[Secure-testing-commits] r12026 - data/CVE

Joey Hess joeyh at alioth.debian.org
Tue Jun 2 21:14:16 UTC 2009 

Author: joeyh
Date: 2009-06-02 21:14:16 +0000 (Tue, 02 Jun 2009)
New Revision: 12026

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-06-02 21:08:49 UTC (rev 12025)
+++ data/CVE/list	2009-06-02 21:14:16 UTC (rev 12026)
@@ -1,3 +1,96 @@
+CVE-2009-3870
+	REJECTED
+	TODO: check
+CVE-2009-1879
+	RESERVED
+CVE-2009-1878
+	RESERVED
+CVE-2009-1877
+	RESERVED
+CVE-2009-1876
+	RESERVED
+CVE-2009-1875
+	RESERVED
+CVE-2009-1874
+	RESERVED
+CVE-2009-1873
+	RESERVED
+CVE-2009-1872
+	RESERVED
+CVE-2009-1871
+	RESERVED
+CVE-2009-1870
+	RESERVED
+CVE-2009-1869
+	RESERVED
+CVE-2009-1868
+	RESERVED
+CVE-2009-1867
+	RESERVED
+CVE-2009-1866
+	RESERVED
+CVE-2009-1865
+	RESERVED
+CVE-2009-1864
+	RESERVED
+CVE-2009-1863
+	RESERVED
+CVE-2009-1862
+	RESERVED
+CVE-2009-1861
+	RESERVED
+CVE-2009-1860
+	RESERVED
+CVE-2009-1859
+	RESERVED
+CVE-2009-1858
+	RESERVED
+CVE-2009-1857
+	RESERVED
+CVE-2009-1856
+	RESERVED
+CVE-2009-1855
+	RESERVED
+CVE-2009-1854 (Million Dollar Text Links 1.0 allows remote attackers to bypass ...)
+	TODO: check
+CVE-2009-1853 (Multiple SQL injection vulnerabilities in index.php in Kensei Board ...)
+	TODO: check
+CVE-2009-1852 (Multiple SQL injection vulnerabilities in Graphiks MyForum 1.3 allow ...)
+	TODO: check
+CVE-2009-1851 (SQL injection vulnerability in include.php in phpBugTracker 1.0.4 and ...)
+	TODO: check
+CVE-2009-1850 (SQL injection vulnerability in index.php in phpBugTracker 1.0.3 allows ...)
+	TODO: check
+CVE-2009-1849 (Cross-site scripting (XSS) vulnerability in the Monitor_Bandwidth ...)
+	TODO: check
+CVE-2009-1848 (SQL injection vulnerability in the JoomlaMe AgoraGroups (aka AG or ...)
+	TODO: check
+CVE-2009-1847 (Directory traversal vulnerability in index.php in Easy PX 41 CMS 9.0 ...)
+	TODO: check
+CVE-2009-1846 (Multiple directory traversal vulnerabilities in SiteX 0.7.4 Build 418 ...)
+	TODO: check
+CVE-2009-1845 (Cross-site scripting (XSS) vulnerability in ajax/updatecheck.php in ...)
+	TODO: check
+CVE-2009-1844 (Multiple cross-site scripting (XSS) vulnerabilities in Drupal 5.x ...)
+	TODO: check
+CVE-2009-1843 (Multiple SQL injection vulnerabilities in Flash Quiz Beta 2 allow ...)
+	TODO: check
+CVE-2009-1842 (SQL injection vulnerability in main/tracking/userLog.php in Francisco ...)
+	TODO: check
+CVE-2008-6819 (win32k.sys in Microsoft Windows Server 2003 and Vista allows local ...)
+	TODO: check
+CVE-2008-6818 (Mole Group Real Estate Script 1.1 and earlier stores passwords in ...)
+	TODO: check
+CVE-2008-6817 (Mole Group Lastminute Script 4.0 and earlier stores passwords in ...)
+	TODO: check
+CVE-2004-2764 (Sun SDK and Java Runtime Environment (JRE) 1.4.2 through 1.4.2_04, ...)
+	TODO: check
+CVE-2004-2763 (The default configuration of Sun ONE/iPlanet Web Server 4.1 SP1 ...)
+	TODO: check
+CVE-2003-1573 (The PointBase 4.6 database component in the J2EE 1.4 reference ...)
+	TODO: check
+CVE-2003-1572 (Sun Java Media Framework (JMF) 2.1.1 through 2.1.1c allows unsigned ...)
+	TODO: check
 CVE-2009-XXXX [GStreamer Good Plug-ins PNG Processing Integer Overflow]
 	- gst-plugins-good0.10 <unfixed> (bug #531631)
 CVE-2009-XXXX [strongSwan Two Denial of Service Vulnerabilities]
@@ -75,8 +168,8 @@
 	NOT-FOR-US: Baofeng
 CVE-2009-1806 (Unspecified vulnerability in IBM Hardware Management Console (HMC) 7 ...)
 	NOT-FOR-US: IBM Hardware Management Console
-CVE-2009-1805
-	RESERVED
+CVE-2009-1805 (Unspecified vulnerability in the VMware Descheduled Time Accounting ...)
+	TODO: check
 CVE-2009-1804 (Multiple SQL injection vulnerabilities in admin/index.php in ...)
 	NOT-FOR-US: videoscript
 CVE-2009-1803 (FreePBX 2.5.1, and other 2.4.x, 2.5.x, and pre-release 2.6.x versions, ...)
@@ -2888,6 +2981,7 @@
 	RESERVED
 CVE-2009-0949
 	RESERVED
+	{DSA-1811-1}
 CVE-2009-0948
 	RESERVED
 CVE-2009-0947
@@ -7264,6 +7358,7 @@
 CVE-2008-5520 (AhnLab V3 2008.12.4.1 and possibly 2008.9.13.0, when Internet Explorer ...)
 	NOT-FOR-US: AhnLab V3
 CVE-2008-5519 (The JK Connector (aka mod_jk) 1.2.0 through 1.2.26 in Apache Tomcat ...)
+	{DSA-1810-1}
 	- libapache-mod-jk 1:1.2.26-2.1 (bug #523054)
 CVE-2008-5518 (Multiple directory traversal vulnerabilities in the web administration ...)
 	- geronimo <itp> (bug #481869)
@@ -8463,7 +8558,7 @@
 	NOT-FOR-US: eDirectory
 CVE-2008-5092 (Heap-based buffer overflows in Novell eDirectory HTTP protocol stack ...)
 	NOT-FOR-US: eDirectory
-CVE-2008-5091 (Buffer overflow in the LDAP Service in Novell eDirectory before 8.8 ...)
+CVE-2008-5091 (Buffer overflow in the LDAP Service in Novell eDirectory 8.7.3 before ...)
 	NOT-FOR-US: eDirectory
 CVE-2008-5090 (Electron Inc. Advanced Electron Forum before 1.0.7 allows remote ...)
 	NOT-FOR-US: Advanced Electron Forum

More information about the Secure-testing-commits mailing list