thr3ads.net - Secure testing commits - [Secure-testing-commits] r11474

If this information is useful, please help other people find it:
Share via:
joeyh at alioth.debian.org
2009-Mar-25 21:14 UTC
[Secure-testing-commits] r11474 - data/CVE

Author: joeyh
Date: 2009-03-25 21:14:11 +0000 (Wed, 25 Mar 2009)
New Revision: 11474

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2009-03-25 13:30:50 UTC (rev 11473)
+++ data/CVE/list	2009-03-25 21:14:11 UTC (rev 11474)
@@ -1,3 +1,61 @@
+CVE-2009-1073
+	RESERVED
+CVE-2009-1072 (nfsd in the Linux kernel before 2.6.28.9 does not drop the
CAP_MKNOD ...)
+	TODO: check
+CVE-2009-1071 (Stack-based buffer overflow in Icarus 2.0 allows remote
attackers to ...)
+	TODO: check
+CVE-2009-1070 (Cross-site scripting (XSS) vulnerability in system/index.php in
...)
+	TODO: check
+CVE-2009-1069 (Multiple cross-site scripting (XSS) vulnerabilities in the node
edit ...)
+	TODO: check
+CVE-2009-1068 (Stack-based buffer overflow in BS.Player (bsplayer) 2.32 Build
975 ...)
+	TODO: check
+CVE-2009-1067 (Cross-site scripting (XSS) vulnerability in index.php in Pixie
CMS ...)
+	TODO: check
+CVE-2009-1066 (SQL injection vulnerability in the referral function in ...)
+	TODO: check
+CVE-2009-1065 (SQL injection vulnerability in index.php in Pixie CMS 1.01a
allows ...)
+	TODO: check
+CVE-2009-1064 (Argument injection vulnerability in orbitmxt.dll 2.1.0.2 in the
Orbit ...)
+	TODO: check
+CVE-2009-1063 (Buffer overflow in eXeScope 6.50 allows user-assisted remote
attackers ...)
+	TODO: check
+CVE-2009-1062 (Unspecified vulnerability in Adobe Acrobat Reader 9 before 9.1,
8 ...)
+	TODO: check
+CVE-2009-1061 (Unspecified vulnerability in Adobe Acrobat Reader 9 before 9.1,
8 ...)
+	TODO: check
+CVE-2009-1060 (Unspecified vulnerability in Apple Safari on Mac OS X 10.5.6
allows ...)
+	TODO: check
+CVE-2009-1059 (Stack-based buffer overflow in Trident PowerZip 7.2 might allow
remote ...)
+	TODO: check
+CVE-2009-1058 (Stack-based buffer overflow in ZipGenius might allow remote
attackers ...)
+	TODO: check
+CVE-2009-1057 (MicroSmarts Enterprise ZipItFast! 3.0 allows remote attackers to
...)
+	TODO: check
+CVE-2009-1056 (IBM Rational AppScan Enterprise before 5.5 FP1 allows remote
attackers ...)
+	TODO: check
+CVE-2009-1055 (Unspecified vulnerability in the web service in Sitecore CMS
5.3.1 ...)
+	TODO: check
+CVE-2009-1054 (Unspecified vulnerability in JustSystems Ichitaro 13, 2004
through ...)
+	TODO: check
+CVE-2009-1053 (chaozzDB 1.2 and earlier stores sensitive information under the
web ...)
+	TODO: check
+CVE-2009-1052 (FireAnt 1.3 and earlier stores sensitive information under the
web ...)
+	TODO: check
+CVE-2009-1051 (FubarForum 1.6 and earlier stores sensitive information under
the web ...)
+	TODO: check
+CVE-2009-1050 (Bloginator 1A allows remote attackers to bypass authentication
and ...)
+	TODO: check
+CVE-2009-1049 (SQL injection vulnerability in articleCall.php in Bloginator 1A
allows ...)
+	TODO: check
+CVE-2008-6515 (Cross-site scripting (XSS) vulnerability in Fritz Berger yet
another ...)
+	TODO: check
+CVE-2008-6514 (The Expo plugin in Compiz Fusion 0.7.8 allows local users with
...)
+	TODO: check
+CVE-2008-6513 (Unrestricted file upload vulnerability in saa.php in
Andy''s PHP ...)
+	TODO: check
+CVE-2008-6512 (Cross-domain vulnerability in the WorkerPool API in Google Gears
...)
+	TODO: check
 CVE-2009-1048
 	RESERVED
 CVE-2009-1047 (Cross-site scripting (XSS) vulnerability in the Send by e-mail
module ...)
@@ -4,7 +62,7 @@
 	TODO: check
 CVE-2009-1046 (The console selection feature in the Linux kernel 2.6.28 before
...)
