thr3ads.net - Secure testing commits - [Secure-testing-commits] r10205

If this information is useful, please help other people find it:
Share via:

joeyh at alioth.debian.org

2008-Oct-29 21:14 UTC

[Secure-testing-commits] r10205 - data/CVE

Author: joeyh
Date: 2008-10-29 21:14:14 +0000 (Wed, 29 Oct 2008)
New Revision: 10205

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2008-10-29 19:29:57 UTC (rev 10204)
+++ data/CVE/list	2008-10-29 21:14:14 UTC (rev 10205)
@@ -1,4 +1,14 @@
-CVE-2008-4776 [libgadu: DoS via a contact description with a large length]
+CVE-2008-4774 (Cross-site scripting (XSS) vulnerability in main/main.php in
QuestCMS ...)
+	TODO: check
+CVE-2008-4773 (Directory traversal vulnerability in main/main.php in QuestCMS
allows ...)
+	TODO: check
+CVE-2008-4772 (SQL injection vulnerability in main/main.php in QuestCMS allows
remote ...)
+	TODO: check
+CVE-2008-4771 (Stack-based buffer overflow in VATDecoder.VatCtrl.1 ActiveX
control in ...)
+	TODO: check
+CVE-2008-4770
+	RESERVED
+CVE-2008-4776 (libgadu before 1.8.2 allows remote servers to cause a denial of
...)
 	- libgadu <unfixed> (bug #503916)
 CVE-2008-4769 (Directory traversal vulnerability in the get_category_template
...)
 	- wordpress 2.5.1-1
@@ -64,7 +74,7 @@
 	- kvirc 2:3.4.0-3 (bug #503401)
 CVE-2008-XXXX [balazar3: insecure temp file handling]
 	- balazar3 0.1-2 (bug #503750)
-CVE-2008-4775 [XSS in phpmyadmin via db parameter in pmd_pdf.php]
+CVE-2008-4775 (Cross-site scripting (XSS) vulnerability in pmd_pdf.php in
phpMyAdmin ...)
 	- phpmyadmin <unfixed> (low)
 	NOTE: http://www.securityfocus.com/archive/1/497815
 CVE-2008-XXXX [programming error in blender can cause arbitrary code execution]
@@ -3037,7 +3047,7 @@
 	[etch] - yelp <not-affected> (Vulnerable code not present)
 CVE-2008-3531 (Stack-based buffer overflow in sys/kern/vfs_mount.c in the
kernel in ...)
 	- kfreebsd-7 7.0-5
-CVE-2008-3530 (sys/netinet6/icmp6.c in the kernel in FreeBSD 6.3 through 7.1
does not ...)
+CVE-2008-3530 (sys/netinet6/icmp6.c in the kernel in FreeBSD 6.3 through 7.1,
NetBSD ...)
 	- kfreebsd-6 6.3-7
 	- kfreebsd-7 7.0-5
 CVE-2008-3529 (Heap-based buffer overflow in the xmlParseAttValueComplex
function in ...)
@@ -5993,9 +6003,11 @@
 	RESERVED
 CVE-2008-2238 [OpenOffice EMF parser overflow]
 	RESERVED
+	{DSA-1661-1}
 	- openoffice.org 2.4.1-12
 CVE-2008-2237 [OpenOffice WMF parser overflow]
 	RESERVED
+	{DSA-1661-1}
 	- openoffice.org 2.4.1-12
 CVE-2008-2236 (Cross-site scripting (XSS) vulnerability in blosxom.cgi in
Blosxom ...)
 	- blosxom 2.1.2-1 (low; bug #500873)
@@ -8712,7 +8724,7 @@
 	NOT-FOR-US: Podcast Generator
 CVE-2008-1123 (Multiple PHP remote file inclusion vulnerabilities in
SiteBuilder ...)
 	NOT-FOR-US: SiteBuilder
-CVE-2008-1122 (SQL injection vulnerability in index.php in Koobi Pro 5.7 allows
...)
+CVE-2008-1122 (SQL injection vulnerability in the downloads module in Koobi Pro
5.7 ...)
 	NOT-FOR-US: Koobi
 CVE-2008-1121 (SQL injection vulnerability in index.php in eazyPortal 1.0 and
earlier ...)
 	NOT-FOR-US: eazyPortal

Secure testing commits - Oct 2008 - r10205 - data/CVE

[Secure-testing-commits] r10205 - data/CVE