[Secure-testing-commits] r12822 - data/CVE

Joey Hess joeyh at alioth.debian.org
Tue Sep 15 21:14:11 UTC 2009


Author: joeyh
Date: 2009-09-15 21:14:11 +0000 (Tue, 15 Sep 2009)
New Revision: 12822

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-09-15 19:09:56 UTC (rev 12821)
+++ data/CVE/list	2009-09-15 21:14:11 UTC (rev 12822)
@@ -1,38 +1,42 @@
-CVE-2009-3183
+CVE-2008-7228 (Multiple format string vulnerabilities in White_Dune before ...)
+	TODO: check
+CVE-2008-7224 (Buffer overflow in entity_cache in ELinks before 0.11.4rc0 allows ...)
+	TODO: check
+CVE-2009-3183 (Heap-based buffer overflow in w in Sun Solaris 8 through 10, and ...)
 	NOT-FOR-US: Sun Solaris
-CVE-2008-7239
+CVE-2008-7239 (Multiple unspecified vulnerabilities in Oracle E-Business Suite ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2008-7238
+CVE-2008-7238 (Multiple unspecified vulnerabilities in Oracle E-Business Suite 12.0.3 ...)
 	NOT-FOR-US: Oracle E-Business Suite
-CVE-2008-7237
+CVE-2008-7237 (Unspecified vulnerability in the Oracle Internet Directory component ...)
 	NOT-FOR-US: Oracle Application Server
-CVE-2008-7236
+CVE-2008-7236 (Unspecified vulnerability in the Oracle JDeveloper component in Oracle ...)
 	NOT-FOR-US: Oracle Application Server
-CVE-2008-7235
+CVE-2008-7235 (Unspecified vulnerability in the Oracle Forms component in Oracle ...)
 	NOT-FOR-US: Oracle Application Server
-CVE-2008-7234
+CVE-2008-7234 (Unspecified vulnerability in the Oracle BPEL Worklist Application ...)
 	NOT-FOR-US: Oracle Application Server
-CVE-2008-7233
+CVE-2008-7233 (Unspecified vulnerability in the E-Business Application client, as ...)
 	NOT-FOR-US: E-Business Application client
-CVE-2008-7232
+CVE-2008-7232 (Buffer overflow in the report function in xtacacsd 4.1.2 and earlier ...)
 	NOT-FOR-US: xtacacsd
-CVE-2008-7231
+CVE-2008-7231 (Cross-site scripting (XSS) vulnerability in Meridio Document and ...)
 	NOT-FOR-US: Meridio Document and Records Management
-CVE-2008-7230
+CVE-2008-7230 (Unspecified vulnerability in Small Footprint CIM Broker (SFCB) before ...)
 	NOT-FOR-US: Small Footprint CIM Broker
-CVE-2008-7229
+CVE-2008-7229 (GreenSQL Firewall (greensql-fw) before 0.9.2 allows remote attackers ...)
 	NOT-FOR-US: GreenSQL Firewall
-CVE-2008-7227
+CVE-2008-7227 (PartialBufferOutputStream2 in GeoServer before 1.6.1 and 1.7.0-beta1 ...)
 	NOT-FOR-US: GeoServer
-CVE-2008-7226
+CVE-2008-7226 (SQL injection vulnerability in index.php in the Recipes module 1.3, ...)
 	NOT-FOR-US: Recipes module for PHP-Nuke
-CVE-2008-7225
+CVE-2008-7225 (Heap-based buffer overflow in Foxit Remote Access Server (aka WAC ...)
 	NOT-FOR-US: Foxit Remote Access Server
-CVE-2008-7223
+CVE-2008-7223 (Multiple cross-site scripting (XSS) vulnerabilities in LinPHA before ...)
 	NOT-FOR-US: LinPHA
-CVE-2008-7222
+CVE-2008-7222 (Cross-site scripting (XSS) vulnerability in system/admin.php in RunCMS ...)
 	NOT-FOR-US: RunCMS
-CVE-2008-7221
