[Secure-testing-commits] r11064 - data/CVE

joeyh at alioth.debian.org joeyh at alioth.debian.org
Tue Jan 27 21:14:20 UTC 2009 

Author: joeyh
Date: 2009-01-27 21:14:19 +0000 (Tue, 27 Jan 2009)
New Revision: 11064

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-01-27 19:07:35 UTC (rev 11063)
+++ data/CVE/list	2009-01-27 21:14:19 UTC (rev 11064)
@@ -1,53 +1,69 @@
+CVE-2009-0276
+	RESERVED
+CVE-2009-0274
+	RESERVED
+CVE-2009-0273
+	RESERVED
+CVE-2009-0272
+	RESERVED
+CVE-2009-0269 (fs/ecryptfs/inode.c in the eCryptfs subsystem in the Linux kernel ...)
+	TODO: check
+CVE-2009-0265 (Internet Systems Consortium (ISC) BIND 9.6.0 and earlier does not ...)
+	TODO: check
+CVE-2008-5968 (Directory traversal vulnerability in print.php in PHP iCalendar 2.24 ...)
+	TODO: check
+CVE-2008-5967 (admin/index.php in PHP iCalendar 2.3.4, 2.24, and earlier does not ...)
+	TODO: check
 CVE-2009-XXXX [sudo: privilege escalation]
-       - sudo 1.6.9p17-2 (medium)
-       [etch] - sudo <not-affected> (Vulnerable code not present)
-CVE-2009-0278
+	- sudo 1.6.9p17-2 (medium)
+	[etch] - sudo <not-affected> (Vulnerable code not present)
+CVE-2009-0278 (Sun Java System Application Server (AS) 8.1 and 8.2 allows remote ...)
 	NOT-FOR-US: Sun Java System Application Server (AS)
-CVE-2009-0277
+CVE-2009-0277 (Unspecified vulnerability in the kernel in OpenSolaris snv_100 through ...)
 	NOT-FOR-US: OpenSolaris
-CVE-2009-0275
+CVE-2009-0275 (Static code injection vulnerability in admin.php in Ryneezy phoSheezy ...)
 	NOT-FOR-US: Ryneezy phoSheezy
-CVE-2009-0271
+CVE-2009-0271 (Directory traversal vulnerability in the TFTP service in Fujitsu ...)
 	NOT-FOR-US: Fujitsu SystemcastWizard Lite
-CVE-2009-0270
+CVE-2009-0270 (Stack-based buffer overflow in PXEService.exe in Fujitsu ...)
 	NOT-FOR-US: Fujitsu SystemcastWizard Lite
-CVE-2009-0268
+CVE-2009-0268 (Race condition in the pseudo-terminal (aka pty) driver module in Sun ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2009-0267
+CVE-2009-0267 (libike in Sun Solaris 9 and 10, and OpenSolaris before snv_100, does ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2009-0266
+CVE-2009-0266 (Stack-based buffer overflow in Triologic Media Player 8.0.0.0 allows ...)
 	NOT-FOR-US: Triologic Media Player
-CVE-2009-0264
+CVE-2009-0264 (Buffer overflow in the Registry Setting Tool in Fujitsu ...)
 	NOT-FOR-US: Fujitsu SystemcastWizard Lite
-CVE-2008-5981
+CVE-2008-5981 (PacPoll 4.0 stores sensitive information under the web root with ...)
 	NOT-FOR-US: PacPoll
-CVE-2008-5980
+CVE-2008-5980 (Ocean12 Mailing List Manager Gold stores sensitive data under the web ...)
 	NOT-FOR-US: Ocean12 Mailing List Manager Gold
-CVE-2008-5979
+CVE-2008-5979 (Cross-site scripting (XSS) vulnerability in default.asp in Ocean12 ...)
 	NOT-FOR-US: Ocean12 Mailing List Manager Gold
-CVE-2008-5978
+CVE-2008-5978 (Multiple SQL injection vulnerabilities in Ocean12 Mailing List Manager ...)
 	NOT-FOR-US: Ocean12 Mailing List Manager Gold
-CVE-2008-5977
+CVE-2008-5977 (SQL injection vulnerability in siteadmin/forgot.php in PHP JOBWEBSITE ...)
 	NOT-FOR-US: PHP JOBWEBSITE PRO
-CVE-2008-5976
+CVE-2008-5976 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
 	NOT-FOR-US: PHP JOBWEBSITE PRO
-CVE-2008-5975
+CVE-2008-5975 (SQL injection vulnerability in links.asp in Active Price Comparison ...)
 	NOT-FOR-US: Active Price Comparison
-CVE-2008-5974
+CVE-2008-5974 (Multiple SQL injection vulnerabilities in login.aspx in Active Price ...)
 	NOT-FOR-US: Active Price Comparison
-CVE-2008-5973
+CVE-2008-5973 (SQL injection vulnerability in login.aspx in Active Web Mail 4.0 ...)
 	NOT-FOR-US: Active Web Mail
-CVE-2008-5972
+CVE-2008-5972 (SQL injection vulnerability in default.asp in Active Business ...)
 	NOT-FOR-US: Active Business Directory
-CVE-2008-5971
+CVE-2008-5971 (Cross-site scripting (XSS) vulnerability in profile_social.php in ...)
 	NOT-FOR-US: i-Net Solution Orkut Clone
-CVE-2008-5970
+CVE-2008-5970 (SQL injection vulnerability in profile_social.php in i-Net Solution ...)
 	NOT-FOR-US: i-Net Solution Orkut Clone
-CVE-2008-5969
+CVE-2008-5969 (SQL injection vulnerability in popupproduct.php in Sunbyte e-Flower ...)
 	NOT-FOR-US: Sunbyte e-Flower
-CVE-2008-5966
+CVE-2008-5966 (globsy_edit.php in Globsy 1.0 and earlier allows remote attackers to ...)
 	NOT-FOR-US: Globsy
-CVE-2008-5965
+CVE-2008-5965 (Directory traversal vulnerability in index.php in LokiCMS 0.3.4 and ...)
 	NOT-FOR-US: LokiCMS
 CVE-2009-0263 (Multiple buffer overflows in Winamp 5.541 and earlier allow remote ...)
 	NOT-FOR-US: Winamp
@@ -2285,7 +2301,7 @@
 	NOTE: fix for 1.7.5-3 incomplete, see #512122
 CVE-2008-5261
 	RESERVED
-CVE-2008-5260
+CVE-2008-5260 (Heap-based buffer overflow in the CamImage.CamImage.1 ActiveX control ...)
 	NOT-FOR-US: ActiveX
 CVE-2008-5259
 	RESERVED

More information about the Secure-testing-commits mailing list