...)
TODO: check
CVE-2010-3040 (Multiple stack-based buffer overflows in agent.exe in Setup Manager in ...)
@@ -94048,8 +94048,8 @@ CVE-2010-4165 (The do_tcp_setsockopt function in net/ipv4/tcp.c in the Linux ker
TODO: check
CVE-2010-4166
RESERVED
-CVE-2010-4167
- RESERVED
+CVE-2010-4167 (Untrusted search path vulnerability in configure.c in ImageMagick ...)
+ TODO: check
CVE-2010-4168 (Multiple use-after-free vulnerabilities in OpenTTD 1.0.x before 1.0.5 ...)
TODO: check
CVE-2010-4169 (Use-after-free vulnerability in mm/mprotect.c in the Linux kernel ...)
@@ -94060,8 +94060,8 @@ CVE-2010-4171
RESERVED
CVE-2010-4172
RESERVED
-CVE-2010-4173
- RESERVED
+CVE-2010-4173 (The default configuration of libsdp.conf in libsdp 1.1.104 and earlier ...)
+ TODO: check
CVE-2010-4174
RESERVED
CVE-2010-4175
@@ -94315,3 +94315,11 @@ CVE-2010-4298
RESERVED
CVE-2010-4299 (Heap-based buffer overflow in ZfHIPCND.exe in Novell Zenworks 7 ...)
TODO: check
+CVE-2010-4302 (/opt/rv/Versions/CurrentVersion/Mcu/Config/Mcu.val in Cisco Unified ...)
+ TODO: check
+CVE-2010-4303 (Cisco Unified Videoconferencing (UVC) System 5110 and 5115, when the ...)
+ TODO: check
+CVE-2010-4304 (The web interface in Cisco Unified Videoconferencing (UVC) System 3545, ...)
+ TODO: check
+CVE-2010-4305 (Cisco Unified Videoconferencing (UVC) System 3545, 5110, 5115, and ...)
+ TODO: check
^ permalink raw reply related [flat|nested] 20+ messages in thread
* [gentoo-commits] proj/security:master commit in: data/CVE/
@ 2014-08-04 23:45 Pavlos Ratis
0 siblings, 0 replies; 20+ messages in thread
From: Pavlos Ratis @ 2014-08-04 23:45 UTC (permalink / raw
To: gentoo-commits
commit: 94f8321f2a15b37582922bc6695b4086f716cabc
Author: cvebot <cvebot <AT> localhost>
AuthorDate: Mon Nov 22 17:16:47 2010 +0000
Commit: Pavlos Ratis <dastergon <AT> gentoo <DOT> org>
CommitDate: Mon Nov 22 17:16:47 2010 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/security.git;a=commit;h=94f8321f
MITRE sync
svn path=/; revision=2213
---
data/CVE/list | 122 ++++++++++++++++++++++++++++++++--------------------------
1 file changed, 68 insertions(+), 54 deletions(-)
diff --git a/data/CVE/list b/data/CVE/list
index 66b376f..71df11c 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -75586,6 +75586,8 @@ CVE-2008-7264 (The ftp_QUIT function in ftpserver.py in pyftpdlib before 0.5.0 a
NOT-FOR-US: g rodola pyftpdlib
CVE-2008-7265 (The pr_data_xfer function in ProFTPD before 1.3.2rc3 allows remote ...)
TODO: check
+CVE-2008-7266
+ RESERVED
CVE-2009-0001 (Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote ...)
NOT-FOR-US: apple quicktime
CVE-2009-0002 (Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote ...)
@@ -89345,7 +89347,7 @@ CVE-2010-1820 (Apple Filing Protocol (AFP) Server in Apple Mac OS X 10.6.x throu
NOT-FOR-US: apple mac_os_x_server
CVE-2010-1821
RESERVED
-CVE-2010-1822 (WebKit, as used in Google Chrome before 6.0.472.62, does not properly ...)
+CVE-2010-1822 (WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3 ...)
TODO: check
CVE-2010-1823 (Use-after-free vulnerability in WebKit before r65958, as used in ...)
TODO: check
@@ -91939,7 +91941,7 @@ CVE-2010-3114 (The text-editing implementation in Google Chrome before 5.0.375.1
TODO: check
CVE-2010-3115 (Google Chrome before 5.0.375.127 does not properly implement the ...)
TODO: check
-CVE-2010-3116 (Google Chrome before 5.0.375.127 does not properly process MIME types, ...)