+CVE-2008-7221 (Cross-site request forgery (CSRF) vulnerability in RunCMS 1.6.1 allows ...)
 	NOT-FOR-US: RunCMS
 CVE-2009-3166
 	RESERVED
@@ -639,6 +643,7 @@
 	NOTE: This is a web site issue (open redirector), not a browser problem.
 	- iceweasel <unfixed> (unimportant)
 CVE-2009-3009 (Cross-site scripting (XSS) vulnerability in Ruby on Rails 2.x before ...)
+	{DSA-1887-1}
 	- rails 2.2.3-1 (low; bug #545063)
 	[etch] - rails <no-dsa> (Unsupported)
 CVE-2009-3008 (K-Meleon 1.5.3 allows context-dependent attackers to spoof the address ...)
@@ -943,8 +948,7 @@
 	RESERVED
 CVE-2009-2948
 	RESERVED
-CVE-2009-2947 [xapian-omega - cross-site scripting]
-	RESERVED
+CVE-2009-2947 (Cross-site scripting (XSS) vulnerability in Xapian Omega before 1.0.16 ...)
 	{DSA-1882-1}
 	- xapian-omega 1.0.15-2
 CVE-2009-2946 (Eval injection vulnerability in scripts/uscan.pl before Rev 1984 in ...)
@@ -1353,29 +1357,29 @@
 	RESERVED
 CVE-2009-2815 (The Telephony component in Apple iPhone OS before 3.1 does not ...)
 	NOT-FOR-US: Apple iPhone OS
-CVE-2009-2814
+CVE-2009-2814 (Cross-site scripting (XSS) vulnerability in the Wiki Server in Apple ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-2813
-	RESERVED
-CVE-2009-2812
+CVE-2009-2813 (The SMB (aka Samba) subsystem in Apple Mac OS X 10.5.8, when Windows ...)
+	TODO: check
+CVE-2009-2812 (Launch Services in Apple Mac OS X 10.5.8 does not properly recognize ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-2811
+CVE-2009-2811 (Incomplete blacklist vulnerability in Launch Services in Apple Mac OS ...)
 	NOT-FOR-US: Apple Mac OS X
 CVE-2009-2810
 	RESERVED
-CVE-2009-2809
-	RESERVED
+CVE-2009-2809 (ImageIO in Apple Mac OS X 10.4.11 and 10.5.8 allows remote attackers ...)
+	TODO: check
 CVE-2009-2808
 	RESERVED
-CVE-2009-2807
-	RESERVED
+CVE-2009-2807 (Heap-based buffer overflow in the USB backend in CUPS in Apple Mac OS ...)
+	TODO: check
 CVE-2009-2806
 	RESERVED
-CVE-2009-2805
-	RESERVED
-CVE-2009-2804
+CVE-2009-2805 (Integer overflow in CoreGraphics in Apple Mac OS X 10.4.11 and 10.5.8 ...)
+	TODO: check
+CVE-2009-2804 (Integer overflow in ColorSync in Apple Mac OS X 10.4.11 and 10.5.8 ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2009-2803
+CVE-2009-2803 (CarbonCore in Apple Mac OS X 10.4.11 and 10.5.8 allows attackers to ...)
 	NOT-FOR-US: Apple Mac OS X
 CVE-2009-2802
 	RESERVED
@@ -14554,7 +14558,7 @@
 CVE-2008-4954 (mead.pl in fml 4.0.3 allows local users to overwrite arbitrary files ...)
 	- fml <removed> (low; bug #496370)
 	[etch] - fml <no-dsa> (Minor issue)
-CVE-2008-4957 (find_flags in gccxml 0.9.0 allows local users to overwrite arbitrary ...)
+CVE-2008-4957 (find_flags in Kitware GCC-XML (gccxml) 0.9.0 allows local users to ...)
 	- gccxml <unfixed> (unimportant; bug #496391)
 	NOTE: Only applies to a script used for an obscure SGI compiler
 CVE-2008-4943 (bulmages-servers 0.11.1 allows local users to overwrite arbitrary ...)




More information about the Secure-testing-commits mailing list