joeyh at alioth.debian.org
2009-Feb-11 21:14 UTC
[Secure-testing-commits] r11193 - data/CVE
Author: joeyh
Date: 2009-02-11 21:14:09 +0000 (Wed, 11 Feb 2009)
New Revision: 11193
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2009-02-11 21:05:22 UTC (rev 11192)
+++ data/CVE/list 2009-02-11 21:14:09 UTC (rev 11193)
@@ -1,3 +1,71 @@
+CVE-2009-0524
+ RESERVED
+CVE-2009-0523
+ RESERVED
+CVE-2009-0522
+ RESERVED
+CVE-2009-0521
+ RESERVED
+CVE-2009-0520
+ RESERVED
+CVE-2009-0519
+ RESERVED
+CVE-2009-0518
+ RESERVED
+CVE-2009-0517 (Eval injection vulnerability in index.php in phpSlash 0.8.1.1
and ...)
+ TODO: check
+CVE-2009-0516 (SQL injection vulnerability in the classified page
(classified.php) in ...)
+ TODO: check
+CVE-2009-0515 (Directory traversal vulnerability in check_lang.php in Yet
Another ...)
+ TODO: check
+CVE-2009-0514 (Multiple directory traversal vulnerabilities in WebFrame 0.76
allow ...)
+ TODO: check
+CVE-2009-0513 (Multiple PHP remote file inclusion vulnerabilities in WebFrame
0.76 ...)
+ TODO: check
+CVE-2009-0512
+ RESERVED
+CVE-2009-0511
+ RESERVED
+CVE-2009-0510
+ RESERVED
+CVE-2009-0509
+ RESERVED
+CVE-2009-0508
+ RESERVED
+CVE-2009-0507
+ RESERVED
+CVE-2009-0506
+ RESERVED
+CVE-2009-0505
+ RESERVED
+CVE-2009-0504
+ RESERVED
+CVE-2009-0503
+ RESERVED
+CVE-2008-6110 (Unspecified vulnerability in SemanticScuttle before 0.90 has
unknown ...)
+ TODO: check
+CVE-2008-6109 (Robin Rawson-Tetley Animal Shelter Manager (ASM) before 2.2.2
does not ...)
+ TODO: check
+CVE-2008-6108 (Cross-site scripting (XSS) vulnerability in result.php in
Galatolo ...)
+ TODO: check
+CVE-2008-6107 (The (1) sys32_mremap function in
arch/sparc64/kernel/sys_sparc32.c, ...)
+ TODO: check
+CVE-2008-6106 (Cross-site request forgery (CSRF) vulnerability in IBM Workplace
for ...)
+ TODO: check
+CVE-2008-6105 (Cross-site scripting (XSS) vulnerability in IBM Workplace for
Business ...)
+ TODO: check
+CVE-2008-6104 (SQL injection vulnerability in A4Desk PHP Event Calendar allows
remote ...)
+ TODO: check
+CVE-2008-6103 (PHP remote file inclusion vulnerability in index.php in A4Desk
Event ...)
+ TODO: check
+CVE-2008-6102 (SQL injection vulnerability in ratelink.php in Link Trader
Script ...)
+ TODO: check
+CVE-2008-6101 (SQL injection vulnerability in click.php in Adult Banner
Exchange ...)
+ TODO: check
+CVE-2008-6100 (Multiple SQL injection vulnerabilities in Discussion Forums 2k
3.3, ...)
+ TODO: check
+CVE-2008-6099 (PHP remote file inclusion vulnerability in index.php in RPortal
1.1 ...)
+ TODO: check
CVE-2009-XXXX [tor: potential crash on exit nodes when processing malformed
input]
- tor 0.2.0.34-1
CVE-2009-XXXX [tor: DoS vulnerability that could be performed by a directory
mirror]
@@ -75,8 +143,8 @@
NOT-FOR-US: OpenSolaris
CVE-2009-0476 (Stack-based buffer overflow in MultiMedia Soft AdjMmsEng.dll
7.11.1.0 ...)
NOT-FOR-US: MultiMedia Soft audio components
-CVE-2009-0475
- RESERVED
+CVE-2009-0475 (Integer underflow in the Huffman decoding functionality ...)
+ TODO: check
CVE-2009-0474 (The web interface in the Rockwell Automation ControlLogix
1756-ENBT/A ...)
NOT-FOR-US: Rockwell EtherNet/IP Bridge Module
CVE-2009-0473 (Open redirect vulnerability in the web interface in the Rockwell
...)
@@ -115,8 +183,8 @@
NOT-FOR-US: AJA Portal
CVE-2009-0456 (PHP remote file inclusion vulnerability in ...)
NOT-FOR-US: patForms
-CVE-2009-0455
- RESERVED
+CVE-2009-0455 (Cross-site scripting (XSS) vulnerability in the anonymous
comments ...)
+ TODO: check
CVE-2009-0454 (Multiple SQL injection vulnerabilities in DMXReady Online
Notebook ...)
NOT-FOR-US: DMXReady Online Notebook Manager
CVE-2009-0453 (Online Grades 3.2.4 allows remote attackers to obtain
configuration ...)
@@ -149,20 +217,20 @@
RESERVED
CVE-2009-0439
RESERVED
-CVE-2009-0438
- RESERVED
-CVE-2009-0437
- RESERVED
-CVE-2009-0436
- RESERVED
-CVE-2009-0435
- RESERVED
-CVE-2009-0434
- RESERVED
-CVE-2009-0433
- RESERVED
-CVE-2009-0432
- RESERVED
+CVE-2009-0438 (IBM WebSphere Application Server (WAS) 7 before 7.0.0.1 on
Windows ...)
