joeyh at alioth.debian.org
2008-Oct-24 21:14 UTC
[Secure-testing-commits] r10157 - data/CVE
Author: joeyh
Date: 2008-10-24 21:14:12 +0000 (Fri, 24 Oct 2008)
New Revision: 10157
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2008-10-23 21:14:14 UTC (rev 10156)
+++ data/CVE/list 2008-10-24 21:14:12 UTC (rev 10157)
@@ -1,3 +1,77 @@
+CVE-2008-4739 (Directory traversal vulnerability in index.php in PlugSpace 0.1,
when ...)
+ TODO: check
+CVE-2008-4738 (SQL injection vulnerability in gallery.php in MyCard 1.0.2
allows ...)
+ TODO: check
+CVE-2008-4737 (Cross-site scripting (XSS) vulnerability in wholite.cgi in
WhoDomLite ...)
+ TODO: check
+CVE-2008-4736 (SQL injection vulnerability in index.php in RPG.Board 0.8 Beta2
and ...)
+ TODO: check
+CVE-2008-4735 (PHP remote file inclusion vulnerability in header.php in Concord
...)
+ TODO: check
+CVE-2008-4734 (Cross-site request forgery (CSRF) vulnerability in the ...)
+ TODO: check
+CVE-2008-4733 (Cross-site scripting (XSS) vulnerability in wpcommentremix.php
in WP ...)
+ TODO: check
+CVE-2008-4732 (SQL injection vulnerability in ajax_comments.php in the WP
Comment ...)
+ TODO: check
+CVE-2008-4731 (Multiple unspecified vulnerabilities in YaCy before 0.61 have
unknown ...)
+ TODO: check
+CVE-2008-4730 (Cross-site scripting (XSS) vulnerability in MyID.php in phpMyID
0.9 ...)
+ TODO: check
+CVE-2008-4729 (Stack-based buffer overflow in Hummingbird.XWebHostCtrl.1
ActiveX ...)
+ TODO: check
+CVE-2008-4728 (Multiple insecure method vulnerabilities in the ...)
+ TODO: check
+CVE-2008-4727 (Cross-site scripting (XSS) vulnerability in the contact update
page ...)
+ TODO: check
+CVE-2008-4726 (Stack-based buffer overflow in the SFTP subsystem in GoodTech
SSH 6.4 ...)
+ TODO: check
+CVE-2008-4725 (Cross-site scripting (XSS) vulnerability in Opera.dll in Opera
9.52 ...)
+ TODO: check
+CVE-2008-4724 (Multiple cross-site scripting (XSS) vulnerabilities in Google
Chrome ...)
+ TODO: check
+CVE-2008-4723 (Multiple cross-site scripting (XSS) vulnerabilities in Mozilla
Firefox ...)
+ TODO: check
+CVE-2008-4722 (Unspecified vulnerability in Sun Integrated Lights-Out Manager
(ILOM) ...)
+ TODO: check
+CVE-2008-4721 (PHP Jabbers Post Comment 3.0 allows remote attackers to bypass
...)
+ TODO: check
+CVE-2008-4720 (Multiple PHP remote file inclusion vulnerabilities in The Gemini
...)
+ TODO: check
+CVE-2008-4719 (PHP remote file inclusion vulnerability in ...)
+ TODO: check
+CVE-2008-4718 (Directory traversal vulnerability in help/mini.phpin X7 Chat
2.0.1 A1 ...)
+ TODO: check
+CVE-2008-4717 (SQL injection vulnerability in bannerclick.php in ZEELYRICS 2.0
allows ...)
+ TODO: check
+CVE-2008-4716 (SQL injection vulnerability in show.php in BitmixSoft PHP-Lance
1.52 ...)
+ TODO: check
+CVE-2008-4715 (SQL injection vulnerability in the Jpad (com_jpad) 1.0 component
for ...)
+ TODO: check
+CVE-2008-4714 (Atomic Photo Album 1.1.0 pre4 does not properly handle the ...)
+ TODO: check
+CVE-2008-4713 (SQL injection vulnerability in view.php in 212cafe Board 0.07
allows ...)
+ TODO: check
+CVE-2008-4712 (Directory traversal vulnerability in pages/showblog.php in
LnBlog ...)
+ TODO: check
+CVE-2008-4711 (SQL injection vulnerability in Joovili 3.0 and earlier, when
...)
+ TODO: check
+CVE-2008-4710 (Cross-site scripting (XSS) vulnerability in the stock quotes
page in ...)
+ TODO: check
+CVE-2008-4709 (SQL injection vulnerability in news_read.php in Pilot Group (PG)
...)
+ TODO: check
+CVE-2008-4708 (BbZL.PhP 0.92 allows remote attackers to bypass authentication
and ...)
+ TODO: check
+CVE-2008-4707 (Directory traversal vulnerability in index.php in BbZL.PhP 0.92
allows ...)
+ TODO: check
+CVE-2008-4706 (SQL injection vulnerability in VBGooglemap Hotspot Edition
1.0.3, a ...)
+ TODO: check
+CVE-2008-4705 (SQL injection vulnerability in success_story.php in php Online
Dating ...)
