diff options
author | security tracker role <sectracker@debian.org> | 2017-05-11 21:10:12 +0000 |
---|---|---|
committer | security tracker role <sectracker@debian.org> | 2017-05-11 21:10:12 +0000 |
commit | 9d0583f29b270cfc325167e1e3f57925358fa694 (patch) | |
tree | c2643cbca6a0fa2f19d38129a9b95672db94c2a3 /data/CVE/2009.list | |
parent | 13c8e3146c354d8dd5379744c332926c5ed63473 (diff) |
automatic update
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@51554 e39458fd-73e7-0310-bf30-c45bca0a0e42
Diffstat (limited to 'data/CVE/2009.list')
-rw-r--r-- | data/CVE/2009.list | 114 |
1 files changed, 57 insertions, 57 deletions
diff --git a/data/CVE/2009.list b/data/CVE/2009.list index 3a527949c3..67927fee98 100644 --- a/data/CVE/2009.list +++ b/data/CVE/2009.list @@ -110,9 +110,9 @@ CVE-2009-5110 (dhttpd allows remote attackers to cause a denial of service (daem CVE-2009-5109 (Stack-based buffer overflow in Mini-Stream Ripper 3.0.1.1 allows ...) NOT-FOR-US: Mini-Stream Ripper CVE-2009-5108 - RESERVED + REJECTED CVE-2009-5107 - RESERVED + REJECTED CVE-2009-5106 RESERVED CVE-2009-5105 @@ -1498,7 +1498,7 @@ CVE-2009-4487 (nginx 0.7.64 writes data to a log file without sanitizing ...) CVE-2009-4486 (Stack-based buffer overflow in the eDirectory plugin in Novell ...) NOT-FOR-US: iManager CVE-2009-4485 - RESERVED + REJECTED CVE-2009-4484 (Multiple stack-based buffer overflows in the CertDecoder::GetName ...) {DSA-1997-1} - mysql-dfsg-5.0 <removed> (medium) @@ -2759,13 +2759,13 @@ CVE-2009-3994 (Stack-based buffer overflow in the GetUID function in ...) [lenny] - devil <no-dsa> (Minor issue) [etch] - devil <no-dsa> (Minor issue) CVE-2009-3993 - RESERVED + REJECTED CVE-2009-3992 - RESERVED + REJECTED CVE-2009-3991 - RESERVED + REJECTED CVE-2009-3990 - RESERVED + REJECTED CVE-2009-3989 (Bugzilla before 3.0.11, 3.2.x before 3.2.6, 3.4.x before 3.4.5, and ...) - bugzilla 3.4.7.0-1 (unimportant) NOTE: http://www.bugzilla.org/security/3.0.10/ @@ -2969,15 +2969,15 @@ CVE-2009-3930 (Multiple integer overflows in Christos Zoulas file before 5.02 al [lenny] - file <not-affected> [etch] - file <not-affected> CVE-2009-3929 - RESERVED + REJECTED CVE-2009-3928 - RESERVED + REJECTED CVE-2009-3927 - RESERVED + REJECTED CVE-2009-3926 - RESERVED + REJECTED CVE-2009-3925 - RESERVED + REJECTED CVE-2009-XXXX [eglibc: ldd arbitrary code execution] - eglibc 2.10.1-7 (unimportant; bug #552518) - glibc 2.10.1-7 (unimportant; bug #552518) @@ -3314,7 +3314,7 @@ CVE-2009-3797 (Adobe Flash Player 10.x before 10.0.42.34 and Adobe AIR before 1. CVE-2009-3796 (Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 might ...) NOT-FOR-US: Adobe Flash CVE-2009-3795 - RESERVED + REJECTED CVE-2009-3794 (Heap-based buffer overflow in Adobe Flash Player before 10.0.42.34 and ...) NOT-FOR-US: Adobe Flash CVE-2009-3793 (Unspecified vulnerability in Adobe Flash Player before 9.0.277.0 and ...) @@ -3455,7 +3455,7 @@ CVE-2009-3743 (Off-by-one error in the Ins_MINDEX function in the TrueType bytec CVE-2009-3742 (Cross-site scripting (XSS) vulnerability in Liferay