[Secure-testing-commits] r12084 - data/CVE
Nico Golde
nion at alioth.debian.org
Tue Jun 9 13:20:22 UTC 2009
Author: nion
Date: 2009-06-09 13:20:22 +0000 (Tue, 09 Jun 2009)
New Revision: 12084
Modified:
data/CVE/list
Log:
- NFUs
- new irssi issue (CVE-2009-1959), more or less not an issue
- CVE-2009-19{55,56} fixed in apr-util 1.3.7+dfsg-1
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-06-08 22:39:05 UTC (rev 12083)
+++ data/CVE/list 2009-06-09 13:20:22 UTC (rev 12084)
@@ -1,55 +1,57 @@
CVE-2009-1961 (The inode double locking code in fs/ocfs2/file.c in the Linux kernel ...)
TODO: check
CVE-2009-1959 (Off-by-one error in the event_wallops function in ...)
- TODO: check
+ - irssi <unfixed> (low)
+ TODO: report bug
+ NOTE: exploitability limited, DoS rather obscure attack scenario
CVE-2009-1956 (Off-by-one error in the apr_brigade_vprintf function in Apache ...)
- TODO: check
+ - apr-util 1.3.7+dfsg-1 (low)
CVE-2009-1955 (The expat XML parser in the apr_xml_* interface in xml/apr_xml.c in ...)
- TODO: check
+ - apr-util 1.3.7+dfsg-1 (medium)
CVE-2009-1954 (Unspecified vulnerability in portmapper (aka portmap) in IBM AIX 5.3 ...)
- TODO: check
+ NOT-FOR-US: IBM AIX
CVE-2009-1953 (IBM FileNet Content Manager 4.0, 4.0.1, and 4.5, as used in IBM ...)
- TODO: check
+ NOT-FOR-US: IBM FileNet Content Manager
CVE-2009-1952 (Multiple SQL injection vulnerabilities in the administrative login ...)
- TODO: check
+ NOT-FOR-US: PropertyMax
CVE-2009-1951 (Cross-site scripting (XSS) vulnerability in index.php in PropertyMax ...)
- TODO: check
+ NOT-FOR-US: PropertyMax
CVE-2009-1950 (SQL injection vulnerability in yorum.asp in WebEyes Guest Book 3 ...)
- TODO: check
+ NOT-FOR-US: WebEyes Guest Book
CVE-2009-1949 (import_wbb1.php in Unclassified NewsBoard (UNB) 1.6.4 allows remote ...)
- TODO: check
+ NOT-FOR-US: Unclassified NewsBoard
CVE-2009-1948 (Multiple directory traversal vulnerabilities in forum.php in ...)
- TODO: check
+ NOT-FOR-US: Unclassified NewsBoard
CVE-2009-1947 (SQL injection vulnerability in the UnbDbEncode function in ...)
- TODO: check
+ NOT-FOR-US: Unclassified NewsBoard
CVE-2009-1946 (PHP remote file inclusion vulnerability in latestposts.php in AdaptBB ...)
- TODO: check
+ NOT-FOR-US: AdaptBB
CVE-2009-1945 (SQL injection vulnerability in webCal3_detail.asp in WebCal 3.04 ...)
- TODO: check
+ NOT-FOR-US: cWebCal
CVE-2009-1944 (Stack-based buffer overflow in AIMP 2.51 build 330 allows remote ...)
- TODO: check
+ NOT-FOR-US: AIMP
CVE-2009-1943 (Stack-based buffer overflow in the IKE service (ireIke.exe) in SafeNet ...)
- TODO: check
+ NOT-FOR-US: SafeNet SoftRemote
CVE-2009-1942 (Cross-site scripting (XSS) vulnerability in the Quiz module 5.x, ...)
- TODO: check
+ NOT-FOR-US: Quiz module for Drupal
CVE-2009-1941 (PAD Site Scripts 3.6 stores sensitive information under the web ...)
- TODO: check
+ NOT-FOR-US: PAD Site Scripts
CVE-2009-1940 (Cross-site scripting (XSS) vulnerability in the administrator panel in ...)
- TODO: check
+ NOT-FOR-US: Joomla!
CVE-2009-1939 (Cross-site scripting (XSS) vulnerability in the JA_Purity template for ...)
- TODO: check
+ NOT-FOR-US: Joomla!
CVE-2009-1938 (Cross-site scripting (XSS) vulnerability in Joomla! 1.5.x through ...)
- TODO: check
+ NOT-FOR-US: Joomla!
CVE-2009-1937 (Cross-site scripting (XSS) vulnerability in the comment posting ...)
- TODO: check
+ NOT-FOR-US: LightNEasy
CVE-2009-1936 (_functions.php in cpCommerce 1.2.x, possibly including 1.2.9, sends a ...)
- TODO: check
+ NOT-FOR-US: cpCommerce
CVE-2009-1935
RESERVED
CVE-2009-1934 (Cross-site scripting (XSS) vulnerability in the Reverse Proxy Plug-in ...)
- TODO: check
+ NOT-FOR-US: Sun Java System Web Server
CVE-2009-1933 (Kerberos in Sun Solaris 8, 9, and 10, and OpenSolaris before snv_117, ...)
- TODO: check
+ NOT-FOR-US: Solaris
CVE-2008-6825 (Directory traversal vulnerability in user/index.php in Fonality ...)
TODO: check
CVE-2009-XXXX [pgp4pine off-by-one]
@@ -539,7 +541,7 @@
CVE-2009-1718
RESERVED
CVE-2009-1717 (Integer overflow in Terminal in Apple Mac OS X 10.5 before 10.5.7 ...)
- TODO: check
+ NOT-FOR-US: Mac OS X
CVE-2009-1716
RESERVED
CVE-2009-1715
More information about the Secure-testing-commits
mailing list