Author: joeyh
Date: 2009-02-26 09:14:13 +0000 (Thu, 26 Feb 2009)
New Revision: 11272
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-02-26 09:09:18 UTC (rev 11271)
+++ data/CVE/list 2009-02-26 09:14:13 UTC (rev 11272)
@@ -1,3 +1,342 @@
+CVE-2009-0741 (SQL injection vulnerability in Login.asp in Craft Silicon
bank...@home ...)
+ TODO: check
+CVE-2009-0740 (SQL injection vulnerability in login.php in BlueBird Prelease
allows ...)
+ TODO: check
+CVE-2009-0739 (SQL injection vulnerability in login.php in MyNews 0.10 allows
remote ...)
+ TODO: check
+CVE-2009-0738 (SQL injection vulnerability in login.php in Auth Php 1.0 allows
remote ...)
+ TODO: check
+CVE-2009-0737 (Multiple cross-site scripting (XSS) vulnerabilities in the
web-based ...)
+ TODO: check
+CVE-2009-0736 (Cross-site scripting (XSS) vulnerability in Pebble before 2.3.2
allows ...)
+ TODO: check
+CVE-2009-0735 (Directory traversal vulnerability in
lib/classes/message_class.php in ...)
+ TODO: check
+CVE-2009-0734 (Heap-based buffer overflow in MultimediaPlayer.exe 6.86.240.7
in Nokia ...)
+ TODO: check
+CVE-2009-0733
+ RESERVED
+CVE-2009-0732 (Downloadcenter 2.1 stores common.h under the web root with ...)
+ TODO: check
+CVE-2009-0731 (Directory traversal vulnerability in pages/play.php in Free
Arcade ...)
+ TODO: check
+CVE-2009-0730 (Multiple SQL injection vulnerabilities in the GigCalendar
(com_gigcal) ...)
+ TODO: check
+CVE-2009-0729 (Multiple directory traversal vulnerabilities in Page Engine CMS
2.0 ...)
+ TODO: check
+CVE-2009-0728 (SQL injection vulnerability in the My_eGallery module for
MAXdev MDPro ...)
+ TODO: check
+CVE-2009-0727 (SQL injection vulnerability in jobdetails.php in taifajobs 1.0
and ...)
+ TODO: check
+CVE-2009-0726 (SQL injection vulnerability in the GigCalendar (com_gigcal)
component ...)
+ TODO: check
+CVE-2009-0725
+ RESERVED
+CVE-2009-0724
+ RESERVED
+CVE-2009-0723
+ RESERVED
+CVE-2009-0722 (Directory traversal vulnerability in admin.php in Potato News
1.0.0 ...)
+ TODO: check
+CVE-2009-0721
+ RESERVED
+CVE-2009-0720
+ RESERVED
+CVE-2009-0719
+ RESERVED
+CVE-2009-0718
+ RESERVED
+CVE-2009-0717
+ RESERVED
+CVE-2009-0716
+ RESERVED
+CVE-2009-0715
+ RESERVED
+CVE-2009-0714
+ RESERVED
+CVE-2009-0713
+ RESERVED
+CVE-2009-0712
+ RESERVED
+CVE-2009-0711 (filter.php in PHPFootball 1.6 and earlier allows remote
attackers to ...)
+ TODO: check
+CVE-2009-0710 (Multiple cross-site scripting (XSS) vulnerabilities in
PHPFootball 1.6 ...)
+ TODO: check
+CVE-2009-0709 (SQL injection vulnerability in login.php in PHPFootball 1.6
allows ...)
+ TODO: check
+CVE-2009-0708 (Multiple cross-site request forgery (CSRF) vulnerabilities in
...)
+ TODO: check
+CVE-2009-0707 (SQL injection vulnerability in admin/index.php in PowerClan
1.14a ...)
+ TODO: check
+CVE-2009-0706 (SQL injection vulnerability in the Simple Review
(com_simple_review) ...)
