[Secure-testing-commits] r13045 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Mon Oct 19 21:14:30 UTC 2009
Author: joeyh
Date: 2009-10-19 21:14:26 +0000 (Mon, 19 Oct 2009)
New Revision: 13045
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-10-19 20:08:53 UTC (rev 13044)
+++ data/CVE/list 2009-10-19 21:14:26 UTC (rev 13045)
@@ -1,3 +1,63 @@
+CVE-2009-3729
+ RESERVED
+CVE-2009-3728
+ RESERVED
+CVE-2009-3727
+ RESERVED
+CVE-2009-3726
+ RESERVED
+CVE-2009-3725
+ RESERVED
+CVE-2009-3724
+ RESERVED
+CVE-2009-3723
+ RESERVED
+CVE-2009-3722
+ RESERVED
+CVE-2009-3721
+ RESERVED
+CVE-2009-3720
+ RESERVED
+CVE-2009-3719 (Cross-site scripting (XSS) vulnerability in comment.asp in Battle Blog ...)
+ TODO: check
+CVE-2009-3718 (SQL injection vulnerability in admin/authenticate.asp in Battle Blog ...)
+ TODO: check
+CVE-2009-3717 (Heap-based buffer overflow in LucVil PatPlayer 3.9 allows remote ...)
+ TODO: check
+CVE-2009-3716 (Unrestricted file upload vulnerability in admin.php in MCshoutbox 1.1 ...)
+ TODO: check
+CVE-2009-3715 (Multiple SQL injection vulnerabilities in scr_login.php in MCshoutbox ...)
+ TODO: check
+CVE-2009-3714 (Cross-site scripting (XSS) vulnerability in admin_login.php in ...)
+ TODO: check
+CVE-2009-3713 (SQL injection vulnerability in fichero.php in MorcegoCMS 1.7.6 and ...)
+ TODO: check
+CVE-2009-3712 (Multiple SQL injection vulnerabilities in Ebay Clone 2009 allow remote ...)
+ TODO: check
+CVE-2009-3711 (Stack-based buffer overflow in the h_handlepeer function in http.cpp ...)
+ TODO: check
+CVE-2009-3710 (RioRey RIOS 4.6.6 and 4.7.0 uses an undocumented, hard-coded username ...)
+ TODO: check
+CVE-2009-3709 (Stack-based buffer overflow in the Meta Content Optimizer in Konae ...)
+ TODO: check
+CVE-2009-3708 (Stack-based buffer overflow in the Meta Content Optimizer in Konae ...)
+ TODO: check
+CVE-2009-3707 (VMware Authentication Daemon 1.0 in vmware-authd.exe 6.5.3.8888 in the ...)
+ TODO: check
+CVE-2009-3706 (Unspecified vulnerability in the ZFS filesystem in Sun Solaris 10, and ...)
+ TODO: check
+CVE-2009-3705 (PHP remote file inclusion vulnerability in debugger.php in Achievo ...)
+ TODO: check
+CVE-2009-3704 (ZoIPer 2.22, and possibly other versions before 2.24 Library 5324, ...)
+ TODO: check
+CVE-2009-3703
+ RESERVED
+CVE-2009-3702
+ RESERVED
+CVE-2009-3701
+ RESERVED
+CVE-2009-3700
+ RESERVED
CVE-2009-XXXX [xpdf: integer overflow and null ptr dereference vulnerability]
- xpdf <unfixed> (medium; bug #551287)
- poppler <unfixed> (medium; bug #551289)
@@ -7,11 +67,9 @@
NOT-FOR-US: IBM AIX
CVE-2009-3698 (An unspecified function in the Dalvik API in Android 1.5 and earlier ...)
NOT-FOR-US: Dalvik API in Android
-CVE-2009-3697 [phpMyAdmin XSS/SQL inj PMASA-2009-6]
- RESERVED
+CVE-2009-3697 (SQL injection vulnerability in the PDF schema generator functionality ...)
- phpmyadmin 4:3.2.2.1-1
-CVE-2009-3696 [phpMyAdmin XSS/SQL inj PMASA-2009-6]
- RESERVED
+CVE-2009-3696 (Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.11.x before ...)
