[Secure-testing-commits] r10404 - data/CVE
joeyh at alioth.debian.org
joeyh at alioth.debian.org
Mon Nov 17 21:14:11 UTC 2008
Author: joeyh
Date: 2008-11-17 21:14:11 +0000 (Mon, 17 Nov 2008)
New Revision: 10404
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-11-17 18:43:38 UTC (rev 10403)
+++ data/CVE/list 2008-11-17 21:14:11 UTC (rev 10404)
@@ -1,3 +1,59 @@
+CVE-2008-5097 (SQL injection vulnerability in index.php in MyFWB 1.0 allows remote ...)
+ TODO: check
+CVE-2008-5096 (Unspecified vulnerability in the TYPO3 File List (file_list) extension ...)
+ TODO: check
+CVE-2008-5095 (Cross-site scripting (XSS) vulnerability in the Novell User ...)
+ TODO: check
+CVE-2008-5094 (Heap-based buffer overflow in the NDS Service in Novell eDirectory ...)
+ TODO: check
+CVE-2008-5093 (Cross-site scripting (XSS) vulnerability in the HTTP Protocol Stack ...)
+ TODO: check
+CVE-2008-5092 (Heap-based buffer overflows in Novell eDirectory HTTP protocol stack ...)
+ TODO: check
+CVE-2008-5091 (Buffer overflow in the LDAP Service in Novell eDirectory before 8.8 ...)
+ TODO: check
+CVE-2008-5090 (Electron Inc. Advanced Electron Forum before 1.0.7 allows remote ...)
+ TODO: check
+CVE-2008-5089 (Multiple insecure method vulnerabilities in the ...)
+ TODO: check
+CVE-2008-5088 (Multiple SQL injection vulnerabilities in PHPKB Knowledge Base ...)
+ TODO: check
+CVE-2008-5087 (SQL injection vulnerability in TYPO3 Another Backend Login ...)
+ TODO: check
+CVE-2008-5086
+ RESERVED
+CVE-2008-5085
+ RESERVED
+CVE-2008-5084
+ RESERVED
+CVE-2008-5083
+ RESERVED
+CVE-2008-5082
+ RESERVED
+CVE-2008-5081
+ RESERVED
+CVE-2008-5080
+ RESERVED
+CVE-2008-5079
+ RESERVED
+CVE-2008-5078
+ RESERVED
+CVE-2008-5077
+ RESERVED
+CVE-2008-5075 (Multiple SQL injection vulnerabilities in E-Uploader Pro 1.0 (aka ...)
+ TODO: check
+CVE-2008-5074 (SQL injection vulnerability in index.php in the Freshlinks 1.0 RC1 ...)
+ TODO: check
+CVE-2008-5073 (Heap-based buffer overflow in an ActiveX control in Novell ZENworks ...)
+ TODO: check
+CVE-2008-5072 (vsfilter.dll in K-Lite Mega Codec Pack 3.5.7.0 allows remote attackers ...)
+ TODO: check
+CVE-2008-5071 (Multiple eval injection vulnerabilities in itpm_estimate.php in Yoxel ...)
+ TODO: check
+CVE-2008-5070 (SQL injection vulnerability in Pro Chat Rooms 3.0.3, when ...)
+ TODO: check
+CVE-2008-5069 (SQL injection vulnerability in go.php in Panuwat PromoteWeb MySQL, ...)
+ TODO: check
CVE-2008-5068 (Multiple cross-site scripting (XSS) vulnerabilities in Kmita Gallery ...)
NOT-FOR-US: Kmita Gallery
CVE-2008-5067 (Cross-site scripting (XSS) vulnerability in search.php in Kmita ...)
@@ -532,7 +588,7 @@
CVE-2008-XXXX [eog: Python scripts load modules from current directory]
- eog 2.22.3-2 (bug #504352; low)
[etch] - eog <not-affected> (Vulnerable code not present)
-CVE-2008-5076 [htop display corruption]
+CVE-2008-5076 (htop 0.7 writes process names to a terminal without sanitizing ...)
- htop <unfixed> (unimportant; bug #504144)
NOTE: That scenario is too constructed to call it a security issue, especially
NOTE: given that the standard top will display the maliciously hidden processes
@@ -20085,8 +20141,8 @@
- linux-2.6 <not-affected> (There's a separate ID for 2.6, see CVE-2007-3719)
CVE-2007-3719 (The process scheduler in the Linux kernel 2.6.16 gives preference to ...)
- linux-2.6 <unfixed> (unimportant)
- NOTE: This is the existing default behaviour of the scheduler, can be tuned
- NOTE: to suit individual needs
+ NOTE: This is the existing default behaviour of the scheduler, can be tuned
+ NOTE: to suit individual needs
CVE-2007-3718 (Multiple unspecified vulnerabilities in the SVG parsing engine in ...)
NOT-FOR-US: Apple Safari
CVE-2007-3717 (rcp on Sun Solaris 8, 9, and 10 before 20070710 does not properly call ...)
More information about the Secure-testing-commits
mailing list