[Secure-testing-commits] r11977 - data/CVE

Joey Hess joeyh at alioth.debian.org
Tue May 26 21:14:13 UTC 2009 

Author: joeyh
Date: 2009-05-26 21:14:12 +0000 (Tue, 26 May 2009)
New Revision: 11977

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-05-26 15:35:38 UTC (rev 11976)
+++ data/CVE/list	2009-05-26 21:14:12 UTC (rev 11977)
@@ -1,3 +1,51 @@
+CVE-2009-1785 (Cross-site scripting (XSS) vulnerability in Ulteo Open Virtual Desktop ...)
+	TODO: check
+CVE-2009-1784 (The AVG parsing engine 8.5 323, as used in multiple AVG anti-virus ...)
+	TODO: check
+CVE-2009-1783 (Multiple FRISK Software F-Prot anti-virus products, including ...)
+	TODO: check
+CVE-2009-1782 (Multiple F-Secure anti-virus products, including Anti-Virus for ...)
+	TODO: check
+CVE-2009-1781 (Static code injection vulnerability in admin.php in Frax.dk Php ...)
+	TODO: check
+CVE-2009-1780 (admin.php in Frax.dk Php Recommend 1.3 and earlier does not require ...)
+	TODO: check
+CVE-2009-1779 (PHP remote file inclusion vulnerability in admin.php in Frax.dk Php ...)
+	TODO: check
+CVE-2009-1778 (SQL injection vulnerability in the new user registration feature in ...)
+	TODO: check
+CVE-2009-1777 (CRLF injection vulnerability in FormMail.pl in Matt Wright FormMail ...)
+	TODO: check
+CVE-2009-1776 (Multiple cross-site scripting (XSS) vulnerabilities in FormMail.pl in ...)
+	TODO: check
+CVE-2009-1775 (Multiple cross-site scripting (XSS) vulnerabilities in Ulteo Open ...)
+	TODO: check
+CVE-2009-1774 (Directory traversal vulnerability in plugins/ddb/foot.php in ...)
+	TODO: check
+CVE-2009-1773 (activeCollab 2.1 Corporate allows remote attackers to obtain sensitive ...)
+	TODO: check
+CVE-2009-1772 (Cross-site scripting (XSS) vulnerability in activeCollab 2.1 Corporate ...)
+	TODO: check
+CVE-2009-1771 (index.php in Flyspeck CMS 6.8 does not require administrative ...)
+	TODO: check
+CVE-2009-1770 (Directory traversal vulnerability in ...)
+	TODO: check
+CVE-2009-1769 (The web interface in OCS Inventory NG 1.01 generates different error ...)
+	TODO: check
+CVE-2009-1768 (Directory traversal vulnerability in download.php in Rama Zaiten CMS ...)
+	TODO: check
+CVE-2009-1767 (admin/edituser.php in 2daybiz Template Monster Clone does not require ...)
+	TODO: check
+CVE-2009-1766 (SQL injection vulnerability in index.php in LightOpenCMS 0.1 allows ...)
+	TODO: check
+CVE-2009-1765 (Multiple directory traversal vulnerabilities in pluck 4.6.2, when ...)
+	TODO: check
+CVE-2009-1764 (SQL injection vulnerability in inc/ajax.asp in MaxCMS 2.0 allows ...)
+	TODO: check
+CVE-2009-1763 (Unspecified vulnerability in the Solaris Secure Digital slot driver ...)
+	TODO: check
+CVE-2009-1762 (Multiple cross-site scripting (XSS) vulnerabilities in the WebAccess ...)
+	TODO: check
 CVE-2009-XXXX [radare-common insecure temp files handling]
 	- radare-common (low)
 	TODO: file bug
@@ -169,7 +217,7 @@
 	NOT-FOR-US: phpWebNews
 CVE-2008-6812 (SQL injection vulnerability in bukutamu.php in phpWebNews 0.2 allows ...)
 	NOT-FOR-US: phpWebNews
-CVE-2009-1756 (SLiM Simple Login Manager 1.3.0 includes places the X authority magic ...)
+CVE-2009-1756 (SLiM Simple Login Manager 1.3.0 places the X authority magic cookie ...)
 	- slim <unfixed> (low; bug #529306)
 CVE-2009-1755 (Off-by-one error in the packet_read_query_section function in packet.c ...)
 	{DSA-1803-1}
@@ -284,8 +332,8 @@
 	[lenny] - kdebase <not-affected> (vulnerability introduced in konqueror 4)
 CVE-2009-1636
 	RESERVED
-CVE-2009-1635
-	RESERVED
+CVE-2009-1635 (Cross-site scripting (XSS) vulnerability in the WebAccess login page ...)
+	TODO: check
 CVE-2009-1634
 	RESERVED
 CVE-2009-1633 [CIFS Unicode issue]
@@ -433,7 +481,8 @@
 	NOT-FOR-US: phPhotoGallery
 CVE-2008-6801 (Cross-site request forgery (CSRF) vulnerability in Vivvo CMS before ...)
 	NOT-FOR-US: Vivvo CMS
-CVE-2008-6800 (Race condition in the winbind daemon (aka winbindd) in Samba before ...)
+CVE-2008-6800
+	REJECTED
 	- samba 3.2.0~pre2-1 (low; bug #527894)
 CVE-2008-6799 (connection.php in FlashChat 5.0.8 allows remote attackers to bypass ...)
 	NOT-FOR-US: FlashChat
@@ -1000,8 +1049,7 @@
 	RESERVED
 CVE-2009-1382
 	RESERVED
-CVE-2009-1381 [incomplete fix for CVE-2009-1579]
-	RESERVED
+CVE-2009-1381 (The map_yp_alias function in functions/imap_general.php in ...)
 	{DSA-1802-2}
 	- squirrelmail 2:1.4.19-1
 CVE-2009-1380

More information about the Secure-testing-commits mailing list