thr3ads.net - Secure testing commits - [Secure-testing-commits] r13123

If this information is useful, please help other people find it:
Share via:
Joey Hess
2009-Oct-28 21:14 UTC
[Secure-testing-commits] r13123 - data/CVE

Author: joeyh
Date: 2009-10-28 21:14:19 +0000 (Wed, 28 Oct 2009)
New Revision: 13123

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2009-10-28 20:24:59 UTC (rev 13122)
+++ data/CVE/list	2009-10-28 21:14:19 UTC (rev 13123)
@@ -1,3 +1,53 @@
+CVE-2009-3825 (Multiple directory traversal vulnerabilities in GenCMS 2006
allow ...)
+	TODO: check
+CVE-2009-3824 (Directory traversal vulnerability in include/processor.php in
...)
+	TODO: check
+CVE-2009-3823 (Directory traversal vulnerability in myhtml.php in Mobilelib
GOLD 3.0, ...)
+	TODO: check
+CVE-2009-3822 (PHP remote file inclusion vulnerability in Fiji Web Design Ajax
Chat ...)
+	TODO: check
+CVE-2009-3821 (Cross-site scripting (XSS) vulnerability in the Apache Solr
Search ...)
+	TODO: check
+CVE-2009-3820 (SQL injection vulnerability in the Flagbit Filebase
(fb_filebase) ...)
+	TODO: check
+CVE-2009-3819 (Unspecified vulnerability in the Random Images
(maag_randomimage) ...)
+	TODO: check
+CVE-2009-3818 (Unspecified vulnerability in the session handling feature in
freeCap ...)
+	TODO: check
+CVE-2009-3817 (PHP remote file inclusion vulnerability in doc/releasenote.php
in the ...)
+	TODO: check
+CVE-2009-3816 (Multiple cross-site scripting (XSS) vulnerabilities in
Activities ...)
+	TODO: check
+CVE-2009-3815 (RunCMS 2M1, when running with certain error_reporting levels,
allows ...)
+	TODO: check
+CVE-2009-3814 (Static code injection vulnerability in RunCMS 2M1 allows remote
...)
+	TODO: check
+CVE-2009-3813 (Multiple SQL injection vulnerabilities in RunCMS 2M1 allow
remote ...)
+	TODO: check
+CVE-2009-3812 (Heap-based buffer overflow in OtsAV DJ trial version 1.85.64.0,
Radio ...)
+	TODO: check
+CVE-2009-3811 (Stack-based buffer overflow in Music Tag Editor 1.61 build 212
allows ...)
+	TODO: check
+CVE-2009-3810 (Heap-based buffer overflow in Acoustica MP3 Audio Mixer 2.471
allows ...)
+	TODO: check
+CVE-2009-3809 (Acoustica MP3 Audio Mixer 1.0 and possibly 2.471 allows remote
...)
+	TODO: check
+CVE-2009-3808 (MixSense DJ Studio 1.0.0.1 allows remote attackers to cause a
denial ...)
+	TODO: check
+CVE-2009-3807 (Stack-based buffer overflow in MixVibes 7.043 Pro allows remote
...)
+	TODO: check
+CVE-2009-3806 (SQL injection vulnerability in feedback_js.php in DedeCMS 5.1
allows ...)
+	TODO: check
+CVE-2009-3805 (gpg2.exe in Gpg4win 2.0.1, as used in KDE Kleopatra 2.0.11,
allows ...)
+	TODO: check
+CVE-2009-3804 (Multiple SQL injection vulnerabilities in modules/forum/post.php
in ...)
+	TODO: check
+CVE-2009-3803 (Multiple cross-site scripting (XSS) vulnerabilities in Amiro.CMS
...)
+	TODO: check
+CVE-2009-3802 (Amiro.CMS 5.4.0.0 and earlier allows remote attackers to obtain
...)
+	TODO: check
+CVE-2009-3801 (SQL injection vulnerability in index.php in OpenDocMan 1.2.5
allows ...)
+	TODO: check
 CVE-2009-XXXX [eglibc: ldd arbitrary code execution]
 	- eglibc <unfixed> (low; bug #552518)
 	- glibc <removed> (low; bug #552518)
@@ -205,6 +255,7 @@
 	RESERVED
 CVE-2009-3720 [expat: dos]
 	RESERVED
+	{DSA-1921-1}
 	- expat <unfixed> (medium; bug #551936)
 	- w3c-libwww <unfixed> (low; bug #551938)
 	[etch] - w3c-libwww <no-dsa> (Minor issue, only used by fringe apps)
@@ -1235,7 +1286,7 @@
 CVE-2009-3297
 	RESERVED
 CVE-2009-3296 (Multiple integer overflows in tiffread.c in CamlImages 2.2 might
allow ...)
-	{DSA-1912-1}
+	{DSA-1912-2 DSA-1912-1}
 	- camlimages <unfixed> (low)
 	- advi 1.6.0-14+b1 (low; bug #551282)
 CVE-2009-3295
@@ -3652,7 +3703,7 @@
 	{DSA-1899-1}
 	- strongswan 4.3.2-1.1 (bug #540144)
 CVE-2009-2660 (Multiple integer overflows in CamlImages 2.2 might allow ...)
-	{DSA-1912-1 DSA-1857-1}
+	{DSA-1912-2 DSA-1912-1 DSA-1857-1}
 	- camlimages 1:3.0.1-3 (low; bug #540146)
 	- advi 1.6.0-14+b1 (low; bug #551282)
 CVE-2009-2657 (nilfs-utils before 2.0.14 installs multiple programs with
unnecessary ...)
@@ -4700,7 +4751,7 @@
 CVE-2009-2296 (The NFSv4 server kernel module in Sun Solaris 10, and
OpenSolaris ...)
 	NOT-FOR-US: kernel module in Sun Solaris
 CVE-2009-2295 (Multiple integer overflows in CamlImages 2.2 and earlier might
allow ...)
-	{DSA-1832-1}
+	{DSA-1912-2 DSA-1832-1}
 	- camlimages 1:3.0.1-2 (low; bug #535909)
 	- advi 1.6.0-14+b1 (low; bug #550440)
 CVE-2009-2294 (Integer overflow in the Png_datainfo_callback function in Dillo
2.1 ...)
Secure testing commits - Oct 2009 - r13123 - data/CVE

[Secure-testing-commits] r13123 - data/CVE