+ TODO: check
+CVE-2009-0705 (SQL injection vulnerability in news.php in PowerScripts
PowerNews ...)
+ TODO: check
+CVE-2009-0704 (SQL injection vulnerability in search.php in WSN Guest 1.23
allows ...)
+ TODO: check
+CVE-2009-0703 (SQL injection vulnerability in bview.asp in ASPThai.Net
Webboard 6.0 ...)
+ TODO: check
+CVE-2009-0702 (SQL injection vulnerability in the Phoca Documentation ...)
+ TODO: check
+CVE-2009-0701 (Multiple PHP remote file inclusion vulnerabilities in index.php
in ...)
+ TODO: check
+CVE-2009-0700 (Plunet BusinessManager 4.1 and earlier allows remote
authenticated ...)
+ TODO: check
+CVE-2009-0699 (Cross-site scripting (XSS) vulnerability in ...)
+ TODO: check
+CVE-2009-0698 (Integer overflow in the 4xm demuxer (demuxers/demux_4xm.c) in
xine-lib ...)
+ TODO: check
+CVE-2009-0697
+ RESERVED
+CVE-2009-0696
+ RESERVED
+CVE-2009-0695
+ RESERVED
+CVE-2009-0694
+ RESERVED
+CVE-2009-0693
+ RESERVED
+CVE-2009-0692
+ RESERVED
+CVE-2009-0691
+ RESERVED
+CVE-2009-0690
+ RESERVED
+CVE-2009-0689
+ RESERVED
+CVE-2009-0688
+ RESERVED
+CVE-2009-0687
+ RESERVED
+CVE-2009-0686
+ RESERVED
+CVE-2009-0685
+ RESERVED
+CVE-2009-0684
+ RESERVED
+CVE-2009-0683
+ RESERVED
+CVE-2009-0682
+ RESERVED
+CVE-2009-0681
+ RESERVED
+CVE-2009-0680 (cgi-bin/welcome/VPN_only in the web interface in Netgear SSL312
allows ...)
+ TODO: check
+CVE-2009-0679 (Cross-site scripting (XSS) vulnerability in the Your Account
module in ...)
+ TODO: check
+CVE-2009-0678 (images/captcha.php in RavenNuke 2.30 allows remote attackers to
obtain ...)
+ TODO: check
+CVE-2009-0677 (avatarlist.php in the Your Account module, reached through ...)
+ TODO: check
+CVE-2009-0676 (The sock_getsockopt function in net/core/sock.c in the Linux
kernel ...)
+ TODO: check
+CVE-2009-0675 (The skfp_ioctl function in drivers/net/skfp/skfddi.c in the
Linux ...)
+ TODO: check
+CVE-2009-0674 (images/captcha.php in Raven Web Services RavenNuke 2.30, when
...)
+ TODO: check
+CVE-2009-0673 (Eval injection vulnerability in the Custom Fields feature in
the Your ...)
+ TODO: check
+CVE-2009-0672 (SQL injection vulnerability in the Resend_Email module in Raven
Web ...)
+ TODO: check
+CVE-2009-0671
+ REJECTED
+ TODO: check
+CVE-2009-0670
+ RESERVED
+CVE-2009-0669
+ RESERVED
+CVE-2009-0668
+ RESERVED
+CVE-2009-0667
+ RESERVED
+CVE-2009-0666
+ RESERVED
+CVE-2009-0665
+ RESERVED
+CVE-2009-0664
+ RESERVED
+CVE-2009-0663
+ RESERVED
+CVE-2009-0662
+ RESERVED
+CVE-2009-0661
+ RESERVED
+CVE-2009-0660
+ RESERVED
+CVE-2009-0659 (Stack-based buffer overflow in the GetStatsFromLine function in
TPTEST ...)
+ TODO: check
+CVE-2009-0658 (Buffer overflow in Adobe Reader 9.0 and earlier and Acrobat 9.0
and ...)
