diff options
author | security tracker role <sectracker@soriano.debian.org> | 2021-06-22 20:10:22 +0000 |
---|---|---|
committer | security tracker role <sectracker@soriano.debian.org> | 2021-06-22 20:10:22 +0000 |
commit | 8ecfcf652f097e1299e67a2e44a16a55ba2297be (patch) | |
tree | 28ed5f6243f6cf3b9c8cc456012609151bc2beb6 /data/CVE/2010.list | |
parent | 0de01ef64d44e979c4876b387bc48d8a1e2391aa (diff) |
automatic update
Diffstat (limited to 'data/CVE/2010.list')
-rw-r--r-- | data/CVE/2010.list | 32 |
1 files changed, 16 insertions, 16 deletions
diff --git a/data/CVE/2010.list b/data/CVE/2010.list index 7862dd60de..ccb6ece7fc 100644 --- a/data/CVE/2010.list +++ b/data/CVE/2010.list @@ -1129,8 +1129,8 @@ CVE-2010-4818 (The GLX extension in X.Org xserver 1.7.7 allows remote authentica NOTE: http://cgit.freedesktop.org/xorg/xserver/commit/?id=3f0d3f4d97bce75c1828635c322b6560a45a037f CVE-2010-4817 (pithos before 0.3.5 allows overwrite of arbitrary files via symlinks. ...) - pithos 0.3.5-1 -CVE-2010-4816 - RESERVED +CVE-2010-4816 (It was found in FreeBSD 8.0, 6.3 and 4.9, and OpenBSD 4.6 that a null ...) + TODO: check CVE-2010-4815 (Coppermine gallery before 1.4.26 has an input validation vulnerability ...) NOT-FOR-US: Coppermine Photo Gallery CVE-2010-4814 (SQL injection vulnerability in index1.php in Best Soft Inc. (BSI) Adva ...) @@ -2585,12 +2585,12 @@ CVE-2010-4268 (SQL injection vulnerability in the Pulse Infotech Flip Wall (com_ CVE-2010-4267 (Stack-based buffer overflow in the hpmud_get_pml function in io/hpmud/ ...) {DSA-2152-1} - hplip 3.10.6-2 (bug #610960) -CVE-2010-4266 - RESERVED +CVE-2010-4266 (It was found in vanilla forums before 2.0.10 a potential linkbait vuln ...) + TODO: check CVE-2010-4265 (The org.jboss.remoting.transport.bisocket.BisocketServerInvoker$Second ...) - jbossas4 <not-affected> (Red Hat issue, they didn't include the fix for CVE-2010-3862 in the update) -CVE-2010-4264 - RESERVED +CVE-2010-4264 (It was found in vanilla forums before 2.0.10 a cross-site scripting vu ...) + TODO: check CVE-2010-4263 (The igb_receive_skb function in drivers/net/igb/igb_main.c in the Inte ...) - linux-2.6 2.6.32-30 [lenny] - linux-2.6 <not-affected> (Vulnerable code not present) @@ -3615,7 +3615,7 @@ CVE-2010-3846 (Array index error in the apply_rcs_change function in rcs.c in CV CVE-2010-3844 (An unchecked sscanf() call in ettercap before 0.7.5 allows an insecure ...) - ettercap 1:0.7.4-1 (unimportant; bug #600130) NOTE: Very far-fetched attack vector -CVE-2010-3843 (The gtkui_conf_read function in src/interfaces/gtk/ec_gtk_conf.c in Et ...) +CVE-2010-3843 (The GTK version of ettercap uses a global settings file at /tmp/.etter ...) - ettercap 1:0.7.4-1 (unimportant; bug #600130) NOTE: Very far-fetched attack vector CVE-2010-3842 (Absolute path traversal vulnerability in curl 7.20.0 through 7.21.1, w ...) @@ -4709,7 +4709,7 @@ CVE-2010-3447 (Cross-site scripting (XSS) vulnerability in view.php in the file [lenny] - gollem <not-affected> ($filename not printed directly and passed through htmlspecialchars()) NOTE: http://bugs.horde.org/ticket/9191 CVE-2010-3446 - RESERVED + REJECTED CVE-2010-3445 (Stack consumption vulnerability in the dissect_ber_unknown function in ...) {DSA-2127-1} - wireshark 1.2.11-3 (low) @@ -5100,8 +5100,8 @@ CVE-2010-3302 (Buffer overflow in programs/pluto/xauth.c in the client in Opensw CVE-2010-3301 (The IA32 system call emulation functionality in arch/x86/ia32/ia32entr ...) - linux-2.6 2.6.32-23 [lenny] - linux-2.6 <not-affected> (vulnerability introduced in 2.6.27) -CVE-2010-3300 - RESERVED +CVE-2010-3300 (It was found that all OWASP ESAPI for Java up to version 2.0 RC2 are v ...) + TODO: check CVE-2010-3299 (The encrypt/decrypt functions in Ruby on Rails 2.3 are vulnerable to p ...) - rails <unfixed> (unimportant) NOTE: http://seclists.org/oss-sec/2010/q3/415 @@ -6392,7 +6392,7 @@ CVE-2010-2805 (The FT_Stream_EnterFrame function in base/ftstream.c in FreeType {DSA-2105-1} - freetype 2.4.2-1 CVE-2010-2804 - RESERVED + REJECTED CVE-2010-2803 (The drm_ioctl function in drivers/gpu/drm/drm_drv.c in the Direct Rend ...) {DSA-2094-1} - linux-2.6 2.6.32-22 @@ -7181,8 +7181,8 @@ CVE-2010-2527 (Multiple buffer overflows in demo programs in FreeType before 2.4 CVE-2010-2526 (The cluster logical volume manager daemon (clvmd) in lvm2-cluster in L ...) {DSA-2095-1} - lvm2 2.02.66-3 (bug #591204) -CVE-2010-2525 - RESERVED +CVE-2010-2525 (A flaw was discovered in gfs2 file system’s handling of acls (ac ...) + TODO: check CVE-2010-2524 (The DNS resolution functionality in the CIFS implementation in the Lin ...) {DSA-2264-1} - linux-2.6 2.6.32-19 @@ -7277,9 +7277,9 @@ CVE-2010-2487 (Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin 1 {DSA-2083-1} - moin 1.9.3-1 (bug #584809) CVE-2010-2486 - RESERVED + REJECTED CVE-2010-2485 - RESERVED + REJECTED CVE-2010-2484 (The strrchr function in PHP 5.2 before 5.2.14 allows context-dependent ...) - php5 5.3.3-1 (unimportant) CVE-2010-2483 (The TIFFRGBAImageGet function in LibTIFF 3.9.0 allows remote attackers ...) @@ -7305,7 +7305,7 @@ CVE-2010-2477 (Multiple cross-site scripting (XSS) vulnerabilities in the paste. [lenny] - paste 1.7.1-1+lenny1 NOTE: http://bitbucket.org/ianb/paste/changeset/fcae59df8b56 CVE-2010-2475 - RESERVED + REJECTED CVE-2010-2474 (JBoss Enterprise Service Bus (ESB) before 4.7 CP02 in JBoss Enterprise ...) - jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226) CVE-2010-2470 (Install/Filesystem.pm in Bugzilla 3.5.1 through 3.6.1 and 3.7 through ...) |