Author: joeyh Date: 2009-06-12 21:14:17 +0000 (Fri, 12 Jun 2009) New Revision: 12114 Modified: data/CVE/list Log: automatic update Modified: data/CVE/list ==================================================================--- data/CVE/list 2009-06-12 15:02:44 UTC (rev 12113) +++ data/CVE/list 2009-06-12 21:14:17 UTC (rev 12114) @@ -1,3 +1,11 @@ +CVE-2009-2031 (smbfs in Sun OpenSolaris snv_84 through snv_110, when default mount ...) + TODO: check +CVE-2009-2030 (Unspecified vulnerability in the XML Digital Signature verification ...) + TODO: check +CVE-2009-2029 (Unspecified vulnerability in rpc.nisd in Sun Solaris 8 through 10, and ...) + TODO: check +CVE-2009-2028 (Multiple unspecified vulnerabilities in Adobe Reader 7 and Acrobat 7 ...) + TODO: check CVE-2009-XXXX [freebsd Missing permission check on SIOCSIFINFO_IN6 ioctl] - kfreebsd-6 <removed> [lenny] - kfreebsd-6 <no-dsa> (KFreebsd not supported) @@ -294,8 +302,8 @@ NOT-FOR-US: IBM DB2 CVE-2009-1905 (The Common Code Infrastructure component in IBM DB2 8 before FP17, 9.1 ...) NOT-FOR-US: IBM DB2 -CVE-2009-1904 - RESERVED +CVE-2009-1904 (The BigDecimal library in Ruby 1.8.6 before p369 and 1.8.7 before p173 ...) + TODO: check CVE-2009-1903 (The PDF XSS protection feature in ModSecurity before 2.5.8 allows ...) - libapache-mod-security 2.5.9-1 CVE-2009-1902 (The multipart processor in ModSecurity before 2.5.9 allows remote ...) @@ -392,25 +400,19 @@ RESERVED CVE-2009-1862 RESERVED -CVE-2009-1861 - RESERVED +CVE-2009-1861 (Multiple heap-based buffer overflows in Adobe Reader 7 and Acrobat 7 ...) NOT-FOR-US: Adobe Reader CVE-2009-1860 RESERVED -CVE-2009-1859 - RESERVED +CVE-2009-1859 (Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat ...) NOT-FOR-US: Adobe Reader -CVE-2009-1858 - RESERVED +CVE-2009-1858 (The JBIG2 filter in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe ...) NOT-FOR-US: Adobe Reader -CVE-2009-1857 - RESERVED +CVE-2009-1857 (Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat ...) NOT-FOR-US: Adobe Reader -CVE-2009-1856 - RESERVED +CVE-2009-1856 (Integer overflow in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe ...) NOT-FOR-US: Adobe Reader -CVE-2009-1855 - RESERVED +CVE-2009-1855 (Stack-based buffer overflow in Adobe Reader 7 and Acrobat 7 before ...) NOT-FOR-US: Adobe Reader CVE-2009-1854 (Million Dollar Text Links 1.0 allows remote attackers to bypass ...) NOT-FOR-US: Million Dollar Text Links @@ -662,8 +664,7 @@ NOTE: see the portions of code of #530178 CVE-2009-1761 RESERVED -CVE-2009-1760 [arbitrary file overwrite] - RESERVED +CVE-2009-1760 (Directory traversal vulnerability in src/torrent_info.cpp in Rasterbar ...) - libtorrent-rasterbar 0.14.4-1 (medium) CVE-2009-1759 (Stack-based buffer overflow in the btFiles::BuildFromMI function ...) - ctorrent <unfixed> (bug #530255) @@ -804,7 +805,7 @@ CVE-2009-1691 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari ...) - webkit <unfixed> TODO: File bug -CVE-2009-1690 (WebKit in Apple Safari before 4.0 does not properly manage memory for ...) +CVE-2009-1690 (Use after free vulnerability in WebKit, as used in Apple Safari before ...) TODO: check CVE-2009-1689 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari ...) TODO: check @@ -1240,7 +1241,7 @@ NOT-FOR-US: Microsoft CVE-2009-1531 (Microsoft Internet Explorer 7 for Windows XP SP2 and SP3; 7 for Server ...) NOT-FOR-US: Microsoft -CVE-2009-1530 (Microsoft Internet Explorer 7 for Windows XP SP2 and SP3; 7 for Server ...) +CVE-2009-1530 (Use-after-free vulnerability in Microsoft