Secure testing commits - Jul 2009 - r12309 - data/CVE

Author: joeyh
Date: 2009-07-08 21:14:28 +0000 (Wed, 08 Jul 2009)
New Revision: 12309

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2009-07-08 00:16:35 UTC (rev 12308)
+++ data/CVE/list	2009-07-08 21:14:28 UTC (rev 12309)
@@ -1,3 +1,61 @@
+CVE-2009-2359 (Multiple SQL injection vulnerabilities in TekRADIUS 3.0 allow
...)
+	TODO: check
+CVE-2009-2358 (TekRADIUS 3.0 uses BUILTIN\Users:R permissions for the
TekRADIUS.ini ...)
+	TODO: check
+CVE-2009-2357 (The default configuration of TekRADIUS 3.0 uses the sa account
to ...)
+	TODO: check
+CVE-2009-2356 (Multiple stack-based buffer overflows in the pgsqlQuery function
in ...)
+	TODO: check
+CVE-2009-2355 (The forum module in NullLogic Groupware 1.2.7 allows remote ...)
+	TODO: check
+CVE-2009-2354 (SQL injection vulnerability in the auth_checkpass function in
the ...)
+	TODO: check
+CVE-2009-2353 (encoder.php in eAccelerator allows remote attackers to execute
...)
+	TODO: check
+CVE-2009-2352 (Google Chrome 1.0.154.48 and earlier does not block javascript:
URIs ...)
+	TODO: check
+CVE-2009-2351 (Opera 9.52 and earlier does not block javascript: URIs in
Refresh ...)
+	TODO: check
+CVE-2009-2350 (Microsoft Internet Explorer 6.0.2900.2180 and earlier does not
block ...)
+	TODO: check
+CVE-2009-2349
+	RESERVED
+CVE-2009-2348
+	RESERVED
+CVE-2009-2347
+	RESERVED
+CVE-2009-2346
+	RESERVED
+CVE-2009-2345 (Multiple SQL injection vulnerabilities in ClanSphere before
2009.0.1 ...)
+	TODO: check
+CVE-2009-2344 (The web-based management interfaces in Sourcefire Defense Center
(DC) ...)
+	TODO: check
+CVE-2009-2343 (Cross-site scripting (XSS) vulnerability in people.php in Zoph
before ...)
+	TODO: check
+CVE-2009-2342 (Cross-site scripting (XSS) vulnerability in admin.php (aka the
login ...)
+	TODO: check
+CVE-2009-2341 (SQL injection vulnerability in albumdetail.php in Opial 1.0
allows ...)
+	TODO: check
+CVE-2009-2340 (SQL injection vulnerability in admin/index.php in Opial 1.0
allows ...)
+	TODO: check
+CVE-2009-2339 (SQL injection vulnerability in index.php in Rentventory allows
remote ...)
+	TODO: check
+CVE-2009-2338 (Directory traversal vulnerability in
includes/startmodules.inc.php in ...)
+	TODO: check
+CVE-2009-2337 (SQL injection vulnerability in
includes/module/book/index.inc.php in ...)
+	TODO: check
+CVE-2008-6853 (SQL injection vulnerability in modules/poll/index.php in AIST
NetCat ...)
+	TODO: check
+CVE-2008-6852 (SQL injection vulnerability in the Ice Gallery (com_ice)
component 0.5 ...)
+	TODO: check
+CVE-2008-6851 (SQL injection vulnerability in page.php in PHP Link Directory
(phpLD) ...)
+	TODO: check
+CVE-2008-6850 (Cross-site scripting (XSS) vulnerability in messages.php in
PHP-Fusion ...)
+	TODO: check
+CVE-2008-6849 (Unrestricted file upload vulnerability in index.php in
phpGreetCards ...)
+	TODO: check
+CVE-2008-6848 (Cross-site scripting (XSS) vulnerability in index.php in
phpGreetCards ...)
+	TODO: check
 CVE-2009-2336
 	RESERVED
 CVE-2009-2335
@@ -22788,8 +22846,8 @@
 	RESERVED
 CVE-2008-0021
 	RESERVED
-CVE-2008-0020
-	RESERVED
+CVE-2008-0020 (Unspecified vulnerability in the Microsoft Video ActiveX control
in ...)
+	TODO: check
 CVE-2008-0019
 	RESERVED
 CVE-2008-0018
@@ -22806,8 +22864,8 @@
 	- iceweasel 3.0
 	- iceape 1.1.12-1
 	- icedove 2.0.0.17-1
-CVE-2008-0015
-	RESERVED
+CVE-2008-0015 (Stack-based buffer overflow in MPEG2TuneRequest in the Microsoft
Video ...)
+	TODO: check
 CVE-2008-0014 (Heap-based buffer overflow in an unspecified procedure in Trend
Micro ...)
 	NOT-FOR-US: Trend Micro
 CVE-2008-0013 (Heap-based buffer overflow in an unspecified procedure in Trend
Micro ...)