Author: joeyh Date: 2009-06-19 21:14:10 +0000 (Fri, 19 Jun 2009) New Revision: 12172 Modified: data/CVE/list Log: automatic update Modified: data/CVE/list ==================================================================--- data/CVE/list 2009-06-19 20:02:20 UTC (rev 12171) +++ data/CVE/list 2009-06-19 21:14:10 UTC (rev 12172) @@ -1,3 +1,29 @@ +CVE-2009-2120 (Multiple SQL injection vulnerabilities in TekBase All-in-One 3.1 allow ...) + TODO: check +CVE-2009-2119 (Cross-site scripting (XSS) vulnerability in the login interface in F5 ...) + TODO: check +CVE-2009-2118 (Integer overflow in IrfanView 4.23, when the resampling or screen ...) + TODO: check +CVE-2009-2117 (uye_paneli.php in phPortal 1.0 allows remote attackers to bypass ...) + TODO: check +CVE-2009-2116 (Directory traversal vulnerability in admin.php in SkyBlueCanvas 1.1 ...) + TODO: check +CVE-2009-2115 (admin.php in SkyBlueCanvas 1.1 r237 allows remote authenticated ...) + TODO: check +CVE-2009-2114 (Multiple cross-site scripting (XSS) vulnerabilities in admin.php in ...) + TODO: check +CVE-2009-2113 (Multiple SQL injection vulnerabilities in FretsWeb 1.2 allow remote ...) + TODO: check +CVE-2009-2112 (Directory traversal vulnerability in include/page_bottom.php in phpFK ...) + TODO: check +CVE-2009-2111 (Static code injection vulnerability in add_reg.php in DB Top Sites 1.0 ...) + TODO: check +CVE-2009-2110 (Multiple directory traversal vulnerabilities in DB Top Sites 1.0, when ...) + TODO: check +CVE-2009-2109 (Multiple directory traversal vulnerabilities in FretsWeb 1.2 allow ...) + TODO: check +CVE-2009-2108 (git-daemon in git 1.4.4.5 through 1.6.3 allows remote attackers to ...) + TODO: check CVE-2009-XXXX [moin: heirarchical ACL vulnerability] - moin 1.8.4-1 (low; bug #533673) TODO: check whether etch/lenny versions are affected or not @@ -409,8 +435,8 @@ NOT-FOR-US: LightNEasy CVE-2009-1936 (_functions.php in cpCommerce 1.2.x, possibly including 1.2.9, sends a ...) NOT-FOR-US: cpCommerce -CVE-2009-1935 - RESERVED +CVE-2009-1935 (Integer overflow in the pipe_build_write_buffer function ...) + TODO: check CVE-2009-1934 (Cross-site scripting (XSS) vulnerability in the Reverse Proxy Plug-in ...) NOT-FOR-US: Sun Java System Web Server CVE-2009-1933 (Kerberos in Sun Solaris 8, 9, and 10, and OpenSolaris before snv_117, ...) @@ -969,22 +995,22 @@ CVE-2009-1701 (Use-after-free vulnerability in the JavaScript DOM implementation in ...) - webkit <unfixed> TODO: File bug -CVE-2009-1700 (The XSLT implementation in WebKit in Apple Safari before 4.0 does not ...) +CVE-2009-1700 (The XSLT implementation in WebKit in Apple Safari before 4.0, iPhone ...) TODO: check -CVE-2009-1699 (The XSL stylesheet implementation in WebKit in Apple Safari before 4.0 ...) +CVE-2009-1699 (The XSL stylesheet implementation in WebKit in Apple Safari before ...) TODO: check -CVE-2009-1698 (WebKit in Apple Safari before 4.0 does not initialize a pointer during ...) +CVE-2009-1698 (WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and ...) - webkit <unfixed> TODO: File bug -CVE-2009-1697 (CRLF injection vulnerability in WebKit in Apple Safari before 4.0 ...) +CVE-2009-1697 (CRLF injection vulnerability in WebKit in Apple Safari before 4.0, ...) TODO: check -CVE-2009-1696 (WebKit in Apple Safari before 4.0 uses predictable random numbers in ...) +CVE-2009-1696 (WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and ...) TODO: check CVE-2009-1695 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari ...) TODO: check -CVE-2009-1694 (WebKit in Apple Safari before 4.0 does not properly handle redirects, ...) +CVE-2009-1694 (WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and ...) TODO: check -CVE-2009-1693 (WebKit in Apple Safari before 4.0 allows remote attackers to read ...) +CVE-2009-1693 (WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and ...) TODO: check CVE-2009-1692 RESERVED @@ -997,9 +1023,9 @@ TODO: check CVE-2009-1688 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari ...) TODO: check -CVE-2009-1687 (The JavaScript garbage collector in WebKit in Apple Safari before 4.0 ...) +CVE-2009-1687 (The JavaScript garbage collector in WebKit in Apple Safari before 4.0, ...) TODO: check -CVE-2009-1686 (WebKit in Apple Safari before 4.0 does not properly handle constant ...) +CVE-2009-1686 (WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and ...) TODO: check CVE-2009-1685 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari ...) TODO: check @@ -1009,7 +1035,7 @@ RESERVED CVE-2009-1682 (Apple Safari before 4.0 does not properly check for revoked Extended ...) NOT-FOR-US: Apple Safari -CVE-2009-1681 (WebKit in Apple Safari before 4.0 does not prevent web sites from ...) +CVE-2009-1681 (WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and ...) TODO: check CVE-2009-1680 RESERVED @@ -6774,7 +6800,7 @@ NOT-FOR-US: CFNetwork in Apple CVE-2009-0156 (Launch Services in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 ...) NOT-FOR-US: Launch Services in Apple Mac OS -CVE-2009-0155 (Integer underflow in CoreGraphics in Apple Mac OS X 10.5 before 10.5.7 ...) +CVE-2009-0155 (Integer underflow in CoreGraphics in Apple Mac OS X 10.5 before ...) NOT-FOR-US: CoreGraphics in Apple Mac OS CVE-2009-0154 (Heap-based buffer overflow in Apple Type Services (ATS) in Apple Mac ...) NOT-FOR-US: Apple Type Services @@ -6805,7 +6831,7 @@ - xpdf <unfixed> (medium; bug #524809) - kdegraphics <unfixed> (medium; bug #524810) - swftools <unfixed> (medium; bug #527449) -CVE-2009-0145 (CoreGraphics in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 allows ...) +CVE-2009-0145 (CoreGraphics in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7, iPhone ...) NOT-FOR-US: CoreGraphics in Apple Mac OS X CVE-2009-0144 (CFNetwork in Apple Mac OS X 10.5 before 10.5.7 does not properly parse ...) NOT-FOR-US: CFNetwork in Apple Mac OS X