[Secure-testing-commits] r10358 - data/CVE

joeyh at alioth.debian.org joeyh at alioth.debian.org
Mon Nov 10 21:14:15 UTC 2008 

Author: joeyh
Date: 2008-11-10 21:14:14 +0000 (Mon, 10 Nov 2008)
New Revision: 10358

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-11-10 18:54:12 UTC (rev 10357)
+++ data/CVE/list	2008-11-10 21:14:14 UTC (rev 10358)
@@ -1,3 +1,37 @@
+CVE-2008-5008 (Buffer overflow in src/src_sinc.c in Secret Rabbit Code (aka SRC or ...)
+	TODO: check
+CVE-2008-5007 (create_lazarus_export_tgz.sh in lazarus 0.9.24 allows local users to ...)
+	TODO: check
+CVE-2008-5006 (smtp.c in the c-client library in University of Washington IMAP ...)
+	TODO: check
+CVE-2008-5005 (Multiple stack-based buffer overflows in (1) University of Washington ...)
+	TODO: check
+CVE-2008-5004 (SQL injection vulnerability in genscode.php in myWebland Bloggie Lite ...)
+	TODO: check
+CVE-2008-5003 (SQL injection vulnerability in ndetail.php in Shahrood allows remote ...)
+	TODO: check
+CVE-2008-5002 (Insecure method vulnerability in the ChilkatCrypt2.ChilkatCrypt2.1 ...)
+	TODO: check
+CVE-2008-5001 (Multiple stack-based buffer overflows in multiple functions in ...)
+	TODO: check
+CVE-2008-5000 (SQL injection vulnerability in admin/includes/news.inc.php in PHPX ...)
+	TODO: check
+CVE-2008-4999 (Nortel Networks UNIStim IP Phone 0604DAS allows remote attackers to ...)
+	TODO: check
+CVE-2008-4998 (** DISPUTED ** ...)
+	TODO: check
+CVE-2008-4997 (** DISPUTED ** ...)
+	TODO: check
+CVE-2008-4996 (** DISPUTED ** ...)
+	TODO: check
+CVE-2008-4995 (redirect.pl in bk2site 1.1.9 allows local users to overwrite arbitrary ...)
+	TODO: check
+CVE-2008-4994 (The (1) ncsarmt and (2) ncsawrap scripts in xmcd 2.6 allows local ...)
+	TODO: check
+CVE-2008-4993 (qemu-dm.debug in Xen 3.2.1 allows local users to overwrite arbitrary ...)
+	TODO: check
+CVE-2008-4992 (The SPARC hypervisor in Sun System Firmware 6.6.3 through 6.6.5 and ...)
+	TODO: check
 CVE-2008-XXXX [ClamAV get_unicode_name() off-by-one buffer overflow]
 	- clamav <unfixed> (bug #505134)
 CVE-2008-4991 (SQL injection vulnerability in LOCKON CO.,LTD. EC-CUBE 2.3.0 and ...)
@@ -79,8 +113,8 @@
 	RESERVED
 CVE-2008-4916
 	RESERVED
-CVE-2008-4915
-	RESERVED
+CVE-2008-4915 (The CPU hardware emulation in VMware Workstation 6.0.5 and earlier and ...)
+	TODO: check
 CVE-2008-4914
 	RESERVED
 CVE-2008-4913 (Directory traversal vulnerability in admin.php in LokiCMS 0.3.3 and ...)
@@ -282,8 +316,8 @@
 	RESERVED
 CVE-2008-4832
 	RESERVED
-CVE-2008-4831
-	RESERVED
+CVE-2008-4831 (Unspecified vulnerability in Adobe ColdFusion 8 and 8.0.1 and ...)
+	TODO: check
 CVE-2008-4830
 	RESERVED
 CVE-2008-4829
@@ -298,18 +332,18 @@
 	RESERVED
 CVE-2008-4824
 	RESERVED
-CVE-2008-4823
-	RESERVED
-CVE-2008-4822
-	RESERVED
-CVE-2008-4821
-	RESERVED
-CVE-2008-4820
-	RESERVED
-CVE-2008-4819
-	RESERVED
