[Secure-testing-commits] r12342 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Tue Jul 14 21:14:23 UTC 2009
Author: joeyh
Date: 2009-07-14 21:14:22 +0000 (Tue, 14 Jul 2009)
New Revision: 12342
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-07-14 19:41:43 UTC (rev 12341)
+++ data/CVE/list 2009-07-14 21:14:22 UTC (rev 12342)
@@ -1,3 +1,61 @@
+CVE-2009-2450 (The OAmon.sys kernel driver 3.1.0.0 and earlier in Tall Emu Online ...)
+ TODO: check
+CVE-2009-2449 (Directory traversal vulnerability in ...)
+ TODO: check
+CVE-2009-2448 (Cross-site scripting (XSS) vulnerability in ogp_show.php in Online ...)
+ TODO: check
+CVE-2009-2447 (Multiple cross-site scripting (XSS) vulnerabilities in ogp_show.php in ...)
+ TODO: check
+CVE-2009-2446 (Multiple format string vulnerabilities in the dispatch_command ...)
+ TODO: check
+CVE-2009-2445 (Sun Java System Web Server (aka Sun ONE Web Server) 6.1, 6.1 SP10, 6.1 ...)
+ TODO: check
+CVE-2009-2444 (Directory traversal vulnerability in maillinglist/setup/step1.php.inc ...)
+ TODO: check
+CVE-2009-2443 (Siteframe 3.2.3, and other 3.2.x versions, allows remote attackers to ...)
+ TODO: check
+CVE-2009-2442 (Cross-site scripting (XSS) vulnerability in public/index.php in ...)
+ TODO: check
+CVE-2009-2441 (Cross-site scripting (XSS) vulnerability in ogp_show.php in Online ...)
+ TODO: check
+CVE-2009-2440 (Cross-site scripting (XSS) vulnerability in index.php in JNM Guestbook ...)
+ TODO: check
+CVE-2009-2439 (Multiple SQL injection vulnerabilities in Web Development House ...)
+ TODO: check
+CVE-2009-2438 (Cross-site scripting (XSS) vulnerability in index.php in the search ...)
+ TODO: check
+CVE-2009-2437 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+ TODO: check
+CVE-2009-2436 (SQL injection vulnerability in page.php in Online Dating Software ...)
+ TODO: check
+CVE-2009-2435 (The Sametime server in IBM Lotus Instant Messaging and Web ...)
+ TODO: check
+CVE-2009-2434 (Buffer overflow in the syscall implementation in IBM AIX 5.3 allows ...)
+ TODO: check
+CVE-2009-2433 (Stack-based buffer overflow in the AddFavorite method in Microsoft ...)
+ TODO: check
+CVE-2009-2432 (WordPress and WordPress MU before 2.8.1 allow remote attackers to ...)
+ TODO: check
+CVE-2009-2431 (WordPress 2.7.1 places the username of a post's author in an HTML ...)
+ TODO: check
+CVE-2009-2430 (Unspecified vulnerability in auditconfig in Sun Solaris 8, 9, 10, and ...)
+ TODO: check
+CVE-2009-2429 (SmartFilter Web Gateway Security 4.2.1.00 stores user credentials in ...)
+ TODO: check
+CVE-2009-2428 (Multiple SQL injection vulnerabilities in Tausch Ticket Script 3 allow ...)
+ TODO: check
+CVE-2009-2427 (SQL injection vulnerability in co-profile.php in Jobbr 2.2.7 allows ...)
+ TODO: check
+CVE-2009-2426 (The connection_edge_process_relay_cell_not_open function in ...)
+ TODO: check
+CVE-2009-2425 (Tor before 0.2.0.35 allows remote attackers to cause a denial of ...)
+ TODO: check
+CVE-2009-2424 (Cross-site scripting (XSS) vulnerability in search.php in Ebay Clone ...)
+ TODO: check
+CVE-2009-2423 (SQL injection vulnerability in category.php in Ebay Clone 2009 allows ...)
+ TODO: check
+CVE-2009-2422 (The example code for the digest authentication functionality ...)
+ TODO: check
CVE-2009-XXXX [mysql: post-authentication format string vulnerability]
- mysql-dfsg-5.0 <unfixed> (low; bug #536726)
TODO: check lenny/sid; they are likely fixed according to the report, but i did not check
@@ -73,8 +131,8 @@
NOT-FOR-US: Opial
CVE-2009-2387 (Unspecified vulnerability in the proc filesystem in Sun OpenSolaris ...)
NOT-FOR-US: Sun OpenSolaris
-CVE-2009-2386
- RESERVED
+CVE-2009-2386 (Insecure method vulnerability in Awingsoft Awakening Winds3D Viewer ...)
+ TODO: check
CVE-2009-2369 (Integer overflow in the wxImage::Create function in ...)
TODO: check
CVE-2009-2360 (Cross-site scripting (XSS) vulnerability in passwd/main.php in the ...)
@@ -179,16 +237,13 @@
NOT-FOR-US: phpGreetCards
CVE-2008-6848 (Cross-site scripting (XSS) vulnerability in index.php in phpGreetCards ...)
NOT-FOR-US: phpGreetCards
-CVE-2009-2336 [wordpress: CORE-2009-0515 multiple issues]
- RESERVED
+CVE-2009-2336 (The forgotten mail interface in WordPress and WordPress MU before ...)
- wordpress <unfixed> (low; bug #536724)
NOTE: fixed in upstream 2.8.1, which is not yet in unstable
-CVE-2009-2335 [wordpress: CORE-2009-0515 multiple issues]
- RESERVED
+CVE-2009-2335 (WordPress and WordPress MU before 2.8.1 exhibit different behavior for ...)
- wordpress <unfixed> (low; bug #536724)
NOTE: fixed in upstream 2.8.1, which is not yet in unstable
-CVE-2009-2334 [wordpress: CORE-2009-0515 multiple issues]
- RESERVED
+CVE-2009-2334 (wp-admin/admin.php in WordPress and WordPress MU before 2.8.1 does not ...)
- wordpress <unfixed> (low; bug #536724)
NOTE: fixed in upstream 2.8.1, which is not yet in unstable
CVE-2009-2333 (Multiple directory traversal vulnerabilities in CMS Chainuk 1.2 and ...)
@@ -1315,11 +1370,11 @@
RESERVED
CVE-2009-1892
RESERVED
+ {DSA-1833-1}
- dhcp3 <unfixed> (low)
[etch] - dhcp3 <not-affected> (problematic assert is not present)
[lenny] - dhcp3 3.1.1-6+lenny2 (low)
-CVE-2009-1891 [apache2 mod_deflate DoS]
- RESERVED
+CVE-2009-1891 (The mod_deflate module in Apache httpd 2.2.11 and earlier compresses ...)
- apache2 2.2.11-7 (medium; bug #534712)
CVE-2009-1890 (The stream_reqbody_cl function in mod_proxy_http.c in the mod_proxy ...)
- apache2 2.2.11-7 (medium; bug #536718)
@@ -5553,6 +5608,7 @@
RESERVED
CVE-2009-0692
RESERVED
+ {DSA-1833-1}
- dhcp3 <unfixed> (medium)
[etch] - dhcp3 3.0.4-13+etch2 (medium)
[lenny] - dhcp3 3.1.1-6+lenny2 (medium)
More information about the Secure-testing-commits
mailing list