thr3ads.net - Secure testing commits - [Secure-testing-commits] r12014

If this information is useful, please help other people find it:
Share via:
Joey Hess
2009-Jun-01 21:14 UTC
[Secure-testing-commits] r12014 - data/CVE

Author: joeyh
Date: 2009-06-01 21:14:14 +0000 (Mon, 01 Jun 2009)
New Revision: 12014

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2009-06-01 21:09:51 UTC (rev 12013)
+++ data/CVE/list	2009-06-01 21:14:14 UTC (rev 12014)
@@ -1,44 +1,68 @@
-CVE-2009-1831
+CVE-2009-1841
+	RESERVED
+CVE-2009-1840
+	RESERVED
+CVE-2009-1839
+	RESERVED
+CVE-2009-1838
+	RESERVED
+CVE-2009-1837
+	RESERVED
+CVE-2009-1836
+	RESERVED
+CVE-2009-1835
+	RESERVED
+CVE-2009-1834
+	RESERVED
+CVE-2009-1833
+	RESERVED
+CVE-2009-1832
+	RESERVED
+CVE-2009-1828 (Mozilla Firefox 3.0.10 allows remote attackers to cause a denial
of ...)
+	TODO: check
+CVE-2009-1827 (The SVG component in Mozilla Firefox 3.0.4 allows remote
attackers to ...)
+	TODO: check
+CVE-2009-1831 (The Nullsoft Modern Skins Support module (gen_ff.dll) in
Nullsoft ...)
 	NOT-FOR-US: Nullsoft Winamp
-CVE-2009-1830
+CVE-2009-1830 (Stack-based buffer overflow in Soulseek 156 and 157 NS allows
remote ...)
 	NOT-FOR-US: Soulseek
-CVE-2009-1826
+CVE-2009-1826 (modules/admuser.php in myGesuad 0.9.14 (aka 0.9) does not
require ...)
 	NOT-FOR-US: myGesuad
-CVE-2009-1825
+CVE-2009-1825 (modules/admuser.php in myColex 1.4.2 does not require
administrative ...)
 	NOT-FOR-US: myColex
-CVE-2009-1824
+CVE-2009-1824 (The ps_drv.sys kernel driver in ArcaBit ArcaVir 2009 Antivirus
...)
 	NOT-FOR-US: ArcaBit ArcaVir
-CVE-2009-1823
+CVE-2009-1823 (Cross-site scripting (XSS) vulnerability in the Print (aka
Printer, ...)
 	NOT-FOR-US: 3rd party Printer, e-mail and PDF module for Drupal
-CVE-2009-1822
+CVE-2009-1822 (Multiple PHP remote file inclusion vulnerabilities in the
InterJoomla ...)
 	NOT-FOR-US: Joomla!
-CVE-2009-1821
+CVE-2009-1821 (DMXReady Registration Manager 1.1 stores sensitive information
under ...)
 	NOT-FOR-US: DMXReady Registration Manager
-CVE-2009-1820
+CVE-2009-1820 (Cross-site scripting (XSS) vulnerability in product.php in
2daybiz ...)
 	NOT-FOR-US: 2daybiz Custom T-shirt Design Script
-CVE-2009-1819
+CVE-2009-1819 (SQL injection vulnerability in product.php in 2daybiz Custom
T-shirt ...)
 	NOT-FOR-US: 2daybiz Custom T-shirt Design Script
-CVE-2009-1818
+CVE-2009-1818 (SQL injection vulnerability in admin/admin_manager.asp in MaxCMS
2.0 ...)
 	NOT-FOR-US: MaxCMS
-CVE-2009-1817
+CVE-2009-1817 (Multiple buffer overflows in DigiMode Maya 1.0.2 allow remote
...)
 	NOT-FOR-US: DigiMode Maya
-CVE-2009-1816
+CVE-2009-1816 (SQL injection vulnerability in admin.php in My Game Script 2.0
allows ...)
 	NOT-FOR-US: My Game Script
-CVE-2009-1815
+CVE-2009-1815 (Stack-based buffer overflow in Sonic Spot Audioactive Player
1.93b ...)
 	NOT-FOR-US: Sonic Spot Audioactive Player
-CVE-2009-1814
+CVE-2009-1814 (SQL injection vulnerability in mail.php in PHPenpals 1.1 and
earlier ...)
 	NOT-FOR-US: PHPenpals
-CVE-2009-1813
+CVE-2009-1813 (Multiple SQL injection vulnerabilities in admin/index.php in
Submitter ...)
 	NOT-FOR-US: Submitter Script
-CVE-2009-1812
+CVE-2009-1812 (Multiple SQL injection vulnerabilities in myGesuad 0.9.14 (aka
0.9) ...)
 	NOT-FOR-US: myGesuad
-CVE-2009-1811
+CVE-2009-1811 (Multiple cross-site scripting (XSS) vulnerabilities in myGesuad
0.9.14 ...)
 	NOT-FOR-US: myGesuad
-CVE-2009-1810
+CVE-2009-1810 (Multiple SQL injection vulnerabilities in myColex 1.4.2 allow
remote ...)
 	NOT-FOR-US: myColex
-CVE-2009-1809
+CVE-2009-1809 (Multiple cross-site scripting (XSS) vulnerabilities in myColex
1.4.2 ...)
 	NOT-FOR-US: myColex
-CVE-2009-1829 [wireshark PCNFSD DoS]
+CVE-2009-1829 (Unspecified vulnerability in the PCNFSD dissector in Wireshark
0.8.20 ...)
 	- wireshark <unfixed> (low)
 CVE-2009-1808 (Microsoft Windows XP SP3 allows local users to cause a denial of
...)
 	NOT-FOR-US: Microsoft
@@ -84,7 +108,7 @@
 	RESERVED
 CVE-2009-1793
 	RESERVED
-CVE-2009-1792
+CVE-2009-1792 (The system.openURL function in StoneTrip Ston3D StandalonePlayer
(aka ...)
 	NOT-FOR-US: StoneTrip Ston3D StandalonePlayer
 CVE-2009-1790 (Cross-site scripting (XSS) vulnerability in CGI RESCUE Trees
before ...)
 	NOT-FOR-US: CGI Rescue Trees
@@ -709,7 +733,7 @@
 	RESERVED
 CVE-2009-1538
 	RESERVED
-CVE-2009-1537
+CVE-2009-1537 (Unspecified vulnerability in the QuickTime Movie Parser Filter
in ...)
 	NOT-FOR-US: Microsoft DirectX
 CVE-2009-1536
 	RESERVED
@@ -3906,6 +3930,7 @@
 CVE-2009-0689
 	RESERVED
 CVE-2009-0688 (Multiple buffer overflows in the CMU Cyrus SASL library before
2.1.23 ...)
+	{DSA-1807-1}
 	- cyrus-sasl2 2.1.23.dfsg1-1 (bug #528749)
 	NOTE: VU#238019
 CVE-2009-0687
@@ -7696,7 +7721,7 @@
 	- sun-java6 6-12-1 (bug #508195)
 	[lenny] - sun-java6 <no-dsa> (Non-free not supported)
 	- openjdk-6 6b11-9.1 (bug #510972)
-CVE-2008-5353 (Unspecified vulnerability in Java Runtime Environment (JRE) for
Sun ...)
+CVE-2008-5353 (The Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update
10 and ...)
 	- sun-java5 1.5.0-17-0.1 (bug #508194)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 <no-dsa> (Non-free not supported)
Secure testing commits - Jun 2009 - r12014 - data/CVE

[Secure-testing-commits] r12014 - data/CVE
