jmm-guest at alioth.debian.org
2009-Apr-01 21:33 UTC
[Secure-testing-commits] r11531 - data/CVE
Author: jmm-guest Date: 2009-04-01 21:33:39 +0000 (Wed, 01 Apr 2009) New Revision: 11531 Modified: data/CVE/list Log: - new bugzilla CSRF - new wireshark issue - new amaya issues - auth2db CVEfied - NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2009-04-01 21:23:59 UTC (rev 11530) +++ data/CVE/list 2009-04-01 21:33:39 UTC (rev 11531) @@ -3,25 +3,29 @@ CVE-2009-1214 (GNU screen 4.0.3 creates the /tmp/screen-exchange temporary file with ...) - screen <unfixed> (bug #521123) CVE-2009-1213 (Cross-site request forgery (CSRF) vulnerability in attachment.cgi in ...) - TODO: check + - bugzilla <unfixed> (low) + [etch] - bugzilla <no-dsa> (Minor issue) + [lenny] - bugzilla <no-dsa> (Minor issue) CVE-2009-1212 (Multiple insecure method vulnerabilities in PRECIS~2.DLL in the ...) - TODO: check + NOT-FOR-US: PrecisionID Datamatrix ActiveX control CVE-2009-1211 (Blue Coat ProxySG, when transparent interception mode is enabled, uses ...) - TODO: check + NOT-FOR-US: Blue Coat ProxySG CVE-2009-1210 (Format string vulnerability in the PROFINET/DCP (PN-DCP) dissector ...) - TODO: check + - wireshark <unfixed> + TODO: File bug CVE-2009-1209 (Stack-based buffer overflow in W3C Amaya Web Browser 11.1 allows ...) - TODO: check + - amaya <unfixed> (bug filed) CVE-2009-1208 (SQL injection vulnerability in auth2db 0.2.5, and possibly other ...) - TODO: check + - auth2db 0.2.5-2+dfsg-1.1 (bug #521823; low) + [lenny] - auth2db 0.2.5-2+dfsg-1+lenny1 CVE-2009-1207 (Race condition in the dircmp script in Sun Solaris 8 through 10, and ...) - TODO: check + NOT-FOR-US: Solaris CVE-2009-1206 (Unspecified vulnerability in futomi''s CGI Cafe Access Analyzer CGI ...) - TODO: check + NOT-FOR-US: Cafe Access Analyzer CGI Professional CVE-2009-1205 (Stack-based buffer overflow in EAI WebViewer3D ActiveX control ...) - TODO: check + NOT-FOR-US: EAI WebViewer3D ActiveX control CVE-2009-1204 (Cross-site scripting (XSS) vulnerability in TikiWiki (Tiki) ...) - TODO: check + NOT-FOR-US: TikiWiki CVE-2009-1203 RESERVED CVE-2009-1202 @@ -387,10 +391,6 @@ CVE-2009-XXXX [unspecified xfig temp issue] - xfig 1:3.2.5.a-1 NOTE: requested CVE id -CVE-2009-XXXX [auth2db: SQL injection] - - auth2db 0.2.5-2+dfsg-1.1 (bug #521823; low) - [lenny] - auth2db 0.2.5-2+dfsg-1+lenny1 - NOTE: CVE id requested CVE-2009-1092 (Use after free vulnerability in the LIVEAUDIO.LiveAudioCtrl.1 ActiveX ...) NOT-FOR-US: LIVEAUDIO.LiveAudioCtrl.1 ActiveX CVE-2009-1091 (Cross-site scripting (XSS) vulnerability in upload.php in Rapidleech ...)