[Secure-testing-commits] r11555 - data/CVE
joeyh at alioth.debian.org
joeyh at alioth.debian.org
Fri Apr 3 21:14:13 UTC 2009
Author: joeyh
Date: 2009-04-03 21:14:12 +0000 (Fri, 03 Apr 2009)
New Revision: 11555
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-04-03 20:26:01 UTC (rev 11554)
+++ data/CVE/list 2009-04-03 21:14:12 UTC (rev 11555)
@@ -1,3 +1,45 @@
+CVE-2009-1238 (Race condition in the HFS vfs sysctl interface in XNU 1228.8.20 and ...)
+ TODO: check
+CVE-2009-1237 (Multiple memory leaks in XNU 1228.3.13 and earlier on Apple Mac OS X ...)
+ TODO: check
+CVE-2009-1236 (Heap-based buffer overflow in the AppleTalk networking stack in XNU ...)
+ TODO: check
+CVE-2009-1235 (XNU 1228.9.59 and earlier on Apple Mac OS X 10.5.6 and earlier does ...)
+ TODO: check
+CVE-2009-1234 (Opera 9.64 allows remote attackers to cause a denial of service ...)
+ TODO: check
+CVE-2009-1233 (Apple Safari 3.2.2 and 4 Beta on Windows allows remote attackers to ...)
+ TODO: check
+CVE-2009-1232 (The XUL parser in Mozilla Firefox 3.0.8 and earlier 3.0.x versions ...)
+ TODO: check
+CVE-2009-1231 (Unspecified vulnerability in the eClient in IBM DB2 Content Manager ...)
+ TODO: check
+CVE-2009-1230 (Static code injection vulnerability in index.php in Podcast Generator ...)
+ TODO: check
+CVE-2009-1229 (SQL injection vulnerability in Arcadwy Arcade Script allows remote ...)
+ TODO: check
+CVE-2009-1228 (Cross-site scripting (XSS) vulnerability in register.php in Arcadwy ...)
+ TODO: check
+CVE-2009-1227 (Buffer overflow in the PKI Web Service in Check Point Firewall-1 PKI ...)
+ TODO: check
+CVE-2009-1226 (core/admin/delete.php in Podcast Generator 1.1 and earlier does not ...)
+ TODO: check
+CVE-2009-1225 (Cross-site scripting (XSS) vulnerability in index.php in Turnkey Ebook ...)
+ TODO: check
+CVE-2009-1224 (SQL injection vulnerability in ...)
+ TODO: check
+CVE-2009-1223 (aspWebCalendar Free Edition stores sensitive information under the web ...)
+ TODO: check
+CVE-2009-1222 (Directory traversal vulnerability in index.php in webEdition 6.0.0.4 ...)
+ TODO: check
+CVE-2008-6582 (SQL injection vulnerability in index.php in Miniweb 2.0 allows remote ...)
+ TODO: check
+CVE-2008-6581 (login.php in PhpAddEdit 1.3 allows remote attackers to bypass ...)
+ TODO: check
+CVE-2008-6580 (The Red_Reservations script for ColdFusion stores sensitive ...)
+ TODO: check
+CVE-2003-1571 (Web Wiz Guestbook 6.0 stores sensitive information under the web root ...)
+ TODO: check
CVE-2009-XXXX [unspecified DoS]
- libapache-mod-security 2.5.9-1
TODO: Investigate, check stable/oldstable, if necessary open RT ticket
@@ -13,7 +55,7 @@
NOT-FOR-US: Windows GDI+
CVE-2009-1216 (Multiple unspecified vulnerabilities in (1) unlzh.c and (2) unpack.c ...)
NOTE: Duplicate of CVE-2006-4335, confirmed by Microsoft. They're working on
- NOTE: getting it rejected
+ NOTE: getting it rejected
CVE-2008-6579 (Nortel Communication Server 1000 4.50.x allows remote attackers to ...)
NOT-FOR-US: Nortel Communication Server
CVE-2008-6578 (Multiple unspecified vulnerabilities in Nortel Communication Server ...)
@@ -167,6 +209,7 @@
CVE-2009-1172 (The JAX-RPC WS-Security runtime in the Web Services Security component ...)
NOT-FOR-US: WebSphere
CVE-2009-1171 (The TeX filter in Moodle 1.6 before 1.6.9+, 1.7 before 1.7.7+, 1.8 ...)
+ {DSA-1761-1}
- moodle 1.8.2.dfsg-5 (medium; bug #522116)
NOTE: this applies only to people who have a complete tex environment and
NOTE: aren't just using mimetex to render the tex
More information about the Secure-testing-commits
mailing list