[Secure-testing-commits] r13055 - data/CVE

Joey Hess joeyh at alioth.debian.org
Tue Oct 20 21:14:20 UTC 2009 

Author: joeyh
Date: 2009-10-20 21:14:19 +0000 (Tue, 20 Oct 2009)
New Revision: 13055

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-10-19 22:51:22 UTC (rev 13054)
+++ data/CVE/list	2009-10-20 21:14:19 UTC (rev 13055)
@@ -247,13 +247,12 @@
 	- liboping 1.3.3-1 (low; bug #548684)
 	[lenny] - liboping <not-affected> (doesn't have -f option yet)
 	[etch] - liboping <not-affected> (doesn't have -f option yet)
-CVE-2009-3613 [kernel remote DoS]
-	RESERVED
+CVE-2009-3613 (The swiotlb functionality in the r8169 driver in drivers/net/r8169.c ...)
 	- linux-2.6 2.6.29-1 (medium)
 	- linux-2.6.24 <removed>
 	NOTE: http://www.openwall.com/lists/oss-security/2009/10/15/4
-CVE-2009-3612
-	RESERVED
+CVE-2009-3612 (The tcf_fill_node function in net/sched/cls_api.c in the netlink ...)
+	TODO: check
 CVE-2009-3611 [backintime information disclosure]
 	RESERVED
 	- backintime 0.9.26-3 (bug #543785)
@@ -400,8 +399,7 @@
 	RESERVED
 CVE-2009-3547
 	RESERVED
-CVE-2009-3546
-	RESERVED
+CVE-2009-3546 (The _gdGetColors function in gd_gd.c in PHP 5.2.11 and 5.3.0, and the ...)
 	- php5 <not-affected> (the php packages use the system libgd2)
 	NOTE: http://svn.php.net/viewvc?view=revision&revision=289557
 	NOTE: <20091015173822.084de220 at redhat.com> in OSS-sec
@@ -610,16 +608,16 @@
 	RESERVED
 CVE-2009-3463
 	RESERVED
-CVE-2009-3462
-	RESERVED
-CVE-2009-3461
-	RESERVED
-CVE-2009-3460
-	RESERVED
+CVE-2009-3462 (Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x ...)
+	TODO: check
+CVE-2009-3461 (Unspecified vulnerability in Adobe Acrobat 9.x before 9.2 allows ...)
+	TODO: check
+CVE-2009-3460 (Adobe Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x ...)
+	TODO: check
 CVE-2009-3459 (Heap-based buffer overflow in Adobe Reader and Acrobat 7.x before ...)
 	NOT-FOR-US: Adobe Acrobat
-CVE-2009-3458
-	RESERVED
+CVE-2009-3458 (Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x ...)
+	TODO: check
 CVE-2009-3457 (Cisco ACE XML Gateway (AXG) and ACE Web Application Firewall (WAF) ...)
 	NOT-FOR-US: Cisco ACE XML Gateway (AXG) and ACE Web Application Firewall (WAF)
 CVE-2009-3456 (Google Chrome, possibly 3.0.195.21 and earlier, does not properly ...)
@@ -1136,10 +1134,10 @@
 	- kolab-cyrus-imapd 2.2.13-5.1 (medium; bug #547712)
 	- dovecot 1:1.2.1-1 (medium; bug #546656)
 	NOTE: This is a different vulnerability than CVE-2009-2632, it covers a few additional buffer overflows
-CVE-2009-3228
-	RESERVED
-CVE-2005-4881
-	RESERVED
+CVE-2009-3228 (The tc_fill_tclass function in net/sched/sch_api.c in the tc subsystem ...)
+	TODO: check
+CVE-2005-4881 (The netlink subsystem in the Linux kernel 2.4.x before 2.4.37.6 and ...)
+	TODO: check
 CVE-2009-3236 (The form library in Horde Application Framework 3.2 before 3.2.5 and ...)
 	{DSA-1897-1}
 	- horde3 3.3.5+debian0-1 (medium; bug #547318)
@@ -2014,46 +2012,46 @@
 	TODO: next point release [lenny] - serveez 0.1.5-2.1+lenny1
 	[etch] - serveez <no-dsa> (Fringe package, mostly unused)
 	TODO: next point release [etch] - serveez 0.1.5-2+etch1
-CVE-2009-2998
-	RESERVED
-CVE-2009-2997
-	RESERVED
-CVE-2009-2996
-	RESERVED
-CVE-2009-2995
-	RESERVED
-CVE-2009-2994
-	RESERVED
-CVE-2009-2993
-	RESERVED
-CVE-2009-2992
-	RESERVED
-CVE-2009-2991
-	RESERVED
-CVE-2009-2990
