joeyh at alioth.debian.org
2009-Mar-19 21:14 UTC
[Secure-testing-commits] r11445 - data/CVE
Author: joeyh
Date: 2009-03-19 21:14:15 +0000 (Thu, 19 Mar 2009)
New Revision: 11445
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2009-03-19 17:20:54 UTC (rev 11444)
+++ data/CVE/list 2009-03-19 21:14:15 UTC (rev 11445)
@@ -1,3 +1,87 @@
+CVE-2009-0971 (Cross-site scripting (XSS) vulnerability in futomi''s
CGI Cafe Access ...)
+ TODO: check
+CVE-2009-0970 (PHP remote file inclusion vulnerability in
includes/class_image.php in ...)
+ TODO: check
+CVE-2009-0969 (Cross-site request forgery (CSRF) vulnerability in ...)
+ TODO: check
+CVE-2009-0968 (SQL injection vulnerability in fmoblog.php in the fMoblog plugin
2.1 ...)
+ TODO: check
+CVE-2009-0967 (The FTP server in Serv-U 7.4.0.1 allows remote authenticated
users to ...)
+ TODO: check
+CVE-2009-0966 (PHP remote file inclusion vulnerability in cross.php in YABSoft
Mega ...)
+ TODO: check
+CVE-2009-0965 (SQL injection vulnerability in functions/browse.php in Ganesha
Digital ...)
+ TODO: check
+CVE-2009-0964 (UserView_list.php in PHPRunner 4.2, and possibly earlier, stores
...)
+ TODO: check
+CVE-2009-0963 (Multiple SQL injection vulnerabilities in PHPRunner 4.2, and
possibly ...)
+ TODO: check
+CVE-2009-0962 (Unspecified vulnerability in Futomi''s CGI Cafe MP Form
Mail CGI ...)
+ TODO: check
+CVE-2009-0961
+ RESERVED
+CVE-2009-0960
+ RESERVED
+CVE-2009-0959
+ RESERVED
+CVE-2009-0958
+ RESERVED
+CVE-2009-0957
+ RESERVED
+CVE-2009-0956
+ RESERVED
+CVE-2009-0955
+ RESERVED
+CVE-2009-0954
+ RESERVED
+CVE-2009-0953
+ RESERVED
+CVE-2009-0952
+ RESERVED
+CVE-2009-0951
+ RESERVED
+CVE-2009-0950
+ RESERVED
+CVE-2009-0949
+ RESERVED
+CVE-2009-0948
+ RESERVED
+CVE-2009-0947
+ RESERVED
+CVE-2009-0946
+ RESERVED
+CVE-2009-0945
+ RESERVED
+CVE-2009-0944
+ RESERVED
+CVE-2009-0943
+ RESERVED
+CVE-2009-0942
+ RESERVED
+CVE-2009-0941 (The HP Embedded Web Server (EWS) on HP LaserJet Printers,
Edgeline ...)
+ TODO: check
+CVE-2009-0940 (Multiple cross-site request forgery (CSRF) vulnerabilities in
the HP ...)
+ TODO: check
+CVE-2008-6491 (PHP remote file inclusion vulnerability in connexion.php in
PHPGKit ...)
+ TODO: check
+CVE-2008-6490 (function/update_xml.php in FLABER 1.1 and earlier allows remote
...)
+ TODO: check
+CVE-2008-6489 (SQL injection vulnerability in MyAlbum component (com_myalbum)
1.0 for ...)
+ TODO: check
+CVE-2008-6488 (SQL injection vulnerability in index.php in SoftComplex PHP
Image ...)
+ TODO: check
+CVE-2008-6487 (Multiple SQL injection vulnerabilities in login.asp in Digiappz
...)
+ TODO: check
+CVE-2008-6486 (PHP remote file inclusion vulnerability in ...)
+ TODO: check
+CVE-2008-6485 (SQL injection vulnerability in index.php in SoftComplex PHP
Image ...)
+ TODO: check
+CVE-2008-6484 (SQL injection vulnerability in login.php in Mole Group Taxi Map
Script ...)
+ TODO: check
+CVE-2008-6483 (PHP remote file inclusion vulnerability in admin.googlebase.php
in the ...)
+ TODO: check
+CVE-2008-6482 (PHP remote file inclusion vulnerability in admin.treeg.php in
the ...)
+ TODO: check
CVE-2009-0939 (Tor before 0.2.0.34 treats incomplete IPv4 addresses as valid,
which ...)
