joeyh at alioth.debian.org
2009-Jan-20 21:14 UTC
[Secure-testing-commits] r11001 - data/CVE
Author: joeyh
Date: 2009-01-20 21:14:15 +0000 (Tue, 20 Jan 2009)
New Revision: 11001
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2009-01-20 18:24:03 UTC (rev 11000)
+++ data/CVE/list 2009-01-20 21:14:15 UTC (rev 11001)
@@ -1,7 +1,89 @@
-CVE-2009-0135 [amarok: integer overflows in aa file processing]
+CVE-2009-0173 (Unspecified vulnerability in the server in IBM DB2 9.1 before
FP6a and ...)
+ TODO: check
+CVE-2009-0172 (Unspecified vulnerability in IBM DB2 9.1 before FP6a and 9.5
before ...)
+ TODO: check
+CVE-2009-0171 (The Sun SPARC Enterprise M4000 and M5000 Server, within a
certain ...)
+ TODO: check
+CVE-2009-0170 (Sun Java System Access Manager 6.3 2005Q1, 7 2005Q4, and 7.1
allows ...)
+ TODO: check
+CVE-2009-0169 (Sun Java System Access Manager 7.1 allows remote authenticated
...)
+ TODO: check
+CVE-2009-0168 (Unspecified vulnerability in ppdmgr in Sun Solaris 10 and
OpenSolaris ...)
+ TODO: check
+CVE-2009-0167 (Unspecified vulnerability in lpadmin in Sun Solaris 10 and
OpenSolaris ...)
+ TODO: check
+CVE-2009-0166
+ RESERVED
+CVE-2009-0165
+ RESERVED
+CVE-2009-0164
+ RESERVED
+CVE-2009-0163
+ RESERVED
+CVE-2009-0162
+ RESERVED
+CVE-2009-0161
+ RESERVED
+CVE-2009-0160
+ RESERVED
+CVE-2009-0159
+ RESERVED
+CVE-2009-0158
+ RESERVED
+CVE-2009-0157
+ RESERVED
+CVE-2009-0156
+ RESERVED
+CVE-2009-0155
+ RESERVED
+CVE-2009-0154
+ RESERVED
+CVE-2009-0153
+ RESERVED
+CVE-2009-0152
+ RESERVED
+CVE-2009-0151
+ RESERVED
+CVE-2009-0150
+ RESERVED
+CVE-2009-0149
+ RESERVED
+CVE-2009-0148
+ RESERVED
+CVE-2009-0147
+ RESERVED
+CVE-2009-0146
+ RESERVED
+CVE-2009-0145
+ RESERVED
+CVE-2009-0144
+ RESERVED
+CVE-2009-0143
+ RESERVED
+CVE-2009-0142
+ RESERVED
+CVE-2009-0141
+ RESERVED
+CVE-2009-0140
+ RESERVED
+CVE-2009-0139
+ RESERVED
+CVE-2009-0138
+ RESERVED
+CVE-2009-0137
+ RESERVED
+CVE-2009-0134 (Insecure method vulnerability in the EasyGrid.SGCtrl.32 ActiveX
...)
+ TODO: check
+CVE-2008-5910 (Unspecified vulnerability in txzonemgr in Sun OpenSolaris has
unknown ...)
+ TODO: check
+CVE-2008-5909 (Unspecified vulnerability in conv_lpd in Sun OpenSolaris has
unknown ...)
+ TODO: check
+CVE-2008-5908 (Unspecified vulnerability in the root/boot archive tool in Sun
...)
+ TODO: check
+CVE-2009-0135 (Multiple integer overflows in the Audible::Tag::readTag function
in ...)
{DSA-1706-1}
- amarok 1.4.10-2 (medium)
-CVE-2009-0136 [amarok: index error leading to memory corruption]
+CVE-2009-0136 (Multiple array index errors in the Audible::Tag::readTag
function in ...)
{DSA-1706-1}
- amarok 1.4.10-2 (medium)
CVE-2009-0133 (Buffer overflow in Microsoft HTML Help Workshop 4.74 and earlier
...)
@@ -259,14 +341,14 @@
RESERVED
CVE-2009-0057
RESERVED
-CVE-2009-0056
- RESERVED
-CVE-2009-0055
- RESERVED
-CVE-2009-0054
- RESERVED
-CVE-2009-0053
- RESERVED
+CVE-2009-0056 (Cross-site request forgery (CSRF) vulnerability in the
administration ...)
