[Secure-testing-commits] r11411 - data/CVE
joeyh at alioth.debian.org
joeyh at alioth.debian.org
Mon Mar 16 21:14:12 UTC 2009
Author: joeyh
Date: 2009-03-16 21:14:11 +0000 (Mon, 16 Mar 2009)
New Revision: 11411
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-03-16 09:14:13 UTC (rev 11410)
+++ data/CVE/list 2009-03-16 21:14:11 UTC (rev 11411)
@@ -1,3 +1,121 @@
+CVE-2009-0910
+ RESERVED
+CVE-2009-0909
+ RESERVED
+CVE-2009-0908
+ RESERVED
+CVE-2009-0907
+ RESERVED
+CVE-2009-0906
+ RESERVED
+CVE-2009-0905
+ RESERVED
+CVE-2009-0904
+ RESERVED
+CVE-2009-0903
+ RESERVED
+CVE-2009-0902
+ RESERVED
+CVE-2009-0901
+ RESERVED
+CVE-2009-0900
+ RESERVED
+CVE-2009-0899
+ RESERVED
+CVE-2009-0898
+ RESERVED
+CVE-2009-0897
+ RESERVED
+CVE-2009-0896
+ RESERVED
+CVE-2009-0895
+ RESERVED
+CVE-2009-0894
+ RESERVED
+CVE-2009-0893
+ RESERVED
+CVE-2009-0892
+ RESERVED
+CVE-2009-0891
+ RESERVED
+CVE-2009-0890
+ RESERVED
+CVE-2009-0889
+ RESERVED
+CVE-2009-0888
+ RESERVED
+CVE-2009-0887 (Integer signedness error in the _pam_StrTok function in ...)
+ TODO: check
+CVE-2009-0886 (Directory traversal vulnerability in login.php in OneOrZero Helpdesk ...)
+ TODO: check
+CVE-2009-0885 (Multiple heap-based buffer overflows in Media Commands 1.0 allow ...)
+ TODO: check
+CVE-2009-0884 (Buffer overflow in FileZilla Server before 0.9.31 allows remote ...)
+ TODO: check
+CVE-2009-0883 (SQL injection vulnerability in Blue Eye CMS 1.0.0 and earlier, when ...)
+ TODO: check
+CVE-2009-0882 (Multiple SQL injection vulnerabilities in nForum 1.5 allow remote ...)
+ TODO: check
+CVE-2009-0881 (SQL injection vulnerability in ejemplo/paises.php in isiAJAX 1 allows ...)
+ TODO: check
+CVE-2009-0880 (Directory traversal vulnerability in the CIM server in IBM Director ...)
+ TODO: check
+CVE-2009-0879 (The CIM server in IBM Director before 5.20.3 Service Update 2 on ...)
+ TODO: check
+CVE-2009-0878 (The read_game_map function in src/terrain_translation.cpp in Wesnoth ...)
+ TODO: check
+CVE-2009-0877 (Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System ...)
+ TODO: check
+CVE-2009-0876 (Unspecified vulnerability in Sun xVM VirtualBox 2.0.0, 2.0.2, 2.0.4, ...)
+ TODO: check
+CVE-2009-0875 (Race condition in the Doors subsystem in the kernel in Sun Solaris 8 ...)
+ TODO: check
+CVE-2009-0874 (Multiple unspecified vulnerabilities in the Doors subsystem in the ...)
+ TODO: check
+CVE-2008-6472 (The WLCCP dissector in Wireshark 0.99.7 through 1.0.4 allows remote ...)
+ TODO: check
+CVE-2008-6471 (SQL injection vulnerability in detail.php in MountainGrafix easyLink ...)
+ TODO: check
+CVE-2008-6470 (Multiple unspecified vulnerabilities in ClanSphere before 2008.2.1 ...)
+ TODO: check
+CVE-2008-6469 (SQL injection vulnerability in index.php in PlainCart 1.1.2 allows ...)
+ TODO: check
+CVE-2008-6468 (SQL injection vulnerability in index.php in Diesel Pay allows remote ...)
+ TODO: check
+CVE-2008-6467 (SQL injection vulnerability in jobs/jobseekers/job-info.php in Diesel ...)
+ TODO: check
+CVE-2008-6466 (SQL injection vulnerability in image_gallery.php in the Akira Powered ...)
+ TODO: check
+CVE-2008-6465 (Multiple cross-site scripting (XSS) vulnerabilities in login.php in ...)
