[Secure-testing-commits] r8182 - data/CVE

joeyh at alioth.debian.org joeyh at alioth.debian.org
Tue Feb 19 09:14:24 UTC 2008 

Author: joeyh
Date: 2008-02-19 09:14:23 +0000 (Tue, 19 Feb 2008)
New Revision: 8182

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-02-19 09:09:18 UTC (rev 8181)
+++ data/CVE/list	2008-02-19 09:14:23 UTC (rev 8182)
@@ -1,3 +1,51 @@
+CVE-2008-0803 (Multiple PHP remote file inclusion vulnerabilities in LookStrike Lan ...)
+	TODO: check
+CVE-2008-0802 (SQL injection vulnerability in index.php in the com_mediaslide ...)
+	TODO: check
+CVE-2008-0801 (Multiple SQL injection vulnerabilities in index.php in the ...)
+	TODO: check
+CVE-2008-0800 (SQL injection vulnerability in index.php in the McQuiz (com_mcquiz) ...)
+	TODO: check
+CVE-2008-0799 (SQL injection vulnerability in index.php in the Quiz (com_quiz) 0.81 ...)
+	TODO: check
+CVE-2008-0798 (Multiple directory traversal vulnerabilities in artmedic webdesign ...)
+	TODO: check
+CVE-2008-0797 (Directory traversal vulnerability in lib/download.php in iTheora 1.0 ...)
+	TODO: check
+CVE-2008-0796 (SQL injection vulnerability in threads.php in Nuboard 0.5 allows ...)
+	TODO: check
+CVE-2008-0795 (SQL injection vulnerability in index.php in the MGFi XfaQ (com_xfaq) ...)
+	TODO: check
+CVE-2008-0794 (Directory traversal vulnerability in user/header.php in Affiliate ...)
+	TODO: check
+CVE-2008-0793 (Multiple cross-site scripting (XSS) vulnerabilities in search.asp in ...)
+	TODO: check
+CVE-2008-0792 (Multiple F-Secure anti-virus products, including Internet Security ...)
+	TODO: check
+CVE-2008-0791 (ipdsserver.exe in Intermate WinIPDS 3.3 G52-33-021 allows remote ...)
+	TODO: check
+CVE-2008-0790 (Directory traversal vulnerability in ipdsserver.exe in Intermate ...)
+	TODO: check
+CVE-2008-0789 (SQL injection vulnerability in countdown.php in LI-Scripts ...)
+	TODO: check
+CVE-2008-0788 (Multiple cross-site request forgery (CSRF) vulnerabilities in MyBB ...)
+	TODO: check
+CVE-2008-0787 (SQL injection vulnerability in inc/datahandlers/pm.php in MyBB before ...)
+	TODO: check
+CVE-2008-0786 (CRLF injection vulnerability in Cacti 0.8.7 before 0.8.7b and 0.8.6 ...)
+	TODO: check
+CVE-2008-0785 (Multiple SQL injection vulnerabilities in Cacti 0.8.7 before 0.8.7b ...)
+	TODO: check
+CVE-2008-0784 (graph.php in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k allows ...)
+	TODO: check
+CVE-2008-0783 (Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.7 ...)
+	TODO: check
+CVE-2008-0782 (Directory traversal vulnerability in MoinMoin 1.5.8 and earlier allows ...)
+	TODO: check
+CVE-2008-0781 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+	TODO: check
+CVE-2008-0780 (Cross-site scripting (XSS) vulnerability in MoinMoin 1.5.x through ...)
+	TODO: check
 CVE-2008-XXXX [diatheke remote command execution]
 	- sword 1.5.9-8 (high; bug #466449)
 	NOTE: CVE ID requested
@@ -14,12 +62,12 @@
 CVE-2008-XXXX [missing access restriction to user contacts in turba]
 	- turba2 2.1.7-1 (bug #464058)
 	NOTE: CVE id pending
-CVE-2008-0779 (The fortimon.sys device driver in Fortinet FortiClient 3.0 MR5 Patch 3 ...)
+CVE-2008-0779 (The fortimon.sys device driver in Fortinet FortiClient Host Security ...)
