atomo64-guest at alioth.debian.org
2008-Nov-19 02:58 UTC
[Secure-testing-commits] r10418 - data/CVE
Author: atomo64-guest Date: 2008-11-19 02:58:09 +0000 (Wed, 19 Nov 2008) New Revision: 10418 Modified: data/CVE/list Log: NFUs, CVEfied, and new no-ip issue Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-11-18 23:37:09 UTC (rev 10417) +++ data/CVE/list 2008-11-19 02:58:09 UTC (rev 10418) @@ -1,3 +1,5 @@ +CVE-2008-XXXX [no-ip DUC remote code execution] + - no-ip <unfixed> (bug #506179) CVE-2008-5132 (SQL injection vulnerability in inc/ajax/ajax_rating.php in MemHT ...) TODO: check CVE-2008-5131 (Multiple SQL injection vulnerabilities in Develop It Easy News And ...) @@ -3,11 +5,11 @@ TODO: check CVE-2008-5130 (Ocean12 Calendar Manager Gold 2.04 stores sensitive information under ...) - TODO: check + NOT-FOR-US: Ocean12 software CVE-2008-5129 (Ocean12 Poll Manager Pro 1.00 stores sensitive information under the ...) - TODO: check + NOT-FOR-US: Ocean12 software CVE-2008-5128 (Ocean12 Membership Manager Pro stores sensitive information under the ...) - TODO: check + NOT-FOR-US: Ocean12 software CVE-2008-5127 (Ocean12 Contact Manager Pro 1.02 stores sensitive information under ...) - TODO: check + NOT-FOR-US: Ocean12 software CVE-2008-5126 (Cross-site scripting (XSS) vulnerability in search.php in BoutikOne ...) TODO: check @@ -36,10 +38,8 @@ TODO: check CVE-2008-5114 (Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System ...) TODO: check -CVE-2008-5113 (WordPress 2.6.3 relies on the REQUEST superglobal array in certain ...) - TODO: check CVE-2008-5112 (The LDAP server in Active Directory in Microsoft Windows 2000 SP4 and ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2008-5111 (Unspecified vulnerability in the socket function in Sun Solaris 10 and ...) TODO: check CVE-2008-5109 @@ -58,8 +58,6 @@ TODO: check CVE-2008-5102 (PythonScripts in Zope 2 2.11.2 and earlier, as used in Conga and other ...) TODO: check -CVE-2008-5101 (Buffer overflow in the BMP reader in OptiPNG 0.6 and 0.6.1 allows ...) - TODO: check CVE-2008-5100 (The strong name (SN) implementation in Microsoft .NET Framework ...) TODO: check CVE-2008-5099 (Sun Logical Domain Manager (aka LDoms Manager or ldm) 1.0 through ...) @@ -165,9 +163,9 @@ CVE-2008-5051 (SQL injection vulnerability in the JooBlog (com_jb2) component 0.1.1 ...) TODO: check CVE-2008-5049 (Buffer overflow in AKEProtect.sys 3.3.3.0 in ISecSoft Anti-Keylogger ...) - TODO: check + NOT-FOR-US: ISecSoft Anti-Keylogger CVE-2008-5048 (Buffer overflow in Atepmon.sys in ISecSoft Anti-Trojan Elite 4.2.1 and ...) - TODO: check + NOT-FOR-US: ISecSoft Anti-Trojan CVE-2008-5047 (SQL injection vulnerability in admin/index.php in Mole Group Rental ...) TODO: check CVE-2008-5046 (SQL injection vulnerability in index.php in Mole Group Pizza Script ...) @@ -241,7 +239,7 @@ TODO: check CVE-2008-5010 (in.dhcpd in the DHCP implementation in Sun Solaris 8 through 10, and ...) NOT-FOR-US: in.dhcpd -CVE-2008-XXXX [OptiPNG BMP Reader Buffer Overflow] +CVE-2008-5101 [OptiPNG BMP Reader Buffer Overflow] - optipng 0.6.1.1-1 (bug #505399) NOTE: This is SA32651 CVE-2008-XXXX [tor: changing user does not clear supplementary group entries] @@ -296,7 +294,7 @@ NOT-FOR-US: LOCKON CO.,LTD. EC-CUBE CVE-2008-XXXX [yzis insecure temp file] - yzis 1.0~alpha1-2 (bug #504680) -CVE-2008-XXXX [delayed attacks via cookies] +CVE-2008-5113 [delayed attacks via cookies] - wordpress 2.5.1-10 (bug #504771) CVE-2008-4990 RESERVED