Portal before ...) - liferay-portal <itp> (bug #569819) CVE-2009-3741 - RESERVED + REJECTED CVE-2009-3740 RESERVED CVE-2009-3739 (Multiple unspecified vulnerabilities on the Rockwell Automation AB ...) @@ -3751,27 +3751,27 @@ CVE-2009-3691 (Multiple integer overflows in setnet32.exe 3.50.0.13752 in IBM .. CVE-2009-3690 RESERVED CVE-2009-3689 - RESERVED + REJECTED CVE-2009-3688 - RESERVED + REJECTED CVE-2009-3687 - RESERVED + REJECTED CVE-2009-3686 - RESERVED + REJECTED CVE-2009-3685 - RESERVED + REJECTED CVE-2009-3684 - RESERVED + REJECTED CVE-2009-3683 - RESERVED + REJECTED CVE-2009-3682 - RESERVED + REJECTED CVE-2009-3681 - RESERVED + REJECTED CVE-2009-3680 - RESERVED + REJECTED CVE-2009-3679 - RESERVED + REJECTED CVE-2009-3678 (Integer overflow in cdd.dll in the Canonical Display Driver (CDD) in ...) NOT-FOR-US: Microsoft Windows CVE-2009-3677 (The Internet Authentication Service (IAS) in Microsoft Windows 2000 ...) @@ -4583,7 +4583,7 @@ CVE-2009-3400 (Unspecified vulnerability in the Oracle Advanced Benefits compone CVE-2009-3399 (Unspecified vulnerability in the WebLogic Server component in BEA ...) NOT-FOR-US: BEA Product Suite CVE-2009-3398 - RESERVED + REJECTED CVE-2009-3397 (Unspecified vulnerability in the Oracle Application Object Library ...) NOT-FOR-US: Oracle E-Business Suite CVE-2009-3396 (Unspecified vulnerability in the WebLogic Server component in BEA ...) @@ -4591,7 +4591,7 @@ CVE-2009-3396 (Unspecified vulnerability in the WebLogic Server component in BEA CVE-2009-3395 (Unspecified vulnerability in the AutoVue component in Oracle ...) NOT-FOR-US: Oracle E-Business Suite CVE-2009-3394 - RESERVED + REJECTED CVE-2009-3393 (Unspecified vulnerability in the Oracle Application Object Library ...) NOT-FOR-US: Oracle E-Business Suite CVE-2009-3392 (Unspecified vulnerability in the Agile Engineering Data Management ...) @@ -5225,25 +5225,25 @@ CVE-2009-3163 (Multiple format string vulnerabilities in lib/silcclient/command. - silc-server 1.1.2-1 (medium) NOTE: silc-client/silc-server use libsilc from silc-toolkit since 1.1-2 CVE-2009-3145 - RESERVED + REJECTED CVE-2009-3144 - RESERVED + REJECTED CVE-2009-3143 - RESERVED + REJECTED CVE-2009-3142 - RESERVED + REJECTED CVE-2009-3141 - RESERVED + REJECTED CVE-2009-3140 - RESERVED + REJECTED CVE-2009-3139 - RESERVED + REJECTED CVE-2009-3138 - RESERVED + REJECTED CVE-2009-3137 - RESERVED + REJECTED CVE-2009-3136 - RESERVED + REJECTED CVE-2009-3135 (Stack-based buffer overflow in Microsoft Office Word 2002 SP3 and 2003 ...) NOT-FOR-US: Microsoft Office CVE-2009-3134 (Microsoft Office Excel 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; ...) @@ -5520,7 +5520,7 @@ CVE-2009-3036 (Cross-site scripting (XSS) vulnerability in the console in Symant CVE-2009-3035 (The web console in Symantec Altiris Notification Server 6.0.x before ...) NOT-FOR-US: Symantec Altiris Notification Server CVE-2009-3034 - RESERVED + REJECTED CVE-2009-3033 (Buffer overflow in the RunCmd method in the Altiris eXpress NS Console ...) NOT-FOR-US: ActiveX CVE-2009-3032 (Integer overflow in