joeyh at alioth.debian.org
2009-Feb-20 21:14 UTC
[Secure-testing-commits] r11244 - data/CVE
Author: joeyh
Date: 2009-02-20 21:14:11 +0000 (Fri, 20 Feb 2009)
New Revision: 11244
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2009-02-19 22:33:33 UTC (rev 11243)
+++ data/CVE/list 2009-02-20 21:14:11 UTC (rev 11244)
@@ -1,3 +1,99 @@
+CVE-2009-0648 (Multiple cross-site request forgery (CSRF) vulnerabilities in
the ...)
+ TODO: check
+CVE-2009-0647 (msnmsgr.exe in Windows Live Messenger (WLM) 2009 build
14.0.8064.206, ...)
+ TODO: check
+CVE-2008-6212 (Cross-site scripting (XSS) vulnerability in admin.php in
Php-Stats ...)
+ TODO: check
+CVE-2008-6211 (Multiple cross-site scripting (XSS) vulnerabilities in
PhpForums.net ...)
+ TODO: check
+CVE-2008-6210 (SQL injection vulnerability in index.php in dream4 Koobi 4.4 and
5.4 ...)
+ TODO: check
+CVE-2008-6209 (SQL injection vulnerability in view_product.php in Vastal I-Tech
...)
+ TODO: check
+CVE-2008-6208 (Cross-site scripting (XSS) vulnerability in submitnews.php in
e107 CMS ...)
+ TODO: check
+CVE-2008-6207 (Unrestricted file upload vulnerability in form_upload.php in
PHPG ...)
+ TODO: check
+CVE-2008-6206 (Multiple PHP remote file inclusion vulnerabilities in RobotStats
0.1 ...)
+ TODO: check
+CVE-2008-6205 (Cross-site scripting (XSS) vulnerability in seeurl.php in Xavier
...)
+ TODO: check
+CVE-2008-6204 (Multiple SQL injection vulnerabilities in SuperNET Shop 1.0 and
...)
+ TODO: check
+CVE-2008-6203 (SQL injection vulnerability in adminler.asp in CoBaLT 2.0 allows
...)
+ TODO: check
+CVE-2008-6202 (SQL injection vulnerability in CoBaLT 1.0 allows remote
attackers to ...)
+ TODO: check
+CVE-2008-6201 (Directory traversal vulnerability in help.php in the eskuel
module in ...)
+ TODO: check
+CVE-2008-6200 (Multiple cross-site scripting (XSS) vulnerabilities in Swiki 1.5
allow ...)
+ TODO: check
+CVE-2008-6199 (2532designs 2532|Gigs 1.2.2 and earlier allows remote attackers
to ...)
+ TODO: check
+CVE-2008-6198 (SQL injection vulnerability in pages.php in Custom Pages 1.0
plugin ...)
+ TODO: check
+CVE-2008-6197 (SQL injection vulnerability in index.php in the galerie module
for ...)
+ TODO: check
+CVE-2008-6196 (Multiple PHP remote file inclusion vulnerabilities in Philippe
CROCHAT ...)
+ TODO: check
+CVE-2008-6195 (Directory traversal vulnerability in the PXE TFTP Service ...)
+ TODO: check
+CVE-2008-6194 (Memory leak in the DNS server in Microsoft Windows allows remote
...)
+ TODO: check
+CVE-2008-6193 (Sam Crew MyBlog stores passwords in cleartext in a MySQL
database, ...)
+ TODO: check
+CVE-2008-6192 (Multiple cross-site scripting (XSS) vulnerabilities in
unspecified ...)
+ TODO: check
+CVE-2008-6191 (Conductor.exe in Intrinsic Swimage Encore before 5.0.1.21
contains a ...)
+ TODO: check
+CVE-2008-6190 (Cross-site scripting (XSS) vulnerability in index.php in EEBCMS
0.95 ...)
+ TODO: check
+CVE-2008-6189 (SQL injection vulnerability in GForge 4.5.19 allows remote
attackers ...)
+ TODO: check
+CVE-2008-6188 (SQL injection vulnerability in people/editprofile.php in Gforge
4.6 ...)
+ TODO: check
+CVE-2008-6187 (SQL injection vulnerability in frs/shownotes.php in Gforge
4.5.19 and ...)
+ TODO: check
+CVE-2008-6186 (Stack-based buffer overflow in RaidenFTPD 2.4 build 3620 allows
remote ...)
+ TODO: check
+CVE-2008-6185 (NoticeWare Email Server NG 5.1.2.2 allows remote attackers to
cause a ...)
+ TODO: check
+CVE-2008-6184 (SQL injection vulnerability in the OwnBiblio (com_ownbiblio)
component ...)