 	TODO: check
-CVE-2009-1045 (Stack-based buffer overflow in requests/status.xml in VLC 0.9.8a
...)
+CVE-2009-1045 (requests/status.xml in VLC 0.9.8a allows remote attackers to
cause a ...)
 	TODO: check
 CVE-2009-1044 (Unspecified vulnerability in Mozilla Firefox 3.0.7 on Windows 7
allows ...)
 	TODO: check
@@ -12,8 +70,8 @@
 	NOT-FOR-US: Microsoft
 CVE-2009-1042 (Unspecified vulnerability in Apple Safari on Mac OS X 10.5.6
allows ...)
 	NOT-FOR-US: Apple Safari
-CVE-2009-1041
-	RESERVED
+CVE-2009-1041 (The ktimer feature (sys/kern/kern_time.c) in FreeBSD 7.0, 7.1,
and 7.2 ...)
+	TODO: check
 CVE-2008-6511 (Open redirect vulnerability in login.jsp in Openfire 3.6.0a and
...)
 	NOT-FOR-US: Openfire
 CVE-2008-6510 (Cross-site scripting (XSS) vulnerability in login.jsp in the
Admin ...)
@@ -302,8 +360,8 @@
 	TODO: check
 CVE-2009-0929 (Directory traversal vulnerability in the media manager in
Nucleus CMS ...)
 	NOT-FOR-US: Nucleus CMS
-CVE-2009-0928
-	RESERVED
+CVE-2009-0928 (Heap-based buffer overflow in Adobe Acrobat Reader and Acrobat
...)
+	TODO: check
 CVE-2009-0927 (Unspecified vulnerability in Adobe Reader and Adobe Acrobat 9.1
and ...)
 	NOT-FOR-US: Adobe Reader and Adobe Acrobat
 CVE-2009-0926 (Unspecified vulnerability in the UFS filesystem functionality in
Sun ...)
@@ -321,11 +379,9 @@
 	TODO: check if DSAs are required
 CVE-2008-6481 (SQL injection vulnerability in the Versioning component ...)
 	NOT-FOR-US: Versioning component (com_versioning) in Joomla! and Mambo 
-CVE-2009-0921
-	RESERVED
+CVE-2009-0921 (Multiple heap-based buffer overflows in OvCgi/Toolbar.exe in HP
...)
 	NOT-FOR-US: HP Openview
-CVE-2009-0920
-	RESERVED
+CVE-2009-0920 (Stack-based buffer overflow in OvCgi/Toolbar.exe in HP OpenView
...)
 	NOT-FOR-US: HP Openview
 CVE-2009-0919 (DFLabs PTK 1.0.0 through 1.0.4 has (1) &quot;lamp&quot;
as its default password ...)
 	NOT-FOR-US: DFLabs PTK
@@ -399,8 +455,8 @@
 	RESERVED
 CVE-2009-0892
 	RESERVED
-CVE-2009-0891
-	RESERVED
+CVE-2009-0891 (The Web Services Security component in IBM WebSphere Application
...)
+	TODO: check
 CVE-2009-0890
 	RESERVED
 CVE-2009-0889
@@ -767,8 +823,8 @@
 	RESERVED
 CVE-2009-0788
 	RESERVED
-CVE-2009-0787
-	RESERVED
+CVE-2009-0787 (The ecryptfs_write_metadata_to_contents function in the eCryptfs
...)
+	TODO: check
 CVE-2009-0786
 	RESERVED
 CVE-2009-0785
@@ -2590,9 +2646,9 @@
 CVE-2009-0365 (The dbus request handler in (1) network-manager-applet and (2)
...)
 	- network-manager-applet 0.7.0.99-1 (medium)
 	- network-manager 0.7.0.99-1 (medium)
-CVE-2009-0364
-	RESERVED
+CVE-2009-0364 (Format string vulnerability in the mini_calendar component in
...)
 	{DSA-1752-1}
+	TODO: check
 CVE-2009-0363 (Multiple buffer overflows in (a) BarnOwl before 1.0.5 and (b)
owl ...)
 	{DTSA-197-1}
 	- barnowl 1.0.5-1
@@ -3158,8 +3214,8 @@
 	RESERVED
 CVE-2009-0208 (Unspecified vulnerability in HP Virtual Rooms Client before
7.0.1, ...)
 	NOT-FOR-US: HP Virtual Rooms Client
-CVE-2009-0207
-	RESERVED
+CVE-2009-0207 (Unspecified vulnerability in HP-UX B.11.11 running VERITAS
Oracle Disk ...)
+	TODO: check
 CVE-2009-0206 (Unspecified vulnerability in NFS in HP ONCplus B.11.31.05 and
earlier ...)
 	NOT-FOR-US: HP ONCplus
 CVE-2009-0205
@@ -3186,8 +3242,8 @@
 	RESERVED
 CVE-2009-0194
 	RESERVED
-CVE-2009-0193
-	RESERVED
+CVE-2009-0193 (Unspecified vulnerability in Adobe Acrobat Reader 9 before 9.1,
8 ...)
+	TODO: check
 CVE-2009-0192
 	RESERVED
 CVE-2009-0191 (Foxit Reader 2.3 before Build 3902 and 3.0 before Build 1506,
...)
Secure testing commits - Mar 2009 - r11474 - data/CVE

[Secure-testing-commits] r11474 - data/CVE