+ TODO: check
+CVE-2009-0657 (Toshiba Face Recognition 2.0.2.32 allows physically proximate
...)
+ TODO: check
+CVE-2009-0656 (Asus SmartLogon 1.0.0005 allows physically proximate attackers
to ...)
+ TODO: check
+CVE-2009-0655 (Lenovo Veriface III allows physically proximate attackers to
login to ...)
+ TODO: check
+CVE-2009-0654 (Tor 0.2.0.28, and probably 0.2.0.34 and earlier, allows remote
...)
+ TODO: check
+CVE-2009-0653 (OpenSSL, probably 0.9.6, does not verify the Basic Constraints
for an ...)
+ TODO: check
+CVE-2009-0652 (Mozilla Firefox 3.0.6 does not properly prevent the literal
rendering ...)
+ TODO: check
+CVE-2009-0651 (Unspecified vulnerability in the Veritas network daemon (aka
vnetd) in ...)
+ TODO: check
+CVE-2009-0650 (Stack-based buffer overflow in the GetStatsFromLine function in
TPTEST ...)
+ TODO: check
+CVE-2009-0649 (The web browser in Symbian OS on the Nokia N95 cell phone
allows ...)
+ TODO: check
+CVE-2008-6288 (Directory traversal vulnerability in download.php in Interface
Medien ...)
+ TODO: check
+CVE-2008-6287 (Multiple PHP remote file inclusion vulnerabilities in Broadcast
...)
+ TODO: check
+CVE-2008-6286 (Multiple SQL injection vulnerabilities in SubscriberStart.asp
in ...)
+ TODO: check
+CVE-2008-6285 (SQL injection vulnerability in index.php in PHP TV Portal 2.0
and ...)
+ TODO: check
+CVE-2008-6284 (SQL injection vulnerability in edit.php in Z1Exchange 1.0
allows ...)
+ TODO: check
+CVE-2008-6283 (Cross-site scripting (XSS) vulnerability in Subtext 2.0 allows
remote ...)
+ TODO: check
+CVE-2008-6282 (SQL injection vulnerability in engine/users/users_edit_pub.inc
in CMS ...)
+ TODO: check
+CVE-2008-6281 (SQL injection vulnerability in index.php in Bluo CMS 1.2 allows
remote ...)
+ TODO: check
+CVE-2008-6280 (Cross-site scripting (XSS) vulnerability in apply.cgi on the
Linksys ...)
+ TODO: check
+CVE-2008-6279 (RakhiSoftware Price Comparison Script (aka Shopping Cart)
allows ...)
+ TODO: check
+CVE-2008-6278 (Multiple cross-site scripting (XSS) vulnerabilities in
product.php in ...)
+ TODO: check
+CVE-2008-6277 (SQL injection vulnerability in product.php in RakhiSoftware
Price ...)
+ TODO: check
+CVE-2008-6276 (Multiple SQL injection vulnerabilities in the User Karma module
5.x ...)
+ TODO: check
+CVE-2008-6275 (Cross-site scripting (XSS) vulnerability in the User Karma
module 5.x ...)
+ TODO: check
+CVE-2008-6274 (Multiple SQL injection vulnerabilities in index.php in
FamilyProject ...)
+ TODO: check
+CVE-2008-6273 (Directory traversal vulnerability in configuration_script.php
in ...)
+ TODO: check
+CVE-2008-6272 (SQL injection vulnerability in admin/index.php in Dragan Mitic
Apoll ...)
+ TODO: check
+CVE-2008-6271 (Directory traversal vulnerability in index.php in TBmnetCMS
1.0, when ...)
+ TODO: check
+CVE-2008-6270 (SQL injection vulnerability in admin/index.php in Dragan Mitic
Apoll ...)
+ TODO: check
+CVE-2008-6269 (Joovili 3.1.4 allows remote attackers to bypass authentication
and ...)
+ TODO: check
+CVE-2008-6268 (SQL injection vulnerability in detail.php in Multi Languages
WebShop ...)
