[Secure-testing-commits] r12700 - data/CVE

Joey Hess Fri, 28 Aug 2009 14:14:27 -0700

Author: joeyh
Date: 2009-08-28 21:14:17 +0000 (Fri, 28 Aug 2009)
New Revision: 12700


Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2009-08-28 11:58:52 UTC (rev 12699)
+++ data/CVE/list       2009-08-28 21:14:17 UTC (rev 12700)
@@ -1,3 +1,83 @@
+CVE-2009-2999
+       RESERVED
+CVE-2009-2998
+       RESERVED
+CVE-2009-2997
+       RESERVED
+CVE-2009-2996
+       RESERVED
+CVE-2009-2995
+       RESERVED
+CVE-2009-2994
+       RESERVED
+CVE-2009-2993
+       RESERVED
+CVE-2009-2992
+       RESERVED
+CVE-2009-2991
+       RESERVED
+CVE-2009-2990
+       RESERVED
+CVE-2009-2989
+       RESERVED
+CVE-2009-2988
+       RESERVED
+CVE-2009-2987
+       RESERVED
+CVE-2009-2986
+       RESERVED
+CVE-2009-2985
+       RESERVED
+CVE-2009-2984
+       RESERVED
+CVE-2009-2983
+       RESERVED
+CVE-2009-2982
+       RESERVED
+CVE-2009-2981
+       RESERVED
+CVE-2009-2980
+       RESERVED
+CVE-2009-2979
+       RESERVED
+CVE-2009-2978 (SQL injection vulnerability in SugarCRM 4.5.1o and earlier, 
5.0.0k and ...)
+       TODO: check
+CVE-2009-2977 (The Cisco Security Monitoring, Analysis and Response System 
(CS-MARS) ...)
+       TODO: check
+CVE-2009-2976 (Cisco Aironet Lightweight Access Point (AP) devices send the 
contents ...)
+       TODO: check
+CVE-2009-2975 (Mozilla Firefox 3.5.2 on Windows XP, in some situations 
possibly ...)
+       TODO: check
+CVE-2009-2974 (Google Chrome 1.0.154.65, 1.0.154.48, and earlier allows remote 
...)
+       TODO: check
+CVE-2009-2973 (Google Chrome before 2.0.172.43 does not prevent SSL 
connections to a ...)
+       TODO: check
+CVE-2009-2972 (in.lpd in the print service in Sun Solaris 8 and 9 allows 
remote ...)
+       TODO: check
+CVE-2008-7106 (The installation of Sophos PureMessage for Microsoft Exchange 
3.0 ...)
+       TODO: check
+CVE-2008-7105 (Sophos PureMessage for Microsoft Exchange 3.0 before 3.0.2 
allows ...)
+       TODO: check
+CVE-2008-7104 (Sophos PureMessage Scanner service (PMScanner.exe) in 
PureMessage for ...)
+       TODO: check
+CVE-2008-7103 (Stack-based buffer overflow in an ActiveX control in ...)
+       TODO: check
+CVE-2008-7102 (DotNetNuke 2.0 through 4.8.4 allows remote attackers to load 
.ascx ...)
+       TODO: check
+CVE-2008-7101 (Unspecified vulnerability in DotNetNuke 4.0 through 4.8.4 and 
5.0 ...)
+       TODO: check
+CVE-2008-7100 (Unspecified vulnerability in DotNetNuke 4.4.1 through 4.8.4 
allows ...)
+       TODO: check
+CVE-2008-7099 (Unspecified vulnerability in the Manage Templates feature in 
Qsoft ...)
+       TODO: check
+CVE-2008-7098 (Multiple cross-site scripting (XSS) vulnerabilities in Qsoft 
K-Rate ...)
+       TODO: check
+CVE-2008-7097 (Multiple SQL injection vulnerabilities in Qsoft K-Rate Premium 
allow ...)
+       TODO: check
+CVE-2008-7096 (Intel Desktop and Intel Mobile Boards with BIOS firmware 
DQ35JO, ...)
+       TODO: check
+CVE-2008-7095 (The SNMP daemon in ArubaOS 3.3.2.6 in Aruba Mobility Controller 
does ...)
+       TODO: check
 CVE-2009-2971
        RESERVED
 CVE-2009-2970
@@ -154,8 +234,8 @@
        RESERVED
 CVE-2009-2936
        RESERVED
-CVE-2009-2935
-       RESERVED
+CVE-2009-2935 (Google V8, as used in Google Chrome before 2.0.172.43, allows 
remote ...)
+       TODO: check
 CVE-2009-2934 (Multiple stack-based buffer overflows in xaudio.dll in 
Programmed ...)
        NOT-FOR-US: Programmed Integration PIPL
 CVE-2009-2933 (SQL injection vulnerability in comments.php in Piwigo before 
2.0.3 ...)
@@ -397,8 +477,8 @@
