Author: joeyh Date: 2009-09-10 21:14:14 +0000 (Thu, 10 Sep 2009) New Revision: 12784 Modified: data/CVE/list Log: automatic update Modified: data/CVE/list ==================================================================--- data/CVE/list 2009-09-10 15:55:54 UTC (rev 12783) +++ data/CVE/list 2009-09-10 21:14:14 UTC (rev 12784) @@ -1,3 +1,71 @@ +CVE-2009-3125 + RESERVED +CVE-2009-3124 (Directory traversal vulnerability in get_message.cgi in QuarkMail ...) + TODO: check +CVE-2009-3123 (Directory traversal vulnerability in gallery/gallery.php in Wap-Motor ...) + TODO: check +CVE-2009-3122 (The Ajax Table module 5.x for Drupal does not perform access control, ...) + TODO: check +CVE-2009-3121 (Cross-site scripting (XSS) vulnerability in the Ajax Table module 5.x ...) + TODO: check +CVE-2009-3120 (Cross-site scripting (XSS) vulnerability in public/index.php in BIGACE ...) + TODO: check +CVE-2009-3119 (SQL injection vulnerability in screen.php in the Download System mSF ...) + TODO: check +CVE-2009-3118 (SQL injection vulnerability in mod/poll/comment.php in the vote module ...) + TODO: check +CVE-2009-3117 (SQL injection vulnerability in category.php in Snow Hall Silurus ...) + TODO: check +CVE-2009-3116 (SQL injection vulnerability in index.php in Uiga Church Portal allows ...) + TODO: check +CVE-2009-3115 (SolarWinds TFTP Server 9.2.0.111 and earlier allows remote attackers ...) + TODO: check +CVE-2009-3114 (The RSS reader widget in IBM Lotus Notes 8.5 saves items from an RSS ...) + TODO: check +CVE-2009-3113 (Unspecified vulnerability in OXID eShop Professional, Enterprise, and ...) + TODO: check +CVE-2009-3112 (Unspecified vulnerability in OXID eShop Professional, Enterprise, and ...) + TODO: check +CVE-2009-3111 (The rad_decode function in FreeRADIUS before 1.1.8 allows remote ...) + TODO: check +CVE-2008-7202 (Multiple cross-site scripting (XSS) vulnerabilities in OpenWebMail ...) + TODO: check +CVE-2008-7201 (Lantronix MSS485-T allows remote attackers to cause a denial of ...) + TODO: check +CVE-2008-7200 (Double free vulnerability in Deliantra server engine before 2.4 has ...) + TODO: check +CVE-2008-7199 (Phoenix Contact FL IL 24 BK-PAC allows remote attackers to cause a ...) + TODO: check +CVE-2008-7198 (Multiple unspecified vulnerabilities in phpns before 2.1.1beta1 have ...) + TODO: check +CVE-2008-7197 (Multiple unspecified vulnerabilities in G15Daemon before 1.9.4 have ...) + TODO: check +CVE-2008-7196 (Unspecified vulnerability in metashell before 0.03 has unknown impact ...) + TODO: check +CVE-2008-7195 (Unspecified vulnerability in Fujitsu Interstage HTTP Server, as used ...) + TODO: check +CVE-2008-7194 (Unspecified vulnerability in Fujitsu Interstage HTTP Server, as used ...) + TODO: check +CVE-2008-7193 (PHPKIT 1.6.4 PL1 includes the session ID in the URL, which allows ...) + TODO: check +CVE-2008-7192 (Cross-site request forgery (CSRF) vulnerability in index.php in ...) + TODO: check +CVE-2008-7191 (Unspecified vulnerability in Polipo before 1.0.4 allows remote ...) + TODO: check +CVE-2008-7190 (Unspecified vulnerability in Adium before 1.2 has unknown impact and ...) + TODO: check +CVE-2008-7189 (Multiple unspecified vulnerabilities in Local Media Browser before 0.1 ...) + TODO: check +CVE-2008-7188 (ClipShare 2.6 does not properly restrict access to certain ...) + TODO: check +CVE-2008-7187 (Coppermine Photo Gallery (CPG) 1.4.14 allows remote attackers to ...) + TODO: check +CVE-2008-7186 (Coppermine Photo Gallery (CPG) 1.4.14 does not restrict access to ...) + TODO: check +CVE-2007-6730 (Multiple cross-site request forgery (CSRF) vulnerabilities in the web ...) + TODO: check +CVE-2007-6729 (Cross-site scripting (XSS) vulnerability in the web management ...) + TODO: check CVE-2009-3110 (Race condition in the file transfer functionality in Symantec Altiris ...) NOT-FOR-US: Symantec Altiris Deployment Solution CVE-2009-3109 (Unspecified vulnerability in the AClient agent in Symantec Altiris ...) @@ -2889,8 +2957,8 @@ NOT-FOR-US: Sun Java System Access Manager CVE-2009-2267 RESERVED -CVE-2009-2266 - RESERVED +CVE-2009-2266 (OXID eShop 4.x before 4.1.4-21266, 3.x, and 2.x allows remote ...) + TODO: check CVE-2009-2281 [Heap-based buffer underflow in the readPostBody function in cgiutil.c ...] RESERVED - mapserver 5.4.2-1 (medium; bug #535340) @@ -3073,8 +3141,8 @@ RESERVED CVE-2009-2206 RESERVED -CVE-2009-2205 - RESERVED +CVE-2009-2205 (Stack-based buffer overflow in the Java Web Start command launcher in ...) + TODO: check CVE-2009-2204 (Unspecified vulnerability in the CoreTelephony component in Apple ...) NOT-FOR-US: Apple iPhone OS CVE-2009-2203