[Secure-testing-commits] r13280 - data/CVE

Joey Hess joeyh at alioth.debian.org
Thu Nov 12 21:14:20 UTC 2009 

Author: joeyh
Date: 2009-11-12 21:14:19 +0000 (Thu, 12 Nov 2009)
New Revision: 13280

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-11-12 18:58:53 UTC (rev 13279)
+++ data/CVE/list	2009-11-12 21:14:19 UTC (rev 13280)
@@ -1,3 +1,15 @@
+CVE-2009-3930 (Multiple integer overflows in Christos Zoulas file before 5.02 allow ...)
+	TODO: check
+CVE-2009-3929
+	RESERVED
+CVE-2009-3928
+	RESERVED
+CVE-2009-3927
+	RESERVED
+CVE-2009-3926
+	RESERVED
+CVE-2009-3925
+	RESERVED
 CVE-2009-XXXX [dansguardian: not blocking sites]
 	- dansguardian <unfixed> (low; bug #548108)
 CVE-2009-3924 (Buffer overflow in pbsv.dll, as used in Soldier of Fortune II and ...)
@@ -428,8 +440,7 @@
 	TODO: check
 CVE-2009-3728 (Directory traversal vulnerability in the ICC_Profile.getInstance ...)
 	TODO: check
-CVE-2009-3727 [asterisk AST-2009-008]
-	RESERVED
+CVE-2009-3727 (Asterisk Open Source 1.2.x before 1.2.35, 1.4.x before 1.4.26.3, ...)
 	- asterisk <unfixed>
 	[lenny] - asterisk <no-dsa> (Minor issue)
 	[etch] - asterisk <no-dsa> (Minor issue)
@@ -2125,24 +2136,24 @@
 	RESERVED
 CVE-2009-3136
 	RESERVED
-CVE-2009-3135
-	RESERVED
-CVE-2009-3134
-	RESERVED
-CVE-2009-3133
-	RESERVED
-CVE-2009-3132
-	RESERVED
-CVE-2009-3131
-	RESERVED
-CVE-2009-3130
-	RESERVED
-CVE-2009-3129
-	RESERVED
-CVE-2009-3128
-	RESERVED
-CVE-2009-3127
-	RESERVED
+CVE-2009-3135 (Microsoft Office Word 2002 SP3 and 2003 SP3, Office 2004 and 2008 for ...)
+	TODO: check
+CVE-2009-3134 (Microsoft Office Excel 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; ...)
+	TODO: check
+CVE-2009-3133 (Microsoft Office Excel 2002 SP3, Office 2004 and 2008 for Mac, and ...)
+	TODO: check
+CVE-2009-3132 (Microsoft Office Excel 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; ...)
+	TODO: check
+CVE-2009-3131 (Microsoft Office Excel 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; ...)
+	TODO: check
+CVE-2009-3130 (Heap-based buffer overflow in Microsoft Office Excel 2002 SP3, Office ...)
+	TODO: check
+CVE-2009-3129 (Microsoft Office Excel 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; ...)
+	TODO: check
+CVE-2009-3128 (Microsoft Office Excel 2002 SP3 and 2003 SP3, and Office Excel Viewer ...)
+	TODO: check
+CVE-2009-3127 (Microsoft Office Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for ...)
+	TODO: check
 CVE-2009-3126 (Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2009-3162 (Cross-site scripting (XSS) vulnerability in Multi Website 1.5 allows ...)
@@ -3308,55 +3319,54 @@
 	RESERVED
 CVE-2009-2841
 	RESERVED
-CVE-2009-2840
-	RESERVED
-CVE-2009-2839
-	RESERVED
-CVE-2009-2838
-	RESERVED
-CVE-2009-2837
-	RESERVED
-CVE-2009-2836
-	RESERVED
-CVE-2009-2835
-	RESERVED
-CVE-2009-2834
-	RESERVED
-CVE-2009-2833
-	RESERVED
-CVE-2009-2832
-	RESERVED
-CVE-2009-2831
-	RESERVED
-CVE-2009-2830
-	RESERVED
-CVE-2009-2829
-	RESERVED
-CVE-2009-2828
-	RESERVED
-CVE-2009-2827
-	RESERVED
-CVE-2009-2826
-	RESERVED
-CVE-2009-2825
-	RESERVED
-CVE-2009-2824
-	RESERVED
-CVE-2009-2823
-	RESERVED
+CVE-2009-2840 (Spotlight in Apple Mac OS X 10.5.8 does not properly handle temporary ...)
