[Secure-testing-commits] r12114 - data/CVE

Joey Hess joeyh at alioth.debian.org
Fri Jun 12 21:14:17 UTC 2009 

Author: joeyh
Date: 2009-06-12 21:14:17 +0000 (Fri, 12 Jun 2009)
New Revision: 12114

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-06-12 15:02:44 UTC (rev 12113)
+++ data/CVE/list	2009-06-12 21:14:17 UTC (rev 12114)
@@ -1,3 +1,11 @@
+CVE-2009-2031 (smbfs in Sun OpenSolaris snv_84 through snv_110, when default mount ...)
+	TODO: check
+CVE-2009-2030 (Unspecified vulnerability in the XML Digital Signature verification ...)
+	TODO: check
+CVE-2009-2029 (Unspecified vulnerability in rpc.nisd in Sun Solaris 8 through 10, and ...)
+	TODO: check
+CVE-2009-2028 (Multiple unspecified vulnerabilities in Adobe Reader 7 and Acrobat 7 ...)
+	TODO: check
 CVE-2009-XXXX [freebsd Missing permission check on SIOCSIFINFO_IN6 ioctl]
 	- kfreebsd-6 <removed>
 	[lenny] - kfreebsd-6 <no-dsa> (KFreebsd not supported)
@@ -294,8 +302,8 @@
 	NOT-FOR-US: IBM DB2
 CVE-2009-1905 (The Common Code Infrastructure component in IBM DB2 8 before FP17, 9.1 ...)
 	NOT-FOR-US: IBM DB2
-CVE-2009-1904
-	RESERVED
+CVE-2009-1904 (The BigDecimal library in Ruby 1.8.6 before p369 and 1.8.7 before p173 ...)
+	TODO: check
 CVE-2009-1903 (The PDF XSS protection feature in ModSecurity before 2.5.8 allows ...)
 	- libapache-mod-security 2.5.9-1 
 CVE-2009-1902 (The multipart processor in ModSecurity before 2.5.9 allows remote ...)
@@ -392,25 +400,19 @@
 	RESERVED
 CVE-2009-1862
 	RESERVED
-CVE-2009-1861
-	RESERVED
+CVE-2009-1861 (Multiple heap-based buffer overflows in Adobe Reader 7 and Acrobat 7 ...)
 	NOT-FOR-US: Adobe Reader
 CVE-2009-1860
 	RESERVED
-CVE-2009-1859
-	RESERVED
+CVE-2009-1859 (Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2009-1858
-	RESERVED
+CVE-2009-1858 (The JBIG2 filter in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2009-1857
-	RESERVED
+CVE-2009-1857 (Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2009-1856
-	RESERVED
+CVE-2009-1856 (Integer overflow in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2009-1855
-	RESERVED
+CVE-2009-1855 (Stack-based buffer overflow in Adobe Reader 7 and Acrobat 7 before ...)
 	NOT-FOR-US: Adobe Reader
 CVE-2009-1854 (Million Dollar Text Links 1.0 allows remote attackers to bypass ...)
 	NOT-FOR-US: Million Dollar Text Links
@@ -662,8 +664,7 @@
 	NOTE: see the portions of code of #530178
 CVE-2009-1761
 	RESERVED
-CVE-2009-1760 [arbitrary file overwrite]
-	RESERVED
+CVE-2009-1760 (Directory traversal vulnerability in src/torrent_info.cpp in Rasterbar ...)
 	- libtorrent-rasterbar 0.14.4-1 (medium)
 CVE-2009-1759 (Stack-based buffer overflow in the btFiles::BuildFromMI function ...)
 	- ctorrent <unfixed> (bug #530255)
@@ -804,7 +805,7 @@
 CVE-2009-1691 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari ...)
 	- webkit <unfixed>
 	TODO: File bug
-CVE-2009-1690 (WebKit in Apple Safari before 4.0 does not properly manage memory for ...)
+CVE-2009-1690 (Use after free vulnerability in WebKit, as used in Apple Safari before ...)
 	TODO: check
 CVE-2009-1689 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari ...)
 	TODO: check
@@ -1240,7 +1241,7 @@
 	NOT-FOR-US: Microsoft
 CVE-2009-1531 (Microsoft Internet Explorer 7 for Windows XP SP2 and SP3; 7 for Server ...)
 	NOT-FOR-US: Microsoft
-CVE-2009-1530 (Microsoft Internet Explorer 7 for Windows XP SP2 and SP3; 7 for Server ...)
+CVE-2009-1530 (Use-after-free vulnerability in Microsoft Internet Explorer 7 for ...)
