thr3ads.net - Secure testing commits - [Secure-testing-commits] r10795

If this information is useful, please help other people find it:
Share via:

joeyh at alioth.debian.org

2008-Dec-24 21:14 UTC

[Secure-testing-commits] r10795 - data/CVE

Author: joeyh
Date: 2008-12-24 21:14:09 +0000 (Wed, 24 Dec 2008)
New Revision: 10795

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2008-12-24 15:02:44 UTC (rev 10794)
+++ data/CVE/list	2008-12-24 21:14:09 UTC (rev 10795)
@@ -1,3 +1,5 @@
+CVE-2008-5707 (SQL injection vulnerability in urunler.asp in Iltaweb Alisveris
...)
+	TODO: check
 CVE-2008-5704 (src/unit_test.c in gpsdrive (aka gpsdrive-scripts) 2.10~pre4
might ...)
 	TODO: check
 CVE-2008-5703 (gpsdrive (aka gpsdrive-scripts) 2.10~pre4 allows local users to
...)
@@ -370,8 +372,8 @@
 	NOT-FOR-US: PostEcards
 CVE-2008-5558 (Asterisk Open Source 1.2.26 through 1.2.30.3 and Business
Edition ...)
 	TODO: check
-CVE-2008-5557
-	RESERVED
+CVE-2008-5557 (Heap-based buffer overflow in ...)
+	TODO: check
 CVE-2008-XXXX [phpBB3 Account Re-activation Security Bypass]
 	- phpbb3 <unfixed> (low; bug #508872)
 CVE-2008-5556 (** DISPUTED ** ...)
@@ -459,8 +461,8 @@
 	RESERVED
 CVE-2008-5515
 	RESERVED
-CVE-2008-5514
-	RESERVED
+CVE-2008-5514 (Off-by-one error in the rfc822_output_char function in the ...)
+	TODO: check
 CVE-2008-5513 (Unspecified vulnerability in the session-restore feature in
Mozilla ...)
 	- iceweasel <unfixed>
 CVE-2008-5512 (Multiple unspecified vulnerabilities in Mozilla Firefox 3.x
before ...)
@@ -3290,12 +3292,12 @@
 CVE-2008-4306 (Buffer overflow in enscript before 1.6.4 has unknown impact and
attack ...)
 	{DSA-1670-1}
 	- enscript 1.6.4-13 (bug #506261)
-CVE-2008-4305
-	RESERVED
-CVE-2008-4304
-	RESERVED
-CVE-2008-4303
-	RESERVED
+CVE-2008-4305 (Static code injection vulnerability in installation/setup.php in
...)
+	TODO: check
+CVE-2008-4304 (general/login.php in phpCollab 2.5 rc3 and earlier allows remote
...)
+	TODO: check
+CVE-2008-4303 (Multiple SQL injection vulnerabilities in phpCollab 2.5 rc3,
2.4, and ...)
+	TODO: check
 CVE-2008-4302 (fs/splice.c in the splice subsystem in the Linux kernel before
...)
 	{DSA-1653-1}
 	- linux-2.6 2.6.22-4 (low)
@@ -7818,10 +7820,10 @@
 	NOT-FOR-US: Trend Micro OfficeScan
 CVE-2008-2436 (Multiple heap-based buffer overflows in the IppCreateServerRef
...)
 	NOT-FOR-US: Novell iPrint Client
-CVE-2008-2435
-	RESERVED
-CVE-2008-2434
-	RESERVED
+CVE-2008-2435 (Use-after-free vulnerability in the Trend Micro HouseCall
ActiveX ...)
+	TODO: check
+CVE-2008-2434 (The Trend Micro HouseCall ActiveX control 6.51.0.1028 and
6.6.0.1278 ...)
+	TODO: check
 CVE-2008-2433 (The web management console in Trend Micro OfficeScan 7.0 through
8.0, ...)
 	NOT-FOR-US: Trend Micro OfficeScan
 CVE-2008-2432 (Insecure method vulnerability in the GetFileList method in an
...)

Secure testing commits - Dec 2008 - r10795 - data/CVE

[Secure-testing-commits] r10795 - data/CVE