[Secure-testing-commits] r11977 - data/CVE

Tue, 26 May 2009 14:14:21 -0700 

Author: joeyh
Date: 2009-05-26 21:14:12 +0000 (Tue, 26 May 2009)
New Revision: 11977

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2009-05-26 15:35:38 UTC (rev 11976)
+++ data/CVE/list       2009-05-26 21:14:12 UTC (rev 11977)
@@ -1,3 +1,51 @@
+CVE-2009-1785 (Cross-site scripting (XSS) vulnerability in Ulteo Open Virtual 
Desktop ...)
+       TODO: check
+CVE-2009-1784 (The AVG parsing engine 8.5 323, as used in multiple AVG 
anti-virus ...)
+       TODO: check
+CVE-2009-1783 (Multiple FRISK Software F-Prot anti-virus products, including 
...)
+       TODO: check
+CVE-2009-1782 (Multiple F-Secure anti-virus products, including Anti-Virus for 
...)
+       TODO: check
+CVE-2009-1781 (Static code injection vulnerability in admin.php in Frax.dk Php 
...)
+       TODO: check
+CVE-2009-1780 (admin.php in Frax.dk Php Recommend 1.3 and earlier does not 
require ...)
+       TODO: check
+CVE-2009-1779 (PHP remote file inclusion vulnerability in admin.php in Frax.dk 
Php ...)
+       TODO: check
+CVE-2009-1778 (SQL injection vulnerability in the new user registration 
feature in ...)
+       TODO: check
+CVE-2009-1777 (CRLF injection vulnerability in FormMail.pl in Matt Wright 
FormMail ...)
+       TODO: check
+CVE-2009-1776 (Multiple cross-site scripting (XSS) vulnerabilities in 
FormMail.pl in ...)
+       TODO: check
+CVE-2009-1775 (Multiple cross-site scripting (XSS) vulnerabilities in Ulteo 
Open ...)
+       TODO: check
+CVE-2009-1774 (Directory traversal vulnerability in plugins/ddb/foot.php in 
...)
+       TODO: check
+CVE-2009-1773 (activeCollab 2.1 Corporate allows remote attackers to obtain 
sensitive ...)
+       TODO: check
+CVE-2009-1772 (Cross-site scripting (XSS) vulnerability in activeCollab 2.1 
Corporate ...)
+       TODO: check
+CVE-2009-1771 (index.php in Flyspeck CMS 6.8 does not require administrative 
...)
+       TODO: check
+CVE-2009-1770 (Directory traversal vulnerability in ...)
+       TODO: check
+CVE-2009-1769 (The web interface in OCS Inventory NG 1.01 generates different 
error ...)
+       TODO: check
+CVE-2009-1768 (Directory traversal vulnerability in download.php in Rama 
Zaiten CMS ...)
+       TODO: check
+CVE-2009-1767 (admin/edituser.php in 2daybiz Template Monster Clone does not 
require ...)
+       TODO: check
+CVE-2009-1766 (SQL injection vulnerability in index.php in LightOpenCMS 0.1 
allows ...)
+       TODO: check
+CVE-2009-1765 (Multiple directory traversal vulnerabilities in pluck 4.6.2, 
when ...)
+       TODO: check
+CVE-2009-1764 (SQL injection vulnerability in inc/ajax.asp in MaxCMS 2.0 
allows ...)
+       TODO: check
+CVE-2009-1763 (Unspecified vulnerability in the Solaris Secure Digital slot 
driver ...)
+       TODO: check
+CVE-2009-1762 (Multiple cross-site scripting (XSS) vulnerabilities in the 
WebAccess ...)
+       TODO: check
 CVE-2009-XXXX [radare-common insecure temp files handling]
        - radare-common (low)
        TODO: file bug
@@ -169,7 +217,7 @@
        NOT-FOR-US: phpWebNews
 CVE-2008-6812 (SQL injection vulnerability in bukutamu.php in phpWebNews 0.2 
allows ...)
        NOT-FOR-US: phpWebNews
-CVE-2009-1756 (SLiM Simple Login Manager 1.3.0 includes places the X authority 
magic ...)
+CVE-2009-1756 (SLiM Simple Login Manager 1.3.0 places the X authority magic 
cookie ...)
        - slim <unfixed> (low; bug #529306)
 CVE-2009-1755 (Off-by-one error in the packet_read_query_section function in 
packet.c ...)
        {DSA-1803-1}
@@ -284,8 +332,8 @@
        [lenny] - kdebase <not-affected> (vulnerability introduced in konqueror 
4)
 CVE-2009-1636
        RESERVED
-CVE-2009-1635
-       RESERVED
+CVE-2009-1635 (Cross-site scripting (XSS) vulnerability in the WebAccess login 
page ...)
+       TODO: check
 CVE-2009-1634
        RESERVED
 CVE-2009-1633 [CIFS Unicode issue]
@@ -433,7 +481,8 @@
        NOT-FOR-US: phPhotoGallery
 CVE-2008-6801 (Cross-site request forgery (CSRF) vulnerability in Vivvo CMS 
before ...)
        NOT-FOR-US: Vivvo CMS
-CVE-2008-6800 (Race condition in the winbind daemon (aka winbindd) in Samba 
before ...)
+CVE-2008-6800
+       REJECTED
        - samba 3.2.0~pre2-1 (low; bug #527894)
 CVE-2008-6799 (connection.php in FlashChat 5.0.8 allows remote attackers to 
bypass ...)
        NOT-FOR-US: FlashChat
@@ -1000,8 +1049,7 @@
        RESERVED
 CVE-2009-1382
        RESERVED
-CVE-2009-1381 [incomplete fix for CVE-2009-1579]
-       RESERVED
+CVE-2009-1381 (The map_yp_alias function in functions/imap_general.php in ...)
        {DSA-1802-2}
        - squirrelmail 2:1.4.19-1
 CVE-2009-1380


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

Reply via email to