thr3ads.net - Secure testing commits - [Secure-testing-commits] r10671

If this information is useful, please help other people find it:
Share via:
joeyh at alioth.debian.org
2008-Dec-10 21:14 UTC
[Secure-testing-commits] r10671 - data/CVE

Author: joeyh
Date: 2008-12-10 21:14:14 +0000 (Wed, 10 Dec 2008)
New Revision: 10671

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2008-12-10 16:23:31 UTC (rev 10670)
+++ data/CVE/list	2008-12-10 21:14:14 UTC (rev 10671)
@@ -1,3 +1,25 @@
+CVE-2008-5420 (The SAN Manager Master Agent service (aka msragent.exe) in EMC
Control ...)
+	TODO: check
+CVE-2008-5419 (Stack-based buffer overflow in SAN Manager Master Agent service
(aka ...)
+	TODO: check
+CVE-2008-5418 (Directory traversal vulnerability in login.php in the PunPortal
module ...)
+	TODO: check
+CVE-2008-5417 (HP DECnet-Plus 8.3 before ECO03 for OpenVMS on the Alpha
platform uses ...)
+	TODO: check
+CVE-2008-5416 (Heap-based buffer overflow in Microsoft SQL Server 2000
8.00.2050, ...)
+	TODO: check
+CVE-2008-5415
+	RESERVED
+CVE-2008-5414 (Unspecified vulnerability in the Feature Pack for Web Services
in the ...)
+	TODO: check
+CVE-2008-5413 (PerfServlet in the PMI/Performance Tools component in IBM
WebSphere ...)
+	TODO: check
+CVE-2008-5412 (Unspecified vulnerability in IBM WebSphere Application Server
(WAS) 7 ...)
+	TODO: check
+CVE-2008-5411 (IBM WebSphere Application Server (WAS) 7 before 7.0.0.1 sends
SSL ...)
+	TODO: check
+CVE-2008-5410 (The PK11_SESSION cache in the OpenSSL PKCS#11 engine in Sun
Solaris 10 ...)
+	TODO: check
 CVE-2008-5409 (Unspecified vulnerability in the pdf.xmd module in (1)
BitDefender ...)
 	NOT-FOR-US: itDefender Free Edition and Antivirus Standard, BullGuard Internet
Security and Software602 Groupware Server
 CVE-2008-5408 (Buffer overflow in the data management protocol in Symantec
Backup ...)
@@ -225,10 +247,10 @@
 	NOT-FOR-US: PG Roommate Finder Solution
 CVE-2008-5306 (SQL injection vulnerability in admin/index.php in PG Real Estate
...)
 	NOT-FOR-US: PG Real Estate Solution
-CVE-2008-5305
-	RESERVED
-CVE-2008-5304
-	RESERVED
+CVE-2008-5305 (Eval injection vulnerability in TWiki before 4.2.4 allows remote
...)
+	TODO: check
+CVE-2008-5304 (Cross-site scripting (XSS) vulnerability in TWiki before 4.2.4
allows ...)
+	TODO: check
 CVE-2008-5303 (Race condition in the rmtree function in File::Path 1.08 ...)
 	{DSA-1678-1}
 	- perl 5.10.0-18
@@ -1258,16 +1280,16 @@
 	RESERVED
 CVE-2008-4842
 	RESERVED
-CVE-2008-4841
-	RESERVED
+CVE-2008-4841 (The WordPad Text Converter for Word 97 files in Microsoft
Windows 2000 ...)
+	TODO: check
 CVE-2008-4840
 	RESERVED
 CVE-2008-4839
 	RESERVED
 CVE-2008-4838
 	RESERVED
-CVE-2008-4837
-	RESERVED
+CVE-2008-4837 (Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007
Gold and ...)
+	TODO: check
 CVE-2008-4836
 	RESERVED
 CVE-2008-4835
@@ -2529,8 +2551,8 @@
 	NOT-FOR-US: OpenPegasus
 CVE-2008-4312
 	RESERVED
-CVE-2008-4311
-	RESERVED
+CVE-2008-4311 (The default configuration of system.conf in D-Bus (aka DBus)
before ...)
