thr3ads.net - Secure testing commits - [Secure-testing-commits] r11183

If this information is useful, please help other people find it:
Share via:
joeyh at alioth.debian.org
2009-Feb-10 21:14 UTC
[Secure-testing-commits] r11183 - data/CVE

Author: joeyh
Date: 2009-02-10 21:14:12 +0000 (Tue, 10 Feb 2009)
New Revision: 11183

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2009-02-10 21:11:27 UTC (rev 11182)
+++ data/CVE/list	2009-02-10 21:14:12 UTC (rev 11183)
@@ -1,4 +1,60 @@
-CVE-2009-0489 [insecure dbus policy in wicd]
+CVE-2009-0502 (Cross-site scripting (XSS) vulnerability in
blocks/html/block_html.php ...)
+	TODO: check
+CVE-2009-0501 (Unspecified vulnerability in the Calendar export feature in
Moodle 1.8 ...)
+	TODO: check
+CVE-2009-0500 (Cross-site scripting (XSS) vulnerability in course/lib.php in
Moodle ...)
+	TODO: check
+CVE-2009-0499 (Cross-site request forgery (CSRF) vulnerability in the forum
code in ...)
+	TODO: check
+CVE-2009-0498 (Virtual GuestBook (vgbook) 2.1 stores sensitive information
under the ...)
+	TODO: check
+CVE-2009-0497 (Directory traversal vulnerability in log.jsp in Ignite Realtime
...)
+	TODO: check
+CVE-2009-0496 (Multiple cross-site scripting (XSS) vulnerabilities in Ignite
Realtime ...)
+	TODO: check
+CVE-2009-0495 (PHP remote file inclusion vulnerability in include/define.php in
...)
+	TODO: check
+CVE-2009-0494 (SQL injection vulnerability in the Portfol (com_portfol) 1.2
component ...)
+	TODO: check
+CVE-2009-0493 (SQL injection vulnerability in login.php in IT!CMS 2.1a and
earlier ...)
+	TODO: check
+CVE-2009-0492 (Unspecified vulnerability in SimpleIrcBot before 1.0 Stable has
...)
+	TODO: check
+CVE-2009-0491 (Stack-based buffer overflow in Elecard MPEG Player 5.5 build
...)
+	TODO: check
+CVE-2009-0488 (Cross-site scripting (XSS) vulnerability in Phorum before 5.2.10
...)
+	TODO: check
+CVE-2009-0486 (Bugzilla 3.2.1, 3.0.7, and 3.3.2, when running under mod_perl,
calls ...)
+	TODO: check
+CVE-2009-0485 (Cross-site request forgery (CSRF) vulnerability in Bugzilla 2.17
to ...)
+	TODO: check
+CVE-2009-0484 (Cross-site request forgery (CSRF) vulnerability in Bugzilla 3.0
before ...)
+	TODO: check
+CVE-2009-0483 (Cross-site request forgery (CSRF) vulnerability in Bugzilla 2.22
...)
+	TODO: check
+CVE-2009-0482 (Cross-site request forgery (CSRF) vulnerability in Bugzilla
before 3.2 ...)
+	TODO: check
+CVE-2009-0481 (Bugzilla 2.x before 2.22.7, 3.0 before 3.0.7, 3.2 before 3.2.1,
and ...)
+	TODO: check
+CVE-2009-0480 (The IP implementation in Sun Solaris 8 through 10, and
OpenSolaris ...)
+	TODO: check
+CVE-2008-6098 (Bugzilla 3.2 before 3.2 RC2, 3.0 before 3.0.6, 2.22 before
2.22.6, ...)
+	TODO: check
+CVE-2008-6097 (Multiple cross-site scripting (XSS) vulnerabilities in WikyBlog
before ...)
+	TODO: check
+CVE-2008-6096 (Cross-site scripting (XSS) vulnerability in Juniper NetScreen
ScreenOS ...)
+	TODO: check
+CVE-2008-6095 (Cross-site scripting (XSS) vulnerability in surveillanceView.htm
in ...)
+	TODO: check
+CVE-2008-6094 (Cross-site scripting (XSS) vulnerability in user.do in Celoxis
...)
+	TODO: check
+CVE-2008-6093 (SQL injection vulnerability in index.php in Noname CMS 1.0, when
...)
+	TODO: check
+CVE-2008-6092 (phpscripts Ranking Script allows remote attackers to bypass ...)
+	TODO: check
+CVE-2008-6091 (SQL injection vulnerability in plugins.php in BMForum 5.6, when
...)
+	TODO: check
+CVE-2009-0489 (The DBus configuration file for Wicd before 1.5.9 allows
arbitrary ...)
 	- wicd 1.5.9-1
 CVE-2009-XXXX [typo3 information disclosure & xss]
 	- typo3-src 4.2.6-1 (medium; bug #514713)
@@ -420,7 +476,7 @@
 	NOT-FOR-US: QuidaScript BookMarks Favourites Script
 CVE-2008-6006 (Multiple PHP remote file inclusion vulnerabilities in
Micronation ...)
 	NOT-FOR-US: Micronation Banking System
-CVE-2009-0487 [mahara: XSS in forum posts]
+CVE-2009-0487 (Cross-site scripting (XSS) vulnerability in Mahara before 1.0.9
allows ...)
 	- mahara 1.0.9-1 (low)
 	[lenny] - mahara 1.0.4-4
 CVE-2009-0478 (Squid 2.7 to 2.7.STABLE5, 3.0 to 3.0.STABLE12, and 3.1 to
3.1.0.4 ...)
@@ -436,7 +492,8 @@
 	- bugzilla <unfixed> (bug #514143)
 CVE-2009-XXXX [glpi sql injection]
 	- glpi 0.71.5-1 (bug #513611)
-CVE-2009-0490 [buffer overflow]
+CVE-2009-0490 (Stack-based buffer overflow in the
String_parse::get_nonspace_quoted ...)
+	{DTSA-192-1}
 	- audacity 1.3.6-1 (bug #514138)
 	NOTE: http://www.milw0rm.com/exploits/7634
 	NOTE: https://bugs.gentoo.org/show_bug.cgi?id=253493
Secure testing commits - Feb 2009 - r11183 - data/CVE

[Secure-testing-commits] r11183 - data/CVE