+ TODO: check
+CVE-2008-6267 (Cross-site scripting (XSS) vulnerability in detail.php in Multi
...)
+ TODO: check
+CVE-2008-6266 (SQL injection vulnerability in links.php in Appalachian State
...)
+ TODO: check
+CVE-2008-6265 (Directory traversal vulnerability in portfolio/css.php in
Cyberfolio ...)
+ TODO: check
+CVE-2008-6264 (SQL injection vulnerability in admin/admin.php in E-topbiz
Slide ...)
+ TODO: check
+CVE-2008-6263 (SQL injection vulnerability in lib/user/t_user.php in SaturnCMS
allows ...)
+ TODO: check
+CVE-2008-6262 (SQL injection vulnerability in lib/url/meta_url.php in
SaturnCMS ...)
+ TODO: check
+CVE-2008-6261 (SQL injection vulnerability in view.php in E-topbiz AdManager 4
allows ...)
+ TODO: check
+CVE-2008-6260 (SQL injection vulnerability in index.php in Ultrastats 0.2.144
and ...)
+ TODO: check
+CVE-2008-6259 (Cross-site scripting (XSS) vulnerability in search.asp in
QuadComm ...)
+ TODO: check
+CVE-2008-6258 (SQL injection vulnerability in users.asp in QuadComm Q-Shop
3.0, and ...)
+ TODO: check
+CVE-2008-6257 (SQL injection vulnerability in default.asp in Openasp 3.0 and
earlier ...)
+ TODO: check
+CVE-2008-6256 (SQL injection vulnerability in admincp/admincalendar.php in
vBulletin ...)
+ TODO: check
+CVE-2008-6255 (Multiple SQL injection vulnerabilities in vBulletin 3.7.4 allow
remote ...)
+ TODO: check
+CVE-2008-6254 (SQL injection vulnerability in scripts/documents.php in Jadu
Galaxies ...)
+ TODO: check
+CVE-2008-6253 (Directory traversal vulnerability in
data/inc/lib/pcltar.lib.php in ...)
+ TODO: check
+CVE-2008-6252 (Stack-based buffer overflow in the smc program in smcFanControl
2.1.2 ...)
+ TODO: check
+CVE-2008-6251 (PHP remote file inclusion vulnerability in includes/init.php in
phpFan ...)
+ TODO: check
+CVE-2008-6250 (SQL injection vulnerability in Comdev Web Blogger 4.1.3 and
earlier ...)
+ TODO: check
+CVE-2008-6249 (SQL injection vulnerability in plugins/users/index.php in
Galatolo ...)
+ TODO: check
+CVE-2008-6248 (Cross-site scripting (XSS) vulnerability in all.php in Galatolo
...)
+ TODO: check
+CVE-2008-6247 (SQL injection vulnerability in topsite.php in Scripts For Sites
(SFS) ...)
+ TODO: check
+CVE-2008-6246 (SQL injection vulnerability in category.php in Scripts For
Sites (SFS) ...)
+ TODO: check
+CVE-2008-6245 (SQL injection vulnerability in track.php in Scripts For Sites
(SFS) EZ ...)
+ TODO: check
+CVE-2008-6244 (SQL injection vulnerability in view_reviews.php in Scripts for
Sites ...)
+ TODO: check
+CVE-2008-6243 (SQL injection vulnerability in showcategory.php in Scripts For
Sites ...)
+ TODO: check
+CVE-2008-6242 (SQL injection vulnerability in SearchResults.php in Scripts For
Sites ...)
+ TODO: check
+CVE-2008-6241 (Multiple SQL injection vulnerabilities in admin/usercheck.php
in ...)
+ TODO: check
+CVE-2008-6240 (Cross-site scripting (XSS) vulnerability in
data/views/index.html in ...)
+ TODO: check
+CVE-2008-6239 (Cross-site request forgery (CSRF) vulnerability in OpenEdit
Digital ...)
