[Secure-testing-commits] r11244 - data/CVE
joeyh at alioth.debian.org
joeyh at alioth.debian.org
Fri Feb 20 21:14:12 UTC 2009
Author: joeyh
Date: 2009-02-20 21:14:11 +0000 (Fri, 20 Feb 2009)
New Revision: 11244
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-02-19 22:33:33 UTC (rev 11243)
+++ data/CVE/list 2009-02-20 21:14:11 UTC (rev 11244)
@@ -1,3 +1,99 @@
+CVE-2009-0648 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
+ TODO: check
+CVE-2009-0647 (msnmsgr.exe in Windows Live Messenger (WLM) 2009 build 14.0.8064.206, ...)
+ TODO: check
+CVE-2008-6212 (Cross-site scripting (XSS) vulnerability in admin.php in Php-Stats ...)
+ TODO: check
+CVE-2008-6211 (Multiple cross-site scripting (XSS) vulnerabilities in PhpForums.net ...)
+ TODO: check
+CVE-2008-6210 (SQL injection vulnerability in index.php in dream4 Koobi 4.4 and 5.4 ...)
+ TODO: check
+CVE-2008-6209 (SQL injection vulnerability in view_product.php in Vastal I-Tech ...)
+ TODO: check
+CVE-2008-6208 (Cross-site scripting (XSS) vulnerability in submitnews.php in e107 CMS ...)
+ TODO: check
+CVE-2008-6207 (Unrestricted file upload vulnerability in form_upload.php in PHPG ...)
+ TODO: check
+CVE-2008-6206 (Multiple PHP remote file inclusion vulnerabilities in RobotStats 0.1 ...)
+ TODO: check
+CVE-2008-6205 (Cross-site scripting (XSS) vulnerability in seeurl.php in Xavier ...)
+ TODO: check
+CVE-2008-6204 (Multiple SQL injection vulnerabilities in SuperNET Shop 1.0 and ...)
+ TODO: check
+CVE-2008-6203 (SQL injection vulnerability in adminler.asp in CoBaLT 2.0 allows ...)
+ TODO: check
+CVE-2008-6202 (SQL injection vulnerability in CoBaLT 1.0 allows remote attackers to ...)
+ TODO: check
+CVE-2008-6201 (Directory traversal vulnerability in help.php in the eskuel module in ...)
+ TODO: check
+CVE-2008-6200 (Multiple cross-site scripting (XSS) vulnerabilities in Swiki 1.5 allow ...)
+ TODO: check
+CVE-2008-6199 (2532designs 2532|Gigs 1.2.2 and earlier allows remote attackers to ...)
+ TODO: check
+CVE-2008-6198 (SQL injection vulnerability in pages.php in Custom Pages 1.0 plugin ...)
+ TODO: check
+CVE-2008-6197 (SQL injection vulnerability in index.php in the galerie module for ...)
+ TODO: check
+CVE-2008-6196 (Multiple PHP remote file inclusion vulnerabilities in Philippe CROCHAT ...)
+ TODO: check
+CVE-2008-6195 (Directory traversal vulnerability in the PXE TFTP Service ...)
+ TODO: check
+CVE-2008-6194 (Memory leak in the DNS server in Microsoft Windows allows remote ...)
+ TODO: check
+CVE-2008-6193 (Sam Crew MyBlog stores passwords in cleartext in a MySQL database, ...)
+ TODO: check
+CVE-2008-6192 (Multiple cross-site scripting (XSS) vulnerabilities in unspecified ...)
+ TODO: check
+CVE-2008-6191 (Conductor.exe in Intrinsic Swimage Encore before 5.0.1.21 contains a ...)
+ TODO: check
+CVE-2008-6190 (Cross-site scripting (XSS) vulnerability in index.php in EEBCMS 0.95 ...)
+ TODO: check
+CVE-2008-6189 (SQL injection vulnerability in GForge 4.5.19 allows remote attackers ...)
+ TODO: check
+CVE-2008-6188 (SQL injection vulnerability in people/editprofile.php in Gforge 4.6 ...)
+ TODO: check
+CVE-2008-6187 (SQL injection vulnerability in frs/shownotes.php in Gforge 4.5.19 and ...)
+ TODO: check
+CVE-2008-6186 (Stack-based buffer overflow in RaidenFTPD 2.4 build 3620 allows remote ...)
+ TODO: check
+CVE-2008-6185 (NoticeWare Email Server NG 5.1.2.2 allows remote attackers to cause a ...)
+ TODO: check
+CVE-2008-6184 (SQL injection vulnerability in the OwnBiblio (com_ownbiblio) component ...)
