[Secure-testing-commits] r12453 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Thu Jul 30 21:14:27 UTC 2009
Author: joeyh
Date: 2009-07-30 21:14:27 +0000 (Thu, 30 Jul 2009)
New Revision: 12453
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-07-30 19:11:34 UTC (rev 12452)
+++ data/CVE/list 2009-07-30 21:14:27 UTC (rev 12453)
@@ -1,3 +1,30 @@
+CVE-2009-2651 (main/rtp.c in Asterisk Open Source 1.6.1 before 1.6.1.2 allows remote ...)
+ TODO: check
+CVE-2009-2650 (Heap-based buffer overflow in Sorcerer Software MultiMedia Jukebox 4.0 ...)
+ TODO: check
+CVE-2009-2649 (The IATA (ata) driver in FreeBSD 6.0 and 8.0, when read access to /dev ...)
+ TODO: check
+CVE-2009-2648 (FlashDen Guestbook allows remote attackers to obtain configuration ...)
+ TODO: check
+CVE-2009-2647 (Unspecified vulnerability in Kaspersky Anti-Virus 2010 and Kaspersky ...)
+ TODO: check
+CVE-2009-2646 (Multiple unspecified vulnerabilities in the PDF distiller in the ...)
+ TODO: check
+CVE-2009-2645
+ REJECTED
+ TODO: check
+CVE-2009-2644 (Race condition in the Solaris Auditing subsystem in Sun Solaris 9 and ...)
+ TODO: check
+CVE-2008-6883 (SQL injection vulnerability in the Live Chat (com_livechat) component ...)
+ TODO: check
+CVE-2008-6882 (Live Chat (com_livechat) component 1.0 for Joomla! allows remote ...)
+ TODO: check
+CVE-2008-6881 (Multiple SQL injection vulnerabilities in the Live Chat (com_livechat) ...)
+ TODO: check
+CVE-2008-6880 (SQL injection vulnerability in joke.php in EasySiteNetwork Free Jokes ...)
+ TODO: check
+CVE-2008-6879 (Cross-site scripting (XSS) vulnerability in Apache Roller 2.3, 3.0, ...)
+ TODO: check
CVE-2009-XXXX [python-django directory traversal in test webserver]
- python-django 1.1-1 (low; bug #539134)
[etch] - python-django <no-dsa> (Minor issue)
@@ -46,8 +73,8 @@
RESERVED
CVE-2009-2623
RESERVED
-CVE-2009-2620
- RESERVED
+CVE-2009-2620 (src/remote/server.cpp in fbserver.exe in Firebird SQL 1.5 before ...)
+ TODO: check
CVE-2009-2619 (SQL injection vulnerability in login.asp in DataCheck Solutions ...)
NOT-FOR-US: DataCheck Solutions V-SpacePal
CVE-2009-2618 (SQL injection vulnerability in the Surveys (aka NS-Polls) module in ...)
@@ -342,12 +369,12 @@
RESERVED
CVE-2009-2496
RESERVED
-CVE-2009-2495
- RESERVED
+CVE-2009-2495 (The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 ...)
+ TODO: check
CVE-2009-2494
RESERVED
-CVE-2009-2493
- RESERVED
+CVE-2009-2493 (The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 ...)
+ TODO: check
CVE-2009-2492 (Cross-site scripting (XSS) vulnerability in mt-wizard.cgi in Six Apart ...)
- movabletype-opensource 4.2.6.1-1 (low; bug #537935)
CVE-2009-XXXX [mediawiki: XSS via specialblock]
@@ -599,12 +626,12 @@
RESERVED
CVE-2009-2411
RESERVED
-CVE-2009-2410
- RESERVED
-CVE-2009-2409
- RESERVED
-CVE-2009-2408
- RESERVED
+CVE-2009-2410 (The local_handler_callback function in ...)
+ TODO: check
+CVE-2009-2409 (The NSS library before 3.12.3, as used in Firefox; GnuTLS before 2.6.4 ...)
+ TODO: check
+CVE-2009-2408 (Mozilla Firefox before 3.5 and NSS before 3.12.3 do not properly ...)
+ TODO: check
CVE-2009-2407 [linux-2.6: ecryptfs issue]
RESERVED
{DSA-1845-1 DSA-1844-1}
@@ -1519,8 +1546,8 @@
RESERVED
CVE-2009-2050
RESERVED
-CVE-2009-2049
- RESERVED
+CVE-2009-2049 (Cisco IOS 12.0(32)S12 through 12.0(32)S13 and 12.0(33)S3 through ...)
