[Secure-testing-commits] r12633 - data/CVE

Joey Hess joeyh at alioth.debian.org
Tue Aug 18 21:14:21 UTC 2009 

Author: joeyh
Date: 2009-08-18 21:14:20 +0000 (Tue, 18 Aug 2009)
New Revision: 12633

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-08-18 16:06:12 UTC (rev 12632)
+++ data/CVE/list	2009-08-18 21:14:20 UTC (rev 12633)
@@ -1,3 +1,189 @@
+CVE-2009-2843
+	RESERVED
+CVE-2009-2842
+	RESERVED
+CVE-2009-2841
+	RESERVED
+CVE-2009-2840
+	RESERVED
+CVE-2009-2839
+	RESERVED
+CVE-2009-2838
+	RESERVED
+CVE-2009-2837
+	RESERVED
+CVE-2009-2836
+	RESERVED
+CVE-2009-2835
+	RESERVED
+CVE-2009-2834
+	RESERVED
+CVE-2009-2833
+	RESERVED
+CVE-2009-2832
+	RESERVED
+CVE-2009-2831
+	RESERVED
+CVE-2009-2830
+	RESERVED
+CVE-2009-2829
+	RESERVED
+CVE-2009-2828
+	RESERVED
+CVE-2009-2827
+	RESERVED
+CVE-2009-2826
+	RESERVED
+CVE-2009-2825
+	RESERVED
+CVE-2009-2824
+	RESERVED
+CVE-2009-2823
+	RESERVED
+CVE-2009-2822
+	RESERVED
+CVE-2009-2821
+	RESERVED
+CVE-2009-2820
+	RESERVED
+CVE-2009-2819
+	RESERVED
+CVE-2009-2818
+	RESERVED
+CVE-2009-2817
+	RESERVED
+CVE-2009-2816
+	RESERVED
+CVE-2009-2815
+	RESERVED
+CVE-2009-2814
+	RESERVED
+CVE-2009-2813
+	RESERVED
+CVE-2009-2812
+	RESERVED
+CVE-2009-2811
+	RESERVED
+CVE-2009-2810
+	RESERVED
+CVE-2009-2809
+	RESERVED
+CVE-2009-2808
+	RESERVED
+CVE-2009-2807
+	RESERVED
+CVE-2009-2806
+	RESERVED
+CVE-2009-2805
+	RESERVED
+CVE-2009-2804
+	RESERVED
+CVE-2009-2803
+	RESERVED
+CVE-2009-2802
+	RESERVED
+CVE-2009-2801
+	RESERVED
+CVE-2009-2800
+	RESERVED
+CVE-2009-2799
+	RESERVED
+CVE-2009-2798
+	RESERVED
+CVE-2009-2797
+	RESERVED
+CVE-2009-2796
+	RESERVED
+CVE-2009-2795
+	RESERVED
+CVE-2009-2794
+	RESERVED
+CVE-2009-2793
+	RESERVED
+CVE-2009-2792 (Directory traversal vulnerability in plugings/pagecontent.php in ...)
+	TODO: check
+CVE-2009-2791 (PHP remote file inclusion vulnerability in pda_projects.php in ...)
+	TODO: check
+CVE-2009-2790 (SQL injection vulnerability in cat_products.php in SoftBiz Dating ...)
+	TODO: check
+CVE-2009-2789 (SQL injection vulnerability in the Permis (com_groups) component 1.0 ...)
+	TODO: check
+CVE-2009-2788 (Multiple SQL injection vulnerabilities in Mobilelib GOLD 3 allow ...)
+	TODO: check
+CVE-2009-2787 (Directory traversal vulnerability in ...)
+	TODO: check
+CVE-2009-2786 (SQL injection vulnerability in reputation.php in the Reputation plugin ...)
+	TODO: check
+CVE-2009-2785 (Multiple cross-site scripting (XSS) vulnerabilities in PHP Open ...)
+	TODO: check
+CVE-2009-2784 (Multiple directory traversal vulnerabilities in dit.cms 1.3, when ...)
+	TODO: check
+CVE-2009-2783 (Multiple cross-site scripting (XSS) vulnerabilities in XOOPS 2.3.3 ...)
+	TODO: check
+CVE-2009-2782 (SQL injection vulnerability in the JFusion (com_jfusion) component for ...)
+	TODO: check
+CVE-2009-2781 (SQL injection vulnerability in forum.php in Arab Portal 2.x, when ...)
+	TODO: check
+CVE-2009-2780 (Multiple cross-site scripting (XSS) vulnerabilities in 68 Classifieds ...)
+	TODO: check
+CVE-2009-2779 (SQL injection vulnerability in index.php in AJ Matrix DNA allows ...)
+	TODO: check
+CVE-2008-7003 (Multiple SQL injection vulnerabilities in login.php in The Rat CMS ...)
+	TODO: check
+CVE-2008-7002 (PHP 5.2.5 does not enforce (a) open_basedir and (b) safe_mode_exec_dir ...)
+	TODO: check
+CVE-2008-7001 (Unrestricted file upload vulnerability in the file manager in Creative ...)
+	TODO: check
+CVE-2008-7000 (PHP remote file inclusion vulnerability in index.php in PHPAuction 3.2 ...)
+	TODO: check
+CVE-2008-6999 (phpAuction 3.2, and possibly 3.3.0 GPL Basic edition, allows remote ...)
+	TODO: check
+CVE-2008-6998 (Stack-based buffer overflow in chrome/common/gfx/url_elider.cc in ...)
