[Secure-testing-commits] r12370 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Fri Jul 17 21:14:35 UTC 2009
Author: joeyh
Date: 2009-07-17 21:14:34 +0000 (Fri, 17 Jul 2009)
New Revision: 12370
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-07-17 20:52:10 UTC (rev 12369)
+++ data/CVE/list 2009-07-17 21:14:34 UTC (rev 12370)
@@ -1,24 +1,62 @@
-CVE-2009-2491
+CVE-2009-2484 (Stack-based buffer overflow in the Win32AddConnection function in ...)
+ TODO: check
+CVE-2009-2479 (Stack-based buffer overflow in Mozilla Firefox 3.5 allows remote ...)
+ TODO: check
+CVE-2009-2478 (Mozilla Firefox 3.5 allows remote attackers to cause a denial of ...)
+ TODO: check
+CVE-2009-2477 (js/src/jstracer.cpp in the Just-in-time (JIT) JavaScript compiler (aka ...)
+ TODO: check
+CVE-2009-2476
+ RESERVED
+CVE-2009-2475
+ RESERVED
+CVE-2009-2474
+ RESERVED
+CVE-2009-2473
+ RESERVED
+CVE-2009-2472
+ RESERVED
+CVE-2009-2471
+ RESERVED
+CVE-2009-2470
+ RESERVED
+CVE-2009-2469
+ RESERVED
+CVE-2009-2468
+ RESERVED
+CVE-2009-2467
+ RESERVED
+CVE-2009-2466
+ RESERVED
+CVE-2009-2465
+ RESERVED
+CVE-2009-2464
+ RESERVED
+CVE-2009-2463
+ RESERVED
+CVE-2009-2462
+ RESERVED
+CVE-2009-2491 (The utaudiod daemon in Sun Ray Server Software (SRSS) 4.0, when ...)
NOT-FOR-US: Sun Ray Server Software
-CVE-2009-2490
+CVE-2009-2490 (Unspecified vulnerability in the utaudiod daemon in Sun Ray Server ...)
NOT-FOR-US: Sun Ray Server Software
-CVE-2009-2489
+CVE-2009-2489 (Unspecified vulnerability in the utdmsession program in Sun Ray Server ...)
NOT-FOR-US: Sun Ray Server Software
-CVE-2009-2488
+CVE-2009-2488 (Unspecified vulnerability in the NFSv4 module in the kernel in Sun ...)
NOT-FOR-US: Sun Solaris
-CVE-2009-2487
+CVE-2009-2487 (Use-after-free vulnerability in the frpr_icmp function in the ipfilter ...)
NOT-FOR-US: Sun Solaris
-CVE-2009-2486
+CVE-2009-2486 (Unspecified vulnerability in the SCTP implementation in Sun Solaris ...)
NOT-FOR-US: Sun Solaris
-CVE-2009-2485
+CVE-2009-2485 (Stack-based buffer overflow in HT-MP3Player 1.0 allows remote ...)
NOT-FOR-US: HT-MP3Player
-CVE-2009-2483
+CVE-2009-2483 (libprop/prop_object.c in proplib in NetBSD 4.0 and 4.0.1 allows local ...)
NOT-FOR-US: NetBSD
-CVE-2009-2482
+CVE-2009-2482 (The pam_unix module in OpenPAM in NetBSD 4.0 before 4.0.2 and 5.0 ...)
NOT-FOR-US: NetBSD OpenPAM
-CVE-2009-2481
+CVE-2009-2481 (mt-wizard.cgi in Six Apart Movable Type before 4.261 when global ...)
NOT-FOR-US: Six Apart Movable Type
-CVE-2009-2480
+CVE-2009-2480 (Cross-site scripting (XSS) vulnerability in mt-wizard.cgi in Six Apart ...)
NOT-FOR-US: Six Apart Movable Type
CVE-2009-2461 (mathtex.cgi in mathTeX, when downloaded before 20090713, does not ...)
- mathtex <unfixed> (low; bug #537253)
@@ -652,7 +690,7 @@
NOT-FOR-US: Kasseler CMS
CVE-2009-2228 (Cross-site scripting (XSS) vulnerability in engine.php in Kasseler CMS ...)
NOT-FOR-US: Kasseler CMS
-CVE-2009-2227 (Stack-based buffer overflow in Bopup Communication Server 3.2.26.5460 ...)
+CVE-2009-2227 (Stack-based buffer overflow in B Labs Bopup Communication Server ...)
NOT-FOR-US: Bopup Communication Server
CVE-2009-2226 (Cross-site scripting (XSS) vulnerability in Let's PHP! Tree BBS ...)
NOT-FOR-US: Let's PHP! Tree BBS
@@ -1058,11 +1096,9 @@
RESERVED
CVE-2009-2049
RESERVED
-CVE-2009-2048
- RESERVED
+CVE-2009-2048 (Cross-site scripting (XSS) vulnerability in the Administration ...)
NOT-FOR-US: Cisco
-CVE-2009-2047
- RESERVED
+CVE-2009-2047 (Directory traversal vulnerability in the Administration interface in ...)
NOT-FOR-US: Cisco
CVE-2009-2046 (The embedded web server on the Cisco Video Surveillance 2500 Series IP ...)
