[Secure-testing-commits] r12508 - data/CVE

Joey Hess Fri, 07 Aug 2009 14:14:19 -0700

Author: joeyh
Date: 2009-08-07 21:14:13 +0000 (Fri, 07 Aug 2009)
New Revision: 12508


Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2009-08-07 21:08:38 UTC (rev 12507)
+++ data/CVE/list       2009-08-07 21:14:13 UTC (rev 12508)
@@ -1,3 +1,27 @@
+CVE-2009-2710
+       RESERVED
+CVE-2009-2709
+       RESERVED
+CVE-2009-2708
+       RESERVED
+CVE-2009-2707
+       RESERVED
+CVE-2009-2706
+       RESERVED
+CVE-2008-6911 (SQL injection vulnerability in the authenticateUser function in 
...)
+       TODO: check
+CVE-2008-6910 (Services 5.x before 5.x-0.92 and 6.x before 6.x-0.13, a module 
for ...)
+       TODO: check
+CVE-2008-6909 (Services 5.x before 5.x-0.92 and 6.x before 6.x-0.13, a module 
for ...)
+       TODO: check
+CVE-2008-6908 (Services 5.x before 5.x-0.92 and 6.x before 6.x-0.13, a module 
for ...)
+       TODO: check
+CVE-2008-6907 (Multiple SQL injection vulnerabilities in checkuser.php in 
2532designs ...)
+       TODO: check
+CVE-2008-6906 (Cross-site scripting (XSS) vulnerability in index.php in 
BabbleBoard ...)
+       TODO: check
+CVE-2008-6905 (Cross-site request forgery (CSRF) vulnerability in index.php in 
...)
+       TODO: check
 CVE-2009-2705
        RESERVED
 CVE-2009-2704
@@ -94,6 +118,7 @@
        TODO: check
 CVE-2009-2666 [fetchmail 0 byte cert injection]
        RESERVED
+       {DSA-1852-1}
        - fetchmail 6.3.9~rc2-6 
 CVE-2009-2665 (The nsDocument::SetScriptGlobalObject function in ...)
        - xulrunner <not-affected>
@@ -249,8 +274,8 @@
        RESERVED
 CVE-2009-2626
        RESERVED
-CVE-2009-2625
-       RESERVED
+CVE-2009-2625 (Apache Xerces2 Java, as used in Sun Java Runtime Environment 
(JRE) in ...)
+       TODO: check
 CVE-2009-2624
        RESERVED
 CVE-2009-2623
@@ -815,8 +840,7 @@
        RESERVED
 CVE-2009-2413
        RESERVED
-CVE-2009-2412 [overflow in apr and apr-util]
-       RESERVED
+CVE-2009-2412 (Multiple integer overflows in the Apache Portable Runtime (APR) 
...)
        - apr <unfixed>
        - apr-util <unfixed>
 CVE-2009-2411
@@ -1408,20 +1432,20 @@
        RESERVED
 CVE-2009-2195
        RESERVED
-CVE-2009-2194
-       RESERVED
-CVE-2009-2193
-       RESERVED
-CVE-2009-2192
-       RESERVED
-CVE-2009-2191
-       RESERVED
-CVE-2009-2190
-       RESERVED
+CVE-2009-2194 (Apple Mac OS X 10.5 before 10.5.8 does not properly share file 
...)
+       TODO: check
+CVE-2009-2193 (Buffer overflow in the kernel in Apple Mac OS X 10.5 before 
10.5.8 ...)
+       TODO: check
+CVE-2009-2192 (MobileMe in Apple Mac OS X 10.5 before 10.5.8 does not properly 
delete ...)
+       TODO: check
+CVE-2009-2191 (Format string vulnerability in Login Window in Apple Mac OS X 
10.4.11 ...)
+       TODO: check
+CVE-2009-2190 (launchd in Apple Mac OS X 10.5 before 10.5.8 allows remote 
attackers ...)
+       TODO: check
 CVE-2009-2189
        RESERVED
-CVE-2009-2188
-       RESERVED
+CVE-2009-2188 (Buffer overflow in ImageIO in Apple Mac OS X 10.5 before 10.5.8 
allows ...)
+       TODO: check
 CVE-2009-2187 (Multiple memory leaks in the (1) IP and (2) IPv6 multicast ...)
        NOT-FOR-US: Sun Solaris 
 CVE-2009-2186 (Unspecified vulnerability in Adobe Shockwave Player before 
11.0.0.465 ...)
@@ -2567,12 +2591,12 @@
        NOT-FOR-US: NetDecision TFTP Server
 CVE-2009-1729 (Multiple cross-site scripting (XSS) vulnerabilities in Sun Java 
System ...)
        NOT-FOR-US: Sun Java System Communications Express
-CVE-2009-1728
-       RESERVED
-CVE-2009-1727
-       RESERVED
-CVE-2009-1726
-       RESERVED
+CVE-2009-1728 (Stack-based buffer overflow in Image RAW in Apple Mac OS X 10.5 
before ...)
+       TODO: check
+CVE-2009-1727 (Incomplete blacklist vulnerability in CoreTypes in Apple Mac OS 
X 10.5 ...)
+       TODO: check
+CVE-2009-1726 (Heap-based buffer overflow in ColorSync in Apple Mac OS X 
10.4.11 and ...)
+       TODO: check
 CVE-2009-1725 (WebKit in Apple Safari before 4.0.2 does not properly handle 
numeric ...)
        - webkit <unfixed> (medium; bug #538346)
        - qt4-x11 <unfixed> (medium; bug #538347)
@@ -2585,9 +2609,9 @@
        - webkit <unfixed> (low; bug #538402)
        NOTE: 
http://www.thespanner.co.uk/2009/06/19/minor-safari-cross-domain-bug/
        TODO: check 
-CVE-2009-1723
-       RESERVED
-CVE-2009-1722 (Buffer overflow in the compression implementation in OpenEXR 
1.2.2 ...)
+CVE-2009-1723 (CFNetwork in Apple Mac OS X 10.5 before 10.5.8 places an 
incorrect URL ...)
+       TODO: check
+CVE-2009-1722 (Heap-based buffer overflow in the compression implementation in 
...)
        {DSA-1842-1}
        - openexr <unfixed>
 CVE-2009-1721 (The decompression implementation in the Imf::hufUncompress 
function in ...)
@@ -8541,8 +8565,8 @@
        - icu 4.0.1-1 (low; bug #534590)
 CVE-2009-0152 (iChat in Apple Mac OS X 10.5 before 10.5.7 disables SSL for AOL 
...)
        NOT-FOR-US: iChat in Apple Mac OS X
-CVE-2009-0151
-       RESERVED
+CVE-2009-0151 (The screen saver in Dock in Apple Mac OS X 10.5 before 10.5.8 
does not ...)
+       TODO: check
 CVE-2009-0150 (Stack-based buffer overflow in Apple Mac OS X 10.5 before 
10.5.7 ...)
        NOT-FOR-US: Apple Mac OS X
 CVE-2009-0149 (Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 allows local 
users to ...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r12508 - data/CVE

Reply via email to