+CVE-2010-3116 (Multiple use-after-free vulnerabilities in WebKit, as used in Apple ...)
TODO: check
CVE-2010-3117 (Google Chrome before 5.0.375.127 does not properly implement the ...)
TODO: check
@@ -92221,11 +92223,11 @@ CVE-2010-3255 (Google Chrome before 6.0.472.53 does not properly handle counter
TODO: check
CVE-2010-3256 (Google Chrome before 6.0.472.53 does not properly limit the number of ...)
TODO: check
-CVE-2010-3257 (Google Chrome before 6.0.472.53 does not properly perform focus ...)
+CVE-2010-3257 (Use-after-free vulnerability in WebKit, as used in Apple Safari before ...)
TODO: check
CVE-2010-3258 (The sandbox implementation in Google Chrome before 6.0.472.53 does not ...)
TODO: check
-CVE-2010-3259 (Google Chrome before 6.0.472.53 does not properly restrict read access ...)
+CVE-2010-3259 (WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3 ...)
TODO: check
CVE-2010-3260
RESERVED
@@ -92575,8 +92577,8 @@ CVE-2010-3430
RESERVED
CVE-2010-3431
RESERVED
-CVE-2010-3432
- RESERVED
+CVE-2010-3432 (The sctp_packet_config function in net/sctp/output.c in the Linux ...)
+ TODO: check
CVE-2010-3433 (The PL/perl and PL/Tcl implementations in PostgreSQL 7.4 before ...)
TODO: check
CVE-2010-3434 (Buffer overflow in the find_stream_bounds function in pdf.c in ...)
@@ -92947,8 +92949,8 @@ CVE-2010-3616
RESERVED
CVE-2010-3617
RESERVED
-CVE-2010-3618
- RESERVED
+CVE-2010-3618 (PGP Desktop 10.0.x before 10.0.3 SP2 and 10.1.0 before 10.1.0 SP1 does ...)
+ TODO: check
CVE-2010-3619 (Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on ...)
TODO: check
CVE-2010-3620 (Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, ...)
@@ -93317,54 +93319,54 @@ CVE-2010-3801
RESERVED
CVE-2010-3802
RESERVED
-CVE-2010-3803
- RESERVED
-CVE-2010-3804
- RESERVED
-CVE-2010-3805
- RESERVED
+CVE-2010-3803 (Integer overflow in WebKit in Apple Safari before 5.0.3 on Mac OS X ...)
+ TODO: check
+CVE-2010-3804 (The JavaScript implementation in WebKit in Apple Safari before 5.0.3 ...)
+ TODO: check
+CVE-2010-3805 (Integer underflow in WebKit in Apple Safari before 5.0.3 on Mac OS X ...)
+ TODO: check
CVE-2010-3806
RESERVED
CVE-2010-3807
RESERVED
-CVE-2010-3808
- RESERVED
-CVE-2010-3809
- RESERVED
-CVE-2010-3810
- RESERVED
-CVE-2010-3811
- RESERVED
-CVE-2010-3812
- RESERVED
-CVE-2010-3813
- RESERVED
+CVE-2010-3808 (WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and ...)
+ TODO: check
+CVE-2010-3809 (WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and ...)
+ TODO: check
+CVE-2010-3810 (WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and ...)
+ TODO: check
+CVE-2010-3811 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on ...)
+ TODO: check
+CVE-2010-3812 (Integer overflow in WebKit in Apple Safari before 5.0.3 on Mac OS X ...)
+ TODO: check
+CVE-2010-3813 (WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and ...)
+ TODO: check
CVE-2010-3814
RESERVED
CVE-2010-3815
RESERVED
-CVE-2010-3816
- RESERVED
-CVE-2010-3817
- RESERVED
-CVE-2010-3818
- RESERVED
-CVE-2010-3819
- RESERVED
-CVE-2010-3820
- RESERVED
-CVE-2010-3821
- RESERVED
-CVE-2010-3822
- RESERVED
-CVE-2010-3823
- RESERVED
-CVE-2010-3824
- RESERVED
+CVE-2010-3816 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on ...)
+ TODO: check
+CVE-2010-3817 (WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and ...)
+ TODO: check
+CVE-2010-3818 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on ...)
+ TODO: check
+CVE-2010-3819 (WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and ...)
+ TODO: check
+CVE-2010-3820 (WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and ...)
+ TODO: check
+CVE-2010-3821 (WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and ...)
+ TODO: check
+CVE-2010-3822 (WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and ...)
