[Secure-testing-commits] r12784 - data/CVE

Thu Sep 10 21:14:15 UTC 2009

Author: joeyh
Date: 2009-09-10 21:14:14 +0000 (Thu, 10 Sep 2009)
New Revision: 12784

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2009-09-10 15:55:54 UTC (rev 12783)
+++ data/CVE/list	2009-09-10 21:14:14 UTC (rev 12784)
@@ -1,3 +1,71 @@
+CVE-2009-3125
+	RESERVED
+CVE-2009-3124 (Directory traversal vulnerability in get_message.cgi in QuarkMail ...)
+	TODO: check
+CVE-2009-3123 (Directory traversal vulnerability in gallery/gallery.php in Wap-Motor ...)
+	TODO: check
+CVE-2009-3122 (The Ajax Table module 5.x for Drupal does not perform access control, ...)
+	TODO: check
+CVE-2009-3121 (Cross-site scripting (XSS) vulnerability in the Ajax Table module 5.x ...)
+	TODO: check
+CVE-2009-3120 (Cross-site scripting (XSS) vulnerability in public/index.php in BIGACE ...)
+	TODO: check
+CVE-2009-3119 (SQL injection vulnerability in screen.php in the Download System mSF ...)
+	TODO: check
+CVE-2009-3118 (SQL injection vulnerability in mod/poll/comment.php in the vote module ...)
+	TODO: check
+CVE-2009-3117 (SQL injection vulnerability in category.php in Snow Hall Silurus ...)
+	TODO: check
+CVE-2009-3116 (SQL injection vulnerability in index.php in Uiga Church Portal allows ...)
+	TODO: check
+CVE-2009-3115 (SolarWinds TFTP Server 9.2.0.111 and earlier allows remote attackers ...)
+	TODO: check
+CVE-2009-3114 (The RSS reader widget in IBM Lotus Notes 8.5 saves items from an RSS ...)
+	TODO: check
+CVE-2009-3113 (Unspecified vulnerability in OXID eShop Professional, Enterprise, and ...)
+	TODO: check
+CVE-2009-3112 (Unspecified vulnerability in OXID eShop Professional, Enterprise, and ...)
+	TODO: check
+CVE-2009-3111 (The rad_decode function in FreeRADIUS before 1.1.8 allows remote ...)
+	TODO: check
+CVE-2008-7202 (Multiple cross-site scripting (XSS) vulnerabilities in OpenWebMail ...)
+	TODO: check
+CVE-2008-7201 (Lantronix MSS485-T allows remote attackers to cause a denial of ...)
+	TODO: check
+CVE-2008-7200 (Double free vulnerability in Deliantra server engine before 2.4 has ...)
+	TODO: check
+CVE-2008-7199 (Phoenix Contact FL IL 24 BK-PAC allows remote attackers to cause a ...)
+	TODO: check
+CVE-2008-7198 (Multiple unspecified vulnerabilities in phpns before 2.1.1beta1 have ...)
+	TODO: check
+CVE-2008-7197 (Multiple unspecified vulnerabilities in G15Daemon before 1.9.4 have ...)
+	TODO: check
+CVE-2008-7196 (Unspecified vulnerability in metashell before 0.03 has unknown impact ...)
+	TODO: check
+CVE-2008-7195 (Unspecified vulnerability in Fujitsu Interstage HTTP Server, as used ...)
+	TODO: check
+CVE-2008-7194 (Unspecified vulnerability in Fujitsu Interstage HTTP Server, as used ...)
+	TODO: check
+CVE-2008-7193 (PHPKIT 1.6.4 PL1 includes the session ID in the URL, which allows ...)
+	TODO: check
+CVE-2008-7192 (Cross-site request forgery (CSRF) vulnerability in index.php in ...)
+	TODO: check
+CVE-2008-7191 (Unspecified vulnerability in Polipo before 1.0.4 allows remote ...)
+	TODO: check
+CVE-2008-7190 (Unspecified vulnerability in Adium before 1.2 has unknown impact and ...)
+	TODO: check
+CVE-2008-7189 (Multiple unspecified vulnerabilities in Local Media Browser before 0.1 ...)
+	TODO: check
+CVE-2008-7188 (ClipShare 2.6 does not properly restrict access to certain ...)
+	TODO: check
+CVE-2008-7187 (Coppermine Photo Gallery (CPG) 1.4.14 allows remote attackers to ...)
+	TODO: check
+CVE-2008-7186 (Coppermine Photo Gallery (CPG) 1.4.14 does not restrict access to ...)
+	TODO: check
+CVE-2007-6730 (Multiple cross-site request forgery (CSRF) vulnerabilities in the web ...)
+	TODO: check
+CVE-2007-6729 (Cross-site scripting (XSS) vulnerability in the web management ...)
+	TODO: check
 CVE-2009-3110 (Race condition in the file transfer functionality in Symantec Altiris ...)
 	NOT-FOR-US: Symantec Altiris Deployment Solution
 CVE-2009-3109 (Unspecified vulnerability in the AClient agent in Symantec Altiris ...)
@@ -2889,8 +2957,8 @@
 	NOT-FOR-US: Sun Java System Access Manager
 CVE-2009-2267
 	RESERVED
-CVE-2009-2266
-	RESERVED
+CVE-2009-2266 (OXID eShop 4.x before 4.1.4-21266, 3.x, and 2.x allows remote ...)
+	TODO: check
 CVE-2009-2281 [Heap-based buffer underflow in the readPostBody function in cgiutil.c ...]
 	RESERVED
 	- mapserver 5.4.2-1 (medium; bug #535340)
@@ -3073,8 +3141,8 @@
 	RESERVED
 CVE-2009-2206
 	RESERVED
-CVE-2009-2205
-	RESERVED
+CVE-2009-2205 (Stack-based buffer overflow in the Java Web Start command launcher in ...)
+	TODO: check
 CVE-2009-2204 (Unspecified vulnerability in the CoreTelephony component in Apple ...)
 	NOT-FOR-US: Apple iPhone OS 
 CVE-2009-2203


