[Secure-testing-commits] r11320 - data/CVE

Tue, 03 Mar 2009 13:14:18 -0800 

Author: joeyh
Date: 2009-03-03 21:14:11 +0000 (Tue, 03 Mar 2009)
New Revision: 11320

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2009-03-03 20:53:20 UTC (rev 11319)
+++ data/CVE/list       2009-03-03 21:14:11 UTC (rev 11320)
@@ -1,3 +1,101 @@
+CVE-2009-0752 (Unspecified vulnerability in Movable Type Pro and Community 
Solution ...)
+       TODO: check
+CVE-2009-0751 (Yaws before 1.80 allows remote attackers to cause a denial of 
service ...)
+       TODO: check
+CVE-2009-0750 (SQL injection vulnerability in login.php in the smNews example 
script ...)
+       TODO: check
+CVE-2008-6392 (SQL injection vulnerability in showads.php in Z1Exchange allows 
remote ...)
+       TODO: check
+CVE-2008-6391 (SQL injection vulnerability in main.asp in Jbook allows remote 
...)
+       TODO: check
+CVE-2008-6390 (SQL injection vulnerability in login.asp in Ocean12 Membership 
Manager ...)
+       TODO: check
+CVE-2008-6389 (SQL injection vulnerability in asadmin/default.asp in Rae Media 
...)
+       TODO: check
+CVE-2008-6388 (Rapid Classified 3.1 and 3.15 stores sensitive information 
under the ...)
+       TODO: check
+CVE-2008-6387 (Quick Tree View .NET 3.1 stores sensitive information under the 
web ...)
+       TODO: check
+CVE-2008-6386 (Cross-site scripting (XSS) vulnerability in showads.php in 
Z1Exchange ...)
+       TODO: check
+CVE-2008-6385 (Cross-site scripting (XSS) vulnerability in index.php in 
W3matter ...)
+       TODO: check
+CVE-2008-6384 (Multiple cross-site request forgery (CSRF) vulnerabilities in 
Comment ...)
+       TODO: check
+CVE-2008-6383 (SQL injection vulnerability in SpeedTech Organization and 
Resource ...)
+       TODO: check
+CVE-2008-6382 (ASP Portal 3.2.5 stores sensitive information under the web 
root with ...)
+       TODO: check
+CVE-2008-6381 (SQL injection vulnerability in modules/adresses/viewcat.php in 
bcoos ...)
+       TODO: check
+CVE-2008-6380 (SQL injection vulnerability in default.aspx in Active Web 
Helpdesk 2.0 ...)
+       TODO: check
+CVE-2008-6379 (SQL injection vulnerability in pics_pre.asp in Gallery MX 2.0.0 
allows ...)
+       TODO: check
+CVE-2008-6378 (SQL injection vulnerability in calendar_Eventupdate.asp in 
Calendar Mx ...)
+       TODO: check
+CVE-2008-6377 (PHP remote file inclusion vulnerability in include/global.php 
in Multi ...)
+       TODO: check
+CVE-2008-6376 (SQL injection vulnerability in main.asp in Jbook allows remote 
...)
+       TODO: check
+CVE-2008-6375 (JBook stores sensitive information under the web root with ...)
+       TODO: check
+CVE-2008-6374 (CodefixerSoftware MailingListPro Free Edition stores sensitive 
...)
+       TODO: check
+CVE-2008-6373 (Unspecified vulnerability in Nagios before 3.0.6 has 
unspecified ...)
+       TODO: check
+CVE-2008-6372 (SQL injection vulnerability in default.asp in Ocean12 FAQ 
Manager Pro ...)
+       TODO: check
+CVE-2008-6371 (SQL injection vulnerability in login.asp in Ocean12 Membership 
Manager ...)
+       TODO: check
+CVE-2008-6370 (Cross-site scripting (XSS) vulnerability in default.asp in 
Ocean12 ...)
+       TODO: check
+CVE-2008-6369 (SQL injection vulnerability in default.asp in Ocean12 Contact 
Manager ...)
+       TODO: check
+CVE-2008-6368 (SQL injection vulnerability in index.php in Chipmunk Guestbook 
1.4m ...)
+       TODO: check
+CVE-2008-6367 (Unrestricted file upload vulnerability in 
