thr3ads.net - Secure testing commits - [Secure-testing-commits] r12652

If this information is useful, please help other people find it:
Share via:

Giuseppe Iuculano

2009-Aug-21 10:27 UTC

[Secure-testing-commits] r12652 - data/CVE

Author: derevko-guest
Date: 2009-08-21 10:27:30 +0000 (Fri, 21 Aug 2009)
New Revision: 12652

Modified:
   data/CVE/list
Log:
NFU
some chromium-browser issues
CVE-2009-1896: openjdk-6 affected
CVE-2009-1884: libcompress-raw-bzip2-perl Off-by-one error


Modified: data/CVE/list
==================================================================---
data/CVE/list	2009-08-21 07:50:25 UTC (rev 12651)
+++ data/CVE/list	2009-08-21 10:27:30 UTC (rev 12652)
@@ -241,19 +241,19 @@
 CVE-2008-7001 (Unrestricted file upload vulnerability in the file manager in
Creative ...)
 	NOT-FOR-US: Creative Mind Creator CMS
 CVE-2008-7000 (PHP remote file inclusion vulnerability in index.php in
PHPAuction 3.2 ...)
-	TODO: check
+	NOT-FOR-US: phpAuction
 CVE-2008-6999 (phpAuction 3.2, and possibly 3.3.0 GPL Basic edition, allows
remote ...)
 	NOT-FOR-US: phpAuction
 CVE-2008-6998 (Stack-based buffer overflow in chrome/common/gfx/url_elider.cc
in ...)
-	TODO: check
+	- chromium-browser <itp> (bug #520324)
 CVE-2008-6997 (Google Chrome 0.2.149.27 allows user-assisted remote attackers
to ...)
-	TODO: check
+	- chromium-browser <itp> (bug #520324)
 CVE-2008-6996 (Google Chrome BETA (0.2.149.27) does not prompt the user before
saving ...)
-	TODO: check
+	- chromium-browser <itp> (bug #520324)
 CVE-2008-6995 (Integer underflow in net/base/escape.cc in chrome.dll in Google
Chrome ...)
-	TODO: check
+	- chromium-browser <itp> (bug #520324)
 CVE-2008-6994 (Stack-based buffer overflow in the SaveAs feature ...)
-	TODO: check
+	- chromium-browser <itp> (bug #520324)
 CVE-2008-6993 (Siemens Gigaset WLAN Camera 1.27 has an insecure default
password, ...)
 	NOT-FOR-US: Siemens Gigaset WLAN Camera
 CVE-2008-6992 (GreenSQL Firewall (greensql-fw), possibly before 0.9.2 or 0.9.4,
...)
@@ -2863,7 +2863,7 @@
 	- linux-2.6.24 <not-affected> (vulnerable code introduced in 2.6.29)
 	NOTE: http://seclists.org/fulldisclosure/2009/Jul/0241.html
 CVE-2009-1896 (The Java Web Start framework in IcedTea in OpenJDK before ...)
-	TODO: check
+	- openjdk-6 <unfixed> (bug #542210)
 CVE-2009-1895 (The personality subsystem in the Linux kernel before 2.6.31-rc3
has a ...)
 	{DSA-1845-1 DSA-1844-1}
 	- linux-2.6 2.6.30-3 (low)
@@ -2909,7 +2909,7 @@
 	- xerces-c2 <unfixed> (low; bug #541986)
 	- xerces27 <removed>
 CVE-2009-1884 (Off-by-one error in the bzinflate function in Bzip2.xs in the
...)
-	TODO: check
+	- libcompress-raw-bzip2-perl <unfixed> (medium; bug #542777)
 CVE-2009-1883
 	RESERVED
 CVE-2009-1882 (Integer overflow in the XMakeImage function in magick/xwindow.c
in ...)

Secure testing commits - Aug 2009 - r12652 - data/CVE

[Secure-testing-commits] r12652 - data/CVE