+ TODO: check
+CVE-2010-3823 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on ...)
+ TODO: check
+CVE-2010-3824 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on ...)
+ TODO: check
CVE-2010-3825
RESERVED
-CVE-2010-3826
- RESERVED
+CVE-2010-3826 (WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and ...)
+ TODO: check
CVE-2010-3827
RESERVED
CVE-2010-3828
@@ -93455,8 +93457,8 @@ CVE-2010-3870 (The utf8_decode function in PHP before 5.3.4 does not properly ha
TODO: check
CVE-2010-3871 (Cross-site scripting (XSS) vulnerability in ...)
TODO: check
-CVE-2010-3872
- RESERVED
+CVE-2010-3872 (The apr_status_t fcgid_header_bucket_read function in fcgid_bucket.c ...)
+ TODO: check
CVE-2010-3873
RESERVED
CVE-2010-3874
@@ -94042,16 +94044,16 @@ CVE-2010-4163
RESERVED
CVE-2010-4164
RESERVED
-CVE-2010-4165
- RESERVED
+CVE-2010-4165 (The do_tcp_setsockopt function in net/ipv4/tcp.c in the Linux kernel ...)
+ TODO: check
CVE-2010-4166
RESERVED
CVE-2010-4167
RESERVED
CVE-2010-4168 (Multiple use-after-free vulnerabilities in OpenTTD 1.0.x before 1.0.5 ...)
TODO: check
-CVE-2010-4169
- RESERVED
+CVE-2010-4169 (Use-after-free vulnerability in mm/mprotect.c in the Linux kernel ...)
+ TODO: check
CVE-2010-4170
RESERVED
CVE-2010-4171
@@ -94133,8 +94135,8 @@ CVE-2010-4208 (Cross-site scripting (XSS) vulnerability in the Flash component .
TODO: check
CVE-2010-4209 (Cross-site scripting (XSS) vulnerability in the Flash component ...)
TODO: check
-CVE-2010-4210
- RESERVED
+CVE-2010-4210 (The pfs_getextattr function in FreeBSD 7.x before 7.3-RELEASE and 8.x ...)
+ TODO: check
CVE-2010-4211 (The PayPal app before 3.0.1 for iOS does not verify that the server ...)
TODO: check
CVE-2010-4212 (The USAA application 3.0 for Android stores a mirror image of each ...)
@@ -94301,3 +94303,15 @@ CVE-2010-4292
RESERVED
CVE-2010-4293
RESERVED
+CVE-2010-4294
+ RESERVED
+CVE-2010-4295
+ RESERVED
+CVE-2010-4296
+ RESERVED
+CVE-2010-4297
+ RESERVED
+CVE-2010-4298
+ RESERVED
+CVE-2010-4299 (Heap-based buffer overflow in ZfHIPCND.exe in Novell Zenworks 7 ...)
+ TODO: check
^ permalink raw reply related [flat|nested] 20+ messages in thread
* [gentoo-commits] proj/security:master commit in: data/CVE/
@ 2014-08-04 23:45 Pavlos Ratis
0 siblings, 0 replies; 20+ messages in thread
From: Pavlos Ratis @ 2014-08-04 23:45 UTC (permalink / raw
To: gentoo-commits
commit: 8fbb8e0f9d2b72e2b254a383bb0bc64b3187903a
Author: cvebot <cvebot <AT> localhost>
AuthorDate: Mon Nov 22 05:17:06 2010 +0000
Commit: Pavlos Ratis <dastergon <AT> gentoo <DOT> org>
CommitDate: Mon Nov 22 05:17:06 2010 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/security.git;a=commit;h=8fbb8e0f
MITRE sync
svn path=/; revision=2212
---
data/CVE/list | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/data/CVE/list b/data/CVE/list
index 99de7e6..66b376f 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -94112,7 +94112,7 @@ CVE-2010-4198 (Google Chrome before 7.0.517.44 does not properly handle large te
TODO: check
CVE-2010-4199 (Google Chrome before 7.0.517.44 does not properly perform a cast of an ...)
TODO: check
-CVE-2010-4200 (Google Chrome before 7.0.517.44 reads from invalid memory locations ...)
+CVE-2010-4200
REJECTED
TODO: check
CVE-2010-4201 (Use-after-free vulnerability in Google Chrome before 7.0.517.44 allows ...)