Photos/create_album.php in ...)
+       TODO: check
+CVE-2008-6366 (SQL injection vulnerability in logon.jsp in Ad Server Solutions 
...)
+       TODO: check
+CVE-2008-6365 (SQL injection vulnerability in logon.jsp in Ad Server Solutions 
Ad ...)
+       TODO: check
+CVE-2008-6364 (SQL injection vulnerability in logon_process.jsp in Ad Server 
...)
+       TODO: check
+CVE-2008-6363 (Stack-based buffer overflow in DesignWorks Professional 4.3.1 
and ...)
+       TODO: check
+CVE-2008-6362 (SQL injection vulnerability in sitepage.php in Multiple 
Membership ...)
+       TODO: check
+CVE-2008-6361 (Directory traversal vulnerability in index.php in InSun Feed 
CMS 1.7.3 ...)
+       TODO: check
+CVE-2008-6360 (Cross-site scripting (XSS) vulnerability in the userranks 
feature in ...)
+       TODO: check
+CVE-2008-6359 (Cross-site scripting (XSS) vulnerability in index.php in Max's 
...)
+       TODO: check
+CVE-2008-6358 (SQL injection vulnerability in group_index.php in Social 
Groupie ...)
+       TODO: check
+CVE-2008-6357 (MyCal Personal Events Calendar stores sensitive information 
under the ...)
+       TODO: check
+CVE-2008-6356 (evCal Events Calendar stores sensitive information under the 
web root ...)
+       TODO: check
+CVE-2008-6355 (The Net Guys ASPired2Protect stores sensitive information under 
the ...)
+       TODO: check
+CVE-2008-6354 (The Net Guys ASPired2poll stores sensitive information under 
the web ...)
+       TODO: check
+CVE-2008-6353 (SQL injection vulnerability in index.asp in ASP-CMS 1.0 allows 
remote ...)
+       TODO: check
+CVE-2008-6352 (SQL injection vulnerability in home.html in Xpoze Pro 4.10 
allows ...)
+       TODO: check
+CVE-2008-6351 (Cross-site scripting (XSS) vulnerability in listtest.php in ...)
+       TODO: check
+CVE-2008-6350 (SQL injection vulnerability in listtest.php in TurnkeyForms 
Local ...)
+       TODO: check
+CVE-2008-6349 (SQL injection vulnerability in survey_results_text.php in 
TurnkeyForms ...)
+       TODO: check
+CVE-2008-6348 (Multiple SQL injection vulnerabilities in DevelopItEasy Photo 
Gallery ...)
+       TODO: check
+CVE-2008-6347 (PHP remote file inclusion vulnerability in lib/onguma.class.php 
in the ...)
+       TODO: check
 CVE-2009-0748 (The ext4_fill_super function in fs/ext4/super.c in the Linux 
kernel ...)
        - linux-2.6 <unfixed> (low)
        [etch] - linux-2.6 <not-affected> (ext4 not yet present)
@@ -148,7 +246,7 @@
        [lenny] - dkim-milter 2.6.0.dfsg-1+lenny1
        NOTE: 
http://sourceforge.net/tracker/index.php?func=detail&aid=2508602&group_id=139420&atid=744358
        NOTE: CVE id requested
-CVE-2009-0749 [optipng array overflow]
+CVE-2009-0749 (Use-after-free vulnerability in the GIFReadNextExtension 
function in ...)
        - optipng 0.6.2.1-1 (low)
        NOTE: http://secunia.com/advisories/34035/
 CVE-2009-0741 (SQL injection vulnerability in Login.asp in Craft Silicon 
bank...@home ...)
@@ -1570,8 +1668,7 @@
        NOTE: https://bugs.gentoo.org/show_bug.cgi?id=253493
        NOTE: CVE id requested
        [lenny] - audacity 1.3.5-2+lenny1
-CVE-2009-0368 [opensc information leak]
-       RESERVED
+CVE-2009-0368 (OpenSC before 0.11.7 allows physically proximate attackers to 
bypass ...)
        - opensc <unfixed>
        NOTE: Unclear yet which versions are affected, asked maintainer
 CVE-2009-0367 [wesnoth python sandbox escape]


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

Reply via email to