[Secure-testing-commits] r13503 - data/CVE

Joey Hess joeyh at alioth.debian.org
Wed Dec 9 21:14:22 UTC 2009 

Author: joeyh
Date: 2009-12-09 21:14:22 +0000 (Wed, 09 Dec 2009)
New Revision: 13503

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-12-09 20:21:15 UTC (rev 13502)
+++ data/CVE/list	2009-12-09 21:14:22 UTC (rev 13503)
@@ -1,8 +1,28 @@
-CVE-2009-4228 [xfig stack-consumption DoS]
+CVE-2009-4236 (The process function in ...)
+	TODO: check
+CVE-2009-4235 (acpid 1.0.4 sets an unrestrictive umask, which might allow local users ...)
+	TODO: check
+CVE-2009-4234 (Cross-site scripting (XSS) vulnerability in ...)
+	TODO: check
+CVE-2009-4233 (Cross-site scripting (XSS) vulnerability in modules/mod_yj_whois.php ...)
+	TODO: check
+CVE-2009-4232 (The Kide Shoutbox (com_kide) component 0.4.6 for Joomla! does not ...)
+	TODO: check
+CVE-2009-4231 (Directory traversal vulnerability in as/lib/plugins.php in SweetRice ...)
+	TODO: check
+CVE-2009-4230 (Multiple stack-based buffer overflows in src/Task.cc in the FastCGI ...)
+	TODO: check
+CVE-2009-4229 (Multiple SQL injection vulnerabilities in ActiveWebSoftwares Active ...)
+	TODO: check
+CVE-2009-4226 (Race condition in the IP module in the kernel in Sun OpenSolaris ...)
+	TODO: check
+CVE-2009-4225 (Stack-based buffer overflow in the PestPatrol ActiveX control ...)
+	TODO: check
+CVE-2009-4228 (Stack consumption vulnerability in u_bound.c in Xfig 3.2.5b and ...)
 	- xfig <unfixed>
 	TODO: check
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=543905
-CVE-2009-4227 [xfig read_1_3_textobject issue]
+CVE-2009-4227 (Stack-based buffer overflow in the read_1_3_textobject function in ...)
 	- xfig 1:3.2.5.b-1 (bug #559274)
 	TODO: check
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=543905
@@ -420,8 +440,8 @@
 	RESERVED
 CVE-2009-4034
 	RESERVED
-CVE-2009-4033
-	RESERVED
+CVE-2009-4033 (A certain Red Hat patch for acpid 1.0.4 effectively triggers a call to ...)
+	TODO: check
 CVE-2009-4031 (The do_insn_fetch function in arch/x86/kvm/emulate.c in the x86 ...)
 	- linux-2.6 <unfixed> (low)
 	[etch] - linux-2.6 <not-affected> (kvm introduced in 2.6.25)
@@ -532,8 +552,7 @@
 	RESERVED
 CVE-2009-3995
 	RESERVED
-CVE-2009-3994 [devil buffer overflow]
-	RESERVED
+CVE-2009-3994 (Stack-based buffer overflow in the GetUID function in ...)
 	- devil 1.7.8-6 (low; bug #560080)
 CVE-2009-3993
 	RESERVED
@@ -918,8 +937,8 @@
 	RESERVED
 CVE-2009-3845
 	RESERVED
-CVE-2009-3844
-	RESERVED
+CVE-2009-3844 (Unspecified vulnerability in HP OpenView Data Protector Application ...)
+	TODO: check
 CVE-2009-3843 (HP Operations Manager 8.10 on Windows contains a &quot;hidden account&quot; in ...)
 	NOT-FOR-US: HP Operations Manager
 CVE-2009-3842 (Unspecified vulnerability on the HP Color LaserJet M3530 Multifunction ...)
@@ -1641,8 +1660,8 @@
 	NOT-FOR-US: eTrust Antivirus
 CVE-2009-3587 (Unspecified vulnerability in the arclib component in the Anti-Virus ...)
 	NOT-FOR-US: eTrust Antivirus
-CVE-2009-3586
-	RESERVED
+CVE-2009-3586 (Off-by-one error in src/http.c in CoreHTTP 0.5.3.1 and earlier allows ...)
+	TODO: check
 CVE-2009-3585 (Session fixation vulnerability in html/Elements/SetupSessionCookie in ...)
 	{DSA-1944-1}
 	- request-tracker3.4 <removed>
@@ -4128,8 +4147,8 @@
 	[etch] - linux-2.6 <not-affected> (vulnerability introduced in 2.6.30)
 	[lenny] - linux-2.6 <not-affected> (vulnerability introduced in 2.6.30)
 	- linux-2.6.24 <not-affected> (vulnerability introduced in 2.6.30)
-CVE-2009-2843
-	RESERVED
+CVE-2009-2843 (Java for Mac OS X 10.5 before Update 6 and 10.6 before Update 1 ...)
+	TODO: check
 CVE-2009-2842 (Apple Safari before 4.0.4 does not properly implement certain (1) Open ...)
 	TODO: check
 CVE-2009-2841 (WebKit in Apple Safari before 4.0.4 on Mac OS X does not perform the ...)
@@ -4434,8 +4453,8 @@
 	RESERVED
 CVE-2009-2750
 	RESERVED
-CVE-2009-2749
-	RESERVED
+CVE-2009-2749 (Feature Pack for Communications Enabled Applications (CEA) before ...)
+	TODO: check
 CVE-2009-2748
 	RESERVED
 CVE-2009-2747
@@ -7908,10 +7927,10 @@
 	RESERVED
 CVE-2009-1570 (Integer overflow in the ReadImage function in ...)
 	- gimp 2.6.7-1.1 (medium; bug #555929)
-CVE-2009-1569
-	RESERVED
-CVE-2009-1568
-	RESERVED
+CVE-2009-1569 (Multiple stack-based buffer overflows in Novell iPrint Client 4.38, ...)
+	TODO: check
+CVE-2009-1568 (Stack-based buffer overflow in ienipp.ocx in Novell iPrint Client ...)
+	TODO: check
 CVE-2009-1567 (Multiple stack-based buffer overflows in the Lateral Arts Photobox ...)
 	TODO: check
 CVE-2009-1566 (Integer overflow in Roxio Easy Media Creator 9.0.136, and Roxio ...)
@@ -8772,8 +8791,7 @@
 	NOT-FOR-US: Perl Nopaste
 CVE-2009-1299
 	RESERVED
-CVE-2009-1298 [linux-2.6: ipv4 denial-of-service]
-	RESERVED
+CVE-2009-1298 (The ip_frag_reasm function in ipv4/ip_fragment.c in Linux kernel ...)
 	{DTSA-204-1}
 	- linux-2.6 2.6.32-1 (low)
 	[etch] - linux-2.6 <not-affected> (introduced in 2.6.29)

More information about the Secure-testing-commits mailing list