thr3ads.net - Secure testing commits - [Secure-testing-commits] r10824

If this information is useful, please help other people find it:
Share via:
joeyh at alioth.debian.org
2008-Dec-29 21:14 UTC
[Secure-testing-commits] r10824 - data/CVE

Author: joeyh
Date: 2008-12-29 21:14:11 +0000 (Mon, 29 Dec 2008)
New Revision: 10824

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2008-12-29 09:14:13 UTC (rev 10823)
+++ data/CVE/list	2008-12-29 21:14:11 UTC (rev 10824)
@@ -1,3 +1,59 @@
+CVE-2008-5744 (Array index error in the dahdi/tor2.c driver in Zaptel (aka
DAHDI) ...)
+	TODO: check
+CVE-2008-5743 (pdfjam creates the (1) pdf90, (2) pdfjoin, and (3) pdfnup files
with a ...)
+	TODO: check
+CVE-2008-5742 (Multiple open redirect vulnerabilities in AIST NetCat 3.12 and
earlier ...)
+	TODO: check
+CVE-2008-5741
+	RESERVED
+CVE-2008-5740
+	RESERVED
+CVE-2008-5739 (SQL injection vulnerability in evb/check_url.php in Pligg CMS
9.9.5 ...)
+	TODO: check
+CVE-2008-5738 (Nodstrum MySQL Calendar 1.1 and 1.2 allows remote attackers to
bypass ...)
+	TODO: check
+CVE-2008-5737 (SQL injection vulnerability in index.php in Nodstrum MySQL
Calendar ...)
+	TODO: check
+CVE-2008-5736 (Multiple unspecified vulnerabilities in FreeBSD 6 before
6.4-STABLE, ...)
+	TODO: check
+CVE-2008-5735 (Stack-based buffer overflow in skin.c in CoolPlayer 2.17 through
2.19 ...)
+	TODO: check
+CVE-2008-5734 (Cross-site scripting (XSS) vulnerability in WebMail Pro in
IceWarp ...)
+	TODO: check
+CVE-2008-5733 (SQL injection vulnerability in blog.php in the Team Impact TI
Blog ...)
+	TODO: check
+CVE-2008-5732 (Unrestricted file upload vulnerability in lib/image_upload.php
in ...)
+	TODO: check
+CVE-2008-5731 (The PGPwded device driver (aka PGPwded.sys) in PGP Corporation
PGP ...)
+	TODO: check
+CVE-2008-5730 (Multiple CRLF injection vulnerabilities in AIST NetCat 3.12 and
...)
+	TODO: check
+CVE-2008-5729 (Multiple cross-site scripting (XSS) vulnerabilities in AIST
NetCat ...)
+	TODO: check
+CVE-2008-5728 (Multiple directory traversal vulnerabilities in AIST NetCat 3.12
and ...)
+	TODO: check
+CVE-2008-5727 (SQL injection vulnerability in
modules/auth/password_recovery.php in ...)
+	TODO: check
+CVE-2008-5726 (SQL injection vulnerability in thread.php in stormBoards 1.0.1
allows ...)
+	TODO: check
+CVE-2008-5725 (The NT kernel-mode driver (aka pstrip.sys) 5.0.1.1 and earlier
in ...)
+	TODO: check
+CVE-2008-5724 (The Personal Firewall driver (aka epfw.sys) 3.0.672.0 and
earlier in ...)
+	TODO: check
+CVE-2008-5723 (Directory traversal vulnerability in CGI RESCUE KanniBBS2000
(aka ...)
+	TODO: check
+CVE-2008-5722 (Buffer overflow in SAWStudio 3.9i allows user-assisted remote
...)
+	TODO: check
+CVE-2008-5721 (SapporoWorks BlackJumboDog (BJD) before 4.2.3 allows remote
attackers ...)
+	TODO: check
+CVE-2008-5720 (Cross-site scripting (XSS) vulnerability in Mayaa before 1.1.23
allows ...)
+	TODO: check
+CVE-2008-5719 (Cross-site scripting (XSS) vulnerability in Hitachi Groupmax Web
...)
+	TODO: check
+CVE-2008-5718 (The papd daemon in Netatalk before 2.0.4-beta2 allows remote
attackers ...)
+	TODO: check
+CVE-2008-5717 (Cross-site scripting (XSS) vulnerability in Hitachi
JP1/Integrated ...)
+	TODO: check
 CVE-2008-5716 (xend in Xen 3.3.0 does not properly restrict a guest
VM''s write access ...)
 	- xen-3 <not-affected> (Vulnerable code never entered Debian)
 	- xen-unstable <not-affected> (Vulnerable code never entered Debian)
@@ -55,7 +111,7 @@
 	NOT-FOR-US: Ipswitch WS_FTP Server Manager
 CVE-2008-5691 (Heap-based buffer overflow in the Phoenician Casino FlashAX
ActiveX ...)
 	NOT-FOR-US: Phoenician Casino FlashAX ActiveX
-CVE-2008-5690 (The Kerberos credential renewal feature in Solaris 8, 9, and 10,
and ...)
+CVE-2008-5690 (The Kerberos credential renewal feature in Sun Solaris 8, 9, and
10, ...)
 	NOT-FOR-US: Solaris
 CVE-2008-5689 (tun in IP Tunnel in Solaris 10 and OpenSolaris snv_01 through
snv_76 ...)
 	NOT-FOR-US: Solaris
@@ -556,8 +612,7 @@
 	- xulrunner 1.9.0.5-1
 CVE-2008-5499 (Unspecified vulnerability in Adobe Flash Player for Linux
10.0.12.36, ...)
 	NOT-FOR-US: Adobe Flash Player for Linux
-CVE-2008-5498 [segfault and potential security issue in php5''s bundled
libgd''s imagerotate]
-	RESERVED
+CVE-2008-5498 (Array index error in the imageRotate function in PHP 5.2.8 and
earlier ...)
 	- php5 <not-affected> (php5 links to the shared lib)
 	- libgd2 <not-affected> (code is specific to php''s libgd)
 	NOTE:
http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.1360&r2=1.2027.2.547.2.1361
@@ -908,7 +963,7 @@
 	TODO: check
 CVE-2008-5344 (Unspecified vulnerability in Java Web Start (JWS) and Java
Plug-in ...)
 	TODO: check
-CVE-2008-5343 (Unspecified vulnerability in Java Web Start (JWS) and Java
Plug-in ...)
+CVE-2008-5343 (Java Web Start (JWS) and Java Plug-in with Sun JDK and JRE 6
Update 10 ...)
 	TODO: check
 CVE-2008-5342 (Unspecified vulnerability in the BasicService for Java Web Start
(JWS) ...)
 	TODO: check
Secure testing commits - Dec 2008 - r10824 - data/CVE

[Secure-testing-commits] r10824 - data/CVE
