[Secure-testing-commits] r12181 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Mon Jun 22 21:14:26 UTC 2009
Author: joeyh
Date: 2009-06-22 21:14:23 +0000 (Mon, 22 Jun 2009)
New Revision: 12181
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-06-22 13:28:41 UTC (rev 12180)
+++ data/CVE/list 2009-06-22 21:14:23 UTC (rev 12181)
@@ -1,3 +1,43 @@
+CVE-2009-2140
+ RESERVED
+CVE-2009-2139
+ RESERVED
+CVE-2009-2138 (Multiple open redirect vulnerabilities in TBDev.NET 01-01-08 allow ...)
+ TODO: check
+CVE-2009-2137 (Memory leak in the Ultra-SPARC T2 crypto provider device driver (aka ...)
+ TODO: check
+CVE-2009-2136 (Unspecified vulnerability in the TCP/IP networking stack in Sun ...)
+ TODO: check
+CVE-2009-2135 (Multiple race conditions in the Solaris Event Port API in Sun Solaris ...)
+ TODO: check
+CVE-2009-2134 (pivot/tb.php in Pivot 1.40.4 and 1.40.7 allows remote attackers to ...)
+ TODO: check
+CVE-2009-2133 (Multiple cross-site scripting (XSS) vulnerabilities in Pivot 1.40.4 ...)
+ TODO: check
+CVE-2009-2132 (Directory traversal vulnerability in global.php in 4images before ...)
+ TODO: check
+CVE-2009-2131 (Cross-site scripting (XSS) vulnerability in 4images 1.7.7 and earlier ...)
+ TODO: check
+CVE-2009-2130 (Elvin 1.2.0 allows remote attackers to read the PHP source code of (1) ...)
+ TODO: check
+CVE-2009-2129 (Cross-site request forgery (CSRF) vulnerability in login.php in Elvin ...)
+ TODO: check
+CVE-2009-2128 (SQL injection vulnerability in close_bug.php in Elvin before 1.2.1 ...)
+ TODO: check
+CVE-2009-2127 (Cross-site scripting (XSS) vulnerability in show_activity.php in Elvin ...)
+ TODO: check
+CVE-2009-2126 (Cross-site scripting (XSS) vulnerability in close_bug.php in Elvin ...)
+ TODO: check
+CVE-2009-2125 (delete_bug.php in Elvin before 1.2.1 does not require administrative ...)
+ TODO: check
+CVE-2009-2124 (Directory traversal vulnerability in page.php in Elvin 1.2.0 allows ...)
+ TODO: check
+CVE-2009-2123 (Multiple SQL injection vulnerabilities in Elvin 1.2.0 allow remote ...)
+ TODO: check
+CVE-2009-2122 (SQL injection vulnerability in viewimg.php in the Paolo Palmonari ...)
+ TODO: check
+CVE-2009-2121
+ RESERVED
CVE-2009-XXXX [mahara multiple XSS issues]
- mahara 1.1.5-1 (low)
NOTE: CVE ids requested from joey
@@ -1019,8 +1059,8 @@
TODO: check
CVE-2009-1693 (WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and ...)
TODO: check
-CVE-2009-1692
- RESERVED
+CVE-2009-1692 (WebKit in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod ...)
+ TODO: check
CVE-2009-1691 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari ...)
- webkit <unfixed>
TODO: File bug
@@ -1038,16 +1078,16 @@
TODO: check
CVE-2009-1684 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari ...)
TODO: check
-CVE-2009-1683
- RESERVED
+CVE-2009-1683 (The Telephony component in Apple iPhone OS 1.0 through 2.2.1 and ...)
+ TODO: check
CVE-2009-1682 (Apple Safari before 4.0 does not properly check for revoked Extended ...)
NOT-FOR-US: Apple Safari
CVE-2009-1681 (WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and ...)
TODO: check
-CVE-2009-1680
- RESERVED
-CVE-2009-1679
- RESERVED
+CVE-2009-1680 (Safari in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod ...)
+ TODO: check
+CVE-2009-1679 (The Profiles component in Apple iPhone OS 1.0 through 2.2.1 and iPhone ...)
+ TODO: check
CVE-2008-6813 (SQL injection vulnerability in index.php in phpWebNews 0.2 MySQL ...)
NOT-FOR-US: phpWebNews
CVE-2008-6812 (SQL injection vulnerability in bukutamu.php in phpWebNews 0.2 MySQL ...)
@@ -3598,14 +3638,14 @@
NOT-FOR-US: PHPRunner
CVE-2009-0962 (Unspecified vulnerability in Futomi's CGI Cafe MP Form Mail CGI ...)
NOT-FOR-US: Futomi's CGI Cafe MP Form Mail CGI eCommerce
-CVE-2009-0961
- RESERVED
-CVE-2009-0960
- RESERVED
-CVE-2009-0959
- RESERVED
-CVE-2009-0958
- RESERVED
+CVE-2009-0961 (The Mail component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS ...)
+ TODO: check
+CVE-2009-0960 (The Mail component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS ...)
+ TODO: check
+CVE-2009-0959 (The MPEG-4 video codec in Apple iPhone OS 1.0 through 2.2.1 and iPhone ...)
+ TODO: check
+CVE-2009-0958 (Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 ...)
+ TODO: check
CVE-2009-0957 (Heap-based buffer overflow in Apple QuickTime before 7.6.2 allows ...)
NOT-FOR-US: Apple QuickTime
CVE-2009-0956 (Apple QuickTime before 7.6.2 does not properly initialize memory ...)
@@ -6812,7 +6852,7 @@
NOT-FOR-US: CoreGraphics in Apple Mac OS
CVE-2009-0154 (Heap-based buffer overflow in Apple Type Services (ATS) in Apple Mac ...)
NOT-FOR-US: Apple Type Services
-CVE-2009-0153 (International Components for Unicode (ICU) in Apple Mac OS X 10.5 ...)
+CVE-2009-0153 (International Components for Unicode (ICU) 4.0, 3.6, and other 3.x ...)
NOT-FOR-US: Apple Mac OS X
CVE-2009-0152 (iChat in Apple Mac OS X 10.5 before 10.5.7 disables SSL for AOL ...)
NOT-FOR-US: iChat in Apple Mac OS X
More information about the Secure-testing-commits
mailing list