Author: joeyh
Date: 2009-11-25 21:14:16 +0000 (Wed, 25 Nov 2009)
New Revision: 13377
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2009-11-25 19:14:43 UTC (rev 13376)
+++ data/CVE/list 2009-11-25 21:14:16 UTC (rev 13377)
@@ -1,3 +1,17 @@
+CVE-2009-4073 (The printing functionality in Microsoft Internet Explorer 8
allows ...)
+ TODO: check
+CVE-2009-4072 (Unspecified vulnerability in Opera before 10.10 has unknown
impact and ...)
+ TODO: check
+CVE-2009-4071 (Opera before 10.10, when exception stacktraces are enabled,
places ...)
+ TODO: check
+CVE-2009-4070 (SQL injection vulnerability in GForge 4.5.14, 4.7.3, and
possibly ...)
+ TODO: check
+CVE-2009-4069 (Multiple cross-site scripting (XSS) vulnerabilities in GForge
4.5.14, ...)
+ TODO: check
+CVE-2009-4068
+ RESERVED
+CVE-2009-4067
+ RESERVED
CVE-2009-4066 (Multiple cross-site request forgery (CSRF) vulnerabilities in
the "My ...)
TODO: check
CVE-2009-4065 (Cross-site scripting (XSS) vulnerability in the settings page in
the ...)
@@ -231,13 +245,11 @@
NOT-FOR-US: New 5 star Rating
CVE-2009-3964 (SQL injection vulnerability in the NinjaMonials
(com_ninjacentral) ...)
NOT-FOR-US: component for Joomla!
-CVE-2009-3898 [ngingx webdav directory traversal]
- RESERVED
+CVE-2009-3898 (Directory traversal vulnerability in ...)
- nginx 0.7.63-1 (low; bug #557389)
[etch] - nginx <no-dsa> (upload rights required)
[lenny] - nginx <no-dsa> (upload rights required)
-CVE-2009-3897 [dovecot 0777 base_dir creation]
- RESERVED
+CVE-2009-3897 (Dovecot 1.2.x before 1.2.8 sets 0777 permissions during creation
of ...)
- dovecot <unfixed> (medium; bug #557601)
[lenny] - dovecot <not-affected> (Only affects 1.2.x)
[etch] - dovecot <not-affected> (Only affects 1.2.x)
@@ -404,9 +416,9 @@
NOT-FOR-US: IBM PowerHA
CVE-2009-3899 (Memory leak in the Sockets Direct Protocol (SDP) driver in Sun
Solaris ...)
NOT-FOR-US: Sun Solaris
-CVE-2009-3896
- RESERVED
+CVE-2009-3896 (src/http/ngx_http_parse.c in nginx (aka Engine X) 0.1.0 through
...)
{DSA-1920-1}
+ TODO: check
CVE-2009-3895 (Heap-based buffer overflow in the exif_entry_fix function (aka
the tag ...)
- libexif 0.6.19-1 (medium; bug #557137)
[lenny] - libexif <not-affected> (Only 0.6.18 is affected)
@@ -1191,12 +1203,12 @@
RESERVED
CVE-2009-3580
RESERVED
-CVE-2009-3578
- RESERVED
-CVE-2009-3577
- RESERVED
-CVE-2009-3576
- RESERVED
+CVE-2009-3578 (Autodesk Maya 8.0, 8.5, 2008, 2009, and 2010 and Alias Wavefront
Maya ...)
+ TODO: check
+CVE-2009-3577 (Autodesk 3D Studio Max (3DSMax) 6 through 9 and 2008 through
2010 ...)
+ TODO: check
+CVE-2009-3576 (Autodesk Softimage 7.x and Softimage XSI 6.x allow remote
attackers to ...)
+ TODO: check
CVE-2009-3575 (Buffer overflow in DHTRoutingTableDeserializer.cc in aria2
0.15.3, ...)
- aria2 1.2.0-1 (low; bug #551070)
[etch] - aria2 <not-affected> (Vulnerable code not present)
@@ -1902,8 +1914,7 @@
RESERVED
CVE-2009-3304
RESERVED
-CVE-2009-3303 [gforge: XSS issue via helpname parameter]
- RESERVED
+CVE-2009-3303 (Cross-site scripting (XSS) vulnerability in www/help/tracker.php
in ...)
{DSA-1937-1}
- gforge 4.8.1-3 (low)
CVE-2009-3302