[Secure-testing-commits] r10103 - data/CVE

joeyh at alioth.debian.org joeyh at alioth.debian.org
Thu Oct 16 21:14:15 UTC 2008


Author: joeyh
Date: 2008-10-16 21:14:13 +0000 (Thu, 16 Oct 2008)
New Revision: 10103

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-10-16 11:53:12 UTC (rev 10102)
+++ data/CVE/list	2008-10-16 21:14:13 UTC (rev 10103)
@@ -1,10 +1,44 @@
-CVE-2008-4574
+CVE-2008-4589 (Heap-based buffer overflow in the tvtumin.sys kernel driver in Lenovo ...)
+	TODO: check
+CVE-2008-4588 (Stack-based buffer overflow in the FTP server in Etype Eserv 3.x, ...)
+	TODO: check
+CVE-2008-4587 (Insecure method vulnerability in the ...)
+	TODO: check
+CVE-2008-4586 (Insecure method vulnerability in the MVSNCLientWebAgent61.WebAgent.1 ...)
+	TODO: check
+CVE-2008-4585 (Belong Software Site Builder 0.1 beta allows remote attackers to ...)
+	TODO: check
+CVE-2008-4584 (Insecure method vulnerability in Chilkat Mail 7.8 ActiveX control ...)
+	TODO: check
+CVE-2008-4583 (Insecure method vulnerability in the Chilkat FTP 2.0 ActiveX component ...)
+	TODO: check
+CVE-2008-4582 (Mozilla Firefox 3.0.1 through 3.0.3 on Windows does not properly ...)
+	TODO: check
+CVE-2008-4581 (The Editor in IBM ENOVIA SmarTeam 5 before release 18 SP5, and release ...)
+	TODO: check
+CVE-2008-4580 (fence_manual in fence allows local users to modify arbitrary files via ...)
+	TODO: check
+CVE-2008-4579 (The (1) fence_apc and (2) fence_apc_snmp programs, as used in (a) ...)
+	TODO: check
+CVE-2008-4578 (The ACL plugin in Dovecot before 1.1.4 allows attackers to bypass ...)
+	TODO: check
+CVE-2008-4577 (The ACL plugin in Dovecot before 1.1.4 treats negative access rights ...)
+	TODO: check
+CVE-2008-4576 (sctp in Linux kernel before 2.6.25.18 allows remote attackers to cause ...)
+	TODO: check
+CVE-2008-4575 (Buffer overflow in the DoCommand function in jhead before 2.84 might ...)
+	TODO: check
+CVE-2008-4571 (Cross-site scripting (XSS) vulnerability in the LiveSearch module in ...)
+	TODO: check
+CVE-2008-4569 (SQL injection vulnerability in xlacomments.asp in XIGLA Software ...)
+	TODO: check
+CVE-2008-4574 (SQL injection vulnerability in default.asp in Ayco Okul Portali allows ...)
 	NOT-FOR-US: Ayco Okul Portali
-CVE-2008-4573
+CVE-2008-4573 (SQL injection vulnerability in kategori.asp in MunzurSoft Wep Portal ...)
 	NOT-FOR-US: MunzurSoft Wep Portal W3
-CVE-2008-4572
+CVE-2008-4572 (GuildFTPd 0.999.14, and possibly other versions, allows remote ...)
 	NOT-FOR-US: GuildFTPd
-CVE-2008-4570
+CVE-2008-4570 (SQL injection vulnerability in index.php in Real Estate Classifieds ...)
 	NOT-FOR-US: Real Estate Classifieds
 CVE-2008-4568
 	RESERVED
@@ -32,10 +66,9 @@
 	NOT-FOR-US: Sun Solstice AdminSuite
 CVE-2008-4555 (Stack-based buffer overflow in the push_subg function in parser.y ...)
 	TODO: check
-CVE-2008-4554
-	RESERVED
-CVE-2008-4553 [qemu: insecure temp file]
-	RESERVED
+CVE-2008-4554 (The do_splice_from function in fs/splice.c in the Linux kernel before ...)
+	TODO: check
+CVE-2008-4553 (qemu-make-debian-root in qemu 0.9.1-5 on Debian GNU/Linux allows local ...)
 	- qemu 0.9.1-6 (low; bug #496394)
 CVE-2008-4552 (nfs-utils 1.0.9, and possibly other versions before 1.1.3, invokes the ...)
 	TODO: check
@@ -3876,7 +3909,7 @@
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2008-2948 (Cross-domain vulnerability in Microsoft Internet Explorer 7 and 8 ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2008-2947 (Cross-domain vulnerability in Microsoft Internet Explorer 6 allows ...)
+CVE-2008-2947 (Cross-domain vulnerability in Microsoft Internet Explorer 5.01 SP4, 6, ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2008-2946 (The SNMP-DMI mapper subagent daemon (aka snmpXdmid) in Solstice ...)
 	NOT-FOR-US: Solstice Enterprise Agents in Sun Solaris




More information about the Secure-testing-commits mailing list