^ permalink raw reply related [flat|nested] 20+ messages in thread
* [gentoo-commits] proj/security:master commit in: data/CVE/
@ 2014-08-04 23:45 Pavlos Ratis
0 siblings, 0 replies; 20+ messages in thread
From: Pavlos Ratis @ 2014-08-04 23:45 UTC (permalink / raw
To: gentoo-commits
commit: 12772dbc1788ff8201870e2182a238d10581f447
Author: cvebot <cvebot <AT> localhost>
AuthorDate: Fri Nov 19 23:16:45 2010 +0000
Commit: Pavlos Ratis <dastergon <AT> gentoo <DOT> org>
CommitDate: Fri Nov 19 23:16:45 2010 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/security.git;a=commit;h=12772dbc
MITRE sync
svn path=/; revision=2211
---
data/CVE/list | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/data/CVE/list b/data/CVE/list
index 66b376f..99de7e6 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -94112,7 +94112,7 @@ CVE-2010-4198 (Google Chrome before 7.0.517.44 does not properly handle large te
TODO: check
CVE-2010-4199 (Google Chrome before 7.0.517.44 does not properly perform a cast of an ...)
TODO: check
-CVE-2010-4200
+CVE-2010-4200 (Google Chrome before 7.0.517.44 reads from invalid memory locations ...)
REJECTED
TODO: check
CVE-2010-4201 (Use-after-free vulnerability in Google Chrome before 7.0.517.44 allows ...)
^ permalink raw reply related [flat|nested] 20+ messages in thread
* [gentoo-commits] proj/security:master commit in: data/CVE/
@ 2014-08-04 23:45 Pavlos Ratis
0 siblings, 0 replies; 20+ messages in thread
From: Pavlos Ratis @ 2014-08-04 23:45 UTC (permalink / raw
To: gentoo-commits
commit: 555b260a9d4e516edb7f03754e28bf6fb7cda3f5
Author: cvebot <cvebot <AT> localhost>
AuthorDate: Thu Nov 18 17:15:35 2010 +0000
Commit: Pavlos Ratis <dastergon <AT> gentoo <DOT> org>
CommitDate: Thu Nov 18 17:15:35 2010 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/security.git;a=commit;h=555b260a
MITRE sync
svn path=/; revision=2210
---
data/CVE/list | 38 ++++++++++++++++++++++++++++++++++++++
1 file changed, 38 insertions(+)
diff --git a/data/CVE/list b/data/CVE/list
index f2650a4..66b376f 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -94263,3 +94263,41 @@ CVE-2010-4273 (SQL injection vulnerability in imoveis.php in DescargarVista ACC
TODO: check
CVE-2010-4274 (reset_diragent_keys in the Common agent in IBM Systems Director 6.2.0 ...)
TODO: check
+CVE-2010-4275
+ RESERVED
+CVE-2010-4276
+ RESERVED
+CVE-2010-4277
+ RESERVED
+CVE-2010-4278
+ RESERVED
+CVE-2010-4279
+ RESERVED
+CVE-2010-4280
+ RESERVED
+CVE-2010-4281
+ RESERVED
+CVE-2010-4282
+ RESERVED
+CVE-2010-4283
+ RESERVED
+CVE-2010-4284
+ RESERVED
+CVE-2010-4285
+ RESERVED
+CVE-2010-4286
+ RESERVED
+CVE-2010-4287
+ RESERVED
+CVE-2010-4288
+ RESERVED
+CVE-2010-4289
+ RESERVED
+CVE-2010-4290
+ RESERVED
+CVE-2010-4291
+ RESERVED
+CVE-2010-4292
+ RESERVED
+CVE-2010-4293
+ RESERVED
^ permalink raw reply related [flat|nested] 20+ messages in thread
* [gentoo-commits] proj/security:master commit in: data/CVE/
@ 2014-08-04 23:45 Pavlos Ratis
0 siblings, 0 replies; 20+ messages in thread
From: Pavlos Ratis @ 2014-08-04 23:45 UTC (permalink / raw
To: gentoo-commits
commit: 8768a8dd9536800af915f725aaab5737e9f915d7
Author: cvebot <cvebot <AT> localhost>
AuthorDate: Thu Nov 18 11:17:06 2010 +0000
Commit: Pavlos Ratis <dastergon <AT> gentoo <DOT> org>
CommitDate: Thu Nov 18 11:17:06 2010 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/security.git;a=commit;h=8768a8dd
MITRE sync
svn path=/; revision=2209
---
data/CVE/list | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/data/CVE/list b/data/CVE/list
index a354d17..f2650a4 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -94112,7 +94112,7 @@ CVE-2010-4198 (Google Chrome before 7.0.517.44 does not properly handle large te
TODO: check
CVE-2010-4199 (Google Chrome before 7.0.517.44 does not properly perform a cast of an ...)
