[Secure-testing-commits] r11056 - data/CVE
joeyh at alioth.debian.org
joeyh at alioth.debian.org
Mon Jan 26 21:14:15 UTC 2009
Author: joeyh
Date: 2009-01-26 21:14:14 +0000 (Mon, 26 Jan 2009)
New Revision: 11056
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-01-26 21:11:34 UTC (rev 11055)
+++ data/CVE/list 2009-01-26 21:14:14 UTC (rev 11056)
@@ -1,3 +1,45 @@
+CVE-2009-0263 (Multiple buffer overflows in Winamp 5.541 and earlier allow remote ...)
+ TODO: check
+CVE-2009-0262 (Stack-based buffer overflow in Triologic Media Player 7 and 8.0.0.0 ...)
+ TODO: check
+CVE-2009-0261 (Stack-based buffer overflow in EffectMatrix Total Video Player 1.31 ...)
+ TODO: check
+CVE-2009-0260 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+ TODO: check
+CVE-2008-5964 (Session fixation vulnerability in Social ImpressCMS before 1.1.1 RC1 ...)
+ TODO: check
+CVE-2008-5963 (Eval injection vulnerability in library/setup/rpc.php in Gravity ...)
+ TODO: check
+CVE-2008-5962 (Directory traversal vulnerability in library/setup/rpc.php in Gravity ...)
+ TODO: check
+CVE-2008-5961 (Cross-site scripting (XSS) vulnerability in index.php in Tribiq CMS ...)
+ TODO: check
+CVE-2008-5960 (SQL injection vulnerability in index.php in Tribiq CMS Community ...)
+ TODO: check
+CVE-2008-5959 (Multiple SQL injection vulnerabilities in start.asp in Active Test 2.1 ...)
+ TODO: check
+CVE-2008-5958 (Multiple SQL injection vulnerabilities in Active Test 2.1 allow remote ...)
+ TODO: check
+CVE-2008-5957 (SQL injection vulnerability in the Mydyngallery (com_mydyngallery) ...)
+ TODO: check
+CVE-2008-5956 (Wbstreet (aka PHPSTREET Webboard) 1.0 stores sensitive information ...)
+ TODO: check
+CVE-2008-5955 (SQL injection vulnerability in show.php in Wbstreet (aka PHPSTREET ...)
+ TODO: check
+CVE-2008-5954 (SQL injection vulnerability in KTP Computer Customer Database (KTPCCD) ...)
+ TODO: check
+CVE-2008-5953 (Directory traversal vulnerability in KTP Computer Customer Database ...)
+ TODO: check
+CVE-2008-5952 (SQL injection vulnerability in KTP Computer Customer Database (KTPCCD) ...)
+ TODO: check
+CVE-2008-5951 (ASP Template Creature stores sensitive information under the web root ...)
+ TODO: check
+CVE-2008-5950 (SQL injection vulnerability in media/media_level.asp in ASP Template ...)
+ TODO: check
+CVE-2008-5949 (Multiple PHP remote file inclusion vulnerabilities in ccTiddly 1.7.4 ...)
+ TODO: check
+CVE-2008-5948 (Directory traversal vulnerability in index.php in BNCwi 1.04 and ...)
+ TODO: check
CVE-2009-XXXX [QuickTime Processing Vulnerabilities in GStreamer Good Plug-ins]
- gst-plugins-good0.10 0.10.13-1 (bug #512818)
CVE-2009-0259 (The Word processor in OpenOffice.org 1.1.2 through 1.1.5 allows ...)
@@ -87,12 +129,16 @@
CVE-2008-5921 (SQL injection vulnerability in albums.php in Umer Inc Songs Portal ...)
NOT-FOR-US: Umer Inc Songs Portal
CVE-2009-0255 (The System extension Install tool in TYPO3 4.0.0 through 4.0.9, 4.1.0 ...)
+ {DSA-1711-1}
- typo3-src 4.2.4-1
CVE-2009-0256 (Session fixation vulnerability in the authentication library in TYPO3 ...)
+ {DSA-1711-1}
- typo3-src 4.2.4-1
CVE-2009-0257 (Multiple cross-site scripting (XSS) vulnerabilities in TYPO3 4.0.0 ...)
+ {DSA-1711-1}
- typo3-src 4.2.4-1
CVE-2009-0258 (Unspecified vulnerability in the Indexed Search Engine ...)
+ {DSA-1711-1}
- typo3-src 4.2.4-1
CVE-2009-0242 (Ganglia 3.1.1 allows remote attackers to cause a denial of service via ...)
- ganglia-monitor-core <not-affected> (Only affects 3.1.1 branch, currently in experimental under different name)
@@ -240,6 +286,7 @@
CVE-2008-5917 (Cross-site scripting (XSS) vulnerability in the XSS filter ...)
- horde3 <unfixed> (bug #512592)
CVE-2008-5916 (gitweb/gitweb.perl in gitweb in Git 1.6.x before 1.6.0.6, 1.5.6.x ...)
+ {DSA-1708-1}
- git-core 1:1.5.6.5-2 (low)
CVE-2008-5915 (An unspecified function in the JavaScript implementation in Google ...)
NOT-FOR-US: Google
@@ -356,6 +403,7 @@
CVE-2009-0129 (libcrypt-openssl-dsa-perl does not properly check the return value ...)
- libcrypt-openssl-dsa-perl <unfixed> (bug #511519)
CVE-2009-0128 (plugins/crypto/openssl/crypto_openssl.c in Simple Linux Utility for ...)
+ {DTSA-185-1}
- slurm-llnl 1.3.13-1 (bug #511511)
CVE-2009-0127 (** DISPUTED ** M2Crypto does not properly check the return value from ...)
- m2crypto <unfixed> (bug #511515)
@@ -1257,7 +1305,7 @@
RESERVED
CVE-2009-0026 (Multiple cross-site scripting (XSS) vulnerabilities in Apache ...)
TODO: check
-CVE-2009-0025 (BIND 9.4.3 and earlier does not properly check the return value from ...)
+CVE-2009-0025 (BIND 9.6.0, 9.5.1, 9.5.0, 9.4.3, and earlier does not properly check ...)
{DSA-1703-1}
- bind9 <unfixed> (low; bug #511936)
NOTE: unlike the advisory states it is DSA_do_verify not DSA_verify
@@ -2659,7 +2707,7 @@
{DSA-1670-1}
- enscript 1.6.4-13 (bug #506261)
CVE-2008-5077 (OpenSSL 0.9.8i and earlier does not properly check the return value ...)
- {DSA-1701-1 DTSA-185-1}
+ {DSA-1701-1}
- openssl 0.9.8g-15
CVE-2008-5075 (Multiple SQL injection vulnerabilities in E-Uploader Pro 1.0 (aka ...)
NOT-FOR-US: E-Uploader Pro
More information about the Secure-testing-commits
mailing list