[Secure-testing-commits] r11183 - data/CVE

joeyh Tue, 10 Feb 2009 13:14:17 -0800

Author: joeyh
Date: 2009-02-10 21:14:12 +0000 (Tue, 10 Feb 2009)
New Revision: 11183


Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2009-02-10 21:11:27 UTC (rev 11182)
+++ data/CVE/list       2009-02-10 21:14:12 UTC (rev 11183)
@@ -1,4 +1,60 @@
-CVE-2009-0489 [insecure dbus policy in wicd]
+CVE-2009-0502 (Cross-site scripting (XSS) vulnerability in 
blocks/html/block_html.php ...)
+       TODO: check
+CVE-2009-0501 (Unspecified vulnerability in the Calendar export feature in 
Moodle 1.8 ...)
+       TODO: check
+CVE-2009-0500 (Cross-site scripting (XSS) vulnerability in course/lib.php in 
Moodle ...)
+       TODO: check
+CVE-2009-0499 (Cross-site request forgery (CSRF) vulnerability in the forum 
code in ...)
+       TODO: check
+CVE-2009-0498 (Virtual GuestBook (vgbook) 2.1 stores sensitive information 
under the ...)
+       TODO: check
+CVE-2009-0497 (Directory traversal vulnerability in log.jsp in Ignite Realtime 
...)
+       TODO: check
+CVE-2009-0496 (Multiple cross-site scripting (XSS) vulnerabilities in Ignite 
Realtime ...)
+       TODO: check
+CVE-2009-0495 (PHP remote file inclusion vulnerability in include/define.php 
in ...)
+       TODO: check
+CVE-2009-0494 (SQL injection vulnerability in the Portfol (com_portfol) 1.2 
component ...)
+       TODO: check
+CVE-2009-0493 (SQL injection vulnerability in login.php in IT!CMS 2.1a and 
earlier ...)
+       TODO: check
+CVE-2009-0492 (Unspecified vulnerability in SimpleIrcBot before 1.0 Stable has 
...)
+       TODO: check
+CVE-2009-0491 (Stack-based buffer overflow in Elecard MPEG Player 5.5 build 
...)
+       TODO: check
+CVE-2009-0488 (Cross-site scripting (XSS) vulnerability in Phorum before 
5.2.10 ...)
+       TODO: check
+CVE-2009-0486 (Bugzilla 3.2.1, 3.0.7, and 3.3.2, when running under mod_perl, 
calls ...)
+       TODO: check
+CVE-2009-0485 (Cross-site request forgery (CSRF) vulnerability in Bugzilla 
2.17 to ...)
+       TODO: check
+CVE-2009-0484 (Cross-site request forgery (CSRF) vulnerability in Bugzilla 3.0 
before ...)
+       TODO: check
+CVE-2009-0483 (Cross-site request forgery (CSRF) vulnerability in Bugzilla 
2.22 ...)
+       TODO: check
+CVE-2009-0482 (Cross-site request forgery (CSRF) vulnerability in Bugzilla 
before 3.2 ...)
+       TODO: check
+CVE-2009-0481 (Bugzilla 2.x before 2.22.7, 3.0 before 3.0.7, 3.2 before 3.2.1, 
and ...)
+       TODO: check
+CVE-2009-0480 (The IP implementation in Sun Solaris 8 through 10, and 
OpenSolaris ...)
+       TODO: check
+CVE-2008-6098 (Bugzilla 3.2 before 3.2 RC2, 3.0 before 3.0.6, 2.22 before 
2.22.6, ...)
+       TODO: check
+CVE-2008-6097 (Multiple cross-site scripting (XSS) vulnerabilities in WikyBlog 
before ...)
+       TODO: check
+CVE-2008-6096 (Cross-site scripting (XSS) vulnerability in Juniper NetScreen 
ScreenOS ...)
+       TODO: check
+CVE-2008-6095 (Cross-site scripting (XSS) vulnerability in 
surveillanceView.htm in ...)
+       TODO: check
+CVE-2008-6094 (Cross-site scripting (XSS) vulnerability in user.do in Celoxis 
...)
+       TODO: check
+CVE-2008-6093 (SQL injection vulnerability in index.php in Noname CMS 1.0, 
when ...)
+       TODO: check
+CVE-2008-6092 (phpscripts Ranking Script allows remote attackers to bypass ...)
+       TODO: check
+CVE-2008-6091 (SQL injection vulnerability in plugins.php in BMForum 5.6, when 
...)
+       TODO: check
+CVE-2009-0489 (The DBus configuration file for Wicd before 1.5.9 allows 
arbitrary ...)
        - wicd 1.5.9-1
 CVE-2009-XXXX [typo3 information disclosure & xss]
        - typo3-src 4.2.6-1 (medium; bug #514713)
@@ -420,7 +476,7 @@
        NOT-FOR-US: QuidaScript BookMarks Favourites Script
 CVE-2008-6006 (Multiple PHP remote file inclusion vulnerabilities in 
Micronation ...)
        NOT-FOR-US: Micronation Banking System
-CVE-2009-0487 [mahara: XSS in forum posts]
+CVE-2009-0487 (Cross-site scripting (XSS) vulnerability in Mahara before 1.0.9 
allows ...)
        - mahara 1.0.9-1 (low)
        [lenny] - mahara 1.0.4-4
 CVE-2009-0478 (Squid 2.7 to 2.7.STABLE5, 3.0 to 3.0.STABLE12, and 3.1 to 
3.1.0.4 ...)
@@ -436,7 +492,8 @@
        - bugzilla <unfixed> (bug #514143)
 CVE-2009-XXXX [glpi sql injection]
        - glpi 0.71.5-1 (bug #513611)
-CVE-2009-0490 [buffer overflow]
+CVE-2009-0490 (Stack-based buffer overflow in the 
String_parse::get_nonspace_quoted ...)
+       {DTSA-192-1}
        - audacity 1.3.6-1 (bug #514138)
        NOTE: http://www.milw0rm.com/exploits/7634
        NOTE: https://bugs.gentoo.org/show_bug.cgi?id=253493


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r11183 - data/CVE

Reply via email to