Internet Explorer 7 for ...) NOT-FOR-US: Microsoft CVE-2009-1529 (Microsoft Internet Explorer 7 for Windows XP SP2 and SP3; 7 for Server ...) NOT-FOR-US: Microsoft @@ -1585,8 +1586,8 @@ RESERVED CVE-2009-1421 RESERVED -CVE-2009-1420 - RESERVED +CVE-2009-1420 (Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) ...) + TODO: check CVE-2009-1419 (Unspecified vulnerability in HP Discovery & Dependency Mapping ...) NOT-FOR-US: HP Discovery & Dependency Mapping Inventory CVE-2009-1418 (Cross-site scripting (XSS) vulnerability in HP System Management ...) @@ -3568,11 +3569,9 @@ NOT-FOR-US: IBM WebSphere Application Server CVE-2009-0890 RESERVED -CVE-2009-0889 - RESERVED +CVE-2009-0889 (Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and ...) NOT-FOR-US: Adobe Reader -CVE-2009-0888 - RESERVED +CVE-2009-0888 (Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and ...) NOT-FOR-US: Adobe Reader CVE-2009-0887 (Integer signedness error in the _pam_StrTok function in ...) - pam <unfixed> (low; bug #520115) @@ -5092,7 +5091,7 @@ NOT-FOR-US: Microsoft CVE-2009-0564 RESERVED -CVE-2009-0563 (Buffer overflow in Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 ...) +CVE-2009-0563 (Stack-based buffer overflow in Microsoft Office Word 2002 SP3, 2003 ...) NOT-FOR-US: Microsoft CVE-2009-0562 RESERVED @@ -5102,7 +5101,7 @@ NOT-FOR-US: Microsoft CVE-2009-0559 (Stack-based buffer overflow in Excel in Microsoft Office 2000 SP3 and ...) NOT-FOR-US: Microsoft -CVE-2009-0558 (Excel in Microsoft Office 2000 SP3 and Office 2004 and 2008 for Mac, ...) +CVE-2009-0558 (Array index error in Excel in Microsoft Office 2000 SP3 and Office ...) NOT-FOR-US: Microsoft CVE-2009-0557 (Excel in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, ...) NOT-FOR-US: Microsoft @@ -5283,17 +5282,13 @@ NOT-FOR-US: WebFrame CVE-2009-0513 (Multiple PHP remote file inclusion vulnerabilities in WebFrame 0.76 ...) NOT-FOR-US: WebFrame -CVE-2009-0512 - RESERVED +CVE-2009-0512 (Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and ...) NOT-FOR-US: Adobe Reader -CVE-2009-0511 - RESERVED +CVE-2009-0511 (Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and ...) NOT-FOR-US: Adobe Reader -CVE-2009-0510 - RESERVED +CVE-2009-0510 (Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and ...) NOT-FOR-US: Adobe Reader -CVE-2009-0509 - RESERVED +CVE-2009-0509 (Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and ...) NOT-FOR-US: Adobe Reader CVE-2009-0508 (The Servlet Engine/Web Container and JSP components in IBM WebSphere ...) NOT-FOR-US: IBM WebSphere @@ -6399,7 +6394,7 @@ NOT-FOR-US: Microsoft CVE-2009-0229 (The Windows Printing Service in Microsoft Windows 2000 SP4, XP SP2 and ...) NOT-FOR-US: Microsoft -CVE-2009-0228 (Buffer overflow in the Windows Print Spooler in Microsoft Windows 2000 ...) +CVE-2009-0228 (Stack-based buffer overflow in the EnumeratePrintShares function in ...) NOT-FOR-US: Microsoft CVE-2009-0227 (Stack-based buffer overflow in the PowerPoint 4.2 conversion filter ...) NOT-FOR-US: Microsoft @@ -6451,16 +6446,15 @@ NOT-FOR-US: HP Select Access CVE-2009-0203 RESERVED -CVE-2009-0202 - RESERVED +CVE-2009-0202 (Array index error in FL21WIN.DLL in the PowerPoint Freelance Windows ...) + TODO: check CVE-2009-0201 RESERVED CVE-2009-0200 RESERVED CVE-2009-0199 RESERVED -CVE-2009-0198 - RESERVED +CVE-2009-0198 (Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and ...) NOT-FOR-US: Adobe Reader CVE-2009-0197 (Integer overflow in the FORMATS Plugin before 4.23 for IrfanView ...) NOT-FOR-US: IrfanView