+ TODO: check
+CVE-2008-6238 (Cross-site scripting (XSS) vulnerability in ...)
+ TODO: check
+CVE-2008-6237 (SQL injection vulnerability in software-description.php in
Scripts For ...)
+ TODO: check
+CVE-2008-6236 (SQL injection vulnerability in login.php in Simple Document
Management ...)
+ TODO: check
+CVE-2008-6235 (The Netrw plugin (netrw.vim) in Vim 7.0 and 7.1 allows
user-assisted ...)
+ TODO: check
+CVE-2008-6234 (SQL injection vulnerability in the com_musica module in Joomla!
and ...)
+ TODO: check
+CVE-2008-6233 (SQL injection vulnerability in index.php in Five Dollar Scripts
Drinks ...)
+ TODO: check
+CVE-2008-6232 (Pre Shopping Mall allows remote attackers to bypass
authentication and ...)
+ TODO: check
+CVE-2008-6231 (Pre Classified Listing PHP allows remote attackers to bypass
...)
+ TODO: check
+CVE-2008-6230 (SQL injection vulnerability in Tour.php in Pre Projects Pre
Podcast ...)
+ TODO: check
+CVE-2008-6229 (Cross-site scripting (XSS) vulnerability in the administrative
...)
+ TODO: check
+CVE-2008-6228 (Pre Multi-Vendor Shopping Malls allows remote attackers to
bypass ...)
+ TODO: check
+CVE-2008-6227 (SQL injection vulnerability in buyer_detail.php in Pre
Multi-Vendor ...)
+ TODO: check
+CVE-2008-6226 (SQL injection vulnerability in moreinfo.php in Pre Projects PHP
Auto ...)
+ TODO: check
+CVE-2008-6225 (** DISPUTED ** ...)
+ TODO: check
+CVE-2008-6224 (Directory traversal vulnerability in visualizza.php in Way Of
The ...)
+ TODO: check
+CVE-2008-6223 (PHP remote file inclusion vulnerability in visualizza.php in
Way Of ...)
+ TODO: check
+CVE-2008-6222 (Directory traversal vulnerability in the Pro Desk Support
Center ...)
+ TODO: check
+CVE-2008-6221 (PHP remote file inclusion vulnerability in config.dadamail.php
in the ...)
+ TODO: check
+CVE-2008-6220 (SQL injection vulnerability in login.php in Simple Document
Management ...)
+ TODO: check
+CVE-2008-6219 (nsrexecd.exe in multiple EMC Networker products including EMC
...)
+ TODO: check
+CVE-2008-6218 (Memory leak in the png_handle_tEXt function in pngrutil.c in
libpng ...)
+ TODO: check
+CVE-2008-6217 (Cross-site scripting (XSS) vulnerability in index.php in
Extrakt ...)
+ TODO: check
+CVE-2008-6216 (SQL injection vulnerability in cadena_ofertas_ext.php in
Venalsur ...)
+ TODO: check
+CVE-2008-6215 (Cross-site scripting (XSS) vulnerability in
cadena_ofertas_ext.php in ...)
+ TODO: check
+CVE-2008-6214 (SQL injection vulnerability in poll_results.php in
Harlandscripts Pro ...)
+ TODO: check
+CVE-2008-6213 (SQL injection vulnerability in mypage.php in Harlandscripts Pro
...)
+ TODO: check
CVE-2009-XXXX [thunar: potential exploits via application launchers]
- thunar <unfixed> (bug #517020; low)
NOTE: CVE needs to be requested
@@ -304,8 +643,8 @@
RESERVED
CVE-2009-0578
RESERVED
-CVE-2009-0577
- RESERVED
+CVE-2009-0577 (Integer overflow in the WriteProlog function in texttops in
CUPS ...)
+ TODO: check
CVE-2009-0576 (Unspecified vulnerability in Sun Java System Directory Server
5.2 p6 ...)
