[Secure-testing-commits] r12750 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Fri Sep 4 21:14:46 UTC 2009
Author: joeyh
Date: 2009-09-04 21:14:43 +0000 (Fri, 04 Sep 2009)
New Revision: 12750
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-09-04 21:13:31 UTC (rev 12749)
+++ data/CVE/list 2009-09-04 21:14:43 UTC (rev 12750)
@@ -1,60 +1,66 @@
CVE-2009-3068
NOT-FOR-US: Adobe RoboHelp Server
-CVE-2009-3067
+CVE-2009-3067 (Cross-site scripting (XSS) vulnerability in index.php in Reservation ...)
NOT-FOR-US: Reservation Manager
-CVE-2009-3066
+CVE-2009-3066 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
NOT-FOR-US: PropertyWatchScript.com Property Watch
-CVE-2009-3065
+CVE-2009-3065 (PHP remote file inclusion vulnerability in editor/edit_htmlarea.php in ...)
NOT-FOR-US: Ve-EDIT
-CVE-2009-3064
+CVE-2009-3064 (Directory traversal vulnerability in debugger/debug_php.php in Ve-EDIT ...)
NOT-FOR-US: Ve-EDIT
-CVE-2009-3063
+CVE-2009-3063 (SQL injection vulnerability in the Game Server (com_gameserver) ...)
NOT-FOR-US: Joomla!
-CVE-2009-3062
+CVE-2009-3062 (SQL injection vulnerability in message_box.php in OSI Codes PHP Live! ...)
NOT-FOR-US: OSI Codes PHP Live!
-CVE-2009-3061
+CVE-2009-3061 (SQL injection vulnerability in lesson.php in Alqatari Q R Script 1.0 ...)
NOT-FOR-US: Alqatari Q R Script
-CVE-2009-3060
+CVE-2009-3060 (Multiple cross-site scripting (XSS) vulnerabilities in Joker Board ...)
NOT-FOR-US: Joker Board
-CVE-2009-3059
+CVE-2009-3059 (Multiple SQL injection vulnerabilities in Joker Board (aka JBoard) 2.0 ...)
NOT-FOR-US: Joker Board
-CVE-2009-3058
+CVE-2009-3058 (Stack-based buffer overflow in akPlayer 1.9.0 allows remote attackers ...)
NOT-FOR-US: akPlayer
-CVE-2009-3057
+CVE-2009-3057 (Multiple cross-site scripting (XSS) vulnerabilities in AOM Software ...)
NOT-FOR-US: AOM Software Beex
-CVE-2009-3056
+CVE-2009-3056 (PHP remote file inclusion vulnerability in ...)
NOT-FOR-US: KingCMS
-CVE-2009-3055
+CVE-2009-3055 (PHP remote file inclusion vulnerability in engine/api/api.class.php in ...)
NOT-FOR-US: DataLife Engine
-CVE-2009-3054
+CVE-2009-3054 (SQL injection vulnerability in the Artetics.com Art Portal ...)
NOT-FOR-US: Joomla!
-CVE-2009-3053
+CVE-2009-3053 (Directory traversal vulnerability in the Agora (com_agora) component ...)
NOT-FOR-US: Joomla!
-CVE-2009-3052
+CVE-2009-3052 (SQL injection vulnerability in root/includes/prime_quick_style.php in ...)
NOT-FOR-US: Prime Quick Style addon
-CVE-2008-7166
+CVE-2008-7166 (Buffer overflow in the web interface in BitTorrent 6.0.1 (build 7859) ...)
NOT-FOR-US: web interface in BitTorrent 6.0.1 (build 7859)
-CVE-2008-7165
+CVE-2008-7165 (Cross-site request forgery in cp06_wifi_m_nocifr.cgi in the ...)
NOT-FOR-US: TELECOM ITALIA Alice Gate2 Plus Wi-Fi
-CVE-2008-7164
+CVE-2008-7164 (Multiple unspecified vulnerabilities in Shareaza before 2.3.1.0 have ...)
NOT-FOR-US: Shareaza
-CVE-2008-7163
+CVE-2008-7163 (Directory traversal vulnerability in mods/Integrated/index.php in ...)
NOT-FOR-US: SineCMS
-CVE-2008-7162
+CVE-2008-7162 (Buffer overflow in Hero Super Player 3000 allows remote attackers to ...)
NOT-FOR-US: Hero Super Player
-CVE-2008-7161
+CVE-2008-7161 (Fortinet FortiGuard Fortinet FortiGate-1000 3.00 build 040075,070111 ...)
NOT-FOR-US: Fortinet FortiGuard Fortinet
CVE-2008-7159 [silc ASN1 encoding format string vulnerability]
+ RESERVED
+ {DSA-1879-1}
- silc-toolkit 1.1.10-1 (low)
- silc-client 1.1-2 (low)
- silc-server <not-affected> (Vulnerable code not present)
NOTE: silc-client uses libsilc from silc-toolkit since 1.1-2
CVE-2009-3051 [silc various format string vulnerabilities]
+ RESERVED
+ {DSA-1879-1}
- silc-toolkit 1.1.10-1 (medium)
- silc-client 1.1-2 (medium)
- silc-server 1.1.2-1 (medium)
NOTE: silc-client/silc-server use libsilc from silc-toolkit since 1.1-2
CVE-2008-7160 [silcd format string vulnerability in http server]
+ RESERVED
+ {DSA-1879-1}
- silc-toolkit 1.1.10-1 (low)
- silc-client <not-affected> (Vulnerable code not present)
- silc-server 1.1.2-1 (low)
@@ -1987,7 +1993,7 @@
RESERVED
CVE-2009-2522
RESERVED
-CVE-2009-2521
+CVE-2009-2521 (Stack consumption vulnerability in the FTP server in Microsoft ...)
NOT-FOR-US: Microsoft Internet Information Server
CVE-2009-2520
RESERVED
@@ -3056,6 +3062,7 @@
RESERVED
CVE-2009-2139
RESERVED
+ {DSA-1880-1}
CVE-2009-2138 (Multiple open redirect vulnerabilities in TBDev.NET 01-01-08 allow ...)
NOT-FOR-US: TBDev.NET
CVE-2009-2137 (Memory leak in the Ultra-SPARC T2 crypto provider device driver (aka ...)
@@ -9914,8 +9921,10 @@
CVE-2009-0202 (Array index error in FL21WIN.DLL in the PowerPoint Freelance Windows ...)
NOT-FOR-US: Microsoft
CVE-2009-0201 (Heap-based buffer overflow in OpenOffice.org (OOo) before 3.1.1 might ...)
+ {DSA-1880-1}
TODO: check
CVE-2009-0200 (Integer underflow in OpenOffice.org (OOo) before 3.1.1 might allow ...)
+ {DSA-1880-1}
TODO: check
CVE-2009-0199
RESERVED
@@ -62987,7 +62996,7 @@
NOT-FOR-US: Opera
CVE-2005-3058 (Interpretation conflict in Fortinet FortiGate 2.8, running FortiOS ...)
NOT-FOR-US: FortiGate
-CVE-2005-3057 (Unspecified vulnerability in the FTP component in FortiGate 2.8, ...)
+CVE-2005-3057 (The FTP component in FortiGate 2.8 running FortiOS 2.8MR10 and v3beta, ...)
NOT-FOR-US: FortiGate
CVE-2005-3056 [TWiki INCLUDE function allows arbitrary shell command execution ]
RESERVED
More information about the Secure-testing-commits
mailing list