kvolefio.dll 8.5.0.8339 and 10.5.0.0 in the ...) @@ -6403,15 +6403,15 @@ CVE-2009-XXXX [php5: 'open_basedir' bypass] - php5 5.3.1-1 (unimportant; bug #540606) NOTE: only affects 5.3.0 in experimental, open_basedir unsupported CVE-2009-2710 - RESERVED + REJECTED CVE-2009-2709 - RESERVED + REJECTED CVE-2009-2708 - RESERVED + REJECTED CVE-2009-2707 (Unspecified vulnerability in ia32el (aka the IA 32 emulation ...) NOT-FOR-US: SUSE Linux CVE-2009-2706 - RESERVED + REJECTED CVE-2009-2705 (CA SiteMinder allows remote attackers to bypass cross-site scripting ...) NOT-FOR-US: SiteMinder CVE-2009-2704 (CA SiteMinder allows remote attackers to bypass cross-site scripting ...) @@ -6939,11 +6939,11 @@ CVE-2009-2524 (Integer underflow in the NTLM authentication feature in the Local CVE-2009-2523 (The License Logging Server (llssrv.exe) in Microsoft Windows 2000 SP4 ...) NOT-FOR-US: Microsoft Windows 2000 CVE-2009-2522 - RESERVED + REJECTED CVE-2009-2521 (Stack consumption vulnerability in the FTP Service in Microsoft ...) NOT-FOR-US: Microsoft Internet Information Server CVE-2009-2520 - RESERVED + REJECTED CVE-2009-2519 (The DHTML Editing Component ActiveX control in Microsoft Windows 2000 ...) NOT-FOR-US: Microsoft Windows CVE-2009-2518 (Integer overflow in GDI+ in Microsoft Office XP SP3 allows remote ...) @@ -8446,7 +8446,7 @@ CVE-2009-1929 (Heap-based buffer overflow in the Microsoft Terminal Services Cli CVE-2009-1928 (Stack consumption vulnerability in the LDAP service in Active ...) NOT-FOR-US: Microsoft Windows CVE-2009-1927 - RESERVED + REJECTED CVE-2009-1926 (Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista ...) NOT-FOR-US: Microsoft Windows CVE-2009-1925 (The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and ...) @@ -8458,7 +8458,7 @@ CVE-2009-1923 (Heap-based buffer overflow in the Windows Internet Name Service ( CVE-2009-1922 (The Message Queuing (aka MSMQ) service for Microsoft Windows 2000 SP4, ...) NOT-FOR-US: Microsoft Windows CVE-2009-1921 - RESERVED + REJECTED CVE-2009-1920 (The JScript scripting engine 5.1, 5.6, 5.7, and 5.8 in JScript.dll in ...) NOT-FOR-US: Microsoft CVE-2009-1919 (Microsoft Internet Explorer 5.01 SP4 and 6 SP1; Internet Explorer 6 ...) @@ -8613,7 +8613,7 @@ CVE-2009-1873 (Directory traversal vulnerability in logging/logviewer.jsp in the CVE-2009-1872 (Multiple cross-site scripting (XSS) vulnerabilities in Adobe ...) NOT-FOR-US: Adobe ColdFusion Server CVE-2009-1871 - RESERVED + REJECTED CVE-2009-1870 (Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and ...) NOT-FOR-US: Adobe Flash CVE-2009-1869 (Integer overflow in the ActionScript Virtual Machine 2 (AVM2) abcFile ...) @@ -9589,13 +9589,13 @@ CVE-2009-1545 (Unspecified vulnerability in Avifil32.dll in the Windows Media fi CVE-2009-1544 (Double free vulnerability in the Workstation service in Microsoft ...) NOT-FOR-US: Microsoft Windows CVE-2009-1543 - RESERVED + REJECTED CVE-2009-1542 (The Virtual Machine Monitor (VMM) in Microsoft Virtual PC 2004 SP1, ...) NOT-FOR-US: Microsoft CVE-2009-1541 - RESERVED + REJECTED