 	NOT-FOR-US: Microsoft
 CVE-2009-1529 (Microsoft Internet Explorer 7 for Windows XP SP2 and SP3; 7 for Server ...)
 	NOT-FOR-US: Microsoft
@@ -1585,8 +1586,8 @@
 	RESERVED
 CVE-2009-1421
 	RESERVED
-CVE-2009-1420
-	RESERVED
+CVE-2009-1420 (Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) ...)
+	TODO: check
 CVE-2009-1419 (Unspecified vulnerability in HP Discovery &amp; Dependency Mapping ...)
 	NOT-FOR-US: HP Discovery & Dependency Mapping Inventory
 CVE-2009-1418 (Cross-site scripting (XSS) vulnerability in HP System Management ...)
@@ -3568,11 +3569,9 @@
 	NOT-FOR-US: IBM WebSphere Application Server
 CVE-2009-0890
 	RESERVED
-CVE-2009-0889
-	RESERVED
+CVE-2009-0889 (Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2009-0888
-	RESERVED
+CVE-2009-0888 (Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and ...)
 	NOT-FOR-US: Adobe Reader
 CVE-2009-0887 (Integer signedness error in the _pam_StrTok function in ...)
 	- pam <unfixed> (low; bug #520115)
@@ -5092,7 +5091,7 @@
 	NOT-FOR-US: Microsoft
 CVE-2009-0564
 	RESERVED
-CVE-2009-0563 (Buffer overflow in Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 ...)
+CVE-2009-0563 (Stack-based buffer overflow in Microsoft Office Word 2002 SP3, 2003 ...)
 	NOT-FOR-US: Microsoft
 CVE-2009-0562
 	RESERVED
@@ -5102,7 +5101,7 @@
 	NOT-FOR-US: Microsoft
 CVE-2009-0559 (Stack-based buffer overflow in Excel in Microsoft Office 2000 SP3 and ...)
 	NOT-FOR-US: Microsoft
-CVE-2009-0558 (Excel in Microsoft Office 2000 SP3 and Office 2004 and 2008 for Mac, ...)
+CVE-2009-0558 (Array index error in Excel in Microsoft Office 2000 SP3 and Office ...)
 	NOT-FOR-US: Microsoft
 CVE-2009-0557 (Excel in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, ...)
 	NOT-FOR-US: Microsoft
@@ -5283,17 +5282,13 @@
 	NOT-FOR-US: WebFrame
 CVE-2009-0513 (Multiple PHP remote file inclusion vulnerabilities in WebFrame 0.76 ...)
 	NOT-FOR-US: WebFrame
-CVE-2009-0512
-	RESERVED
+CVE-2009-0512 (Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2009-0511
-	RESERVED
+CVE-2009-0511 (Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2009-0510
-	RESERVED
+CVE-2009-0510 (Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2009-0509
-	RESERVED
+CVE-2009-0509 (Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and ...)
 	NOT-FOR-US: Adobe Reader
 CVE-2009-0508 (The Servlet Engine/Web Container and JSP components in IBM WebSphere ...)
 	NOT-FOR-US: IBM WebSphere
@@ -6399,7 +6394,7 @@
 	NOT-FOR-US: Microsoft
 CVE-2009-0229 (The Windows Printing Service in Microsoft Windows 2000 SP4, XP SP2 and ...)
 	NOT-FOR-US: Microsoft
-CVE-2009-0228 (Buffer overflow in the Windows Print Spooler in Microsoft Windows 2000 ...)
+CVE-2009-0228 (Stack-based buffer overflow in the EnumeratePrintShares function in ...)
 	NOT-FOR-US: Microsoft
 CVE-2009-0227 (Stack-based buffer overflow in the PowerPoint 4.2 conversion filter ...)
 	NOT-FOR-US: Microsoft
@@ -6451,16 +6446,15 @@
 	NOT-FOR-US: HP Select Access
 CVE-2009-0203
 	RESERVED
-CVE-2009-0202
-	RESERVED
+CVE-2009-0202 (Array index error in FL21WIN.DLL in the PowerPoint Freelance Windows ...)
+	TODO: check
 CVE-2009-0201
 	RESERVED
 CVE-2009-0200
 	RESERVED
 CVE-2009-0199
 	RESERVED
-CVE-2009-0198
-	RESERVED
+CVE-2009-0198 (Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and ...)
 	NOT-FOR-US: Adobe Reader
 CVE-2009-0197 (Integer overflow in the FORMATS Plugin before 4.23 for IrfanView ...)
 	NOT-FOR-US: IrfanView

More information about the Secure-testing-commits mailing list