+ TODO: check
+CVE-2008-6464 (SQL injection vulnerability in event.php in Mevin Productions Basic ...)
+ TODO: check
+CVE-2008-6463 (SQL injection vulnerability in the Diocese of Portsmouth Church Search ...)
+ TODO: check
+CVE-2008-6462 (SQL injection vulnerability in the My quiz and poll (myquizpoll) ...)
+ TODO: check
+CVE-2008-6461 (SQL injection vulnerability in the Random Prayer 2 (ste_prayer2) ...)
+ TODO: check
+CVE-2008-6460 (SQL injection vulnerability in the Simple Random Objects ...)
+ TODO: check
+CVE-2008-6459 (SQL injection vulnerability in the auto BE User Registration ...)
+ TODO: check
+CVE-2008-6458 (SQL injection vulnerability in the FE address edit for tt_address & ...)
+ TODO: check
+CVE-2008-6457 (SQL injection vulnerability in the Swigmore institute (cgswigmore) ...)
+ TODO: check
+CVE-2008-6456 (SQL injection vulnerability in the HBook (h_book) extension 2.3.0 and ...)
+ TODO: check
+CVE-2008-6455 (Session fixation vulnerability in Edikon phpShop 0.8.1 allows remote ...)
+ TODO: check
+CVE-2008-6454 (SQL injection vulnerability in section.php in 6rbScript 3.3 allows ...)
+ TODO: check
+CVE-2008-6453 (Directory traversal vulnerability in section.php in 6rbScript 3.3, ...)
+ TODO: check
+CVE-2008-6452 (SQL injection vulnerability in show_vote.php in Oceandir 2.9 and ...)
+ TODO: check
+CVE-2008-6451 (SQL injection vulnerability in humor.php in jPORTAL 2 allows remote ...)
+ TODO: check
CVE-2009-0873 (The NFS daemon (aka nfsd) in Sun Solaris 10 and OpenSolaris before ...)
NOT-FOR-US: Solaris
CVE-2009-0872 (The NFS server in Sun Solaris 10, and OpenSolaris before snv_111, does ...)
@@ -164,8 +282,8 @@
NOT-FOR-US: BlogHelper
CVE-2009-0825 (SQL injection vulnerability in system/rss.php in TinX/cms 3.x before ...)
NOT-FOR-US: TinX/cms
-CVE-2009-0824
- RESERVED
+CVE-2009-0824 (Elaborate Bytes ElbyCDIO.sys 6.0.2.0 and earlier, as distributed in ...)
+ TODO: check
CVE-2009-0823
RESERVED
CVE-2009-0822
@@ -298,8 +416,7 @@
NOT-FOR-US: CVE-2009-0780
CVE-2009-0779 (Buffer overflow in pppdial in IBM AIX 5.3 and 6.1 allows local users ...)
NOT-FOR-US: IBM AIX
-CVE-2009-0778 [Linux: rt_cache leak leads to loss of network connectivity]
- RESERVED
+CVE-2009-0778 (The icmp_send function in net/ipv4/icmp.c in the Linux kernel before ...)
- linux-2.6 <not-affected> (affected upstream kernel versions not part of Debian)
- linux-2.6.24 <not-affected> (affected upstream kernel versions not part of Debian)
CVE-2009-0777 (Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and ...)
@@ -1133,8 +1250,8 @@
RESERVED
CVE-2009-0633
RESERVED
-CVE-2009-0632
- RESERVED
+CVE-2009-0632 (The IP Phone Personal Address Book (PAB) Synchronizer feature in Cisco ...)
+ TODO: check
CVE-2009-0631
RESERVED
CVE-2009-0630
@@ -1264,18 +1381,18 @@
RESERVED
CVE-2009-0588
RESERVED
-CVE-2009-0587
- RESERVED
-CVE-2009-0586
- RESERVED
-CVE-2009-0585
- RESERVED
+CVE-2009-0587 (Multiple integer overflows in Evolution Data Server (aka ...)
+ TODO: check
+CVE-2009-0586 (Integer overflow in gst-libs/gst/tag/gstvorbistag.c in vorbistag in ...)
+ TODO: check
+CVE-2009-0585 (Integer overflow in the soup_base64_encode function in soup-misc.c in ...)
+ TODO: check
CVE-2009-0584
RESERVED
CVE-2009-0583
RESERVED
-CVE-2009-0582
- RESERVED
+CVE-2009-0582 (The ntlm_challenge function in the NTLM SASL authentication mechanism ...)