+	TODO: check
+CVE-2008-6997 (Google Chrome 0.2.149.27 allows user-assisted remote attackers to ...)
+	TODO: check
+CVE-2008-6996 (Google Chrome BETA (0.2.149.27) does not prompt the user before saving ...)
+	TODO: check
+CVE-2008-6995 (Integer underflow in net/base/escape.cc in chrome.dll in Google Chrome ...)
+	TODO: check
+CVE-2008-6994 (Stack-based buffer overflow in the SaveAs feature ...)
+	TODO: check
+CVE-2008-6993 (Siemens Gigaset WLAN Camera 1.27 has an insecure default password, ...)
+	TODO: check
+CVE-2008-6992 (GreenSQL Firewall (greensql-fw), possibly before 0.9.2 or 0.9.4, ...)
+	TODO: check
+CVE-2008-6991 (SQL injection vulnerability in public/page.php in Websens CMSbright ...)
+	TODO: check
+CVE-2008-6990 (SQL injection vulnerability in gallery.php in Easy Photo Gallery (aka ...)
+	TODO: check
+CVE-2008-6989 (SQL injection vulnerability in gallery.php in Easy Photo Gallery (aka ...)
+	TODO: check
+CVE-2008-6988 (Multiple cross-site scripting (XSS) vulnerabilities in Easy Photo ...)
+	TODO: check
+CVE-2008-6987 (Unrestricted file upload vulnerability in eZoneScripts Dating Website ...)
+	TODO: check
+CVE-2008-6986 (SQL injection vulnerability in the actionMultipleAddProduct function ...)
+	TODO: check
+CVE-2008-6985 (Multiple SQL injection vulnerabilities in ...)
+	TODO: check
+CVE-2008-6984 (Plesk 8.6.0, when short mail login names (SHORTNAMES) are enabled, ...)
+	TODO: check
+CVE-2008-6983 (modules/tool/hitcounter.php in devalcms 1.4a allows remote attackers ...)
+	TODO: check
+CVE-2008-6982 (Cross-site scripting (XSS) vulnerability in index.php in devalcms 1.4a ...)
+	TODO: check
+CVE-2008-6981 (index.php in phpAdultSite CMS, possibly 2.3.2, allows remote attackers ...)
+	TODO: check
+CVE-2008-6980 (SQL injection vulnerability in as_archives.php in phpAdultSite CMS, ...)
+	TODO: check
+CVE-2008-6979 (Cross-site scripting (XSS) vulnerability in as_archives.php in ...)
+	TODO: check
+CVE-2008-6978 (Unrestricted file upload vulnerability in Full Revolution aspWebAlbum ...)
+	TODO: check
+CVE-2008-6977 (Cross-site scripting (XSS) vulnerability in album.asp in Full ...)
+	TODO: check
+CVE-2008-6976 (MicroTik RouterOS 3.x through 3.13 and 2.x through 2.9.51 allows ...)
+	TODO: check
 CVE-2009-2778 (Cross-site scripting (XSS) vulnerability in visitor/view.php in ...)
 	NOT-FOR-US: GarageSales script
 CVE-2009-2777 (SQL injection vulnerability in visitor/view.php in GarageSales Script ...)
@@ -16494,7 +16680,7 @@
 	NOT-FOR-US: Microsoft Windows Media Player
 CVE-2008-3008 (Stack-based buffer overflow in the WMEncProfileManager ActiveX control ...)
 	NOT-FOR-US: Microsoft Windows Media Encoder
-CVE-2008-3007 (Microsoft Office XP SP3, 2003 SP2 and SP3, 2007 Office System Gold and ...)
+CVE-2008-3007 (Argument injection vulnerability in a URI handler in Microsoft Office ...)
 	NOT-FOR-US: Microsoft Office XP
 CVE-2008-3006 (Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP2 and SP3, and 2007 ...)
 	NOT-FOR-US: Microsoft Office Excel
@@ -49296,7 +49482,7 @@
 	NOT-FOR-US: BLOG:CMS
 CVE-2006-3363 (PHP remote file inclusion vulnerability in index.php in the Glossaire ...)
 	NOT-FOR-US: Glossaire for Xoops
-CVE-2006-3362 (connectors/php/connector.php in FCKeditor mcpuk file manager, as used ...)
+CVE-2006-3362 (Unrestricted file upload vulnerability in connectors/php/connector.php ...)
 	- knowledgeroot <not-affected> (fixed before first upload; see bug #381912)
 CVE-2006-3361 (PHP remote file inclusion vulnerability in Stud.IP 1.3.0-2 and ...)
 	NOT-FOR-US: Stud.IP

More information about the Secure-testing-commits mailing list