white at alioth.debian.org
2008-Jul-28 14:52 UTC
[Secure-testing-commits] r9444 - data/CVE
Author: white Date: 2008-07-28 14:52:42 +0000 (Mon, 28 Jul 2008) New Revision: 9444 Modified: data/CVE/list Log: NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-07-28 14:25:59 UTC (rev 9443) +++ data/CVE/list 2008-07-28 14:52:42 UTC (rev 9444) @@ -129,81 +129,81 @@ CVE-2008-3270 RESERVED CVE-2008-3269 (WRPCServer.exe in WinSoftMagic WinRemotePC (WRPC) Lite 2008 and Full ...) - TODO: check + NOT-FOR-US: WinRemotePC CVE-2008-3268 (Unspecified vulnerability in phpScheduleIt 1.2.0 through 1.2.9, when ...) - TODO: check + NOT-FOR-US: phpScheduleIt CVE-2008-3267 (SQL injection vulnerability in mojoJobs.cgi in MojoJobs allows remote ...) - TODO: check + NOT-FOR-US: MojoJobs CVE-2008-3266 (SQL injection vulnerability in picture_pic_bv.asp in SoftAcid Hotel ...) - TODO: check + NOT-FOR-US: SoftAcid Hotel Reservation System CVE-2008-3265 (SQL injection vulnerability in the DT Register (com_dtregister) 2.2.3 ...) - TODO: check + NOT-FOR-US: DT Register CVE-2008-3264 (The FWDOWNL firmware-download implementation in Asterisk Open Source ...) TODO: check CVE-2008-3263 (The IAX2 protocol implementation in Asterisk Open Source 1.0.x, 1.2.x ...) TODO: check CVE-2008-3262 (Cross-site request forgery (CSRF) vulnerability in Claroline before ...) - TODO: check + NOT-FOR-US: Claroline CVE-2008-3261 (Open redirect vulnerability in claroline/redirector.php in Claroline ...) - TODO: check + NOT-FOR-US: Claroline CVE-2008-3260 (Multiple cross-site scripting (XSS) vulnerabilities in Claroline ...) - TODO: check + NOT-FOR-US: Claroline CVE-2008-3259 (OpenSSH before 5.1 sets the SO_REUSEADDR socket option when the ...) TODO: check CVE-2008-3258 (Multiple SQL injection vulnerabilities in Zoph before 0.7.0.5 allow ...) TODO: check CVE-2008-3257 (Stack-based buffer overflow in the Apache Connector (mod_wl) in Oracle ...) - TODO: check + NOT-FOR-US: Oracle CVE-2008-3256 (SQL injection vulnerability in folder.php in Siteframe CMS 3.2.3 and ...) - TODO: check + NOT-FOR-US: Siteframe CMS CVE-2008-3255 (Cross-site scripting (XSS) vulnerability in LunarNight Laboratory ...) - TODO: check + NOT-FOR-US: LunarNight Laboratory WebProxy CVE-2008-3254 (SQL injection vulnerability in index.php in preCMS 1 allows remote ...) - TODO: check + NOT-FOR-US: preCMS CVE-2008-3253 (Cross-site scripting (XSS) vulnerability in the XenAPI HTTP interfaces ...) - TODO: check + NOT-FOR-US: Citrix XenServer Express CVE-2008-3252 (Stack-based buffer overflow in the read_article function in ...) TODO: check CVE-2008-3251 (Multiple SQL injection vulnerabilities in tplSoccerSite 1.0 allow ...) - TODO: check + NOT-FOR-US: tplSoccerSite CVE-2008-3250 (SQL injection vulnerability in index.php in Arctic Issue Tracker 2.0.0 ...) - TODO: check + NOT-FOR-US: Arctic Issue Tracker CVE-2008-3249 (The client in Lenovo System Update before 3.14 does not properly ...) - TODO: check + NOT-FOR-US: Lenovo System Update CVE-2008-3248 RESERVED CVE-2008-3247 (The LDT implementation in the Linux kernel 2.6.25.x on x86_64 ...) TODO: check CVE-2008-3246 (Unspecified vulnerability in the PDF distiller component in the ...) - TODO: check + NOT-FOR-US: BlackBerry Attachment Service CVE-2008-3245 (SQL injection vulnerability in phpHoo3.php in phpHoo3 4.3.9, 4.3.10, ...) - TODO: check + NOT-FOR-US: phpHoo3 CVE-2008-3244 (The scanning engine before 4.4.4 in F-Prot Antivirus before 6.0.9.0 ...) - TODO: check + NOT-FOR-US: F-Prot Antivirus CVE-2008-3243 (Multiple unspecified vulnerabilities in the scanning engine before ...) - TODO: check + NOT-FOR-US: F-Prot Antivirus CVE-2008-3242 (Heap-based buffer overflow in the PPMedia Class ActiveX control in ...) - TODO: check + NOT-FOR-US: PPMate CVE-2008-3241 (SQL injection vulnerability in players-detail.php in UltraStats ...) - TODO: check + NOT-FOR-US: UltraStats CVE-2008-3240 (SQL injection vulnerability in index.php in AlstraSoft Affiliate ...) - TODO: check + NOT-FOR-US: AlstraSoft Affiliate Network Pro CVE-2008-3239 (Unrestricted file upload vulnerability in the writeLogEntry function ...) - TODO: check + NOT-FOR-US: PHPizabi CVE-2008-3238 (Multiple SQL injection vulnerabilities in ITechBids 7.0 Gold allow ...) - TODO: check + NOT-FOR-US: ITechBids CVE-2008-3237 (Cross-site scripting (XSS) vulnerability in forward_to_friend.php in ...) - TODO: check + NOT-FOR-US: ITechBids CVE-2008-3236 (Unspecified vulnerability in Wsadmin in the System ...) - TODO: check + NOT-FOR-US: Wsadmin CVE-2008-3235 (Unspecified vulnerability in the PropFilePasswordEncoder utility in ...) - TODO: check + NOT-FOR-US: IBM WebSphere Application Server CVE-2008-3234 (sshd in OpenSSH 4 on Debian GNU/Linux, and the 20070303 OpenSSH ...) TODO: check CVE-2008-3233 (Cross-site scripting (XSS) vulnerability in WordPress before 2.6, SVN ...) TODO: check CVE-2008-3232 (Unspecified vulnerability in dotclear before 1.2.8 has unknown impact ...) - TODO: check + NOT-FOR-US: dotclear CVE-2008-3231 (xine allows user-assisted attackers to cause a denial of service ...) TODO: check CVE-2008-3230 (The ffmpeg lavf demuxer allows user-assisted attackers to cause a ...) @@ -225,33 +225,33 @@ CVE-2008-3213 (SQL injection vulnerability in secciones/tablon/tablon.php in WebCMS ...) TODO: check CVE-2008-3212 (Multiple SQL injection vulnerabilities in Scripteen Free Image Hosting ...) - TODO: check + NOT-FOR-US: Scripteen Free Image Hosting CVE-2008-3211 (Scripteen Free Image Hosting Script 1.2 and 1.2.1 allows remote ...) - TODO: check + NOT-FOR-US: Scripteen Free Image Hosting CVE-2008-3210 (rutil/dns/DnsStub.cxx in ReSIProcate 1.3.2, as used by repro, allows ...) - TODO: check + NOT-FOR-US: ReSIProcate CVE-2008-3209 (Heap-based buffer overflow in the OpenGifFile function in BiGif.dll in ...) - TODO: check + NOT-FOR-US: Black Ice Document Imaging SDK CVE-2008-3208 (Simple DNS Plus 4.1, 5.0, and possibly other versions before 5.1.101 ...) TODO: check CVE-2008-3207 (PHP remote file inclusion vulnerability in cms/modules/form.lib.php in ...) - TODO: check + NOT-FOR-US: Pragyan CMS CVE-2008-3206 (SQL injection vulnerability in browse.groups.php in Yuhhu Pubs Black ...) - TODO: check + NOT-FOR-US: Yuhhu Pubs Black Cat CVE-2008-3205 (Directory traversal vulnerability in index.php in Easy-Script Wysi ...) - TODO: check + NOT-FOR-US: Easy-Script Wysi Wiki Wyg CVE-2008-3204 (SQL injection vulnerability in tops_top.php in E-topbiz Million Pixels ...) - TODO: check + NOT-FOR-US: E-topbiz Million Pixels CVE-2008-3203 (js/pages/pages_data.php in AuraCMS 2.2 through 2.2.2 does not perform ...) - TODO: check + NOT-FOR-US: AuraCMS CVE-2008-3202 (Cross-site scripting (XSS) vulnerability in index.php in Xomol CMS 1.2 ...) - TODO: check + NOT-FOR-US: Xomol CVE-2008-3201 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...) - TODO: check + NOT-FOR-US: Pagefusion CVE-2008-3200 (SQL injection vulnerability in vlc_forum.php in Avlc Forum as of ...) - TODO: check + NOT-FOR-US: Avlc Forum CVE-2008-3199 (Multiple unspecified vulnerabilities in ReSIProcate before 1.3.4 allow ...) - TODO: check + NOT-FOR-US: ReSIProcate CVE-2008-3198 (Mozilla Firefox 3.x before 3.0.1 allows remote attackers to inject ...) TODO: check CVE-2008-3195 @@ -259,19 +259,19 @@ CVE-2008-3194 (Multiple directory traversal vulnerabilities in ...) TODO: check CVE-2008-3193 (SQL injection vulnerability in jSite 1.0 OE allows remote attackers to ...) - TODO: check + NOT-FOR-US: jSite CVE-2008-3192 (Directory traversal vulnerability in index.php in jSite 1.0 OE allows ...) - TODO: check + NOT-FOR-US: jSite CVE-2008-3191 (Multiple SQL injection vulnerabilities in usercp.php in mForum 0.1a, ...) - TODO: check + NOT-FOR-US: mForum CVE-2008-3190 (Directory traversal vulnerability in list.php in 1Scripts CodeDB 1.1.1 ...) - TODO: check + NOT-FOR-US: CodeDB CVE-2008-3189 (SQL injection vulnerability in dreamnews-rss.php in DreamNews Manager ...) - TODO: check + NOT-FOR-US: DreamNews Manager CVE-2008-3188 (libxcrypt in SUSE openSUSE 11.0 uses the DES algorithm when the ...) TODO: check CVE-2008-3187 (zypp-refresh-patches in zypper in SUSE openSUSE 10.2, 10.3, and 11.0 ...) - TODO: check + NOT-FOR-US: zypper CVE-2008-3330 (Cross-site scripting (XSS) vulnerability in ...) - horde3 3.2.1+debian0-1 (low; bug #492578) - turba 2.2.1-1 (low)