+ TODO: check
CVE-2009-0581
RESERVED
CVE-2009-0580
@@ -1801,7 +1918,8 @@
NOT-FOR-US: Microsoft
CVE-2009-0418 (The IPv6 Neighbor Discovery Protocol (NDP) implementation in HP HP-UX ...)
NOT-FOR-US: HP HP-UX
-CVE-2008-6067 (SQL injection vulnerability in search_results.php in E-Shop Shopping ...)
+CVE-2008-6067
+ REJECTED
NOT-FOR-US: E-Shop Shopping Cart
CVE-2008-6066 (Multiple PHP remote file inclusion vulnerabilities in Meet#Web 0.8 ...)
NOT-FOR-US: Meet#Web
@@ -2061,8 +2179,7 @@
CVE-2009-0367 (The Python AI module in Wesnoth 1.4.x and 1.5 before 1.5.11 allows ...)
{DSA-1737-1}
- wesnoth 1:1.4.7-4
-CVE-2009-0366 [wesnoth server memory exhaustion]
- RESERVED
+CVE-2009-0366 (The uncompress_buffer function in src/server/simple_wml.cpp in Wesnoth ...)
{DSA-1737-1}
- wesnoth 1:1.4.7-4
CVE-2009-0365 (The dbus request handler in (1) network-manager-applet and (2) ...)
@@ -2785,8 +2902,8 @@
RESERVED
CVE-2009-0144
RESERVED
-CVE-2009-0143
- RESERVED
+CVE-2009-0143 (Apple iTunes before 8.1 does not properly inform the user about the ...)
+ TODO: check
CVE-2009-0142 (Race condition in AFP Server in Apple Mac OS X 10.5.6 allows local ...)
NOT-FOR-US: Apple Mac OS X
CVE-2009-0141 (XTerm in Apple Mac OS X 10.4.11 and 10.5.6, when used with luit, ...)
@@ -3771,8 +3888,8 @@
NOT-FOR-US: Apple Mac OS X
CVE-2009-0017 (csregprinter in the Printing component in Apple Mac OS X 10.4.11 and ...)
NOT-FOR-US: Apple Mac OS X
-CVE-2009-0016
- RESERVED
+CVE-2009-0016 (Apple iTunes before 8.1 on Windows allows remote attackers to cause a ...)
+ TODO: check
CVE-2009-0015 (Unspecified vulnerability in fseventsd in the FSEvents framework in ...)
NOT-FOR-US: Apple Mac OS X
CVE-2009-0014 (Folder Manager in Apple Mac OS X 10.5.6 uses insecure default ...)
@@ -6936,8 +7053,8 @@
NOT-FOR-US: Observer
CVE-2008-4317
RESERVED
-CVE-2008-4316
- RESERVED
+CVE-2008-4316 (Multiple integer overflows in glib/gbase64.c in GLib before 2.20 allow ...)
+ TODO: check
CVE-2008-4315 (tog-pegasus in OpenGroup Pegasus 2.7.0 on Red Hat Enterprise Linux ...)
NOT-FOR-US: OpenPegasus
CVE-2008-4314 (smbd in Samba 3.0.29 through 3.2.4 might allow remote attackers to ...)
@@ -8660,7 +8777,7 @@
- ruby1.8 1.8.7.72-1 (bug #494401)
- ruby1.9 1.9.0.2-6 (bug #494402)
NOTE: http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/
-CVE-2008-3656 (Algorithmic complexity vulnerability in ...)
+CVE-2008-3656 (Algorithmic complexity vulnerability in the ...)
{DSA-1652-1 DSA-1651-1}
- ruby1.8 1.8.7.72-1 (bug #494401)
- ruby1.9 1.9.0.2-6 (bug #494402)
@@ -24999,7 +25116,7 @@
NOT-FOR-US: husrevforum
CVE-2007-3884 (SQL injection vulnerability in philboard_forum.asp in husrevforum ...)
NOT-FOR-US: husrevforum
-CVE-2007-3883 (The Data Dynamics ActiveBar ActiveX control (actbar3.ocx) 3.1 and ...)
+CVE-2007-3883 (The Data Dynamics ActiveBar ActiveX control (actbar3.ocx) 3.2 and ...)
NOT-FOR-US: Data Dynamics ActiveBar ActiveX control
CVE-2007-3882 (SQL injection vulnerability in index.php in Expert Advisor allows ...)
NOT-FOR-US: Expert Advisor
More information about the Secure-testing-commits
mailing list