[Secure-testing-commits] r10157 - data/CVE

joeyh at alioth.debian.org joeyh at alioth.debian.org
Fri Oct 24 21:14:15 UTC 2008 

Author: joeyh
Date: 2008-10-24 21:14:12 +0000 (Fri, 24 Oct 2008)
New Revision: 10157

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-10-23 21:14:14 UTC (rev 10156)
+++ data/CVE/list	2008-10-24 21:14:12 UTC (rev 10157)
@@ -1,3 +1,77 @@
+CVE-2008-4739 (Directory traversal vulnerability in index.php in PlugSpace 0.1, when ...)
+	TODO: check
+CVE-2008-4738 (SQL injection vulnerability in gallery.php in MyCard 1.0.2 allows ...)
+	TODO: check
+CVE-2008-4737 (Cross-site scripting (XSS) vulnerability in wholite.cgi in WhoDomLite ...)
+	TODO: check
+CVE-2008-4736 (SQL injection vulnerability in index.php in RPG.Board 0.8 Beta2 and ...)
+	TODO: check
+CVE-2008-4735 (PHP remote file inclusion vulnerability in header.php in Concord ...)
+	TODO: check
+CVE-2008-4734 (Cross-site request forgery (CSRF) vulnerability in the ...)
+	TODO: check
+CVE-2008-4733 (Cross-site scripting (XSS) vulnerability in wpcommentremix.php in WP ...)
+	TODO: check
+CVE-2008-4732 (SQL injection vulnerability in ajax_comments.php in the WP Comment ...)
+	TODO: check
+CVE-2008-4731 (Multiple unspecified vulnerabilities in YaCy before 0.61 have unknown ...)
+	TODO: check
+CVE-2008-4730 (Cross-site scripting (XSS) vulnerability in MyID.php in phpMyID 0.9 ...)
+	TODO: check
+CVE-2008-4729 (Stack-based buffer overflow in Hummingbird.XWebHostCtrl.1 ActiveX ...)
+	TODO: check
+CVE-2008-4728 (Multiple insecure method vulnerabilities in the ...)
+	TODO: check
+CVE-2008-4727 (Cross-site scripting (XSS) vulnerability in the contact update page ...)
+	TODO: check
+CVE-2008-4726 (Stack-based buffer overflow in the SFTP subsystem in GoodTech SSH 6.4 ...)
+	TODO: check
+CVE-2008-4725 (Cross-site scripting (XSS) vulnerability in Opera.dll in Opera 9.52 ...)
+	TODO: check
+CVE-2008-4724 (Multiple cross-site scripting (XSS) vulnerabilities in Google Chrome ...)
+	TODO: check
+CVE-2008-4723 (Multiple cross-site scripting (XSS) vulnerabilities in Mozilla Firefox ...)
+	TODO: check
+CVE-2008-4722 (Unspecified vulnerability in Sun Integrated Lights-Out Manager (ILOM) ...)
+	TODO: check
+CVE-2008-4721 (PHP Jabbers Post Comment 3.0 allows remote attackers to bypass ...)
+	TODO: check
+CVE-2008-4720 (Multiple PHP remote file inclusion vulnerabilities in The Gemini ...)
+	TODO: check
+CVE-2008-4719 (PHP remote file inclusion vulnerability in ...)
+	TODO: check
+CVE-2008-4718 (Directory traversal vulnerability in help/mini.phpin X7 Chat 2.0.1 A1 ...)
+	TODO: check
+CVE-2008-4717 (SQL injection vulnerability in bannerclick.php in ZEELYRICS 2.0 allows ...)
+	TODO: check
+CVE-2008-4716 (SQL injection vulnerability in show.php in BitmixSoft PHP-Lance 1.52 ...)
+	TODO: check
+CVE-2008-4715 (SQL injection vulnerability in the Jpad (com_jpad) 1.0 component for ...)
+	TODO: check
+CVE-2008-4714 (Atomic Photo Album 1.1.0 pre4 does not properly handle the ...)
+	TODO: check
+CVE-2008-4713 (SQL injection vulnerability in view.php in 212cafe Board 0.07 allows ...)
+	TODO: check
+CVE-2008-4712 (Directory traversal vulnerability in pages/showblog.php in LnBlog ...)
+	TODO: check
+CVE-2008-4711 (SQL injection vulnerability in Joovili 3.0 and earlier, when ...)
+	TODO: check
+CVE-2008-4710 (Cross-site scripting (XSS) vulnerability in the stock quotes page in ...)
+	TODO: check
+CVE-2008-4709 (SQL injection vulnerability in news_read.php in Pilot Group (PG) ...)
+	TODO: check
+CVE-2008-4708 (BbZL.PhP 0.92 allows remote attackers to bypass authentication and ...)
+	TODO: check
+CVE-2008-4707 (Directory traversal vulnerability in index.php in BbZL.PhP 0.92 allows ...)
+	TODO: check
+CVE-2008-4706 (SQL injection vulnerability in VBGooglemap Hotspot Edition 1.0.3, a ...)
+	TODO: check
+CVE-2008-4705 (SQL injection vulnerability in success_story.php in php Online Dating ...)