-	RESERVED
-CVE-2009-2989
-	RESERVED
-CVE-2009-2988
-	RESERVED
-CVE-2009-2987
-	RESERVED
-CVE-2009-2986
-	RESERVED
-CVE-2009-2985
-	RESERVED
-CVE-2009-2984
-	RESERVED
-CVE-2009-2983
-	RESERVED
-CVE-2009-2982
-	RESERVED
-CVE-2009-2981
-	RESERVED
-CVE-2009-2980
-	RESERVED
-CVE-2009-2979
-	RESERVED
+CVE-2009-2998 (Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x ...)
+	TODO: check
+CVE-2009-2997 (Heap-based buffer overflow in Adobe Reader and Acrobat 7.x before ...)
+	TODO: check
+CVE-2009-2996 (Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x ...)
+	TODO: check
+CVE-2009-2995 (Integer overflow in Adobe Acrobat 7.x before 7.1.4, 8.x before 8.1.7, ...)
+	TODO: check
+CVE-2009-2994 (Buffer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x ...)
+	TODO: check
+CVE-2009-2993 (The JavaScript for Acrobat API in Adobe Reader and Acrobat 7.x before ...)
+	TODO: check
+CVE-2009-2992 (An unspecified ActiveX control in Adobe Reader and Acrobat 9.x before ...)
+	TODO: check
+CVE-2009-2991 (Unspecified vulnerability in the Mozilla plug-in in Adobe Reader and ...)
+	TODO: check
+CVE-2009-2990 (Array index error in Adobe Reader and Acrobat 9.x before 9.2, 8.x ...)
+	TODO: check
+CVE-2009-2989 (Integer overflow in Adobe Acrobat 9.x before 9.2, 8.x before 8.1.7, ...)
+	TODO: check
+CVE-2009-2988 (Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x ...)
+	TODO: check
+CVE-2009-2987 (Unspecified vulnerability in an ActiveX control in Adobe Reader and ...)
+	TODO: check
+CVE-2009-2986 (Multiple heap-based buffer overflows in Adobe Reader and Acrobat 7.x ...)
+	TODO: check
+CVE-2009-2985 (Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x ...)
+	TODO: check
+CVE-2009-2984 (Unspecified vulnerability in the image decoder in Adobe Acrobat 9.x ...)
+	TODO: check
+CVE-2009-2983 (Adobe Reader and Acrobat 9.x before 9.2, 8.x before 8.1.7, and ...)
+	TODO: check
+CVE-2009-2982 (An unspecified certificate in Adobe Reader and Acrobat 9.x before 9.2, ...)
+	TODO: check
+CVE-2009-2981 (Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x ...)
+	TODO: check
+CVE-2009-2980 (Integer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x ...)
+	TODO: check
+CVE-2009-2979 (Adobe Reader and Acrobat 9.x before 9.2, 8.x before 8.1.7, and ...)
+	TODO: check
 CVE-2009-2978 (SQL injection vulnerability in SugarCRM 4.5.1o and earlier, 5.0.0k and ...)
 	NOT-FOR-US: SugarCRM
 CVE-2009-2977 (The Cisco Security Monitoring, Analysis and Response System (CS-MARS) ...)
@@ -2096,8 +2094,8 @@
 	NOT-FOR-US: ArubaOS
 CVE-2009-2971
 	RESERVED
-CVE-2009-2970
-	RESERVED
+CVE-2009-2970 (Stack-based buffer overflow in the GetUiDllVersion function in an ...)
+	TODO: check
 CVE-2009-2969
 	RESERVED
 CVE-2009-2968 (Directory traversal vulnerability in a support component in the web ...)
@@ -45389,8 +45387,8 @@
 	- clamav 0.88.7-1 (medium; bug #401873)
 CVE-2006-6405 (BitDefender Mail Protection for SMB 2.0 allows remote attackers to ...)
 	NOT-FOR-US: BitDefender
-CVE-2006-6404
-	RESERVED
+CVE-2006-6404 (Innovation Data Processing FDR allows remote attackers to cause a ...)
+	TODO: check
 CVE-2006-6403 (mystats.php in MyStats 1.0.8 and earlier allows remote attackers to ...)
 	NOT-FOR-US: MyStats
 CVE-2006-6402 (SQL injection vulnerability in mystats.php in MyStats 1.0.8 and ...)

More information about the Secure-testing-commits mailing list