[Secure-testing-commits] r10671 - data/CVE

joeyh at alioth.debian.org joeyh at alioth.debian.org
Wed Dec 10 21:14:15 UTC 2008 

Author: joeyh
Date: 2008-12-10 21:14:14 +0000 (Wed, 10 Dec 2008)
New Revision: 10671

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-12-10 16:23:31 UTC (rev 10670)
+++ data/CVE/list	2008-12-10 21:14:14 UTC (rev 10671)
@@ -1,3 +1,25 @@
+CVE-2008-5420 (The SAN Manager Master Agent service (aka msragent.exe) in EMC Control ...)
+	TODO: check
+CVE-2008-5419 (Stack-based buffer overflow in SAN Manager Master Agent service (aka ...)
+	TODO: check
+CVE-2008-5418 (Directory traversal vulnerability in login.php in the PunPortal module ...)
+	TODO: check
+CVE-2008-5417 (HP DECnet-Plus 8.3 before ECO03 for OpenVMS on the Alpha platform uses ...)
+	TODO: check
+CVE-2008-5416 (Heap-based buffer overflow in Microsoft SQL Server 2000 8.00.2050, ...)
+	TODO: check
+CVE-2008-5415
+	RESERVED
+CVE-2008-5414 (Unspecified vulnerability in the Feature Pack for Web Services in the ...)
+	TODO: check
+CVE-2008-5413 (PerfServlet in the PMI/Performance Tools component in IBM WebSphere ...)
+	TODO: check
+CVE-2008-5412 (Unspecified vulnerability in IBM WebSphere Application Server (WAS) 7 ...)
+	TODO: check
+CVE-2008-5411 (IBM WebSphere Application Server (WAS) 7 before 7.0.0.1 sends SSL ...)
+	TODO: check
+CVE-2008-5410 (The PK11_SESSION cache in the OpenSSL PKCS#11 engine in Sun Solaris 10 ...)
+	TODO: check
 CVE-2008-5409 (Unspecified vulnerability in the pdf.xmd module in (1) BitDefender ...)
 	NOT-FOR-US: itDefender Free Edition and Antivirus Standard, BullGuard Internet Security and Software602 Groupware Server
 CVE-2008-5408 (Buffer overflow in the data management protocol in Symantec Backup ...)
@@ -225,10 +247,10 @@
 	NOT-FOR-US: PG Roommate Finder Solution
 CVE-2008-5306 (SQL injection vulnerability in admin/index.php in PG Real Estate ...)
 	NOT-FOR-US: PG Real Estate Solution
-CVE-2008-5305
-	RESERVED
-CVE-2008-5304
-	RESERVED
+CVE-2008-5305 (Eval injection vulnerability in TWiki before 4.2.4 allows remote ...)
+	TODO: check
+CVE-2008-5304 (Cross-site scripting (XSS) vulnerability in TWiki before 4.2.4 allows ...)
+	TODO: check
 CVE-2008-5303 (Race condition in the rmtree function in File::Path 1.08 ...)
 	{DSA-1678-1}
 	- perl 5.10.0-18
@@ -1258,16 +1280,16 @@
 	RESERVED
 CVE-2008-4842
 	RESERVED
-CVE-2008-4841
-	RESERVED
+CVE-2008-4841 (The WordPad Text Converter for Word 97 files in Microsoft Windows 2000 ...)
+	TODO: check
 CVE-2008-4840
 	RESERVED
 CVE-2008-4839
 	RESERVED
 CVE-2008-4838
 	RESERVED
-CVE-2008-4837
-	RESERVED
+CVE-2008-4837 (Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and ...)
+	TODO: check
 CVE-2008-4836
 	RESERVED
 CVE-2008-4835
@@ -2529,8 +2551,8 @@
 	NOT-FOR-US: OpenPegasus
 CVE-2008-4312
 	RESERVED
-CVE-2008-4311
-	RESERVED
+CVE-2008-4311 (The default configuration of system.conf in D-Bus (aka DBus) before ...)
+	TODO: check
 CVE-2008-4310 (httputils.rb in WEBrick in Ruby 1.8.1 and 1.8.5 allows remote ...)
 	TODO: check
 CVE-2008-4309 (Integer overflow in the netsnmp_create_subtree_cache function in ...)
@@ -2617,42 +2639,42 @@
 	RESERVED
 CVE-2008-4270
 	RESERVED
-CVE-2008-4269
-	RESERVED
-CVE-2008-4268
-	RESERVED
+CVE-2008-4269 (The search-ms protocol handler in Windows Explorer in Microsoft ...)
+	TODO: check
+CVE-2008-4268 (The Windows Search component in Microsoft Windows Vista Gold and SP1 ...)
+	TODO: check
 CVE-2008-4267
 	RESERVED
-CVE-2008-4266
-	RESERVED
-CVE-2008-4265
-	RESERVED
-CVE-2008-4264
-	RESERVED
+CVE-2008-4266 (Microsoft Office Excel 2000 SP3, 2002 SP3, and 2003 SP3; Excel Viewer ...)
+	TODO: check
+CVE-2008-4265 (Microsoft Office Excel 2000 SP3 allows remote attackers to execute ...)
+	TODO: check
+CVE-2008-4264 (Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and ...)
+	TODO: check
 CVE-2008-4263
 	RESERVED
 CVE-2008-4262
 	RESERVED
-CVE-2008-4261
-	RESERVED
-CVE-2008-4260
-	RESERVED
-CVE-2008-4259
-	RESERVED
-CVE-2008-4258
-	RESERVED
+CVE-2008-4261 (Microsoft Internet Explorer 5.01 SP4, 6 SP1 on Windows 2000, and 6 on ...)
+	TODO: check
+CVE-2008-4260 (Microsoft Internet Explorer 7 sometimes attempts to access a deleted ...)
+	TODO: check
+CVE-2008-4259 (Microsoft Internet Explorer 7 sometimes attempts to access ...)
+	TODO: check
+CVE-2008-4258 (Microsoft Internet Explorer 5.01 SP4 and 6 SP1 does not properly ...)
