[Secure-testing-commits] r13645 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Fri Dec 25 21:14:25 UTC 2009
Author: joeyh
Date: 2009-12-25 21:14:24 +0000 (Fri, 25 Dec 2009)
New Revision: 13645
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-12-24 21:14:20 UTC (rev 13644)
+++ data/CVE/list 2009-12-25 21:14:24 UTC (rev 13645)
@@ -1,9 +1,29 @@
-CVE-2009-4413
- RESERVED
-CVE-2009-4412
- RESERVED
-CVE-2009-4411
- RESERVED
+CVE-2009-4423 (SQL injection vulnerability in index.php in weenCompany 4.0.0 allows ...)
+ TODO: check
+CVE-2009-4422 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
+ TODO: check
+CVE-2009-4421 (Directory traversal vulnerability in languages_cgi.php in Simple PHP ...)
+ TODO: check
+CVE-2009-4420 (Buffer overflow in the bd daemon in F5 Networks BIG-IP Application ...)
+ TODO: check
+CVE-2009-4419 (Intel Q35, GM45, PM45 Express, Q45, and Q43 Express chipsets in the ...)
+ TODO: check
+CVE-2009-4418 (The unserialize function in PHP 5.3.0 and earlier allows ...)
+ TODO: check
+CVE-2009-4417 (The shutdown function in the Zend_Log_Writer_Mail class in Zend ...)
+ TODO: check
+CVE-2009-4416 (Cross-site scripting (XSS) vulnerability in login.php in phpGroupWare ...)
+ TODO: check
+CVE-2009-4415 (Multiple directory traversal vulnerabilities in phpGroupWare ...)
+ TODO: check
+CVE-2009-4414 (SQL injection vulnerability in phpgwapi /inc/class.auth_sql.inc.php in ...)
+ TODO: check
+CVE-2009-4413 (The httpClientDiscardBody function in client.c in Polipo 0.9.8, ...)
+ TODO: check
+CVE-2009-4412 (Unrestricted file upload vulnerability in Serendipity before 1.5 ...)
+ TODO: check
+CVE-2009-4411 (The (1) setfacl and (2) getfacl commands in XFS acl 2.2.47, when ...)
+ TODO: check
CVE-2009-4409 (The (1) CHAP and (2) MS-CHAP-V2 authentication capabilities in the PPP ...)
TODO: check
CVE-2009-4408 (Multiple cross-site scripting (XSS) vulnerabilities in models.parser ...)
@@ -20,8 +40,7 @@
TODO: check
CVE-2009-4402 (The default configuration of SQL-Ledger 2.8.24 allows remote attackers ...)
TODO: check
-CVE-2009-4410 [linux-2.6: fuse dos]
- RESERVED
+CVE-2009-4410 (The fuse_ioctl_copy_user function in the ioctl handler in ...)
- linux-2.6 2.6.32-1 (low)
[etch] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.29)
[lenny] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.29)
@@ -858,8 +877,8 @@
- linux-2.6 <unfixed> (medium)
[etch] - linux-2.6 <not-affected> (ohci introduced in 2.6.22)
- linux-2.6.24 <removed> (medium)
-CVE-2009-4137
- RESERVED
+CVE-2009-4137 (The loadContentFromCookie function in core/Cookie.php in Piwik before ...)
+ TODO: check
CVE-2009-4136 (PostgreSQL 7.4.x before 7.4.27, 8.0.x before 8.0.23, 8.1.x before ...)
- postgresql-7.4 <removed>
- postgresql-8.1 <removed>
@@ -3254,8 +3273,7 @@
NOT-FOR-US: FSphp
CVE-2009-3306 (PHP remote file inclusion vulnerability in include/header.php in ...)
NOT-FOR-US: ClearSite
-CVE-2009-3305 [polipo DoS with corrupt Cache-control header]
- RESERVED
+CVE-2009-3305 (Polipo 1.0.4, and possibly other versions, allows remote attackers to ...)
- polipo 1.0.4-1.1 (bug #547047)
CVE-2009-3304 (GForge 4.5.14, 4.7 rc2, and 4.8.2 allows local users to overwrite ...)
{DSA-1945-1}
More information about the Secure-testing-commits
mailing list