[Secure-testing-commits] r10205 - data/CVE
joeyh at alioth.debian.org
joeyh at alioth.debian.org
Wed Oct 29 21:14:15 UTC 2008
Author: joeyh
Date: 2008-10-29 21:14:14 +0000 (Wed, 29 Oct 2008)
New Revision: 10205
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-10-29 19:29:57 UTC (rev 10204)
+++ data/CVE/list 2008-10-29 21:14:14 UTC (rev 10205)
@@ -1,4 +1,14 @@
-CVE-2008-4776 [libgadu: DoS via a contact description with a large length]
+CVE-2008-4774 (Cross-site scripting (XSS) vulnerability in main/main.php in QuestCMS ...)
+ TODO: check
+CVE-2008-4773 (Directory traversal vulnerability in main/main.php in QuestCMS allows ...)
+ TODO: check
+CVE-2008-4772 (SQL injection vulnerability in main/main.php in QuestCMS allows remote ...)
+ TODO: check
+CVE-2008-4771 (Stack-based buffer overflow in VATDecoder.VatCtrl.1 ActiveX control in ...)
+ TODO: check
+CVE-2008-4770
+ RESERVED
+CVE-2008-4776 (libgadu before 1.8.2 allows remote servers to cause a denial of ...)
- libgadu <unfixed> (bug #503916)
CVE-2008-4769 (Directory traversal vulnerability in the get_category_template ...)
- wordpress 2.5.1-1
@@ -64,7 +74,7 @@
- kvirc 2:3.4.0-3 (bug #503401)
CVE-2008-XXXX [balazar3: insecure temp file handling]
- balazar3 0.1-2 (bug #503750)
-CVE-2008-4775 [XSS in phpmyadmin via db parameter in pmd_pdf.php]
+CVE-2008-4775 (Cross-site scripting (XSS) vulnerability in pmd_pdf.php in phpMyAdmin ...)
- phpmyadmin <unfixed> (low)
NOTE: http://www.securityfocus.com/archive/1/497815
CVE-2008-XXXX [programming error in blender can cause arbitrary code execution]
@@ -3037,7 +3047,7 @@
[etch] - yelp <not-affected> (Vulnerable code not present)
CVE-2008-3531 (Stack-based buffer overflow in sys/kern/vfs_mount.c in the kernel in ...)
- kfreebsd-7 7.0-5
-CVE-2008-3530 (sys/netinet6/icmp6.c in the kernel in FreeBSD 6.3 through 7.1 does not ...)
+CVE-2008-3530 (sys/netinet6/icmp6.c in the kernel in FreeBSD 6.3 through 7.1, NetBSD ...)
- kfreebsd-6 6.3-7
- kfreebsd-7 7.0-5
CVE-2008-3529 (Heap-based buffer overflow in the xmlParseAttValueComplex function in ...)
@@ -5993,9 +6003,11 @@
RESERVED
CVE-2008-2238 [OpenOffice EMF parser overflow]
RESERVED
+ {DSA-1661-1}
- openoffice.org 2.4.1-12
CVE-2008-2237 [OpenOffice WMF parser overflow]
RESERVED
+ {DSA-1661-1}
- openoffice.org 2.4.1-12
CVE-2008-2236 (Cross-site scripting (XSS) vulnerability in blosxom.cgi in Blosxom ...)
- blosxom 2.1.2-1 (low; bug #500873)
@@ -8712,7 +8724,7 @@
NOT-FOR-US: Podcast Generator
CVE-2008-1123 (Multiple PHP remote file inclusion vulnerabilities in SiteBuilder ...)
NOT-FOR-US: SiteBuilder
-CVE-2008-1122 (SQL injection vulnerability in index.php in Koobi Pro 5.7 allows ...)
+CVE-2008-1122 (SQL injection vulnerability in the downloads module in Koobi Pro 5.7 ...)
NOT-FOR-US: Koobi
CVE-2008-1121 (SQL injection vulnerability in index.php in eazyPortal 1.0 and earlier ...)
NOT-FOR-US: eazyPortal
More information about the Secure-testing-commits
mailing list