automatic update

1 files changed, 11 insertions, 22 deletions

diff --git a/data/CVE/2010.list b/data/CVE/2010.list
index 6e9139c7da..525612b5d4 100644
--- a/data/CVE/2010.list
+++ b/data/CVE/2010.list
@@ -2827,8 +2827,7 @@ CVE-2010-4178 (MySQL-GUI-tools (mysql-administrator) leaks passwords into proces
 	- mysql-gui-tools <unfixed> (low; bug #605542)
 	[squeeze] - mysql-gui-tools <no-dsa> (Minor issue)
 	[lenny] - mysql-gui-tools <no-dsa> (Minor issue)
-CVE-2010-4177
-	RESERVED
+CVE-2010-4177 (mysql-gui-tools (mysql-query-browser and mysql-admin) before 5.0r14+op ...)
 	- mysql-gui-tools <unfixed> (low; bug #605542)
 	[squeeze] - mysql-gui-tools <no-dsa> (Minor issue)
 	[lenny] - mysql-gui-tools <no-dsa> (Minor issue)
@@ -3591,8 +3590,7 @@ CVE-2010-3859 (Multiple integer signedness errors in the TIPC implementation in
 CVE-2010-3858 (The setup_arg_pages function in fs/exec.c in the Linux kernel before 2 ...)
 	{DSA-2126-1}
 	- linux-2.6 2.6.32-27
-CVE-2010-3857 [JBoss BRMS XSS via UUID parameter]
-	RESERVED
+CVE-2010-3857 (JBoss BRMS before 5.1.0 has a XSS vulnerability via asset=UUID paramet ...)
 	- jbossas4 <not-affected> (Vulnerable code not present)
 	NOTE: JBoss 5 only; fixed in 5.1.0
 CVE-2010-3856 (ld.so in the GNU C Library (aka glibc or libc6) before 2.11.3, and 2.1 ...)
@@ -3629,8 +3627,7 @@ CVE-2010-3847 (elf/dl-load.c in ld.so in the GNU C Library (aka glibc or libc6)
 CVE-2010-3846 (Array index error in the apply_rcs_change function in rcs.c in CVS 1.1 ...)
 	- cvs <not-affected> (vulnerable code not present)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-3852
-CVE-2010-3844
-	RESERVED
+CVE-2010-3844 (An unchecked sscanf() call in ettercap 0.7.3 allows an insecure tempor ...)
 	- ettercap 1:0.7.4-1 (unimportant; bug #600130)
 	NOTE: Very far-fetched attack vector
 CVE-2010-3843
@@ -4747,15 +4744,12 @@ CVE-2010-3442 (Multiple integer overflows in the snd_ctl_new function in sound/c
 CVE-2010-3441 (Multiple buffer overflows in abcm2ps before 5.9.12 might allow remote  ...)
 	- abcm2ps 5.9.13-0.1 (low; bug #577014)
 	[lenny] - abcm2ps <no-dsa> (Minor issue)
-CVE-2010-3440 [babiloo insecure downloading and unpacking of dictionary files]
-	RESERVED
+CVE-2010-3440 (babiloo 2.0.9 before 2.0.11 creates temporary files with predictable n ...)
 	- babiloo 2.0.11-1 (low; bug #591995)
-CVE-2010-3439 [alien-arena: server dos]
-	RESERVED
+CVE-2010-3439 (It is possible to cause a DoS condition by causing the server to crash ...)
 	- alien-arena 7.33-5 (low; bug #575621)
 	[lenny] - alien-arena 7.0-1+lenny2
-CVE-2010-3438 [Insufficient stripping of CR/LF allows arbitrary IRC command execution]
-	RESERVED
+CVE-2010-3438 (libpoe-component-irc-perl before v6.32 does not remove carriage return ...)
 	- libpoe-component-irc-perl 6.32+dfsg-1
 	[lenny] - libpoe-component-irc-perl 5.84+dfsg-1+lenny1 (bug #581194)
 CVE-2010-3437 (Integer signedness error in the pkt_find_dev_from_minor function in dr ...)