+	TODO: check
 CVE-2008-4310 (httputils.rb in WEBrick in Ruby 1.8.1 and 1.8.5 allows remote
...)
 	TODO: check
 CVE-2008-4309 (Integer overflow in the netsnmp_create_subtree_cache function in
...)
@@ -2617,42 +2639,42 @@
 	RESERVED
 CVE-2008-4270
 	RESERVED
-CVE-2008-4269
-	RESERVED
-CVE-2008-4268
-	RESERVED
+CVE-2008-4269 (The search-ms protocol handler in Windows Explorer in Microsoft
...)
+	TODO: check
+CVE-2008-4268 (The Windows Search component in Microsoft Windows Vista Gold and
SP1 ...)
+	TODO: check
 CVE-2008-4267
 	RESERVED
-CVE-2008-4266
-	RESERVED
-CVE-2008-4265
-	RESERVED
-CVE-2008-4264
-	RESERVED
+CVE-2008-4266 (Microsoft Office Excel 2000 SP3, 2002 SP3, and 2003 SP3; Excel
Viewer ...)
+	TODO: check
+CVE-2008-4265 (Microsoft Office Excel 2000 SP3 allows remote attackers to
execute ...)
+	TODO: check
+CVE-2008-4264 (Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3, and 2007
Gold and ...)
+	TODO: check
 CVE-2008-4263
 	RESERVED
 CVE-2008-4262
 	RESERVED
-CVE-2008-4261
-	RESERVED
-CVE-2008-4260
-	RESERVED
-CVE-2008-4259
-	RESERVED
-CVE-2008-4258
-	RESERVED
+CVE-2008-4261 (Microsoft Internet Explorer 5.01 SP4, 6 SP1 on Windows 2000, and
6 on ...)
+	TODO: check
+CVE-2008-4260 (Microsoft Internet Explorer 7 sometimes attempts to access a
deleted ...)
+	TODO: check
+CVE-2008-4259 (Microsoft Internet Explorer 7 sometimes attempts to access ...)
+	TODO: check
+CVE-2008-4258 (Microsoft Internet Explorer 5.01 SP4 and 6 SP1 does not properly
...)
+	TODO: check
 CVE-2008-4257
 	RESERVED
-CVE-2008-4256
-	RESERVED
-CVE-2008-4255
-	RESERVED
-CVE-2008-4254
-	RESERVED
-CVE-2008-4253
-	RESERVED
-CVE-2008-4252
-	RESERVED
+CVE-2008-4256 (The Charts ActiveX control in Microsoft Visual Basic 6.0, Visual
...)
+	TODO: check
+CVE-2008-4255 (The Windows Common ActiveX control in Microsoft Visual Basic
6.0, ...)
+	TODO: check
+CVE-2008-4254 (The Hierarchical FlexGrid ActiveX control in Microsoft Visual
Basic ...)
+	TODO: check
+CVE-2008-4253 (The FlexGrid ActiveX control in Microsoft Visual Basic 6.0,
Visual ...)
+	TODO: check
+CVE-2008-4252 (The DataGrid ActiveX control in Microsoft Visual Basic 6.0 and
Visual ...)
+	TODO: check
 CVE-2008-4251
 	RESERVED
 CVE-2008-4250 (The Server service in Microsoft Windows 2000 SP4, XP SP2 and
SP3, ...)
@@ -3193,24 +3215,24 @@
 	RESERVED
 CVE-2008-4033 (Cross-domain vulnerability in Microsoft XML Core Services 3.0
through ...)
 	NOT-FOR-US: Microsoft XML Core
-CVE-2008-4032
-	RESERVED
-CVE-2008-4031
-	RESERVED
-CVE-2008-4030
-	RESERVED
+CVE-2008-4032 (Microsoft Office SharePoint Server 2007 Gold and SP1 and
Microsoft ...)
+	TODO: check
+CVE-2008-4031 (Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007
Gold and ...)
+	TODO: check
+CVE-2008-4030 (Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007
Gold and ...)
