[Secure-testing-commits] r11894 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Wed May 13 21:14:14 UTC 2009
Author: joeyh
Date: 2009-05-13 21:14:14 +0000 (Wed, 13 May 2009)
New Revision: 11894
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-05-13 20:54:50 UTC (rev 11893)
+++ data/CVE/list 2009-05-13 21:14:14 UTC (rev 11894)
@@ -1,3 +1,33 @@
+CVE-2009-1628
+ RESERVED
+CVE-2009-1627 (Stack-based buffer overflow in Streaming Download Project (SDP) ...)
+ TODO: check
+CVE-2009-1626 (SQL injection vulnerability in public/specific.php in EZ-Blog before ...)
+ TODO: check
+CVE-2009-1625 (Directory traversal vulnerability in index.php in Thickbox Gallery 2 ...)
+ TODO: check
+CVE-2009-1624 (Directory traversal vulnerability in index.php in Dew-NewPHPLinks 2.0 ...)
+ TODO: check
+CVE-2009-1623 (Cross-site scripting (XSS) vulnerability in index.php in ...)
+ TODO: check
+CVE-2009-1622 (SQL injection vulnerability in user.php in EcShop 2.5.0 allows remote ...)
+ TODO: check
+CVE-2009-1621 (Directory traversal vulnerability in index.php in OpenCart 1.1.8 ...)
+ TODO: check
+CVE-2009-1620 (Multiple cross-site scripting (XSS) vulnerabilities in input.php in ...)
+ TODO: check
+CVE-2009-1619 (Teraway FileStream 1.0 allows remote attackers to bypass ...)
+ TODO: check
+CVE-2009-1618 (Teraway LiveHelp 2.0 allows remote attackers to bypass authentication ...)
+ TODO: check
+CVE-2009-1617 (Teraway LinkTracker 1.0 allows remote attackers to bypass ...)
+ TODO: check
+CVE-2008-6808 (SQL injection vulnerability in links.php in Scripts for Sites (SFS) EZ ...)
+ TODO: check
+CVE-2008-6807 (PHP remote file inclusion vulnerability in ListRecords.php in osprey ...)
+ TODO: check
+CVE-2008-6806 (Unrestricted file upload vulnerability in includes/imageupload.php in ...)
+ TODO: check
CVE-2009-1616 (Cross-site scripting (XSS) vulnerability in docs/showdoc.php in ...)
NOT-FOR-US: Coppermine Photo Gallery
CVE-2009-1615 (Unrestricted file upload vulnerability in Leap CMS 0.1.4 allows remote ...)
@@ -1727,8 +1757,8 @@
RESERVED
CVE-2009-1138
RESERVED
-CVE-2009-1137
- RESERVED
+CVE-2009-1137 (Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3 allows ...)
+ TODO: check
CVE-2009-1136
RESERVED
CVE-2009-1135
@@ -1739,14 +1769,14 @@
RESERVED
CVE-2009-1132
RESERVED
-CVE-2009-1131
- RESERVED
-CVE-2009-1130
- RESERVED
-CVE-2009-1129
- RESERVED
-CVE-2009-1128
- RESERVED
+CVE-2009-1131 (Multiple stack-based buffer overflows in Microsoft Office PowerPoint ...)
+ TODO: check
+CVE-2009-1130 (Heap-based buffer overflow in Microsoft Office PowerPoint 2002 SP3 and ...)
+ TODO: check
+CVE-2009-1129 (Multiple stack-based buffer overflows in the PowerPoint 95 importer ...)
+ TODO: check
+CVE-2009-1128 (Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3 allows ...)
+ TODO: check
CVE-2009-1127
RESERVED
CVE-2009-1126
@@ -4000,7 +4030,7 @@
RESERVED
CVE-2009-0557
RESERVED
-CVE-2009-0556 (Unspecified vulnerability in Microsoft Office PowerPoint 2000 SP3, ...)
+CVE-2009-0556 (Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3, and ...)
NOT-FOR-US: Microsoft Office
CVE-2009-0555
RESERVED
@@ -5285,22 +5315,22 @@
RESERVED
CVE-2009-0228
RESERVED
-CVE-2009-0227
- RESERVED
-CVE-2009-0226
- RESERVED
-CVE-2009-0225
- RESERVED
-CVE-2009-0224
- RESERVED
-CVE-2009-0223
- RESERVED
-CVE-2009-0222
- RESERVED
-CVE-2009-0221
- RESERVED
-CVE-2009-0220
- RESERVED
+CVE-2009-0227 (Stack-based buffer overflow in the PowerPoint 4.2 conversion filter ...)
+ TODO: check
+CVE-2009-0226 (Stack-based buffer overflow in the PowerPoint 4.2 conversion filter in ...)
+ TODO: check
+CVE-2009-0225 (Microsoft Office PowerPoint 2002 SP3 allows remote attackers to ...)
+ TODO: check
+CVE-2009-0224 (Microsoft Office PowerPoint 2000 SP3, 2002 SP3, 2003 SP3, and 2007 SP1 ...)
+ TODO: check
+CVE-2009-0223 (Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3 allows ...)
+ TODO: check
+CVE-2009-0222 (Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3 allows ...)
+ TODO: check
+CVE-2009-0221 (Integer overflow in Microsoft Office PowerPoint 2002 SP3 and 2003 SP3 ...)
+ TODO: check
+CVE-2009-0220 (Multiple stack-based buffer overflows in the PowerPoint 4.0 importer ...)
+ TODO: check
CVE-2009-0219 (The PDF distiller in the Attachment Service in Research in Motion ...)
NOT-FOR-US: BlackBerry
CVE-2009-0218 (Insecure method vulnerability in Particle Software IntraLaunch ...)
@@ -30681,7 +30711,7 @@
NOT-FOR-US: NewzCrawler
CVE-2007-2721 (The jpc_qcx_getcompparms function in jpc/jpc_cs.c for the JasPer ...)
- jasper <unfixed> (medium; bug #413033)
- NOTE: Jasper was initially fixed in 1.900.1-3, but the fix got dropped later, see #528543
+ NOTE: Jasper was initially fixed in 1.900.1-3, but the fix got dropped later, see #528543
- ghostscript 8.61.dfsg.1~svn8187-1.1 (medium; bug #447188)
NOTE: see http://ghostscript.com/pipermail/gs-cvs/2007-October/007877.html
CVE-2007-2720 (Group-Office before 2.16-13 does not properly validate user IDs, which ...)
More information about the Secure-testing-commits
mailing list