Author: joeyh
Date: 2009-08-27 09:14:15 +0000 (Thu, 27 Aug 2009)
New Revision: 12693
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2009-08-27 07:44:24 UTC (rev 12692)
+++ data/CVE/list 2009-08-27 09:14:15 UTC (rev 12693)
@@ -379,15 +379,15 @@
CVE-2009-2855 (The strListGetItem function in src/HttpHeaderTools.c in Squid
2.7 ...)
- squid <unfixed> (low; bug #534982)
CVE-2009-2854 (Wordpress before 2.8.3 does not check capabilities for certain
...)
- {DSA-1871-1}
+ {DSA-1871-2 DSA-1871-1}
- wordpress 2.8.3-1
CVE-2009-2853 (Wordpress before 2.8.3 allows remote attackers to gain
privileges via ...)
- {DSA-1871-1}
+ {DSA-1871-2 DSA-1871-1}
- wordpress 2.8.3-1
CVE-2009-2852 (WP-Syntax plugin 0.9.1 and earlier for Wordpress, with ...)
NOT-FOR-US: WP-Syntax plugin
CVE-2009-2851 (Cross-site scripting (XSS) vulnerability in the administrator
...)
- {DSA-1871-1}
+ {DSA-1871-2 DSA-1871-1}
- wordpress 2.8.3-1 (low)
CVE-2009-2850 (Multiple buffer overflows in NASA Common Data Format (CDF) allow
...)
NOT-FOR-US: NASA Common Data Format
@@ -2072,7 +2072,7 @@
- wordpress 2.8.3-1 (unimportant; bug #536724)
NOTE: Minor information leak
CVE-2009-2334 (wp-admin/admin.php in WordPress and WordPress MU before 2.8.1
does not ...)
- {DSA-1871-1}
+ {DSA-1871-2 DSA-1871-1}
- wordpress 2.8.3-1 (low; bug #536724)
CVE-2009-2333 (Multiple directory traversal vulnerabilities in CMS Chainuk 1.2
and ...)
NOT-FOR-US: CMS Chainuk
@@ -4469,7 +4469,7 @@
CVE-2009-1450 (PHP remote file inclusion vulnerability in format.php in SMA-DB
0.3.12 ...)
NOT-FOR-US: SMA-DB
CVE-2008-6767 (wp-admin/upgrade.php in WordPress, probably 2.6.x, allows remote
...)
- {DSA-1871-1}
+ {DSA-1871-2 DSA-1871-1}
- wordpress 2.8.3-1 (low; bug #531736)
NOTE: low impact, probably no-dsa
CVE-2008-6766 (cart_save.php in ViArt Shop (aka Shopping Cart) 3.5 allows
remote ...)
@@ -4481,7 +4481,7 @@
CVE-2008-6763 (login2.php in Silentum LoginSys 1.0.0 allows remote attackers to
...)
NOT-FOR-US: Silentum LoginSys
CVE-2008-6762 (Open redirect vulnerability in wp-admin/upgrade.php in
WordPress, ...)
- {DSA-1871-1}
+ {DSA-1871-2 DSA-1871-1}
- wordpress 2.8.3-1 (low; bug #531736)
NOTE: low impact, probably no-dsa
CVE-2008-6761 (Static code injection vulnerability in admin/install.php in ...)
@@ -12314,7 +12314,7 @@
CVE-2008-XXXX [yzis insecure temp file]
- yzis 1.0~alpha1-2 (bug #504680)
CVE-2008-5113 (WordPress 2.6.3 relies on the REQUEST superglobal array in
certain ...)
- {DSA-1871-1}
+ {DSA-1871-2 DSA-1871-1}
- wordpress 2.5.1-10 (bug #504771)
CVE-2008-4990 (Enomaly Elastic Computing Platform (ECP), formerly Enomalism,
before ...)
NOT-FOR-US: Enomalism
@@ -12695,7 +12695,7 @@
CVE-2008-4797 (Directory traversal vulnerability in Arihiro Kurata Kantan WEB
Server ...)
NOT-FOR-US: Arihiro Kurata Kantan WEB Server
CVE-2008-4796 (The _httpsrequest function (Snoopy/Snoopy.class.php) in Snoopy
1.2.3 ...)
- {DSA-1871-1 DSA-1691-1}
+ {DSA-1871-2 DSA-1871-1 DSA-1691-1}
- libphp-snoopy 1.2.4-1 (bug #504168; medium)
- ampache 3.4.1-2 (bug #504169)
- mahara 1.0.5-2 (bug #504170)
@@ -12768,7 +12768,7 @@
- ekg 1:1.8~rc0-1 (low)
TODO: check other embedding packages
CVE-2008-4769 (Directory traversal vulnerability in the get_category_template
...)
- {DSA-1871-1}
+ {DSA-1871-2 DSA-1871-1}
- wordpress 2.5.1-1
CVE-2008-4768 (SQL injection vulnerability in TLM CMS 3.1 allows remote
attackers to ...)
NOT-FOR-US: TLM CMS
@@ -14332,7 +14332,7 @@
NOTE: the rand() and mt_rand() functions were never said to be
cryptographically strong
NOTE: http://www.math.sci.hiroshima-u.ac.jp/~m-mat/MT/efaq.html
CVE-2008-4106 (WordPress before 2.6.2 does not properly handle MySQL warnings
about ...)
- {DSA-1871-1}
+ {DSA-1871-2 DSA-1871-1}
- wordpress 2.5.1-8 (bug #500115)
CVE-2008-4105 (JRequest in Joomla! 1.5 before 1.5.7 does not sanitize variables
that ...)
NOT-FOR-US: Joomla
@@ -20899,7 +20899,7 @@
- serendipity 1.3-1
NOTE:
http://blog.s9y.org/archives/192-Serendipity-1.3-released-addresses-security.html
CVE-2008-1502 (The _bad_protocol_once function in
phpgwapi/inc/class.kses.inc.php in ...)
- {DSA-1871-1 DSA-1691-1}
+ {DSA-1871-2 DSA-1871-1 DSA-1691-1}
- egroupware 1.4.002.dfsg-2.1 (bug #471839)
- wordpress 2.5.0-1 (bug #504243)
- moodle 1.8.2-1.3 (bug #489533)