[Secure-testing-commits] r10795 - data/CVE

joeyh at alioth.debian.org joeyh at alioth.debian.org
Wed Dec 24 21:14:10 UTC 2008 

Author: joeyh
Date: 2008-12-24 21:14:09 +0000 (Wed, 24 Dec 2008)
New Revision: 10795

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-12-24 15:02:44 UTC (rev 10794)
+++ data/CVE/list	2008-12-24 21:14:09 UTC (rev 10795)
@@ -1,3 +1,5 @@
+CVE-2008-5707 (SQL injection vulnerability in urunler.asp in Iltaweb Alisveris ...)
+	TODO: check
 CVE-2008-5704 (src/unit_test.c in gpsdrive (aka gpsdrive-scripts) 2.10~pre4 might ...)
 	TODO: check
 CVE-2008-5703 (gpsdrive (aka gpsdrive-scripts) 2.10~pre4 allows local users to ...)
@@ -370,8 +372,8 @@
 	NOT-FOR-US: PostEcards
 CVE-2008-5558 (Asterisk Open Source 1.2.26 through 1.2.30.3 and Business Edition ...)
 	TODO: check
-CVE-2008-5557
-	RESERVED
+CVE-2008-5557 (Heap-based buffer overflow in ...)
+	TODO: check
 CVE-2008-XXXX [phpBB3 Account Re-activation Security Bypass]
 	- phpbb3 <unfixed> (low; bug #508872)
 CVE-2008-5556 (** DISPUTED ** ...)
@@ -459,8 +461,8 @@
 	RESERVED
 CVE-2008-5515
 	RESERVED
-CVE-2008-5514
-	RESERVED
+CVE-2008-5514 (Off-by-one error in the rfc822_output_char function in the ...)
+	TODO: check
 CVE-2008-5513 (Unspecified vulnerability in the session-restore feature in Mozilla ...)
 	- iceweasel <unfixed>
 CVE-2008-5512 (Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before ...)
@@ -3290,12 +3292,12 @@
 CVE-2008-4306 (Buffer overflow in enscript before 1.6.4 has unknown impact and attack ...)
 	{DSA-1670-1}
 	- enscript 1.6.4-13 (bug #506261)
-CVE-2008-4305
-	RESERVED
-CVE-2008-4304
-	RESERVED
-CVE-2008-4303
-	RESERVED
+CVE-2008-4305 (Static code injection vulnerability in installation/setup.php in ...)
+	TODO: check
+CVE-2008-4304 (general/login.php in phpCollab 2.5 rc3 and earlier allows remote ...)
+	TODO: check
+CVE-2008-4303 (Multiple SQL injection vulnerabilities in phpCollab 2.5 rc3, 2.4, and ...)
+	TODO: check
 CVE-2008-4302 (fs/splice.c in the splice subsystem in the Linux kernel before ...)
 	{DSA-1653-1}
 	- linux-2.6 2.6.22-4 (low)
@@ -7818,10 +7820,10 @@
 	NOT-FOR-US: Trend Micro OfficeScan
 CVE-2008-2436 (Multiple heap-based buffer overflows in the IppCreateServerRef ...)
 	NOT-FOR-US: Novell iPrint Client
-CVE-2008-2435
-	RESERVED
-CVE-2008-2434
-	RESERVED
+CVE-2008-2435 (Use-after-free vulnerability in the Trend Micro HouseCall ActiveX ...)
+	TODO: check
+CVE-2008-2434 (The Trend Micro HouseCall ActiveX control 6.51.0.1028 and 6.6.0.1278 ...)
+	TODO: check
 CVE-2008-2433 (The web management console in Trend Micro OfficeScan 7.0 through 8.0, ...)
 	NOT-FOR-US: Trend Micro OfficeScan
 CVE-2008-2432 (Insecure method vulnerability in the GetFileList method in an ...)

More information about the Secure-testing-commits mailing list