Author: joeyh
Date: 2009-08-25 21:14:28 +0000 (Tue, 25 Aug 2009)
New Revision: 12682
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2009-08-25 20:23:44 UTC (rev 12681)
+++ data/CVE/list 2009-08-25 21:14:28 UTC (rev 12682)
@@ -1,3 +1,81 @@
+CVE-2009-2958
+ RESERVED
+CVE-2009-2957
+ RESERVED
+CVE-2009-2956 (The (1) Net.Commerce and (2) Net.Data components in IBM
WebSphere ...)
+ TODO: check
+CVE-2009-2955 (Google Chrome 1.0.154.48 and earlier allows remote attackers to
cause ...)
+ TODO: check
+CVE-2009-2954 (Microsoft Internet Explorer 6.0.2900.2180 and earlier allows
remote ...)
+ TODO: check
+CVE-2009-2953 (Mozilla Firefox 3.0.6 through 3.0.13, and 3.5.x, allows remote
...)
+ TODO: check
+CVE-2009-2952 (Unspecified vulnerability in the pollwakeup function in Sun
Solaris ...)
+ TODO: check
+CVE-2009-2951 (Phenotype CMS before 2.9 does not use a random salt value for
password ...)
+ TODO: check
+CVE-2008-7083 (Multiple SQL injection vulnerabilities in ReVou Micro Blogging
Twitter ...)
+ TODO: check
+CVE-2008-7082 (MyBB (aka MyBulletinBoard) 1.4.3 includes the sensitive
my_post_key ...)
+ TODO: check
+CVE-2008-7081 (userHandler.cgi in RaidSonic ICY BOX NAS firmware
2.3.2.IB.2.RS.1 ...)
+ TODO: check
+CVE-2008-7080 (Team PHP PHP Classifieds Script stores sensitive information
under the ...)
+ TODO: check
+CVE-2008-7079 (Buffer overflow in Nero ShowTime 5.0.15.0 allows remote
attackers to ...)
+ TODO: check
+CVE-2008-7078 (Multiple buffer overflows in Rumpus before 6.0.1 allow remote
...)
+ TODO: check
+CVE-2008-7077 (Multiple SQL injection vulnerabilities in SailPlanner 0.3a allow
...)
+ TODO: check
+CVE-2008-7076 (Unrestricted file upload vulnerability in
user.modify.profile.php in ...)
+ TODO: check
+CVE-2008-7075 (Multiple SQL injection vulnerabilities in Kalptaru Infotech Ltd.
Star ...)
+ TODO: check
+CVE-2008-7074 (Format string vulnerability in MemeCode Software i.Scribe 1.88
through ...)
+ TODO: check
+CVE-2008-7073 (PHP remote file inclusion vulnerability in lib/action/rss.php in
RSS ...)
+ TODO: check
+CVE-2008-7072 (Cross-site scripting (XSS) vulnerability in index.php in
Chipmunk ...)
+ TODO: check
+CVE-2008-7071 (SQL injection vulnerability in authenticate.php in Chipmunk
Topsites ...)
+ TODO: check
+CVE-2008-7070 (Argument injection vulnerability in the URI handler in KVIrc
3.4.2 ...)
+ TODO: check
+CVE-2008-7069 (All Club CMS (ACCMS) 0.0.2 and earlier stores sensitive
information ...)
+ TODO: check
+CVE-2008-7068 (The dba_replace function in PHP 5.2.6 and 4.x allows
context-dependent ...)
+ TODO: check
+CVE-2008-7067 (PHP remote file inclusion vulnerability in ...)
+ TODO: check
+CVE-2008-7066 (OpenForum 0.66 Beta allows remote attackers to bypass
authentication ...)
+ TODO: check
+CVE-2008-7065 (Siemens C450 IP and C475 IP VoIP devices allow remote attackers
to ...)
+ TODO: check
+CVE-2008-7064 (Directory traversal vulnerability in the get_lang function in
...)
+ TODO: check
+CVE-2008-7063 (Ocean12 FAQ Manager Pro stores sensitive data under the web root
with ...)
+ TODO: check
+CVE-2008-7062 (Unrestricted file upload vulnerability in admin/index.php in
Download ...)
