thr3ads.net - Secure testing commits - [Secure-testing-commits] r12633

If this information is useful, please help other people find it:
Share via:
Joey Hess
2009-Aug-18 21:14 UTC
[Secure-testing-commits] r12633 - data/CVE

Author: joeyh
Date: 2009-08-18 21:14:20 +0000 (Tue, 18 Aug 2009)
New Revision: 12633

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2009-08-18 16:06:12 UTC (rev 12632)
+++ data/CVE/list	2009-08-18 21:14:20 UTC (rev 12633)
@@ -1,3 +1,189 @@
+CVE-2009-2843
+	RESERVED
+CVE-2009-2842
+	RESERVED
+CVE-2009-2841
+	RESERVED
+CVE-2009-2840
+	RESERVED
+CVE-2009-2839
+	RESERVED
+CVE-2009-2838
+	RESERVED
+CVE-2009-2837
+	RESERVED
+CVE-2009-2836
+	RESERVED
+CVE-2009-2835
+	RESERVED
+CVE-2009-2834
+	RESERVED
+CVE-2009-2833
+	RESERVED
+CVE-2009-2832
+	RESERVED
+CVE-2009-2831
+	RESERVED
+CVE-2009-2830
+	RESERVED
+CVE-2009-2829
+	RESERVED
+CVE-2009-2828
+	RESERVED
+CVE-2009-2827
+	RESERVED
+CVE-2009-2826
+	RESERVED
+CVE-2009-2825
+	RESERVED
+CVE-2009-2824
+	RESERVED
+CVE-2009-2823
+	RESERVED
+CVE-2009-2822
+	RESERVED
+CVE-2009-2821
+	RESERVED
+CVE-2009-2820
+	RESERVED
+CVE-2009-2819
+	RESERVED
+CVE-2009-2818
+	RESERVED
+CVE-2009-2817
+	RESERVED
+CVE-2009-2816
+	RESERVED
+CVE-2009-2815
+	RESERVED
+CVE-2009-2814
+	RESERVED
+CVE-2009-2813
+	RESERVED
+CVE-2009-2812
+	RESERVED
+CVE-2009-2811
+	RESERVED
+CVE-2009-2810
+	RESERVED
+CVE-2009-2809
+	RESERVED
+CVE-2009-2808
+	RESERVED
+CVE-2009-2807
+	RESERVED
+CVE-2009-2806
+	RESERVED
+CVE-2009-2805
+	RESERVED
+CVE-2009-2804
+	RESERVED
+CVE-2009-2803
+	RESERVED
+CVE-2009-2802
+	RESERVED
+CVE-2009-2801
+	RESERVED
+CVE-2009-2800
+	RESERVED
+CVE-2009-2799
+	RESERVED
+CVE-2009-2798
+	RESERVED
+CVE-2009-2797
+	RESERVED
+CVE-2009-2796
+	RESERVED
+CVE-2009-2795
+	RESERVED
+CVE-2009-2794
+	RESERVED
+CVE-2009-2793
+	RESERVED
+CVE-2009-2792 (Directory traversal vulnerability in plugings/pagecontent.php in
...)
+	TODO: check
+CVE-2009-2791 (PHP remote file inclusion vulnerability in pda_projects.php in
...)
+	TODO: check
+CVE-2009-2790 (SQL injection vulnerability in cat_products.php in SoftBiz
Dating ...)
+	TODO: check
+CVE-2009-2789 (SQL injection vulnerability in the Permis (com_groups) component
1.0 ...)
+	TODO: check
+CVE-2009-2788 (Multiple SQL injection vulnerabilities in Mobilelib GOLD 3 allow
...)
+	TODO: check
+CVE-2009-2787 (Directory traversal vulnerability in ...)
+	TODO: check
+CVE-2009-2786 (SQL injection vulnerability in reputation.php in the Reputation
plugin ...)
+	TODO: check
+CVE-2009-2785 (Multiple cross-site scripting (XSS) vulnerabilities in PHP Open
...)
+	TODO: check
+CVE-2009-2784 (Multiple directory traversal vulnerabilities in dit.cms 1.3,
when ...)
+	TODO: check
+CVE-2009-2783 (Multiple cross-site scripting (XSS) vulnerabilities in XOOPS
2.3.3 ...)
+	TODO: check
+CVE-2009-2782 (SQL injection vulnerability in the JFusion (com_jfusion)
component for ...)
+	TODO: check
+CVE-2009-2781 (SQL injection vulnerability in forum.php in Arab Portal 2.x,
when ...)
+	TODO: check
+CVE-2009-2780 (Multiple cross-site scripting (XSS) vulnerabilities in 68
Classifieds ...)
+	TODO: check
+CVE-2009-2779 (SQL injection vulnerability in index.php in AJ Matrix DNA allows
...)
+	TODO: check
+CVE-2008-7003 (Multiple SQL injection vulnerabilities in login.php in The Rat
CMS ...)
+	TODO: check
+CVE-2008-7002 (PHP 5.2.5 does not enforce (a) open_basedir and (b)
safe_mode_exec_dir ...)
+	TODO: check
+CVE-2008-7001 (Unrestricted file upload vulnerability in the file manager in
Creative ...)
+	TODO: check
+CVE-2008-7000 (PHP remote file inclusion vulnerability in index.php in
PHPAuction 3.2 ...)
+	TODO: check
+CVE-2008-6999 (phpAuction 3.2, and possibly 3.3.0 GPL Basic edition, allows
remote ...)
+	TODO: check