@@ -5108,8 +5102,7 @@ CVE-2010-3308 (Buffer overflow in programs/pluto/xauth.c in the client in Opensw
 	[lenny] - openswan <not-affected> (Introduced in version 2.6.25)
 CVE-2010-3307 (Multiple PHP remote file inclusion vulnerabilities in themes/default/i ...)
 	NOT-FOR-US: Free Simple CMS 1.0
-CVE-2010-3305 [pixel CSRF]
-	RESERVED
+CVE-2010-3305 (Cross-site request forgery (CSRF) vulnerability in pixelpost 1.7.3 cou ...)
 	- pixelpost <removed> (bug #597224)
 CVE-2010-3304 (The ACL plugin in Dovecot 1.2.x before 1.2.13 propagates INBOX ACLs to ...)
 	- dovecot 1.2.13-1
@@ -5125,8 +5118,7 @@ CVE-2010-3301 (The IA32 system call emulation functionality in arch/x86/ia32/ia3
 	[lenny] - linux-2.6 <not-affected> (vulnerability introduced in 2.6.27)
 CVE-2010-3300
 	RESERVED
-CVE-2010-3299 [ruby on rails: padding oracle attack]
-	RESERVED
+CVE-2010-3299 (The encrypt/decrypt functions in Ruby on Rails 2.3 are vulnerable to p ...)
 	- rails <unfixed> (unimportant)
 	NOTE: http://seclists.org/oss-sec/2010/q3/415
 	NOTE: http://seclists.org/oss-sec/2010/q3/413
@@ -5178,8 +5170,7 @@ CVE-2010-3294 (Cross-site scripting (XSS) vulnerability in apc.php in the Altern
 CVE-2010-3293 (mailscanner can allow local users to prevent virus signatures from bei ...)
 	- mailscanner <removed> (bug #596397; unimportant)
 	NOTE: or even unimportant, the script is not used by default
-CVE-2010-3292 [mailscanner may use spoofed data]
-	RESERVED
+CVE-2010-3292 (The update{_bad,}_phishing_sites scripts in mailscanner 4.79.11-2 down ...)
 	- mailscanner <removed> (bug #596396; low)
 	[squeeze] - mailscanner <no-dsa> (Minor issue)
 CVE-2010-3278
@@ -5734,8 +5725,7 @@ CVE-2010-3097 (Directory traversal vulnerability in WinFrigate Frigate 3 FTP cli
 	NOT-FOR-US: WinFrigate Frigate 3 FTP
 CVE-2010-3096 (Directory traversal vulnerability in SoftX FTP Client 3.3 and possibly ...)
 	NOT-FOR-US: SoftX FTP Client 3.3
-CVE-2010-3095 [mailscanner incomplete fix for CVE-2008-5313]
-	RESERVED
+CVE-2010-3095 (mailscanner before 4.79.11-2.1 might allow local users to overwrite ar ...)
 	- mailscanner 4.79.11-2.1 (bug #596403)
 CVE-2010-3094 (Multiple cross-site scripting (XSS) vulnerabilities in Drupal 6.x befo ...)
 	{DSA-2113-1}
@@ -7294,8 +7284,7 @@ CVE-2010-2490 (Mumble: murmur-server has DoS due to malformed client query ...)
 CVE-2010-2489 (Buffer overflow in Ruby 1.9.x before 1.9.1-p429 on Windows might allow ...)
 	- ruby1.8 <not-affected> (Windows-specific)
 	- ruby1.9.1 <not-affected> (Windows-specific)
-CVE-2010-2488 [znc null pointer deref]
-	RESERVED
+CVE-2010-2488 (NULL pointer dereference vulnerability in ZNC before 0.092 caused by t ...)
 	{DSA-2069-1}
 	- znc 0.090-2 (bug #584929)
 CVE-2010-2487 (Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin 1.7.3  ...)