joeyh at alioth.debian.org
2009-Jan-05 21:14 UTC
[Secure-testing-commits] r10861 - data/CVE
Author: joeyh
Date: 2009-01-05 21:14:22 +0000 (Mon, 05 Jan 2009)
New Revision: 10861
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2009-01-05 20:36:09 UTC (rev 10860)
+++ data/CVE/list 2009-01-05 21:14:22 UTC (rev 10861)
@@ -1,3 +1,63 @@
+CVE-2008-5837
+ RESERVED
+CVE-2008-5836
+ RESERVED
+CVE-2008-5835
+ RESERVED
+CVE-2008-5834
+ RESERVED
+CVE-2008-5833
+ RESERVED
+CVE-2008-5832
+ RESERVED
+CVE-2008-5831
+ RESERVED
+CVE-2008-5830
+ RESERVED
+CVE-2008-5829
+ RESERVED
+CVE-2008-5828 (Microsoft Windows Live Messenger Client 8.5.1 and earlier, when
MSN ...)
+ TODO: check
+CVE-2008-5827 (The Nokia 6131 Near Field Communication (NFC) phone with 05.12
...)
+ TODO: check
+CVE-2008-5826 (The Nokia 6131 Near Field Communication (NFC) phone with 05.12
...)
+ TODO: check
+CVE-2008-5825 (The SmartPoster implementation on the Nokia 6131 Near Field ...)
+ TODO: check
+CVE-2008-5823 (An ActiveX control in prtstb06.dll in Microsoft Money 2006, when
used ...)
+ TODO: check
+CVE-2008-5822 (Memory leak in Libxul, as used in Mozilla Firefox 3.0.5 and
other ...)
+ TODO: check
+CVE-2008-5821 (Memory leak in WebKit.dll in WebKit, as used by Apple Safari 3.2
on ...)
+ TODO: check
+CVE-2008-5820 (SQL injection vulnerability in eDNews_view.php in eDreamers
eDNews 2 ...)
+ TODO: check
+CVE-2008-5819 (Directory traversal vulnerability in eDNews_archive.php in
eDreamers ...)
+ TODO: check
+CVE-2008-5818 (Directory traversal vulnerability in index.php in eDreamers ...)
+ TODO: check
+CVE-2008-5817 (Multiple SQL injection vulnerabilities in index.php in Web
Scribble ...)
+ TODO: check
+CVE-2008-5816 (SQL injection vulnerability in repository.php in ILIAS 3.7.4 and
...)
+ TODO: check
+CVE-2008-5815 (SQL injection vulnerability in Acomment.php in phpAlumni allows
remote ...)
+ TODO: check
+CVE-2008-5814 (Cross-site scripting (XSS) vulnerability in PHP, possibly 5.2.7
and ...)
+ TODO: check
+CVE-2008-5813 (SQL injection vulnerability in inc/rubriques.php in SPIP 1.8
before ...)
+ TODO: check
+CVE-2008-5812 (Multiple unspecified vulnerabilities in SPIP 1.8 before 1.8.3b,
1.9 ...)
+ TODO: check
+CVE-2008-5811 (SQL injection vulnerability in the PaxGallery (com_paxgallery)
...)
+ TODO: check
+CVE-2008-5810 (WBPublish (aka WBPublish.exe) in Fujitsu-Siemens WebTransactions
7.0, ...)
+ TODO: check
+CVE-2008-5809 (futomi CGI Cafe Access Analyzer CGI Standard 4.0.1 and earlier
and ...)
+ TODO: check
+CVE-2008-5808 (Cross-site scripting (XSS) vulnerability in Six Apart Movable
Type ...)
+ TODO: check
+CVE-2006-7236 (The default configuration of xterm on Debian GNU/Linux sid and
...)
+ TODO: check
CVE-2008-5807 (Multiple cross-site scripting (XSS) vulnerabilities in TestLink
before ...)
NOT-FOR-US: TestLink
CVE-2008-5806 (SQL injection vulnerability in login.php in DeltaScripts PHP
...)
@@ -124,7 +184,7 @@
NOT-FOR-US: Sun SNMP Management Agent
CVE-2008-5745 (Integer overflow in Microsoft Windows Media Player 9, 10, and 11
...)
NOT-FOR-US: Microsoft
-CVE-2008-5824 [buffer overflow in libaudiofile]
+CVE-2008-5824 (Heap-based buffer overflow in msadpcm.c in libaudiofile in
audiofile ...)
- audiofile <unfixed> (medium; bug #510205)
CVE-2008-5744 (Array index error in the dahdi/tor2.c driver in Zaptel (aka
DAHDI) ...)
- zaptel 1:1.4.11~dfsg-3 (bug #510583)
@@ -8171,9 +8231,8 @@
RESERVED
CVE-2008-2384
RESERVED
-CVE-2008-2383 [xterm code execution through DECRQSS escape sequence]
- RESERVED
- {DSA-1694-1}
+CVE-2008-2383 (CRLF injection vulnerability in xterm allows user-assisted
attackers ...)
+ {DSA-1694-1 DTSA-182-1}
- xterm <unfixed> (medium; bug #510030)
CVE-2008-2382 (The protocol_client_msg function in vnc.c in the VNC server in
(1) ...)
- qemu 0.9.1-9
@@ -8181,8 +8240,7 @@
- kvm 72+dfsg-4
- xen-unstable <not-affected> (Vulnerable code not present)
- xen-3 <not-affected> (Vulnerable code not present)
-CVE-2008-2381 [gforge sql injection in GroupJoinRequest.class.php]
- RESERVED
+CVE-2008-2381 (SQL injection vulnerability in the create function in ...)
- gforge 4.7~rc2-7
CVE-2008-2380 (SQL injection vulnerability in authpgsqllib.c in Courier-Authlib
...)
{DSA-1688-1 DTSA-180-1}