+ TODO: check
+CVE-2008-4704 (PHP remote file inclusion vulnerability in
SezHooTabsAndActions.php in ...)
+ TODO: check
+CVE-2008-4703 (SQL injection vulnerability in news.php in BosDev BosNews 4.0
allows ...)
+ TODO: check
CVE-2008-4702 (Multiple directory traversal vulnerabilities in PhpWebGallery
1.3.4 ...)
TODO: check
CVE-2008-4701 (SQL injection vulnerability in admin.php in Libera CMS 1.12,
when ...)
@@ -6,16 +80,16 @@
TODO: check
CVE-2008-4699 (Insecure method vulnerability in the ActiveX control
(PAWWeb11.ocx) in ...)
TODO: check
-CVE-2008-4698
- RESERVED
-CVE-2008-4697
- RESERVED
-CVE-2008-4696
- RESERVED
-CVE-2008-4695
- RESERVED
-CVE-2008-4694
- RESERVED
+CVE-2008-4698 (Opera before 9.61 does not properly block scripts during preview
of a ...)
+ TODO: check
+CVE-2008-4697 (The Fast Forward feature in Opera before 9.61, when a page is
located ...)
+ TODO: check
+CVE-2008-4696 (Cross-site scripting (XSS) vulnerability in Opera.dll in Opera
before ...)
+ TODO: check
+CVE-2008-4695 (Opera before 9.60 allows remote attackers to obtain sensitive
...)
+ TODO: check
+CVE-2008-4694 (Unspecified vulnerability in Opera before 9.60 allows remote
attackers ...)
+ TODO: check
CVE-2008-4693 (The SORT/LIST SERVICES component in IBM DB2 9.1 before FP6 and
9.5 ...)
TODO: check
CVE-2008-4692 (The Native Managed Provider for .NET component in IBM DB2 8
before ...)
@@ -1019,8 +1093,8 @@
RESERVED
CVE-2008-4251
RESERVED
-CVE-2008-4250
- RESERVED
+CVE-2008-4250 (The Server service in Microsoft Windows 2000 SP4, XP SP2 and
SP3, ...)
+ TODO: check
CVE-2008-4249
RESERVED
CVE-2008-4248
@@ -1950,10 +2024,10 @@
RESERVED
CVE-2008-3864
RESERVED
-CVE-2008-3863
- RESERVED
-CVE-2008-3862
- RESERVED
+CVE-2008-3863 (Stack-based buffer overflow in the read_special_escape function
in ...)
+ TODO: check
+CVE-2008-3862 (Stack-based buffer overflow in CGI programs in the server in
Trend ...)
+ TODO: check
CVE-2008-3861 (Multiple SQL injection vulnerabilities in phpMyRealty (PMR)
1.0.9 and ...)
NOT-FOR-US: phpMyRealty
CVE-2008-3860 (Multiple cross-site scripting (XSS) vulnerabilities (1) in the
WYSIWYG ...)
@@ -2090,12 +2164,12 @@
RESERVED
CVE-2008-3818
RESERVED
-CVE-2008-3817
- RESERVED
-CVE-2008-3816
- RESERVED
-CVE-2008-3815
- RESERVED
+CVE-2008-3817 (Memory leak in Cisco Adaptive Security Appliances (ASA) 5500
Series ...)
+ TODO: check
+CVE-2008-3816 (Unspecified vulnerability in Cisco Adaptive Security Appliances
(ASA) ...)
+ TODO: check
+CVE-2008-3815 (Unspecified vulnerability in Cisco Adaptive Security Appliances
(ASA) ...)
+ TODO: check
CVE-2008-3814 (Unspecified vulnerability in Cisco Unity 4.x before 4.2(1)ES161,
5.x ...)
NOT-FOR-US: Cisco
CVE-2008-3813 (Unspecified vulnerability in Cisco IOS 12.2 and 12.4, when the
L2TP ...)
@@ -5324,8 +5398,7 @@
RESERVED
CVE-2008-2470 (The InstallShield Update Service Agent ActiveX control in
isusweb.dll ...)
NOT-FOR-US: InstallShield
-CVE-2008-2469
- RESERVED
+CVE-2008-2469 (Heap-based buffer overflow in the SPF_dns_resolv_lookup function
in ...)
{DSA-1659-1 DTSA-172-1}
- libspf2 <unfixed> (high)
CVE-2008-2468 (Multiple buffer overflows in the QIP Server Service (aka
qipsrvr.exe) ...)
@@ -17794,8 +17867,8 @@
[sarge] - cupsys <not-affected> (Only vulnerable to code injection since
1.2.x, effects are harmless otherwise)
CVE-2007-4350 (Cross-site scripting (XSS) vulnerability in the management
interface ...)
TODO: check
-CVE-2007-4349
- RESERVED
+CVE-2007-4349 (The Shared Trace Service (aka OVTrace) in HP OpenView Report
3.70 and ...)
+ TODO: check
CVE-2007-4348 (Cross-site scripting (XSS) vulnerability in the CAD service in
IBM ...)
NOT-FOR-US: IBM Tivoli Storage Manager
CVE-2007-4347 (Multiple integer overflows in the Job Engine (bengine.exe)
service in ...)