+ TODO: check
+CVE-2009-0437 (The Installation Factory installation process for IBM WebSphere
...)
+ TODO: check
+CVE-2009-0436 (The (1) mod_ibm_ssl and (2) mod_cgid modules in IBM HTTP Server
6.0.x ...)
+ TODO: check
+CVE-2009-0435 (Unspecified vulnerability in the IBM Asynchronous I/O (aka AIO
or ...)
+ TODO: check
+CVE-2009-0434 (PerfServlet in the PMI/Performance Tools component in IBM
WebSphere ...)
+ TODO: check
+CVE-2009-0433 (Unspecified vulnerability in IBM WebSphere Application Server
(WAS) ...)
+ TODO: check
+CVE-2009-0432 (The installation process for the File Transfer servlet in the
System ...)
+ TODO: check
CVE-2008-6090 (Directory traversal vulnerability in members.php in ScriptsEz
Mini ...)
NOT-FOR-US: ScriptsEz Mini Hosting Panel
CVE-2008-6089 (Directory traversal vulnerability in main.php in ScriptsEz Easy
Image ...)
@@ -524,10 +592,13 @@
- fail2ban 0.8.3-2sid1 (low; bug #514163)
CVE-2009-0361
RESERVED
+ {DSA-1722-1 DSA-1721-1}
CVE-2009-0360
RESERVED
+ {DSA-1721-1}
CVE-2009-0359 [Cross-site scripting via missing input sanitising]
RESERVED
+ {DTSA-194-1}
- samizdat <unfixed>
CVE-2009-0358 (Mozilla Firefox 3.x before 3.0.6 does not properly implement the
(1) ...)
- iceweasel 3.0
@@ -710,8 +781,8 @@
RESERVED
CVE-2009-0306
RESERVED
-CVE-2009-0305
- RESERVED
+CVE-2009-0305 (Buffer overflow in the Research in Motion RIM AxLoader ActiveX
control ...)
+ TODO: check
CVE-2009-0304 (The kernel in Sun Solaris 10 and 11 snv_101b, and OpenSolaris
before ...)
NOT-FOR-US: Solaris
CVE-2009-0303 (Cross-site scripting (XSS) vulnerability in Web Help Desk before
...)
@@ -1398,16 +1469,16 @@
RESERVED
CVE-2009-0100
RESERVED
-CVE-2009-0099
- RESERVED
-CVE-2009-0098
- RESERVED
-CVE-2009-0097
- RESERVED
-CVE-2009-0096
- RESERVED
-CVE-2009-0095
- RESERVED
+CVE-2009-0099 (The Electronic Messaging System Microsoft Data Base (EMSMDB32)
...)
+ TODO: check
+CVE-2009-0098 (Microsoft Exchange 2000 Server SP3, Exchange Server 2003 SP2,
and ...)
+ TODO: check
+CVE-2009-0097 (Microsoft Office Visio 2002 SP2 and 2003 SP3 does not properly
...)
+ TODO: check
+CVE-2009-0096 (Microsoft Office Visio 2002 SP2, 2003 SP3, and 2007 SP1 does not
...)
+ TODO: check
+CVE-2009-0095 (Microsoft Office Visio 2002 SP2, 2003 SP3, and 2007 SP1 does not
...)
+ TODO: check
CVE-2009-0094
RESERVED
CVE-2009-0093
@@ -1444,10 +1515,10 @@
RESERVED
CVE-2009-0077
RESERVED
-CVE-2009-0076
- RESERVED
-CVE-2009-0075
- RESERVED
+CVE-2009-0076 (Microsoft Internet Explorer 7, when XHTML strict mode is used,
allows ...)
+ TODO: check
+CVE-2009-0075 (Microsoft Internet Explorer 7 does not properly handle errors
during ...)
+ TODO: check
CVE-2009-0074
RESERVED
CVE-2009-0073
@@ -2652,7 +2723,7 @@
NOT-FOR-US: PunBB
CVE-2008-5417 (HP DECnet-Plus 8.3 before ECO03 for OpenVMS on the Alpha
platform uses ...)
NOT-FOR-US: HP DECnet-Plus
-CVE-2008-5416 (Heap-based buffer overflow in Microsoft SQL Server 2000
8.00.2050, ...)
+CVE-2008-5416 (Heap-based buffer overflow in Microsoft SQL Server 2000 SP4,
...)
NOT-FOR-US: Microsoft SQL Server
CVE-2008-5415 (The LDBserver service in the server in CA ARCserve Backup 11.1
through ...)
NOT-FOR-US: CA ARCserve Backup
@@ -5417,10 +5488,10 @@
RESERVED
CVE-2008-4285
RESERVED
-CVE-2008-4284
- RESERVED
-CVE-2008-4283
- RESERVED
+CVE-2008-4284 (Open redirect vulnerability in the ibm_security_logout servlet
in IBM ...)
+ TODO: check
+CVE-2008-4283 (CRLF injection vulnerability in the WebContainer component in
IBM ...)
+ TODO: check
CVE-2008-4282
RESERVED
CVE-2008-4281 (Directory traversal vulnerability in VMWare ESXi 3.5 before ...)