[Secure-testing-commits] r10103 - data/CVE
joeyh at alioth.debian.org
joeyh at alioth.debian.org
Thu Oct 16 21:14:15 UTC 2008
Author: joeyh
Date: 2008-10-16 21:14:13 +0000 (Thu, 16 Oct 2008)
New Revision: 10103
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-10-16 11:53:12 UTC (rev 10102)
+++ data/CVE/list 2008-10-16 21:14:13 UTC (rev 10103)
@@ -1,10 +1,44 @@
-CVE-2008-4574
+CVE-2008-4589 (Heap-based buffer overflow in the tvtumin.sys kernel driver in Lenovo ...)
+ TODO: check
+CVE-2008-4588 (Stack-based buffer overflow in the FTP server in Etype Eserv 3.x, ...)
+ TODO: check
+CVE-2008-4587 (Insecure method vulnerability in the ...)
+ TODO: check
+CVE-2008-4586 (Insecure method vulnerability in the MVSNCLientWebAgent61.WebAgent.1 ...)
+ TODO: check
+CVE-2008-4585 (Belong Software Site Builder 0.1 beta allows remote attackers to ...)
+ TODO: check
+CVE-2008-4584 (Insecure method vulnerability in Chilkat Mail 7.8 ActiveX control ...)
+ TODO: check
+CVE-2008-4583 (Insecure method vulnerability in the Chilkat FTP 2.0 ActiveX component ...)
+ TODO: check
+CVE-2008-4582 (Mozilla Firefox 3.0.1 through 3.0.3 on Windows does not properly ...)
+ TODO: check
+CVE-2008-4581 (The Editor in IBM ENOVIA SmarTeam 5 before release 18 SP5, and release ...)
+ TODO: check
+CVE-2008-4580 (fence_manual in fence allows local users to modify arbitrary files via ...)
+ TODO: check
+CVE-2008-4579 (The (1) fence_apc and (2) fence_apc_snmp programs, as used in (a) ...)
+ TODO: check
+CVE-2008-4578 (The ACL plugin in Dovecot before 1.1.4 allows attackers to bypass ...)
+ TODO: check
+CVE-2008-4577 (The ACL plugin in Dovecot before 1.1.4 treats negative access rights ...)
+ TODO: check
+CVE-2008-4576 (sctp in Linux kernel before 2.6.25.18 allows remote attackers to cause ...)
+ TODO: check
+CVE-2008-4575 (Buffer overflow in the DoCommand function in jhead before 2.84 might ...)
+ TODO: check
+CVE-2008-4571 (Cross-site scripting (XSS) vulnerability in the LiveSearch module in ...)
+ TODO: check
+CVE-2008-4569 (SQL injection vulnerability in xlacomments.asp in XIGLA Software ...)
+ TODO: check
+CVE-2008-4574 (SQL injection vulnerability in default.asp in Ayco Okul Portali allows ...)
NOT-FOR-US: Ayco Okul Portali
-CVE-2008-4573
+CVE-2008-4573 (SQL injection vulnerability in kategori.asp in MunzurSoft Wep Portal ...)
NOT-FOR-US: MunzurSoft Wep Portal W3
-CVE-2008-4572
+CVE-2008-4572 (GuildFTPd 0.999.14, and possibly other versions, allows remote ...)
NOT-FOR-US: GuildFTPd
-CVE-2008-4570
+CVE-2008-4570 (SQL injection vulnerability in index.php in Real Estate Classifieds ...)
NOT-FOR-US: Real Estate Classifieds
CVE-2008-4568
RESERVED
@@ -32,10 +66,9 @@
NOT-FOR-US: Sun Solstice AdminSuite
CVE-2008-4555 (Stack-based buffer overflow in the push_subg function in parser.y ...)
TODO: check
-CVE-2008-4554
- RESERVED
-CVE-2008-4553 [qemu: insecure temp file]
- RESERVED
+CVE-2008-4554 (The do_splice_from function in fs/splice.c in the Linux kernel before ...)
+ TODO: check
+CVE-2008-4553 (qemu-make-debian-root in qemu 0.9.1-5 on Debian GNU/Linux allows local ...)
- qemu 0.9.1-6 (low; bug #496394)
CVE-2008-4552 (nfs-utils 1.0.9, and possibly other versions before 1.1.3, invokes the ...)
TODO: check
@@ -3876,7 +3909,7 @@
NOT-FOR-US: Microsoft Internet Explorer
CVE-2008-2948 (Cross-domain vulnerability in Microsoft Internet Explorer 7 and 8 ...)
NOT-FOR-US: Microsoft Internet Explorer
-CVE-2008-2947 (Cross-domain vulnerability in Microsoft Internet Explorer 6 allows ...)
+CVE-2008-2947 (Cross-domain vulnerability in Microsoft Internet Explorer 5.01 SP4, 6, ...)
NOT-FOR-US: Microsoft Internet Explorer
CVE-2008-2946 (The SNMP-DMI mapper subagent daemon (aka snmpXdmid) in Solstice ...)
NOT-FOR-US: Solstice Enterprise Agents in Sun Solaris
More information about the Secure-testing-commits
mailing list