[Secure-testing-commits] r11183 - data/CVE
joeyh at alioth.debian.org
joeyh at alioth.debian.org
Tue Feb 10 21:14:13 UTC 2009
Author: joeyh
Date: 2009-02-10 21:14:12 +0000 (Tue, 10 Feb 2009)
New Revision: 11183
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-02-10 21:11:27 UTC (rev 11182)
+++ data/CVE/list 2009-02-10 21:14:12 UTC (rev 11183)
@@ -1,4 +1,60 @@
-CVE-2009-0489 [insecure dbus policy in wicd]
+CVE-2009-0502 (Cross-site scripting (XSS) vulnerability in blocks/html/block_html.php ...)
+ TODO: check
+CVE-2009-0501 (Unspecified vulnerability in the Calendar export feature in Moodle 1.8 ...)
+ TODO: check
+CVE-2009-0500 (Cross-site scripting (XSS) vulnerability in course/lib.php in Moodle ...)
+ TODO: check
+CVE-2009-0499 (Cross-site request forgery (CSRF) vulnerability in the forum code in ...)
+ TODO: check
+CVE-2009-0498 (Virtual GuestBook (vgbook) 2.1 stores sensitive information under the ...)
+ TODO: check
+CVE-2009-0497 (Directory traversal vulnerability in log.jsp in Ignite Realtime ...)
+ TODO: check
+CVE-2009-0496 (Multiple cross-site scripting (XSS) vulnerabilities in Ignite Realtime ...)
+ TODO: check
+CVE-2009-0495 (PHP remote file inclusion vulnerability in include/define.php in ...)
+ TODO: check
+CVE-2009-0494 (SQL injection vulnerability in the Portfol (com_portfol) 1.2 component ...)
+ TODO: check
+CVE-2009-0493 (SQL injection vulnerability in login.php in IT!CMS 2.1a and earlier ...)
+ TODO: check
+CVE-2009-0492 (Unspecified vulnerability in SimpleIrcBot before 1.0 Stable has ...)
+ TODO: check
+CVE-2009-0491 (Stack-based buffer overflow in Elecard MPEG Player 5.5 build ...)
+ TODO: check
+CVE-2009-0488 (Cross-site scripting (XSS) vulnerability in Phorum before 5.2.10 ...)
+ TODO: check
+CVE-2009-0486 (Bugzilla 3.2.1, 3.0.7, and 3.3.2, when running under mod_perl, calls ...)
+ TODO: check
+CVE-2009-0485 (Cross-site request forgery (CSRF) vulnerability in Bugzilla 2.17 to ...)
+ TODO: check
+CVE-2009-0484 (Cross-site request forgery (CSRF) vulnerability in Bugzilla 3.0 before ...)
+ TODO: check
+CVE-2009-0483 (Cross-site request forgery (CSRF) vulnerability in Bugzilla 2.22 ...)
+ TODO: check
+CVE-2009-0482 (Cross-site request forgery (CSRF) vulnerability in Bugzilla before 3.2 ...)
+ TODO: check
+CVE-2009-0481 (Bugzilla 2.x before 2.22.7, 3.0 before 3.0.7, 3.2 before 3.2.1, and ...)
+ TODO: check
+CVE-2009-0480 (The IP implementation in Sun Solaris 8 through 10, and OpenSolaris ...)
+ TODO: check
+CVE-2008-6098 (Bugzilla 3.2 before 3.2 RC2, 3.0 before 3.0.6, 2.22 before 2.22.6, ...)
+ TODO: check
+CVE-2008-6097 (Multiple cross-site scripting (XSS) vulnerabilities in WikyBlog before ...)
+ TODO: check
+CVE-2008-6096 (Cross-site scripting (XSS) vulnerability in Juniper NetScreen ScreenOS ...)
+ TODO: check
+CVE-2008-6095 (Cross-site scripting (XSS) vulnerability in surveillanceView.htm in ...)
+ TODO: check
+CVE-2008-6094 (Cross-site scripting (XSS) vulnerability in user.do in Celoxis ...)
+ TODO: check
+CVE-2008-6093 (SQL injection vulnerability in index.php in Noname CMS 1.0, when ...)
+ TODO: check
+CVE-2008-6092 (phpscripts Ranking Script allows remote attackers to bypass ...)
+ TODO: check
+CVE-2008-6091 (SQL injection vulnerability in plugins.php in BMForum 5.6, when ...)
+ TODO: check
+CVE-2009-0489 (The DBus configuration file for Wicd before 1.5.9 allows arbitrary ...)
- wicd 1.5.9-1
CVE-2009-XXXX [typo3 information disclosure & xss]
- typo3-src 4.2.6-1 (medium; bug #514713)
@@ -420,7 +476,7 @@
NOT-FOR-US: QuidaScript BookMarks Favourites Script
CVE-2008-6006 (Multiple PHP remote file inclusion vulnerabilities in Micronation ...)
NOT-FOR-US: Micronation Banking System
-CVE-2009-0487 [mahara: XSS in forum posts]
+CVE-2009-0487 (Cross-site scripting (XSS) vulnerability in Mahara before 1.0.9 allows ...)
- mahara 1.0.9-1 (low)
[lenny] - mahara 1.0.4-4
CVE-2009-0478 (Squid 2.7 to 2.7.STABLE5, 3.0 to 3.0.STABLE12, and 3.1 to 3.1.0.4 ...)
@@ -436,7 +492,8 @@
- bugzilla <unfixed> (bug #514143)
CVE-2009-XXXX [glpi sql injection]
- glpi 0.71.5-1 (bug #513611)
-CVE-2009-0490 [buffer overflow]
+CVE-2009-0490 (Stack-based buffer overflow in the String_parse::get_nonspace_quoted ...)
+ {DTSA-192-1}
- audacity 1.3.6-1 (bug #514138)
NOTE: http://www.milw0rm.com/exploits/7634
NOTE: https://bugs.gentoo.org/show_bug.cgi?id=253493
More information about the Secure-testing-commits
mailing list