TODO: check
CVE-2009-0938 (Unspecified vulnerability in Tor before 0.2.0.34 allows
directory ...)
@@ -22,8 +106,8 @@
TODO: check
CVE-2009-0928
RESERVED
-CVE-2009-0927
- RESERVED
+CVE-2009-0927 (Unspecified vulnerability in Adobe Reader and Adobe Acrobat 9.1
and ...)
+ TODO: check
CVE-2009-0926 (Unspecified vulnerability in the UFS filesystem functionality in
Sun ...)
TODO: check
CVE-2009-0925 (Unspecified vulnerability in Sun Solaris 10 on SPARC sun4v
systems, ...)
@@ -990,8 +1074,7 @@
RESERVED
CVE-2009-0662
RESERVED
-CVE-2009-0661 [weechat DoS]
- RESERVED
+CVE-2009-0661 (Wee Enhanced Environment for Chat (WeeChat) 0.2.6 allows remote
...)
{DSA-1744-1}
- weechat 0.2.6.1-1 (medium; bug #519940)
[etch] - weechat <not-affected> (vulnerable code not present)
@@ -1471,7 +1554,7 @@
RESERVED
CVE-2009-0587 (Multiple integer overflows in Evolution Data Server (aka ...)
TODO: check
-CVE-2009-0586 (Integer overflow in gst-libs/gst/tag/gstvorbistag.c in vorbistag
in ...)
+CVE-2009-0586 (Integer overflow in the gst_vorbis_tag_add_coverart function
...)
- gst-plugins-base0.10 0.10.22-4
[lenny] - gst-plugins-base0.10 <not-affected> (Vulnerable lib calls not
present)
[etch] - gst-plugins-base0.10 <not-affected> (Vulnerable lib calls not
present)
@@ -1576,8 +1659,8 @@
NOT-FOR-US: Libero
CVE-2009-0539
RESERVED
-CVE-2009-0538
- RESERVED
+CVE-2009-0538 (Format string vulnerability in Symantec pcAnywhere before 12.5
SP1 ...)
+ TODO: check
CVE-2009-0537 (Integer overflow in the fts_build function in fts.c in libc in
(1) ...)
- glibc <not-affected> (Vulnerable code not present)
NOTE: glibc checks the comlete path length being not longer than USHRT_MAX
@@ -5944,7 +6027,7 @@
NOT-FOR-US: Adobe Acrobat
CVE-2008-4814 (Unspecified vulnerability in a JavaScript method in Adobe Reader
and ...)
NOT-FOR-US: Adobe Acrobat
-CVE-2008-4813 (Adobe Reader and Acrobat 8.1.2 and earlier allow remote
attackers to ...)
+CVE-2008-4813 (Adobe Reader and Acrobat 8.1.2 and earlier, and before 7.1.1,
allow ...)
NOT-FOR-US: Adobe Acrobat
CVE-2008-4812 (Array index error in Adobe Reader and Acrobat, and the Explorer
...)
NOT-FOR-US: Adobe Reader Explorer extension
@@ -6543,8 +6626,8 @@
RESERVED
CVE-2008-4565
RESERVED
-CVE-2008-4564
- RESERVED
+CVE-2008-4564 (Stack-based buffer overflow in wp6sr.dll in the Autonomy KeyView
SDK ...)
+ TODO: check
CVE-2008-4563 (Heap-based buffer overflow in adsmdll.dll 5.3.7.7296, as used by
the ...)
NOT-FOR-US: IBM Tivoli Storage Manager
CVE-2008-4562 (Buffer overflow in the ovlaunch CGI program in HP OpenView
Network ...)
@@ -11479,7 +11562,7 @@
NOT-FOR-US: DownloaderActiveX Control
CVE-2008-2550 (Unspecified vulnerability in the Web Services Security component
in ...)
NOT-FOR-US: IBM WebSphere Application Server
-CVE-2008-2549 (Adobe Acrobat Reader 8.1.2 and earlier allows remote attackers
to ...)
+CVE-2008-2549 (Adobe Acrobat Reader 8.1.2 and earlier, and before 7.1.1, allows
...)
NOT-FOR-US: Acrobat Reader
CVE-2008-2548 (Stack-based buffer overflow in the JPEG thumbprint component in
the ...)
NOT-FOR-US: JPEG thumbprint component in the EXIF parser on Motorola cell
phones