thr3ads.net - Secure testing commits - [Secure-testing-commits] r11619

If this information is useful, please help other people find it:
Share via:
Joey Hess
2009-Apr-13 21:14 UTC
[Secure-testing-commits] r11619 - data/CVE

Author: joeyh
Date: 2009-04-13 21:14:14 +0000 (Mon, 13 Apr 2009)
New Revision: 11619

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2009-04-13 15:12:49 UTC (rev 11618)
+++ data/CVE/list	2009-04-13 21:14:14 UTC (rev 11619)
@@ -1,3 +1,69 @@
+CVE-2009-1285
+	RESERVED
+CVE-2008-6714 (admin.php in xeCMS 1.0.0 RC2 and earlier allows remote attackers
to ...)
+	TODO: check
+CVE-2008-6713 (World in Conflict (WIC) 1.008 and earlier allows remote
attackers to ...)
+	TODO: check
+CVE-2008-6712 (The HTTP/XML-RPC service in Crysis 1.21 (game version
1.1.1.6156) and ...)
+	TODO: check
+CVE-2008-6711 (Unspecified vulnerability in the Web administration interface in
Avaya ...)
+	TODO: check
+CVE-2008-6710 (Unspecified vulnerability in the Web administration interface in
Avaya ...)
+	TODO: check
+CVE-2008-6709 (Unspecified vulnerability in the Web management interface in
Avaya SIP ...)
+	TODO: check
+CVE-2008-6708 (Unspecified vulnerability in the Web management interface in
Avaya SIP ...)
+	TODO: check
+CVE-2008-6707 (The Web management interface in Avaya SIP Enablement Services
(SES) ...)
+	TODO: check
+CVE-2008-6706 (Multiple unspecified vulnerabilities in the Web management
interface ...)
+	TODO: check
+CVE-2008-6705 (The MultipacketReciever::RecievePacket function in
S.T.A.L.K.E.R.: ...)
+	TODO: check
+CVE-2008-6704 (Integer overflow in the NET_Compressor::Decompress function in
...)
+	TODO: check
+CVE-2008-6703 (Stack-based buffer overflow in the IPureServer::_Recieve
function in ...)
+	TODO: check
+CVE-2008-6702 (S.T.A.L.K.E.R.: Shadow of Chernobyl 1.0006 and earlier allows
remote ...)
+	TODO: check
+CVE-2008-6701 (NetScout (formerly Network General) Visualizer V2100 and
InfiniStream ...)
+	TODO: check
+CVE-2008-6700 (Multiple cross-site scripting (XSS) vulnerabilities in Butterfly
...)
+	TODO: check
+CVE-2008-6699 (Cross-site scripting (XSS) vulnerability in Resource Library
...)
+	TODO: check
+CVE-2008-6698 (Cross-site scripting (XSS) vulnerability in TARGET-E WorldCup
Bets ...)
+	TODO: check
+CVE-2008-6697 (SQL injection vulnerability in TARGET-E WorldCup Bets (worldcup)
2.0.0 ...)
+	TODO: check
+CVE-2008-6696 (SQL injection vulnerability in Fussballtippspiel (toto) 0.1.1
and ...)
+	TODO: check
+CVE-2008-6695 (SQL injection vulnerability in TIMTAB social bookmark icons ...)
+	TODO: check
+CVE-2008-6694 (SQL injection vulnerability in Random Prayer (ste_prayer) 0.0.1
for ...)
+	TODO: check
+CVE-2008-6693 (SQL injection vulnerability in Download system (sb_downloader)
...)
+	TODO: check
+CVE-2008-6692 (SQL injection vulnerability in Diocese of Portsmouth Training
Courses ...)
+	TODO: check
+CVE-2008-6691 (SQL injection vulnerability in Diocese of Portsmouth Calendar
Today ...)
+	TODO: check
+CVE-2008-6690 (Unspecified vulnerability in nepa-design.de Spam Protection ...)
+	TODO: check
+CVE-2008-6689 (SQL injection vulnerability in JobControl (dmmjobcontrol) 1.15.0
and ...)
+	TODO: check
+CVE-2008-6688 (Cross-site scripting (XSS) vulnerability in JobControl
(dmmjobcontrol) ...)
+	TODO: check
+CVE-2008-6687 (Cross-site scripting (XSS) vulnerability in DCD GoogleMap ...)
+	TODO: check
+CVE-2008-6686 (SQL injection vulnerability in CoolURI (cooluri) 1.0.11 and
earlier ...)
+	TODO: check
+CVE-2008-6685 (Unspecified vulnerability in Frontend Filemanager
(air_filemanager) ...)
+	TODO: check
+CVE-2008-6684 (Unrestricted file upload vulnerability in editimage.php in
Apartment ...)
+	TODO: check
+CVE-2008-6683 (Cross-site scripting (XSS) vulnerability in listtest.php in
Apartment ...)
+	TODO: check
 CVE-2009-XXXX [mpg123 possible invalid read]
 	- mpg123 1.7.2-1 (low)
 	NOTE: http://secunia.com/advisories/34587/3/
@@ -1261,6 +1327,7 @@
 	- horde3 3.2.2+debian0-2 (bug #513265)
 	[etch] - horde3 <not-affected> (Vulnerable code not present)
 CVE-2009-0930 (Multiple cross-site scripting (XSS) vulnerabilities in Horde IMP
...)
+	{DSA-1770-1}
 	- imp4 4.2-4 (medium; bug #513266)
 CVE-2009-0929 (Directory traversal vulnerability in the media manager in
Nucleus CMS ...)
 	NOT-FOR-US: Nucleus CMS
@@ -2800,7 +2867,7 @@
 	RESERVED
 CVE-2009-0579
 	RESERVED
-CVE-2009-0578 (NetworkManager, possibly before 0.7.1, does not properly verify
...)
+CVE-2009-0578 (GNOME NetworkManager before 0.7.0.99 does not properly verify
...)
 	- network-manager-applet 0.7.0.99-1 (medium)
 CVE-2009-0577 (Integer overflow in the WriteProlog function in texttops in CUPS
...)
 	NOT-FOR-US: RedHat specific, because they had a problem applying the fix for
CVE-2008-3640
@@ -8795,6 +8862,7 @@
 CVE-2008-4183 (IntegraMOD 1.4.x stores sensitive information under the web root
with ...)
 	NOT-FOR-US: IntegraMOD
 CVE-2008-4182 (Cross-site scripting (XSS) vulnerability in imp/test.php in
Horde ...)
+	{DSA-1770-1}
 	- turba2 2.2.1-2 (bug #500114; low)
 	[etch] - turba2 <no-dsa> (Minor issue)
 	- imp4 4.2-3 (bug #500553; low)
Secure testing commits - Apr 2009 - r11619 - data/CVE

[Secure-testing-commits] r11619 - data/CVE