- phpmyadmin 4:3.2.2.1-1
CVE-2009-3610
RESERVED
@@ -558,7 +616,7 @@
RESERVED
CVE-2009-3460
RESERVED
-CVE-2009-3459 (Unspecified vulnerability in Adobe Reader and Acrobat 9.1.3 and ...)
+CVE-2009-3459 (Heap-based buffer overflow in Adobe Reader and Acrobat 7.x before ...)
NOT-FOR-US: Adobe Acrobat
CVE-2009-3458
RESERVED
@@ -624,7 +682,7 @@
NOT-FOR-US: Sun Solaris Cluster
CVE-2009-3432 (Unspecified vulnerability in xscreensaver in Sun Solaris 10, and ...)
NOT-FOR-US: Sun OpenSolaris xscreensaver
-CVE-2009-3431 (Stack consumption vulnerability in Adobe Acrobat 9.1.1 allows remote ...)
+CVE-2009-3431 (Stack consumption vulnerability in Adobe Reader and Acrobat 9.1.3, ...)
NOT-FOR-US: Adobe Acrobat
CVE-2009-XXXX [libfwbuilder insecure temp file usage]
- libfwbuilder <unfixed> (low)
@@ -949,10 +1007,10 @@
NOT-FOR-US: phpspot Products
CVE-2009-3283 (Cross-site scripting (XSS) vulnerability in phpspot PHP BBS, PHP Image ...)
NOT-FOR-US: phpspot Products
-CVE-2009-3282
- RESERVED
-CVE-2009-3281
- RESERVED
+CVE-2009-3282 (Integer overflow in the vmx86 kernel extension in VMware Fusion before ...)
+ TODO: check
+CVE-2009-3281 (The vmx86 kernel extension in VMware Fusion before 2.0.6 build 196839 ...)
+ TODO: check
CVE-2009-3280 (Integer signedness error in the find_ie function in ...)
- linux-2.6 2.6.31-1 (medium)
- linux-2.6.24 <not-affected> (vulnerable code not present)
@@ -2440,8 +2498,8 @@
RESERVED
CVE-2009-2875
RESERVED
-CVE-2009-2874
- RESERVED
+CVE-2009-2874 (The TimesTenD process in Cisco Unified Presence 1.x, 6.x before ...)
+ TODO: check
CVE-2009-2873 (Cisco IOS 12.0 through 12.4, when IP-based tunnels and the Cisco ...)
NOT-FOR-US: Cisco IOS
CVE-2009-2872 (Cisco IOS 12.0 through 12.4, when IP-based tunnels and the Cisco ...)
@@ -2941,10 +2999,10 @@
NOT-FOR-US: OpenNews
CVE-2009-2735 (SQL injection vulnerability in admin.php in sun-jester OpenNews 1.0, ...)
NOT-FOR-US: OpenNews
-CVE-2009-2734
- RESERVED
-CVE-2009-2733
- RESERVED
+CVE-2009-2734 (SQL injection vulnerability in the get_employee function in ...)
+ TODO: check
+CVE-2009-2733 (Multiple cross-site scripting (XSS) vulnerabilities in Achievo before ...)
+ TODO: check
CVE-2009-2732 (The checkHTTPpassword function in http.c in ntop 3.3.10 and earlier ...)
- ntop 3:3.3-12 (low; bug #543312)
[lenny] - ntop <no-dsa> (Minor issue)
@@ -44122,7 +44180,7 @@
NOT-FOR-US: OpenPinboard
CVE-2007-0049 (Geckovich TaskTracker Pro 1.5 and earlier allows remote attackers to ...)
NOT-FOR-US: TaskTracker
-CVE-2007-0048 (Adobe Acrobat Reader Plugin before 8.0.0, when used with Internet ...)
+CVE-2007-0048 (Adobe Acrobat Reader Plugin before 8.0.0, and possibly the plugin ...)
NOT-FOR-US: Adobe Acrobat Reader with Internet Explorer
CVE-2007-0047 (CRLF injection vulnerability in Adobe Acrobat Reader Plugin before ...)
NOT-FOR-US: Adobe Acrobat Reader with Internet Explorer
More information about the Secure-testing-commits
mailing list