 	NOT-FOR-US: Fortinet FortiClient 3.0
 CVE-2008-0778 (Multiple stack-based buffer overflows in an ActiveX control in ...)
 	NOT-FOR-US: QuickTime
-CVE-2008-0777
-	RESERVED
+CVE-2008-0777 (The sendfile system call in FreeBSD 5.5 through 7.0 does not check the ...)
+	TODO: check
 CVE-2008-0776 (SQL injection vulnerability in detail.php in iTechBids Gold 6.0 allows ...)
 	NOT-FOR-US: iTechBids
 CVE-2008-0775 (Cross-site scripting (XSS) vulnerability in sboxDB.php in Simple ...)
@@ -303,8 +351,8 @@
 	RESERVED
 CVE-2008-0643
 	RESERVED
-CVE-2008-0642
-	RESERVED
+CVE-2008-0642 (Cross-site scripting (XSS) vulnerability in files created by Adobe ...)
+	TODO: check
 CVE-2009-XXXX [htmlscrubber does not sanitise javascript in uris]
 	- ikiwiki 2.31.1 (low; bug #465110)
 	NOTE: CVE id pending
@@ -536,18 +584,18 @@
 	RESERVED
 CVE-2008-0532
 	RESERVED
-CVE-2008-0531
-	RESERVED
-CVE-2008-0530
-	RESERVED
-CVE-2008-0529
-	RESERVED
-CVE-2008-0528
-	RESERVED
-CVE-2008-0527
-	RESERVED
-CVE-2008-0526
-	RESERVED
+CVE-2008-0531 (Heap-based buffer overflow in Cisco Unified IP Phone 7940, 7940G, ...)
+	TODO: check
+CVE-2008-0530 (Buffer overflow in Cisco Unified IP Phone 7940, 7940G, 7960, and 7960G ...)
+	TODO: check
+CVE-2008-0529 (Buffer overflow in the telnet server in Cisco Unified IP Phone 7906G, ...)
+	TODO: check
+CVE-2008-0528 (Buffer overflow in Cisco Unified IP Phone 7940, 7940G, 7960, and 7960G ...)
+	TODO: check
+CVE-2008-0527 (The HTTP server in Cisco Unified IP Phone 7935 and 7936 running SCCP ...)
+	TODO: check
+CVE-2008-0526 (Cisco Unified IP Phone 7940, 7940G, 7960, and 7960G running SCCP ...)
+	TODO: check
 CVE-2008-0525 (PatchLink Update client for Unix, as used by Novell ZENworks Patch ...)
 	NOT-FOR-US: PatchLink Update client for Unix
 CVE-2008-0524 (Cross-site request forgery (CSRF) vulnerability in the management ...)
@@ -1590,7 +1638,7 @@
 	RESERVED
 CVE-2008-0109 (Word in Microsoft Office 2000 SP3, XP SP3, Office 2003 SP2, and Office ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2008-0108 (Microsoft Works 6 File Converter, as used in Office 2003 SP2 and SP3, ...)
+CVE-2008-0108 (Stack-based buffer overflow in wkcvqd01.dll in Microsoft Works 6 File ...)
 	NOT-FOR-US: Microsoft Office
 CVE-2008-0107
 	RESERVED
@@ -6299,7 +6347,7 @@
 	RESERVED
 CVE-2007-5202
 	RESERVED
-CVE-2007-5201 (The FTP backend for Duplicity sends the password as a command line ...)
+CVE-2007-5201 (The FTP backend for Duplicity before 0.4.9 sends the password as a ...)
 	- duplicity 0.4.3-2 (low; bug #442840)
 	[etch] - duplicity <not-affected> (Vulnerable code introduced in 0.4.3)
 	[sarge] - duplicity <not-affected> (Vulnerable code introduced in 0.4.3)
@@ -18689,7 +18737,7 @@
 	NOT-FOR-US: Microsoft
 CVE-2007-0217 (The wininet.dll FTP client code in Microsoft Internet Explorer 5.01 ...)
 	NOT-FOR-US: Microsoft
-CVE-2007-0216 (Microsoft Works 6 File Converter, as used in Office 2003 SP2 and SP3, ...)
+CVE-2007-0216 (wkcvqd01.dll in Microsoft Works 6 File Converter, as used in Office ...)
 	NOT-FOR-US: Microsoft Office
 CVE-2007-0215 (Stack-based buffer overflow in Microsoft Excel 2000 SP3, 2002 SP3, ...)
 	NOT-FOR-US: Microsoft Excel

More information about the Secure-testing-commits mailing list