        RESERVED
 CVE-2009-2862
        RESERVED
-CVE-2009-2861
-       RESERVED
+CVE-2009-2861 (The Over-the-Air Provisioning (OTAP) functionality on Cisco 
Aironet ...)
+       TODO: check
 CVE-2009-2860 (Unspecified vulnerability in db2jds in IBM DB2 8.1 before FP18 
allows ...)
        NOT-FOR-US: db2jds in IBM DB2
 CVE-2009-2859 (IBM DB2 8.1 before FP18 allows attackers to obtain unspecified 
access ...)
@@ -1048,8 +1128,7 @@
        RESERVED
 CVE-2009-2699
        RESERVED
-CVE-2009-2698 [linux-2.6: privilege escalation via udp socket null ptr 
dereference]
-       RESERVED
+CVE-2009-2698 (The UDP implementation in (1) net/ipv4/udp.c and (2) 
net/ipv6/udp.c in ...)
        {DSA-1872-1}
        - linux-2.6 2.6.19-1 (high)
        - linux-2.6.24 2.6.19-1 
@@ -1184,12 +1263,12 @@
 CVE-2009-2664 (The js_watch_set function in js/src/jsdbgapi.cpp in the 
JavaScript ...)
        - xulrunner <unfixed>
        [etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer 
covered by security support)
-CVE-2009-2663 (libvorbis before r16182, as used in Mozilla Firefox before 
3.0.13 and ...)
+CVE-2009-2663 (libvorbis before r16182, as used in Mozilla Firefox 3.5.x 
before 3.5.2 ...)
        - libvorbis 1.2.0.dfsg-6 (medium; bug #540958)
        - xulrunner <not-affected> (medium; bug #540961)
        NOTE: vorbis support added in 1.9.0.13 and 1.9.1.0, which have not yet 
entered the archive
        TODO: recheck when 1.9.0.13 or 1.9.1.x enter stable/unstable
-CVE-2009-2662 (The browser engine in Mozilla Firefox before 3.0.13, and 3.5.x 
before ...)
+CVE-2009-2662 (The browser engine in Mozilla Firefox 3.5.x before 3.5.2 allows 
remote ...)
        - xulrunner <unfixed>
        [etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer 
covered by security support)
 CVE-2009-2661 (The asn1_length function in strongSwan 2.8 before 2.8.11, 4.2 
before ...)
@@ -2853,16 +2932,16 @@
        NOT-FOR-US: Cisco
 CVE-2009-2055 (Cisco IOS XR 3.4.0 through 3.8.1 allows remote attackers to 
cause a ...)
        NOT-FOR-US: Cisco IOS
-CVE-2009-2054
-       RESERVED
-CVE-2009-2053
-       RESERVED
-CVE-2009-2052
-       RESERVED
-CVE-2009-2051
-       RESERVED
-CVE-2009-2050
-       RESERVED
+CVE-2009-2054 (Cisco Unified Communications Manager (aka CUCM, formerly 
CallManager) ...)
+       TODO: check
+CVE-2009-2053 (Cisco Unified Communications Manager (aka CUCM, formerly 
CallManager) ...)
+       TODO: check
+CVE-2009-2052 (Cisco Unified Communications Manager (aka CUCM, formerly 
CallManager) ...)
+       TODO: check
+CVE-2009-2051 (Cisco Unified Communications Manager (aka CUCM, formerly 
CallManager) ...)
+       TODO: check
+CVE-2009-2050 (Cisco Unified Communications Manager (aka CUCM, formerly 
CallManager) ...)
+       TODO: check
 CVE-2009-2049 (Cisco IOS 12.0(32)S12 through 12.0(32)S13 and 12.0(33)S3 
through ...)
        NOT-FOR-US: Cisco IOS
 CVE-2009-2048 (Cross-site scripting (XSS) vulnerability in the Administration 
...)
@@ -14754,7 +14833,7 @@
 CVE-2008-3950 (Off-by-one error in the ...)
        - webkit <not-affected> (Vulnerable code not present)
        NOTE: bug #500306
-CVE-2008-3949 (Emacs 22.1 and 22.2 imports Python script from the current 
working ...)
+CVE-2008-3949 (emacs/lisp/progmodes/python.el in Emacs 22.1 and 22.2 imports 
Python ...)
        - emacs22 22.2+2-4 (low; bug #499568)
        - emacs21 <not-affected> (doesn't provide the python functionality)
        - xemacs21 <not-affected> (doesn't provide the python functionality)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r12700 - data/CVE

Reply via email to