[Secure-testing-commits] r10404 - data/CVE

joeyh at alioth.debian.org joeyh at alioth.debian.org
Mon Nov 17 21:14:11 UTC 2008


Author: joeyh
Date: 2008-11-17 21:14:11 +0000 (Mon, 17 Nov 2008)
New Revision: 10404

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-11-17 18:43:38 UTC (rev 10403)
+++ data/CVE/list	2008-11-17 21:14:11 UTC (rev 10404)
@@ -1,3 +1,59 @@
+CVE-2008-5097 (SQL injection vulnerability in index.php in MyFWB 1.0 allows remote ...)
+	TODO: check
+CVE-2008-5096 (Unspecified vulnerability in the TYPO3 File List (file_list) extension ...)
+	TODO: check
+CVE-2008-5095 (Cross-site scripting (XSS) vulnerability in the Novell User ...)
+	TODO: check
+CVE-2008-5094 (Heap-based buffer overflow in the NDS Service in Novell eDirectory ...)
+	TODO: check
+CVE-2008-5093 (Cross-site scripting (XSS) vulnerability in the HTTP Protocol Stack ...)
+	TODO: check
+CVE-2008-5092 (Heap-based buffer overflows in Novell eDirectory HTTP protocol stack ...)
+	TODO: check
+CVE-2008-5091 (Buffer overflow in the LDAP Service in Novell eDirectory before 8.8 ...)
+	TODO: check
+CVE-2008-5090 (Electron Inc. Advanced Electron Forum before 1.0.7 allows remote ...)
+	TODO: check
+CVE-2008-5089 (Multiple insecure method vulnerabilities in the ...)
+	TODO: check
+CVE-2008-5088 (Multiple SQL injection vulnerabilities in PHPKB Knowledge Base ...)
+	TODO: check
+CVE-2008-5087 (SQL injection vulnerability in TYPO3 Another Backend Login ...)
+	TODO: check
+CVE-2008-5086
+	RESERVED
+CVE-2008-5085
+	RESERVED
+CVE-2008-5084
+	RESERVED
+CVE-2008-5083
+	RESERVED
+CVE-2008-5082
+	RESERVED
+CVE-2008-5081
+	RESERVED
+CVE-2008-5080
+	RESERVED
+CVE-2008-5079
+	RESERVED
+CVE-2008-5078
+	RESERVED
+CVE-2008-5077
+	RESERVED
+CVE-2008-5075 (Multiple SQL injection vulnerabilities in E-Uploader Pro 1.0 (aka ...)
+	TODO: check
+CVE-2008-5074 (SQL injection vulnerability in index.php in the Freshlinks 1.0 RC1 ...)
+	TODO: check
+CVE-2008-5073 (Heap-based buffer overflow in an ActiveX control in Novell ZENworks ...)
+	TODO: check
+CVE-2008-5072 (vsfilter.dll in K-Lite Mega Codec Pack 3.5.7.0 allows remote attackers ...)
+	TODO: check
+CVE-2008-5071 (Multiple eval injection vulnerabilities in itpm_estimate.php in Yoxel ...)
+	TODO: check
+CVE-2008-5070 (SQL injection vulnerability in Pro Chat Rooms 3.0.3, when ...)
+	TODO: check
+CVE-2008-5069 (SQL injection vulnerability in go.php in Panuwat PromoteWeb MySQL, ...)
+	TODO: check
 CVE-2008-5068 (Multiple cross-site scripting (XSS) vulnerabilities in Kmita Gallery ...)
 	NOT-FOR-US: Kmita Gallery
 CVE-2008-5067 (Cross-site scripting (XSS) vulnerability in search.php in Kmita ...)
@@ -532,7 +588,7 @@
 CVE-2008-XXXX [eog: Python scripts load modules from current directory]
 	- eog 2.22.3-2 (bug #504352; low)
 	[etch] - eog <not-affected> (Vulnerable code not present)
-CVE-2008-5076 [htop display corruption]
+CVE-2008-5076 (htop 0.7 writes process names to a terminal without sanitizing ...)
 	- htop <unfixed> (unimportant; bug #504144)
 	NOTE: That scenario is too constructed to call it a security issue, especially
 	NOTE: given that the standard top will display the maliciously hidden processes
@@ -20085,8 +20141,8 @@
 	- linux-2.6 <not-affected> (There's a separate ID for 2.6, see CVE-2007-3719)
 CVE-2007-3719 (The process scheduler in the Linux kernel 2.6.16 gives preference to ...)
 	- linux-2.6 <unfixed> (unimportant)
-        NOTE: This is the existing default behaviour of the scheduler, can be tuned
-        NOTE: to suit individual needs
+	NOTE: This is the existing default behaviour of the scheduler, can be tuned
+	NOTE: to suit individual needs
 CVE-2007-3718 (Multiple unspecified vulnerabilities in the SVG parsing engine in ...)
 	NOT-FOR-US: Apple Safari
 CVE-2007-3717 (rcp on Sun Solaris 8, 9, and 10 before 20070710 does not properly call ...)




More information about the Secure-testing-commits mailing list