[Secure-testing-commits] r10052 - data/CVE

joeyh at alioth.debian.org joeyh at alioth.debian.org
Fri Oct 10 21:14:14 UTC 2008 

Author: joeyh
Date: 2008-10-10 21:14:12 +0000 (Fri, 10 Oct 2008)
New Revision: 10052

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-10-09 21:14:13 UTC (rev 10051)
+++ data/CVE/list	2008-10-10 21:14:12 UTC (rev 10052)
@@ -1,3 +1,65 @@
+CVE-2008-4533 (Cross-site scripting (XSS) vulnerability in Kantan WEB Server 1.8 and ...)
+	TODO: check
+CVE-2008-4532 (Cross-site scripting (XSS) vulnerability in index.php in MaxiScript ...)
+	TODO: check
+CVE-2008-4531 (SQL injection vulnerability in Brilliant Gallery 5.x before 5.x-4.2, a ...)
+	TODO: check
+CVE-2008-4530 (Cross-site scripting (XSS) vulnerability in Brilliant Gallery 5.x ...)
+	TODO: check
+CVE-2008-4529 (Multiple PHP remote file inclusion vulnerabilities in asiCMS alpha ...)
+	TODO: check
+CVE-2008-4528 (Directory traversal vulnerability in notes.php in Phlatline's Personal ...)
+	TODO: check
+CVE-2008-4527 (SQL injection vulnerability in recept.php in the Recepies (Recept) ...)
+	TODO: check
+CVE-2008-4526 (Multiple directory traversal vulnerabilities in CCMS 3.1 allow remote ...)
+	TODO: check
+CVE-2008-4525 (SQL injection vulnerability in index.php in AmpJuke 0.7.5 allows ...)
+	TODO: check
+CVE-2008-4524 (SQL injection vulnerability in the "Check User" feature ...)
+	TODO: check
+CVE-2008-4523 (SQL injection vulnerability in login.php in IP Reg 0.4 and earlier ...)
+	TODO: check
+CVE-2008-4522 (Multiple directory traversal vulnerabilities in JMweb MP3 Music Audio ...)
+	TODO: check
+CVE-2008-4521 (SQL injection vulnerability in thisraidprogress.php in the World of ...)
+	TODO: check
+CVE-2008-4520 (Cross-site scripting (XSS) vulnerability in bulk_update.pl in ...)
+	TODO: check
+CVE-2008-4519 (Multiple directory traversal vulnerabilities in Fastpublish CMS 1.9999 ...)
+	TODO: check
+CVE-2008-4518 (Multiple SQL injection vulnerabilities in Fastpublish CMS 1.9.9.9.9 d ...)
+	TODO: check
+CVE-2008-4517 (SQL injection vulnerability in leggi.php in geccBBlite 2.0 allows ...)
+	TODO: check
+CVE-2008-4516 (SQL injection vulnerability in galerie.php in Galerie 3.2 allows ...)
+	TODO: check
+CVE-2008-4515 (Blue Coat K9 Web Protection 4.0.230 Beta relies on client-side ...)
+	TODO: check
+CVE-2008-4514 (The HTML parser in KDE Konqueror 3.5.9 allows remote attackers to ...)
+	TODO: check
+CVE-2008-4513 (Cross-site scripting (XSS) vulnerability in BBcode API module in ...)
+	TODO: check
+CVE-2008-4512 (ASP/MS Access Shoutbox, probably 1.1 beta, stores db/shoutdb.mdb under ...)
+	TODO: check
+CVE-2008-4511 (Todd Woolums ASP News Management, possibly 2.21, stores db/news.mdb ...)
+	TODO: check
+CVE-2008-4510 (Microsoft Windows Vista Home and Ultimate Edition SP1 and earlier ...)
+	TODO: check
+CVE-2008-4509 (Unrestricted file upload vulnerability in processFiles.php in FOSS ...)
+	TODO: check
+CVE-2008-4508 (Stack-based buffer overflow in the file parsing function in Tonec ...)
+	TODO: check
+CVE-2008-4507 (Unspecified vulnerability in IBM Lotus Quickr 8.1 before Fix pack 1 ...)
+	TODO: check
+CVE-2008-4506 (Unspecified vulnerability in IBM Lotus Quickr 8.1 before Fix pack 1 ...)
