thr3ads.net - Secure testing commits - [Secure-testing-commits] r9461

If this information is useful, please help other people find it:
Share via:
joeyh at alioth.debian.org
2008-Jul-29 09:14 UTC
[Secure-testing-commits] r9461 - data/CVE

Author: joeyh
Date: 2008-07-29 09:14:09 +0000 (Tue, 29 Jul 2008)
New Revision: 9461

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2008-07-29 08:57:23 UTC (rev 9460)
+++ data/CVE/list	2008-07-29 09:14:09 UTC (rev 9461)
@@ -1,3 +1,37 @@
+CVE-2008-3355 (SQL injection vulnerability in sitemap.xml.php in Camera Life
2.6.2 ...)
+	TODO: check
+CVE-2008-3354 (Multiple PHP remote file inclusion vulnerabilities in the Newbb
Plus ...)
+	TODO: check
+CVE-2008-3353 (Multiple cross-site scripting (XSS) vulnerabilities in Pure
Software ...)
+	TODO: check
+CVE-2008-3352 (SQL injection vulnerability in index.php in Live Music Plus
1.1.0 ...)
+	TODO: check
+CVE-2008-3351 (SQL injection vulnerability in atomPhotoBlog.php in Atom
PhotoBlog ...)
+	TODO: check
+CVE-2008-3350 (dnsmasq 2.43 allows remote attackers to cause a denial of
service ...)
+	TODO: check
+CVE-2008-3349 (Multiple unspecified vulnerabilities in NetApp Data ONTAP, as
used on ...)
+	TODO: check
+CVE-2008-3348 (Cross-site scripting (XSS) vulnerability in ...)
+	TODO: check
+CVE-2008-3347 (SQL injection vulnerability in
staticpages/easycalendar/index.php in ...)
+	TODO: check
+CVE-2008-3346 (SQL injection vulnerability in product_detail.php in ShopCart DX
...)
+	TODO: check
+CVE-2008-3345 (SQL injection vulnerability in staticpages/easyecards/index.php
in ...)
+	TODO: check
+CVE-2008-3344 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+	TODO: check
+CVE-2008-3343 (SQL injection vulnerability in staticpages/easypublish/index.php
in ...)
+	TODO: check
+CVE-2008-3342 (Cross-site scripting (XSS) vulnerability in ...)
+	TODO: check
+CVE-2008-3341 (Multiple SQL injection vulnerabilities in search_result.cfm in
Jobbex ...)
+	TODO: check
+CVE-2008-3340 (Cross-site scripting (XSS) vulnerability in search_result.cfm in
...)
+	TODO: check
+CVE-2008-3339 (search_result.cfm in Jobbex JobSite allows remote attackers to
obtain ...)
+	TODO: check
 CVE-2008-XXXX [httrack buffer overflow]
 	- httrack 3.42.3-1 (low)
 	[etch] - httrack <no-dsa> (Minor issue)
@@ -26,8 +60,8 @@
 	- trac 0.11-1
 CVE-2008-3324
 	RESERVED
-CVE-2008-3323
-	RESERVED
+CVE-2008-3323 (setup.exe before 2.573.2.3 in Cygwin does not properly verify
the ...)
+	TODO: check
 CVE-2008-3322 (admin/index.php in Maian Recipe 1.2 and earlier allows remote
...)
 	NOT-FOR-US: Maian *
 CVE-2008-3321 (admin/index.php in Maian Uploader 4.0 and earlier allows remote
...)
@@ -182,7 +216,7 @@
 	NOT-FOR-US: Lenovo System Update
 CVE-2008-3248
 	RESERVED
-CVE-2008-3247 (The LDT implementation in the Linux kernel 2.6.25.x on x86_64
...)
+CVE-2008-3247 (The LDT implementation in the Linux kernel 2.6.25.x before
2.6.25.11 ...)
 	- linux-2.6 2.6.25-7
 	[etch] - linux-2.6 <not-affected> (2.6.25-only issue)
 	[etch] - linux-2.6.24 <not-affected> (2.6.25-only issue)
@@ -232,7 +266,7 @@
 	TODO: check
 CVE-2008-3215 (libclamav/petite.c in ClamAV before 0.93.3 allows remote
attackers to ...)
 	- clamav 0.93.1.dfsg-1.1 (medium)
-CVE-2008-3214 (dnsmasq 2.25 allows remote attackers to cause a denial of
service (1) ...)
+CVE-2008-3214 (dnsmasq 2.25 allows remote attackers to cause a denial of
service ...)
 	- dnsmasq 2.44-1 (medium)
 CVE-2008-3213 (SQL injection vulnerability in secciones/tablon/tablon.php in
WebCMS ...)
 	NOT-FOR-US: WebCMS
@@ -620,12 +654,12 @@
 CVE-2008-3067 (sudo in SUSE openSUSE 10.3 does not clear the stdin buffer when
...)
 	- sudo 1.6.9p12-1
 	[etch] - sudo <not-affected> (Issue was introduced in 1.6.9)
-CVE-2008-3066
-	RESERVED
+CVE-2008-3066 (Stack-based buffer overflow in a certain ActiveX control in
rjbdll.dll ...)
+	TODO: check
 CVE-2008-3065
 	RESERVED
-CVE-2008-3064
-	RESERVED
+CVE-2008-3064 (Unspecified vulnerability in RealNetworks RealPlayer Enterprise,
...)
+	TODO: check
 CVE-2008-3063
 	RESERVED
 CVE-2008-3062
@@ -2306,7 +2340,7 @@
 	RESERVED
 CVE-2008-2318 (The WOHyperlink implementation in WebObjects in Apple Xcode
tools ...)
 	NOT-FOR-US: Apple Xcode
-CVE-2008-2317 (Unspecified vulnerability in WebCore in Safari on Apple iPhone
before ...)
+CVE-2008-2317 (WebCore in Apple Safari does not properly perform garbage
collection ...)
 	NOT-FOR-US: Safari
 CVE-2008-2316
 	RESERVED
@@ -3145,8 +3179,8 @@
 	{DSA-1593-1}
 	- tomcat5.5 5.5.26-3 (low; bug #484643)
 	- tomcat5 <removed>
-CVE-2008-1946
-	RESERVED
+CVE-2008-1946 (The default configuration of su in /etc/pam.d/su in GNU
coreutils ...)
+	TODO: check
 CVE-2008-1945
 	RESERVED
 CVE-2008-1944 (Buffer overflow in the backend framebuffer of XenSource Xen ...)
@@ -11553,8 +11587,8 @@
 	NOT-FOR-US: Layton HelpBox
 CVE-2007-5401 (Unrestricted file upload vulnerability in uploadrequest.asp in
Layton ...)
 	NOT-FOR-US: Layton HelpBox
-CVE-2007-5400
-	RESERVED
+CVE-2007-5400 (Heap-based buffer overflow in the Shockwave Flash (SWF) frame
handling ...)
+	TODO: check
 CVE-2007-5399 (Multiple heap-based buffer overflows in emlsr.dll in the EML
reader in ...)
 	NOT-FOR-US: KeyView
 CVE-2007-5398 (Stack-based buffer overflow in the reply_netbios_packet function
in ...)
Secure testing commits - Jul 2008 - r9461 - data/CVE

[Secure-testing-commits] r9461 - data/CVE
