thr3ads.net - Secure testing commits - [Secure-testing-commits] r12453

If this information is useful, please help other people find it:
Share via:
Joey Hess
2009-Jul-30 21:14 UTC
[Secure-testing-commits] r12453 - data/CVE

Author: joeyh
Date: 2009-07-30 21:14:27 +0000 (Thu, 30 Jul 2009)
New Revision: 12453

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2009-07-30 19:11:34 UTC (rev 12452)
+++ data/CVE/list	2009-07-30 21:14:27 UTC (rev 12453)
@@ -1,3 +1,30 @@
+CVE-2009-2651 (main/rtp.c in Asterisk Open Source 1.6.1 before 1.6.1.2 allows
remote ...)
+	TODO: check
+CVE-2009-2650 (Heap-based buffer overflow in Sorcerer Software MultiMedia
Jukebox 4.0 ...)
+	TODO: check
+CVE-2009-2649 (The IATA (ata) driver in FreeBSD 6.0 and 8.0, when read access
to /dev ...)
+	TODO: check
+CVE-2009-2648 (FlashDen Guestbook allows remote attackers to obtain
configuration ...)
+	TODO: check
+CVE-2009-2647 (Unspecified vulnerability in Kaspersky Anti-Virus 2010 and
Kaspersky ...)
+	TODO: check
+CVE-2009-2646 (Multiple unspecified vulnerabilities in the PDF distiller in the
...)
+	TODO: check
+CVE-2009-2645
+	REJECTED
+	TODO: check
+CVE-2009-2644 (Race condition in the Solaris Auditing subsystem in Sun Solaris
9 and ...)
+	TODO: check
+CVE-2008-6883 (SQL injection vulnerability in the Live Chat (com_livechat)
component ...)
+	TODO: check
+CVE-2008-6882 (Live Chat (com_livechat) component 1.0 for Joomla! allows remote
...)
+	TODO: check
+CVE-2008-6881 (Multiple SQL injection vulnerabilities in the Live Chat
(com_livechat) ...)
+	TODO: check
+CVE-2008-6880 (SQL injection vulnerability in joke.php in EasySiteNetwork Free
Jokes ...)
+	TODO: check
+CVE-2008-6879 (Cross-site scripting (XSS) vulnerability in Apache Roller 2.3,
3.0, ...)
+	TODO: check
 CVE-2009-XXXX [python-django directory traversal in test webserver]
 	- python-django 1.1-1 (low; bug #539134)
 	[etch] - python-django <no-dsa> (Minor issue)
@@ -46,8 +73,8 @@
 	RESERVED
 CVE-2009-2623
 	RESERVED
-CVE-2009-2620
-	RESERVED
+CVE-2009-2620 (src/remote/server.cpp in fbserver.exe in Firebird SQL 1.5 before
...)
+	TODO: check
 CVE-2009-2619 (SQL injection vulnerability in login.asp in DataCheck Solutions
...)
 	NOT-FOR-US: DataCheck Solutions V-SpacePal
 CVE-2009-2618 (SQL injection vulnerability in the Surveys (aka NS-Polls) module
in ...)
@@ -342,12 +369,12 @@
 	RESERVED
 CVE-2009-2496
 	RESERVED
-CVE-2009-2495
-	RESERVED
+CVE-2009-2495 (The Active Template Library (ATL) in Microsoft Visual Studio
.NET 2003 ...)
+	TODO: check
 CVE-2009-2494
 	RESERVED
-CVE-2009-2493
-	RESERVED
+CVE-2009-2493 (The Active Template Library (ATL) in Microsoft Visual Studio
.NET 2003 ...)
+	TODO: check
 CVE-2009-2492 (Cross-site scripting (XSS) vulnerability in mt-wizard.cgi in Six
Apart ...)
 	- movabletype-opensource 4.2.6.1-1 (low; bug #537935) 
 CVE-2009-XXXX [mediawiki: XSS via specialblock]
@@ -599,12 +626,12 @@
 	RESERVED
 CVE-2009-2411
 	RESERVED
-CVE-2009-2410
-	RESERVED
-CVE-2009-2409
-	RESERVED
-CVE-2009-2408
-	RESERVED
+CVE-2009-2410 (The local_handler_callback function in ...)
+	TODO: check
+CVE-2009-2409 (The NSS library before 3.12.3, as used in Firefox; GnuTLS before
2.6.4 ...)
+	TODO: check
+CVE-2009-2408 (Mozilla Firefox before 3.5 and NSS before 3.12.3 do not properly
...)
+	TODO: check
