diff options
| author | Joey Hess <joeyh@debian.org> | 2009-11-25 21:14:16 +0000 |
|---|---|---|
| committer | Joey Hess <joeyh@debian.org> | 2009-11-25 21:14:16 +0000 |
| commit | b6c1cdab28b433495bebcd3b6692ed9ce0d0b60b (patch) | |
| tree | a883ec688fa40ca6fb5c916c799421a70aacd866 /data | |
| parent | 09398c3be694062abd21b934a41ed665f9d71241 (diff) | |
automatic update
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@13377 e39458fd-73e7-0310-bf30-c45bca0a0e42
Diffstat (limited to 'data')
| -rw-r--r-- | data/CVE/list | 39 |
1 files changed, 25 insertions, 14 deletions
diff --git a/data/CVE/list b/data/CVE/list index e2c924ad27..e8999a56af 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -1,3 +1,17 @@ +CVE-2009-4073 (The printing functionality in Microsoft Internet Explorer 8 allows ...) + TODO: check +CVE-2009-4072 (Unspecified vulnerability in Opera before 10.10 has unknown impact and ...) + TODO: check +CVE-2009-4071 (Opera before 10.10, when exception stacktraces are enabled, places ...) + TODO: check +CVE-2009-4070 (SQL injection vulnerability in GForge 4.5.14, 4.7.3, and possibly ...) + TODO: check +CVE-2009-4069 (Multiple cross-site scripting (XSS) vulnerabilities in GForge 4.5.14, ...) + TODO: check +CVE-2009-4068 + RESERVED +CVE-2009-4067 + RESERVED CVE-2009-4066 (Multiple cross-site request forgery (CSRF) vulnerabilities in the "My ...) TODO: check CVE-2009-4065 (Cross-site scripting (XSS) vulnerability in the settings page in the ...) @@ -231,13 +245,11 @@ CVE-2009-3965 (SQL injection vulnerability in rating.php in New 5 star Rating 1. NOT-FOR-US: New 5 star Rating CVE-2009-3964 (SQL injection vulnerability in the NinjaMonials (com_ninjacentral) ...) NOT-FOR-US: component for Joomla! -CVE-2009-3898 [ngingx webdav directory traversal] - RESERVED +CVE-2009-3898 (Directory traversal vulnerability in ...) - nginx 0.7.63-1 (low; bug #557389) [etch] - nginx <no-dsa> (upload rights required) [lenny] - nginx <no-dsa> (upload rights required) -CVE-2009-3897 [dovecot 0777 base_dir creation] - RESERVED +CVE-2009-3897 (Dovecot 1.2.x before 1.2.8 sets 0777 permissions during creation of ...) - dovecot <unfixed> (medium; bug #557601) [lenny] - dovecot <not-affected> (Only affects 1.2.x) [etch] - dovecot <not-affected> (Only affects 1.2.x) @@ -404,9 +416,9 @@ CVE-2009-3900 (Unspecified vulnerability in the Cluster Management component in NOT-FOR-US: IBM PowerHA CVE-2009-3899 (Memory leak in the Sockets Direct Protocol (SDP) driver in Sun Solaris ...) NOT-FOR-US: Sun Solaris -CVE-2009-3896 - RESERVED +CVE-2009-3896 (src/http/ngx_http_parse.c in nginx (aka Engine X) 0.1.0 through ...) {DSA-1920-1} + TODO: check CVE-2009-3895 (Heap-based buffer overflow in the exif_entry_fix function (aka the tag ...) - libexif 0.6.19-1 (medium; bug #557137) [lenny] - libexif <not-affected> (Only 0.6.18 is affected) @@ -1191,12 +1203,12 @@ CVE-2009-3581 RESERVED CVE-2009-3580 RESERVED -CVE-2009-3578 - RESERVED -CVE-2009-3577 - RESERVED -CVE-2009-3576 - RESERVED +CVE-2009-3578 (Autodesk Maya 8.0, 8.5, 2008, 2009, and 2010 and Alias Wavefront Maya ...) + TODO: check +CVE-2009-3577 (Autodesk 3D Studio Max (3DSMax) 6 through 9 and 2008 through 2010 ...) + TODO: check +CVE-2009-3576 (Autodesk Softimage 7.x and Softimage XSI 6.x allow remote attackers to ...) + TODO: check CVE-2009-3575 (Buffer overflow in DHTRoutingTableDeserializer.cc in aria2 0.15.3, ...) - aria2 1.2.0-1 (low; bug #551070) [etch] - aria2 <not-affected> (Vulnerable code not present) @@ -1902,8 +1914,7 @@ CVE-2009-3305 RESERVED CVE-2009-3304 RESERVED -CVE-2009-3303 [gforge: XSS issue via helpname parameter] - RESERVED +CVE-2009-3303 (Cross-site scripting (XSS) vulnerability in www/help/tracker.php in ...) {DSA-1937-1} - gforge 4.8.1-3 (low) CVE-2009-3302 |