Author: atomo64-guest
Date: 2009-05-07 20:39:09 +0000 (Thu, 07 May 2009)
New Revision: 11835
Modified:
data/CVE/list
Log:
Record swftools'' issues bug report
Modified: data/CVE/list
==================================================================---
data/CVE/list 2009-05-07 20:18:56 UTC (rev 11834)
+++ data/CVE/list 2009-05-07 20:39:09 UTC (rev 11835)
@@ -1380,31 +1380,31 @@
- poppler 0.10.6-1 (medium; bug #524806)
- xpdf <unfixed> (medium; bug #524809)
- kdegraphics 4.0-1 (medium; bug #524810)
- - swftools <unfixed> (medium)
+ - swftools <unfixed> (medium; bug #527449)
CVE-2009-1182 (Multiple buffer overflows in the JBIG2 MMR decoder in Xpdf
3.02pl2 and ...)
{DSA-1793-1 DSA-1790-1}
- poppler 0.10.6-1 (medium; bug #524806)
- xpdf <unfixed> (medium; bug #524809)
- kdegraphics 4.0-1 (medium; bug #524810)
- - swftools <unfixed> (medium)
+ - swftools <unfixed> (medium; bug #527449)
CVE-2009-1181 (The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and
earlier, ...)
{DSA-1793-1 DSA-1790-1}
- poppler 0.10.6-1 (medium; bug #524806)
- xpdf <unfixed> (medium; bug #524809)
- kdegraphics 4.0-1 (medium; bug #524810)
- - swftools <unfixed> (medium)
+ - swftools <unfixed> (medium; bug #527449)
CVE-2009-1180 (The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and
earlier, ...)
{DSA-1793-1 DSA-1790-1}
- poppler 0.10.6-1 (medium; bug #524806)
- xpdf <unfixed> (medium; bug #524809)
- kdegraphics 4.0-1 (medium; bug #524810)
- - swftools <unfixed> (medium)
+ - swftools <unfixed> (medium; bug #527449)
CVE-2009-1179 (Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and
earlier, ...)
{DSA-1793-1 DSA-1790-1}
- poppler 0.10.6-1 (medium; bug #524806)
- xpdf <unfixed> (medium; bug #524809)
- kdegraphics 4.0-1 (medium; bug #524810)
- - swftools <unfixed> (medium)
+ - swftools <unfixed> (medium; bug #527449)
CVE-2009-1178 (Unspecified vulnerability in the server in IBM Tivoli Storage
Manager ...)
NOT-FOR-US: Tivoli
CVE-2009-1177 (Multiple stack-based buffer overflows in maptemplate.c in
mapserv in ...)
@@ -2669,13 +2669,13 @@
- poppler 0.10.6-1 (medium; bug #524806)
- xpdf <unfixed> (medium; bug #524809)
- kdegraphics 4.0 (medium; bug #524810)
- - swftools <unfixed> (medium)
+ - swftools <unfixed> (medium; bug #527449)
CVE-2009-0799 (The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and
earlier, ...)
{DSA-1793-1 DSA-1790-1}
- poppler 0.10.6-1 (medium; bug #524806)
- xpdf <unfixed> (medium; bug #524809)
- kdegraphics 4.0 (medium; bug #524810)
- - swftools <unfixed> (medium)
+ - swftools <unfixed> (medium; bug #527449)
CVE-2009-0798 (The daemon in acpid before 1.0.10 allows remote attackers to
cause a ...)
{DSA-1786-1}
- acpid 1.0.10-1 (medium)
@@ -5253,7 +5253,7 @@
- cups <not-affected> (Uses poppler''s pdftops)
- xpdf <unfixed> (medium; bug #524809)
- kdegraphics <unfixed> (medium; bug #524810)
- - swftools <unfixed> (medium)
+ - swftools <unfixed> (medium; bug #527449)
CVE-2009-0165 (Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and
earlier, as ...)
{DSA-1793-1 DSA-1790-1}
TODO: check
@@ -5304,14 +5304,14 @@
- cups <not-affected> (Uses poppler''s pdftops)
- xpdf <unfixed> (medium; bug #524809)
- kdegraphics <unfixed> (medium; bug #524810)
- - swftools <unfixed> (medium)
+ - swftools <unfixed> (medium; bug #527449)
CVE-2009-0146 (Multiple buffer overflows in the JBIG2 decoder in Xpdf 3.02pl2
and ...)
{DSA-1793-1 DSA-1790-1}
- poppler <unfixed> (medium; bug #524806)
- cups <not-affected> (Uses poppler''s pdftops)
- xpdf <unfixed> (medium; bug #524809)
- kdegraphics <unfixed> (medium; bug #524810)
- - swftools <unfixed> (medium)
+ - swftools <unfixed> (medium; bug #527449)
CVE-2009-0145
RESERVED
CVE-2009-0144
@@ -23732,7 +23732,7 @@
NOTE: cups uses xpdf-utils and poppler-utils
- libextractor 0.5.12-1
NOTE: libextractor uses internal pdf decoder since 0.5.12-1, thus marking as
fixed
- - swftools <unfixed> (medium)
+ - swftools <unfixed> (medium; bug #527449)
CVE-2007-5392 (Integer overflow in the DCTStream::reset method in
xpdf/Stream.cc in ...)
{DSA-1537-1 DSA-1509-1 DSA-1480-1 DTSA-85-1 DTSA-86-1}
- poppler 0.6.2-1 (medium; bug #450628)
@@ -23753,7 +23753,7 @@
NOTE: cups uses xpdf-utils and poppler-utils
- libextractor 0.5.12-1
NOTE: libextractor uses internal pdf decoder since 0.5.12-1, thus marking as
fixed
- - swftools <unfixed> (medium)
+ - swftools <unfixed> (medium; bug #527449)
CVE-2003-1357 (ProxyView has a default administrator password of Administrator
for ...)
NOT-FOR-US: ProxyView
CVE-2003-1356 (The "file handling" in sort in HP-UX 10.01
through 10.20, and 11.00 ...)
@@ -26548,7 +26548,7 @@
NOTE: cups uses xpdf-utils and poppler-utils
- libextractor 0.5.12-1
NOTE: libextractor uses internal pdf decoder since 0.5.12-1, thus marking as
fixed
- - swftools <unfixed> (medium)
+ - swftools <unfixed> (medium; bug #527449)
CVE-2007-4351 (Off-by-one error in the ippReadIO function in cups/ipp.c in CUPS
1.3.3 ...)
{DSA-1407-1 DTSA-81-1}
- cupsys 1.3.4-1 (medium; bug #448866)
@@ -28850,7 +28850,7 @@
- libextractor 0.5.12-1
NOTE: libextractor uses internal pdf decoder since 0.5.12-1, thus marking as
fixed
- ipe <not-affected> (Does not include the vulnerable code)
- - swftools <unfixed>
+ - swftools <unfixed> (bug #527449)
CVE-2007-3386 (Cross-site scripting (XSS) vulnerability in the Host Manager
Servlet ...)
{DSA-1447-1}
- tomcat5.5 5.5.25-1