[Secure-testing-commits] r9461 - data/CVE
joeyh at alioth.debian.org
joeyh at alioth.debian.org
Tue Jul 29 09:14:10 UTC 2008
Author: joeyh
Date: 2008-07-29 09:14:09 +0000 (Tue, 29 Jul 2008)
New Revision: 9461
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-07-29 08:57:23 UTC (rev 9460)
+++ data/CVE/list 2008-07-29 09:14:09 UTC (rev 9461)
@@ -1,3 +1,37 @@
+CVE-2008-3355 (SQL injection vulnerability in sitemap.xml.php in Camera Life 2.6.2 ...)
+ TODO: check
+CVE-2008-3354 (Multiple PHP remote file inclusion vulnerabilities in the Newbb Plus ...)
+ TODO: check
+CVE-2008-3353 (Multiple cross-site scripting (XSS) vulnerabilities in Pure Software ...)
+ TODO: check
+CVE-2008-3352 (SQL injection vulnerability in index.php in Live Music Plus 1.1.0 ...)
+ TODO: check
+CVE-2008-3351 (SQL injection vulnerability in atomPhotoBlog.php in Atom PhotoBlog ...)
+ TODO: check
+CVE-2008-3350 (dnsmasq 2.43 allows remote attackers to cause a denial of service ...)
+ TODO: check
+CVE-2008-3349 (Multiple unspecified vulnerabilities in NetApp Data ONTAP, as used on ...)
+ TODO: check
+CVE-2008-3348 (Cross-site scripting (XSS) vulnerability in ...)
+ TODO: check
+CVE-2008-3347 (SQL injection vulnerability in staticpages/easycalendar/index.php in ...)
+ TODO: check
+CVE-2008-3346 (SQL injection vulnerability in product_detail.php in ShopCart DX ...)
+ TODO: check
+CVE-2008-3345 (SQL injection vulnerability in staticpages/easyecards/index.php in ...)
+ TODO: check
+CVE-2008-3344 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+ TODO: check
+CVE-2008-3343 (SQL injection vulnerability in staticpages/easypublish/index.php in ...)
+ TODO: check
+CVE-2008-3342 (Cross-site scripting (XSS) vulnerability in ...)
+ TODO: check
+CVE-2008-3341 (Multiple SQL injection vulnerabilities in search_result.cfm in Jobbex ...)
+ TODO: check
+CVE-2008-3340 (Cross-site scripting (XSS) vulnerability in search_result.cfm in ...)
+ TODO: check
+CVE-2008-3339 (search_result.cfm in Jobbex JobSite allows remote attackers to obtain ...)
+ TODO: check
CVE-2008-XXXX [httrack buffer overflow]
- httrack 3.42.3-1 (low)
[etch] - httrack <no-dsa> (Minor issue)
@@ -26,8 +60,8 @@
- trac 0.11-1
CVE-2008-3324
RESERVED
-CVE-2008-3323
- RESERVED
+CVE-2008-3323 (setup.exe before 2.573.2.3 in Cygwin does not properly verify the ...)
+ TODO: check
CVE-2008-3322 (admin/index.php in Maian Recipe 1.2 and earlier allows remote ...)
NOT-FOR-US: Maian *
CVE-2008-3321 (admin/index.php in Maian Uploader 4.0 and earlier allows remote ...)
@@ -182,7 +216,7 @@
NOT-FOR-US: Lenovo System Update
CVE-2008-3248
RESERVED
-CVE-2008-3247 (The LDT implementation in the Linux kernel 2.6.25.x on x86_64 ...)
+CVE-2008-3247 (The LDT implementation in the Linux kernel 2.6.25.x before 2.6.25.11 ...)
- linux-2.6 2.6.25-7
[etch] - linux-2.6 <not-affected> (2.6.25-only issue)
[etch] - linux-2.6.24 <not-affected> (2.6.25-only issue)
@@ -232,7 +266,7 @@
TODO: check
CVE-2008-3215 (libclamav/petite.c in ClamAV before 0.93.3 allows remote attackers to ...)
- clamav 0.93.1.dfsg-1.1 (medium)
-CVE-2008-3214 (dnsmasq 2.25 allows remote attackers to cause a denial of service (1) ...)
+CVE-2008-3214 (dnsmasq 2.25 allows remote attackers to cause a denial of service ...)
- dnsmasq 2.44-1 (medium)
CVE-2008-3213 (SQL injection vulnerability in secciones/tablon/tablon.php in WebCMS ...)
NOT-FOR-US: WebCMS
@@ -620,12 +654,12 @@
CVE-2008-3067 (sudo in SUSE openSUSE 10.3 does not clear the stdin buffer when ...)
- sudo 1.6.9p12-1
[etch] - sudo <not-affected> (Issue was introduced in 1.6.9)
-CVE-2008-3066
- RESERVED
+CVE-2008-3066 (Stack-based buffer overflow in a certain ActiveX control in rjbdll.dll ...)
+ TODO: check
CVE-2008-3065
RESERVED
-CVE-2008-3064
- RESERVED
+CVE-2008-3064 (Unspecified vulnerability in RealNetworks RealPlayer Enterprise, ...)
+ TODO: check
CVE-2008-3063
RESERVED
CVE-2008-3062
@@ -2306,7 +2340,7 @@
RESERVED
CVE-2008-2318 (The WOHyperlink implementation in WebObjects in Apple Xcode tools ...)
NOT-FOR-US: Apple Xcode
-CVE-2008-2317 (Unspecified vulnerability in WebCore in Safari on Apple iPhone before ...)
+CVE-2008-2317 (WebCore in Apple Safari does not properly perform garbage collection ...)
NOT-FOR-US: Safari
CVE-2008-2316
RESERVED
@@ -3145,8 +3179,8 @@
{DSA-1593-1}
- tomcat5.5 5.5.26-3 (low; bug #484643)
- tomcat5 <removed>
-CVE-2008-1946
- RESERVED
+CVE-2008-1946 (The default configuration of su in /etc/pam.d/su in GNU coreutils ...)
+ TODO: check
CVE-2008-1945
RESERVED
CVE-2008-1944 (Buffer overflow in the backend framebuffer of XenSource Xen ...)
@@ -11553,8 +11587,8 @@
NOT-FOR-US: Layton HelpBox
CVE-2007-5401 (Unrestricted file upload vulnerability in uploadrequest.asp in Layton ...)
NOT-FOR-US: Layton HelpBox
-CVE-2007-5400
- RESERVED
+CVE-2007-5400 (Heap-based buffer overflow in the Shockwave Flash (SWF) frame handling ...)
+ TODO: check
CVE-2007-5399 (Multiple heap-based buffer overflows in emlsr.dll in the EML reader in ...)
NOT-FOR-US: KeyView
CVE-2007-5398 (Stack-based buffer overflow in the reply_netbios_packet function in ...)
More information about the Secure-testing-commits
mailing list