Author: sectracker
Date: 2017-05-05 09:10:17 +0000 (Fri, 05 May 2017)
New Revision: 51350
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-05-05 07:31:27 UTC (rev 51349)
+++ data/CVE/list 2017-05-05 09:10:17 UTC (rev 51350)
@@ -1,3 +1,31 @@
+CVE-2017-8796
+ RESERVED
+CVE-2017-8795
+ RESERVED
+CVE-2017-8794
+ RESERVED
+CVE-2017-8793
+ RESERVED
+CVE-2017-8792
+ RESERVED
+CVE-2017-8791
+ RESERVED
+CVE-2017-8790
+ RESERVED
+CVE-2017-8789
+ RESERVED
+CVE-2017-8788
+ RESERVED
+CVE-2017-8787 (The PoDoFo::PdfXRefStreamParserObject::ReadXRefStreamEntry
function in ...)
+ TODO: check
+CVE-2017-8786 (pcre2test.c in PCRE2 10.23 allows remote attackers to cause a
denial of ...)
+ TODO: check
+CVE-2017-8785
+ RESERVED
+CVE-2017-8784
+ RESERVED
+CVE-2017-8783
+ RESERVED
CVE-2017-8782
RESERVED
CVE-2017-8781
@@ -31,8 +59,8 @@
RESERVED
CVE-2017-8769
RESERVED
-CVE-2017-8768
- RESERVED
+CVE-2017-8768 (Atlassian SourceTree v2.5c and prior are affected by a command
...)
+ TODO: check
CVE-2017-8767
RESERVED
CVE-2017-8766
@@ -1707,12 +1735,12 @@
[jessie] - linux <not-affected> (Introduced in 4.9-rc1 in combination
with VMAP_STACK)
[wheezy] - linux <not-affected> (Introduced in 4.9-rc1 in combination
with VMAP_STACK)
NOTE: Fixed by:
https://git.kernel.org/linus/67b0503db9c29b04eadfeede6bebbfe5ddad94ef
-CVE-2017-8060
- RESERVED
-CVE-2017-8059
- RESERVED
-CVE-2017-8058
- RESERVED
+CVE-2017-8060 (Acceptance of invalid/self-signed TLS certificates in
"Panda Mobile ...)
+ TODO: check
+CVE-2017-8059 (Acceptance of invalid/self-signed TLS certificates in
"Foxit PDF - PDF ...)
+ TODO: check
+CVE-2017-8058 (Acceptance of invalid/self-signed TLS certificates in Atlassian
HipChat ...)
+ TODO: check
CVE-2017-8057 (In Joomla! 3.4.0 through 3.6.5 (fixed in 3.7.0), multiple files
caused ...)
NOT-FOR-US: Joomla
CVE-2017-8056 (WatchGuard Fireware v11.12.1 and earlier mishandles requests
referring ...)
@@ -5910,8 +5938,8 @@
NOT-FOR-US: Agora-Project
CVE-2017-6558 (iball Baton 150M iB-WRA150N v1 00000001 1.2.6 build 110401
Rel.47776n ...)
NOT-FOR-US: iball Baton
-CVE-2017-6557
- RESERVED
+CVE-2017-6557 (SQL injection vulnerability in ArrayOS before AG 9.4.0.135,
when the ...)
+ TODO: check
CVE-2017-6556 (Cross-site scripting (XSS) vulnerability in CMS Made Simple
(CMSMS) ...)
NOT-FOR-US: CMS Made Simple
CVE-2017-6555 (Cross-site scripting (XSS) vulnerability in
/admin/moduleinterface.php ...)
@@ -7959,44 +7987,44 @@
[wheezy] - libarchive <no-dsa> (Minor issue, not reproducible in Debian)
NOTE: https://github.com/libarchive/libarchive/issues/842
NOTE: Fixed by:
https://github.com/libarchive/libarchive/commit/42a3408ac7df1e69bea9ea12b72e14f59f7400c0
(v3.3.0)
-CVE-2017-5919
- RESERVED
-CVE-2017-5918
- RESERVED
+CVE-2017-5919 (The 21st Century Insurance app 10.0.0 for iOS does not verify
X.509 ...)
+ TODO: check
+CVE-2017-5918 (The Banco de Costa Rica BCR Movil app 3.7 for iOS does not
verify X.509 ...)
+ TODO: check
CVE-2017-5917
- RESERVED
-CVE-2017-5916
- RESERVED
-CVE-2017-5915
- RESERVED
-CVE-2017-5914
- RESERVED
-CVE-2017-5913
- RESERVED
-CVE-2017-5912
- RESERVED
-CVE-2017-5911
- RESERVED
+ REJECTED
+CVE-2017-5916 (The America's First Federal Credit Union (FCU) Mobile Banking
app 3.1.0 ...)
+ TODO: check
+CVE-2017-5915 (The Emirates NBD Bank P.J.S.C Emirates NBD KSA app 3.10.0
through ...)
+ TODO: check
+CVE-2017-5914 (The DOT IT Banque Zitouna app 2.1 for iOS does not verify X.509
...)
+ TODO: check
+CVE-2017-5913 (The TradeKing Forex for iPhone app 1.2.1 for iOS does not
verify X.509 ...)
+ TODO: check
+CVE-2017-5912 (The FOREX.com FOREXTrader for iPhone app 2.9.12 through 2.9.14
for iOS ...)
+ TODO: check
+CVE-2017-5911 (The Banco Santander Mexico SA Supermovil app 3.5 through 3.7
for iOS ...)
+ TODO: check
CVE-2017-5910
RESERVED
-CVE-2017-5909
- RESERVED
+CVE-2017-5909 (The Electronic Funds Source (EFS) Mobile Driver Source app 2.5
for iOS ...)
+ TODO: check
CVE-2017-5908
- RESERVED
-CVE-2017-5907
- RESERVED
-CVE-2017-5906
- RESERVED
-CVE-2017-5905
- RESERVED
+ REJECTED
+CVE-2017-5907 (The Great Southern Bank Great Southern Mobile Banking app
before 4.0.4 ...)
+ TODO: check
+CVE-2017-5906 (The Everyday Health Diabetes in Check: Blood Glucose & Carb
Tracker app ...)
+ TODO: check
+CVE-2017-5905 (The Dollar Bank Mobile app 2.6.3 for iOS does not verify X.509
...)
+ TODO: check
CVE-2017-5904
RESERVED
CVE-2017-5903
RESERVED
-CVE-2017-5902
- RESERVED
-CVE-2017-5901
- RESERVED
+CVE-2017-5902 (The PayQuicker app 1.0.0 for iOS does not verify X.509
certificates ...)
+ TODO: check
+CVE-2017-5901 (The State Bank of India State Bank Anywhere app 5.1.0 for iOS
does not ...)
+ TODO: check
CVE-2017-5900 (Cross-site scripting (XSS) vulnerability in the NetComm
NB16WV-02 ...)
NOT-FOR-US: NetComm
CVE-2017-5896 (Heap-based buffer overflow in the fz_subsample_pixmap function
in ...)
@@ -15990,10 +16018,10 @@
RESERVED
CVE-2017-3214
RESERVED
-CVE-2017-3213
- RESERVED
-CVE-2017-3212
- RESERVED
+CVE-2017-3213 (The Think Mutual Bank Mobile Banking app 3.1.5 for iOS does not
verify ...)
+ TODO: check
+CVE-2017-3212 (The Space Coast Credit Union Mobile app 2.2 for iOS and
2.1.0.1104 for ...)
+ TODO: check
CVE-2017-3211
RESERVED
CVE-2017-3210
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
