joeyh at alioth.debian.org
2008-Oct-16 21:14 UTC
[Secure-testing-commits] r10103 - data/CVE
Author: joeyh Date: 2008-10-16 21:14:13 +0000 (Thu, 16 Oct 2008) New Revision: 10103 Modified: data/CVE/list Log: automatic update Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-10-16 11:53:12 UTC (rev 10102) +++ data/CVE/list 2008-10-16 21:14:13 UTC (rev 10103) @@ -1,10 +1,44 @@ -CVE-2008-4574 +CVE-2008-4589 (Heap-based buffer overflow in the tvtumin.sys kernel driver in Lenovo ...) + TODO: check +CVE-2008-4588 (Stack-based buffer overflow in the FTP server in Etype Eserv 3.x, ...) + TODO: check +CVE-2008-4587 (Insecure method vulnerability in the ...) + TODO: check +CVE-2008-4586 (Insecure method vulnerability in the MVSNCLientWebAgent61.WebAgent.1 ...) + TODO: check +CVE-2008-4585 (Belong Software Site Builder 0.1 beta allows remote attackers to ...) + TODO: check +CVE-2008-4584 (Insecure method vulnerability in Chilkat Mail 7.8 ActiveX control ...) + TODO: check +CVE-2008-4583 (Insecure method vulnerability in the Chilkat FTP 2.0 ActiveX component ...) + TODO: check +CVE-2008-4582 (Mozilla Firefox 3.0.1 through 3.0.3 on Windows does not properly ...) + TODO: check +CVE-2008-4581 (The Editor in IBM ENOVIA SmarTeam 5 before release 18 SP5, and release ...) + TODO: check +CVE-2008-4580 (fence_manual in fence allows local users to modify arbitrary files via ...) + TODO: check +CVE-2008-4579 (The (1) fence_apc and (2) fence_apc_snmp programs, as used in (a) ...) + TODO: check +CVE-2008-4578 (The ACL plugin in Dovecot before 1.1.4 allows attackers to bypass ...) + TODO: check +CVE-2008-4577 (The ACL plugin in Dovecot before 1.1.4 treats negative access rights ...) + TODO: check +CVE-2008-4576 (sctp in Linux kernel before 2.6.25.18 allows remote attackers to cause ...) + TODO: check +CVE-2008-4575 (Buffer overflow in the DoCommand function in jhead before 2.84 might ...) + TODO: check +CVE-2008-4571 (Cross-site scripting (XSS) vulnerability in the LiveSearch module in ...) + TODO: check +CVE-2008-4569 (SQL injection vulnerability in xlacomments.asp in XIGLA Software ...) + TODO: check +CVE-2008-4574 (SQL injection vulnerability in default.asp in Ayco Okul Portali allows ...) NOT-FOR-US: Ayco Okul Portali -CVE-2008-4573 +CVE-2008-4573 (SQL injection vulnerability in kategori.asp in MunzurSoft Wep Portal ...) NOT-FOR-US: MunzurSoft Wep Portal W3 -CVE-2008-4572 +CVE-2008-4572 (GuildFTPd 0.999.14, and possibly other versions, allows remote ...) NOT-FOR-US: GuildFTPd -CVE-2008-4570 +CVE-2008-4570 (SQL injection vulnerability in index.php in Real Estate Classifieds ...) NOT-FOR-US: Real Estate Classifieds CVE-2008-4568 RESERVED @@ -32,10 +66,9 @@ NOT-FOR-US: Sun Solstice AdminSuite CVE-2008-4555 (Stack-based buffer overflow in the push_subg function in parser.y ...) TODO: check -CVE-2008-4554 - RESERVED -CVE-2008-4553 [qemu: insecure temp file] - RESERVED +CVE-2008-4554 (The do_splice_from function in fs/splice.c in the Linux kernel before ...) + TODO: check +CVE-2008-4553 (qemu-make-debian-root in qemu 0.9.1-5 on Debian GNU/Linux allows local ...) - qemu 0.9.1-6 (low; bug #496394) CVE-2008-4552 (nfs-utils 1.0.9, and possibly other versions before 1.1.3, invokes the ...) TODO: check @@ -3876,7 +3909,7 @@ NOT-FOR-US: Microsoft Internet Explorer CVE-2008-2948 (Cross-domain vulnerability in Microsoft Internet Explorer 7 and 8 ...) NOT-FOR-US: Microsoft Internet Explorer -CVE-2008-2947 (Cross-domain vulnerability in Microsoft Internet Explorer 6 allows ...) +CVE-2008-2947 (Cross-domain vulnerability in Microsoft Internet Explorer 5.01 SP4, 6, ...) NOT-FOR-US: Microsoft Internet Explorer CVE-2008-2946 (The SNMP-DMI mapper subagent daemon (aka snmpXdmid) in Solstice ...) NOT-FOR-US: Solstice Enterprise Agents in Sun Solaris