[Secure-testing-commits] r12682 - data/CVE

Joey Hess Tue, 25 Aug 2009 14:14:36 -0700

Author: joeyh
Date: 2009-08-25 21:14:28 +0000 (Tue, 25 Aug 2009)
New Revision: 12682


Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2009-08-25 20:23:44 UTC (rev 12681)
+++ data/CVE/list       2009-08-25 21:14:28 UTC (rev 12682)
@@ -1,3 +1,81 @@
+CVE-2009-2958
+       RESERVED
+CVE-2009-2957
+       RESERVED
+CVE-2009-2956 (The (1) Net.Commerce and (2) Net.Data components in IBM 
WebSphere ...)
+       TODO: check
+CVE-2009-2955 (Google Chrome 1.0.154.48 and earlier allows remote attackers to 
cause ...)
+       TODO: check
+CVE-2009-2954 (Microsoft Internet Explorer 6.0.2900.2180 and earlier allows 
remote ...)
+       TODO: check
+CVE-2009-2953 (Mozilla Firefox 3.0.6 through 3.0.13, and 3.5.x, allows remote 
...)
+       TODO: check
+CVE-2009-2952 (Unspecified vulnerability in the pollwakeup function in Sun 
Solaris ...)
+       TODO: check
+CVE-2009-2951 (Phenotype CMS before 2.9 does not use a random salt value for 
password ...)
+       TODO: check
+CVE-2008-7083 (Multiple SQL injection vulnerabilities in ReVou Micro Blogging 
Twitter ...)
+       TODO: check
+CVE-2008-7082 (MyBB (aka MyBulletinBoard) 1.4.3 includes the sensitive 
my_post_key ...)
+       TODO: check
+CVE-2008-7081 (userHandler.cgi in RaidSonic ICY BOX NAS firmware 
2.3.2.IB.2.RS.1 ...)
+       TODO: check
+CVE-2008-7080 (Team PHP PHP Classifieds Script stores sensitive information 
under the ...)
+       TODO: check
+CVE-2008-7079 (Buffer overflow in Nero ShowTime 5.0.15.0 allows remote 
attackers to ...)
+       TODO: check
+CVE-2008-7078 (Multiple buffer overflows in Rumpus before 6.0.1 allow remote 
...)
+       TODO: check
+CVE-2008-7077 (Multiple SQL injection vulnerabilities in SailPlanner 0.3a 
allow ...)
+       TODO: check
+CVE-2008-7076 (Unrestricted file upload vulnerability in 
user.modify.profile.php in ...)
+       TODO: check
+CVE-2008-7075 (Multiple SQL injection vulnerabilities in Kalptaru Infotech 
Ltd. Star ...)
+       TODO: check
+CVE-2008-7074 (Format string vulnerability in MemeCode Software i.Scribe 1.88 
through ...)
+       TODO: check
+CVE-2008-7073 (PHP remote file inclusion vulnerability in lib/action/rss.php 
in RSS ...)
+       TODO: check
+CVE-2008-7072 (Cross-site scripting (XSS) vulnerability in index.php in 
Chipmunk ...)
+       TODO: check
+CVE-2008-7071 (SQL injection vulnerability in authenticate.php in Chipmunk 
Topsites ...)
+       TODO: check
+CVE-2008-7070 (Argument injection vulnerability in the URI handler in KVIrc 
3.4.2 ...)
+       TODO: check
+CVE-2008-7069 (All Club CMS (ACCMS) 0.0.2 and earlier stores sensitive 
information ...)
+       TODO: check
+CVE-2008-7068 (The dba_replace function in PHP 5.2.6 and 4.x allows 
context-dependent ...)
+       TODO: check
+CVE-2008-7067 (PHP remote file inclusion vulnerability in ...)
+       TODO: check
+CVE-2008-7066 (OpenForum 0.66 Beta allows remote attackers to bypass 
authentication ...)
+       TODO: check
+CVE-2008-7065 (Siemens C450 IP and C475 IP VoIP devices allow remote attackers 
to ...)
+       TODO: check
+CVE-2008-7064 (Directory traversal vulnerability in the get_lang function in 
...)
+       TODO: check
+CVE-2008-7063 (Ocean12 FAQ Manager Pro stores sensitive data under the web 
root with ...)
+       TODO: check
