Author: joeyh
Date: 2009-05-08 21:14:12 +0000 (Fri, 08 May 2009)
New Revision: 11845
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2009-05-08 17:28:16 UTC (rev 11844)
+++ data/CVE/list 2009-05-08 21:14:12 UTC (rev 11845)
@@ -1,3 +1,37 @@
+CVE-2009-1587 (index.php in PHP Site Lock 2.0 allows remote attackers to bypass
...)
+ TODO: check
+CVE-2009-1586 (Stack-based buffer overflow in the NZB importer feature in
GrabIt ...)
+ TODO: check
+CVE-2009-1585 (Multiple SQL injection vulnerabilities in TemaTres 1.031, when
...)
+ TODO: check
+CVE-2009-1584 (Multiple SQL injection vulnerabilities in TemaTres 1.0.3 and
1.031, ...)
+ TODO: check
+CVE-2009-1583 (Multiple cross-site scripting (XSS) vulnerabilities in TemaTres
1.0.3 ...)
+ TODO: check
+CVE-2009-1582 (Million Dollar Text Links 1.0 does not properly restrict
administrator ...)
+ TODO: check
+CVE-2008-6802 (Multiple SQL injection vulnerabilities in index.php in
phPhotoGallery ...)
+ TODO: check
+CVE-2008-6801 (Cross-site request forgery (CSRF) vulnerability in Vivvo CMS
before ...)
+ TODO: check
+CVE-2008-6800 (Race condition in the winbind daemon (aka winbindd) in Samba
before ...)
+ TODO: check
+CVE-2008-6799 (connection.php in FlashChat 5.0.8 allows remote attackers to
bypass ...)
+ TODO: check
+CVE-2008-6798 (Multiple SQL injection vulnerabilities in login.php in Pre
Projects ...)
+ TODO: check
+CVE-2008-6797 (The server in Mitel NuPoint Messenger R11 and R3 sends usernames
and ...)
+ TODO: check
+CVE-2008-6796 (SQL injection vulnerability in manager/login.php in Pre Projects
Pre ...)
+ TODO: check
+CVE-2008-6795 (SQL injection vulnerability in view_news.php in nicLOR ...)
+ TODO: check
+CVE-2008-6794 (SQL injection vulnerability in directory.php in Scripts For
Sites ...)
+ TODO: check
+CVE-2008-6793 (The get_file_type function in lib/file_content.php in DFLabs PTK
0.1, ...)
+ TODO: check
+CVE-2008-6792 (system-tools-backends before 2.6.0-1ubuntu1.1 in Ubuntu 8.10, as
used ...)
+ TODO: check
CVE-2009-XXXX [opensc: insecure due to wrong public exponent]
- opensc 0.11.8 (high; bug #527640)
CVE-2009-1581
@@ -8,12 +42,14 @@
RESERVED
CVE-2009-1578
RESERVED
-CVE-2009-1577
- RESERVED
+CVE-2009-1577 (Multiple stack-based buffer overflows in the putstring function
in ...)
+ TODO: check
CVE-2009-1576 (Unspecified vulnerability in Drupal 5.x before 5.17 and 6.x
before ...)
+ {DSA-1792-1}
- drupal6 6.11-1 (bug #526378)
- drupal5 5.17-1
CVE-2009-1575 (Cross-site scripting (XSS) vulnerability in Drupal 5.x before
5.17 and ...)
+ {DSA-1792-1}
- drupal6 6.11-1 (bug #526378)
- drupal5 5.17-1
CVE-2009-1574 (racoon/isakmp_frag.c in ipsec-tools before 0.7.2 allows remote
...)
@@ -404,10 +440,10 @@
NOT-FOR-US: WebPortal CMS
CVE-2009-1443 (Multiple unspecified vulnerabilities in the Server component in
OCS ...)
NOT-FOR-US: OCS Inventory NG
-CVE-2009-1442
- RESERVED
-CVE-2009-1441
- RESERVED
+CVE-2009-1442 (Multiple integer overflows in Skia, as used in Google Chrome 1.x
...)
+ TODO: check
+CVE-2009-1441 (Heap-based buffer overflow in the
ParamTraits<SkBitmap>::Read function ...)
+ TODO: check
CVE-2009-1439 (Buffer overflow in fs/cifs/connect.c in CIFS in the Linux kernel
...)
{DSA-1794-1 DSA-1787-1}
- linux-2.6 <unfixed>