+ TODO: check
CVE-2009-2048 (Cross-site scripting (XSS) vulnerability in the Administration ...)
NOT-FOR-US: Cisco
CVE-2009-2047 (Directory traversal vulnerability in the Administration interface in ...)
@@ -1837,12 +1864,12 @@
RESERVED
CVE-2009-1920
RESERVED
-CVE-2009-1919
- RESERVED
-CVE-2009-1918
- RESERVED
-CVE-2009-1917
- RESERVED
+CVE-2009-1919 (Microsoft Internet Explorer 5.01 SP4 and 6 SP1; Internet Explorer 6 ...)
+ TODO: check
+CVE-2009-1918 (Microsoft Internet Explorer 5.01 SP4 and 6 SP1; Internet Explorer 6 ...)
+ TODO: check
+CVE-2009-1917 (Microsoft Internet Explorer 6 SP1; Internet Explorer 6 for Windows XP ...)
+ TODO: check
CVE-2009-1916 (dig.php in GScripts.net DNS Tools allows remote attackers to execute ...)
NOT-FOR-US: GScripts.net DNS Tools
CVE-2009-1915 (Stack-based buffer overflow in the URL Search Hook (ICQToolBar.dll) in ...)
@@ -3243,8 +3270,8 @@
NOT-FOR-US: Symantec
CVE-2009-1427
RESERVED
-CVE-2009-1426
- RESERVED
+CVE-2009-1426 (Unspecified vulnerability on HP ProLiant DL and ML 100 Series G5, G5p, ...)
+ TODO: check
CVE-2009-1425 (Unspecified vulnerability in HP ProCurve Threat Management Services zl ...)
NOT-FOR-US: HP ProCurve
CVE-2009-1424 (Unspecified vulnerability in HP ProCurve Threat Management Services zl ...)
@@ -4420,16 +4447,16 @@
{DSA-1756-1}
- xulrunner 1.9.0.8-1
- kompozer 1:0.8~alpha2+dfsg+svn129-1
-CVE-2009-1168
- RESERVED
-CVE-2009-1167
- RESERVED
-CVE-2009-1166
- RESERVED
-CVE-2009-1165
- RESERVED
-CVE-2009-1164
- RESERVED
+CVE-2009-1168 (Cisco IOS 12.0(32)S12 through 12.0(32)S13 and 12.0(33)S3 through ...)
+ TODO: check
+CVE-2009-1167 (Unspecified vulnerability on the Cisco Wireless LAN Controller (WLC) ...)
+ TODO: check
+CVE-2009-1166 (The administrative web interface on the Cisco Wireless LAN Controller ...)
+ TODO: check
+CVE-2009-1165 (Memory leak on the Cisco Wireless LAN Controller (WLC) platform 4.x ...)
+ TODO: check
+CVE-2009-1164 (The administrative web interface on the Cisco Wireless LAN Controller ...)
+ TODO: check
CVE-2009-1163 (Memory leak on the Cisco Physical Access Gateway with software before ...)
NOT-FOR-US: Cisco
CVE-2009-1162 (Cross-site scripting (XSS) vulnerability in the Spam Quarantine login ...)
@@ -5243,8 +5270,8 @@
NOT-FOR-US: WebSphere
CVE-2009-0902
RESERVED
-CVE-2009-0901
- RESERVED
+CVE-2009-0901 (The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 ...)
+ TODO: check
CVE-2009-0900
RESERVED
CVE-2009-0899 (IBM WebSphere Application Server (WAS) 6.1 through 6.1.0.24 and 7.0 ...)
@@ -6161,8 +6188,7 @@
- xine-lib 1.1.16.2-1 (bug #517792; bug #523475; medium)
CVE-2009-0697
RESERVED
-CVE-2009-0696 [bind DoS with dynamic updates]
- RESERVED
+CVE-2009-0696 (The dns_db_findrdataset function in db.c in named in ISC BIND 9.4 ...)
{DSA-1847-1}
- bind9 1:9.6.1.dfsg.P1-1 (bug #538975; high)
NOTE: See also http://www.kb.cert.org/vuls/id/725188
More information about the Secure-testing-commits
mailing list