+ TODO: check
+CVE-2009-0055 (Cross-site request forgery (CSRF) vulnerability in the
administration ...)
+ TODO: check
+CVE-2009-0054 (PXE Encryption in Cisco IronPort Encryption Appliance 6.2.4
before ...)
+ TODO: check
+CVE-2009-0053 (PXE Encryption in Cisco IronPort Encryption Appliance 6.2.4
before ...)
+ TODO: check
CVE-2009-0052
RESERVED
CVE-2009-0051 (ZXID 0.29 and earlier does not properly check the return value
from ...)
@@ -2440,10 +2522,11 @@
CVE-2008-5020
RESERVED
CVE-2008-5019 (The session restore feature in Mozilla Firefox 3.x before 3.0.4
and ...)
+ {DSA-1671-1}
- iceweasel 3.0.4-1
- xulrunner 1.9.0.4-1
CVE-2008-5018 (The JavaScript engine in Mozilla Firefox 3.x before 3.0.4,
Firefox 2.x ...)
- {DSA-1696-1 DSA-1671-1 DSA-1669-1}
+ {DSA-1697-1 DSA-1696-1 DSA-1671-1 DSA-1669-1}
- iceweasel 3.0.4-1
- xulrunner 1.9.0.4-1
- icedove 2.0.0.19-1
@@ -3005,8 +3088,8 @@
NOT-FOR-US: QuestCMS
CVE-2008-4771 (Stack-based buffer overflow in VATDecoder.VatCtrl.1 ActiveX
control in ...)
NOT-FOR-US: ActiveX
-CVE-2008-4770
- RESERVED
+CVE-2008-4770 (The CMsgReader::readRect function in the VNC Viewer component in
...)
+ TODO: check
CVE-2008-4776 (libgadu before 1.8.2 allows remote servers to cause a denial of
...)
{DSA-1664-1}
- libgadu 1:1.8.0+r592-3 (low; bug #503916)
@@ -3737,8 +3820,8 @@
- linux-2.6 2.6.26-5
- linux-2.6.24 2.6.24-6~etchnhalf.6
[etch] - linux-2.6 <not-affected> (vulnerable code not present)
-CVE-2008-4444
- RESERVED
+CVE-2008-4444 (Cisco Unified IP Phone (aka SIP phone) 7960G and 7940G with
firmware ...)
+ TODO: check
CVE-2008-4443
RESERVED
CVE-2008-4442
@@ -5306,14 +5389,14 @@
- horde3 3.2.2+debian0-1 (low; bug #499579)
CVE-2008-3822
RESERVED
-CVE-2008-3821
- RESERVED
+CVE-2008-3821 (Multiple cross-site scripting (XSS) vulnerabilities in the HTTP
server ...)
+ TODO: check
CVE-2008-3820
RESERVED
CVE-2008-3819 (dnsserver in Cisco Application Control Engine Global Site
Selector ...)
NOT-FOR-US: Cisco Application Control Engine Global Site Selector (GSS)
-CVE-2008-3818
- RESERVED
+CVE-2008-3818 (Cisco ONS 15310-CL, 15310-MA, 15327, 15454, 15454 SDH, and 15600
with ...)
+ TODO: check
CVE-2008-3817 (Memory leak in Cisco Adaptive Security Appliances (ASA) 5500
Series ...)
NOT-FOR-US: Cisco
CVE-2008-3816 (Unspecified vulnerability in Cisco Adaptive Security Appliances
(ASA) ...)
@@ -13419,7 +13502,7 @@
CVE-2008-0421 (SQL injection vulnerability in Invision Gallery 2.0.7 and
earlier ...)
NOT-FOR-US: Invision Gallery
CVE-2008-0420 (modules/libpr0n/decoders/bmp/nsBMPDecoder.cpp in Mozilla Firefox
...)
- {DSA-1484-1}
+ {DSA-1534-1 DSA-1484-1}
- iceape 1.1.8-1
- iceweasel 2.0.0.12-1
- xulrunner 1.8.1.12-1
@@ -14580,6 +14663,7 @@
CVE-2007-6590
REJECTED
CVE-2007-6589 (The jar protocol handler in Mozilla Firefox before 2.0.0.10 and
...)
+ {DSA-1534-1}
- iceape 1.1.7-1 (medium)
- iceweasel 2.0.0.10-1 (medium)
CVE-2007-6588 (Cross-site scripting (XSS) vulnerability in PHCDownload 1.10
allows ...)