+ TODO: check
+CVE-2008-6183 (Multiple directory traversal vulnerabilities in index.php in My PHP ...)
+ TODO: check
+CVE-2008-6182 (SQL injection vulnerability in the Ignite Gallery (com_ignitegallery) ...)
+ TODO: check
+CVE-2008-6181 (SQL injection vulnerability in the Mad4Joomla Mailforms ...)
+ TODO: check
+CVE-2008-6180 (SQL injection vulnerability in system/nlb_user.class.php in NewLife ...)
+ TODO: check
+CVE-2008-6179 (SQL injection vulnerability in sug_cat.php in IndexScript 3.0 allows ...)
+ TODO: check
+CVE-2008-6178 (Unrestricted file upload vulnerability in ...)
+ TODO: check
+CVE-2008-6177 (Multiple directory traversal vulnerabilities in LightBlog 9.8, when ...)
+ TODO: check
+CVE-2008-6176 (bootstrap.inc in Drupal 5.x before 5.12 and 6.x before 6.6, when the ...)
+ TODO: check
+CVE-2008-6175 (SilverSHielD 1.0.2.34 allows remote attackers to cause a denial of ...)
+ TODO: check
+CVE-2008-6174 (Cross-site scripting (XSS) vulnerability in admin/postlister/index.php ...)
+ TODO: check
+CVE-2008-6173 (Cross-site scripting (XSS) vulnerability in fullscreen.php in ...)
+ TODO: check
+CVE-2008-6172 (Directory traversal vulnerability in captcha/captcha_image.php in the ...)
+ TODO: check
+CVE-2008-6171 (Drupal 5.x before 5.12 and 6.x before 6.6, when the server is ...)
+ TODO: check
+CVE-2008-6170 (Cross-site scripting (XSS) vulnerability in Drupal 5.x before 5.12 and ...)
+ TODO: check
+CVE-2008-6169 (Cross-site request forgery (CSRF) vulnerability in the Localization ...)
+ TODO: check
+CVE-2008-6168 (Cross-site scripting (XSS) vulnerability in search.php in miniPortail ...)
+ TODO: check
+CVE-2008-6167 (Directory traversal vulnerability in search.php in miniPortail 2.2 and ...)
+ TODO: check
CVE-2009-0646 (Multiple SQL injection vulnerabilities in 4Site CMS 2.6 and earlier ...)
NOT-FOR-US: 4Site CMS
CVE-2009-0645 (Directory traversal vulnerability in index.php in Jaws 0.8.8 allows ...)
@@ -5621,8 +5717,8 @@
NOT-FOR-US: Gentoo package manager Portage
CVE-2008-4393 (Cross-site scripting (XSS) vulnerability in VeriSign Kontiki Delivery ...)
NOT-FOR-US: VeriSign Kontiki
-CVE-2008-4392
- RESERVED
+CVE-2008-4392 (dnscache in Daniel J. Bernstein djbdns 1.05 does not prevent ...)
+ TODO: check
CVE-2008-4391 (Stack-based buffer overflow in the SetSource method in the ...)
NOT-FOR-US: Cisco Linksys WVC54GC
CVE-2008-4390 (The Cisco Linksys WVC54GC wireless video camera before firmware 1.25 ...)
@@ -6032,7 +6128,7 @@
RESERVED
CVE-2008-4212 (Unspecified vulnerability in rlogind in the rlogin component in Mac OS ...)
NOT-FOR-US: MacOS-only issue
-CVE-2008-4211 (nteger signedness error in (1) QuickLook in Apple Mac OS X 10.5.5 and ...)
+CVE-2008-4211 (Integer signedness error in (1) QuickLook in Apple Mac OS X 10.5.5 and ...)
NOT-FOR-US: QuickLook Mac OS X
CVE-2008-4210 (fs/open.c in the Linux kernel before 2.6.22 does not properly strip ...)
{DSA-1653-1}
@@ -11758,7 +11854,7 @@
CVE-2008-1834 (swfdec_load_object.c in Swfdec before 0.6.4 does not properly restrict ...)
- swfdec0.6 0.6.4-1 (low)
- swfdec0.5 <removed> (low; bug #477037)
-CVE-2008-1833 (Heap-based buffer overflow in libclamav in ClamAV 0.92.1 allows remote ...)
+CVE-2008-1833 (Heap-based buffer overflow in pe.c in libclamav in ClamAV 0.92.1 ...)
{DSA-1549-1}
- clamav 0.92.1~dfsg2-1.1 (medium; bug #476694)
CVE-2007-6713 (Unspecified vulnerability in Flip4Mac WMV before 2.2.0.49 has unknown ...)
More information about the Secure-testing-commits
mailing list