[Secure-testing-commits] r11001 - data/CVE

Tue Jan 20 21:14:16 UTC 2009

Author: joeyh
Date: 2009-01-20 21:14:15 +0000 (Tue, 20 Jan 2009)
New Revision: 11001

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2009-01-20 18:24:03 UTC (rev 11000)
+++ data/CVE/list	2009-01-20 21:14:15 UTC (rev 11001)
@@ -1,7 +1,89 @@
-CVE-2009-0135 [amarok: integer overflows in aa file processing]
+CVE-2009-0173 (Unspecified vulnerability in the server in IBM DB2 9.1 before FP6a and ...)
+	TODO: check
+CVE-2009-0172 (Unspecified vulnerability in IBM DB2 9.1 before FP6a and 9.5 before ...)
+	TODO: check
+CVE-2009-0171 (The Sun SPARC Enterprise M4000 and M5000 Server, within a certain ...)
+	TODO: check
+CVE-2009-0170 (Sun Java System Access Manager 6.3 2005Q1, 7 2005Q4, and 7.1 allows ...)
+	TODO: check
+CVE-2009-0169 (Sun Java System Access Manager 7.1 allows remote authenticated ...)
+	TODO: check
+CVE-2009-0168 (Unspecified vulnerability in ppdmgr in Sun Solaris 10 and OpenSolaris ...)
+	TODO: check
+CVE-2009-0167 (Unspecified vulnerability in lpadmin in Sun Solaris 10 and OpenSolaris ...)
+	TODO: check
+CVE-2009-0166
+	RESERVED
+CVE-2009-0165
+	RESERVED
+CVE-2009-0164
+	RESERVED
+CVE-2009-0163
+	RESERVED
+CVE-2009-0162
+	RESERVED
+CVE-2009-0161
+	RESERVED
+CVE-2009-0160
+	RESERVED
+CVE-2009-0159
+	RESERVED
+CVE-2009-0158
+	RESERVED
+CVE-2009-0157
+	RESERVED
+CVE-2009-0156
+	RESERVED
+CVE-2009-0155
+	RESERVED
+CVE-2009-0154
+	RESERVED
+CVE-2009-0153
+	RESERVED
+CVE-2009-0152
+	RESERVED
+CVE-2009-0151
+	RESERVED
+CVE-2009-0150
+	RESERVED
+CVE-2009-0149
+	RESERVED
+CVE-2009-0148
+	RESERVED
+CVE-2009-0147
+	RESERVED
+CVE-2009-0146
+	RESERVED
+CVE-2009-0145
+	RESERVED
+CVE-2009-0144
+	RESERVED
+CVE-2009-0143
+	RESERVED
+CVE-2009-0142
+	RESERVED
+CVE-2009-0141
+	RESERVED
+CVE-2009-0140
+	RESERVED
+CVE-2009-0139
+	RESERVED
+CVE-2009-0138
+	RESERVED
+CVE-2009-0137
+	RESERVED
+CVE-2009-0134 (Insecure method vulnerability in the EasyGrid.SGCtrl.32 ActiveX ...)
+	TODO: check
+CVE-2008-5910 (Unspecified vulnerability in txzonemgr in Sun OpenSolaris has unknown ...)
+	TODO: check
+CVE-2008-5909 (Unspecified vulnerability in conv_lpd in Sun OpenSolaris has unknown ...)
+	TODO: check
+CVE-2008-5908 (Unspecified vulnerability in the root/boot archive tool in Sun ...)
+	TODO: check
+CVE-2009-0135 (Multiple integer overflows in the Audible::Tag::readTag function in ...)
 	{DSA-1706-1}
 	- amarok 1.4.10-2 (medium)
-CVE-2009-0136 [amarok: index error leading to memory corruption]
+CVE-2009-0136 (Multiple array index errors in the Audible::Tag::readTag function in ...)
 	{DSA-1706-1}
 	- amarok 1.4.10-2 (medium)
 CVE-2009-0133 (Buffer overflow in Microsoft HTML Help Workshop 4.74 and earlier ...)
@@ -259,14 +341,14 @@
 	RESERVED
 CVE-2009-0057
 	RESERVED
-CVE-2009-0056
-	RESERVED
-CVE-2009-0055
-	RESERVED
-CVE-2009-0054
-	RESERVED
-CVE-2009-0053
-	RESERVED
+CVE-2009-0056 (Cross-site request forgery (CSRF) vulnerability in the administration ...)
+	TODO: check
