Author: joeyh
Date: 2009-08-06 21:14:20 +0000 (Thu, 06 Aug 2009)
New Revision: 12500
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2009-08-06 14:37:45 UTC (rev 12499)
+++ data/CVE/list 2009-08-06 21:14:20 UTC (rev 12500)
@@ -1,4 +1,99 @@
+CVE-2009-2705
+ RESERVED
+CVE-2009-2704
+ RESERVED
+CVE-2009-2703
+ RESERVED
+CVE-2009-2702
+ RESERVED
+CVE-2009-2701
+ RESERVED
+CVE-2009-2700
+ RESERVED
+CVE-2009-2699
+ RESERVED
+CVE-2009-2698
+ RESERVED
+CVE-2009-2697
+ RESERVED
+CVE-2009-2696
+ RESERVED
+CVE-2009-2695
+ RESERVED
+CVE-2009-2694
+ RESERVED
+CVE-2009-2693
+ RESERVED
+CVE-2009-2692
+ RESERVED
+CVE-2009-2691
+ RESERVED
+CVE-2009-2690
+ RESERVED
+CVE-2009-2689
+ RESERVED
+CVE-2009-2688 (Multiple integer overflows in glyphs-eimage.c in XEmacs 21.4.22,
when ...)
+ TODO: check
+CVE-2009-2687 (The exif_read_data function in the Exif module in PHP before
5.2.10 ...)
+ TODO: check
+CVE-2009-2686
+ RESERVED
+CVE-2009-2685
+ RESERVED
+CVE-2009-2684
+ RESERVED
+CVE-2009-2683
+ RESERVED
+CVE-2009-2682
+ RESERVED
+CVE-2009-2681
+ RESERVED
+CVE-2009-2680
+ RESERVED
+CVE-2009-2679
+ RESERVED
+CVE-2009-2678
+ RESERVED
+CVE-2009-2677
+ RESERVED
+CVE-2009-2676 (Unspecified vulnerability in JNLPAppletlauncher in Sun Java SE,
and SE ...)
+ TODO: check
+CVE-2009-2675 (Integer overflow in the unpack200 utility in Sun Java Runtime
...)
+ TODO: check
+CVE-2009-2674 (Integer overflow in Sun Java Runtime Environment (JRE) in JDK
and JRE ...)
+ TODO: check
+CVE-2009-2673 (The proxy mechanism implementation in Sun Java Runtime
Environment ...)
+ TODO: check
+CVE-2009-2672 (The proxy mechanism implementation in Sun Java Runtime
Environment ...)
+ TODO: check
+CVE-2009-2671 (The SOCKS proxy implementation in Sun Java Runtime Environment
(JRE) ...)
+ TODO: check
+CVE-2009-2670 (The audio system in Sun Java Runtime Environment (JRE) in JDK
and JRE ...)
+ TODO: check
+CVE-2009-2669 (A certain debugging component in IBM AIX 5.3 and 6.1 does not
properly ...)
+ TODO: check
+CVE-2009-2668 (Microsoft Internet Explorer 6 through 6.0.2900.2180 and 7
through ...)
+ TODO: check
+CVE-2009-2667 (Unspecified vulnerability in IBM Tivoli Key Lifecycle Manager
(TKLM) ...)
+ TODO: check
+CVE-2008-6904 (Multiple unspecified vulnerabilities in Sophos SAVScan 4.33.0
for ...)
+ TODO: check
+CVE-2008-6903 (Sophos Anti-Virus for Windows before 7.6.3, Anti-Virus for
Windows ...)
+ TODO: check
+CVE-2008-6902 (Unrestricted file upload vulnerability in upload_flyer.php in
...)
+ TODO: check
+CVE-2008-6901 (Multiple directory traversal vulnerabilities in 2532designs
2532|Gigs ...)
+ TODO: check
+CVE-2008-6900 (Unrestricted file upload vulnerability in "Add
Pen/Author Name" ...)
+ TODO: check
+CVE-2008-6899 (Multiple buffer overflows in freeSSHd 1.2.1 allow remote
authenticated ...)
+ TODO: check
+CVE-2008-6898 (Buffer overflow in the XHTTP Module 4.1.0.0 in the ActiveX
control for ...)
+ TODO: check
+CVE-2008-6897 (Multiple buffer overflows in Getleft.exe in Andres Garcia
Getleft 1.2 ...)
+ TODO: check
CVE-2009-2666 [fetchmail 0 byte cert injection]
+ RESERVED
- fetchmail <unfixed>
CVE-2009-2665 (The nsDocument::SetScriptGlobalObject function in ...)
- xulrunner <not-affected>
@@ -272,8 +367,8 @@
NOT-FOR-US: EditeurScripts EsNews
CVE-2009-2580
REJECTED
-CVE-2009-2579
- RESERVED
+CVE-2009-2579 (SQL injection vulnerability in reward_points.post.php in the
Reward ...)
+ TODO: check
CVE-2009-2578 (Google Chrome 2.x through 2.0.172 allows remote attackers to
cause a ...)
- chromium-browser <itp> (bug #520324)
CVE-2009-2577 (Opera 9.52 and earlier allows remote attackers to cause a denial
of ...)
@@ -335,6 +430,7 @@
CVE-2009-2555 (Heap-based buffer overflow in src/jsregexp.cc in Google V8
before ...)
- chromium-browser <itp> (bug #520324)
CVE-2009-2658 (Directory traversal vulnerability in ZNC before 0.072 allows
remote ...)
+ {DSA-1848-1}
- znc 0.074-1 (medium; bug #537977)
NOTE:
http://znc.svn.sourceforge.net/viewvc/znc?view=rev&sortby=rev&sortdir=down&revision=1570
NOTE: CVE id requested
@@ -721,7 +817,7 @@
RESERVED
CVE-2009-2410 (The local_handler_callback function in ...)
NOT-FOR-US: sssd
-CVE-2009-2409 (The NSS library before 3.12.3, as used in Firefox; GnuTLS before
2.6.4 ...)
+CVE-2009-2409 (The Network Security Services (NSS) library before 3.12.3, as
used in ...)
- nss 3.12.3-1 (low; bug #539895)
- openssl <unfixed> (low; bug #539899)
- gnutls26 2.4.2-5 (low; bug #539901)
@@ -4279,7 +4375,7 @@
NOT-FOR-US: Opera
CVE-2009-1233 (Apple Safari 3.2.2 and 4 Beta on Windows allows remote attackers
to ...)
NOT-FOR-US: Safari on Windows
-CVE-2009-1232 (The XUL parser in Mozilla Firefox 3.0.8 and earlier 3.0.x
versions ...)
+CVE-2009-1232 (Mozilla Firefox 3.0.8 and earlier 3.0.x versions allows remote
...)
- xulrunner <unfixed> (unimportant)
NOTE: Browser crashes not treated as security issues
CVE-2009-1231 (Unspecified vulnerability in the eClient in IBM DB2 Content
Manager ...)