diff options
author | cvebot <cvebot@localhost> | 2010-09-27 16:17:07 +0000 |
---|---|---|
committer | cvebot <cvebot@localhost> | 2010-09-27 16:17:07 +0000 |
commit | df73b1a0f35ee91789d1313a480cb945075f9762 (patch) | |
tree | 703c85af6f517d1b0ce3ee5084c8ee4adbfa15f0 | |
parent | CVE-2010-3301 (kernel) (diff) | |
download | security-df73b1a0f35ee91789d1313a480cb945075f9762.tar.gz security-df73b1a0f35ee91789d1313a480cb945075f9762.tar.bz2 security-df73b1a0f35ee91789d1313a480cb945075f9762.zip |
MITRE sync
svn path=/; revision=2153
-rw-r--r-- | data/CVE/list | 116 |
1 files changed, 79 insertions, 37 deletions
diff --git a/data/CVE/list b/data/CVE/list index 2738fc0..388e18f 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -79684,7 +79684,7 @@ CVE-2009-2049 (Cisco IOS 12.0(32)S12 through 12.0(32)S13 and 12.0(33)S3 through NOT-FOR-US: cisco ios_xe CVE-2009-2050 (Cisco Unified Communications Manager (aka CUCM, formerly CallManager) ...) NOT-FOR-US: cisco unified_communications_manager -CVE-2009-2051 (Cisco Unified Communications Manager (aka CUCM, formerly CallManager) ...) +CVE-2009-2051 (Cisco IOS 12.2 through 12.4 and 15.0 through 15.1, Cisco IOS XE 2.5.x ...) NOT-FOR-US: cisco unified_communications_manager CVE-2009-2052 (Cisco Unified Communications Manager (aka CUCM, formerly CallManager) ...) NOT-FOR-US: cisco unified_communications_manager @@ -88651,7 +88651,8 @@ CVE-2010-1499 (SQL injection vulnerability in genre_artists.php in MusicBox 3.3 NOT-FOR-US: MusicBox CVE-2010-1500 (Google Chrome before 4.1.249.1059 does not properly support forms, ...) TODO: check -CVE-2010-1501 (Cross-site request forgery (CSRF) vulnerability in Google Chrome ...) +CVE-2010-1501 + REJECTED TODO: check CVE-2010-1502 (Unspecified vulnerability in Google Chrome before 4.1.249.1059 allows ...) TODO: check @@ -89186,8 +89187,8 @@ CVE-2010-1765 RESERVED CVE-2010-1766 (Off-by-one error in the WebSocketHandshake::readServerHandshake ...) TODO: check -CVE-2010-1767 - RESERVED +CVE-2010-1767 (Cross-site request forgery (CSRF) vulnerability in ...) + TODO: check CVE-2010-1768 (Unspecified vulnerability in Apple iTunes before 9.1 allows local ...) NOT-FOR-US: apple itunes CVE-2010-1769 (WebKit in Apple iTunes before 9.2 on Windows, and Apple iOS before 4 ...) @@ -89196,10 +89197,10 @@ CVE-2010-1770 (WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 a TODO: check CVE-2010-1771 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on ...) TODO: check -CVE-2010-1772 - RESERVED -CVE-2010-1773 - RESERVED +CVE-2010-1772 (Use-after-free vulnerability in page/Geolocation.cpp in WebCore in ...) + TODO: check +CVE-2010-1773 (Off-by-one error in the toAlphabetic function in ...) + TODO: check CVE-2010-1774 (WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and ...) TODO: check CVE-2010-1775 (Race condition in Passcode Lock in Apple iOS before 4 on the iPhone ...) @@ -89298,12 +89299,12 @@ CVE-2010-1821 RESERVED CVE-2010-1822 RESERVED -CVE-2010-1823 - RESERVED -CVE-2010-1824 - RESERVED -CVE-2010-1825 - RESERVED +CVE-2010-1823 (Use-after-free vulnerability in WebKit before r65958, as used in ...) + TODO: check +CVE-2010-1824 (Use-after-free vulnerability in WebKit, as used in Google Chrome ...) + TODO: check +CVE-2010-1825 (Use-after-free vulnerability in WebKit, as used in Google Chrome ...) + TODO: check CVE-2010-1826 RESERVED CVE-2010-1827 @@ -90260,9 +90261,11 @@ CVE-2010-2301 (Cross-site scripting (XSS) vulnerability in editing/markup.cpp in TODO: check CVE-2010-2302 (Use-after-free vulnerability in WebCore in WebKit in Google Chrome ...) TODO: check -CVE-2010-2303 (page/Geolocation.cpp in WebCore in WebKit in Google Chrome before ...) +CVE-2010-2303 + REJECTED TODO: check -CVE-2010-2304 (The toAlphabetic function in rendering/RenderListMarker.cpp in WebCore ...) +CVE-2010-2304 + REJECTED TODO: check CVE-2010-2305 (Buffer overflow in an ActiveX control in SSHelper.dll for Symantec ...) NOT-FOR-US: symantec sygate_personal_firewall @@ -90636,8 +90639,8 @@ CVE-2010-2489 (Buffer overflow in Ruby 1.9.x before 1.9.1-p429 on Windows might NOT-FOR-US: ruby lang ruby CVE-2010-2490 RESERVED -CVE-2010-2491 - RESERVED +CVE-2010-2491 (Cross-site scripting (XSS) vulnerability in cgi/client.py in Roundup ...) + TODO: check CVE-2010-2492 (Buffer overflow in the ecryptfs_uid_hash macro in ...) TODO: check CVE-2010-2493 (The default configuration of the deployment descriptor (aka web.xml) ...) @@ -91310,9 +91313,9 @@ CVE-2010-2826 (SQL injection vulnerability in Cisco Wireless Control System (WCS NOT-FOR-US: cisco wireless_control_system_software CVE-2010-2827 (Cisco IOS 15.1(2)T allows remote attackers to cause a denial of ...) NOT-FOR-US: cisco ios -CVE-2010-2828 (Unspecified vulnerability in the H.323 implementation in Cisco IOS 12.1 ...) +CVE-2010-2828 (Unspecified vulnerability in the H.323 implementation in Cisco IOS ...) NOT-FOR-US: cisco ios_xe -CVE-2010-2829 (Unspecified vulnerability in the H.323 implementation in Cisco IOS 12.1 ...) +CVE-2010-2829 (Unspecified vulnerability in the H.323 implementation in Cisco IOS ...) NOT-FOR-US: cisco ios_xe CVE-2010-2830 (The IGMPv3 implementation in Cisco IOS 12.2, 12.3, 12.4, and 15.0 and ...) NOT-FOR-US: Cisco IOS @@ -91818,8 +91821,8 @@ CVE-2010-3079 RESERVED CVE-2010-3080 (Double free vulnerability in the snd_seq_oss_open function in ...) TODO: check -CVE-2010-3081 - RESERVED +CVE-2010-3081 (The compat_alloc_user_space functions in include/asm/compat.h files in ...) + TODO: check CVE-2010-3082 (Cross-site scripting (XSS) vulnerability in Django 1.2.x before 1.2.2 ...) TODO: check CVE-2010-3083 @@ -92178,8 +92181,8 @@ CVE-2010-3259 (Google Chrome before 6.0.472.53 does not properly restrict read a TODO: check CVE-2010-3260 RESERVED -CVE-2010-3261 - RESERVED +CVE-2010-3261 (Directory traversal vulnerability in RSA Authentication Agent 7.0 ...) + TODO: check CVE-2010-3262 (Cross-site scripting (XSS) vulnerability in Flock Browser 3.x before ...) TODO: check CVE-2010-3263 (Cross-site scripting (XSS) vulnerability in setup/frames/index.inc.php ...) @@ -92218,16 +92221,16 @@ CVE-2010-3279 (The default configuration of the CCAgent option before 9.0.8.4 in NOT-FOR-US: management CVE-2010-3280 (The CCAgent option 9.0.8.4 and earlier in the management server (aka ...) NOT-FOR-US: management -CVE-2010-3281 (Stack-based buffer overflow in the HTTP proxy service in Alcatel-Lucent ...) +CVE-2010-3281 (Stack-based buffer overflow in the HTTP proxy service