[Secure-testing-commits] r10824 - data/CVE

joeyh at alioth.debian.org joeyh at alioth.debian.org
Mon Dec 29 21:14:12 UTC 2008 

Author: joeyh
Date: 2008-12-29 21:14:11 +0000 (Mon, 29 Dec 2008)
New Revision: 10824

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-12-29 09:14:13 UTC (rev 10823)
+++ data/CVE/list	2008-12-29 21:14:11 UTC (rev 10824)
@@ -1,3 +1,59 @@
+CVE-2008-5744 (Array index error in the dahdi/tor2.c driver in Zaptel (aka DAHDI) ...)
+	TODO: check
+CVE-2008-5743 (pdfjam creates the (1) pdf90, (2) pdfjoin, and (3) pdfnup files with a ...)
+	TODO: check
+CVE-2008-5742 (Multiple open redirect vulnerabilities in AIST NetCat 3.12 and earlier ...)
+	TODO: check
+CVE-2008-5741
+	RESERVED
+CVE-2008-5740
+	RESERVED
+CVE-2008-5739 (SQL injection vulnerability in evb/check_url.php in Pligg CMS 9.9.5 ...)
+	TODO: check
+CVE-2008-5738 (Nodstrum MySQL Calendar 1.1 and 1.2 allows remote attackers to bypass ...)
+	TODO: check
+CVE-2008-5737 (SQL injection vulnerability in index.php in Nodstrum MySQL Calendar ...)
+	TODO: check
+CVE-2008-5736 (Multiple unspecified vulnerabilities in FreeBSD 6 before 6.4-STABLE, ...)
+	TODO: check
+CVE-2008-5735 (Stack-based buffer overflow in skin.c in CoolPlayer 2.17 through 2.19 ...)
+	TODO: check
+CVE-2008-5734 (Cross-site scripting (XSS) vulnerability in WebMail Pro in IceWarp ...)
+	TODO: check
+CVE-2008-5733 (SQL injection vulnerability in blog.php in the Team Impact TI Blog ...)
+	TODO: check
+CVE-2008-5732 (Unrestricted file upload vulnerability in lib/image_upload.php in ...)
+	TODO: check
+CVE-2008-5731 (The PGPwded device driver (aka PGPwded.sys) in PGP Corporation PGP ...)
+	TODO: check
+CVE-2008-5730 (Multiple CRLF injection vulnerabilities in AIST NetCat 3.12 and ...)
+	TODO: check
+CVE-2008-5729 (Multiple cross-site scripting (XSS) vulnerabilities in AIST NetCat ...)
+	TODO: check
+CVE-2008-5728 (Multiple directory traversal vulnerabilities in AIST NetCat 3.12 and ...)
+	TODO: check
+CVE-2008-5727 (SQL injection vulnerability in modules/auth/password_recovery.php in ...)
+	TODO: check
+CVE-2008-5726 (SQL injection vulnerability in thread.php in stormBoards 1.0.1 allows ...)
+	TODO: check
+CVE-2008-5725 (The NT kernel-mode driver (aka pstrip.sys) 5.0.1.1 and earlier in ...)
+	TODO: check
+CVE-2008-5724 (The Personal Firewall driver (aka epfw.sys) 3.0.672.0 and earlier in ...)
+	TODO: check
+CVE-2008-5723 (Directory traversal vulnerability in CGI RESCUE KanniBBS2000 (aka ...)
+	TODO: check
+CVE-2008-5722 (Buffer overflow in SAWStudio 3.9i allows user-assisted remote ...)
+	TODO: check
+CVE-2008-5721 (SapporoWorks BlackJumboDog (BJD) before 4.2.3 allows remote attackers ...)
+	TODO: check
+CVE-2008-5720 (Cross-site scripting (XSS) vulnerability in Mayaa before 1.1.23 allows ...)
+	TODO: check
+CVE-2008-5719 (Cross-site scripting (XSS) vulnerability in Hitachi Groupmax Web ...)
+	TODO: check
+CVE-2008-5718 (The papd daemon in Netatalk before 2.0.4-beta2 allows remote attackers ...)
+	TODO: check
+CVE-2008-5717 (Cross-site scripting (XSS) vulnerability in Hitachi JP1/Integrated ...)
+	TODO: check
 CVE-2008-5716 (xend in Xen 3.3.0 does not properly restrict a guest VM's write access ...)
 	- xen-3 <not-affected> (Vulnerable code never entered Debian)
 	- xen-unstable <not-affected> (Vulnerable code never entered Debian)
@@ -55,7 +111,7 @@
 	NOT-FOR-US: Ipswitch WS_FTP Server Manager
 CVE-2008-5691 (Heap-based buffer overflow in the Phoenician Casino FlashAX ActiveX ...)
 	NOT-FOR-US: Phoenician Casino FlashAX ActiveX
-CVE-2008-5690 (The Kerberos credential renewal feature in Solaris 8, 9, and 10, and ...)
+CVE-2008-5690 (The Kerberos credential renewal feature in Sun Solaris 8, 9, and 10, ...)
 	NOT-FOR-US: Solaris
 CVE-2008-5689 (tun in IP Tunnel in Solaris 10 and OpenSolaris snv_01 through snv_76 ...)
 	NOT-FOR-US: Solaris
@@ -556,8 +612,7 @@
 	- xulrunner 1.9.0.5-1
 CVE-2008-5499 (Unspecified vulnerability in Adobe Flash Player for Linux 10.0.12.36, ...)
 	NOT-FOR-US: Adobe Flash Player for Linux
-CVE-2008-5498 [segfault and potential security issue in php5's bundled libgd's imagerotate]
-	RESERVED
+CVE-2008-5498 (Array index error in the imageRotate function in PHP 5.2.8 and earlier ...)
 	- php5 <not-affected> (php5 links to the shared lib)
 	- libgd2 <not-affected> (code is specific to php's libgd)
 	NOTE: http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.1360&r2=1.2027.2.547.2.1361
@@ -908,7 +963,7 @@
 	TODO: check
 CVE-2008-5344 (Unspecified vulnerability in Java Web Start (JWS) and Java Plug-in ...)
 	TODO: check
-CVE-2008-5343 (Unspecified vulnerability in Java Web Start (JWS) and Java Plug-in ...)
+CVE-2008-5343 (Java Web Start (JWS) and Java Plug-in with Sun JDK and JRE 6 Update 10 ...)
 	TODO: check
 CVE-2008-5342 (Unspecified vulnerability in the BasicService for Java Web Start (JWS) ...)
 	TODO: check

More information about the Secure-testing-commits mailing list