NOT-FOR-US: Cisco
@@ -1444,8 +1480,7 @@
NOTE: http://seclists.org/fulldisclosure/2009/Jul/0241.html
CVE-2009-1896
RESERVED
-CVE-2009-1895 [linux-2.6: potential vulnerabilites in the personality subsystem]
- RESERVED
+CVE-2009-1895 (The personality subsystem in the Linux kernel before 2.6.31-rc3 has a ...)
- linux-2.6 2.6.30-3 (low)
- linux-2.6.24 <removed>
CVE-2009-1894
@@ -1462,7 +1497,6 @@
{DSA-1834-1}
- apache2 2.2.11-7 (medium; bug #534712)
CVE-2009-1890 (The stream_reqbody_cl function in mod_proxy_http.c in the mod_proxy ...)
- {DSA-1834-1}
- apache2 2.2.11-7 (medium; bug #536718)
[etch] - apache2 <not-affected> (bug introduced in 2.2.5)
[lenny] - apache2-mpm-itk 2.2.6-02-1+lenny2
@@ -2409,18 +2443,15 @@
RESERVED
CVE-2009-1543
RESERVED
-CVE-2009-1542
- RESERVED
+CVE-2009-1542 (The Virtual Machine Monitor (VMM) in Microsoft Virtual PC 2004 SP1, ...)
NOT-FOR-US: Microsoft
CVE-2009-1541
RESERVED
CVE-2009-1540
RESERVED
-CVE-2009-1539
- RESERVED
+CVE-2009-1539 (The QuickTime Movie Parser Filter in quartz.dll in DirectShow in ...)
NOT-FOR-US: Microsoft DirectX
-CVE-2009-1538
- RESERVED
+CVE-2009-1538 (The QuickTime Movie Parser Filter in quartz.dll in DirectShow in ...)
NOT-FOR-US: Microsoft DirectX
CVE-2009-1537 (Unspecified vulnerability in the QuickTime Movie Parser Filter in ...)
NOT-FOR-US: Microsoft DirectX
@@ -4017,11 +4048,9 @@
NOT-FOR-US: Microsoft
CVE-2009-1137 (Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3 allows ...)
NOT-FOR-US: Microsoft
-CVE-2009-1136
- RESERVED
+CVE-2009-1136 (The Microsoft Office Web Components Spreadsheet ActiveX control (aka ...)
NOT-FOR-US: ActiveX
-CVE-2009-1135
- RESERVED
+CVE-2009-1135 (Microsoft Internet Security and Acceleration (ISA) Server 2006 Gold ...)
NOT-FOR-US: Microsoft Internet Security and Acceleration (ISA) Server
CVE-2009-1134 (Excel in 2007 Microsoft Office System SP1 and SP2; Microsoft Office ...)
NOT-FOR-US: Microsoft
@@ -5654,7 +5683,7 @@
NOT-FOR-US: HP StorageWorks Storage Mirroring
CVE-2009-0715 (Unspecified vulnerability in Secure NaviCLI in HP Storage Essentials ...)
NOT-FOR-US: HP Storage Essentials
-CVE-2009-0714 (Unspecified vulnerability in HP Data Protector Express and Express SSE ...)
+CVE-2009-0714 (Unspecified vulnerability in the dpwinsup module (dpwinsup.dll) for ...)
NOT-FOR-US: HP Data Protector Express
CVE-2009-0713 (Unspecified vulnerability in WMI Mapper for HP Systems Insight Manager ...)
NOT-FOR-US: WMI Mapper
@@ -6330,8 +6359,7 @@
NOT-FOR-US: Microsoft
CVE-2009-0567
RESERVED
-CVE-2009-0566
- RESERVED
+CVE-2009-0566 (Microsoft Office Publisher 2007 SP1 does not properly calculate object ...)
NOT-FOR-US: Microsoft Office Publisher
CVE-2009-0565 (Buffer overflow in Microsoft Office Word 2000 SP3, 2002 SP3, and 2007 ...)
NOT-FOR-US: Microsoft
@@ -7629,11 +7657,9 @@
NOT-FOR-US: Microsoft Windows
CVE-2009-0233 (The DNS Resolver Cache Service (aka DNSCache) in Windows DNS Server in ...)
NOT-FOR-US: Microsoft Windows
-CVE-2009-0232
- RESERVED
+CVE-2009-0232 (Integer overflow in the Embedded OpenType (EOT) Font Engine in ...)
NOT-FOR-US: Microsoft Windows
-CVE-2009-0231
- RESERVED
+CVE-2009-0231 (Heap-based buffer overflow in the Embedded OpenType (EOT) Font Engine ...)
NOT-FOR-US: Microsoft Windows
CVE-2009-0230 (The Windows Print Spooler in Microsoft Windows 2000 SP4, XP SP2 and ...)
NOT-FOR-US: Microsoft
@@ -23174,7 +23200,7 @@
- iceweasel 3.0
- iceape 1.1.12-1
- icedove 2.0.0.17-1
-CVE-2008-0015 (Stack-based buffer overflow in MPEG2TuneRequest in the Microsoft Video ...)
+CVE-2008-0015 (Stack-based buffer overflow in the MPEG2TuneRequest ActiveX control in ...)
NOT-FOR-US: Microsoft
CVE-2008-0014 (Heap-based buffer overflow in an unspecified procedure in Trend Micro ...)
NOT-FOR-US: Trend Micro
More information about the Secure-testing-commits
mailing list