in ...) NOT-FOR-US: HTTP proxy service in Alcatel Lucent OmniVista CVE-2010-3282 RESERVED -CVE-2010-3283 - RESERVED -CVE-2010-3284 - RESERVED -CVE-2010-3285 - RESERVED +CVE-2010-3283 (Open redirect vulnerability in HP System Management Homepage (SMH) ...) + TODO: check +CVE-2010-3284 (Unspecified vulnerability in HP System Management Homepage (SMH) ...) + TODO: check +CVE-2010-3285 (Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) ...) + TODO: check CVE-2010-3286 RESERVED CVE-2010-3287 @@ -92244,8 +92247,8 @@ CVE-2010-3292 RESERVED CVE-2010-3293 RESERVED -CVE-2010-3294 - RESERVED +CVE-2010-3294 (Cross-site scripting (XSS) vulnerability in apc.php in the Alternative ...) + TODO: check CVE-2010-3295 RESERVED CVE-2010-3296 @@ -92264,12 +92267,12 @@ CVE-2010-3302 RESERVED CVE-2010-3303 RESERVED -CVE-2010-3304 - RESERVED +CVE-2010-3304 (The ACL plugin in Dovecot 1.2.x before 1.2.13 propagates INBOX ACLs to ...) + TODO: check CVE-2010-3305 RESERVED -CVE-2010-3306 - RESERVED +CVE-2010-3306 (Directory traversal vulnerability in the modURL function in instance.c ...) + TODO: check CVE-2010-3307 RESERVED CVE-2010-3308 @@ -92473,10 +92476,13 @@ CVE-2010-3406 (Unspecified vulnerability in sa_snap in the bos.esagent fileset i CVE-2010-3407 (Stack-based buffer overflow in the MailCheck821Address function in ...) NOT-FOR-US: ibm lotus_domino CVE-2010-3408 (Use-after-free vulnerability in Google Chrome before 6.0.472.59 allows ...) + REJECTED TODO: check CVE-2010-3409 (Use-after-free vulnerability in Google Chrome before 6.0.472.59 allows ...) + REJECTED TODO: check CVE-2010-3410 (Use-after-free vulnerability in Google Chrome before 6.0.472.59 allows ...) + REJECTED TODO: check CVE-2010-3411 (Google Chrome before 6.0.472.59 on Linux does not properly handle ...) TODO: check @@ -92636,6 +92642,26 @@ CVE-2010-3488 (Directory traversal vulnerability in QuickShare 1.0 allows remote NOT-FOR-US: houbysoft quickshare CVE-2010-3489 (Cross-site scripting (XSS) vulnerability in ...) NOT-FOR-US: digitalworkroom cms_digital_workroom +CVE-2010-3490 + RESERVED +CVE-2010-3491 + RESERVED +CVE-2010-3492 + RESERVED +CVE-2010-3493 + RESERVED +CVE-2010-3494 + RESERVED +CVE-2010-3495 + RESERVED +CVE-2010-3496 + RESERVED +CVE-2010-3497 + RESERVED +CVE-2010-3498 + RESERVED +CVE-2010-3499 + RESERVED CVE-2010-3500 RESERVED CVE-2010-3501 @@ -92838,3 +92864,19 @@ CVE-2010-3599 RESERVED CVE-2010-3600 RESERVED +CVE-2010-3601 (SQL injection vulnerability in index.php in ibPhotohost 1.1.2 allows ...) + TODO: check +CVE-2010-3602 (Cross-site scripting (XSS) vulnerability in ProfileView.aspx in ...) + TODO: check +CVE-2010-3603 (Cross-site request forgery (CSRF) vulnerability in the file manager ...) + TODO: check +CVE-2010-3604 (SQL injection vulnerability in the powermail extension 1.5.3 and ...) + TODO: check +CVE-2010-3605 (Cross-site scripting (XSS) vulnerability in the powermail extension ...) + TODO: check +CVE-2010-3606 (Multiple directory traversal vulnerabilities in AGENTS/index.php in ...) + TODO: check +CVE-2010-3607 (Cross-site scripting (XSS) vulnerability in AGENTS/index.php in NetArt ...) + TODO: check +CVE-2010-3608 (Multiple SQL injection vulnerabilities in wpQuiz 2.7 allow remote ...) + TODO: check |