white at alioth.debian.org
2009-Feb-04 21:45 UTC
[Secure-testing-commits] r11142 - data/CVE
Author: white Date: 2009-02-04 21:45:47 +0000 (Wed, 04 Feb 2009) New Revision: 11142 Modified: data/CVE/list Log: NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2009-02-04 21:14:35 UTC (rev 11141) +++ data/CVE/list 2009-02-04 21:45:47 UTC (rev 11142) @@ -1,59 +1,59 @@ CVE-2009-0417 RESERVED CVE-2009-0416 (The SSL certificate setup program (genSslCert.sh) in Standards Based ...) - TODO: check + NOT-FOR-US: sblim-sfcb CVE-2009-0415 (Untrusted search path vulnerability in trickle 1.07 allows local users ...) TODO: check CVE-2009-0413 (Cross-site scripting (XSS) vulnerability in RoundCube Webmail ...) TODO: check CVE-2009-0412 (The ProcessLogin function in class.auth.php in Interspire Shopping ...) - TODO: check + NOT-FOR-US: Interspire Shopping Cart CVE-2009-0411 (Google Chrome before 1.0.154.46 does not properly restrict access from ...) - TODO: check + NOT-FOR-US: Google Chrome CVE-2009-0410 (Off-by-one error in the SMTP daemon in GroupWise Internet Agent (GWIA) ...) - TODO: check + NOT-FOR-US: Novell GroupWise CVE-2009-0409 (SQL injection vulnerability in offline_auth.php in Max.Blog 1.0.6 and ...) - TODO: check + NOT-FOR-US: Max.Blog CVE-2009-0408 (Cross-site request forgery (CSRF) vulnerability in osCommerce 2.2 RC ...) - TODO: check + NOT-FOR-US: osCommerce CVE-2009-0407 (SQL injection vulnerability in admin/login.php in PHP-CMS Project 1 ...) - TODO: check + NOT-FOR-US: PHP-CMS CVE-2009-0406 (SQL injection vulnerability in index.php in Community CMS 0.4 and ...) - TODO: check + NOT-FOR-US: Community CMS CVE-2009-0405 (SQL injection vulnerability in articles.php in smartSite CMS 1.0 ...) - TODO: check + NOT-FOR-US: smartSite CMS CVE-2009-0404 (Multiple cross-site scripting (XSS) vulnerabilities in Bioinformatics ...) - TODO: check + NOT-FOR-US: Bioinformatics htmLawed CVE-2009-0403 (SQL injection vulnerability in admin/authenticate.php in Chipmunk ...) - TODO: check + NOT-FOR-US: Chipmunk Blogger Script CVE-2009-0402 (SQL injection vulnerability in client/new_account.php in Domain ...) - TODO: check + NOT-FOR-US: Domain Technologie Control CVE-2009-0401 (SQL injection vulnerability in browsecats.php in E-Php CMS allows ...) - TODO: check + NOT-FOR-US: E-Php CMS CVE-2009-0400 (SQL injection vulnerability in blog.php in SocialEngine 3.06 trial ...) - TODO: check + NOT-FOR-US: SocialEngine CVE-2009-0399 (Chipmunk Blogger Script allows remote attackers to gain administrator ...) - TODO: check + NOT-FOR-US: Chipmunk Blogger Script CVE-2009-0398 (Array index error in the gst_qtp_trak_handler function in ...) TODO: check CVE-2009-0397 (Heap-based buffer overflow in the qtdemux_parse_samples function in ...) TODO: check CVE-2009-0396 (The Sony Ericsson W910i, W660i, K618i, K610i, Z610i, K810i, K660i, ...) - TODO: check + NOT-FOR-US: Sony Ericsson CVE-2009-0395 (SQL injection vulnerability in the login feature in NetArt Media Car ...) - TODO: check + NOT-FOR-US: NetArt Media Car Portal CVE-2009-0394 (SQL injection vulnerability in login.php in Pre Lecture Exercises ...) - TODO: check + NOT-FOR-US: Pre Lecture Exercises CVE-2009-0393 (Cross-site scripting (XSS) vulnerability in sysconf.cgi in Motorola ...) - TODO: check + NOT-FOR-US: Motorola Wimax CVE-2009-0392 (Directory traversal vulnerability in sysconf.cgi in Motorola Wimax ...) - TODO: check + NOT-FOR-US: Motorola Wimax CVE-2009-0391 (Unspecified vulnerability in IBM WebSphere Application Server (WAS) ...) - TODO: check + NOT-FOR-US: IBM WebSphere Application Server CVE-2009-0390 (Argument injection vulnerability in Enomaly Elastic Computing Platform ...) - TODO: