thr3ads.net - Secure testing commits - [Secure-testing-commits] r12321

If this information is useful, please help other people find it:
Share via:
Joey Hess
2009-Jul-11 09:14 UTC
[Secure-testing-commits] r12321 - data/CVE

Author: joeyh
Date: 2009-07-11 09:14:28 +0000 (Sat, 11 Jul 2009)
New Revision: 12321

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2009-07-11 07:25:32 UTC (rev 12320)
+++ data/CVE/list	2009-07-11 09:14:28 UTC (rev 12321)
@@ -1,3 +1,73 @@
+CVE-2009-2421 (The CFCharacterSetInitInlineBuffer method in CoreFoundation.dll
in ...)
+	TODO: check
+CVE-2009-2420 (Apple Safari 3.2.3 does not properly implement the file:
protocol ...)
+	TODO: check
+CVE-2009-2419 (Use-after-free vulnerability in the servePendingRequests
function in ...)
+	TODO: check
+CVE-2009-2418
+	RESERVED
+CVE-2009-2417
+	RESERVED
+CVE-2009-2416
+	RESERVED
+CVE-2009-2415
+	RESERVED
+CVE-2009-2414
+	RESERVED
+CVE-2009-2413
+	RESERVED
+CVE-2009-2412
+	RESERVED
+CVE-2009-2411
+	RESERVED
+CVE-2009-2410
+	RESERVED
+CVE-2009-2409
+	RESERVED
+CVE-2009-2408
+	RESERVED
+CVE-2009-2407
+	RESERVED
+CVE-2009-2406
+	RESERVED
+CVE-2009-2405
+	RESERVED
+CVE-2009-2404
+	RESERVED
+CVE-2009-2403 (Heap-based buffer overflow in SCMPX 1.5.1 allows remote
attackers to ...)
+	TODO: check
+CVE-2009-2402 (SQL injection vulnerability in index.php in the forum module in
...)
+	TODO: check
+CVE-2009-2401 (Cross-site scripting (XSS) vulnerability in PHPEcho CMS 2.0-rc3
allows ...)
+	TODO: check
+CVE-2009-2400 (SQL injection vulnerability in the PHP (com_php) component for
Joomla! ...)
+	TODO: check
+CVE-2009-2399 (PHP remote file inclusion vulnerability in ...)
+	TODO: check
+CVE-2009-2398 (Directory traversal vulnerability in test/index.php in PHP-Sugar
0.80 ...)
+	TODO: check
+CVE-2009-2397 (Directory traversal vulnerability in download.php in Audio
Article ...)
+	TODO: check
+CVE-2009-2396 (PHP remote file inclusion vulnerability in template/album.php in
DM ...)
+	TODO: check
+CVE-2009-2395 (SQL injection vulnerability in the K2 (com_k2) component 1.0.1
Beta ...)
+	TODO: check
+CVE-2009-2394 (SQL injection vulnerability in cat.php in SMSPages 1.0 in
Mr.Saphp ...)
+	TODO: check
+CVE-2009-2393 (admin/index.php in Virtuenetz Virtue Online Test Generator does
not ...)
+	TODO: check
+CVE-2009-2392 (SQL injection vulnerability in text.php in Virtuenetz Virtue
Online ...)
+	TODO: check
+CVE-2009-2391 (Cross-site scripting (XSS) vulnerability in text.php in
Virtuenetz ...)
+	TODO: check
+CVE-2009-2390 (SQL injection vulnerability in the BookFlip (com_bookflip)
component ...)
+	TODO: check
+CVE-2009-2389 (Multiple SQL injection vulnerabilities in newsscript.php in
USOLVED ...)
+	TODO: check
+CVE-2009-2388 (SQL injection vulnerability in admin/index.php in Opial 1.0
allows ...)
+	TODO: check
+CVE-2009-2387 (Unspecified vulnerability in the proc filesystem in Sun
OpenSolaris ...)
+	TODO: check
 CVE-2009-2386
 	RESERVED
 CVE-2009-2369 (Integer overflow in the wxImage::Create function in ...)
@@ -3,4 +73,5 @@
 	TODO: check
 CVE-2009-2360 (Cross-site scripting (XSS) vulnerability in passwd/main.php in
the ...)
+	{DSA-1829-1}
 	- sork-passwd-h3 3.1-1.1 (low; bug #536554)
 CVE-2009-2385 (SQL injection vulnerability in the awardsMembers function in
...)
@@ -1647,10 +1718,10 @@
 	RESERVED
 CVE-2009-1726
 	RESERVED
-CVE-2009-1725
-	RESERVED
-CVE-2009-1724
-	RESERVED
+CVE-2009-1725 (WebKit in Apple Safari before 4.0.2 does not properly handle
numeric ...)
+	TODO: check
+CVE-2009-1724 (Cross-site scripting (XSS) vulnerability in WebKit in Apple
Safari ...)
+	TODO: check
 CVE-2009-1723
 	RESERVED
 CVE-2009-1722
@@ -2544,7 +2615,7 @@
 	RESERVED
 CVE-2009-1421 (Unspecified vulnerability in NFS / ONCplus B.11.31_06 and
B.11.31_07 ...)
 	NOT-FOR-US: ONCplus on HP HP-UX
-CVE-2009-1420 (Unspecified vulnerability in HP OpenView Network Node Manager
(OV NNM) ...)
+CVE-2009-1420 (Stack-based buffer overflow in rping in HP OpenView Network Node
...)
 	NOT-FOR-US: HP OpenView Network Node Manager
 CVE-2009-1419 (Unspecified vulnerability in HP Discovery &amp; Dependency
Mapping ...)
 	NOT-FOR-US: HP Discovery & Dependency Mapping Inventory
@@ -5520,9 +5591,9 @@
 	RESERVED
 CVE-2009-0668
 	RESERVED
-CVE-2009-0667
-	RESERVED
+CVE-2009-0667 (Untrusted search path vulnerability in Agent/Backend.pm in ...)
 	{DSA-1828-1}
+	TODO: check
 CVE-2009-0666
 	RESERVED
 CVE-2009-0665
Secure testing commits - Jul 2009 - r12321 - data/CVE

[Secure-testing-commits] r12321 - data/CVE
