Author: joeyh
Date: 2009-04-14 21:14:11 +0000 (Tue, 14 Apr 2009)
New Revision: 11624
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2009-04-14 20:54:08 UTC (rev 11623)
+++ data/CVE/list 2009-04-14 21:14:11 UTC (rev 11624)
@@ -1,3 +1,27 @@
+CVE-2009-1291
+ RESERVED
+CVE-2009-1290 (Multiple cross-site request forgery (CSRF) vulnerabilities in
the web ...)
+ TODO: check
+CVE-2009-1289 (private/login.ssi in the Advanced Management Module (AMM) on the
IBM ...)
+ TODO: check
+CVE-2009-1288 (Multiple cross-site scripting (XSS) vulnerabilities in the
Advanced ...)
+ TODO: check
+CVE-2009-1287 (Cross-site scripting (XSS) vulnerability in Cisco Subscriber
Edge ...)
+ TODO: check
+CVE-2009-1286 (The IMAP task in the server in IBM Lotus Domino 8.0.2 before FP1
IF1 ...)
+ TODO: check
+CVE-2008-6720 (SQL injection vulnerability in admin/adm_login.php in
DeltaScripts PHP ...)
+ TODO: check
+CVE-2008-6719 (U&M Software Event Lister (aka JustListIt) 1.0 does not
require ...)
+ TODO: check
+CVE-2008-6718 (U&M Software JustBookIt 1.0 does not require
administrative ...)
+ TODO: check
+CVE-2008-6717 (U&M Software Signup 1.0 and 1.1 does not require
administrative ...)
+ TODO: check
+CVE-2008-6716 (homeadmin/adminhome.php in Pre ADS Portal 2.0 and earlier does
not ...)
+ TODO: check
+CVE-2008-6715 (Multiple cross-site scripting (XSS) vulnerabilities in Pre ADS
Portal ...)
+ TODO: check
CVE-2009-1285 [phpMyAdmin PMASA-2009-4 insufficient escaping in setup script]
RESERVED
- phpmyadmin 4:3.1.3.2-1 (unimportant)
@@ -108,12 +132,12 @@
- php5 5.2.9.dfsg.1-1
- php4 <not-affected> (the JSON extension was introduced in php5.2)
- php-json-ext <unfixed>
-CVE-2009-1269
- RESERVED
-CVE-2009-1268
- RESERVED
-CVE-2009-1267
- RESERVED
+CVE-2009-1269 (Unspecified vulnerability in Wireshark 0.99.6 through 1.0.6
allows ...)
+ TODO: check
+CVE-2009-1268 (The Check Point High-Availability Protocol (CPHAP) dissector in
...)
+ TODO: check
+CVE-2009-1267 (Unspecified vulnerability in the LDAP dissector in Wireshark
0.99.2 ...)
+ TODO: check
CVE-2009-1266
RESERVED
CVE-2009-1265 (Integer overflow in rose_sendmsg (sys/net/af_rose.c) in the
Linux ...)
@@ -225,8 +249,8 @@
NOT-FOR-US: Blogplus
CVE-2009-1245 (Multiple SQL injection vulnerabilities in the insert_to_pastebin
...)
NOT-FOR-US: CCCP Community Clan Portal Pastebin
-CVE-2009-1244
- RESERVED
+CVE-2009-1244 (Unspecified vulnerability in the virtual machine display
function in ...)
+ TODO: check
CVE-2009-1243 (net/ipv4/udp.c in the Linux kernel before 2.6.29.1 performs an
...)
- linux-2.6 <not-affected> (Issue was introduced after 2.6.27 release)
- linux-2.6.24 <not-affected> (Issue was introduced after 2.6.27
release)
@@ -1804,8 +1828,8 @@
REJECTED
- linux-2.6 <unfixed>
- linux-2.6.24 <unfixed>
-CVE-2009-0794
- RESERVED
+CVE-2009-0794 (Integer overflow in the PulseAudioTargetDataL class in ...)
+ TODO: check
CVE-2009-0793 (cmsxform.c in LittleCMS (aka lcms or liblcms) 1.18, as used in
OpenJDK ...)
{DSA-1769-1}
TODO: check
@@ -4209,8 +4233,8 @@
RESERVED
CVE-2009-0219 (The PDF distiller in the Attachment Service in Research in
Motion ...)
NOT-FOR-US: BlackBerry
-CVE-2009-0218
- RESERVED
+CVE-2009-0218 (Insecure method vulnerability in Particle Software IntraLaunch
...)
+ TODO: check
CVE-2009-0217
RESERVED
CVE-2009-0216 (GE Fanuc iFIX 5.0 and earlier relies on client-side
authentication ...)
@@ -8251,8 +8275,8 @@
REJECTED
CVE-2008-4421 (Directory traversal vulnerability in MetaGauge 1.0.0.17, and
probably ...)
NOT-FOR-US: MetaGauge
-CVE-2008-4420
- RESERVED
+CVE-2008-4420 (Multiple stack-based buffer overflows in DZIP32.DLL before
5.0.0.8 in ...)
+ TODO: check
CVE-2008-4419 (Directory traversal vulnerability in the HP JetDirect web ...)
NOT-FOR-US: HP-ChaiSOE
CVE-2008-4418 (Unspecified vulnerability in DCE in HP HP-UX B.11.11, B.11.23,
and ...)