+CVE-2009-0055 (Cross-site request forgery (CSRF) vulnerability in the administration ...)
+	TODO: check
+CVE-2009-0054 (PXE Encryption in Cisco IronPort Encryption Appliance 6.2.4 before ...)
+	TODO: check
+CVE-2009-0053 (PXE Encryption in Cisco IronPort Encryption Appliance 6.2.4 before ...)
+	TODO: check
 CVE-2009-0052
 	RESERVED
 CVE-2009-0051 (ZXID 0.29 and earlier does not properly check the return value from ...)
@@ -2440,10 +2522,11 @@
 CVE-2008-5020
 	RESERVED
 CVE-2008-5019 (The session restore feature in Mozilla Firefox 3.x before 3.0.4 and ...)
+	{DSA-1671-1}
 	- iceweasel 3.0.4-1
 	- xulrunner 1.9.0.4-1
 CVE-2008-5018 (The JavaScript engine in Mozilla Firefox 3.x before 3.0.4, Firefox 2.x ...)
-	{DSA-1696-1 DSA-1671-1 DSA-1669-1}
+	{DSA-1697-1 DSA-1696-1 DSA-1671-1 DSA-1669-1}
 	- iceweasel 3.0.4-1
 	- xulrunner 1.9.0.4-1
 	- icedove 2.0.0.19-1
@@ -3005,8 +3088,8 @@
 	NOT-FOR-US: QuestCMS
 CVE-2008-4771 (Stack-based buffer overflow in VATDecoder.VatCtrl.1 ActiveX control in ...)
 	NOT-FOR-US: ActiveX
-CVE-2008-4770
-	RESERVED
+CVE-2008-4770 (The CMsgReader::readRect function in the VNC Viewer component in ...)
+	TODO: check
 CVE-2008-4776 (libgadu before 1.8.2 allows remote servers to cause a denial of ...)
 	{DSA-1664-1}
 	- libgadu 1:1.8.0+r592-3 (low; bug #503916)
@@ -3737,8 +3820,8 @@
 	- linux-2.6 2.6.26-5
 	- linux-2.6.24 2.6.24-6~etchnhalf.6
 	[etch] - linux-2.6 <not-affected> (vulnerable code not present)
-CVE-2008-4444
-	RESERVED
+CVE-2008-4444 (Cisco Unified IP Phone (aka SIP phone) 7960G and 7940G with firmware ...)
+	TODO: check
 CVE-2008-4443
 	RESERVED
 CVE-2008-4442
@@ -5306,14 +5389,14 @@
 	- horde3 3.2.2+debian0-1 (low; bug #499579)
 CVE-2008-3822
 	RESERVED
-CVE-2008-3821
-	RESERVED
+CVE-2008-3821 (Multiple cross-site scripting (XSS) vulnerabilities in the HTTP server ...)
+	TODO: check
 CVE-2008-3820
 	RESERVED
 CVE-2008-3819 (dnsserver in Cisco Application Control Engine Global Site Selector ...)
 	NOT-FOR-US: Cisco Application Control Engine Global Site Selector (GSS)
-CVE-2008-3818
-	RESERVED
+CVE-2008-3818 (Cisco ONS 15310-CL, 15310-MA, 15327, 15454, 15454 SDH, and 15600 with ...)
+	TODO: check
 CVE-2008-3817 (Memory leak in Cisco Adaptive Security Appliances (ASA) 5500 Series ...)
 	NOT-FOR-US: Cisco
 CVE-2008-3816 (Unspecified vulnerability in Cisco Adaptive Security Appliances (ASA) ...)
@@ -13419,7 +13502,7 @@
 CVE-2008-0421 (SQL injection vulnerability in Invision Gallery 2.0.7 and earlier ...)
 	NOT-FOR-US: Invision Gallery
 CVE-2008-0420 (modules/libpr0n/decoders/bmp/nsBMPDecoder.cpp in Mozilla Firefox ...)
-	{DSA-1484-1}
+	{DSA-1534-1 DSA-1484-1}
 	- iceape 1.1.8-1
 	- iceweasel 2.0.0.12-1
 	- xulrunner 1.8.1.12-1
@@ -14580,6 +14663,7 @@
 CVE-2007-6590
 	REJECTED
 CVE-2007-6589 (The jar protocol handler in Mozilla Firefox before 2.0.0.10 and ...)
+	{DSA-1534-1}
 	- iceape 1.1.7-1 (medium)
 	- iceweasel 2.0.0.10-1 (medium)	
 CVE-2007-6588 (Cross-site scripting (XSS) vulnerability in PHCDownload 1.10 allows ...)


