[Secure-testing-commits] r11033 - data/CVE

joeyh at alioth.debian.org joeyh at alioth.debian.org
Fri Jan 23 21:14:11 UTC 2009 

Author: joeyh
Date: 2009-01-23 21:14:11 +0000 (Fri, 23 Jan 2009)
New Revision: 11033

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-01-23 20:00:12 UTC (rev 11032)
+++ data/CVE/list	2009-01-23 21:14:11 UTC (rev 11033)
@@ -1,3 +1,23 @@
+CVE-2009-0259 (The Word processor in OpenOffice.org 1.1.2 through 1.1.5 allows ...)
+	TODO: check
+CVE-2009-0254 (Stack-based buffer overflow in easyHDR PRO 1.60.2 allows user-assisted ...)
+	TODO: check
+CVE-2009-0253 (Mozilla Firefox 3.0.5 allows remote attackers to trick a user into ...)
+	TODO: check
+CVE-2009-0252 (Multiple SQL injection vulnerabilities in default.asp in Enthrallweb ...)
+	TODO: check
+CVE-2009-0251 (Static code injection vulnerability in admin.php in Ryneezy phoSheezy ...)
+	TODO: check
+CVE-2009-0250 (Ryneezy phoSheezy 0.2 stores sensitive information under the web root ...)
+	TODO: check
+CVE-2009-0249 (Katy Whitton RankEm stores sensitive information under the web root ...)
+	TODO: check
+CVE-2009-0248 (Cross-site scripting (XSS) vulnerability in rankup.asp in Katy Whitton ...)
+	TODO: check
+CVE-2009-0247 (The server for 53KF Web IM 2009 Home, Professional, and Enterprise ...)
+	TODO: check
+CVE-2009-0246 (Stack-based buffer overflow in easyHDR PRO 1.60.2 allows user-assisted ...)
+	TODO: check
 CVE-2009-XXXX [tor buffer overflow]
 	- tor 0.2.0.33-1
 CVE-2009-0245 (Cross-site scripting (XSS) vulnerability in Usagi Project MyNETS ...)
@@ -60,13 +80,13 @@
 	NOT-FOR-US: Cant Find A Gaming CMS
 CVE-2008-5921 (SQL injection vulnerability in albums.php in Umer Inc Songs Portal ...)
 	NOT-FOR-US: Umer Inc Songs Portal
-CVE-2009-0255 [typo3: install tool]
+CVE-2009-0255 (The System extension Install tool in TYPO3 4.0.0 through 4.0.9, 4.1.0 ...)
 	- typo3-src 4.2.4-1
-CVE-2009-0256 [typo3: session fixation]
+CVE-2009-0256 (Session fixation vulnerability in the authentication library in TYPO3 ...)
 	- typo3-src 4.2.4-1
-CVE-2009-0257 [typo3: XSS]
+CVE-2009-0257 (Multiple cross-site scripting (XSS) vulnerabilities in TYPO3 4.0.0 ...)
 	- typo3-src 4.2.4-1
-CVE-2009-0258 [typo3: serch index]
+CVE-2009-0258 (Unspecified vulnerability in the Indexed Search Engine ...)
 	- typo3-src 4.2.4-1
 CVE-2009-0242 (Ganglia 3.1.1 allows remote attackers to cause a denial of service via ...)
 	- ganglia-monitor-core <not-affected> (Only affects 3.1.1 branch, currently in experimental under different name)
@@ -568,8 +588,8 @@
 	RESERVED
 CVE-2009-0058
 	RESERVED
-CVE-2009-0057
-	RESERVED
+CVE-2009-0057 (The Certificate Authority Proxy Function (CAPF) service in Cisco ...)
+	TODO: check
 CVE-2009-0056 (Cross-site request forgery (CSRF) vulnerability in the administration ...)
 	NOT-FOR-US: Cisco IronPort Encryption Appliance
 CVE-2009-0055 (Cross-site request forgery (CSRF) vulnerability in the administration ...)
@@ -1268,8 +1288,8 @@
 	RESERVED
 CVE-2009-0009
 	RESERVED
-CVE-2009-0008
-	RESERVED
+CVE-2009-0008 (Unspecified vulnerability in Apple QuickTime MPEG-2 Playback Component ...)
+	TODO: check
 CVE-2009-0007 (Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote ...)
 	TODO: check
 CVE-2009-0006 (Integer signedness error in Apple QuickTime before 7.6 allows remote ...)
@@ -1425,10 +1445,10 @@
 	RESERVED
 CVE-2008-5518
 	RESERVED
-CVE-2008-5517 (The web interface in git (gitweb) 1.5.5 and other versions allows ...)
+CVE-2008-5517 (The web interface in git (gitweb) 1.5.x before 1.5.5 allows remote ...)
 	{DSA-1708-1}
 	- git-core 1:1.5.6.5-2 (low; bug #512330)
-CVE-2008-5516 (The web interface in git (gitweb) 1.5.6, and possibly other versions, ...)
+CVE-2008-5516 (The web interface in git (gitweb) 1.5.x before 1.5.5 allows remote ...)
 	{DSA-1708-1}
 	- git-core 1:1.5.6-1
 CVE-2008-5515
@@ -5627,8 +5647,8 @@
 	RESERVED
 CVE-2008-3821 (Multiple cross-site scripting (XSS) vulnerabilities in the HTTP server ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2008-3820
-	RESERVED
+CVE-2008-3820 (Cisco Security Manager 3.1 and 3.2 before 3.2.2, when Cisco IPS Event ...)
+	TODO: check
 CVE-2008-3819 (dnsserver in Cisco Application Control Engine Global Site Selector ...)
 	NOT-FOR-US: Cisco Application Control Engine Global Site Selector (GSS)
 CVE-2008-3818 (Cisco ONS 15310-CL, 15310-MA, 15327, 15454, 15454 SDH, and 15600 with ...)
@@ -9081,8 +9101,7 @@
 	RESERVED
 CVE-2008-2385
 	RESERVED
-CVE-2008-2384 [mod-auth-mysq: SQL injection vulnerability]
-	RESERVED
+CVE-2008-2384 (SQL injection vulnerability in mod_auth_mysql.c in the mod-auth-mysql ...)
 	- mod-auth-mysql 4.3.9-11 (medium)
 CVE-2008-2383 (CRLF injection vulnerability in xterm allows user-assisted attackers ...)
 	{DSA-1694-1 DTSA-182-1}

More information about the Secure-testing-commits mailing list