+ TODO: check
+CVE-2008-6183 (Multiple directory traversal vulnerabilities in index.php in My
PHP ...)
+ TODO: check
+CVE-2008-6182 (SQL injection vulnerability in the Ignite Gallery
(com_ignitegallery) ...)
+ TODO: check
+CVE-2008-6181 (SQL injection vulnerability in the Mad4Joomla Mailforms ...)
+ TODO: check
+CVE-2008-6180 (SQL injection vulnerability in system/nlb_user.class.php in
NewLife ...)
+ TODO: check
+CVE-2008-6179 (SQL injection vulnerability in sug_cat.php in IndexScript 3.0
allows ...)
+ TODO: check
+CVE-2008-6178 (Unrestricted file upload vulnerability in ...)
+ TODO: check
+CVE-2008-6177 (Multiple directory traversal vulnerabilities in LightBlog 9.8,
when ...)
+ TODO: check
+CVE-2008-6176 (bootstrap.inc in Drupal 5.x before 5.12 and 6.x before 6.6, when
the ...)
+ TODO: check
+CVE-2008-6175 (SilverSHielD 1.0.2.34 allows remote attackers to cause a denial
of ...)
+ TODO: check
+CVE-2008-6174 (Cross-site scripting (XSS) vulnerability in
admin/postlister/index.php ...)
+ TODO: check
+CVE-2008-6173 (Cross-site scripting (XSS) vulnerability in fullscreen.php in
...)
+ TODO: check
+CVE-2008-6172 (Directory traversal vulnerability in captcha/captcha_image.php
in the ...)
+ TODO: check
+CVE-2008-6171 (Drupal 5.x before 5.12 and 6.x before 6.6, when the server is
...)
+ TODO: check
+CVE-2008-6170 (Cross-site scripting (XSS) vulnerability in Drupal 5.x before
5.12 and ...)
+ TODO: check
+CVE-2008-6169 (Cross-site request forgery (CSRF) vulnerability in the
Localization ...)
+ TODO: check
+CVE-2008-6168 (Cross-site scripting (XSS) vulnerability in search.php in
miniPortail ...)
+ TODO: check
+CVE-2008-6167 (Directory traversal vulnerability in search.php in miniPortail
2.2 and ...)
+ TODO: check
CVE-2009-0646 (Multiple SQL injection vulnerabilities in 4Site CMS 2.6 and
earlier ...)
NOT-FOR-US: 4Site CMS
CVE-2009-0645 (Directory traversal vulnerability in index.php in Jaws 0.8.8
allows ...)
@@ -5621,8 +5717,8 @@
NOT-FOR-US: Gentoo package manager Portage
CVE-2008-4393 (Cross-site scripting (XSS) vulnerability in VeriSign Kontiki
Delivery ...)
NOT-FOR-US: VeriSign Kontiki
-CVE-2008-4392
- RESERVED
+CVE-2008-4392 (dnscache in Daniel J. Bernstein djbdns 1.05 does not prevent
...)
+ TODO: check
CVE-2008-4391 (Stack-based buffer overflow in the SetSource method in the ...)
NOT-FOR-US: Cisco Linksys WVC54GC
CVE-2008-4390 (The Cisco Linksys WVC54GC wireless video camera before firmware
1.25 ...)
@@ -6032,7 +6128,7 @@
RESERVED
CVE-2008-4212 (Unspecified vulnerability in rlogind in the rlogin component in
Mac OS ...)
NOT-FOR-US: MacOS-only issue
-CVE-2008-4211 (nteger signedness error in (1) QuickLook in Apple Mac OS X
10.5.5 and ...)
+CVE-2008-4211 (Integer signedness error in (1) QuickLook in Apple Mac OS X
10.5.5 and ...)
NOT-FOR-US: QuickLook Mac OS X
CVE-2008-4210 (fs/open.c in the Linux kernel before 2.6.22 does not properly
strip ...)
{DSA-1653-1}
@@ -11758,7 +11854,7 @@
CVE-2008-1834 (swfdec_load_object.c in Swfdec before 0.6.4 does not properly
restrict ...)
- swfdec0.6 0.6.4-1 (low)
- swfdec0.5 <removed> (low; bug #477037)
-CVE-2008-1833 (Heap-based buffer overflow in libclamav in ClamAV 0.92.1 allows
remote ...)
+CVE-2008-1833 (Heap-based buffer overflow in pe.c in libclamav in ClamAV 0.92.1
...)
{DSA-1549-1}
- clamav 0.92.1~dfsg2-1.1 (medium; bug #476694)
CVE-2007-6713 (Unspecified vulnerability in Flip4Mac WMV before 2.2.0.49 has
unknown ...)