thr3ads.net - Secure testing commits - [Secure-testing-commits] r12723

If this information is useful, please help other people find it:
Share via:
Joey Hess
2009-Aug-31 21:14 UTC
[Secure-testing-commits] r12723 - data/CVE

Author: joeyh
Date: 2009-08-31 21:14:22 +0000 (Mon, 31 Aug 2009)
New Revision: 12723

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2009-08-31 19:04:48 UTC (rev 12722)
+++ data/CVE/list	2009-08-31 21:14:22 UTC (rev 12723)
@@ -1,3 +1,73 @@
+CVE-2009-3009
+	RESERVED
+CVE-2009-3008 (K-Meleon 1.5.3 allows context-dependent attackers to spoof the
address ...)
+	TODO: check
+CVE-2009-3007 (Mozilla Firefox 3.5.1 and SeaMonkey 1.1.17, and Flock 2.5.1,
allow ...)
+	TODO: check
+CVE-2009-3006 (Maxthon Browser 2.5.3.80 UNICODE allows remote attackers to
spoof the ...)
+	TODO: check
+CVE-2009-3005 (Lunascape 5.1.3 and 5.1.4 allows remote attackers to spoof the
address ...)
+	TODO: check
+CVE-2009-3004 (Avant Browser 11.7 Builds 35 and 36 allows remote attackers to
spoof ...)
+	TODO: check
+CVE-2009-3003 (Microsoft Internet Explorer 6 through 8 allows remote attackers
to ...)
+	TODO: check
+CVE-2009-3002 (The Linux kernel before 2.6.31-rc7 does not initialize certain
data ...)
+	TODO: check
+CVE-2009-3001 (The llc_ui_getname function in net/llc/af_llc.c in the Linux
kernel ...)
+	TODO: check
+CVE-2009-3000 (The sockfs module in the kernel in Sun Solaris 10 and
OpenSolaris ...)
+	TODO: check
+CVE-2008-7131 (Unspecified vulnerability in DB2 Monitoring Console 2.2.4 and
earlier ...)
+	TODO: check
+CVE-2008-7130 (Unspecified vulnerability in DB2 Monitoring Console 2.2.4 and
earlier ...)
+	TODO: check
+CVE-2008-7129 (XySSL before 0.9 allows remote attackers to cause a denial of
service ...)
+	TODO: check
+CVE-2008-7128 (The ssl_parse_client_key_exchange function in XySSL before 0.9
does ...)
+	TODO: check
+CVE-2008-7127 (osagent.exe in Borland VisiBroker Smart Agent 08.00.00.C1.03 and
...)
+	TODO: check
+CVE-2008-7126 (Integer overflow in osagent.exe in Borland VisiBroker Smart
Agent ...)
+	TODO: check
+CVE-2008-7125 (pphoto in Ariadne before 2.6 allows remote authenticated users
with ...)
+	TODO: check
+CVE-2008-7124 (zKup CMS 2.0 through 2.3 does not require administrative ...)
+	TODO: check
+CVE-2008-7123 (Static code injection vulnerability in ...)
+	TODO: check
+CVE-2008-7122 (Multiple insecure method vulnerabilities in an ActiveX control
in ...)
+	TODO: check
+CVE-2008-7121 (Cross-site scripting (XSS) vulnerability in Mr. CGI Guy Hot
Links ...)
+	TODO: check
+CVE-2008-7120 (SQL injection vulnerability in Mr. CGI Guy Hot Links SQL-PHP 3
and ...)
+	TODO: check
+CVE-2008-7119 (SQL injection vulnerability in item.php in WeBid auction script
0.5.4 ...)
+	TODO: check
+CVE-2008-7118 (WeBid auction script 0.5.4 stores sensitive information under
the web ...)
+	TODO: check
+CVE-2008-7117 (eledicss.php in WeBid auction script 0.5.4 allows remote
attackers to ...)
+	TODO: check
+CVE-2008-7116 (SQL injection vulnerability in the admin panel (admin/) in WeBid
...)
+	TODO: check
+CVE-2008-7115 (The web interface to the Belkin Wireless G router and ADSL2
modem ...)
+	TODO: check
+CVE-2008-7114 (SQL injection vulnerability in members_search.php in iFusion
Services ...)
+	TODO: check
+CVE-2008-7113 (The Scanner File Utility (aka listener) in Kyocera Mita (KM)
3.3.0.1 ...)
+	TODO: check
+CVE-2008-7112 (The Scanner File Utility (aka listener) in Kyocera Mita (KM)
3.3.0.1 ...)
+	TODO: check
+CVE-2008-7111 (The Scanner File Utility (aka listener) in Kyocera Mita (KM)
3.3.0.1 ...)
+	TODO: check
+CVE-2008-7110 (Directory traversal vulnerability in the Scanner File Utility
(aka ...)
+	TODO: check
+CVE-2008-7109 (The Scanner File Utility (aka listener) in Kyocera Mita (KM)
3.3.0.1 ...)
+	TODO: check
+CVE-2008-7108 (Multiple cross-site scripting (XSS) vulnerabilities in Carmosa
phpCart ...)
+	TODO: check
+CVE-2008-7107 (easdrv.sys in ESET Smart Security 3.0.667.0 allows local users
to ...)
+	TODO: check
 CVE-2009-XXXX [multiple security issues in silc-toolkit]
 	- silc-toolkit <unfixed> (medium)
 	[etch] - silc-toolkit <not-affected> (Vulnerable code not present)
@@ -225,6 +295,7 @@
 	RESERVED
 CVE-2009-2944 [ikiwiki: insufficient blacklist in teximg module]
 	RESERVED
+	{DSA-1875-1}
 	- ikiwiki 3.1415926
 CVE-2009-2943
 	RESERVED
@@ -1173,8 +1244,8 @@
 	RESERVED
 CVE-2009-2696
 	RESERVED
-CVE-2009-2695
-	RESERVED
+CVE-2009-2695 (The Linux kernel before 2.6.31-rc7 does not properly prevent
mmap ...)
+	TODO: check
 CVE-2009-2694 (The msn_slplink_process_msg function in ...)
 	{DSA-1870-1}
 	- pidgin 2.5.9-1 (medium; bug #542486)
@@ -1955,7 +2026,7 @@
 	NOT-FOR-US: Online Guestbook Pro
 CVE-2009-2447 (Multiple cross-site scripting (XSS) vulnerabilities in
ogp_show.php in ...)
 	NOT-FOR-US: Online Guestbook Pro
-CVE-2009-2445 (Sun Java System Web Server (aka Sun ONE Web Server) 6.1, 6.1
SP10, 6.1 ...)
+CVE-2009-2445 (Sun Java System Web Server (aka Sun ONE Web Server) 6.1 before
SP12, ...)
 	NOT-FOR-US: Sun ONE Web Server
 CVE-2009-2444 (Directory traversal vulnerability in
maillinglist/setup/step1.php.inc ...)
 	NOT-FOR-US: ADbNewsSender
Secure testing commits - Aug 2009 - r12723 - data/CVE

[Secure-testing-commits] r12723 - data/CVE