-CVE-2008-4818
-	RESERVED
+CVE-2008-4823 (Cross-site scripting (XSS) vulnerability in Adobe Flash Player ...)
+	TODO: check
+CVE-2008-4822 (Adobe Flash Player 9.0.124.0 and earlier does not properly interpret ...)
+	TODO: check
+CVE-2008-4821 (Adobe Flash Player 9.0.124.0 and earlier, when a Mozilla browser is ...)
+	TODO: check
+CVE-2008-4820 (Unspecified vulnerability in the Flash Player ActiveX control in Adobe ...)
+	TODO: check
+CVE-2008-4819 (Unspecified vulnerability in Adobe Flash Player 9.0.124.0 and earlier ...)
+	TODO: check
+CVE-2008-4818 (Cross-site scripting (XSS) vulnerability in Adobe Flash Player ...)
+	TODO: check
 CVE-2008-4817 (The Download Manager in Adobe Acrobat Professional and Reader 8.1.2 ...)
 	TODO: check
 CVE-2008-4816 (Unspecified vulnerability in the Download Manager in Adobe Reader ...)
@@ -455,6 +489,7 @@
 CVE-2008-4770
 	RESERVED
 CVE-2008-4776 (libgadu before 1.8.2 allows remote servers to cause a denial of ...)
+	{DSA-1664-1}
 	- libgadu 1:1.8.0+r592-3 (low; bug #503916)
 	- kadu 0.6.0.2-3 (low; bug #504429)
 	- ekg 1:1.8~rc0-1 (low)
@@ -1217,8 +1252,8 @@
 	RESERVED
 CVE-2008-4415
 	RESERVED
-CVE-2008-4414
-	RESERVED
+CVE-2008-4414 (Unspecified vulnerability in the AdvFS showfile command in HP Tru64 ...)
+	TODO: check
 CVE-2008-4413 (Unspecified vulnerability in HP System Management Homepage (SMH) 2.2.6 ...)
 	NOT-FOR-US: HP System Management Homepage
 CVE-2008-4412 (Unspecified vulnerability in HP Systems Insight Manager (SIM) before ...)
@@ -1573,8 +1608,8 @@
 	RESERVED
 CVE-2008-4282
 	RESERVED
-CVE-2008-4281
-	RESERVED
+CVE-2008-4281 (Directory traversal vulnerability in VMWare ESXi 3.5 before ...)
+	TODO: check
 CVE-2008-4280
 	RESERVED
 CVE-2008-4279 (The CPU hardware emulation for 64-bit guest operating systems in ...)
@@ -11805,7 +11840,7 @@
 	NOT-FOR-US: SanyBee Gallery
 CVE-2007-6647 (SQL injection vulnerability in index.php in w-Agora 4.2.1 and earlier ...)
 	NOT-FOR-US: w-Agora
-CVE-2007-6646 (Multiple cross-site scripting (XSS) vulnerabilities in LiveCart 1.0.1 ...)
+CVE-2007-6646 (Multiple cross-site scripting (XSS) vulnerabilities in LiveCart 1.0.1, ...)
 	NOT-FOR-US: LiveCart
 CVE-2007-6645 (Unspecified vulnerability in Joomla! before 1.5 RC4 allows remote ...)
 	- joomla <itp> (bug #326398)
@@ -26502,7 +26537,7 @@
 	- dcc <removed> (medium; bug #439718)
 CVE-2007-1046 (Dem_trac allows remote attackers to read log file contents via a ...)
 	NOT-FOR-US: Dem_trac
-CVE-2007-1045 (mAlbum 0.3 has default accunts (1) &quot;login&quot;/&quot;pass&quot; for its ...)
+CVE-2007-1045 (mAlbum 0.3 has default accounts (1) &quot;login&quot;/&quot;pass&quot; for its ...)
 	NOT-FOR-US: mAlbum
 CVE-2007-1044 (Pearson Education PowerSchool 4.3.6 allows remote attackers to list ...)
 	NOT-FOR-US: PowerSchool

More information about the Secure-testing-commits mailing list