[Secure-testing-commits] r12203 - data/CVE

Joey Hess joeyh at alioth.debian.org
Thu Jun 25 21:14:32 UTC 2009 

Author: joeyh
Date: 2009-06-25 21:14:29 +0000 (Thu, 25 Jun 2009)
New Revision: 12203

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-06-25 20:56:23 UTC (rev 12202)
+++ data/CVE/list	2009-06-25 21:14:29 UTC (rev 12203)
@@ -1,3 +1,53 @@
+CVE-2009-2209 (SQL injection vulnerability in rscms_mod_newsview.php in RS-CMS 2.1 ...)
+	TODO: check
+CVE-2009-2208 (FreeBSD 6.3, 6.4, 7.1, and 7.2 does not enforce permissions on the ...)
+	TODO: check
+CVE-2009-2207
+	RESERVED
+CVE-2009-2206
+	RESERVED
+CVE-2009-2205
+	RESERVED
+CVE-2009-2204
+	RESERVED
+CVE-2009-2203
+	RESERVED
+CVE-2009-2202
+	RESERVED
+CVE-2009-2201
+	RESERVED
+CVE-2009-2200
+	RESERVED
+CVE-2009-2199
+	RESERVED
+CVE-2009-2198
+	RESERVED
+CVE-2009-2197
+	RESERVED
+CVE-2009-2196
+	RESERVED
+CVE-2009-2195
+	RESERVED
+CVE-2009-2194
+	RESERVED
+CVE-2009-2193
+	RESERVED
+CVE-2009-2192
+	RESERVED
+CVE-2009-2191
+	RESERVED
+CVE-2009-2190
+	RESERVED
+CVE-2009-2189
+	RESERVED
+CVE-2009-2188
+	RESERVED
+CVE-2009-2187 (Multiple memory leaks in the (1) IP and (2) IPv6 multicast ...)
+	TODO: check
+CVE-2009-2186 (Unspecified vulnerability in Adobe Shockwave Player before 11.0.0.465 ...)
+	TODO: check
+CVE-2009-2185 (The ASN.1 parser (pluto/asn1.c, libstrongswan/asn1/asn1.c, ...)
+	TODO: check
 CVE-2009-XXXX [request-tracker: root priviledges for dialog]
 	- request-tracker3.4 <removed> (low; bug #534498)
 	[etch] - request-tracker3.4 <not-affected> (flaw introduced in 3.6.2)
@@ -317,10 +367,10 @@
 	RESERVED
 CVE-2009-2047
 	RESERVED
-CVE-2009-2046
-	RESERVED
-CVE-2009-2045
-	RESERVED
+CVE-2009-2046 (The embedded web server on the Cisco Video Surveillance 2500 Series IP ...)
+	TODO: check
+CVE-2009-2045 (The Cisco Video Surveillance Stream Manager firmware before 5.3, as ...)
+	TODO: check
 CVE-2009-2044 (Mozilla Firefox 3.0.10 and earlier on Linux allows remote attackers to ...)
 	- xulrunner <unfixed> (unknown)
 	TODO: check on the details once the Mozilla bug has been made public
@@ -693,14 +743,14 @@
 	RESERVED
 CVE-2009-1889
 	RESERVED
-CVE-2009-1888 [samba Uninitialized read of a data value]
-	RESERVED
+CVE-2009-1888 (The acl_group_override function in smbd/posix_acls.c in smbd in Samba ...)
+	{DSA-1823-1}
 	- samba <unfixed>
 	[etch] - samba <not-affected> (Vulnerable code not present)
 CVE-2009-1887
 	RESERVED
-CVE-2009-1886 [samba Formatstring vulnerability in smbclient]
-	RESERVED
+CVE-2009-1886 (Multiple format string vulnerabilities in client/client.c in smbclient ...)
+	{DSA-1823-1}
 	- samba <not-affected> (Only affects 3.2.x branch)
 	[lenny] - samba <unfixed>
 	[etch] - samba <not-affected> (Vulnerable code not present)
@@ -760,8 +810,8 @@
 	RESERVED
 CVE-2009-1861 (Multiple heap-based buffer overflows in Adobe Reader 7 and Acrobat 7 ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2009-1860
-	RESERVED
+CVE-2009-1860 (Unspecified vulnerability in Adobe Shockwave Player before 11.5.0.600 ...)
+	TODO: check
 CVE-2009-1859 (Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat ...)
 	NOT-FOR-US: Adobe Reader
 CVE-2009-1858 (The JBIG2 filter in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe ...)
@@ -3101,8 +3151,8 @@
 	RESERVED
 CVE-2009-1164
 	RESERVED
-CVE-2009-1163
-	RESERVED
+CVE-2009-1163 (Memory leak on the Cisco Physical Access Gateway with software before ...)
+	TODO: check
 CVE-2009-1162 (Cross-site scripting (XSS) vulnerability in the Spam Quarantine login ...)
 	NOT-FOR-US: Cisco IronPort AsyncOS
 CVE-2009-1161 (Directory traversal vulnerability in the TFTP service in Cisco ...)
@@ -3126,11 +3176,13 @@
 CVE-2009-1152 (Siemens Gigaset SE461 WiMAX router 1.5-BL024.9.6401, and possibly ...)
 	NOT-FOR-US: Siemens router
 CVE-2009-1151 (Static code injection vulnerability in setup.php in phpMyAdmin 2.11.x ...)
+	{DSA-1824-1}
 	- phpmyadmin 4:3.1.3.1-1
 	[lenny] - phpmyadmin <unfixed> (unimportant)
 	[etch] - phpmyadmin <unfixed> (unimportant)
 	NOTE: in Debian only accessible for administrator
 CVE-2009-1150 (Multiple cross-site scripting (XSS) vulnerabilities in the export page ...)
+	{DSA-1824-1}
 	- phpmyadmin 4:3.1.3.1-1
 CVE-2009-1149 (CRLF injection vulnerability in bs_disp_as_mime_type.php in the BLOB ...)
 	- phpmyadmin 4:3.1.3.1-1
@@ -3903,8 +3955,8 @@
 	RESERVED
 CVE-2009-0904
 	RESERVED
-CVE-2009-0903
-	RESERVED
+CVE-2009-0903 (IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.3, and the ...)
+	TODO: check
 CVE-2009-0902
 	RESERVED
 CVE-2009-0901
@@ -7180,7 +7232,7 @@
 	RESERVED
 CVE-2009-0089 (Windows HTTP Services (aka WinHTTP) in Microsoft Windows 2000 SP4, XP ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2009-0088 (The WordPerfect 6.x Converter in Microsoft Office Word 2000 SP3 and ...)
+CVE-2009-0088 (The WordPerfect 6.x Converter (WPFT632.CNV, 1998.1.27.0) in Microsoft ...)
 	NOT-FOR-US: Microsoft Office
 CVE-2009-0087 (Unspecified vulnerability in the Word 6 text converter in WordPad in ...)
 	NOT-FOR-US: Microsoft Word

More information about the Secure-testing-commits mailing list