Secure testing commits - Oct 2009 - r13106 - data/CVE

Author: joeyh
Date: 2009-10-27 21:14:20 +0000 (Tue, 27 Oct 2009)
New Revision: 13106

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2009-10-27 19:07:10 UTC (rev 13105)
+++ data/CVE/list	2009-10-27 21:14:20 UTC (rev 13106)
@@ -1,3 +1,49 @@
+CVE-2009-3800
+	RESERVED
+CVE-2009-3799
+	RESERVED
+CVE-2009-3798
+	RESERVED
+CVE-2009-3797
+	RESERVED
+CVE-2009-3796
+	RESERVED
+CVE-2009-3795
+	RESERVED
+CVE-2009-3794
+	RESERVED
+CVE-2009-3793
+	RESERVED
+CVE-2009-3792
+	RESERVED
+CVE-2009-3791
+	RESERVED
+CVE-2009-3790 (Heap-based buffer overflow in FormMax (formerly AcroForm)
evaluation ...)
+	TODO: check
+CVE-2009-3789 (Multiple cross-site scripting (XSS) vulnerabilities in
OpenDocMan ...)
+	TODO: check
+CVE-2009-3788 (SQL injection vulnerability in index.php in OpenDocMan 1.2.5
allows ...)
+	TODO: check
+CVE-2009-3787 (files.php in Vivvo CMS 4.1.5.1 allows remote attackers to
conduct ...)
+	TODO: check
+CVE-2009-3786 (Cross-site scripting (XSS) vulnerability in Organic Groups (OG)
...)
+	TODO: check
+CVE-2009-3785 (Multiple cross-site request forgery (CSRF) vulnerabilities in
...)
+	TODO: check
+CVE-2009-3784 (Open redirect vulnerability in Simplenews Statistics 6.x before
...)
+	TODO: check
+CVE-2009-3783 (Cross-site scripting (XSS) vulnerability in Simplenews
Statistics 6.x ...)
+	TODO: check
+CVE-2009-3782 (Unspecified vulnerability in Userpoints 6.x before 6.x-1.1, a
module ...)
+	TODO: check
+CVE-2009-3781 (The filefield_file_download function in FileField 6.x-3.1, a
module ...)
+	TODO: check
+CVE-2009-3780 (Cross-site scripting (XSS) vulnerability in Abuse 5.x before
5.x-2.1 ...)
+	TODO: check
+CVE-2009-3779 (Cross-site scripting (XSS) vulnerability in vCard 5.x before
5.x-1.4 ...)
+	TODO: check
+CVE-2009-3778 (SQL injection vulnerability in Moodle Course List 6.x before
6.x-1.2, ...)
+	TODO: check
 CVE-2009-XXXX [python-markdown Script Insertion Vulnerabilities]
 	- python-markdown <unfixed>
 	TODO: check
@@ -357,8 +403,8 @@
 	- perl <unfixed> (bug #552291)
 	[lenny] - perl <not-affected> (Vulnerable code not present)
 	[etch] - perl <not-affected> (Vulnerable code not present)
-CVE-2009-3625
-	RESERVED
+CVE-2009-3625 (Directory traversal vulnerability in www/index.php in Sahana
0.6.2.2 ...)
+	TODO: check
 CVE-2009-3624 [linux-2.6: keyring issue]
 	RESERVED
 	- linux-2.6 <unfixed> (low)
@@ -409,8 +455,7 @@
 	- linux-2.6 <unfixed> (low)
 	- linux-2.6.24 <removed> (low)
 	NOTE: fixed in 2.6.32-rc5
-CVE-2009-3611 [backintime information disclosure]
-	RESERVED
+CVE-2009-3611 (common/snapshots.py in Back In Time (aka backintime) 0.9.26
changes ...)
 	- backintime 0.9.26-3 (bug #543785)
 CVE-2009-3609 (Integer overflow in the ImageStream::ImageStream function in
Stream.cc ...)
 	- xpdf <unfixed> (medium; bug #551287)