+	TODO: check
 CVE-2008-4257
 	RESERVED
-CVE-2008-4256
-	RESERVED
-CVE-2008-4255
-	RESERVED
-CVE-2008-4254
-	RESERVED
-CVE-2008-4253
-	RESERVED
-CVE-2008-4252
-	RESERVED
+CVE-2008-4256 (The Charts ActiveX control in Microsoft Visual Basic 6.0, Visual ...)
+	TODO: check
+CVE-2008-4255 (The Windows Common ActiveX control in Microsoft Visual Basic 6.0, ...)
+	TODO: check
+CVE-2008-4254 (The Hierarchical FlexGrid ActiveX control in Microsoft Visual Basic ...)
+	TODO: check
+CVE-2008-4253 (The FlexGrid ActiveX control in Microsoft Visual Basic 6.0, Visual ...)
+	TODO: check
+CVE-2008-4252 (The DataGrid ActiveX control in Microsoft Visual Basic 6.0 and Visual ...)
+	TODO: check
 CVE-2008-4251
 	RESERVED
 CVE-2008-4250 (The Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, ...)
@@ -3193,24 +3215,24 @@
 	RESERVED
 CVE-2008-4033 (Cross-domain vulnerability in Microsoft XML Core Services 3.0 through ...)
 	NOT-FOR-US: Microsoft XML Core
-CVE-2008-4032
-	RESERVED
-CVE-2008-4031
-	RESERVED
-CVE-2008-4030
-	RESERVED
+CVE-2008-4032 (Microsoft Office SharePoint Server 2007 Gold and SP1 and Microsoft ...)
+	TODO: check
+CVE-2008-4031 (Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and ...)
+	TODO: check
+CVE-2008-4030 (Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and ...)
+	TODO: check
 CVE-2008-4029 (Cross-domain vulnerability in Microsoft XML Core Services 3.0 and 4.0, ...)
 	NOT-FOR-US: Microsoft XML Core
-CVE-2008-4028
-	RESERVED
-CVE-2008-4027
-	RESERVED
-CVE-2008-4026
-	RESERVED
-CVE-2008-4025
-	RESERVED
-CVE-2008-4024
-	RESERVED
+CVE-2008-4028 (Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and ...)
+	TODO: check
+CVE-2008-4027 (Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and ...)
+	TODO: check
+CVE-2008-4026 (Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and ...)
+	TODO: check
+CVE-2008-4025 (Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and ...)
+	TODO: check
+CVE-2008-4024 (Microsoft Office Word 2000 SP3 and 2002 SP3 and Office 2004 for Mac ...)
+	TODO: check
 CVE-2008-4023 (Active Directory in Microsoft Windows 2000 SP4 does not properly ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2008-4022
@@ -4685,8 +4707,8 @@
 	RESERVED
 CVE-2008-3466 (Microsoft Host Integration Server (HIS) 2000, 2004, and 2006 does not ...)
 	NOT-FOR-US: Microsoft
-CVE-2008-3465
-	RESERVED
+CVE-2008-3465 (Heap-based buffer overflow in an API in GDI in Microsoft Windows 2000 ...)
+	TODO: check
 CVE-2008-3464 (afd.sys in the Ancillary Function Driver (AFD) component in Microsoft ...)
 	NOT-FOR-US: Microsoft
 CVE-2008-3463
@@ -5739,10 +5761,10 @@
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2008-3011
 	RESERVED
-CVE-2008-3010
-	RESERVED
-CVE-2008-3009
-	RESERVED
+CVE-2008-3010 (Microsoft Windows Media Player 6.4, Windows Media Format Runtime 7.1 ...)
+	TODO: check
+CVE-2008-3009 (Microsoft Windows Media Player 6.4, Windows Media Format Runtime 7.1 ...)
+	TODO: check
 CVE-2008-3008 (Stack-based buffer overflow in the WMEncProfileManager ActiveX control ...)
 	NOT-FOR-US: Microsoft Windows Media Encoder
 CVE-2008-3007 (Microsoft Office XP SP3, 2003 SP2 and SP3, 2007 Office System Gold and ...)
@@ -7480,8 +7502,8 @@
 	NOT-FOR-US: Microsoft
 CVE-2008-2250 (The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 ...)
 	NOT-FOR-US: Microsoft
-CVE-2008-2249
-	RESERVED
+CVE-2008-2249 (Integer overflow in GDI in Microsoft Windows 2000 SP4, XP SP2 and SP3, ...)
+	TODO: check
 CVE-2008-2248 (Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) ...)
 	NOT-FOR-US: Exchange Server
 CVE-2008-2247 (Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) ...)
@@ -19476,7 +19498,7 @@
 	[sarge] - cupsys <not-affected> (Only vulnerable to code injection since 1.2.x, effects are harmless otherwise)
 CVE-2007-4350 (Cross-site scripting (XSS) vulnerability in the management interface ...)
 	NOT-FOR-US: HP SiteScope
-CVE-2007-4349 (The Shared Trace Service (aka OVTrace) in HP OpenView Report 3.70 and ...)
+CVE-2007-4349 (The Shared Trace Service (aka OVTrace) in HP Performance Agent C.04.70 ...)
 	NOT-FOR-US: HP OpenView Report
 CVE-2007-4348 (Cross-site scripting (XSS) vulnerability in the CAD service in IBM ...)
 	NOT-FOR-US: IBM Tivoli Storage Manager

More information about the Secure-testing-commits mailing list