[Secure-testing-commits] r12508 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Fri Aug 7 21:14:13 UTC 2009
Author: joeyh
Date: 2009-08-07 21:14:13 +0000 (Fri, 07 Aug 2009)
New Revision: 12508
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-08-07 21:08:38 UTC (rev 12507)
+++ data/CVE/list 2009-08-07 21:14:13 UTC (rev 12508)
@@ -1,3 +1,27 @@
+CVE-2009-2710
+ RESERVED
+CVE-2009-2709
+ RESERVED
+CVE-2009-2708
+ RESERVED
+CVE-2009-2707
+ RESERVED
+CVE-2009-2706
+ RESERVED
+CVE-2008-6911 (SQL injection vulnerability in the authenticateUser function in ...)
+ TODO: check
+CVE-2008-6910 (Services 5.x before 5.x-0.92 and 6.x before 6.x-0.13, a module for ...)
+ TODO: check
+CVE-2008-6909 (Services 5.x before 5.x-0.92 and 6.x before 6.x-0.13, a module for ...)
+ TODO: check
+CVE-2008-6908 (Services 5.x before 5.x-0.92 and 6.x before 6.x-0.13, a module for ...)
+ TODO: check
+CVE-2008-6907 (Multiple SQL injection vulnerabilities in checkuser.php in 2532designs ...)
+ TODO: check
+CVE-2008-6906 (Cross-site scripting (XSS) vulnerability in index.php in BabbleBoard ...)
+ TODO: check
+CVE-2008-6905 (Cross-site request forgery (CSRF) vulnerability in index.php in ...)
+ TODO: check
CVE-2009-2705
RESERVED
CVE-2009-2704
@@ -94,6 +118,7 @@
TODO: check
CVE-2009-2666 [fetchmail 0 byte cert injection]
RESERVED
+ {DSA-1852-1}
- fetchmail 6.3.9~rc2-6
CVE-2009-2665 (The nsDocument::SetScriptGlobalObject function in ...)
- xulrunner <not-affected>
@@ -249,8 +274,8 @@
RESERVED
CVE-2009-2626
RESERVED
-CVE-2009-2625
- RESERVED
+CVE-2009-2625 (Apache Xerces2 Java, as used in Sun Java Runtime Environment (JRE) in ...)
+ TODO: check
CVE-2009-2624
RESERVED
CVE-2009-2623
@@ -815,8 +840,7 @@
RESERVED
CVE-2009-2413
RESERVED
-CVE-2009-2412 [overflow in apr and apr-util]
- RESERVED
+CVE-2009-2412 (Multiple integer overflows in the Apache Portable Runtime (APR) ...)
- apr <unfixed>
- apr-util <unfixed>
CVE-2009-2411
@@ -1408,20 +1432,20 @@
RESERVED
CVE-2009-2195
RESERVED
-CVE-2009-2194
- RESERVED
-CVE-2009-2193
- RESERVED
-CVE-2009-2192
- RESERVED
-CVE-2009-2191
- RESERVED
-CVE-2009-2190
- RESERVED
+CVE-2009-2194 (Apple Mac OS X 10.5 before 10.5.8 does not properly share file ...)
+ TODO: check
+CVE-2009-2193 (Buffer overflow in the kernel in Apple Mac OS X 10.5 before 10.5.8 ...)
+ TODO: check
+CVE-2009-2192 (MobileMe in Apple Mac OS X 10.5 before 10.5.8 does not properly delete ...)
+ TODO: check
+CVE-2009-2191 (Format string vulnerability in Login Window in Apple Mac OS X 10.4.11 ...)
+ TODO: check
+CVE-2009-2190 (launchd in Apple Mac OS X 10.5 before 10.5.8 allows remote attackers ...)
+ TODO: check
CVE-2009-2189
RESERVED
-CVE-2009-2188
- RESERVED
+CVE-2009-2188 (Buffer overflow in ImageIO in Apple Mac OS X 10.5 before 10.5.8 allows ...)
+ TODO: check
CVE-2009-2187 (Multiple memory leaks in the (1) IP and (2) IPv6 multicast ...)
NOT-FOR-US: Sun Solaris
CVE-2009-2186 (Unspecified vulnerability in Adobe Shockwave Player before 11.0.0.465 ...)
@@ -2567,12 +2591,12 @@
NOT-FOR-US: NetDecision TFTP Server
CVE-2009-1729 (Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System ...)
NOT-FOR-US: Sun Java System Communications Express
-CVE-2009-1728
- RESERVED
-CVE-2009-1727
- RESERVED
-CVE-2009-1726
- RESERVED
+CVE-2009-1728 (Stack-based buffer overflow in Image RAW in Apple Mac OS X 10.5 before ...)
+ TODO: check
+CVE-2009-1727 (Incomplete blacklist vulnerability in CoreTypes in Apple Mac OS X 10.5 ...)
+ TODO: check
+CVE-2009-1726 (Heap-based buffer overflow in ColorSync in Apple Mac OS X 10.4.11 and ...)
+ TODO: check
CVE-2009-1725 (WebKit in Apple Safari before 4.0.2 does not properly handle numeric ...)
- webkit <unfixed> (medium; bug #538346)
- qt4-x11 <unfixed> (medium; bug #538347)
@@ -2585,9 +2609,9 @@
- webkit <unfixed> (low; bug #538402)
NOTE: http://www.thespanner.co.uk/2009/06/19/minor-safari-cross-domain-bug/
TODO: check
-CVE-2009-1723
- RESERVED
-CVE-2009-1722 (Buffer overflow in the compression implementation in OpenEXR 1.2.2 ...)
+CVE-2009-1723 (CFNetwork in Apple Mac OS X 10.5 before 10.5.8 places an incorrect URL ...)
+ TODO: check
+CVE-2009-1722 (Heap-based buffer overflow in the compression implementation in ...)
{DSA-1842-1}
- openexr <unfixed>
CVE-2009-1721 (The decompression implementation in the Imf::hufUncompress function in ...)
@@ -8541,8 +8565,8 @@
- icu 4.0.1-1 (low; bug #534590)
CVE-2009-0152 (iChat in Apple Mac OS X 10.5 before 10.5.7 disables SSL for AOL ...)
NOT-FOR-US: iChat in Apple Mac OS X
-CVE-2009-0151
- RESERVED
+CVE-2009-0151 (The screen saver in Dock in Apple Mac OS X 10.5 before 10.5.8 does not ...)
+ TODO: check
CVE-2009-0150 (Stack-based buffer overflow in Apple Mac OS X 10.5 before 10.5.7 ...)
NOT-FOR-US: Apple Mac OS X
CVE-2009-0149 (Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 allows local users to ...)
More information about the Secure-testing-commits
mailing list