Author: joeyh
Date: 2009-12-16 09:14:37 +0000 (Wed, 16 Dec 2009)
New Revision: 13567
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2009-12-16 07:05:53 UTC (rev 13566)
+++ data/CVE/list 2009-12-16 09:14:37 UTC (rev 13567)
@@ -68,7 +68,7 @@
RESERVED
CVE-2010-0001
RESERVED
-CVE-2009-4324 (Unspecified vulnerability in Adobe Reader and Acrobat 9.2 and
earlier ...)
+CVE-2009-4324 (Use-after-free vulnerability in Doc.media.newPlayer in Adobe
Reader ...)
TODO: check
CVE-2009-4323 (The installation for Zen Cart stores sensitive information and
...)
NOT-FOR-US: Zen Cart
@@ -529,8 +529,7 @@
- linux-2.6.24 <removed> (medium)
CVE-2009-4137
RESERVED
-CVE-2009-4136 [Privilege escalation through index functions]
- RESERVED
+CVE-2009-4136 (PostgreSQL 7.4.x before 7.4.27, 8.0.x before 8.0.23, 8.1.x
before ...)
- postgresql-7.4 <removed>
- postgresql-8.1 <removed>
- postgresql-8.2 <removed>
@@ -781,8 +780,7 @@
RESERVED
CVE-2009-4035
RESERVED
-CVE-2009-4034 [X.509 certificate spoofing using NUL characters]
- RESERVED
+CVE-2009-4034 (PostgreSQL 7.4.x before 7.4.27, 8.0.x before 8.0.23, 8.1.x
before ...)
- postgresql-7.4 <removed>
- postgresql-8.1 <removed>
- postgresql-8.2 <removed>
@@ -2276,8 +2274,8 @@
CVE-2009-3555 (The TLS protocol, and the SSL protocol 3.0 and possibly earlier,
as ...)
{DSA-1934-1}
NOTE: See separate CVE-2009-3555 file in SVN
-CVE-2009-3554
- RESERVED
+CVE-2009-3554 (Twiddle in Red Hat JBoss Enterprise Application Platform (aka
JBoss ...)
+ TODO: check
CVE-2009-3553 (Use-after-free vulnerability in the abstract file-descriptor
handling ...)
- cups 1.4.2-4 (low; bug #557740)
- cupsys <not-affected> (vulnerable code introduced in 1.3.x)
@@ -6200,8 +6198,8 @@
- linux-2.6 2.6.30-5 (medium)
[etch] - linux-2.6 <not-affected> (ecryptfs not yet present)
- linux-2.6.24 <removed>
-CVE-2009-2405
- RESERVED
+CVE-2009-2405 (Multiple cross-site scripting (XSS) vulnerabilities in the Web
Console ...)
+ TODO: check
CVE-2009-2404 (Heap-based buffer overflow in a regular-expression parser in
Mozilla ...)
{DSA-1874-1}
- nss 3.12.3-1 (low; bug #539934)
@@ -8985,8 +8983,8 @@
CVE-2009-1381 (The map_yp_alias function in functions/imap_general.php in ...)
{DSA-1802-2}
- squirrelmail 2:1.4.19-1
-CVE-2009-1380
- RESERVED
+CVE-2009-1380 (Cross-site scripting (XSS) vulnerability in JMX-Console in
JBossAs in ...)
+ TODO: check
CVE-2009-1379 (Use-after-free vulnerability in the
dtls1_retrieve_buffered_fragment ...)
- openssl 0.9.8k-1 (low; bug #530400)
[lenny] - openssl 0.9.8g-15+lenny3