+	TODO: check
 CVE-2008-4029 (Cross-domain vulnerability in Microsoft XML Core Services 3.0
and 4.0, ...)
 	NOT-FOR-US: Microsoft XML Core
-CVE-2008-4028
-	RESERVED
-CVE-2008-4027
-	RESERVED
-CVE-2008-4026
-	RESERVED
-CVE-2008-4025
-	RESERVED
-CVE-2008-4024
-	RESERVED
+CVE-2008-4028 (Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007
Gold and ...)
+	TODO: check
+CVE-2008-4027 (Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007
Gold and ...)
+	TODO: check
+CVE-2008-4026 (Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007
Gold and ...)
+	TODO: check
+CVE-2008-4025 (Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007
Gold and ...)
+	TODO: check
+CVE-2008-4024 (Microsoft Office Word 2000 SP3 and 2002 SP3 and Office 2004 for
Mac ...)
+	TODO: check
 CVE-2008-4023 (Active Directory in Microsoft Windows 2000 SP4 does not properly
...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2008-4022
@@ -4685,8 +4707,8 @@
 	RESERVED
 CVE-2008-3466 (Microsoft Host Integration Server (HIS) 2000, 2004, and 2006
does not ...)
 	NOT-FOR-US: Microsoft
-CVE-2008-3465
-	RESERVED
+CVE-2008-3465 (Heap-based buffer overflow in an API in GDI in Microsoft Windows
2000 ...)
+	TODO: check
 CVE-2008-3464 (afd.sys in the Ancillary Function Driver (AFD) component in
Microsoft ...)
 	NOT-FOR-US: Microsoft
 CVE-2008-3463
@@ -5739,10 +5761,10 @@
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2008-3011
 	RESERVED
-CVE-2008-3010
-	RESERVED
-CVE-2008-3009
-	RESERVED
+CVE-2008-3010 (Microsoft Windows Media Player 6.4, Windows Media Format Runtime
7.1 ...)
+	TODO: check
+CVE-2008-3009 (Microsoft Windows Media Player 6.4, Windows Media Format Runtime
7.1 ...)
+	TODO: check
 CVE-2008-3008 (Stack-based buffer overflow in the WMEncProfileManager ActiveX
control ...)
 	NOT-FOR-US: Microsoft Windows Media Encoder
 CVE-2008-3007 (Microsoft Office XP SP3, 2003 SP2 and SP3, 2007 Office System
Gold and ...)
@@ -7480,8 +7502,8 @@
 	NOT-FOR-US: Microsoft
 CVE-2008-2250 (The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server
2003 ...)
 	NOT-FOR-US: Microsoft
-CVE-2008-2249
-	RESERVED
+CVE-2008-2249 (Integer overflow in GDI in Microsoft Windows 2000 SP4, XP SP2
and SP3, ...)
+	TODO: check
 CVE-2008-2248 (Cross-site scripting (XSS) vulnerability in Outlook Web Access
(OWA) ...)
 	NOT-FOR-US: Exchange Server
 CVE-2008-2247 (Cross-site scripting (XSS) vulnerability in Outlook Web Access
(OWA) ...)
@@ -19476,7 +19498,7 @@
 	[sarge] - cupsys <not-affected> (Only vulnerable to code injection since
1.2.x, effects are harmless otherwise)
 CVE-2007-4350 (Cross-site scripting (XSS) vulnerability in the management
interface ...)
 	NOT-FOR-US: HP SiteScope
-CVE-2007-4349 (The Shared Trace Service (aka OVTrace) in HP OpenView Report
3.70 and ...)
+CVE-2007-4349 (The Shared Trace Service (aka OVTrace) in HP Performance Agent
C.04.70 ...)
 	NOT-FOR-US: HP OpenView Report
 CVE-2007-4348 (Cross-site scripting (XSS) vulnerability in the CAD service in
IBM ...)
 	NOT-FOR-US: IBM Tivoli Storage Manager
Secure testing commits - Dec 2008 - r10671 - data/CVE

[Secure-testing-commits] r10671 - data/CVE
