joeyh at alioth.debian.org
2008-Nov-24 21:14 UTC
[Secure-testing-commits] r10478 - data/CVE
Author: joeyh
Date: 2008-11-24 21:14:12 +0000 (Mon, 24 Nov 2008)
New Revision: 10478
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2008-11-24 21:08:54 UTC (rev 10477)
+++ data/CVE/list 2008-11-24 21:14:12 UTC (rev 10478)
@@ -1,3 +1,39 @@
+CVE-2008-5207 (Multiple directory traversal vulnerabilities in Jonascms 1.2
allow ...)
+ TODO: check
+CVE-2008-5206 (PHP remote file inclusion vulnerability in
modules/mod_mainmenu.php in ...)
+ TODO: check
+CVE-2008-5205 (Cross-site scripting (XSS) vulnerability in edit.php in
wellyblog ...)
+ TODO: check
+CVE-2008-5204 (Multiple directory traversal vulnerabilities in PowerAward 1.1.0
RC1, ...)
+ TODO: check
+CVE-2008-5203 (Cross-site scripting (XSS) vulnerability in external_vote.php in
...)
+ TODO: check
+CVE-2008-5202 (Cross-site scripting (XSS) vulnerability in index.php in
OTManager CMS ...)
+ TODO: check
+CVE-2008-5201 (Directory traversal vulnerability in index.php in OTManager CMS
24a ...)
+ TODO: check
+CVE-2008-5200 (SQL injection vulnerability in the Xe webtv (com_xewebtv)
component ...)
+ TODO: check
+CVE-2008-5199 (PHP remote file inclusion vulnerability in include.php in ...)
+ TODO: check
+CVE-2008-5198 (SQL injection vulnerability in memberlist.php in Acmlmboard 1.A2
...)
+ TODO: check
+CVE-2008-5197 (SQL injection vulnerability in classifieds.php in PHP-Fusion
allows ...)
+ TODO: check
+CVE-2008-5196 (SQL injection vulnerability in kroax.php in the Kroax
(the_kroax) 4.42 ...)
+ TODO: check
+CVE-2008-5195 (Multiple SQL injection vulnerabilities in SebracCMS (sbcms) 0.4
allow ...)
+ TODO: check
+CVE-2008-5194 (SQL injection vulnerability in checkavail.php in SoftVisions
Software ...)
+ TODO: check
+CVE-2008-5193 (Cross-site scripting (XSS) vulnerability in search.asp in W1L3D4
...)
+ TODO: check
+CVE-2008-5192 (SQL injection vulnerability in forum.asp in W1L3D4 Philboard
1.14 and ...)
+ TODO: check
+CVE-2008-5191 (Multiple SQL injection vulnerabilities in SePortal 2.4 allow
remote ...)
+ TODO: check
+CVE-2008-5190 (SQL injection vulnerability in index.php in eSHOP100 allows
remote ...)
+ TODO: check
CVE-2008-XXXX [DoS caused by sending a SMTP request with large content]
- wireshark <unfixed> (low; bug #506741)
NOTE: CVE id requested
@@ -432,7 +468,7 @@
- xulrunner 1.9
CVE-2008-5012 (Mozilla Firefox 2.x before 2.0.0.18, Thunderbird 2.x before
2.0.0.18, ...)
{DSA-1669-1}
- - iceape 1.1.13-1
+ - iceape 1.1.13-1
NOTE: Iceweasel 3.0 aka Xulrunner 1.9 not affected
- iceweasel 3.0
- xulrunner 1.9
@@ -1369,7 +1405,7 @@
{DSA-1669-1}
- xulrunner 1.9.0.4-1
- iceweasel 3.0.4-1
- - iceape 1.1.13-1
+ - iceape 1.1.13-1
CVE-2008-4581 (The Editor in IBM ENOVIA SmarTeam 5 before release 18 SP5, and
release ...)
NOT-FOR-US: IBM ENOVIA SmarTeam
CVE-2008-4580 (fence_manual, as used in fence 2.02.00-r1 and possibly cman,
allows ...)
@@ -2023,6 +2059,7 @@
CVE-2008-4307
RESERVED
CVE-2008-4306 (Unspecified vulnerability in enscript before 1.6.4 in Ubuntu
Linux ...)
+ {DSA-1670-1}
- enscript 1.6.4-13 (bug #506261)
CVE-2008-4305
RESERVED
@@ -3085,6 +3122,7 @@
CVE-2008-3864
RESERVED
CVE-2008-3863 (Stack-based buffer overflow in the read_special_escape function
in ...)
+ {DSA-1670-1}
- enscript 1.6.4-13 (bug #506261)
CVE-2008-3862 (Stack-based buffer overflow in CGI programs in the server in
Trend ...)
NOT-FOR-US: Trend Micro OfficeScan
@@ -12995,7 +13033,7 @@
{DSA-1669-1}
- iceweasel 3.0.4-1
- xulrunner 1.9.0.4-1
- - iceape 1.1.13-1
+ - iceape 1.1.13-1
CVE-2008-0016 (Stack-based buffer overflow in the URL parsing implementation in
...)
{DSA-1669-1 DSA-1649-1}
NOTE: Iceweasel 3.0 aka Xulrunner 1.9 not affected