[Secure-testing-commits] r11064 - data/CVE

joeyh Tue, 27 Jan 2009 13:14:31 -0800

Author: joeyh
Date: 2009-01-27 21:14:19 +0000 (Tue, 27 Jan 2009)
New Revision: 11064


Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2009-01-27 19:07:35 UTC (rev 11063)
+++ data/CVE/list       2009-01-27 21:14:19 UTC (rev 11064)
@@ -1,53 +1,69 @@
+CVE-2009-0276
+       RESERVED
+CVE-2009-0274
+       RESERVED
+CVE-2009-0273
+       RESERVED
+CVE-2009-0272
+       RESERVED
+CVE-2009-0269 (fs/ecryptfs/inode.c in the eCryptfs subsystem in the Linux 
kernel ...)
+       TODO: check
+CVE-2009-0265 (Internet Systems Consortium (ISC) BIND 9.6.0 and earlier does 
not ...)
+       TODO: check
+CVE-2008-5968 (Directory traversal vulnerability in print.php in PHP iCalendar 
2.24 ...)
+       TODO: check
+CVE-2008-5967 (admin/index.php in PHP iCalendar 2.3.4, 2.24, and earlier does 
not ...)
+       TODO: check
 CVE-2009-XXXX [sudo: privilege escalation]
-       - sudo 1.6.9p17-2 (medium)
-       [etch] - sudo <not-affected> (Vulnerable code not present)
-CVE-2009-0278
+       - sudo 1.6.9p17-2 (medium)
+       [etch] - sudo <not-affected> (Vulnerable code not present)
+CVE-2009-0278 (Sun Java System Application Server (AS) 8.1 and 8.2 allows 
remote ...)
        NOT-FOR-US: Sun Java System Application Server (AS)
-CVE-2009-0277
+CVE-2009-0277 (Unspecified vulnerability in the kernel in OpenSolaris snv_100 
through ...)
        NOT-FOR-US: OpenSolaris
-CVE-2009-0275
+CVE-2009-0275 (Static code injection vulnerability in admin.php in Ryneezy 
phoSheezy ...)
        NOT-FOR-US: Ryneezy phoSheezy
-CVE-2009-0271
+CVE-2009-0271 (Directory traversal vulnerability in the TFTP service in 
Fujitsu ...)
        NOT-FOR-US: Fujitsu SystemcastWizard Lite
-CVE-2009-0270
+CVE-2009-0270 (Stack-based buffer overflow in PXEService.exe in Fujitsu ...)
        NOT-FOR-US: Fujitsu SystemcastWizard Lite
-CVE-2009-0268
+CVE-2009-0268 (Race condition in the pseudo-terminal (aka pty) driver module 
in Sun ...)
        NOT-FOR-US: Sun Solaris
-CVE-2009-0267
+CVE-2009-0267 (libike in Sun Solaris 9 and 10, and OpenSolaris before snv_100, 
does ...)
        NOT-FOR-US: Sun Solaris
-CVE-2009-0266
+CVE-2009-0266 (Stack-based buffer overflow in Triologic Media Player 8.0.0.0 
allows ...)
        NOT-FOR-US: Triologic Media Player
-CVE-2009-0264
+CVE-2009-0264 (Buffer overflow in the Registry Setting Tool in Fujitsu ...)
        NOT-FOR-US: Fujitsu SystemcastWizard Lite
-CVE-2008-5981
+CVE-2008-5981 (PacPoll 4.0 stores sensitive information under the web root 
with ...)
        NOT-FOR-US: PacPoll
-CVE-2008-5980
+CVE-2008-5980 (Ocean12 Mailing List Manager Gold stores sensitive data under 
the web ...)
        NOT-FOR-US: Ocean12 Mailing List Manager Gold
-CVE-2008-5979
+CVE-2008-5979 (Cross-site scripting (XSS) vulnerability in default.asp in 
Ocean12 ...)
        NOT-FOR-US: Ocean12 Mailing List Manager Gold
-CVE-2008-5978
+CVE-2008-5978 (Multiple SQL injection vulnerabilities in Ocean12 Mailing List 
Manager ...)
        NOT-FOR-US: Ocean12 Mailing List Manager Gold
-CVE-2008-5977
+CVE-2008-5977 (SQL injection vulnerability in siteadmin/forgot.php in PHP 
JOBWEBSITE ...)
        NOT-FOR-US: PHP JOBWEBSITE PRO
-CVE-2008-5976
+CVE-2008-5976 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
        NOT-FOR-US: PHP JOBWEBSITE PRO
-CVE-2008-5975
+CVE-2008-5975 (SQL injection vulnerability in links.asp in Active Price 
Comparison ...)
        NOT-FOR-US: Active Price Comparison
-CVE-2008-5974
+CVE-2008-5974 (Multiple SQL injection vulnerabilities in login.aspx in Active 
Price ...)
        NOT-FOR-US: Active Price Comparison
-CVE-2008-5973
+CVE-2008-5973 (SQL injection vulnerability in login.aspx in Active Web Mail 
4.0 ...)
        NOT-FOR-US: Active Web Mail
-CVE-2008-5972
+CVE-2008-5972 (SQL injection vulnerability in default.asp in Active Business 
...)
        NOT-FOR-US: Active Business Directory
-CVE-2008-5971
+CVE-2008-5971 (Cross-site scripting (XSS) vulnerability in profile_social.php 
in ...)
        NOT-FOR-US: i-Net Solution Orkut Clone
-CVE-2008-5970
+CVE-2008-5970 (SQL injection vulnerability in profile_social.php in i-Net 
Solution ...)
        NOT-FOR-US: i-Net Solution Orkut Clone
-CVE-2008-5969
+CVE-2008-5969 (SQL injection vulnerability in popupproduct.php in Sunbyte 
e-Flower ...)
        NOT-FOR-US: Sunbyte e-Flower
-CVE-2008-5966
+CVE-2008-5966 (globsy_edit.php in Globsy 1.0 and earlier allows remote 
attackers to ...)
        NOT-FOR-US: Globsy
-CVE-2008-5965
+CVE-2008-5965 (Directory traversal vulnerability in index.php in LokiCMS 0.3.4 
and ...)
        NOT-FOR-US: LokiCMS
 CVE-2009-0263 (Multiple buffer overflows in Winamp 5.541 and earlier allow 
remote ...)
        NOT-FOR-US: Winamp
@@ -2285,7 +2301,7 @@
        NOTE: fix for 1.7.5-3 incomplete, see #512122
 CVE-2008-5261
        RESERVED
-CVE-2008-5260
+CVE-2008-5260 (Heap-based buffer overflow in the CamImage.CamImage.1 ActiveX 
control ...)
        NOT-FOR-US: ActiveX
 CVE-2008-5259
        RESERVED


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r11064 - data/CVE

Reply via email to