+	TODO: check
+CVE-2008-4505 (Unspecified vulnerability in IBM Lotus Quickr 8.1 before Fix pack 1 ...)
+	TODO: check
+CVE-2008-4504 (Heap-based buffer overflow in Mplayer.exe in Herosoft Inc. Hero DVD ...)
+	TODO: check
+CVE-2008-4503 (The Settings Manager in Adobe Flash Player 9.0.124.0 and earlier ...)
+	TODO: check
 CVE-2008-4482 (The XML parser in Xerces-C++ before 3.0.0 allows context-dependent ...)
 	TODO: check
 CVE-2008-4480
@@ -256,8 +318,8 @@
 	[etch] - scilab <no-dsa> (Non-free not supported)
 CVE-2008-4395
 	RESERVED
-CVE-2008-4394
-	RESERVED
+CVE-2008-4394 (Multiple untrusted search path vulnerabilities in Portage before ...)
+	TODO: check
 CVE-2008-4393 (Cross-site scripting (XSS) vulnerability in VeriSign Kontiki Delivery ...)
 	NOT-FOR-US: VeriSign Kontiki
 CVE-2008-4392
@@ -651,16 +713,16 @@
 	RESERVED
 CVE-2008-4216
 	RESERVED
-CVE-2008-4215
-	RESERVED
-CVE-2008-4214
-	RESERVED
+CVE-2008-4215 (Weblog in Mac OS X Server 10.4.11 does not properly check an error ...)
+	TODO: check
+CVE-2008-4214 (Unspecified vulnerability in Script Editor in Mac OS X 10.4.11 and ...)
+	TODO: check
 CVE-2008-4213
 	RESERVED
-CVE-2008-4212
-	RESERVED
-CVE-2008-4211
-	RESERVED
+CVE-2008-4212 (Unspecified vulnerability in rlogind in the rlogin component in Mac OS ...)
+	TODO: check
+CVE-2008-4211 (Integer signedness error in QuickLook in Mac OS X 10.5.5 allows remote ...)
+	TODO: check
 CVE-2008-4210 (fs/open.c in the Linux kernel before 2.6.22 does not properly strip ...)
 	- linux-2.6 2.6.22-1
 	NOTE: easily exploitable but of limited use as the attacker already needs access to a
@@ -2161,20 +2223,20 @@
 	NOT-FOR-US: Article Friendly Standard
 CVE-2008-3648 (nslookup.exe in Microsoft Windows XP SP2 allows user-assisted remote ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2008-3647
-	RESERVED
-CVE-2008-3646
-	RESERVED
-CVE-2008-3645
-	RESERVED
+CVE-2008-3647 (Buffer overflow in PSNormalizer in Mac OS X 10.4.11 and 10.5.5 allows ...)
+	TODO: check
+CVE-2008-3646 (The Postfix configuration file in Mac OS X 10.5.5 causes Postfix to be ...)
+	TODO: check
+CVE-2008-3645 (Heap-based buffer overflow in the local IPC component in the ...)
+	TODO: check
 CVE-2008-3644
 	RESERVED
-CVE-2008-3643
-	RESERVED
-CVE-2008-3642
-	RESERVED
-CVE-2008-3641
-	RESERVED
+CVE-2008-3643 (Unspecified vulnerability in Finder in Mac OS X 10.5.5 allows ...)
+	TODO: check
+CVE-2008-3642 (Buffer overflow in ColorSync in Mac OS X 10.4.11 and 10.5.5 allows ...)
+	TODO: check
+CVE-2008-3641 (The Hewlett-Packard Graphics Language (HPGL) filter in CUPS before ...)
+	TODO: check
 CVE-2008-3640
 	RESERVED
 CVE-2008-3639
@@ -2622,8 +2684,8 @@
 	NOT-FOR-US: Apple iTunes
 CVE-2008-3433 (SpeedBit Download Accelerator Plus (DAP) before 8.6.3.9 does not ...)
 	NOT-FOR-US: SpeedBit Download Accelerator Plus
-CVE-2008-3432
-	RESERVED
+CVE-2008-3432 (Heap-based buffer overflow in the mch_expand_wildcards function in ...)
+	TODO: check
 CVE-2008-3430 (Buffer overflow in the CoVideoWindow.ocx ActiveX control 5.0.907.1 in ...)
 	NOT-FOR-US: Eyeball MessengerSDK
 CVE-2008-3428 (Session fixation vulnerability in phpFreeChat 1.1 allows remote ...)

More information about the Secure-testing-commits mailing list