NOT-FOR-US: Sun Java System Directory Server
CVE-2009-0575 (Cross-site scripting (XSS) vulnerability in the ...)
@@ -374,15 +713,17 @@
{DSA-1726-1}
- python-crypto <unfixed> (bug filed)
CVE-2009-0543 (ProFTPD Server 1.3.1, with NLS support enabled, allows remote
...)
+ {DSA-1727-1}
- proftpd 1.3.2-1 (medium; bug #516388)
- proftpd-basic 1.3.2-1 (medium; bug #516388)
CVE-2009-0542 (SQL injection vulnerability in ProFTPD Server 1.3.1 through
1.3.2rc2 ...)
+ {DSA-1727-1}
- proftpd 1.3.2-1 (medium; bug #516388)
- proftpd-basic 1.3.2-1 (medium; bug #516388)
-CVE-2009-0541
- RESERVED
-CVE-2009-0540
- RESERVED
+CVE-2009-0541 (Multiple cross-site scripting (XSS) vulnerabilities in Magento
1.2.0 ...)
+ TODO: check
+CVE-2009-0540 (Cross-site scripting (XSS) vulnerability in Libero 5.3 SP5, and
...)
+ TODO: check
CVE-2009-0539
RESERVED
CVE-2009-0538
@@ -522,10 +863,10 @@
RESERVED
CVE-2009-0507
RESERVED
-CVE-2009-0506
- RESERVED
-CVE-2009-0505
- RESERVED
+CVE-2009-0506 (Unspecified vulnerability in IBM WebSphere Application Server
(WAS) ...)
+ TODO: check
+CVE-2009-0505 (The CICS listener in IBM TXSeries for Multiplatforms 6.2 GA
waits for ...)
+ TODO: check
CVE-2009-0504 (WSPolicy in the Web Services component in IBM WebSphere
Application ...)
NOT-FOR-US: IBM WebSphere Application Server
CVE-2009-0503 (IBM WebSphere Message Broker 6.1.x before 6.1.0.2 writes a
database ...)
@@ -706,10 +1047,10 @@
NOT-FOR-US: PHPbbBook
CVE-2009-0441 (PHP remote file inclusion vulnerability in ...)
NOT-FOR-US: Technote
-CVE-2009-0440
- RESERVED
-CVE-2009-0439
- RESERVED
+CVE-2009-0440 (IBM WebSphere Partner Gateway (WPG) 6.0.0 through 6.0.0.7 does
not ...)
+ TODO: check
+CVE-2009-0439 (Unspecified vulnerability in the queue manager in IBM WebSphere
MQ ...)
+ TODO: check
CVE-2009-0438 (IBM WebSphere Application Server (WAS) 7 before 7.0.0.1 on
Windows ...)
NOT-FOR-US: IBM WebSphere
CVE-2009-0437 (The Installation Factory installation process for IBM WebSphere
...)
@@ -1576,8 +1917,8 @@
[etch] - websvn <not-affected> (authenthication doesn't exist in that
version)
CVE-2009-0239
RESERVED
-CVE-2009-0238
- RESERVED
+CVE-2009-0238 (Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3, and 2007
SP1; ...)
+ TODO: check
CVE-2009-0237
RESERVED
CVE-2009-0236
@@ -2711,8 +3052,8 @@
[etch] - tdiary 2.0.2+20060303-5
NOTE: fixed in r6 point update
NOTE: http://www.tdiary.org/20071215.html
-CVE-2009-0040
- RESERVED
+CVE-2009-0040 (The PNG reference library (aka libpng) before 1.0.43, and 1.2.x
before ...)
+ TODO: check
CVE-2009-0039
RESERVED
CVE-2009-0038
@@ -3615,7 +3956,7 @@
NOT-FOR-US: WebStudio eCatalogue
CVE-2008-5293 (SQL injection vulnerability in index.php in WebStudio eHotel
allows ...)