check + NOT-FOR-US: Enomaly Elastic Computing Platform CVE-2009-0389 (Multiple insecure method vulnerabilities in the Web On Windows (WOW) ...) - TODO: check + NOT-FOR-US: ActiveX CVE-2009-0388 RESERVED CVE-2009-0387 (Array index error in the qtdemux_parse_samples function in ...) @@ -61,117 +61,117 @@ CVE-2009-0386 (Heap-based buffer overflow in the qtdemux_parse_samples function in ...) TODO: check CVE-2009-0384 (SQL injection vulnerability in autor.php in OwnRS CMS 1.2 allows ...) - TODO: check + NOT-FOR-US: OwnRS CMS CVE-2009-0383 (delete.php in Max.Blog 1.0.6 does not properly restrict access, which ...) - TODO: check + NOT-FOR-US: Max.Blog CVE-2009-0382 (Unspecified vulnerability in Internationalization (i18n) Translation ...) TODO: check CVE-2009-0381 (SQL injection vulnerability in the BazaarBuilder Ecommerce Shopping ...) - TODO: check + NOT-FOR-US: BazaarBuilder Ecommerce Shopping Cart CVE-2009-0380 (** DISPUTED ** ...) - TODO: check + NOT-FOR-US: Sigsiu Online Business Index CVE-2009-0379 (SQL injection vulnerability in the Prince Clan Chess Club ...) - TODO: check + NOT-FOR-US: Prince Clan Chess Club CVE-2009-0378 (Cross-site scripting (XSS) vulnerability in index.php in the ...) - TODO: check + NOT-FOR-US: Joomla CVE-2009-0377 (SQL injection vulnerability in the beamospetition (com_beamospetition) ...) - TODO: check + NOT-FOR-US: Joomla CVE-2009-0376 RESERVED CVE-2009-0375 RESERVED CVE-2009-0374 (** DISPUTED ** ...) - TODO: check + NOT-FOR-US: Google Chrome CVE-2009-0373 (SQL injection vulnerability in the ElearningForce Flash Magazine ...) - TODO: check + NOT-FOR-US: Joomla CVE-2009-0372 (Unrestricted file upload vulnerability in index.php in Miltenovik ...) - TODO: check + NOT-FOR-US: Miltenovik Manojlo MemHT Portal CVE-2009-0371 (Directory traversal vulnerability in post.php in SiteXS CMS 0.1.1 and ...) - TODO: check + NOT-FOR-US: SiteXS CMS CVE-2009-0370 (Multiple unspecified vulnerabilities in IBM AIX 5.2.0 through 6.1.2 ...) - TODO: check + NOT-FOR-US: IBM AIX CVE-2009-0369 (Microsoft Internet Explorer 7 allows remote attackers to trick a user ...) - TODO: check + NOT-FOR-US: Microsoft Internet Explorer CVE-2008-6045 (Session fixation vulnerability in xt:Commerce 3.0.4 and earlier allows ...) - TODO: check + NOT-FOR-US: xt:Commerce CVE-2008-6044 (Cross-site scripting (XSS) vulnerability in advanced_search_result.php ...) - TODO: check + NOT-FOR-US: xt:Commerce CVE-2008-6043 (Multiple SQL injection vulnerabilities in PHP Pro Bid (PPB) 6.04 allow ...) - TODO: check + NOT-FOR-US: PHP Pro Bid CVE-2008-6042 (SQL injection vulnerability in the re_search module in NetArtMedia ...) - TODO: check + NOT-FOR-US: NetArtMedia Real Estate Portal CVE-2008-6041 (Multiple cross-site scripting (XSS) vulnerabilities in Index.asp in ...) - TODO: check + NOT-FOR-US: Dataspade CVE-2008-6040 (SQL injection vulnerability in index.php in Arcadem Pro 2.700 through ...) - TODO: check + NOT-FOR-US: Arcadem Pro CVE-2008-6039 (Session fixation vulnerability in BLUEPAGE CMS 2.5 and earlier allows ...) - TODO: check + NOT-FOR-US: BLUEPAGE CMS CVE-2008-6038 (SQL injection vulnerability in index.php in MapCal 0.1 allows remote ...) - TODO: check + NOT-FOR-US: MapCal CVE-2008-6037 (SQL injection vulnerability in view.php in AvailScript Article Script ...) - TODO: check + NOT-FOR-US: AvailScript Article Script CVE-2008-6036 (PHP remote file inclusion vulnerability in main.inc.php in BaseBuilder ...) - TODO: check + NOT-FOR-US: BaseBuilder CVE-2008-6035 (Cross-site scripting (XSS) vulnerability in dispatch.php in Achievo ...) - TODO: check + NOT-FOR-US: Achievo CVE-2008-6034 (Cross-site scripting (XSS) vulnerability in dispatch.php