 CVE-2009-2407 [linux-2.6: ecryptfs issue]
 	RESERVED
 	{DSA-1845-1 DSA-1844-1}
@@ -1519,8 +1546,8 @@
 	RESERVED
 CVE-2009-2050
 	RESERVED
-CVE-2009-2049
-	RESERVED
+CVE-2009-2049 (Cisco IOS 12.0(32)S12 through 12.0(32)S13 and 12.0(33)S3 through
...)
+	TODO: check
 CVE-2009-2048 (Cross-site scripting (XSS) vulnerability in the Administration
...)
 	NOT-FOR-US: Cisco
 CVE-2009-2047 (Directory traversal vulnerability in the Administration
interface in ...)
@@ -1837,12 +1864,12 @@
 	RESERVED
 CVE-2009-1920
 	RESERVED
-CVE-2009-1919
-	RESERVED
-CVE-2009-1918
-	RESERVED
-CVE-2009-1917
-	RESERVED
+CVE-2009-1919 (Microsoft Internet Explorer 5.01 SP4 and 6 SP1; Internet
Explorer 6 ...)
+	TODO: check
+CVE-2009-1918 (Microsoft Internet Explorer 5.01 SP4 and 6 SP1; Internet
Explorer 6 ...)
+	TODO: check
+CVE-2009-1917 (Microsoft Internet Explorer 6 SP1; Internet Explorer 6 for
Windows XP ...)
+	TODO: check
 CVE-2009-1916 (dig.php in GScripts.net DNS Tools allows remote attackers to
execute ...)
 	NOT-FOR-US: GScripts.net DNS Tools
 CVE-2009-1915 (Stack-based buffer overflow in the URL Search Hook
(ICQToolBar.dll) in ...)
@@ -3243,8 +3270,8 @@
 	NOT-FOR-US: Symantec
 CVE-2009-1427
 	RESERVED
-CVE-2009-1426
-	RESERVED
+CVE-2009-1426 (Unspecified vulnerability on HP ProLiant DL and ML 100 Series
G5, G5p, ...)
+	TODO: check
 CVE-2009-1425 (Unspecified vulnerability in HP ProCurve Threat Management
Services zl ...)
 	NOT-FOR-US: HP ProCurve
 CVE-2009-1424 (Unspecified vulnerability in HP ProCurve Threat Management
Services zl ...)
@@ -4420,16 +4447,16 @@
 	{DSA-1756-1}
 	- xulrunner 1.9.0.8-1
 	- kompozer 1:0.8~alpha2+dfsg+svn129-1
-CVE-2009-1168
-	RESERVED
-CVE-2009-1167
-	RESERVED
-CVE-2009-1166
-	RESERVED
-CVE-2009-1165
-	RESERVED
-CVE-2009-1164
-	RESERVED
+CVE-2009-1168 (Cisco IOS 12.0(32)S12 through 12.0(32)S13 and 12.0(33)S3 through
...)
+	TODO: check
+CVE-2009-1167 (Unspecified vulnerability on the Cisco Wireless LAN Controller
(WLC) ...)
+	TODO: check
+CVE-2009-1166 (The administrative web interface on the Cisco Wireless LAN
Controller ...)
+	TODO: check
+CVE-2009-1165 (Memory leak on the Cisco Wireless LAN Controller (WLC) platform
4.x ...)
+	TODO: check
+CVE-2009-1164 (The administrative web interface on the Cisco Wireless LAN
Controller ...)
+	TODO: check
 CVE-2009-1163 (Memory leak on the Cisco Physical Access Gateway with software
before ...)
 	NOT-FOR-US: Cisco
 CVE-2009-1162 (Cross-site scripting (XSS) vulnerability in the Spam Quarantine
login ...)
@@ -5243,8 +5270,8 @@
 	NOT-FOR-US: WebSphere
 CVE-2009-0902
 	RESERVED
-CVE-2009-0901
-	RESERVED
+CVE-2009-0901 (The Active Template Library (ATL) in Microsoft Visual Studio
.NET 2003 ...)
+	TODO: check
 CVE-2009-0900
 	RESERVED
 CVE-2009-0899 (IBM WebSphere Application Server (WAS) 6.1 through 6.1.0.24 and
7.0 ...)
@@ -6161,8 +6188,7 @@
 	- xine-lib 1.1.16.2-1 (bug #517792; bug #523475; medium)
 CVE-2009-0697
 	RESERVED
-CVE-2009-0696 [bind DoS with dynamic updates]
-	RESERVED
+CVE-2009-0696 (The dns_db_findrdataset function in db.c in named in ISC BIND
9.4 ...)
 	{DSA-1847-1}
 	- bind9 1:9.6.1.dfsg.P1-1 (bug #538975; high)
 	NOTE: See also http://www.kb.cert.org/vuls/id/725188
Secure testing commits - Jul 2009 - r12453 - data/CVE

[Secure-testing-commits] r12453 - data/CVE
