[Secure-testing-commits] r11845 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Fri May 8 21:14:12 UTC 2009
Author: joeyh
Date: 2009-05-08 21:14:12 +0000 (Fri, 08 May 2009)
New Revision: 11845
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-05-08 17:28:16 UTC (rev 11844)
+++ data/CVE/list 2009-05-08 21:14:12 UTC (rev 11845)
@@ -1,3 +1,37 @@
+CVE-2009-1587 (index.php in PHP Site Lock 2.0 allows remote attackers to bypass ...)
+ TODO: check
+CVE-2009-1586 (Stack-based buffer overflow in the NZB importer feature in GrabIt ...)
+ TODO: check
+CVE-2009-1585 (Multiple SQL injection vulnerabilities in TemaTres 1.031, when ...)
+ TODO: check
+CVE-2009-1584 (Multiple SQL injection vulnerabilities in TemaTres 1.0.3 and 1.031, ...)
+ TODO: check
+CVE-2009-1583 (Multiple cross-site scripting (XSS) vulnerabilities in TemaTres 1.0.3 ...)
+ TODO: check
+CVE-2009-1582 (Million Dollar Text Links 1.0 does not properly restrict administrator ...)
+ TODO: check
+CVE-2008-6802 (Multiple SQL injection vulnerabilities in index.php in phPhotoGallery ...)
+ TODO: check
+CVE-2008-6801 (Cross-site request forgery (CSRF) vulnerability in Vivvo CMS before ...)
+ TODO: check
+CVE-2008-6800 (Race condition in the winbind daemon (aka winbindd) in Samba before ...)
+ TODO: check
+CVE-2008-6799 (connection.php in FlashChat 5.0.8 allows remote attackers to bypass ...)
+ TODO: check
+CVE-2008-6798 (Multiple SQL injection vulnerabilities in login.php in Pre Projects ...)
+ TODO: check
+CVE-2008-6797 (The server in Mitel NuPoint Messenger R11 and R3 sends usernames and ...)
+ TODO: check
+CVE-2008-6796 (SQL injection vulnerability in manager/login.php in Pre Projects Pre ...)
+ TODO: check
+CVE-2008-6795 (SQL injection vulnerability in view_news.php in nicLOR ...)
+ TODO: check
+CVE-2008-6794 (SQL injection vulnerability in directory.php in Scripts For Sites ...)
+ TODO: check
+CVE-2008-6793 (The get_file_type function in lib/file_content.php in DFLabs PTK 0.1, ...)
+ TODO: check
+CVE-2008-6792 (system-tools-backends before 2.6.0-1ubuntu1.1 in Ubuntu 8.10, as used ...)
+ TODO: check
CVE-2009-XXXX [opensc: insecure due to wrong public exponent]
- opensc 0.11.8 (high; bug #527640)
CVE-2009-1581
@@ -8,12 +42,14 @@
RESERVED
CVE-2009-1578
RESERVED
-CVE-2009-1577
- RESERVED
+CVE-2009-1577 (Multiple stack-based buffer overflows in the putstring function in ...)
+ TODO: check
CVE-2009-1576 (Unspecified vulnerability in Drupal 5.x before 5.17 and 6.x before ...)
+ {DSA-1792-1}
- drupal6 6.11-1 (bug #526378)
- drupal5 5.17-1
CVE-2009-1575 (Cross-site scripting (XSS) vulnerability in Drupal 5.x before 5.17 and ...)
+ {DSA-1792-1}
- drupal6 6.11-1 (bug #526378)
- drupal5 5.17-1
CVE-2009-1574 (racoon/isakmp_frag.c in ipsec-tools before 0.7.2 allows remote ...)
@@ -404,10 +440,10 @@
NOT-FOR-US: WebPortal CMS
CVE-2009-1443 (Multiple unspecified vulnerabilities in the Server component in OCS ...)
NOT-FOR-US: OCS Inventory NG
-CVE-2009-1442
- RESERVED
-CVE-2009-1441
- RESERVED
+CVE-2009-1442 (Multiple integer overflows in Skia, as used in Google Chrome 1.x ...)
+ TODO: check
+CVE-2009-1441 (Heap-based buffer overflow in the ParamTraits<SkBitmap>::Read function ...)
+ TODO: check
CVE-2009-1439 (Buffer overflow in fs/cifs/connect.c in CIFS in the Linux kernel ...)
{DSA-1794-1 DSA-1787-1}
- linux-2.6 <unfixed>
More information about the Secure-testing-commits
mailing list