TODO: check
-CVE-2010-4200 (Google Chrome before 7.0.517.44 reads from invalid memory locations ...)
+CVE-2010-4200
REJECTED
TODO: check
CVE-2010-4201 (Use-after-free vulnerability in Google Chrome before 7.0.517.44 allows ...)
^ permalink raw reply related [flat|nested] 20+ messages in thread
* [gentoo-commits] proj/security:master commit in: data/CVE/
@ 2014-08-04 23:44 Pavlos Ratis
0 siblings, 0 replies; 20+ messages in thread
From: Pavlos Ratis @ 2014-08-04 23:44 UTC (permalink / raw
To: gentoo-commits
commit: 7ccb0e33035d00b9f440dea4967689b2eef51100
Author: cvebot <cvebot <AT> localhost>
AuthorDate: Wed Nov 17 17:15:28 2010 +0000
Commit: Pavlos Ratis <dastergon <AT> gentoo <DOT> org>
CommitDate: Wed Nov 17 17:15:28 2010 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/security.git;a=commit;h=7ccb0e33
MITRE sync
svn path=/; revision=2208
---
data/CVE/list | 111 +++++++++++++++++++++++++++++++++++++++++++++-------------
1 file changed, 86 insertions(+), 25 deletions(-)
diff --git a/data/CVE/list b/data/CVE/list
index bf5ea9d..a354d17 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -89391,7 +89391,7 @@ CVE-2010-1843 (Networking in Apple Mac OS X 10.6.2 through 10.6.4 allows remote
TODO: check
CVE-2010-1844 (Unspecified vulnerability in Image Capture in Apple Mac OS X 10.6.x ...)
TODO: check
-CVE-2010-1845 (ImageIO in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote ...)
+CVE-2010-1845 (ImageIO in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows ...)
TODO: check
CVE-2010-1846 (Heap-based buffer overflow in Image RAW in Apple Mac OS X 10.5.8 and ...)
TODO: check
@@ -93281,13 +93281,13 @@ CVE-2010-3783 (Password Server in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5
TODO: check
CVE-2010-3784 (The PMPageFormatCreateWithDataRepresentation API in Printing in Apple ...)
TODO: check
-CVE-2010-3785 (Buffer overflow in QuickLook in Apple Mac OS X 10.5.8 and 10.6.x before ...)
+CVE-2010-3785 (Buffer overflow in QuickLook in Apple Mac OS X 10.5.8 and 10.6.x ...)
TODO: check
CVE-2010-3786 (QuickLook in Apple Mac OS X 10.6.x before 10.6.5 allows remote ...)
TODO: check
-CVE-2010-3787 (Heap-based buffer overflow in QuickTime in Apple Mac OS X 10.6.x before ...)
+CVE-2010-3787 (Heap-based buffer overflow in QuickTime in Apple Mac OS X 10.6.x ...)
TODO: check
-CVE-2010-3788 (QuickTime in Apple Mac OS X 10.6.x before 10.6.5 accesses uninitialized ...)
+CVE-2010-3788 (QuickTime in Apple Mac OS X 10.6.x before 10.6.5 accesses ...)
TODO: check
CVE-2010-3789 (QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote ...)
TODO: check
@@ -93299,13 +93299,13 @@ CVE-2010-3792 (Integer signedness error in QuickTime in Apple Mac OS X 10.6.x be
TODO: check
CVE-2010-3793 (QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote ...)
TODO: check
-CVE-2010-3794 (QuickTime in Apple Mac OS X 10.6.x before 10.6.5 accesses uninitialized ...)
+CVE-2010-3794 (QuickTime in Apple Mac OS X 10.6.x before 10.6.5 accesses ...)
TODO: check
-CVE-2010-3795 (QuickTime in Apple Mac OS X 10.6.x before 10.6.5 accesses uninitialized ...)
+CVE-2010-3795 (QuickTime in Apple Mac OS X 10.6.x before 10.6.5 accesses ...)
TODO: check
CVE-2010-3796 (Safari RSS in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 does not ...)
TODO: check
-CVE-2010-3797 (Cross-site scripting (XSS) vulnerability in Wiki Server in Apple Mac OS ...)