in Achievo ...) - TODO: check + NOT-FOR-US: Achievo CVE-2008-6033 (SQL injection vulnerability in comments.php in WSN Links 2.20 allows ...) - TODO: check + NOT-FOR-US: WSN Links CVE-2008-6032 (SQL injection vulnerability in comments.php in WSN Links Free 4.0.34P ...) - TODO: check + NOT-FOR-US: WSN Links CVE-2008-6031 (SQL injection vulnerability in vote.php in WSN Links 2.22 and 2.23 ...) - TODO: check + NOT-FOR-US: WSN Links CVE-2008-6030 (Multiple SQL injection vulnerabilities in NetArtMedia Jobs Portal 1.3 ...) - TODO: check + NOT-FOR-US: NetArtMedia Jobs Portal CVE-2008-6029 (SQL injection vulnerability in search.php in BuzzyWall 1.3.1 and ...) - TODO: check + NOT-FOR-US: BuzzyWall CVE-2008-6028 (SQL injection vulnerability in list.php in University of Queensland ...) - TODO: check + NOT-FOR-US: Library Fez CVE-2008-6027 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...) - TODO: check + NOT-FOR-US: BLUEPAGE CMS CVE-2008-6026 (SQL injection vulnerability in tienda.php in BlueCUBE CMS allows ...) - TODO: check + NOT-FOR-US: BlueCUBE CMS CVE-2008-6025 (Directory traversal vulnerability in scr/form.php in openElec 3.01 and ...) - TODO: check + NOT-FOR-US: openElec CVE-2008-6024 (Unspecified vulnerability in the NFSv4 client module in the kernel on ...) TODO: check CVE-2008-6023 (PHP remote file inclusion vulnerability in ...) - TODO: check + NOT-FOR-US: Xnova CVE-2008-6022 (PHP remote file inclusion vulnerability in ...) - TODO: check + NOT-FOR-US: Xnova CVE-2008-6021 (Multiple unspecified vulnerabilities in Attachmate Reflection for ...) - TODO: check + NOT-FOR-US: Attachmate Reflection CVE-2008-6020 (SQL injection vulnerability in the Views module 6.x before 6.x-2.2 for ...) TODO: check CVE-2008-6019 (SQL injection vulnerability in index.php in EACOMM DO-CMS 3.0 allows ...) - TODO: check + NOT-FOR-US: EACOMM DO-CMS CVE-2008-6018 (Directory traversal vulnerability in index.php in MyPHPSite, when ...) - TODO: check + NOT-FOR-US: MyPHPSite CVE-2008-6017 (SQL injection vulnerability in messages.php in I-Rater Basic allows ...) - TODO: check + NOT-FOR-US: I-Rater Basic CVE-2008-6016 (SQL injection vulnerability in questions.php in EsFaq 2.0 allows ...) - TODO: check + NOT-FOR-US: EsFaq CVE-2008-6015 (Multiple SQL injection vulnerabilities in search.php in EsFaq 2.0 ...) - TODO: check + NOT-FOR-US: EsFaq CVE-2008-6014 (SQL injection vulnerability in scripts/links.php in Rianxosencabos CMS ...) - TODO: check + NOT-FOR-US: Rianxosencabos CMS CVE-2008-6013 (Multiple SQL injection vulnerabilities in Freeway before 1.4.3.210 ...) - TODO: check + NOT-FOR-US: Freeway CVE-2008-6012 (Directory traversal vulnerability in index.php in Pritlog 0.4 and ...) - TODO: check + NOT-FOR-US: Pritlog CVE-2008-6011 (SQL injection vulnerability in index.php in SG Real Estate Portal 2.0 ...) - TODO: check + NOT-FOR-US: SG Real Estate Portal CVE-2008-6010 (Multiple directory traversal vulnerabilities in SG Real Estate Portal ...) - TODO: check + NOT-FOR-US: SG Real Estate Portal CVE-2008-6009 (SG Real Estate Portal 2.0 allows remote attackers to bypass ...) - TODO: check + NOT-FOR-US: SG Real Estate Portal CVE-2008-6008 (hyBook Guestbook Script stores sensitive information under the web ...) - TODO: check + NOT-FOR-US: hyBook Guestbook Script CVE-2008-6007 (SQL injection vulnerability in view_group.php in QuidaScript BookMarks ...) - TODO: check + NOT-FOR-US: QuidaScript BookMarks Favourites Script CVE-2008-6006 (Multiple PHP remote file inclusion vulnerabilities in Micronation ...) - TODO: check + NOT-FOR-US: Micronation Banking System CVE-2009-XXXX [mahara: XSS in forum posts] - mahara 1.0.9-1 (low) [lenny] - mahara 1.0.4-4