jmm-guest at alioth.debian.org
2009-Apr-03 21:32 UTC
[Secure-testing-commits] r11556 - data/CVE
Author: jmm-guest Date: 2009-04-03 21:32:10 +0000 (Fri, 03 Apr 2009) New Revision: 11556 Modified: data/CVE/list Log: NFUs xul non-issue Modified: data/CVE/list ==================================================================--- data/CVE/list 2009-04-03 21:14:12 UTC (rev 11555) +++ data/CVE/list 2009-04-03 21:32:10 UTC (rev 11556) @@ -1,45 +1,46 @@ CVE-2009-1238 (Race condition in the HFS vfs sysctl interface in XNU 1228.8.20 and ...) - TODO: check + NOT-FOR-US: Mac OS X CVE-2009-1237 (Multiple memory leaks in XNU 1228.3.13 and earlier on Apple Mac OS X ...) - TODO: check + NOT-FOR-US: Mac OS X CVE-2009-1236 (Heap-based buffer overflow in the AppleTalk networking stack in XNU ...) - TODO: check + NOT-FOR-US: Mac OS X CVE-2009-1235 (XNU 1228.9.59 and earlier on Apple Mac OS X 10.5.6 and earlier does ...) - TODO: check + NOT-FOR-US: Mac OS X CVE-2009-1234 (Opera 9.64 allows remote attackers to cause a denial of service ...) - TODO: check + NOT-FOR-US: Opera CVE-2009-1233 (Apple Safari 3.2.2 and 4 Beta on Windows allows remote attackers to ...) - TODO: check + NOT-FOR-US: Safari on Windows CVE-2009-1232 (The XUL parser in Mozilla Firefox 3.0.8 and earlier 3.0.x versions ...) - TODO: check + - xulrunner <unfixed> (unimportant) + NOTE: Browser crashes not treated as security issues CVE-2009-1231 (Unspecified vulnerability in the eClient in IBM DB2 Content Manager ...) - TODO: check + NOT-FOR-US: DB2 CVE-2009-1230 (Static code injection vulnerability in index.php in Podcast Generator ...) - TODO: check + NOT-FOR-US: Podcast Generator CVE-2009-1229 (SQL injection vulnerability in Arcadwy Arcade Script allows remote ...) - TODO: check + NOT-FOR-US: Arcadwy Arcade Script CVE-2009-1228 (Cross-site scripting (XSS) vulnerability in register.php in Arcadwy ...) - TODO: check + NOT-FOR-US: Arcadwy Arcade Script CVE-2009-1227 (Buffer overflow in the PKI Web Service in Check Point Firewall-1 PKI ...) - TODO: check + NOT-FOR-US: Check Point CVE-2009-1226 (core/admin/delete.php in Podcast Generator 1.1 and earlier does not ...) - TODO: check + NOT-FOR-US: Podcast Generator CVE-2009-1225 (Cross-site scripting (XSS) vulnerability in index.php in Turnkey Ebook ...) - TODO: check + NOT-FOR-US: Turnkey Ebook Store CVE-2009-1224 (SQL injection vulnerability in ...) - TODO: check + NOT-FOR-US: vsp stats processor CVE-2009-1223 (aspWebCalendar Free Edition stores sensitive information under the web ...) - TODO: check + NOT-FOR-US: aspWebCalendar Free Edition CVE-2009-1222 (Directory traversal vulnerability in index.php in webEdition 6.0.0.4 ...) - TODO: check + NOT-FOR-US: webEdition CVE-2008-6582 (SQL injection vulnerability in index.php in Miniweb 2.0 allows remote ...) - TODO: check + NOT-FOR-US: Miniweb CVE-2008-6581 (login.php in PhpAddEdit 1.3 allows remote attackers to bypass ...) - TODO: check + NOT-FOR-US: PhpAddEdit CVE-2008-6580 (The Red_Reservations script for ColdFusion stores sensitive ...) - TODO: check + NOT-FOR-US: ColdFusion CVE-2003-1571 (Web Wiz Guestbook 6.0 stores sensitive information under the web root ...) - TODO: check + NOT-FOR-US: Web Wiz Guestbook CVE-2009-XXXX [unspecified DoS] - libapache-mod-security 2.5.9-1 TODO: Investigate, check stable/oldstable, if necessary open RT ticket