Author: joeyh Date: 2009-05-13 21:14:14 +0000 (Wed, 13 May 2009) New Revision: 11894 Modified: data/CVE/list Log: automatic update Modified: data/CVE/list ==================================================================--- data/CVE/list 2009-05-13 20:54:50 UTC (rev 11893) +++ data/CVE/list 2009-05-13 21:14:14 UTC (rev 11894) @@ -1,3 +1,33 @@ +CVE-2009-1628 + RESERVED +CVE-2009-1627 (Stack-based buffer overflow in Streaming Download Project (SDP) ...) + TODO: check +CVE-2009-1626 (SQL injection vulnerability in public/specific.php in EZ-Blog before ...) + TODO: check +CVE-2009-1625 (Directory traversal vulnerability in index.php in Thickbox Gallery 2 ...) + TODO: check +CVE-2009-1624 (Directory traversal vulnerability in index.php in Dew-NewPHPLinks 2.0 ...) + TODO: check +CVE-2009-1623 (Cross-site scripting (XSS) vulnerability in index.php in ...) + TODO: check +CVE-2009-1622 (SQL injection vulnerability in user.php in EcShop 2.5.0 allows remote ...) + TODO: check +CVE-2009-1621 (Directory traversal vulnerability in index.php in OpenCart 1.1.8 ...) + TODO: check +CVE-2009-1620 (Multiple cross-site scripting (XSS) vulnerabilities in input.php in ...) + TODO: check +CVE-2009-1619 (Teraway FileStream 1.0 allows remote attackers to bypass ...) + TODO: check +CVE-2009-1618 (Teraway LiveHelp 2.0 allows remote attackers to bypass authentication ...) + TODO: check +CVE-2009-1617 (Teraway LinkTracker 1.0 allows remote attackers to bypass ...) + TODO: check +CVE-2008-6808 (SQL injection vulnerability in links.php in Scripts for Sites (SFS) EZ ...) + TODO: check +CVE-2008-6807 (PHP remote file inclusion vulnerability in ListRecords.php in osprey ...) + TODO: check +CVE-2008-6806 (Unrestricted file upload vulnerability in includes/imageupload.php in ...) + TODO: check CVE-2009-1616 (Cross-site scripting (XSS) vulnerability in docs/showdoc.php in ...) NOT-FOR-US: Coppermine Photo Gallery CVE-2009-1615 (Unrestricted file upload vulnerability in Leap CMS 0.1.4 allows remote ...) @@ -1727,8 +1757,8 @@ RESERVED CVE-2009-1138 RESERVED -CVE-2009-1137 - RESERVED +CVE-2009-1137 (Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3 allows ...) + TODO: check CVE-2009-1136 RESERVED CVE-2009-1135 @@ -1739,14 +1769,14 @@ RESERVED CVE-2009-1132 RESERVED -CVE-2009-1131 - RESERVED -CVE-2009-1130 - RESERVED -CVE-2009-1129 - RESERVED -CVE-2009-1128 - RESERVED +CVE-2009-1131 (Multiple stack-based buffer overflows in Microsoft Office PowerPoint ...) + TODO: check +CVE-2009-1130 (Heap-based buffer overflow in Microsoft Office PowerPoint 2002 SP3 and ...) + TODO: check +CVE-2009-1129 (Multiple stack-based buffer overflows in the PowerPoint 95 importer ...) + TODO: check +CVE-2009-1128 (Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3 allows ...) + TODO: check CVE-2009-1127 RESERVED CVE-2009-1126 @@ -4000,7 +4030,7 @@ RESERVED CVE-2009-0557 RESERVED -CVE-2009-0556 (Unspecified vulnerability in Microsoft Office PowerPoint 2000 SP3, ...) +CVE-2009-0556 (Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3, and ...) NOT-FOR-US: Microsoft Office CVE-2009-0555 RESERVED @@ -5285,22 +5315,22 @@ RESERVED CVE-2009-0228 RESERVED -CVE-2009-0227 - RESERVED -CVE-2009-0226 - RESERVED -CVE-2009-0225 - RESERVED -CVE-2009-0224 - RESERVED -CVE-2009-0223 - RESERVED -CVE-2009-0222 - RESERVED -CVE-2009-0221 - RESERVED -CVE-2009-0220 - RESERVED +CVE-2009-0227 (Stack-based buffer overflow in the PowerPoint 4.2 conversion filter ...) + TODO: check +CVE-2009-0226 (Stack-based buffer overflow in the PowerPoint 4.2 conversion filter in ...) + TODO: check +CVE-2009-0225 (Microsoft Office PowerPoint 2002 SP3 allows remote attackers to ...) + TODO: check +CVE-2009-0224 (Microsoft Office PowerPoint 2000 SP3, 2002 SP3, 2003 SP3, and 2007 SP1 ...) + TODO: check +CVE-2009-0223 (Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3 allows ...) + TODO: check +CVE-2009-0222 (Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3 allows ...) + TODO: check +CVE-2009-0221 (Integer overflow in Microsoft Office PowerPoint 2002 SP3 and 2003 SP3 ...) + TODO: check +CVE-2009-0220 (Multiple stack-based buffer overflows in the PowerPoint 4.0 importer ...) + TODO: check CVE-2009-0219 (The PDF distiller in the Attachment Service in Research in Motion ...) NOT-FOR-US: BlackBerry CVE-2009-0218 (Insecure method vulnerability in Particle Software IntraLaunch ...) @@ -30681,7 +30711,7 @@ NOT-FOR-US: NewzCrawler CVE-2007-2721 (The jpc_qcx_getcompparms function in jpc/jpc_cs.c for the JasPer ...) - jasper <unfixed> (medium; bug #413033) - NOTE: Jasper was initially fixed in 1.900.1-3, but the fix got dropped later, see #528543 + NOTE: Jasper was initially fixed in 1.900.1-3, but the fix got dropped later, see #528543 - ghostscript 8.61.dfsg.1~svn8187-1.1 (medium; bug #447188) NOTE: see http://ghostscript.com/pipermail/gs-cvs/2007-October/007877.html CVE-2007-2720 (Group-Office before 2.16-13 does not properly validate user IDs, which ...)