+	TODO: check
+CVE-2009-2839 (Screen Sharing in Apple Mac OS X 10.5.8 allows remote VNC servers to ...)
+	TODO: check
+CVE-2009-2838 (Integer overflow in QuickLook in Apple Mac OS X 10.5.8 allows remote ...)
+	TODO: check
+CVE-2009-2837 (Heap-based buffer overflow in QuickDraw Manager in Apple Mac OS X ...)
+	TODO: check
+CVE-2009-2836 (Race condition in Login Window in Apple Mac OS X 10.6.x before 10.6.2, ...)
+	TODO: check
+CVE-2009-2835 (The kernel in Apple Mac OS X before 10.6.2 does not properly handle ...)
+	TODO: check
+CVE-2009-2834 (IOKit in Apple Mac OS X before 10.6.2 allows local users to modify the ...)
+	TODO: check
+CVE-2009-2833 (Buffer overflow in the UCCompareTextDefault API in International ...)
+	TODO: check
+CVE-2009-2832 (Buffer overflow in FTP Server in Apple Mac OS X before 10.6.2 allows ...)
+	TODO: check
+CVE-2009-2831 (Dictionary in Apple Mac OS X 10.5.8 allows remote attackers to create ...)
+	TODO: check
+CVE-2009-2830 (Multiple buffer overflows in Christos Zoulas file before 5.03 in Apple ...)
+	TODO: check
+CVE-2009-2829 (Event Monitor in Apple Mac OS X 10.5.8 does not properly handle ...)
+	TODO: check
+CVE-2009-2828 (The server in DirectoryService in Apple Mac OS X 10.5.8 allows remote ...)
+	TODO: check
+CVE-2009-2827 (Heap-based buffer overflow in Disk Images in Apple Mac OS X 10.5.8 ...)
+	TODO: check
+CVE-2009-2826 (Multiple integer overflows in CoreGraphics in Apple Mac OS X 10.5.8 ...)
+	TODO: check
+CVE-2009-2825 (Certificate Assistant in Apple Mac OS X before 10.6.2 does not ...)
+	TODO: check
+CVE-2009-2824 (Multiple buffer overflows in Apple Type Services (ATS) in Apple Mac OS ...)
+	TODO: check
+CVE-2009-2823 (The Apache HTTP Server in Apple Mac OS X before 10.6.2 enables the ...)
+	TODO: check
 CVE-2009-2822
 	RESERVED
 CVE-2009-2821
 	RESERVED
-CVE-2009-2820 [cups: admin webfrontend is prone to XSS]
-	RESERVED
+CVE-2009-2820 (CUPS in Apple Mac OS X before 10.6.2 does not properly handle (1) HTTP ...)
 	{DSA-1933-1}
 	- cups <unfixed> (low; bug #555666)
 	- cupsys <removed>
-CVE-2009-2819
-	RESERVED
-CVE-2009-2818
-	RESERVED
+CVE-2009-2819 (AFP Client in Apple Mac OS X 10.5.8 allows remote AFP servers to ...)
+	TODO: check
+CVE-2009-2818 (Adaptive Firewall in Apple Mac OS X before 10.6.2 does not properly ...)
+	TODO: check
 CVE-2009-2817 (Buffer overflow in Apple iTunes before 9.0.1 allows remote attackers ...)
 	NOT-FOR-US: Apple iTunes
 CVE-2009-2816
@@ -3374,12 +3384,12 @@
 	NOT-FOR-US: Apple Mac OS X
 CVE-2009-2811 (Incomplete blacklist vulnerability in Launch Services in Apple Mac OS ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-2810
-	RESERVED
+CVE-2009-2810 (Launch Services in Apple Mac OS X 10.6.x before 10.6.2 recursively ...)