NOT-FOR-US: WebStudio eHotel
-CVE-2008-5292 (SQL injection vulnerability in view_snaps.php in VideoGirls
BiZ, ...)
+CVE-2008-5292 (SQL injection vulnerability in view_snaps.php in VideoGirls BiZ
allows ...)
NOT-FOR-US: VideoGirls
CVE-2008-5291 (Directory traversal vulnerability in code/track.php in
FuzzyLime 3.03 ...)
NOT-FOR-US: FuzzyLime
@@ -4535,7 +4876,7 @@
NOT-FOR-US: 1st News 4 Professional
CVE-2008-4889 (SQL injection vulnerability in index.php in deV!L'z Clanportal
(DZCP) ...)
NOT-FOR-US: deV!L'z Clanportal
-CVE-2008-4888 (Cross-site scripting (XSS) vulnerability in index.php in
NetRisk 2.0 ...)
+CVE-2008-4888 (Cross-site scripting (XSS) vulnerability in error.php in
NetRisk 2.0 ...)
NOT-FOR-US: NetRisk 2.0
CVE-2008-4887 (SQL injection vulnerability in index.php in NetRisk 2.0 and
earlier ...)
NOT-FOR-US: NetRisk 2.0
@@ -9027,16 +9368,13 @@
- linux-2.6.24 <not-affected> (Vulnerable code added later)
[etch] - linux-2.6 <not-affected> (Vulnerable code added later)
NOTE: 1e9a615bfce7996ea4d815d45d364b47ac6a74e8
-CVE-2008-3076 [arbitrary code execution through netrw.vim plugin]
- RESERVED
+CVE-2008-3076 (The Netrw plugin 125 in netrw.vim in Vim 7.2a.10 allows
user-assisted ...)
- vim 2:7.2.010-1 (bug #506919)
[lenny] - vim 1:7.1.314-3+lenny1 (bug #506919)
-CVE-2008-3075 [arbitrary code execution through zip.vim plugin]
- RESERVED
+CVE-2008-3075 (The shellescape function in Vim 7.0 through 7.2, including
7.2a.10, ...)
- vim 2:7.2.010-1 (bug #506919)
[lenny] - vim 1:7.1.314-3+lenny1 (bug #506919)
-CVE-2008-3074 [arbitrary code execution through tar.vim plugin]
- RESERVED
+CVE-2008-3074 (The shellescape function in Vim 7.0 through 7.2, including
7.2a.10, ...)
- vim 2:7.2.010-1 (bug #506919)
[lenny] - vim 1:7.1.314-3+lenny1 (bug #506919)
CVE-2008-3073 (Unspecified vulnerability in Simple Machines Forum (SMF) 1.1.x
before ...)
@@ -20503,8 +20841,8 @@
NOT-FOR-US: DB Manager
CVE-2007-5290 (Multiple cross-site scripting (XSS) vulnerabilities in MailBee
WebMail ...)
NOT-FOR-US: MailBee WebMail Pro
-CVE-2007-5289
- RESERVED
+CVE-2007-5289 (HP Mercury Quality Center (QC) 9.2 and earlier, and possibly
...)
+ TODO: check
CVE-2007-5301 (Buffer overflow in the vorbis_stream_info function in ...)
{DSA-1538-1 DTSA-66-1}
- alsaplayer 0.99.80~rc4-1 (low; bug #446034)
@@ -32199,7 +32537,8 @@
NOT-FOR-US: MyBB (aka MyBulletinBoard)
CVE-2006-6968 (Cross-site scripting (XSS) vulnerability in the group
moderation ...)
NOT-FOR-US: Phorum
-CVE-2006-6967 (Check Point FireWall-1 allows remote attackers to obtain
certificate ...)
+CVE-2006-6967
+ REJECTED
NOT-FOR-US: Check Point Firewall-1
CVE-2006-6966 (phpGraphy before 0.9.13a does not properly unset variables when
the ...)
NOT-FOR-US: phpGraphy
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
