[Secure-testing-commits] r11884 - data/CVE

Tue May 12 21:14:14 UTC 2009

Author: joeyh
Date: 2009-05-12 21:14:13 +0000 (Tue, 12 May 2009)
New Revision: 11884

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2009-05-12 16:18:38 UTC (rev 11883)
+++ data/CVE/list	2009-05-12 21:14:13 UTC (rev 11884)
@@ -1,3 +1,53 @@
+CVE-2009-1616 (Cross-site scripting (XSS) vulnerability in docs/showdoc.php in ...)
+	TODO: check
+CVE-2009-1615 (Unrestricted file upload vulnerability in Leap CMS 0.1.4 allows remote ...)
+	TODO: check
+CVE-2009-1614 (Multiple cross-site scripting (XSS) vulnerabilities in Leap CMS 0.1.4 ...)
+	TODO: check
+CVE-2009-1613 (Multiple SQL injection vulnerabilities in leap.php in Leap CMS 0.1.4, ...)
+	TODO: check
+CVE-2009-1612 (Stack-based buffer overflow in the MPS.StormPlayer.1 ActiveX control ...)
+	TODO: check
+CVE-2009-1611 (Stack-based buffer overflow in ElectraSoft 32bit FTP 09.04.24 allows ...)
+	TODO: check
+CVE-2009-1610 (admin/changepassword.php in Job Script Job Board Software 2.0 allows ...)
+	TODO: check
+CVE-2009-1609 (Unrestricted file upload vulnerability in admin/uploadform.asp in ...)
+	TODO: check
+CVE-2009-1608 (Multiple buffer overflows in Microchip MPLAB IDE 8.30 and possibly ...)
+	TODO: check
+CVE-2009-1607 (Cross-site scripting (XSS) vulnerability in the administrator panel in ...)
+	TODO: check
+CVE-2009-1606 (Multiple stack-based and heap-based buffer overflows in Dafolo ...)
+	TODO: check
+CVE-2009-1605 (Heap-based buffer overflow in the loadexponentialfunc function in ...)
+	TODO: check
+CVE-2009-1604 (Unspecified vulnerability in LimeSurvey before 1.82 allows remote ...)
+	TODO: check
+CVE-2009-1603 (src/tools/pkcs11-tool.c in pkcs11-tool in OpenSC 0.11.7, when used ...)
+	TODO: check
+CVE-2009-1602 (Pablo Software Solutions Quick 'n Easy Mail Server 3.3 allows remote ...)
+	TODO: check
+CVE-2009-1601 (The Ubuntu clamav-milter.init script in clamav-milter before ...)
+	TODO: check
+CVE-2009-1600 (Apple Safari executes DOM calls in response to a javascript: URI in ...)
+	TODO: check
+CVE-2009-1599 (Opera executes DOM calls in response to a javascript: URI in the ...)
+	TODO: check
+CVE-2009-1598 (Google Chrome executes DOM calls in response to a javascript: URI in ...)
+	TODO: check
+CVE-2009-1597 (Mozilla Firefox executes DOM calls in response to a javascript: URI in ...)
+	TODO: check
+CVE-2009-1596 (Ignite Realtime Openfire before 3.6.5 does not properly implement the ...)
+	TODO: check
+CVE-2009-1595 (The jabber:iq:auth implementation in IQAuthHandler.java in Ignite ...)
+	TODO: check
+CVE-2008-6805 (Multiple SQL injection vulnerabilities in Mic_Blog 0.0.3, when ...)
+	TODO: check
+CVE-2008-6804 (** DISPUTED ** Tribiq CMS 5.0.9a beta allows remote attackers to ...)
+	TODO: check
+CVE-2008-6803 (SQL injection vulnerability in diziler.asp in Yigit Aybuga Dizi ...)
+	TODO: check
 CVE-2009-XXXX [More file buffer overflows]
 	- file 5.03-1
 	TODO: Check, whether code was introduced in 5.x as well like the other issues
@@ -1480,8 +1530,7 @@
 	RESERVED
 CVE-2009-1195
 	RESERVED
-CVE-2009-1194 [pango1.0: integer overflow in heap allocation size calculations]
-	RESERVED
+CVE-2009-1194 (Integer overflow in the pango_glyph_string_set_size function in ...)
 	{DSA-1798-1}
 	- pango1.0 1.24.0-2 (medium; bug #527474) 
 CVE-2009-1193
@@ -5304,8 +5353,8 @@
 	- ghostscript 8.64~dfsg-1.1 (medium; bug #524803)
 CVE-2009-0195 (Heap-based buffer overflow in Xpdf 3.02pl2 and earlier, CUPS 1.3.9, ...)
 	TODO: check
-CVE-2009-0194
-	RESERVED
+CVE-2009-0194 (The domain-locking implementation in the ...)
+	TODO: check
 CVE-2009-0193 (Heap-based buffer overflow in Adobe Acrobat Reader 9 before 9.1, 8 ...)
 	NOT-FOR-US: Adobe Acrobat Reader
 CVE-2009-0192