+	TODO: check
 CVE-2009-2809 (ImageIO in Apple Mac OS X 10.4.11 and 10.5.8 allows remote attackers ...)
 	NOT-FOR-US: ImageIO in Apple Mac OS X
-CVE-2009-2808
-	RESERVED
+CVE-2009-2808 (Help Viewer in Apple Mac OS X before 10.6.2 does not use an HTTPS ...)
+	TODO: check
 CVE-2009-2807 (Heap-based buffer overflow in the USB backend in CUPS in Apple Mac OS ...)
 	- cupsys <not-affected> (issue in darwin-specific code; bug #550150)
 	- cups <not-affected> (issue in darwin-specific code; bug #550150)
@@ -4471,8 +4481,8 @@
 	NOT-FOR-US: Microsoft Windows Media Runtime
 CVE-2009-2524 (Integer underflow in the NTLM authentication feature in the Local ...)
 	NOT-FOR-US: Microsoft Windows XP 
-CVE-2009-2523
-	RESERVED
+CVE-2009-2523 (Heap-based buffer overflow in the License Logging Server in Microsoft ...)
+	TODO: check
 CVE-2009-2522
 	RESERVED
 CVE-2009-2521 (Stack consumption vulnerability in the FTP Service in Microsoft ...)
@@ -4489,12 +4499,12 @@
 	NOT-FOR-US: Microsoft Windows 2000
 CVE-2009-2515 (Integer underflow in the kernel in Microsoft Windows 2000 SP4, XP SP2 ...)
 	NOT-FOR-US: Microsoft Windows 2000
-CVE-2009-2514
-	RESERVED
-CVE-2009-2513
-	RESERVED
-CVE-2009-2512
-	RESERVED
+CVE-2009-2514 (win32k.sys in the kernel in Microsoft Windows 2000 SP4, XP SP2 and ...)
+	TODO: check
+CVE-2009-2513 (The Graphics Device Interface (GDI) in win32k.sys in the kernel in ...)
+	TODO: check
+CVE-2009-2512 (The Web Services on Devices API (WSDAPI) in Windows Vista Gold, SP1, ...)
+	TODO: check
 CVE-2009-2511 (Integer overflow in the CryptoAPI component in Microsoft Windows 2000 ...)
 	NOT-FOR-US: Microsoft Windows 2000
 CVE-2009-2510 (The CryptoAPI component in Microsoft Windows 2000 SP4, Windows XP SP2 ...)
@@ -6070,8 +6080,8 @@
 	NOT-FOR-US: Microsoft Windows
 CVE-2009-1929 (Heap-based buffer overflow in the Microsoft Terminal Services Client ...)
 	NOT-FOR-US: ActiveX
-CVE-2009-1928
-	RESERVED
+CVE-2009-1928 (Stack consumption vulnerability in the LDAP service in Active ...)
+	TODO: check
 CVE-2009-1927
 	RESERVED
 CVE-2009-1926 (Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista ...)
@@ -7081,8 +7091,8 @@
 CVE-2009-1571
 	RESERVED
 CVE-2009-1570 [gimp bmp parsing integer overflow]
+	RESERVED
 	- gimp <unfixed> (medium; bug #555929)
-	RESERVED
 CVE-2009-1569
 	RESERVED
 CVE-2009-1568
@@ -8769,8 +8779,8 @@
 	NOT-FOR-US: Microsoft
 CVE-2009-1128 (Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3 allows ...)
 	NOT-FOR-US: Microsoft
-CVE-2009-1127
-	RESERVED
+CVE-2009-1127 (win32k.sys in the kernel in Microsoft Windows 2000 SP4, XP SP2 and ...)
+	TODO: check
 CVE-2009-1126 (The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server ...)
 	NOT-FOR-US: Microsoft
 CVE-2009-1125 (The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 ...)

More information about the Secure-testing-commits mailing list