+CVE-2010-3797 (Cross-site scripting (XSS) vulnerability in Wiki Server in Apple Mac ...)
TODO: check
CVE-2010-3798 (Heap-based buffer overflow in xar in Apple Mac OS X 10.6.x before ...)
TODO: check
@@ -93439,18 +93439,18 @@ CVE-2010-3862
RESERVED
CVE-2010-3863 (Apache Shiro before 1.1.0, and JSecurity 0.9.x, does not canonicalize ...)
TODO: check
-CVE-2010-3864
- RESERVED
+CVE-2010-3864 (Multiple race conditions in ssl/t1_lib.c in OpenSSL 0.9.8f through ...)
+ TODO: check
CVE-2010-3865
RESERVED
CVE-2010-3866
REJECTED
CVE-2010-3867 (Multiple directory traversal vulnerabilities in the mod_site_misc ...)
TODO: check
-CVE-2010-3868
- RESERVED
-CVE-2010-3869
- RESERVED
+CVE-2010-3868 (Red Hat Certificate System (RHCS) 7.3 and 8 and Dogtag Certificate ...)
+ TODO: check
+CVE-2010-3869 (Red Hat Certificate System (RHCS) 7.3 and 8 and Dogtag Certificate ...)
+ TODO: check
CVE-2010-3870 (The utf8_decode function in PHP before 5.3.4 does not properly handle ...)
TODO: check
CVE-2010-3871 (Cross-site scripting (XSS) vulnerability in ...)
@@ -93668,8 +93668,8 @@ CVE-2010-3976 (Untrusted search path vulnerability in Adobe Flash Player before
TODO: check
CVE-2010-3977 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
TODO: check
-CVE-2010-3978
- RESERVED
+CVE-2010-3978 (Spree 0.11.x before 0.11.2 and 0.30.x before 0.30.0 exchanges data ...)
+ TODO: check
CVE-2010-3979 (Dswsbobje in SAP BusinessObjects Enterprise XI 3.2 generates different ...)
NOT-FOR-US: sap businessobjects
CVE-2010-3980 (Dswsbobje in SAP BusinessObjects Enterprise XI 3.2 does not limit the ...)
@@ -93728,13 +93728,13 @@ CVE-2010-4006 (Multiple SQL injection vulnerabilities in search.php in WSN Links
TODO: check
CVE-2010-4007 (Oracle Mojarra uses an encrypted View State without a Message ...)
NOT-FOR-US: oracle mojarra
-CVE-2010-4008 (libxml2 before 2.7.8, as used in Google Chrome before 7.0.517.44, Apple ...)
+CVE-2010-4008 (libxml2 before 2.7.8, as used in Google Chrome before 7.0.517.44, ...)
TODO: check
CVE-2010-4009
RESERVED
-CVE-2010-4010 (Integer signedness error in Apple Type Services (ATS) in Apple Mac OS X ...)
+CVE-2010-4010 (Integer signedness error in Apple Type Services (ATS) in Apple Mac OS ...)
TODO: check
-CVE-2010-4011 (Dovecot in Apple Mac OS X 10.6.5 10H574 does not properly manage memory ...)
+CVE-2010-4011 (Dovecot in Apple Mac OS X 10.6.5 10H574 does not properly manage ...)
TODO: check
CVE-2010-4012
RESERVED
@@ -93926,8 +93926,8 @@ CVE-2010-4105 (Unspecified vulnerability in HP Insight Orchestration before 6.2
TODO: check
CVE-2010-4106 (Cross-site request forgery (CSRF) vulnerability in HP Insight Control ...)
TODO: check
-CVE-2010-4107
- RESERVED
+CVE-2010-4107 (The default configuration of the PJL Access value in the File System ...)
+ TODO: check
CVE-2010-4108
RESERVED
CVE-2010-4109
@@ -94030,8 +94030,8 @@ CVE-2010-4157
RESERVED
CVE-2010-4158
RESERVED
-CVE-2010-4159
- RESERVED
+CVE-2010-4159 (Untrusted search path vulnerability in metadata/loader.c in Mono 2.8 ...)
+ TODO: check
CVE-2010-4160
RESERVED
CVE-2010-4161
@@ -94048,8 +94048,8 @@ CVE-2010-4166
RESERVED
CVE-2010-4167
RESERVED
-CVE-2010-4168
- RESERVED
+CVE-2010-4168 (Multiple use-after-free vulnerabilities in OpenTTD 1.0.x before 1.0.5 ...)
