[Secure-testing-commits] r13331 - data/CVE

Joey Hess joeyh at alioth.debian.org
Fri Nov 20 21:14:22 UTC 2009


Author: joeyh
Date: 2009-11-20 21:14:22 +0000 (Fri, 20 Nov 2009)
New Revision: 13331

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-11-20 18:35:57 UTC (rev 13330)
+++ data/CVE/list	2009-11-20 21:14:22 UTC (rev 13331)
@@ -1,3 +1,109 @@
+CVE-2009-4016
+	RESERVED
+CVE-2009-4015
+	RESERVED
+CVE-2009-4014
+	RESERVED
+CVE-2009-4013
+	RESERVED
+CVE-2009-4012
+	RESERVED
+CVE-2009-4011
+	RESERVED
+CVE-2009-4010
+	RESERVED
+CVE-2009-4009
+	RESERVED
+CVE-2009-4008
+	RESERVED
+CVE-2009-4007
+	RESERVED
+CVE-2009-4006 (Stack-based buffer overflow in the TEA decoding algorithm in RhinoSoft ...)
+	TODO: check
+CVE-2009-4005 (The collect_rx_frame function in drivers/isdn/hisax/hfc_usb.c in the ...)
+	TODO: check
+CVE-2009-4004 (Buffer overflow in the kvm_vcpu_ioctl_x86_setup_mce function in ...)
+	TODO: check
+CVE-2009-4003
+	RESERVED
+CVE-2009-4002
+	RESERVED
+CVE-2009-4001
+	RESERVED
+CVE-2009-4000
+	RESERVED
+CVE-2009-3999
+	RESERVED
+CVE-2009-3998
+	RESERVED
+CVE-2009-3997
+	RESERVED
+CVE-2009-3996
+	RESERVED
+CVE-2009-3995
+	RESERVED
+CVE-2009-3994
+	RESERVED
+CVE-2009-3993
+	RESERVED
+CVE-2009-3992
+	RESERVED
+CVE-2009-3991
+	RESERVED
+CVE-2009-3990
+	RESERVED
+CVE-2009-3989
+	RESERVED
+CVE-2009-3988
+	RESERVED
+CVE-2009-3987
+	RESERVED
+CVE-2009-3986
+	RESERVED
+CVE-2009-3985
+	RESERVED
+CVE-2009-3984
+	RESERVED
+CVE-2009-3983
+	RESERVED
+CVE-2009-3982
+	RESERVED
+CVE-2009-3981
+	RESERVED
+CVE-2009-3980
+	RESERVED
+CVE-2009-3979
+	RESERVED
+CVE-2009-3978 (The nsGIFDecoder2::GifWrite function in decoders/gif/nsGIFDecoder2.cpp ...)
+	TODO: check
+CVE-2009-3977 (Multiple buffer overflows in a certain ActiveX control in ...)
+	TODO: check
+CVE-2009-3976 (Buffer overflow in Labtam ProFTP 2.9 allows remote FTP servers to ...)
+	TODO: check
+CVE-2009-3975 (SQL injection vulnerability in index.php in Moa Gallery 1.1.0 and ...)
+	TODO: check
+CVE-2009-3974 (Multiple SQL injection vulnerabilities in Invision Power Board (IPB or ...)
+	TODO: check
+CVE-2009-3973 (SQL injection vulnerability in index.php in Turnkey Arcade Script ...)
+	TODO: check
+CVE-2009-3972 (SQL injection vulnerability in the Q-Proje Siirler Bileseni ...)
+	TODO: check
+CVE-2009-3971 (SQL injection vulnerability in the jTips (com_jtips) component 1.0.7 ...)
+	TODO: check
+CVE-2009-3970 (SQL injection vulnerability in index.php in PHP Dir Submit (aka ...)
+	TODO: check
+CVE-2009-3969 (Stack-based buffer overflow in Faslo Player 7.0 allows remote ...)
+	TODO: check
+CVE-2009-3968 (Multiple SQL injection vulnerabilities in ITechBids 8.0 allow remote ...)
+	TODO: check
+CVE-2009-3967 (SQL injection vulnerability in browse.php in Ed Charkow SuperCharged ...)
+	TODO: check
+CVE-2009-3966 (Arcade Trade Script 1.0 allows remote attackers to bypass ...)
+	TODO: check
+CVE-2009-3965 (SQL injection vulnerability in rating.php in New 5 star Rating 1.0 ...)
+	TODO: check
+CVE-2009-3964 (SQL injection vulnerability in the NinjaMonials (com_ninjacentral) ...)
+	TODO: check
 CVE-2009-XXXX [ngingx webdav directory traversal]
 	- nginx <unfixed> (low)
 	TODO: check
@@ -145,8 +251,7 @@
 	NOT-FOR-US: TFTgallery
 CVE-2009-3910
 	RESERVED
-CVE-2009-3909
-	RESERVED
+CVE-2009-3909 (Integer overflow in the read_channel_data function in ...)
 	- gimp <unfixed> (medium; bug #556750)
 	NOTE: http://secunia.com/secunia_research/2009-43/
 CVE-2009-3908
@@ -179,6 +284,7 @@
 	RESERVED
 CVE-2009-3896
 	RESERVED
+	{DSA-1920-1}
 CVE-2009-3895 [libexif heap buffer overflow when processing certain images]
 	RESERVED
 	- libexif 0.6.19-1 (medium; bug #557137)
@@ -298,8 +404,8 @@
 	RESERVED
 CVE-2009-3841 (Unspecified vulnerability in HP Discovery &amp; Dependency Mapping ...)
 	TODO: check
-CVE-2009-3840
-	RESERVED
+CVE-2009-3840 (The embedded database engine service (aka ovdbrun.exe) in HP OpenView ...)
+	TODO: check
 CVE-2009-3839 (Unspecified vulnerability in the Solaris Trusted Extensions Policy ...)
 	NOT-FOR-US: Sun Solaris
 CVE-2009-3838 (Stack-based buffer overflow in Pegasus Mail (PMail) 4.41 and possibly ...)
@@ -1063,8 +1169,7 @@
 	NOTE: See separate CVE-2009-3555 file in SVN
 CVE-2009-3554
 	RESERVED
-CVE-2009-3553 [cups DoS - use-after-free errors within cupsDoSelect()]
-	RESERVED
+CVE-2009-3553 (Use-after-free vulnerability in the abstract file-descriptor handling ...)
 	- cups <unfixed>
 	TODO: check
 	NOTE: http://www.cups.org/newsgroups.php/s1+gcups.bugs?s1+gcups.bugs+v4+T+Q3200
@@ -3466,7 +3571,7 @@
 	RESERVED
 CVE-2009-2821
 	RESERVED
-CVE-2009-2820 (CUPS in Apple Mac OS X before 10.6.2 does not properly handle (1) HTTP ...)
+CVE-2009-2820 (The web interface in CUPS before 1.4.2, as used on Apple Mac OS X ...)
 	{DSA-1933-1}
 	- cups 1.4.2-1 (low; bug #555666)
 	- cupsys <removed>




More information about the Secure-testing-commits mailing list