+ TODO: check
+CVE-2008-7061 (The tooltip manager (chrome/views/tooltip_manager.cc) in Google
Chrome ...)
+ TODO: check
+CVE-2008-7060 (Multiple cross-site scripting (XSS) vulnerabilities in One-News
Beta 2 ...)
+ TODO: check
+CVE-2008-7059 (SQL injection vulnerability in index.php in One-News Beta 2
allows ...)
+ TODO: check
+CVE-2008-7058 (Cross-site request forgery (CSRF) vulnerability in BandSite CMS
1.1.4 ...)
+ TODO: check
+CVE-2008-7057 (Cross-site scripting (XSS) vulnerability in merchandise.php in
...)
+ TODO: check
+CVE-2008-7056 (BandSite CMS 1.1.4 does not perform access control for ...)
+ TODO: check
+CVE-2008-7055 (module.php in ezContents 2.0.3 allows remote attackers to bypass
the ...)
+ TODO: check
+CVE-2008-7054 (Multiple directory traversal vulnerabilities in ezContents 2.0.3
allow ...)
+ TODO: check
+CVE-2008-7053 (LogMeIn Remote Access Utility ActiveX control (RACtrl.dll)
allows ...)
+ TODO: check
CVE-2009-2950
RESERVED
CVE-2009-2949
@@ -1115,7 +1193,7 @@
NOT-FOR-US: XOOPS
CVE-2009-XXXX [poppler: buffer overflow in abiword backend]
- poppler <unfixed> (low; bug #534680)
-CVE-2009-2408 (Mozilla Firefox before 3.5 and NSS before 3.12.3 do not properly
...)
+CVE-2009-2408 (Mozilla Network Security Services (NSS) before 3.12.3, Firefox
before ...)
- openssl <unfixed> (medium; bug #539449)
- openssl097 <removed>
- xulrunner <unfixed> (medium)
@@ -1196,7 +1274,7 @@
RESERVED
CVE-2009-2628
RESERVED
-CVE-2009-2627 (The Acer LunchApp (aka AcerCtrls.APlunch) ActiveX control in
...)
+CVE-2009-2627 (Insecure method vulnerability in the Acer LunchApp (aka ...)
NOT-FOR-US: Acer LunchApp
CVE-2009-2626
RESERVED
@@ -3133,7 +3211,7 @@
CVE-2009-1893 (The configtest function in the Red Hat dhcpd init script for
DHCP ...)
NOT-FOR-US: Red Hat dhcpd init script for DHCP
CVE-2009-1892 (dhcpd in ISC DHCP 3.0.4 and 3.1.1, when the
dhcp-client-identifier and ...)
- {DSA-1833-1}
+ {DSA-1833-2 DSA-1833-1}
- dhcp3 <unfixed> (low; bug #539492)
[etch] - dhcp3 <not-affected> (problematic assert is not present)
CVE-2009-1891 (The mod_deflate module in Apache httpd 2.2.11 and earlier
compresses ...)
@@ -3560,7 +3638,7 @@
NOT-FOR-US: CoreTypes in Apple Mac OS X
CVE-2009-1726 (Heap-based buffer overflow in ColorSync in Apple Mac OS X
10.4.11 and ...)
NOT-FOR-US: ColorSync in Apple Mac OS X
-CVE-2009-1725 (WebKit in Apple Safari before 4.0.2 does not properly handle
numeric ...)
+CVE-2009-1725 (WebKit in Apple Safari before 4.0.2, KHTML in kdelibs in KDE,
QtWebKit ...)
- webkit <unfixed> (medium; bug #538346)
- qt4-x11 4:4.5.2-2 (medium; bug #538347)
- kdelibs <not-affected> (medium; bug #538350)
@@ -7361,7 +7439,7 @@
CVE-2009-0693
RESERVED
CVE-2009-0692 (Stack-based buffer overflow in the script_write_params method in
...)
- {DSA-1833-1}
+ {DSA-1833-2 DSA-1833-1}
- dhcp3 3.1.2p1-1 (medium)
NOTE: dhcp in etch is not affected.
CVE-2009-0691 (The Foxit JPEG2000/JBIG2 Decoder add-on before 2.0.2009.616 for
Foxit ...)