thr3ads.net - Secure testing commits - [Secure-testing-commits] r11033

If this information is useful, please help other people find it:
Share via:
joeyh at alioth.debian.org
2009-Jan-23 21:14 UTC
[Secure-testing-commits] r11033 - data/CVE

Author: joeyh
Date: 2009-01-23 21:14:11 +0000 (Fri, 23 Jan 2009)
New Revision: 11033

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2009-01-23 20:00:12 UTC (rev 11032)
+++ data/CVE/list	2009-01-23 21:14:11 UTC (rev 11033)
@@ -1,3 +1,23 @@
+CVE-2009-0259 (The Word processor in OpenOffice.org 1.1.2 through 1.1.5 allows
...)
+	TODO: check
+CVE-2009-0254 (Stack-based buffer overflow in easyHDR PRO 1.60.2 allows
user-assisted ...)
+	TODO: check
+CVE-2009-0253 (Mozilla Firefox 3.0.5 allows remote attackers to trick a user
into ...)
+	TODO: check
+CVE-2009-0252 (Multiple SQL injection vulnerabilities in default.asp in
Enthrallweb ...)
+	TODO: check
+CVE-2009-0251 (Static code injection vulnerability in admin.php in Ryneezy
phoSheezy ...)
+	TODO: check
+CVE-2009-0250 (Ryneezy phoSheezy 0.2 stores sensitive information under the web
root ...)
+	TODO: check
+CVE-2009-0249 (Katy Whitton RankEm stores sensitive information under the web
root ...)
+	TODO: check
+CVE-2009-0248 (Cross-site scripting (XSS) vulnerability in rankup.asp in Katy
Whitton ...)
+	TODO: check
+CVE-2009-0247 (The server for 53KF Web IM 2009 Home, Professional, and
Enterprise ...)
+	TODO: check
+CVE-2009-0246 (Stack-based buffer overflow in easyHDR PRO 1.60.2 allows
user-assisted ...)
+	TODO: check
 CVE-2009-XXXX [tor buffer overflow]
 	- tor 0.2.0.33-1
 CVE-2009-0245 (Cross-site scripting (XSS) vulnerability in Usagi Project MyNETS
...)
@@ -60,13 +80,13 @@
 	NOT-FOR-US: Cant Find A Gaming CMS
 CVE-2008-5921 (SQL injection vulnerability in albums.php in Umer Inc Songs
Portal ...)
 	NOT-FOR-US: Umer Inc Songs Portal
-CVE-2009-0255 [typo3: install tool]
+CVE-2009-0255 (The System extension Install tool in TYPO3 4.0.0 through 4.0.9,
4.1.0 ...)
 	- typo3-src 4.2.4-1
-CVE-2009-0256 [typo3: session fixation]
+CVE-2009-0256 (Session fixation vulnerability in the authentication library in
TYPO3 ...)
 	- typo3-src 4.2.4-1
-CVE-2009-0257 [typo3: XSS]
+CVE-2009-0257 (Multiple cross-site scripting (XSS) vulnerabilities in TYPO3
4.0.0 ...)
 	- typo3-src 4.2.4-1
-CVE-2009-0258 [typo3: serch index]
+CVE-2009-0258 (Unspecified vulnerability in the Indexed Search Engine ...)
 	- typo3-src 4.2.4-1
 CVE-2009-0242 (Ganglia 3.1.1 allows remote attackers to cause a denial of
service via ...)
 	- ganglia-monitor-core <not-affected> (Only affects 3.1.1 branch,
currently in experimental under different name)
@@ -568,8 +588,8 @@
 	RESERVED
 CVE-2009-0058
 	RESERVED
-CVE-2009-0057
-	RESERVED
+CVE-2009-0057 (The Certificate Authority Proxy Function (CAPF) service in Cisco
...)
+	TODO: check
 CVE-2009-0056 (Cross-site request forgery (CSRF) vulnerability in the
administration ...)
 	NOT-FOR-US: Cisco IronPort Encryption Appliance
 CVE-2009-0055 (Cross-site request forgery (CSRF) vulnerability in the
administration ...)
@@ -1268,8 +1288,8 @@
 	RESERVED
 CVE-2009-0009
 	RESERVED
-CVE-2009-0008
-	RESERVED
+CVE-2009-0008 (Unspecified vulnerability in Apple QuickTime MPEG-2 Playback
Component ...)
+	TODO: check
 CVE-2009-0007 (Heap-based buffer overflow in Apple QuickTime before 7.6 allows
remote ...)
 	TODO: check
 CVE-2009-0006 (Integer signedness error in Apple QuickTime before 7.6 allows
remote ...)
@@ -1425,10 +1445,10 @@
 	RESERVED
 CVE-2008-5518
 	RESERVED
-CVE-2008-5517 (The web interface in git (gitweb) 1.5.5 and other versions
allows ...)
+CVE-2008-5517 (The web interface in git (gitweb) 1.5.x before 1.5.5 allows
remote ...)
 	{DSA-1708-1}
 	- git-core 1:1.5.6.5-2 (low; bug #512330)
-CVE-2008-5516 (The web interface in git (gitweb) 1.5.6, and possibly other
versions, ...)
+CVE-2008-5516 (The web interface in git (gitweb) 1.5.x before 1.5.5 allows
remote ...)
 	{DSA-1708-1}
 	- git-core 1:1.5.6-1
 CVE-2008-5515
@@ -5627,8 +5647,8 @@
 	RESERVED
 CVE-2008-3821 (Multiple cross-site scripting (XSS) vulnerabilities in the HTTP
server ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2008-3820
-	RESERVED
+CVE-2008-3820 (Cisco Security Manager 3.1 and 3.2 before 3.2.2, when Cisco IPS
Event ...)
+	TODO: check
 CVE-2008-3819 (dnsserver in Cisco Application Control Engine Global Site
Selector ...)
 	NOT-FOR-US: Cisco Application Control Engine Global Site Selector (GSS)
 CVE-2008-3818 (Cisco ONS 15310-CL, 15310-MA, 15327, 15454, 15454 SDH, and 15600
with ...)
@@ -9081,8 +9101,7 @@
 	RESERVED
 CVE-2008-2385
 	RESERVED
-CVE-2008-2384 [mod-auth-mysq: SQL injection vulnerability]
-	RESERVED
+CVE-2008-2384 (SQL injection vulnerability in mod_auth_mysql.c in the
mod-auth-mysql ...)
 	- mod-auth-mysql 4.3.9-11 (medium)
 CVE-2008-2383 (CRLF injection vulnerability in xterm allows user-assisted
attackers ...)
 	{DSA-1694-1 DTSA-182-1}
Secure testing commits - Jan 2009 - r11033 - data/CVE

[Secure-testing-commits] r11033 - data/CVE
