[Secure-testing-commits] r12822 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Tue Sep 15 21:14:11 UTC 2009
Author: joeyh
Date: 2009-09-15 21:14:11 +0000 (Tue, 15 Sep 2009)
New Revision: 12822
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-09-15 19:09:56 UTC (rev 12821)
+++ data/CVE/list 2009-09-15 21:14:11 UTC (rev 12822)
@@ -1,38 +1,42 @@
-CVE-2009-3183
+CVE-2008-7228 (Multiple format string vulnerabilities in White_Dune before ...)
+ TODO: check
+CVE-2008-7224 (Buffer overflow in entity_cache in ELinks before 0.11.4rc0 allows ...)
+ TODO: check
+CVE-2009-3183 (Heap-based buffer overflow in w in Sun Solaris 8 through 10, and ...)
NOT-FOR-US: Sun Solaris
-CVE-2008-7239
+CVE-2008-7239 (Multiple unspecified vulnerabilities in Oracle E-Business Suite ...)
NOT-FOR-US: Oracle E-Business Suite
-CVE-2008-7238
+CVE-2008-7238 (Multiple unspecified vulnerabilities in Oracle E-Business Suite 12.0.3 ...)
NOT-FOR-US: Oracle E-Business Suite
-CVE-2008-7237
+CVE-2008-7237 (Unspecified vulnerability in the Oracle Internet Directory component ...)
NOT-FOR-US: Oracle Application Server
-CVE-2008-7236
+CVE-2008-7236 (Unspecified vulnerability in the Oracle JDeveloper component in Oracle ...)
NOT-FOR-US: Oracle Application Server
-CVE-2008-7235
+CVE-2008-7235 (Unspecified vulnerability in the Oracle Forms component in Oracle ...)
NOT-FOR-US: Oracle Application Server
-CVE-2008-7234
+CVE-2008-7234 (Unspecified vulnerability in the Oracle BPEL Worklist Application ...)
NOT-FOR-US: Oracle Application Server
-CVE-2008-7233
+CVE-2008-7233 (Unspecified vulnerability in the E-Business Application client, as ...)
NOT-FOR-US: E-Business Application client
-CVE-2008-7232
+CVE-2008-7232 (Buffer overflow in the report function in xtacacsd 4.1.2 and earlier ...)
NOT-FOR-US: xtacacsd
-CVE-2008-7231
+CVE-2008-7231 (Cross-site scripting (XSS) vulnerability in Meridio Document and ...)
NOT-FOR-US: Meridio Document and Records Management
-CVE-2008-7230
+CVE-2008-7230 (Unspecified vulnerability in Small Footprint CIM Broker (SFCB) before ...)
NOT-FOR-US: Small Footprint CIM Broker
-CVE-2008-7229
+CVE-2008-7229 (GreenSQL Firewall (greensql-fw) before 0.9.2 allows remote attackers ...)
NOT-FOR-US: GreenSQL Firewall
-CVE-2008-7227
+CVE-2008-7227 (PartialBufferOutputStream2 in GeoServer before 1.6.1 and 1.7.0-beta1 ...)
NOT-FOR-US: GeoServer
-CVE-2008-7226
+CVE-2008-7226 (SQL injection vulnerability in index.php in the Recipes module 1.3, ...)
NOT-FOR-US: Recipes module for PHP-Nuke
-CVE-2008-7225
+CVE-2008-7225 (Heap-based buffer overflow in Foxit Remote Access Server (aka WAC ...)
NOT-FOR-US: Foxit Remote Access Server
-CVE-2008-7223
+CVE-2008-7223 (Multiple cross-site scripting (XSS) vulnerabilities in LinPHA before ...)
NOT-FOR-US: LinPHA
-CVE-2008-7222
+CVE-2008-7222 (Cross-site scripting (XSS) vulnerability in system/admin.php in RunCMS ...)
NOT-FOR-US: RunCMS
-CVE-2008-7221
+CVE-2008-7221 (Cross-site request forgery (CSRF) vulnerability in RunCMS 1.6.1 allows ...)
