thr3ads.net - Secure testing commits - [Secure-testing-commits] r12181

If this information is useful, please help other people find it:
Share via:
Joey Hess
2009-Jun-22 21:14 UTC
[Secure-testing-commits] r12181 - data/CVE

Author: joeyh
Date: 2009-06-22 21:14:23 +0000 (Mon, 22 Jun 2009)
New Revision: 12181

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2009-06-22 13:28:41 UTC (rev 12180)
+++ data/CVE/list	2009-06-22 21:14:23 UTC (rev 12181)
@@ -1,3 +1,43 @@
+CVE-2009-2140
+	RESERVED
+CVE-2009-2139
+	RESERVED
+CVE-2009-2138 (Multiple open redirect vulnerabilities in TBDev.NET 01-01-08
allow ...)
+	TODO: check
+CVE-2009-2137 (Memory leak in the Ultra-SPARC T2 crypto provider device driver
(aka ...)
+	TODO: check
+CVE-2009-2136 (Unspecified vulnerability in the TCP/IP networking stack in Sun
...)
+	TODO: check
+CVE-2009-2135 (Multiple race conditions in the Solaris Event Port API in Sun
Solaris ...)
+	TODO: check
+CVE-2009-2134 (pivot/tb.php in Pivot 1.40.4 and 1.40.7 allows remote attackers
to ...)
+	TODO: check
+CVE-2009-2133 (Multiple cross-site scripting (XSS) vulnerabilities in Pivot
1.40.4 ...)
+	TODO: check
+CVE-2009-2132 (Directory traversal vulnerability in global.php in 4images
before ...)
+	TODO: check
+CVE-2009-2131 (Cross-site scripting (XSS) vulnerability in 4images 1.7.7 and
earlier ...)
+	TODO: check
+CVE-2009-2130 (Elvin 1.2.0 allows remote attackers to read the PHP source code
of (1) ...)
+	TODO: check
+CVE-2009-2129 (Cross-site request forgery (CSRF) vulnerability in login.php in
Elvin ...)
+	TODO: check
+CVE-2009-2128 (SQL injection vulnerability in close_bug.php in Elvin before
1.2.1 ...)
+	TODO: check
+CVE-2009-2127 (Cross-site scripting (XSS) vulnerability in show_activity.php in
Elvin ...)
+	TODO: check
+CVE-2009-2126 (Cross-site scripting (XSS) vulnerability in close_bug.php in
Elvin ...)
+	TODO: check
+CVE-2009-2125 (delete_bug.php in Elvin before 1.2.1 does not require
administrative ...)
+	TODO: check
+CVE-2009-2124 (Directory traversal vulnerability in page.php in Elvin 1.2.0
allows ...)
+	TODO: check
+CVE-2009-2123 (Multiple SQL injection vulnerabilities in Elvin 1.2.0 allow
remote ...)
+	TODO: check
+CVE-2009-2122 (SQL injection vulnerability in viewimg.php in the Paolo
Palmonari ...)
+	TODO: check
+CVE-2009-2121
+	RESERVED
 CVE-2009-XXXX [mahara multiple XSS issues]
 	- mahara 1.1.5-1 (low)
 	NOTE: CVE ids requested from joey
@@ -1019,8 +1059,8 @@
 	TODO: check
 CVE-2009-1693 (WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1,
and ...)
 	TODO: check
-CVE-2009-1692
-	RESERVED
+CVE-2009-1692 (WebKit in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for
iPod ...)
+	TODO: check
 CVE-2009-1691 (Cross-site scripting (XSS) vulnerability in WebKit in Apple
Safari ...)
 	- webkit <unfixed>
 	TODO: File bug
@@ -1038,16 +1078,16 @@
 	TODO: check
 CVE-2009-1684 (Cross-site scripting (XSS) vulnerability in WebKit in Apple
Safari ...)
 	TODO: check
-CVE-2009-1683
-	RESERVED
+CVE-2009-1683 (The Telephony component in Apple iPhone OS 1.0 through 2.2.1 and
...)
+	TODO: check
 CVE-2009-1682 (Apple Safari before 4.0 does not properly check for revoked
Extended ...)
 	NOT-FOR-US: Apple Safari
 CVE-2009-1681 (WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1,
and ...)
 	TODO: check
-CVE-2009-1680
-	RESERVED
-CVE-2009-1679
-	RESERVED
+CVE-2009-1680 (Safari in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for
iPod ...)
+	TODO: check
+CVE-2009-1679 (The Profiles component in Apple iPhone OS 1.0 through 2.2.1 and
iPhone ...)
+	TODO: check
 CVE-2008-6813 (SQL injection vulnerability in index.php in phpWebNews 0.2 MySQL
...)
 	NOT-FOR-US: phpWebNews
 CVE-2008-6812 (SQL injection vulnerability in bukutamu.php in phpWebNews 0.2
MySQL ...)
@@ -3598,14 +3638,14 @@
 	NOT-FOR-US: PHPRunner
 CVE-2009-0962 (Unspecified vulnerability in Futomi''s CGI Cafe MP Form
Mail CGI ...)
 	NOT-FOR-US: Futomi''s CGI Cafe MP Form Mail CGI eCommerce
-CVE-2009-0961
-	RESERVED
-CVE-2009-0960
-	RESERVED
-CVE-2009-0959
-	RESERVED
-CVE-2009-0958
-	RESERVED
+CVE-2009-0961 (The Mail component in Apple iPhone OS 1.0 through 2.2.1 and
iPhone OS ...)
+	TODO: check
+CVE-2009-0960 (The Mail component in Apple iPhone OS 1.0 through 2.2.1 and
iPhone OS ...)
+	TODO: check
+CVE-2009-0959 (The MPEG-4 video codec in Apple iPhone OS 1.0 through 2.2.1 and
iPhone ...)
+	TODO: check
+CVE-2009-0958 (Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch
1.1 ...)
+	TODO: check
 CVE-2009-0957 (Heap-based buffer overflow in Apple QuickTime before 7.6.2
allows ...)
 	NOT-FOR-US: Apple QuickTime
 CVE-2009-0956 (Apple QuickTime before 7.6.2 does not properly initialize memory
...)
@@ -6812,7 +6852,7 @@
 	NOT-FOR-US: CoreGraphics in Apple Mac OS
 CVE-2009-0154 (Heap-based buffer overflow in Apple Type Services (ATS) in Apple
Mac ...)
 	NOT-FOR-US: Apple Type Services
-CVE-2009-0153 (International Components for Unicode (ICU) in Apple Mac OS X
10.5 ...)
+CVE-2009-0153 (International Components for Unicode (ICU) 4.0, 3.6, and other
3.x ...)
 	NOT-FOR-US: Apple Mac OS X
 CVE-2009-0152 (iChat in Apple Mac OS X 10.5 before 10.5.7 disables SSL for AOL
...)
 	NOT-FOR-US: iChat in Apple Mac OS X
Secure testing commits - Jun 2009 - r12181 - data/CVE

[Secure-testing-commits] r12181 - data/CVE
