[Secure-testing-commits] r12346 - data/CVE
Giuseppe Iuculano
derevko-guest at alioth.debian.org
Wed Jul 15 15:12:32 UTC 2009
Author: derevko-guest
Date: 2009-07-15 15:12:30 +0000 (Wed, 15 Jul 2009)
New Revision: 12346
Modified:
data/CVE/list
Log:
- NFUs
- two minor wordpress issues
- two minor tor issues
- mysqld issue got a CVE
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-07-15 04:54:50 UTC (rev 12345)
+++ data/CVE/list 2009-07-15 15:12:30 UTC (rev 12346)
@@ -1,64 +1,62 @@
CVE-2009-XXXX [iceweasel: 0-day remote shellcode injection]
- iceweasel <unfixed> (high; bug #537104)
CVE-2009-2450 (The OAmon.sys kernel driver 3.1.0.0 and earlier in Tall Emu Online ...)
- TODO: check
+ NOT-FOR-US: Tall Emu Online Armor Personal Firewall
CVE-2009-2449 (Directory traversal vulnerability in ...)
- TODO: check
+ NOT-FOR-US: ADbNewsSender
CVE-2009-2448 (Cross-site scripting (XSS) vulnerability in ogp_show.php in Online ...)
- TODO: check
+ NOT-FOR-US: Online Guestbook Pro
CVE-2009-2447 (Multiple cross-site scripting (XSS) vulnerabilities in ogp_show.php in ...)
- TODO: check
-CVE-2009-2446 (Multiple format string vulnerabilities in the dispatch_command ...)
- TODO: check
+ NOT-FOR-US: Online Guestbook Pro
CVE-2009-2445 (Sun Java System Web Server (aka Sun ONE Web Server) 6.1, 6.1 SP10, 6.1 ...)
- TODO: check
+ NOT-FOR-US: Sun ONE Web Server
CVE-2009-2444 (Directory traversal vulnerability in maillinglist/setup/step1.php.inc ...)
- TODO: check
+ NOT-FOR-US: ADbNewsSender
CVE-2009-2443 (Siteframe 3.2.3, and other 3.2.x versions, allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: Siteframe
CVE-2009-2442 (Cross-site scripting (XSS) vulnerability in public/index.php in ...)
- TODO: check
+ NOT-FOR-US: Linea21
CVE-2009-2441 (Cross-site scripting (XSS) vulnerability in ogp_show.php in Online ...)
- TODO: check
+ NOT-FOR-US: Online Guestbook Pro
CVE-2009-2440 (Cross-site scripting (XSS) vulnerability in index.php in JNM Guestbook ...)
- TODO: check
+ NOT-FOR-US: JNM Guestbook
CVE-2009-2439 (Multiple SQL injection vulnerabilities in Web Development House ...)
- TODO: check
+ NOT-FOR-US: Web Development House Alibaba
CVE-2009-2438 (Cross-site scripting (XSS) vulnerability in index.php in the search ...)
- TODO: check
+ NOT-FOR-US: ClanSphere
CVE-2009-2437 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
- TODO: check
+ NOT-FOR-US: MyPHPDating
CVE-2009-2436 (SQL injection vulnerability in page.php in Online Dating Software ...)
- TODO: check
+ NOT-FOR-US: MyPHPDating
CVE-2009-2435 (The Sametime server in IBM Lotus Instant Messaging and Web ...)
- TODO: check
+ NOT-FOR-US: IBM Lotus
CVE-2009-2434 (Buffer overflow in the syscall implementation in IBM AIX 5.3 allows ...)
- TODO: check
+ NOT-FOR-US: IBM AIX
CVE-2009-2433 (Stack-based buffer overflow in the AddFavorite method in Microsoft ...)
- TODO: check
+ NOT-FOR-US: Microsoft Internet Explorer
CVE-2009-2432 (WordPress and WordPress MU before 2.8.1 allow remote attackers to ...)
- TODO: check
+ - wordpress <unfixed> (low; bug #537146)
CVE-2009-2431 (WordPress 2.7.1 places the username of a post's author in an HTML ...)
- TODO: check
+ - wordpress <unfixed> (low; bug #537146)
CVE-2009-2430 (Unspecified vulnerability in auditconfig in Sun Solaris 8, 9, 10, and ...)
- TODO: check
+ NOT-FOR-US: Sun Solaris
CVE-2009-2429 (SmartFilter Web Gateway Security 4.2.1.00 stores user credentials in ...)
- TODO: check
+ NOT-FOR-US: SmartFilter Web Gateway Security
CVE-2009-2428 (Multiple SQL injection vulnerabilities in Tausch Ticket Script 3 allow ...)
- TODO: check
+ NOT-FOR-US: Tausch Ticket Script
CVE-2009-2427 (SQL injection vulnerability in co-profile.php in Jobbr 2.2.7 allows ...)
- TODO: check
+ NOT-FOR-US: Jobbr
CVE-2009-2426 (The connection_edge_process_relay_cell_not_open function in ...)
- TODO: check
+ - tor 0.2.0.35-1 (low; bug #537148)
CVE-2009-2425 (Tor before 0.2.0.35 allows remote attackers to cause a denial of ...)
- TODO: check
+ - tor 0.2.0.35-1 (low; bug #537148)
CVE-2009-2424 (Cross-site scripting (XSS) vulnerability in search.php in Ebay Clone ...)
- TODO: check
+ NOT-FOR-US: Ebay Clone 2009
CVE-2009-2423 (SQL injection vulnerability in category.php in Ebay Clone 2009 allows ...)
- TODO: check
+ NOT-FOR-US: Ebay Clone 2009
CVE-2009-2422 (The example code for the digest authentication functionality ...)
TODO: check
-CVE-2009-XXXX [mysql: post-authentication format string vulnerability]
+CVE-2009-2446 (Multiple format string vulnerabilities in the dispatch_command ...)
- mysql-dfsg-5.0 <unfixed> (low; bug #536726)
TODO: check lenny/sid; they are likely fixed according to the report, but i did not check
CVE-2009-XXXX [libio-socket-ssl-perl: partial hostname matching vulnerability]
@@ -134,7 +132,7 @@
CVE-2009-2387 (Unspecified vulnerability in the proc filesystem in Sun OpenSolaris ...)
NOT-FOR-US: Sun OpenSolaris
CVE-2009-2386 (Insecure method vulnerability in Awingsoft Awakening Winds3D Viewer ...)
- TODO: check
+ NOT-FOR-US: Awingsoft Awakening Winds3D Viewer plugin
CVE-2009-2369 (Integer overflow in the wxImage::Create function in ...)
TODO: check
CVE-2009-2360 (Cross-site scripting (XSS) vulnerability in passwd/main.php in the ...)
@@ -619,8 +617,6 @@
- kfreebsd-7 7.2-2
[lenny] - kfreebsd-7 <no-dsa> (KFreebsd not supported)
NOTE: http://security.freebsd.org/advisories/FreeBSD-SA-09:10.ipv6.asc
-CVE-2009-XXXX [Tor: Avoid crashing in the presence of certain malformed descriptors]
- - tor 0.2.0.35-1
CVE-2009-2207
RESERVED
CVE-2009-2206
More information about the Secure-testing-commits
mailing list