[Secure-testing-commits] r11919 - data/CVE

Joey Hess joeyh at alioth.debian.org
Mon May 18 21:14:15 UTC 2009 

Author: joeyh
Date: 2009-05-18 21:14:15 +0000 (Mon, 18 May 2009)
New Revision: 11919

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-05-18 21:12:15 UTC (rev 11918)
+++ data/CVE/list	2009-05-18 21:14:15 UTC (rev 11919)
@@ -1,3 +1,67 @@
+CVE-2009-1665 (myaccount.php in Easy Scripts Answer and Question Script allows remote ...)
+	TODO: check
+CVE-2009-1664 (myaccount.php in Easy Scripts Answer and Question Script does not ...)
+	TODO: check
+CVE-2009-1663 (Unrestricted file upload vulnerability in myaccount.php in Easy ...)
+	TODO: check
+CVE-2009-1662 (Multiple SQL injection vulnerabilities in admin/login.php in Wright ...)
+	TODO: check
+CVE-2009-1661 (SQL injection vulnerability in admin/utopic.php in uTopic 1.0, when ...)
+	TODO: check
+CVE-2009-1660 (Stack-based buffer overflow in URUWorks ViPlay3 3.0 and earlier allows ...)
+	TODO: check
+CVE-2009-1659 (Unrestricted file upload vulnerability in admin/uploadimage.php in ...)
+	TODO: check
+CVE-2009-1658 (Multiple SQL injection vulnerabilities in admin/admin.php in Realty ...)
+	TODO: check
+CVE-2009-1657 (Multiple SQL injection vulnerabilities in the Starrating plugin before ...)
+	TODO: check
+CVE-2009-1656 (Xerox WorkCentre and WorkCentre Pro 232, 238, 245, 255, 265, 275; and ...)
+	TODO: check
+CVE-2009-1655 (Multiple SQL injection vulnerabilities in myaccount.php in Easy ...)
+	TODO: check
+CVE-2009-1654 (Cross-site scripting (XSS) vulnerability in questiondetail.php in Easy ...)
+	TODO: check
+CVE-2009-1653 (Directory traversal vulnerability in ...)
+	TODO: check
+CVE-2009-1652 (admin/adminaddeditdetails.php in Business Community Script does not ...)
+	TODO: check
+CVE-2009-1651 (SQL injection vulnerability in admin/member_details.php in 2daybiz ...)
+	TODO: check
+CVE-2009-1650 (Multiple SQL injection vulnerabilities in photos.php in Shutter 0.1.1 ...)
+	TODO: check
+CVE-2009-1649 (Directory traversal vulnerability in arch.php in beLive 0.2.3 allows ...)
+	TODO: check
+CVE-2009-1648
+	RESERVED
+CVE-2009-1647 (Heap-based buffer overflow in popcorn.exe in Ultrafunk Popcorn 1.87 ...)
+	TODO: check
+CVE-2009-1646 (Stack-based buffer overflow in Mini-stream RM Downloader 3.0.0.9 ...)
+	TODO: check
+CVE-2009-1645 (Multiple stack-based buffer overflows in Mini-stream Easy RM-MP3 ...)
+	TODO: check
+CVE-2009-1644 (Stack-based buffer overflow in Sorinara Streaming Audio Player 0.9 ...)
+	TODO: check
+CVE-2009-1643 (Stack-based buffer overflow in Sorinara Soritong MP3 Player 1.0 allows ...)
+	TODO: check
+CVE-2009-1642 (Multiple stack-based buffer overflows in Mini-stream ASX to MP3 ...)
+	TODO: check
+CVE-2009-1641 (Multiple stack-based buffer overflows in Mini-stream Ripper 3.0.1.1 ...)
+	TODO: check
+CVE-2009-1640 (Stack-based buffer overflow in Nucleus Data Recovery Kernel Recovery ...)
+	TODO: check
+CVE-2009-1639 (Stack-based buffer overflow in Nucleus Data Recovery Kernel Recovery ...)
+	TODO: check
+CVE-2009-1638 (Techno Dreams Job Career Package 3.0 allows remote attackers to bypass ...)
+	TODO: check
+CVE-2009-1637 (profile.php in Simple Customer 1.3 does not require administrative ...)
+	TODO: check
+CVE-2008-6811 (Unrestricted file upload vulnerability in image_processing.php in the ...)
+	TODO: check
+CVE-2008-6810 (Multiple SQL injection vulnerabilities in admin/checklogin.php in ...)
+	TODO: check
+CVE-2008-6809 (SQL injection vulnerability in hotel_habitaciones.php in Venalsur ...)
+	TODO: check
 CVE-2009-XXXX [libsndfile VOC and AIFF Processing Buffer Overflow Vulnerabilities]
 	- libsndfile <unfixed> (medium; bug #528650)
 	NOTE: http://trapkit.de/advisories/TKADV2009-006.txt
@@ -3446,8 +3510,7 @@
 	RESERVED
 CVE-2009-0689
 	RESERVED
-CVE-2009-0688 [cyrus sasl buffer overflow VU#238019]
-	RESERVED
+CVE-2009-0688 (Multiple buffer overflows in the CMU Cyrus SASL library before 2.1.23 ...)
 	- cyrus-sasl2 <unfixed> (bug #528749)
 	NOTE: VU#238019
 CVE-2009-0687
@@ -6177,7 +6240,7 @@
 	NOT-FOR-US: F-Prot
 CVE-2008-5746 (Sun SNMP Management Agent (SUNWmasf) 1.4u2 through 1.5.4 allows local ...)
 	NOT-FOR-US: Sun SNMP Management Agent
-CVE-2008-5745 (Integer overflow in Microsoft Windows Media Player 9, 10, and 11 ...)
+CVE-2008-5745 (Integer overflow in quartz.dll in the DirectShow framework in ...)
 	NOT-FOR-US: Microsoft
 CVE-2008-5824 (Heap-based buffer overflow in msadpcm.c in libaudiofile in audiofile ...)
 	- audiofile <unfixed> (medium; bug #510205)

More information about the Secure-testing-commits mailing list