Author: joeyh Date: 2009-10-19 21:14:26 +0000 (Mon, 19 Oct 2009) New Revision: 13045 Modified: data/CVE/list Log: automatic update Modified: data/CVE/list ==================================================================--- data/CVE/list 2009-10-19 20:08:53 UTC (rev 13044) +++ data/CVE/list 2009-10-19 21:14:26 UTC (rev 13045) @@ -1,3 +1,63 @@ +CVE-2009-3729 + RESERVED +CVE-2009-3728 + RESERVED +CVE-2009-3727 + RESERVED +CVE-2009-3726 + RESERVED +CVE-2009-3725 + RESERVED +CVE-2009-3724 + RESERVED +CVE-2009-3723 + RESERVED +CVE-2009-3722 + RESERVED +CVE-2009-3721 + RESERVED +CVE-2009-3720 + RESERVED +CVE-2009-3719 (Cross-site scripting (XSS) vulnerability in comment.asp in Battle Blog ...) + TODO: check +CVE-2009-3718 (SQL injection vulnerability in admin/authenticate.asp in Battle Blog ...) + TODO: check +CVE-2009-3717 (Heap-based buffer overflow in LucVil PatPlayer 3.9 allows remote ...) + TODO: check +CVE-2009-3716 (Unrestricted file upload vulnerability in admin.php in MCshoutbox 1.1 ...) + TODO: check +CVE-2009-3715 (Multiple SQL injection vulnerabilities in scr_login.php in MCshoutbox ...) + TODO: check +CVE-2009-3714 (Cross-site scripting (XSS) vulnerability in admin_login.php in ...) + TODO: check +CVE-2009-3713 (SQL injection vulnerability in fichero.php in MorcegoCMS 1.7.6 and ...) + TODO: check +CVE-2009-3712 (Multiple SQL injection vulnerabilities in Ebay Clone 2009 allow remote ...) + TODO: check +CVE-2009-3711 (Stack-based buffer overflow in the h_handlepeer function in http.cpp ...) + TODO: check +CVE-2009-3710 (RioRey RIOS 4.6.6 and 4.7.0 uses an undocumented, hard-coded username ...) + TODO: check +CVE-2009-3709 (Stack-based buffer overflow in the Meta Content Optimizer in Konae ...) + TODO: check +CVE-2009-3708 (Stack-based buffer overflow in the Meta Content Optimizer in Konae ...) + TODO: check +CVE-2009-3707 (VMware Authentication Daemon 1.0 in vmware-authd.exe 6.5.3.8888 in the ...) + TODO: check +CVE-2009-3706 (Unspecified vulnerability in the ZFS filesystem in Sun Solaris 10, and ...) + TODO: check +CVE-2009-3705 (PHP remote file inclusion vulnerability in debugger.php in Achievo ...) + TODO: check +CVE-2009-3704 (ZoIPer 2.22, and possibly other versions before 2.24 Library 5324, ...) + TODO: check +CVE-2009-3703 + RESERVED +CVE-2009-3702 + RESERVED +CVE-2009-3701 + RESERVED +CVE-2009-3700 + RESERVED CVE-2009-XXXX [xpdf: integer overflow and null ptr dereference vulnerability] - xpdf <unfixed> (medium; bug #551287) - poppler <unfixed> (medium; bug #551289) @@ -7,11 +67,9 @@ NOT-FOR-US: IBM AIX CVE-2009-3698 (An unspecified function in the Dalvik API in Android 1.5 and earlier ...) NOT-FOR-US: Dalvik API in Android -CVE-2009-3697 [phpMyAdmin XSS/SQL inj PMASA-2009-6] - RESERVED +CVE-2009-3697 (SQL injection vulnerability in the PDF schema generator functionality ...) - phpmyadmin 4:3.2.2.1-1 -CVE-2009-3696 [phpMyAdmin XSS/SQL inj PMASA-2009-6] - RESERVED +CVE-2009-3696 (Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.11.x before ...) - phpmyadmin 4:3.2.2.1-1 CVE-2009-3610 RESERVED @@ -558,7 +616,7 @@ RESERVED CVE-2009-3460 RESERVED -CVE-2009-3459 (Unspecified vulnerability in Adobe Reader and Acrobat 9.1.3 and ...) +CVE-2009-3459 (Heap-based buffer overflow in Adobe Reader and Acrobat 7.x before ...) NOT-FOR-US: Adobe Acrobat CVE-2009-3458 RESERVED @@ -624,7 +682,7 @@ NOT-FOR-US: Sun Solaris Cluster CVE-2009-3432 (Unspecified vulnerability in xscreensaver in Sun Solaris 10, and ...) NOT-FOR-US: Sun OpenSolaris xscreensaver -CVE-2009-3431 (Stack consumption vulnerability in Adobe Acrobat 9.1.1 allows remote ...) +CVE-2009-3431 (Stack consumption vulnerability in Adobe Reader and Acrobat 9.1.3, ...) NOT-FOR-US: Adobe Acrobat CVE-2009-XXXX [libfwbuilder insecure temp file usage] - libfwbuilder <unfixed> (low) @@ -949,10 +1007,10 @@ NOT-FOR-US: phpspot Products CVE-2009-3283 (Cross-site scripting (XSS) vulnerability in phpspot PHP BBS, PHP Image ...) NOT-FOR-US: phpspot Products -CVE-2009-3282 - RESERVED -CVE-2009-3281 - RESERVED +CVE-2009-3282 (Integer overflow in the vmx86 kernel extension in VMware Fusion before ...) + TODO: check +CVE-2009-3281 (The vmx86 kernel extension in VMware Fusion before 2.0.6 build 196839 ...) + TODO: check CVE-2009-3280 (Integer signedness error in the find_ie function in ...) - linux-2.6 2.6.31-1 (medium) - linux-2.6.24 <not-affected> (vulnerable code not present) @@ -2440,8 +2498,8 @@ RESERVED CVE-2009-2875 RESERVED -CVE-2009-2874 - RESERVED +CVE-2009-2874 (The TimesTenD process in Cisco Unified Presence 1.x, 6.x before ...) + TODO: check CVE-2009-2873 (Cisco IOS 12.0 through 12.4, when IP-based tunnels and the Cisco ...) NOT-FOR-US: Cisco IOS CVE-2009-2872 (Cisco IOS 12.0 through 12.4, when IP-based tunnels and the Cisco ...) @@ -2941,10 +2999,10 @@ NOT-FOR-US: OpenNews CVE-2009-2735 (SQL injection vulnerability in admin.php in sun-jester OpenNews 1.0, ...) NOT-FOR-US: OpenNews -CVE-2009-2734 - RESERVED -CVE-2009-2733 - RESERVED +CVE-2009-2734 (SQL injection vulnerability in the get_employee function in ...) + TODO: check +CVE-2009-2733 (Multiple cross-site scripting (XSS) vulnerabilities in Achievo before ...) + TODO: check CVE-2009-2732 (The checkHTTPpassword function in http.c in ntop 3.3.10 and earlier ...) - ntop 3:3.3-12 (low; bug #543312) [lenny] - ntop <no-dsa> (Minor issue) @@ -44122,7 +44180,7 @@ NOT-FOR-US: OpenPinboard CVE-2007-0049 (Geckovich TaskTracker Pro 1.5 and earlier allows remote attackers to ...) NOT-FOR-US: TaskTracker -CVE-2007-0048 (Adobe Acrobat Reader Plugin before 8.0.0, when used with Internet ...) +CVE-2007-0048 (Adobe Acrobat Reader Plugin before 8.0.0, and possibly the plugin ...) NOT-FOR-US: Adobe Acrobat Reader with Internet Explorer CVE-2007-0047 (CRLF injection vulnerability in Adobe Acrobat Reader Plugin before ...) NOT-FOR-US: Adobe Acrobat Reader with Internet Explorer