+ TODO: check
CVE-2010-4169
RESERVED
CVE-2010-4170
@@ -94113,6 +94113,7 @@ CVE-2010-4198 (Google Chrome before 7.0.517.44 does not properly handle large te
CVE-2010-4199 (Google Chrome before 7.0.517.44 does not properly perform a cast of an ...)
TODO: check
CVE-2010-4200 (Google Chrome before 7.0.517.44 reads from invalid memory locations ...)
+ REJECTED
TODO: check
CVE-2010-4201 (Use-after-free vulnerability in Google Chrome before 7.0.517.44 allows ...)
TODO: check
@@ -94188,9 +94189,69 @@ CVE-2010-4236 (Untrusted search path vulnerability in estaskwrapper in IBM OmniF
TODO: check
CVE-2010-4237
RESERVED
+CVE-2010-4238
+ RESERVED
+CVE-2010-4239
+ RESERVED
+CVE-2010-4240
+ RESERVED
+CVE-2010-4241
+ RESERVED
+CVE-2010-4242
+ RESERVED
+CVE-2010-4243
+ RESERVED
+CVE-2010-4244
+ RESERVED
+CVE-2010-4245
+ RESERVED
+CVE-2010-4246
+ RESERVED
+CVE-2010-4247
+ RESERVED
+CVE-2010-4248
+ RESERVED
+CVE-2010-4249
+ RESERVED
+CVE-2010-4250
+ RESERVED
+CVE-2010-4251
+ RESERVED
+CVE-2010-4252
+ RESERVED
+CVE-2010-4253
+ RESERVED
+CVE-2010-4254
+ RESERVED
+CVE-2010-4255
+ RESERVED
+CVE-2010-4256
+ RESERVED
+CVE-2010-4257
+ RESERVED
+CVE-2010-4258
+ RESERVED
+CVE-2010-4259
+ RESERVED
+CVE-2010-4260
+ RESERVED
+CVE-2010-4261
+ RESERVED
+CVE-2010-4262
+ RESERVED
+CVE-2010-4263
+ RESERVED
+CVE-2010-4264
+ RESERVED
+CVE-2010-4265
+ RESERVED
+CVE-2010-4266
+ RESERVED
+CVE-2010-4267
+ RESERVED
CVE-2010-4268 (SQL injection vulnerability in the Pulse Infotech Flip Wall ...)
TODO: check
-CVE-2010-4269 (SQL injection vulnerability in managechat.php in Collabtive 0.65 allows ...)
+CVE-2010-4269 (SQL injection vulnerability in managechat.php in Collabtive 0.65 ...)
TODO: check
CVE-2010-4270 (Directory traversal vulnerability in the nBill (com_netinvoice) ...)
TODO: check
^ permalink raw reply related [flat|nested] 20+ messages in thread
* [gentoo-commits] proj/security:master commit in: data/CVE/
@ 2014-08-04 23:44 Pavlos Ratis
0 siblings, 0 replies; 20+ messages in thread
From: Pavlos Ratis @ 2014-08-04 23:44 UTC (permalink / raw
To: gentoo-commits
commit: 5b1a6a6bf4a4138b3a476d2ea3002d3044b0d26d
Author: cvebot <cvebot <AT> localhost>
AuthorDate: Wed Nov 17 05:15:28 2010 +0000
Commit: Pavlos Ratis <dastergon <AT> gentoo <DOT> org>
CommitDate: Wed Nov 17 05:15:28 2010 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/security.git;a=commit;h=5b1a6a6b
MITRE sync
svn path=/; revision=2207
---
data/CVE/list | 50 ++++++++++++++++++++++++++++++++------------------
1 file changed, 32 insertions(+), 18 deletions(-)
diff --git a/data/CVE/list b/data/CVE/list
index 478ff62..bf5ea9d 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -93728,14 +93728,14 @@ CVE-2010-4006 (Multiple SQL injection vulnerabilities in search.php in WSN Links
TODO: check
CVE-2010-4007 (Oracle Mojarra uses an encrypted View State without a Message ...)
NOT-FOR-US: oracle mojarra
-CVE-2010-4008
- RESERVED
+CVE-2010-4008 (libxml2 before 2.7.8, as used in Google Chrome before 7.0.517.44, Apple ...)
+ TODO: check
CVE-2010-4009
RESERVED
-CVE-2010-4010
- RESERVED
-CVE-2010-4011
- RESERVED
+CVE-2010-4010 (Integer signedness error in Apple Type Services (ATS) in Apple Mac OS X ...)
