thr3ads.net - Secure testing commits - [Secure-testing-commits] r12467

If this information is useful, please help other people find it:
Share via:
Joey Hess
2009-Aug-03 21:14 UTC
[Secure-testing-commits] r12467 - data/CVE

Author: joeyh
Date: 2009-08-03 21:14:35 +0000 (Mon, 03 Aug 2009)
New Revision: 12467

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2009-08-03 19:15:05 UTC (rev 12466)
+++ data/CVE/list	2009-08-03 21:14:35 UTC (rev 12467)
@@ -1,3 +1,27 @@
+CVE-2009-2655 (mshtml.dll in Microsoft Internet Explorer 7 and 8 on Windows XP
SP3 ...)
+	TODO: check
+CVE-2009-2654 (Mozilla Firefox 3.5.1 and earlier allows remote attackers to
spoof the ...)
+	TODO: check
+CVE-2009-2653 (** DISPUTED ** ...)
+	TODO: check
+CVE-2009-2652 (Unspecified vulnerability in Solaris Trusted Extensions in Sun
Solaris ...)
+	TODO: check
+CVE-2008-6891 (Multiple cross-site scripting (XSS) vulnerabilities in ASP Forum
...)
+	TODO: check
+CVE-2008-6890 (SQL injection vulnerability in messages.asp in ASP Forum Script
allows ...)
+	TODO: check
+CVE-2008-6889 (SQL injection vulnerability in Merchantsadd.asp in ASPReferral
5.3 ...)
+	TODO: check
+CVE-2008-6888 (Cross-site scripting (XSS) vulnerability in signup.asp in Pre
...)
+	TODO: check
+CVE-2008-6887 (SQL injection vulnerability in detailad.asp in Pre Classified
Listings ...)
+	TODO: check
+CVE-2008-6886 (RSA EnVision 3.5.0, 3.5.1, 3.5.2, and 3.7.0 does not properly
restrict ...)
+	TODO: check
+CVE-2008-6885 (Cross-site scripting (XSS) vulnerability in pmlite.php in XOOPS
2.3.1 ...)
+	TODO: check
+CVE-2008-6884 (Multiple directory traversal vulnerabilities in XOOPS 2.3.1,
when ...)
+	TODO: check
 CVE-2009-XXXX [asterisk DoS]
 	- asterisk <unfixed>
 	[lenny] - asterisk <not-affected> (Vulnerable code introduced in 1.6)
@@ -650,22 +674,20 @@
 	TODO: check
 CVE-2009-2408 (Mozilla Firefox before 3.5 and NSS before 3.12.3 do not properly
...)
 	TODO: check
-CVE-2009-2407 [linux-2.6: ecryptfs issue]
-	RESERVED
+CVE-2009-2407 (Heap-based buffer overflow in the parse_tag_3_packet function in
...)
 	{DSA-1845-1 DSA-1844-1}
 	- linux-2.6 2.6.30-5 (medium)
 	[etch] - linux-2.6 <not-affected> (ecryptfs code introduced after
2.6.18)
 	- linux-2.6.24 <removed>
-CVE-2009-2406 [linux-2.6: ecryptfs issue]
-	RESERVED
+CVE-2009-2406 (Stack-based buffer overflow in the parse_tag_11_packet function
in ...)
 	{DSA-1845-1 DSA-1844-1}
 	- linux-2.6 2.6.30-5 (medium)
 	[etch] - linux-2.6 <not-affected> (ecryptfs code introduced after
2.6.18)
 	- linux-2.6.24 <removed>
 CVE-2009-2405
 	RESERVED
-CVE-2009-2404
-	RESERVED
+CVE-2009-2404 (Heap-based buffer overflow in a regular-expression parser in
Mozilla ...)
+	TODO: check
 CVE-2009-2403 (Heap-based buffer overflow in SCMPX 1.5.1 allows remote
attackers to ...)
 	NOT-FOR-US: SCMPX
 CVE-2009-2402 (SQL injection vulnerability in index.php in the forum module in
...)
@@ -2034,22 +2056,22 @@
 	RESERVED
 CVE-2009-1871
 	RESERVED
-CVE-2009-1870
-	RESERVED
-CVE-2009-1869
-	RESERVED
-CVE-2009-1868
-	RESERVED
-CVE-2009-1867
-	RESERVED
-CVE-2009-1866
-	RESERVED
-CVE-2009-1865
-	RESERVED
-CVE-2009-1864
-	RESERVED
-CVE-2009-1863
-	RESERVED
+CVE-2009-1870 (Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18,
and ...)
+	TODO: check
+CVE-2009-1869 (Integer overflow in Adobe Flash Player before 9.0.246.0 and 10.x
...)
+	TODO: check
+CVE-2009-1868 (Heap-based buffer overflow in Adobe Flash Player before
9.0.246.0 and ...)
+	TODO: check
+CVE-2009-1867 (Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18,
and ...)
+	TODO: check
+CVE-2009-1866 (Stack-based buffer overflow in Adobe Flash Player before
9.0.246.0 and ...)
+	TODO: check
+CVE-2009-1865 (Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18,
and ...)
+	TODO: check
+CVE-2009-1864 (Heap-based buffer overflow in Adobe Flash Player before
9.0.246.0 and ...)
+	TODO: check
+CVE-2009-1863 (Unspecified vulnerability in Adobe Flash Player before 9.0.246.0
and ...)
+	TODO: check
 CVE-2009-1862 (Unspecified vulnerability in Adobe Reader and Acrobat 9.x
through ...)
 	- flashplugin-nonfree <unfixed> (bug #538240)
 CVE-2009-1861 (Multiple heap-based buffer overflows in Adobe Reader 7 and
Acrobat 7 ...)
@@ -2408,16 +2430,13 @@
 	TODO: check 
 CVE-2009-1723
 	RESERVED
-CVE-2009-1722 [openexr]
-	RESERVED
+CVE-2009-1722 (Buffer overflow in the compression implementation in OpenEXR
1.2.2 ...)
 	{DSA-1842-1}
 	- openexr <unfixed>
-CVE-2009-1721 [openexr]
-	RESERVED
+CVE-2009-1721 (The decompression implementation in the Imf::hufUncompress
function in ...)
 	{DSA-1842-1}
 	- openexr <unfixed>
-CVE-2009-1720 [openexr]
-	RESERVED
+CVE-2009-1720 (Multiple integer overflows in OpenEXR 1.2.2 and 1.6.1 allow ...)
 	{DSA-1842-1}
 	- openexr <unfixed>
 CVE-2009-1719 (The Aqua Look and Feel for Java implementation in Java 1.5 on
Mac OS X ...)
Secure testing commits - Aug 2009 - r12467 - data/CVE

[Secure-testing-commits] r12467 - data/CVE
