[Secure-testing-commits] r11977 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Tue May 26 21:14:13 UTC 2009
Author: joeyh
Date: 2009-05-26 21:14:12 +0000 (Tue, 26 May 2009)
New Revision: 11977
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-05-26 15:35:38 UTC (rev 11976)
+++ data/CVE/list 2009-05-26 21:14:12 UTC (rev 11977)
@@ -1,3 +1,51 @@
+CVE-2009-1785 (Cross-site scripting (XSS) vulnerability in Ulteo Open Virtual Desktop ...)
+ TODO: check
+CVE-2009-1784 (The AVG parsing engine 8.5 323, as used in multiple AVG anti-virus ...)
+ TODO: check
+CVE-2009-1783 (Multiple FRISK Software F-Prot anti-virus products, including ...)
+ TODO: check
+CVE-2009-1782 (Multiple F-Secure anti-virus products, including Anti-Virus for ...)
+ TODO: check
+CVE-2009-1781 (Static code injection vulnerability in admin.php in Frax.dk Php ...)
+ TODO: check
+CVE-2009-1780 (admin.php in Frax.dk Php Recommend 1.3 and earlier does not require ...)
+ TODO: check
+CVE-2009-1779 (PHP remote file inclusion vulnerability in admin.php in Frax.dk Php ...)
+ TODO: check
+CVE-2009-1778 (SQL injection vulnerability in the new user registration feature in ...)
+ TODO: check
+CVE-2009-1777 (CRLF injection vulnerability in FormMail.pl in Matt Wright FormMail ...)
+ TODO: check
+CVE-2009-1776 (Multiple cross-site scripting (XSS) vulnerabilities in FormMail.pl in ...)
+ TODO: check
+CVE-2009-1775 (Multiple cross-site scripting (XSS) vulnerabilities in Ulteo Open ...)
+ TODO: check
+CVE-2009-1774 (Directory traversal vulnerability in plugins/ddb/foot.php in ...)
+ TODO: check
+CVE-2009-1773 (activeCollab 2.1 Corporate allows remote attackers to obtain sensitive ...)
+ TODO: check
+CVE-2009-1772 (Cross-site scripting (XSS) vulnerability in activeCollab 2.1 Corporate ...)
+ TODO: check
+CVE-2009-1771 (index.php in Flyspeck CMS 6.8 does not require administrative ...)
+ TODO: check
+CVE-2009-1770 (Directory traversal vulnerability in ...)
+ TODO: check
+CVE-2009-1769 (The web interface in OCS Inventory NG 1.01 generates different error ...)
+ TODO: check
+CVE-2009-1768 (Directory traversal vulnerability in download.php in Rama Zaiten CMS ...)
+ TODO: check
+CVE-2009-1767 (admin/edituser.php in 2daybiz Template Monster Clone does not require ...)
+ TODO: check
+CVE-2009-1766 (SQL injection vulnerability in index.php in LightOpenCMS 0.1 allows ...)
+ TODO: check
+CVE-2009-1765 (Multiple directory traversal vulnerabilities in pluck 4.6.2, when ...)
+ TODO: check
+CVE-2009-1764 (SQL injection vulnerability in inc/ajax.asp in MaxCMS 2.0 allows ...)
+ TODO: check
+CVE-2009-1763 (Unspecified vulnerability in the Solaris Secure Digital slot driver ...)
+ TODO: check
+CVE-2009-1762 (Multiple cross-site scripting (XSS) vulnerabilities in the WebAccess ...)
+ TODO: check
CVE-2009-XXXX [radare-common insecure temp files handling]
- radare-common (low)
TODO: file bug
@@ -169,7 +217,7 @@
NOT-FOR-US: phpWebNews
CVE-2008-6812 (SQL injection vulnerability in bukutamu.php in phpWebNews 0.2 allows ...)
NOT-FOR-US: phpWebNews
-CVE-2009-1756 (SLiM Simple Login Manager 1.3.0 includes places the X authority magic ...)
+CVE-2009-1756 (SLiM Simple Login Manager 1.3.0 places the X authority magic cookie ...)
- slim <unfixed> (low; bug #529306)
CVE-2009-1755 (Off-by-one error in the packet_read_query_section function in packet.c ...)
{DSA-1803-1}
@@ -284,8 +332,8 @@
[lenny] - kdebase <not-affected> (vulnerability introduced in konqueror 4)
CVE-2009-1636
RESERVED
-CVE-2009-1635
- RESERVED
+CVE-2009-1635 (Cross-site scripting (XSS) vulnerability in the WebAccess login page ...)
+ TODO: check
CVE-2009-1634
RESERVED
CVE-2009-1633 [CIFS Unicode issue]
@@ -433,7 +481,8 @@
NOT-FOR-US: phPhotoGallery
CVE-2008-6801 (Cross-site request forgery (CSRF) vulnerability in Vivvo CMS before ...)
NOT-FOR-US: Vivvo CMS
-CVE-2008-6800 (Race condition in the winbind daemon (aka winbindd) in Samba before ...)
+CVE-2008-6800
+ REJECTED
- samba 3.2.0~pre2-1 (low; bug #527894)
CVE-2008-6799 (connection.php in FlashChat 5.0.8 allows remote attackers to bypass ...)
NOT-FOR-US: FlashChat
@@ -1000,8 +1049,7 @@
RESERVED
CVE-2009-1382
RESERVED
-CVE-2009-1381 [incomplete fix for CVE-2009-1579]
- RESERVED
+CVE-2009-1381 (The map_yp_alias function in functions/imap_general.php in ...)
{DSA-1802-2}
- squirrelmail 2:1.4.19-1
CVE-2009-1380
More information about the Secure-testing-commits
mailing list