[Secure-testing-commits] r10737 - data/CVE

joeyh at alioth.debian.org joeyh at alioth.debian.org
Sat Dec 20 09:14:13 UTC 2008 

Author: joeyh
Date: 2008-12-20 09:14:12 +0000 (Sat, 20 Dec 2008)
New Revision: 10737

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-12-20 01:25:43 UTC (rev 10736)
+++ data/CVE/list	2008-12-20 09:14:12 UTC (rev 10737)
@@ -756,18 +756,18 @@
 	TODO: check
 CVE-2008-5361 (The ActionScript 2 virtual machine in Adobe Flash Player 10.x before ...)
 	TODO: check
-CVE-2008-5617 [RSyslog "AllowedSender" Security Bypass Vulnerability]
+CVE-2008-5617 (The ACL handling in rsyslog 3.12.1 to 3.20.0, 4.1.0, and 4.1.1 does ...)
 	- rsyslog 3.18.6-1 (bug #508027)
 CVE-2008-XXXX [phpPgAdmin: Local File Inclusion Vulnerability]
 	- phppgadmin <unfixed> (bug #508026)
 	NOTE: register_globals=on is required
 	NOTE: http://www.milw0rm.com/exploits/7363
-CVE-2008-5624 [php apache/2 SAPI php_getuid() overload]
+CVE-2008-5624 (PHP 5 before 5.2.7 does not properly initialize the page_uid and ...)
 	- php5 <unfixed> (bug #508021)
 	NOTE: Fixed in php 5.2.7, not yet in the archive
 	NOTE: http://securityreason.com/achievement_securityalert/59
 	TODO: check php4
-CVE-2008-5660 [Format string vulnerability in vinagre]
+CVE-2008-5660 (Format string vulnerability in the vinagre_utils_show_error function ...)
 	- vinagre 0.5.1-2
 CVE-2008-5360 (Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and ...)
 	TODO: check
@@ -845,7 +845,7 @@
 	NOT-FOR-US: IBM
 CVE-2007-6719 (SQL injection vulnerability in Wiz-Ad 1.3 allows remote attackers to ...)
 	NOT-FOR-US: Wiz-Ad
-CVE-2008-5658 [php5/ext/zip: ZipArchive::extractTo() Directory Traversal Vulnerability]
+CVE-2008-5658 (Directory traversal vulnerability in the ZipArchive::extractTo ...)
 	- php5 <unfixed> (bug #507857)
 	- php4 <unfixed>
 CVE-2008-5323 (Cross-site scripting (XSS) vulnerability in index.php in Wysi Wiki Wyg ...)
@@ -1182,7 +1182,7 @@
 CVE-2008-5187 (The load function in the XPM loader for imlib2 1.4.2, and possibly ...)
 	{DSA-1672-1}
 	- imlib2 1.4.0-1.2 (bug #505714)
-CVE-2008-5625 [php5 safe mode bypass via php_value error_log in .htaccess]
+CVE-2008-5625 (PHP 5 before 5.2.7 does not enforce the error_log safe_mode ...)
 	- php5 <unfixed> (unimportant)
 	NOTE: http://securityreason.com/achievement_securityalert/57
 CVE-2008-5312 (mailscanner 4.55.10 might allow local users to overwrite arbitrary ...)

More information about the Secure-testing-commits mailing list