+CVE-2008-7062 (Unrestricted file upload vulnerability in admin/index.php in 
Download ...)
+       TODO: check
+CVE-2008-7061 (The tooltip manager (chrome/views/tooltip_manager.cc) in Google 
Chrome ...)
+       TODO: check
+CVE-2008-7060 (Multiple cross-site scripting (XSS) vulnerabilities in One-News 
Beta 2 ...)
+       TODO: check
+CVE-2008-7059 (SQL injection vulnerability in index.php in One-News Beta 2 
allows ...)
+       TODO: check
+CVE-2008-7058 (Cross-site request forgery (CSRF) vulnerability in BandSite CMS 
1.1.4 ...)
+       TODO: check
+CVE-2008-7057 (Cross-site scripting (XSS) vulnerability in merchandise.php in 
...)
+       TODO: check
+CVE-2008-7056 (BandSite CMS 1.1.4 does not perform access control for ...)
+       TODO: check
+CVE-2008-7055 (module.php in ezContents 2.0.3 allows remote attackers to 
bypass the ...)
+       TODO: check
+CVE-2008-7054 (Multiple directory traversal vulnerabilities in ezContents 
2.0.3 allow ...)
+       TODO: check
+CVE-2008-7053 (LogMeIn Remote Access Utility ActiveX control (RACtrl.dll) 
allows ...)
+       TODO: check
 CVE-2009-2950
        RESERVED
 CVE-2009-2949
@@ -1115,7 +1193,7 @@
        NOT-FOR-US: XOOPS
 CVE-2009-XXXX [poppler: buffer overflow in abiword backend]
        - poppler <unfixed> (low; bug #534680)
-CVE-2009-2408 (Mozilla Firefox before 3.5 and NSS before 3.12.3 do not 
properly ...)
+CVE-2009-2408 (Mozilla Network Security Services (NSS) before 3.12.3, Firefox 
before ...)
        - openssl <unfixed> (medium; bug #539449)
        - openssl097 <removed>
        - xulrunner <unfixed> (medium)
@@ -1196,7 +1274,7 @@
        RESERVED
 CVE-2009-2628
        RESERVED
-CVE-2009-2627 (The Acer LunchApp (aka AcerCtrls.APlunch) ActiveX control in 
...)
+CVE-2009-2627 (Insecure method vulnerability in the Acer LunchApp (aka ...)
        NOT-FOR-US: Acer LunchApp
 CVE-2009-2626
        RESERVED
@@ -3133,7 +3211,7 @@
 CVE-2009-1893 (The configtest function in the Red Hat dhcpd init script for 
DHCP ...)
        NOT-FOR-US: Red Hat dhcpd init script for DHCP
 CVE-2009-1892 (dhcpd in ISC DHCP 3.0.4 and 3.1.1, when the 
dhcp-client-identifier and ...)
-       {DSA-1833-1}
+       {DSA-1833-2 DSA-1833-1}
        - dhcp3 <unfixed> (low; bug #539492)
        [etch] - dhcp3 <not-affected> (problematic assert is not present)
 CVE-2009-1891 (The mod_deflate module in Apache httpd 2.2.11 and earlier 
compresses ...)
@@ -3560,7 +3638,7 @@
        NOT-FOR-US: CoreTypes in Apple Mac OS X
 CVE-2009-1726 (Heap-based buffer overflow in ColorSync in Apple Mac OS X 
10.4.11 and ...)
        NOT-FOR-US: ColorSync in Apple Mac OS X
-CVE-2009-1725 (WebKit in Apple Safari before 4.0.2 does not properly handle 
numeric ...)
+CVE-2009-1725 (WebKit in Apple Safari before 4.0.2, KHTML in kdelibs in KDE, 
QtWebKit ...)
        - webkit <unfixed> (medium; bug #538346)
        - qt4-x11 4:4.5.2-2 (medium; bug #538347)
        - kdelibs <not-affected> (medium; bug #538350)
@@ -7361,7 +7439,7 @@
 CVE-2009-0693
        RESERVED
 CVE-2009-0692 (Stack-based buffer overflow in the script_write_params method 
in ...)
-       {DSA-1833-1}
+       {DSA-1833-2 DSA-1833-1}
        - dhcp3 3.1.2p1-1 (medium)
        NOTE: dhcp in etch is not affected.
 CVE-2009-0691 (The Foxit JPEG2000/JBIG2 Decoder add-on before 2.0.2009.616 for 
Foxit ...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r12682 - data/CVE

Reply via email to