[Secure-testing-commits] r12500 - data/CVE

Joey Hess joeyh at alioth.debian.org
Thu Aug 6 21:14:21 UTC 2009


Author: joeyh
Date: 2009-08-06 21:14:20 +0000 (Thu, 06 Aug 2009)
New Revision: 12500

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-08-06 14:37:45 UTC (rev 12499)
+++ data/CVE/list	2009-08-06 21:14:20 UTC (rev 12500)
@@ -1,4 +1,99 @@
+CVE-2009-2705
+	RESERVED
+CVE-2009-2704
+	RESERVED
+CVE-2009-2703
+	RESERVED
+CVE-2009-2702
+	RESERVED
+CVE-2009-2701
+	RESERVED
+CVE-2009-2700
+	RESERVED
+CVE-2009-2699
+	RESERVED
+CVE-2009-2698
+	RESERVED
+CVE-2009-2697
+	RESERVED
+CVE-2009-2696
+	RESERVED
+CVE-2009-2695
+	RESERVED
+CVE-2009-2694
+	RESERVED
+CVE-2009-2693
+	RESERVED
+CVE-2009-2692
+	RESERVED
+CVE-2009-2691
+	RESERVED
+CVE-2009-2690
+	RESERVED
+CVE-2009-2689
+	RESERVED
+CVE-2009-2688 (Multiple integer overflows in glyphs-eimage.c in XEmacs 21.4.22, when ...)
+	TODO: check
+CVE-2009-2687 (The exif_read_data function in the Exif module in PHP before 5.2.10 ...)
+	TODO: check
+CVE-2009-2686
+	RESERVED
+CVE-2009-2685
+	RESERVED
+CVE-2009-2684
+	RESERVED
+CVE-2009-2683
+	RESERVED
+CVE-2009-2682
+	RESERVED
+CVE-2009-2681
+	RESERVED
+CVE-2009-2680
+	RESERVED
+CVE-2009-2679
+	RESERVED
+CVE-2009-2678
+	RESERVED
+CVE-2009-2677
+	RESERVED
+CVE-2009-2676 (Unspecified vulnerability in JNLPAppletlauncher in Sun Java SE, and SE ...)
+	TODO: check
+CVE-2009-2675 (Integer overflow in the unpack200 utility in Sun Java Runtime ...)
+	TODO: check
+CVE-2009-2674 (Integer overflow in Sun Java Runtime Environment (JRE) in JDK and JRE ...)
+	TODO: check
+CVE-2009-2673 (The proxy mechanism implementation in Sun Java Runtime Environment ...)
+	TODO: check
+CVE-2009-2672 (The proxy mechanism implementation in Sun Java Runtime Environment ...)
+	TODO: check
+CVE-2009-2671 (The SOCKS proxy implementation in Sun Java Runtime Environment (JRE) ...)
+	TODO: check
+CVE-2009-2670 (The audio system in Sun Java Runtime Environment (JRE) in JDK and JRE ...)
+	TODO: check
+CVE-2009-2669 (A certain debugging component in IBM AIX 5.3 and 6.1 does not properly ...)
+	TODO: check
+CVE-2009-2668 (Microsoft Internet Explorer 6 through 6.0.2900.2180 and 7 through ...)
+	TODO: check
+CVE-2009-2667 (Unspecified vulnerability in IBM Tivoli Key Lifecycle Manager (TKLM) ...)
+	TODO: check
+CVE-2008-6904 (Multiple unspecified vulnerabilities in Sophos SAVScan 4.33.0 for ...)
+	TODO: check
+CVE-2008-6903 (Sophos Anti-Virus for Windows before 7.6.3, Anti-Virus for Windows ...)
+	TODO: check
+CVE-2008-6902 (Unrestricted file upload vulnerability in upload_flyer.php in ...)
+	TODO: check
+CVE-2008-6901 (Multiple directory traversal vulnerabilities in 2532designs 2532|Gigs ...)
+	TODO: check
+CVE-2008-6900 (Unrestricted file upload vulnerability in "Add Pen/Author Name" ...)
+	TODO: check
+CVE-2008-6899 (Multiple buffer overflows in freeSSHd 1.2.1 allow remote authenticated ...)
+	TODO: check
+CVE-2008-6898 (Buffer overflow in the XHTTP Module 4.1.0.0 in the ActiveX control for ...)
+	TODO: check
+CVE-2008-6897 (Multiple buffer overflows in Getleft.exe in Andres Garcia Getleft 1.2 ...)
+	TODO: check
 CVE-2009-2666 [fetchmail 0 byte cert injection]
+	RESERVED
 	- fetchmail <unfixed>
 CVE-2009-2665 (The nsDocument::SetScriptGlobalObject function in ...)
 	- xulrunner <not-affected>
@@ -272,8 +367,8 @@
 	NOT-FOR-US: EditeurScripts EsNews
 CVE-2009-2580
 	REJECTED
-CVE-2009-2579
-	RESERVED
+CVE-2009-2579 (SQL injection vulnerability in reward_points.post.php in the Reward ...)
+	TODO: check
 CVE-2009-2578 (Google Chrome 2.x through 2.0.172 allows remote attackers to cause a ...)
 	- chromium-browser <itp> (bug #520324)
 CVE-2009-2577 (Opera 9.52 and earlier allows remote attackers to cause a denial of ...)
@@ -335,6 +430,7 @@
 CVE-2009-2555 (Heap-based buffer overflow in src/jsregexp.cc in Google V8 before ...)
 	- chromium-browser <itp> (bug #520324)
 CVE-2009-2658 (Directory traversal vulnerability in ZNC before 0.072 allows remote ...)
+	{DSA-1848-1}
 	- znc 0.074-1 (medium; bug #537977)
 	NOTE: http://znc.svn.sourceforge.net/viewvc/znc?view=rev&sortby=rev&sortdir=down&revision=1570
 	NOTE: CVE id requested 
@@ -721,7 +817,7 @@
 	RESERVED
 CVE-2009-2410 (The local_handler_callback function in ...)
 	NOT-FOR-US: sssd
-CVE-2009-2409 (The NSS library before 3.12.3, as used in Firefox; GnuTLS before 2.6.4 ...)
+CVE-2009-2409 (The Network Security Services (NSS) library before 3.12.3, as used in ...)
 	- nss 3.12.3-1 (low; bug #539895)
 	- openssl <unfixed> (low; bug #539899)
 	- gnutls26 2.4.2-5 (low; bug #539901)
@@ -4279,7 +4375,7 @@
 	NOT-FOR-US: Opera
 CVE-2009-1233 (Apple Safari 3.2.2 and 4 Beta on Windows allows remote attackers to ...)
 	NOT-FOR-US: Safari on Windows
-CVE-2009-1232 (The XUL parser in Mozilla Firefox 3.0.8 and earlier 3.0.x versions ...)
+CVE-2009-1232 (Mozilla Firefox 3.0.8 and earlier 3.0.x versions allows remote ...)
 	- xulrunner <unfixed> (unimportant)
 	NOTE: Browser crashes not treated as security issues
 CVE-2009-1231 (Unspecified vulnerability in the eClient in IBM DB2 Content Manager ...)




More information about the Secure-testing-commits mailing list