NOT-FOR-US: RunCMS
CVE-2009-3166
RESERVED
@@ -639,6 +643,7 @@
NOTE: This is a web site issue (open redirector), not a browser problem.
- iceweasel <unfixed> (unimportant)
CVE-2009-3009 (Cross-site scripting (XSS) vulnerability in Ruby on Rails 2.x before ...)
+ {DSA-1887-1}
- rails 2.2.3-1 (low; bug #545063)
[etch] - rails <no-dsa> (Unsupported)
CVE-2009-3008 (K-Meleon 1.5.3 allows context-dependent attackers to spoof the address ...)
@@ -943,8 +948,7 @@
RESERVED
CVE-2009-2948
RESERVED
-CVE-2009-2947 [xapian-omega - cross-site scripting]
- RESERVED
+CVE-2009-2947 (Cross-site scripting (XSS) vulnerability in Xapian Omega before 1.0.16 ...)
{DSA-1882-1}
- xapian-omega 1.0.15-2
CVE-2009-2946 (Eval injection vulnerability in scripts/uscan.pl before Rev 1984 in ...)
@@ -1353,29 +1357,29 @@
RESERVED
CVE-2009-2815 (The Telephony component in Apple iPhone OS before 3.1 does not ...)
NOT-FOR-US: Apple iPhone OS
-CVE-2009-2814
+CVE-2009-2814 (Cross-site scripting (XSS) vulnerability in the Wiki Server in Apple ...)
NOT-FOR-US: Apple Mac OS X
-CVE-2009-2813
- RESERVED
-CVE-2009-2812
+CVE-2009-2813 (The SMB (aka Samba) subsystem in Apple Mac OS X 10.5.8, when Windows ...)
+ TODO: check
+CVE-2009-2812 (Launch Services in Apple Mac OS X 10.5.8 does not properly recognize ...)
NOT-FOR-US: Apple Mac OS X
-CVE-2009-2811
+CVE-2009-2811 (Incomplete blacklist vulnerability in Launch Services in Apple Mac OS ...)
NOT-FOR-US: Apple Mac OS X
CVE-2009-2810
RESERVED
-CVE-2009-2809
- RESERVED
+CVE-2009-2809 (ImageIO in Apple Mac OS X 10.4.11 and 10.5.8 allows remote attackers ...)
+ TODO: check
CVE-2009-2808
RESERVED
-CVE-2009-2807
- RESERVED
+CVE-2009-2807 (Heap-based buffer overflow in the USB backend in CUPS in Apple Mac OS ...)
+ TODO: check
CVE-2009-2806
RESERVED
-CVE-2009-2805
- RESERVED
-CVE-2009-2804
+CVE-2009-2805 (Integer overflow in CoreGraphics in Apple Mac OS X 10.4.11 and 10.5.8 ...)
+ TODO: check
+CVE-2009-2804 (Integer overflow in ColorSync in Apple Mac OS X 10.4.11 and 10.5.8 ...)
NOT-FOR-US: Apple Mac OS X
-CVE-2009-2803
+CVE-2009-2803 (CarbonCore in Apple Mac OS X 10.4.11 and 10.5.8 allows attackers to ...)
NOT-FOR-US: Apple Mac OS X
CVE-2009-2802
RESERVED
@@ -14554,7 +14558,7 @@
CVE-2008-4954 (mead.pl in fml 4.0.3 allows local users to overwrite arbitrary files ...)
- fml <removed> (low; bug #496370)
[etch] - fml <no-dsa> (Minor issue)
-CVE-2008-4957 (find_flags in gccxml 0.9.0 allows local users to overwrite arbitrary ...)
+CVE-2008-4957 (find_flags in Kitware GCC-XML (gccxml) 0.9.0 allows local users to ...)
- gccxml <unfixed> (unimportant; bug #496391)
NOTE: Only applies to a script used for an obscure SGI compiler
CVE-2008-4943 (bulmages-servers 0.11.1 allows local users to overwrite arbitrary ...)
More information about the Secure-testing-commits
mailing list