joeyh at alioth.debian.org
2009-Jan-27 21:14 UTC
[Secure-testing-commits] r11064 - data/CVE
Author: joeyh Date: 2009-01-27 21:14:19 +0000 (Tue, 27 Jan 2009) New Revision: 11064 Modified: data/CVE/list Log: automatic update Modified: data/CVE/list ==================================================================--- data/CVE/list 2009-01-27 19:07:35 UTC (rev 11063) +++ data/CVE/list 2009-01-27 21:14:19 UTC (rev 11064) @@ -1,53 +1,69 @@ +CVE-2009-0276 + RESERVED +CVE-2009-0274 + RESERVED +CVE-2009-0273 + RESERVED +CVE-2009-0272 + RESERVED +CVE-2009-0269 (fs/ecryptfs/inode.c in the eCryptfs subsystem in the Linux kernel ...) + TODO: check +CVE-2009-0265 (Internet Systems Consortium (ISC) BIND 9.6.0 and earlier does not ...) + TODO: check +CVE-2008-5968 (Directory traversal vulnerability in print.php in PHP iCalendar 2.24 ...) + TODO: check +CVE-2008-5967 (admin/index.php in PHP iCalendar 2.3.4, 2.24, and earlier does not ...) + TODO: check CVE-2009-XXXX [sudo: privilege escalation] - - sudo 1.6.9p17-2 (medium) - [etch] - sudo <not-affected> (Vulnerable code not present) -CVE-2009-0278 + - sudo 1.6.9p17-2 (medium) + [etch] - sudo <not-affected> (Vulnerable code not present) +CVE-2009-0278 (Sun Java System Application Server (AS) 8.1 and 8.2 allows remote ...) NOT-FOR-US: Sun Java System Application Server (AS) -CVE-2009-0277 +CVE-2009-0277 (Unspecified vulnerability in the kernel in OpenSolaris snv_100 through ...) NOT-FOR-US: OpenSolaris -CVE-2009-0275 +CVE-2009-0275 (Static code injection vulnerability in admin.php in Ryneezy phoSheezy ...) NOT-FOR-US: Ryneezy phoSheezy -CVE-2009-0271 +CVE-2009-0271 (Directory traversal vulnerability in the TFTP service in Fujitsu ...) NOT-FOR-US: Fujitsu SystemcastWizard Lite -CVE-2009-0270 +CVE-2009-0270 (Stack-based buffer overflow in PXEService.exe in Fujitsu ...) NOT-FOR-US: Fujitsu SystemcastWizard Lite -CVE-2009-0268 +CVE-2009-0268 (Race condition in the pseudo-terminal (aka pty) driver module in Sun ...) NOT-FOR-US: Sun Solaris -CVE-2009-0267 +CVE-2009-0267 (libike in Sun Solaris 9 and 10, and OpenSolaris before snv_100, does ...) NOT-FOR-US: Sun Solaris -CVE-2009-0266 +CVE-2009-0266 (Stack-based buffer overflow in Triologic Media Player 8.0.0.0 allows ...) NOT-FOR-US: Triologic Media Player -CVE-2009-0264 +CVE-2009-0264 (Buffer overflow in the Registry Setting Tool in Fujitsu ...) NOT-FOR-US: Fujitsu SystemcastWizard Lite -CVE-2008-5981 +CVE-2008-5981 (PacPoll 4.0 stores sensitive information under the web root with ...) NOT-FOR-US: PacPoll -CVE-2008-5980 +CVE-2008-5980 (Ocean12 Mailing List Manager Gold stores sensitive data under the web ...) NOT-FOR-US: Ocean12 Mailing List Manager Gold -CVE-2008-5979 +CVE-2008-5979 (Cross-site scripting (XSS) vulnerability in default.asp in Ocean12 ...) NOT-FOR-US: Ocean12 Mailing List Manager Gold -CVE-2008-5978 +CVE-2008-5978 (Multiple SQL injection vulnerabilities in Ocean12 Mailing List Manager ...) NOT-FOR-US: Ocean12 Mailing List Manager Gold -CVE-2008-5977 +CVE-2008-5977 (SQL injection vulnerability in siteadmin/forgot.php in PHP JOBWEBSITE ...) NOT-FOR-US: PHP JOBWEBSITE PRO -CVE-2008-5976 +CVE-2008-5976 (Multiple cross-site scripting (XSS) vulnerabilities in ...) NOT-FOR-US: PHP JOBWEBSITE PRO -CVE-2008-5975 +CVE-2008-5975 (SQL injection vulnerability in links.asp in Active Price Comparison ...) NOT-FOR-US: Active Price Comparison -CVE-2008-5974 +CVE-2008-5974 (Multiple SQL injection vulnerabilities in login.aspx in Active Price ...) NOT-FOR-US: Active Price Comparison -CVE-2008-5973 +CVE-2008-5973 (SQL injection vulnerability in login.aspx in Active Web Mail 4.0 ...) NOT-FOR-US: Active Web Mail -CVE-2008-5972 +CVE-2008-5972 (SQL injection vulnerability in default.asp in Active Business ...) NOT-FOR-US: Active Business Directory -CVE-2008-5971 +CVE-2008-5971 (Cross-site scripting (XSS) vulnerability in profile_social.php in ...) NOT-FOR-US: i-Net Solution Orkut Clone -CVE-2008-5970 +CVE-2008-5970 (SQL injection vulnerability in profile_social.php in i-Net Solution ...) NOT-FOR-US: i-Net Solution Orkut Clone -CVE-2008-5969 +CVE-2008-5969 (SQL injection vulnerability in popupproduct.php in Sunbyte e-Flower ...) NOT-FOR-US: Sunbyte e-Flower -CVE-2008-5966 +CVE-2008-5966 (globsy_edit.php in Globsy 1.0 and earlier allows remote attackers to ...) NOT-FOR-US: Globsy -CVE-2008-5965 +CVE-2008-5965 (Directory traversal vulnerability in index.php in LokiCMS 0.3.4 and ...) NOT-FOR-US: LokiCMS CVE-2009-0263 (Multiple buffer overflows in Winamp 5.541 and earlier allow remote ...) NOT-FOR-US: Winamp @@ -2285,7 +2301,7 @@ NOTE: fix for 1.7.5-3 incomplete, see #512122 CVE-2008-5261 RESERVED -CVE-2008-5260 +CVE-2008-5260 (Heap-based buffer overflow in the CamImage.CamImage.1 ActiveX control ...) NOT-FOR-US: ActiveX CVE-2008-5259 RESERVED