CVE-2009-1540 - RESERVED + REJECTED CVE-2009-1539 (The QuickTime Movie Parser Filter in quartz.dll in DirectShow in ...) NOT-FOR-US: Microsoft DirectX CVE-2009-1538 (The QuickTime Movie Parser Filter in quartz.dll in DirectShow in ...) @@ -10677,7 +10677,7 @@ CVE-2009-1155 (Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Secu CVE-2009-1154 (Cisco IOS XR 3.8.1 and earlier allows remote attackers to cause a ...) NOT-FOR-US: Cisco CVE-2009-1153 - RESERVED + REJECTED CVE-2009-1152 (Siemens Gigaset SE461 WiMAX router 1.5-BL024.9.6401, and possibly ...) NOT-FOR-US: Siemens router CVE-2009-1151 (Static code injection vulnerability in setup.php in phpMyAdmin 2.11.x ...) @@ -12209,7 +12209,7 @@ CVE-2009-0569 (Buffer overflow in Becky! Internet Mail 2.48.02 and earlier allow CVE-2009-0568 (The RPC Marshalling Engine (aka NDR) in Microsoft Windows 2000 SP4, XP ...) NOT-FOR-US: Microsoft CVE-2009-0567 - RESERVED + REJECTED CVE-2009-0566 (Microsoft Office Publisher 2007 SP1 does not properly calculate object ...) NOT-FOR-US: Microsoft Office Publisher CVE-2009-0565 (Buffer overflow in Microsoft Office Word 2000 SP3, 2002 SP3, and 2007 ...) @@ -13044,7 +13044,7 @@ CVE-2009-0238 (Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3, and 2007 SP1 CVE-2009-0237 (Cross-site scripting (XSS) vulnerability in cookieauth.dll in the HTML ...) NOT-FOR-US: Microsoft Forefront Threat Management Gateway CVE-2009-0236 - RESERVED + REJECTED CVE-2009-0235 (Stack-based buffer overflow in the Word 97 text converter in WordPad ...) NOT-FOR-US: Microsoft WordPad CVE-2009-0234 (The DNS Resolver Cache Service (aka DNSCache) in Windows DNS Server in ...) @@ -13386,7 +13386,7 @@ CVE-2009-0103 (Multiple PHP remote file inclusion vulnerabilities in playSMS 0.9 CVE-2009-0102 (Microsoft Project 2000 SR1 and 2002 SP1, and Office Project 2003 SP3, ...) NOT-FOR-US: Microsoft CVE-2009-0101 - RESERVED + REJECTED CVE-2009-0100 (Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3, and 2007 SP1; ...) NOT-FOR-US: Microsoft Office Excel CVE-2009-0099 (The Electronic Messaging System Microsoft Data Base (EMSMDB32) ...) @@ -13404,7 +13404,7 @@ CVE-2009-0094 (The WINS server in Microsoft Windows 2000 SP4 and Server 2003 SP1 CVE-2009-0093 (Windows DNS Server in Microsoft Windows 2000 SP4, Server 2003 SP1 and ...) NOT-FOR-US: Microsoft Windows CVE-2009-0092 - RESERVED + REJECTED CVE-2009-0091 (Microsoft .NET Framework 2.0, 2.0 SP1, and 3.5 does not properly ...) NOT-FOR-US: Microsoft .NET Framework CVE-2009-0090 (Microsoft .NET Framework 1.0 SP3, 1.1 SP1, and 2.0 SP1 does not ...) @@ -13440,9 +13440,9 @@ CVE-2009-0076 (Microsoft Internet Explorer 7, when XHTML strict mode is used, al CVE-2009-0075 (Microsoft Internet Explorer 7 does not properly handle errors during ...) NOT-FOR-US: Microsoft CVE-2009-0074 - RESERVED + REJECTED CVE-2009-0073 - RESERVED + REJECTED CVE-2009-0072 (Microsoft Internet Explorer 6.0 through 8.0 beta2 allows remote ...) NOT-FOR-US: Internet Explorer CVE-2009-0071 (Mozilla Firefox 3.0.5 and earlier 3.0.x versions, when designMode is ...) |