[Secure-testing-commits] r12172 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Fri Jun 19 21:14:10 UTC 2009
Author: joeyh
Date: 2009-06-19 21:14:10 +0000 (Fri, 19 Jun 2009)
New Revision: 12172
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-06-19 20:02:20 UTC (rev 12171)
+++ data/CVE/list 2009-06-19 21:14:10 UTC (rev 12172)
@@ -1,3 +1,29 @@
+CVE-2009-2120 (Multiple SQL injection vulnerabilities in TekBase All-in-One 3.1 allow ...)
+ TODO: check
+CVE-2009-2119 (Cross-site scripting (XSS) vulnerability in the login interface in F5 ...)
+ TODO: check
+CVE-2009-2118 (Integer overflow in IrfanView 4.23, when the resampling or screen ...)
+ TODO: check
+CVE-2009-2117 (uye_paneli.php in phPortal 1.0 allows remote attackers to bypass ...)
+ TODO: check
+CVE-2009-2116 (Directory traversal vulnerability in admin.php in SkyBlueCanvas 1.1 ...)
+ TODO: check
+CVE-2009-2115 (admin.php in SkyBlueCanvas 1.1 r237 allows remote authenticated ...)
+ TODO: check
+CVE-2009-2114 (Multiple cross-site scripting (XSS) vulnerabilities in admin.php in ...)
+ TODO: check
+CVE-2009-2113 (Multiple SQL injection vulnerabilities in FretsWeb 1.2 allow remote ...)
+ TODO: check
+CVE-2009-2112 (Directory traversal vulnerability in include/page_bottom.php in phpFK ...)
+ TODO: check
+CVE-2009-2111 (Static code injection vulnerability in add_reg.php in DB Top Sites 1.0 ...)
+ TODO: check
+CVE-2009-2110 (Multiple directory traversal vulnerabilities in DB Top Sites 1.0, when ...)
+ TODO: check
+CVE-2009-2109 (Multiple directory traversal vulnerabilities in FretsWeb 1.2 allow ...)
+ TODO: check
+CVE-2009-2108 (git-daemon in git 1.4.4.5 through 1.6.3 allows remote attackers to ...)
+ TODO: check
CVE-2009-XXXX [moin: heirarchical ACL vulnerability]
- moin 1.8.4-1 (low; bug #533673)
TODO: check whether etch/lenny versions are affected or not
@@ -409,8 +435,8 @@
NOT-FOR-US: LightNEasy
CVE-2009-1936 (_functions.php in cpCommerce 1.2.x, possibly including 1.2.9, sends a ...)
NOT-FOR-US: cpCommerce
-CVE-2009-1935
- RESERVED
+CVE-2009-1935 (Integer overflow in the pipe_build_write_buffer function ...)
+ TODO: check
CVE-2009-1934 (Cross-site scripting (XSS) vulnerability in the Reverse Proxy Plug-in ...)
NOT-FOR-US: Sun Java System Web Server
CVE-2009-1933 (Kerberos in Sun Solaris 8, 9, and 10, and OpenSolaris before snv_117, ...)
@@ -969,22 +995,22 @@
CVE-2009-1701 (Use-after-free vulnerability in the JavaScript DOM implementation in ...)
- webkit <unfixed>
TODO: File bug
-CVE-2009-1700 (The XSLT implementation in WebKit in Apple Safari before 4.0 does not ...)
+CVE-2009-1700 (The XSLT implementation in WebKit in Apple Safari before 4.0, iPhone ...)
TODO: check
-CVE-2009-1699 (The XSL stylesheet implementation in WebKit in Apple Safari before 4.0 ...)
+CVE-2009-1699 (The XSL stylesheet implementation in WebKit in Apple Safari before ...)
TODO: check
-CVE-2009-1698 (WebKit in Apple Safari before 4.0 does not initialize a pointer during ...)
+CVE-2009-1698 (WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and ...)
- webkit <unfixed>
TODO: File bug
-CVE-2009-1697 (CRLF injection vulnerability in WebKit in Apple Safari before 4.0 ...)
+CVE-2009-1697 (CRLF injection vulnerability in WebKit in Apple Safari before 4.0, ...)
TODO: check
-CVE-2009-1696 (WebKit in Apple Safari before 4.0 uses predictable random numbers in ...)
+CVE-2009-1696 (WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and ...)
TODO: check
CVE-2009-1695 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari ...)
TODO: check
-CVE-2009-1694 (WebKit in Apple Safari before 4.0 does not properly handle redirects, ...)
+CVE-2009-1694 (WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and ...)
TODO: check
-CVE-2009-1693 (WebKit in Apple Safari before 4.0 allows remote attackers to read ...)
+CVE-2009-1693 (WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and ...)
TODO: check
CVE-2009-1692
RESERVED
@@ -997,9 +1023,9 @@
TODO: check
CVE-2009-1688 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari ...)
TODO: check
-CVE-2009-1687 (The JavaScript garbage collector in WebKit in Apple Safari before 4.0 ...)
+CVE-2009-1687 (The JavaScript garbage collector in WebKit in Apple Safari before 4.0, ...)
TODO: check
-CVE-2009-1686 (WebKit in Apple Safari before 4.0 does not properly handle constant ...)
+CVE-2009-1686 (WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and ...)
TODO: check
CVE-2009-1685 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari ...)
TODO: check
@@ -1009,7 +1035,7 @@
RESERVED
CVE-2009-1682 (Apple Safari before 4.0 does not properly check for revoked Extended ...)
NOT-FOR-US: Apple Safari
-CVE-2009-1681 (WebKit in Apple Safari before 4.0 does not prevent web sites from ...)
+CVE-2009-1681 (WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and ...)
TODO: check
CVE-2009-1680
RESERVED
@@ -6774,7 +6800,7 @@
NOT-FOR-US: CFNetwork in Apple
CVE-2009-0156 (Launch Services in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 ...)
NOT-FOR-US: Launch Services in Apple Mac OS
-CVE-2009-0155 (Integer underflow in CoreGraphics in Apple Mac OS X 10.5 before 10.5.7 ...)
+CVE-2009-0155 (Integer underflow in CoreGraphics in Apple Mac OS X 10.5 before ...)
NOT-FOR-US: CoreGraphics in Apple Mac OS
CVE-2009-0154 (Heap-based buffer overflow in Apple Type Services (ATS) in Apple Mac ...)
NOT-FOR-US: Apple Type Services
@@ -6805,7 +6831,7 @@
- xpdf <unfixed> (medium; bug #524809)
- kdegraphics <unfixed> (medium; bug #524810)
- swftools <unfixed> (medium; bug #527449)
-CVE-2009-0145 (CoreGraphics in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 allows ...)
+CVE-2009-0145 (CoreGraphics in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7, iPhone ...)
NOT-FOR-US: CoreGraphics in Apple Mac OS X
CVE-2009-0144 (CFNetwork in Apple Mac OS X 10.5 before 10.5.7 does not properly parse ...)
NOT-FOR-US: CFNetwork in Apple Mac OS X
More information about the Secure-testing-commits
mailing list