[Secure-testing-commits] r12314 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Thu Jul 9 21:14:35 UTC 2009
Author: joeyh
Date: 2009-07-09 21:14:35 +0000 (Thu, 09 Jul 2009)
New Revision: 12314
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-07-09 17:14:05 UTC (rev 12313)
+++ data/CVE/list 2009-07-09 21:14:35 UTC (rev 12314)
@@ -1,44 +1,56 @@
-CVE-2009-2385
+CVE-2009-2386
+ RESERVED
+CVE-2009-2374 (Drupal 5.x before 5.19 and 6.x before 6.13 does not properly sanitize ...)
+ TODO: check
+CVE-2009-2373 (Cross-site scripting (XSS) vulnerability in the Forum module in Drupal ...)
+ TODO: check
+CVE-2009-2372 (Drupal 6.x before 6.13 does not prevent users from modifying user ...)
+ TODO: check
+CVE-2009-2369 (Integer overflow in the wxImage::Create function in ...)
+ TODO: check
+CVE-2009-2360 (Cross-site scripting (XSS) vulnerability in passwd/main.php in the ...)
+ TODO: check
+CVE-2009-2385 (SQL injection vulnerability in the awardsMembers function in ...)
NOT-FOR-US: Member Awards component for Simple Machines Forum
-CVE-2009-2384
+CVE-2009-2384 (Buffer overflow in amp.exe in Brothersoft PEamp 1.02b allows ...)
NOT-FOR-US: Brothersoft PEamp
-CVE-2009-2383
+CVE-2009-2383 (SQL injection vulnerability in BTE_RW_webajax.php in the Related Sites ...)
NOT-FOR-US: Related Sites plugin for WordPress
-CVE-2009-2382
+CVE-2009-2382 (admin.php in phpMyBlockchecker 1.0.0055 allows remote attackers to ...)
NOT-FOR-US: phpMyBlockchecker
-CVE-2009-2381
+CVE-2009-2381 (Gizmo 3.1.0.79 on Linux does not verify a server's SSL certificate, ...)
NOT-FOR-US: Gizmo
-CVE-2009-2380
+CVE-2009-2380 (Cross-site scripting (XSS) vulnerability in includes/functions.php in ...)
NOT-FOR-US: 4images
-CVE-2009-2379
+CVE-2009-2379 (Directory traversal vulnerability in public/index.php in BIGACE Web ...)
NOT-FOR-US: BIGACE Web CMS
-CVE-2009-2378
+CVE-2009-2378 (PHP remote file inclusion vulnerability in formmailer.admin.inc.php in ...)
NOT-FOR-US: Jax FormMailer
-CVE-2009-2377
+CVE-2009-2377 (Buffer overflow in the Avax Vector ActiveX control in avPreview.ocx in ...)
NOT-FOR-US: AVAX-software Avax Vector ActiveX
-CVE-2009-2376
+CVE-2009-2376 (Cross-site scripting (XSS) vulnerability in the Html::textarea ...)
NOT-FOR-US: TangoCMS
-CVE-2009-2375
+CVE-2009-2375 (Stack-based buffer overflow in Photo DVD Maker 8.02, and possibly ...)
NOT-FOR-US: Photo DVD Maker
-CVE-2009-2371
+CVE-2009-2371 (Advanced Forum 6.x before 6.x-1.1, a module for Drupal, does not ...)
NOT-FOR-US: Advanced Forum module for Drupal
-CVE-2009-2370
+CVE-2009-2370 (Cross-site scripting (XSS) vulnerability in Advanced Forum 5.x before ...)
NOT-FOR-US: Advanced Forum module for Drupal
-CVE-2009-2368
+CVE-2009-2368 (Unspecified vulnerability in Socks Server 5 before 3.7.8-8 has unknown ...)
NOT-FOR-US: Socks Server
-CVE-2009-2367
+CVE-2009-2367 (cgi-bin/makecgi-pro in Iomega StorCenter Pro generates predictable ...)
NOT-FOR-US: Iomega StorCenter Pro
-CVE-2009-2366
+CVE-2009-2366 (SQL injection vulnerability in login.asp in DataCheck Solutions ...)
NOT-FOR-US: DataCheck Solutions ForumPal FE
-CVE-2009-2365
+CVE-2009-2365 (SQL injection vulnerability in login.asp in DataCheck Solutions ...)
NOT-FOR-US: DataCheck Solutions GalleryPal FE
-CVE-2009-2364
+CVE-2009-2364 (Stack-based buffer overflow in Mp3-Nator 2.0 allows remote attackers ...)
NOT-FOR-US: Mp3-Nator
-CVE-2009-2363
+CVE-2009-2363 (Stack-based buffer overflow in KUDRSOFT AudioPLUS 2.00.215 allows ...)
NOT-FOR-US: KUDRSOFT AudioPLUS
-CVE-2009-2362
+CVE-2009-2362 (Stack-based buffer overflow in KUDRSOFT AudioPLUS 2.0.0.215 allows ...)
NOT-FOR-US: KUDRSOFT AudioPLUS
-CVE-2009-2361
+CVE-2009-2361 (SQL injection vulnerability in include/class.staff.php in osTicket ...)
NOT-FOR-US: osTicket
CVE-2009-2359 (Multiple SQL injection vulnerabilities in TekRADIUS 3.0 allow ...)
NOT-FOR-US: TekRADIUS
More information about the Secure-testing-commits
mailing list