+CVE-2008-6998 (Stack-based buffer overflow in chrome/common/gfx/url_elider.cc
in ...)
+	TODO: check
+CVE-2008-6997 (Google Chrome 0.2.149.27 allows user-assisted remote attackers
to ...)
+	TODO: check
+CVE-2008-6996 (Google Chrome BETA (0.2.149.27) does not prompt the user before
saving ...)
+	TODO: check
+CVE-2008-6995 (Integer underflow in net/base/escape.cc in chrome.dll in Google
Chrome ...)
+	TODO: check
+CVE-2008-6994 (Stack-based buffer overflow in the SaveAs feature ...)
+	TODO: check
+CVE-2008-6993 (Siemens Gigaset WLAN Camera 1.27 has an insecure default
password, ...)
+	TODO: check
+CVE-2008-6992 (GreenSQL Firewall (greensql-fw), possibly before 0.9.2 or 0.9.4,
...)
+	TODO: check
+CVE-2008-6991 (SQL injection vulnerability in public/page.php in Websens
CMSbright ...)
+	TODO: check
+CVE-2008-6990 (SQL injection vulnerability in gallery.php in Easy Photo Gallery
(aka ...)
+	TODO: check
+CVE-2008-6989 (SQL injection vulnerability in gallery.php in Easy Photo Gallery
(aka ...)
+	TODO: check
+CVE-2008-6988 (Multiple cross-site scripting (XSS) vulnerabilities in Easy
Photo ...)
+	TODO: check
+CVE-2008-6987 (Unrestricted file upload vulnerability in eZoneScripts Dating
Website ...)
+	TODO: check
+CVE-2008-6986 (SQL injection vulnerability in the actionMultipleAddProduct
function ...)
+	TODO: check
+CVE-2008-6985 (Multiple SQL injection vulnerabilities in ...)
+	TODO: check
+CVE-2008-6984 (Plesk 8.6.0, when short mail login names (SHORTNAMES) are
enabled, ...)
+	TODO: check
+CVE-2008-6983 (modules/tool/hitcounter.php in devalcms 1.4a allows remote
attackers ...)
+	TODO: check
+CVE-2008-6982 (Cross-site scripting (XSS) vulnerability in index.php in
devalcms 1.4a ...)
+	TODO: check
+CVE-2008-6981 (index.php in phpAdultSite CMS, possibly 2.3.2, allows remote
attackers ...)
+	TODO: check
+CVE-2008-6980 (SQL injection vulnerability in as_archives.php in phpAdultSite
CMS, ...)
+	TODO: check
+CVE-2008-6979 (Cross-site scripting (XSS) vulnerability in as_archives.php in
...)
+	TODO: check
+CVE-2008-6978 (Unrestricted file upload vulnerability in Full Revolution
aspWebAlbum ...)
+	TODO: check
+CVE-2008-6977 (Cross-site scripting (XSS) vulnerability in album.asp in Full
...)
+	TODO: check
+CVE-2008-6976 (MicroTik RouterOS 3.x through 3.13 and 2.x through 2.9.51 allows
...)
+	TODO: check
 CVE-2009-2778 (Cross-site scripting (XSS) vulnerability in visitor/view.php in
...)
 	NOT-FOR-US: GarageSales script
 CVE-2009-2777 (SQL injection vulnerability in visitor/view.php in GarageSales
Script ...)
@@ -16494,7 +16680,7 @@
 	NOT-FOR-US: Microsoft Windows Media Player
 CVE-2008-3008 (Stack-based buffer overflow in the WMEncProfileManager ActiveX
control ...)
 	NOT-FOR-US: Microsoft Windows Media Encoder
-CVE-2008-3007 (Microsoft Office XP SP3, 2003 SP2 and SP3, 2007 Office System
Gold and ...)
+CVE-2008-3007 (Argument injection vulnerability in a URI handler in Microsoft
Office ...)
 	NOT-FOR-US: Microsoft Office XP
 CVE-2008-3006 (Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP2 and SP3, and
2007 ...)
 	NOT-FOR-US: Microsoft Office Excel
@@ -49296,7 +49482,7 @@
 	NOT-FOR-US: BLOG:CMS
 CVE-2006-3363 (PHP remote file inclusion vulnerability in index.php in the
Glossaire ...)
 	NOT-FOR-US: Glossaire for Xoops
-CVE-2006-3362 (connectors/php/connector.php in FCKeditor mcpuk file manager, as
used ...)
+CVE-2006-3362 (Unrestricted file upload vulnerability in
connectors/php/connector.php ...)
 	- knowledgeroot <not-affected> (fixed before first upload; see bug
#381912)
 CVE-2006-3361 (PHP remote file inclusion vulnerability in Stud.IP 1.3.0-2 and
...)
 	NOT-FOR-US: Stud.IP
Secure testing commits - Aug 2009 - r12633 - data/CVE

[Secure-testing-commits] r12633 - data/CVE