+ TODO: check
+CVE-2010-4011 (Dovecot in Apple Mac OS X 10.6.5 10H574 does not properly manage memory ...)
+ TODO: check
CVE-2010-4012
RESERVED
CVE-2010-4013
@@ -94142,8 +94142,8 @@ CVE-2010-4213 (The Bank of America application 2.12 for Android stores a securit
TODO: check
CVE-2010-4214 (The Wells Fargo Mobile application 1.1 for Android stores a username ...)
TODO: check
-CVE-2010-4215
- RESERVED
+CVE-2010-4215 (UI/Manage.pm in Foswiki 1.1.0 and 1.1.1 allows remote authenticated ...)
+ TODO: check
CVE-2010-4216 (IBM Tivoli Directory Server (TDS) 6.0.0.x before ...)
TODO: check
CVE-2010-4217 (Use-after-free vulnerability in the proxy server in IBM Tivoli ...)
@@ -94172,19 +94172,33 @@ CVE-2010-4228
RESERVED
CVE-2010-4229
RESERVED
-CVE-2010-4230
- RESERVED
-CVE-2010-4231
- RESERVED
-CVE-2010-4232
- RESERVED
-CVE-2010-4233
- RESERVED
-CVE-2010-4234
- RESERVED
+CVE-2010-4230 (Stack-based buffer overflow in a certain ActiveX control for the ...)
+ TODO: check
+CVE-2010-4231 (Directory traversal vulnerability in the web-based administration ...)
+ TODO: check
+CVE-2010-4232 (The web-based administration interface on the Camtron CMNC-200 Full HD ...)
+ TODO: check
+CVE-2010-4233 (The Linux installation on the Camtron CMNC-200 Full HD IP Camera and ...)
+ TODO: check
+CVE-2010-4234 (The web server on the Camtron CMNC-200 Full HD IP Camera and TecVoz ...)
+ TODO: check
CVE-2010-4235
RESERVED
CVE-2010-4236 (Untrusted search path vulnerability in estaskwrapper in IBM OmniFind ...)
TODO: check
CVE-2010-4237
RESERVED
+CVE-2010-4268 (SQL injection vulnerability in the Pulse Infotech Flip Wall ...)
+ TODO: check
+CVE-2010-4269 (SQL injection vulnerability in managechat.php in Collabtive 0.65 allows ...)
+ TODO: check
+CVE-2010-4270 (Directory traversal vulnerability in the nBill (com_netinvoice) ...)
+ TODO: check
+CVE-2010-4271 (SQL injection vulnerability in ImpressCMS before 1.2.3 RC2 allows ...)
+ TODO: check
+CVE-2010-4272 (SQL injection vulnerability in the Pulse Infotech Sponsor Wall ...)
+ TODO: check
+CVE-2010-4273 (SQL injection vulnerability in imoveis.php in DescargarVista ACC ...)
+ TODO: check
+CVE-2010-4274 (reset_diragent_keys in the Common agent in IBM Systems Director 6.2.0 ...)
+ TODO: check
^ permalink raw reply related [flat|nested] 20+ messages in thread
end of thread, other threads:[~2014-08-04 23:45 UTC | newest]
Thread overview: 20+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2014-08-04 23:45 [gentoo-commits] proj/security:master commit in: data/CVE/ Pavlos Ratis
-- strict thread matches above, loose matches on Subject: below --
2014-08-04 23:45 Pavlos Ratis
2014-08-04 23:45 Pavlos Ratis
2014-08-04 23:45 Pavlos Ratis
2014-08-04 23:45 Pavlos Ratis
2014-08-04 23:45 Pavlos Ratis
2014-08-04 23:45 Pavlos Ratis
2014-08-04 23:45 Pavlos Ratis
2014-08-04 23:45 Pavlos Ratis
2014-08-04 23:45 Pavlos Ratis
2014-08-04 23:45 Pavlos Ratis
2014-08-04 23:45 Pavlos Ratis
2014-08-04 23:45 Pavlos Ratis
2014-08-04 23:45 Pavlos Ratis
2014-08-04 23:45 Pavlos Ratis
2014-08-04 23:45 Pavlos Ratis
2014-08-04 23:45 Pavlos Ratis
2014-08-04 23:45 Pavlos Ratis
2014-08-04 23:44 Pavlos Ratis
2014-08-04 23:44 Pavlos Ratis
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox