[Secure-testing-commits] r11624 - data/CVE

[Joey Hess]

Author: joeyh
Date: 2009-04-14 21:14:11 +0000 (Tue, 14 Apr 2009)
New Revision: 11624

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-04-14 20:54:08 UTC (rev 11623)
+++ data/CVE/list	2009-04-14 21:14:11 UTC (rev 11624)
@@ -1,3 +1,27 @@
+CVE-2009-1291
+	RESERVED
+CVE-2009-1290 (Multiple cross-site request forgery (CSRF) vulnerabilities in the web ...)
+	TODO: check
+CVE-2009-1289 (private/login.ssi in the Advanced Management Module (AMM) on the IBM ...)
+	TODO: check
+CVE-2009-1288 (Multiple cross-site scripting (XSS) vulnerabilities in the Advanced ...)
+	TODO: check
+CVE-2009-1287 (Cross-site scripting (XSS) vulnerability in Cisco Subscriber Edge ...)
+	TODO: check
+CVE-2009-1286 (The IMAP task in the server in IBM Lotus Domino 8.0.2 before FP1 IF1 ...)
+	TODO: check
+CVE-2008-6720 (SQL injection vulnerability in admin/adm_login.php in DeltaScripts PHP ...)
+	TODO: check
+CVE-2008-6719 (U&M Software Event Lister (aka JustListIt) 1.0 does not require ...)
+	TODO: check
+CVE-2008-6718 (U&M Software JustBookIt 1.0 does not require administrative ...)
+	TODO: check
+CVE-2008-6717 (U&M Software Signup 1.0 and 1.1 does not require administrative ...)
+	TODO: check
+CVE-2008-6716 (homeadmin/adminhome.php in Pre ADS Portal 2.0 and earlier does not ...)
+	TODO: check
+CVE-2008-6715 (Multiple cross-site scripting (XSS) vulnerabilities in Pre ADS Portal ...)
+	TODO: check
 CVE-2009-1285 [phpMyAdmin PMASA-2009-4 insufficient escaping in setup script]
 	RESERVED
 	- phpmyadmin 4:3.1.3.2-1 (unimportant)
@@ -108,12 +132,12 @@
 	- php5 5.2.9.dfsg.1-1
 	- php4 <not-affected> (the JSON extension was introduced in php5.2)
 	- php-json-ext <unfixed>
-CVE-2009-1269
-	RESERVED
-CVE-2009-1268
-	RESERVED
-CVE-2009-1267
-	RESERVED
+CVE-2009-1269 (Unspecified vulnerability in Wireshark 0.99.6 through 1.0.6 allows ...)
+	TODO: check
+CVE-2009-1268 (The Check Point High-Availability Protocol (CPHAP) dissector in ...)
+	TODO: check
+CVE-2009-1267 (Unspecified vulnerability in the LDAP dissector in Wireshark 0.99.2 ...)
+	TODO: check
 CVE-2009-1266
 	RESERVED
 CVE-2009-1265 (Integer overflow in rose_sendmsg (sys/net/af_rose.c) in the Linux ...)
@@ -225,8 +249,8 @@
 	NOT-FOR-US: Blogplus
 CVE-2009-1245 (Multiple SQL injection vulnerabilities in the insert_to_pastebin ...)
 	NOT-FOR-US: CCCP Community Clan Portal Pastebin
-CVE-2009-1244
-	RESERVED
+CVE-2009-1244 (Unspecified vulnerability in the virtual machine display function in ...)
+	TODO: check
 CVE-2009-1243 (net/ipv4/udp.c in the Linux kernel before 2.6.29.1 performs an ...)
 	- linux-2.6 <not-affected> (Issue was introduced after 2.6.27 release)
 	- linux-2.6.24 <not-affected> (Issue was introduced after 2.6.27 release)
@@ -1804,8 +1828,8 @@
 	REJECTED
 	- linux-2.6 <unfixed>
 	- linux-2.6.24 <unfixed>
-CVE-2009-0794
-	RESERVED
+CVE-2009-0794 (Integer overflow in the PulseAudioTargetDataL class in ...)
+	TODO: check
 CVE-2009-0793 (cmsxform.c in LittleCMS (aka lcms or liblcms) 1.18, as used in OpenJDK ...)
 	{DSA-1769-1}
 	TODO: check
@@ -4209,8 +4233,8 @@
 	RESERVED
 CVE-2009-0219 (The PDF distiller in the Attachment Service in Research in Motion ...)
 	NOT-FOR-US: BlackBerry
-CVE-2009-0218
-	RESERVED
+CVE-2009-0218 (Insecure method vulnerability in Particle Software IntraLaunch ...)
+	TODO: check
 CVE-2009-0217
 	RESERVED
 CVE-2009-0216 (GE Fanuc iFIX 5.0 and earlier relies on client-side authentication ...)
@@ -8251,8 +8275,8 @@
 	REJECTED
 CVE-2008-4421 (Directory traversal vulnerability in MetaGauge 1.0.0.17, and probably ...)
 	NOT-FOR-US: MetaGauge
-CVE-2008-4420
-	RESERVED
+CVE-2008-4420 (Multiple stack-based buffer overflows in DZIP32.DLL before 5.0.0.8 in ...)
+	TODO: check
 CVE-2008-4419 (Directory traversal vulnerability in the HP JetDirect web ...)
 	NOT-FOR-US: HP-ChaiSOE
 CVE-2008-4418 (Unspecified vulnerability in DCE in HP HP-UX B.11.11, B.11.23, and ...)