+	TODO: check
+CVE-2008-4704 (PHP remote file inclusion vulnerability in SezHooTabsAndActions.php in ...)
+	TODO: check
+CVE-2008-4703 (SQL injection vulnerability in news.php in BosDev BosNews 4.0 allows ...)
+	TODO: check
 CVE-2008-4702 (Multiple directory traversal vulnerabilities in PhpWebGallery 1.3.4 ...)
 	TODO: check
 CVE-2008-4701 (SQL injection vulnerability in admin.php in Libera CMS 1.12, when ...)
@@ -6,16 +80,16 @@
 	TODO: check
 CVE-2008-4699 (Insecure method vulnerability in the ActiveX control (PAWWeb11.ocx) in ...)
 	TODO: check
-CVE-2008-4698
-	RESERVED
-CVE-2008-4697
-	RESERVED
-CVE-2008-4696
-	RESERVED
-CVE-2008-4695
-	RESERVED
-CVE-2008-4694
-	RESERVED
+CVE-2008-4698 (Opera before 9.61 does not properly block scripts during preview of a ...)
+	TODO: check
+CVE-2008-4697 (The Fast Forward feature in Opera before 9.61, when a page is located ...)
+	TODO: check
+CVE-2008-4696 (Cross-site scripting (XSS) vulnerability in Opera.dll in Opera before ...)
+	TODO: check
+CVE-2008-4695 (Opera before 9.60 allows remote attackers to obtain sensitive ...)
+	TODO: check
+CVE-2008-4694 (Unspecified vulnerability in Opera before 9.60 allows remote attackers ...)
+	TODO: check
 CVE-2008-4693 (The SORT/LIST SERVICES component in IBM DB2 9.1 before FP6 and 9.5 ...)
 	TODO: check
 CVE-2008-4692 (The Native Managed Provider for .NET component in IBM DB2 8 before ...)
@@ -1019,8 +1093,8 @@
 	RESERVED
 CVE-2008-4251
 	RESERVED
-CVE-2008-4250
-	RESERVED
+CVE-2008-4250 (The Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, ...)
+	TODO: check
 CVE-2008-4249
 	RESERVED
 CVE-2008-4248
@@ -1950,10 +2024,10 @@
 	RESERVED
 CVE-2008-3864
 	RESERVED
-CVE-2008-3863
-	RESERVED
-CVE-2008-3862
-	RESERVED
+CVE-2008-3863 (Stack-based buffer overflow in the read_special_escape function in ...)
+	TODO: check
+CVE-2008-3862 (Stack-based buffer overflow in CGI programs in the server in Trend ...)
+	TODO: check
 CVE-2008-3861 (Multiple SQL injection vulnerabilities in phpMyRealty (PMR) 1.0.9 and ...)
 	NOT-FOR-US: phpMyRealty
 CVE-2008-3860 (Multiple cross-site scripting (XSS) vulnerabilities (1) in the WYSIWYG ...)
@@ -2090,12 +2164,12 @@
 	RESERVED
 CVE-2008-3818
 	RESERVED
-CVE-2008-3817
-	RESERVED
-CVE-2008-3816
-	RESERVED
-CVE-2008-3815
-	RESERVED
+CVE-2008-3817 (Memory leak in Cisco Adaptive Security Appliances (ASA) 5500 Series ...)
+	TODO: check
+CVE-2008-3816 (Unspecified vulnerability in Cisco Adaptive Security Appliances (ASA) ...)
+	TODO: check
+CVE-2008-3815 (Unspecified vulnerability in Cisco Adaptive Security Appliances (ASA) ...)
+	TODO: check
 CVE-2008-3814 (Unspecified vulnerability in Cisco Unity 4.x before 4.2(1)ES161, 5.x ...)
 	NOT-FOR-US: Cisco
 CVE-2008-3813 (Unspecified vulnerability in Cisco IOS 12.2 and 12.4, when the L2TP ...)
@@ -5324,8 +5398,7 @@
 	RESERVED
 CVE-2008-2470 (The InstallShield Update Service Agent ActiveX control in isusweb.dll ...)
 	NOT-FOR-US: InstallShield
-CVE-2008-2469
-	RESERVED
+CVE-2008-2469 (Heap-based buffer overflow in the SPF_dns_resolv_lookup function in ...)
 	{DSA-1659-1 DTSA-172-1}
 	- libspf2 <unfixed> (high)
 CVE-2008-2468 (Multiple buffer overflows in the QIP Server Service (aka qipsrvr.exe) ...)
@@ -17794,8 +17867,8 @@
 	[sarge] - cupsys <not-affected> (Only vulnerable to code injection since 1.2.x, effects are harmless otherwise)
 CVE-2007-4350 (Cross-site scripting (XSS) vulnerability in the management interface ...)
 	TODO: check
-CVE-2007-4349
-	RESERVED
+CVE-2007-4349 (The Shared Trace Service (aka OVTrace) in HP OpenView Report 3.70 and ...)
+	TODO: check
 CVE-2007-4348 (Cross-site scripting (XSS) vulnerability in the CAD service in IBM ...)
 	NOT-FOR-US: IBM Tivoli Storage Manager
 CVE-2007-4347 (Multiple integer overflows in the Job Engine (bengine.exe) service in ...)

More information about the Secure-testing-commits mailing list