[Secure-testing-commits] r11838 - data/CVE
Raphael Geissert
atomo64-guest at alioth.debian.org
Fri May 8 01:33:26 UTC 2009
Author: atomo64-guest
Date: 2009-05-08 01:33:26 +0000 (Fri, 08 May 2009)
New Revision: 11838
Modified:
data/CVE/list
Log:
NFUs, xvfb CVEfied
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-05-07 21:25:15 UTC (rev 11837)
+++ data/CVE/list 2009-05-08 01:33:26 UTC (rev 11838)
@@ -14,8 +14,6 @@
TODO: check
CVE-2009-1574 (racoon/isakmp_frag.c in ipsec-tools before 0.7.2 allows remote ...)
TODO: check
-CVE-2009-1573 (xvfb-run 1.6.1 in Debian GNU/Linux, Ubuntu, Fedora 10, and possibly ...)
- TODO: check
CVE-2009-1571
RESERVED
CVE-2009-1570
@@ -37,33 +35,33 @@
CVE-2009-1562
RESERVED
CVE-2009-1561 (Cross-site request forgery (CSRF) vulnerability in administration.cgi ...)
- TODO: check
+ NOT-FOR-US: Cisco Linksys
CVE-2009-1560 (The Cisco Linksys WVC54GCA wireless video camera with firmware 1.00R22 ...)
- TODO: check
+ NOT-FOR-US: Cisco Linksys
CVE-2009-1559 (Absolute path traversal vulnerability in adm/file.cgi on the Cisco ...)
- TODO: check
+ NOT-FOR-US: Cisco Linksys
CVE-2009-1558 (Directory traversal vulnerability in adm/file.cgi on the Cisco Linksys ...)
- TODO: check
+ NOT-FOR-US: Cisco Linksys
CVE-2009-1557 (Multiple cross-site scripting (XSS) vulnerabilities on the Cisco ...)
- TODO: check
+ NOT-FOR-US: Cisco Linksys
CVE-2009-1556 (img/main.cgi on the Cisco Linksys WVC54GCA wireless video camera with ...)
- TODO: check
+ NOT-FOR-US: Cisco Linksys
CVE-2009-1555 (The Cisco Linksys WVC54GCA wireless video camera with firmware 1.00R22 ...)
- TODO: check
+ NOT-FOR-US: Cisco Linksys
CVE-2009-1554 (Cross-site scripting (XSS) vulnerability in ThemeServlet.java in Sun ...)
- TODO: check
+ NOT-FOR-US: Sun Woodstock
CVE-2009-1553 (Multiple cross-site scripting (XSS) vulnerabilities in the Admin ...)
- TODO: check
+ NOT-FOR-US: Sun GlassFish Enterprise Server
CVE-2009-1552 (Unspecified vulnerability in the IGMP driver in SCO Unixware Release ...)
TODO: check
CVE-2009-1551 (Multiple PHP remote file inclusion vulnerabilities in Qt quickteam 2 ...)
- TODO: check
+ NOT-FOR-US: Qt quickteam
CVE-2009-1550 (Zakkis Technology ABC Advertise 1.0 does not properly restrict access ...)
- TODO: check
+ NOT-FOR-US: Zakkis Technology ABC Advertise
CVE-2009-1549 (AGTC MyShop 3.2b allows remote attackers to bypass authentication and ...)
- TODO: check
+ NOT-FOR-US: AGTC MyShop
CVE-2009-1548 (SQL injection vulnerability in index.php in BluSky CMS allows remote ...)
- TODO: check
+ NOT-FOR-US: BluSky CMS
CVE-2009-XXXX [prewkikka: pasword world-readable]
- prewikka <unfixed> (low; bug #527476)
NOTE: asked maintainer to determine wether debian is affected
@@ -170,7 +168,7 @@
NOT-FOR-US: MindDezign Photo Gallery
CVE-2008-6788 (SQL injection vulnerability in MindDezign Photo Gallery 2.2, when ...)
NOT-FOR-US: MindDezign Photo Gallery
-CVE-2009-XXXX [xvfb insecure passing of magic cookie]
+CVE-2009-1573 (xvfb-run 1.6.1 in Debian GNU/Linux, Ubuntu, Fedora 10, and possibly ...)
- xorg-server <unfixed> (low; bug #526678)
[etch] - xorg-server <no-dsa> (minor issue)
[lenny] - xorg-server <no-dsa> (minor issue)
@@ -555,6 +553,7 @@
CVE-2009-1365 (Unspecified vulnerability in Adobe Flash Media Server (FMS) before ...)
NOT-FOR-US: Adobe Flash Media Server
CVE-2009-1364 (Use-after-free vulnerability in the embedded GD library in libwmf ...)
+ {DSA-1796-1}
- libwmf 0.2.8.4-6.1 (low; bug #526434)
CVE-2009-1363
RESERVED
@@ -3182,7 +3181,7 @@
CVE-2009-0721
RESERVED
CVE-2009-0720 (Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) ...)
- TODO: check
+ NOT-FOR-US: HP OpenView Network Node Manager
CVE-2009-0719 (Unspecified vulnerability in useradd in HP HP-UX B.11.11, B.11.23, and ...)
NOT-FOR-US: HP-UX
CVE-2009-0718 (Unspecified vulnerability in HP StorageWorks Storage Mirroring 5 ...)
@@ -8341,7 +8340,7 @@
{DSA-1683-1}
- streamripper 1.63.5-2 (bug #506377)
CVE-2008-4828 (Multiple stack-based buffer overflows in dsmagent.exe in the Remote ...)
- TODO: check
+ NOT-FOR-US: IBM Tivoli Storage Manager
CVE-2008-4827 (Multiple heap-based buffer overflows in the AddTab method in the (1) ...)
NOT-FOR-US: ComponentOne SizerOne
CVE-2008-4826
More information about the Secure-testing-commits
mailing list