Author: sectracker
Date: 2017-06-15 09:10:13 +0000 (Thu, 15 Jun 2017)
New Revision: 52582
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-06-15 06:20:24 UTC (rev 52581)
+++ data/CVE/list 2017-06-15 09:10:13 UTC (rev 52582)
@@ -1,3 +1,91 @@
+CVE-2017-9664
+ RESERVED
+CVE-2017-9663
+ RESERVED
+CVE-2017-9662
+ RESERVED
+CVE-2017-9661
+ RESERVED
+CVE-2017-9660
+ RESERVED
+CVE-2017-9659
+ RESERVED
+CVE-2017-9658
+ RESERVED
+CVE-2017-9657
+ RESERVED
+CVE-2017-9656
+ RESERVED
+CVE-2017-9655
+ RESERVED
+CVE-2017-9654
+ RESERVED
+CVE-2017-9653
+ RESERVED
+CVE-2017-9652
+ RESERVED
+CVE-2017-9651
+ RESERVED
+CVE-2017-9650
+ RESERVED
+CVE-2017-9649
+ RESERVED
+CVE-2017-9648
+ RESERVED
+CVE-2017-9647
+ RESERVED
+CVE-2017-9646
+ RESERVED
+CVE-2017-9645
+ RESERVED
+CVE-2017-9644
+ RESERVED
+CVE-2017-9643
+ RESERVED
+CVE-2017-9642
+ RESERVED
+CVE-2017-9641
+ RESERVED
+CVE-2017-9640
+ RESERVED
+CVE-2017-9639
+ RESERVED
+CVE-2017-9638
+ RESERVED
+CVE-2017-9637
+ RESERVED
+CVE-2017-9636
+ RESERVED
+CVE-2017-9635
+ RESERVED
+CVE-2017-9634
+ RESERVED
+CVE-2017-9633
+ RESERVED
+CVE-2017-9632
+ RESERVED
+CVE-2017-9631
+ RESERVED
+CVE-2017-9630
+ RESERVED
+CVE-2017-9629
+ RESERVED
+CVE-2017-9628
+ RESERVED
+CVE-2017-9627
+ RESERVED
+CVE-2017-9626
+ RESERVED
+CVE-2017-9625
+ RESERVED
+CVE-2017-9624 (Multiple cross-site scripting (XSS) vulnerabilities in
Telaxus/EPESI ...)
+ TODO: check
+CVE-2017-9623 (Multiple cross-site scripting (XSS) vulnerabilities in
Telaxus/EPESI ...)
+ TODO: check
+CVE-2017-9622 (Multiple cross-site scripting (XSS) vulnerabilities in
Telaxus/EPESI ...)
+ TODO: check
+CVE-2017-9621 (Cross-site scripting (XSS) vulnerability in ...)
+ TODO: check
CVE-2017-9620
RESERVED
CVE-2017-9619
@@ -30,8 +118,8 @@
RESERVED
CVE-2017-9607
RESERVED
-CVE-2017-9606
- RESERVED
+CVE-2017-9606 (Infotecs ViPNet Client and Coordinator before 4.3.2-42442 allow
local ...)
+ TODO: check
CVE-2017-9604 (KDE kmail before 5.5.2 and messagelib before 5.5.2, as
distributed in ...)
- kdepim <unfixed> (bug #864804)
- kf5-messagelib <unfixed> (bug #864803)
@@ -383,9 +471,9 @@
NOTE: https://github.com/VirusTotal/yara/issues/678
NOTE:
https://github.com/VirusTotal/yara/commit/992480c30f75943e9cd6245bb2015c7737f9b661
CVE-2017-9464 (An open redirect vulnerability is present in Piwigo 2.9 and
probably ...)
- - piwigo <removed>
+ - piwigo <removed>
CVE-2017-9463 (The application Piwigo is affected by a SQL injection
vulnerability in ...)
- - piwigo <removed>
+ - piwigo <removed>
CVE-2017-9460
RESERVED
CVE-2017-9459
@@ -2155,7 +2243,7 @@
NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697810
NOTE: edgebuffer scan converter was made default only in:
http://git.ghostscript.com/?p=ghostpdl.git;h=dd5da2cb3e08398ac6d86598b36b00994d058308
NOTE: But the vulnerable code via base/gxscan.c, a new scan converter
introduced in 9.20 is present.
-CVE-2017-8907 (Atlassian Bamboo 5.x before 5.15.7 and 6.x before 6.0.3 did not
...)
+CVE-2017-8907 (Atlassian Bamboo 5.x before 5.15.7 and 6.x before 6.0.1 did not
...)
TODO: check
CVE-2017-8906 (An integer underflow vulnerability exists in pixel-a.asm, the
x86 ...)
- x265 <not-affected> (Affected code is not enabled)
@@ -2990,32 +3078,32 @@
RESERVED
CVE-2017-8556
RESERVED
-CVE-2017-8555
- RESERVED
+CVE-2017-8555 (Microsoft Edge in Microsoft Windows 10 1703 allows an attacker
to ...)
+ TODO: check
CVE-2017-8554
RESERVED
-CVE-2017-8553
- RESERVED
-CVE-2017-8552
- RESERVED
-CVE-2017-8551
- RESERVED
-CVE-2017-8550
- RESERVED
-CVE-2017-8549
- RESERVED
-CVE-2017-8548
- RESERVED
-CVE-2017-8547
- RESERVED
+CVE-2017-8553 (An information disclosure vulnerability exists in Microsoft
Windows ...)
+ TODO: check
+CVE-2017-8552 (A kernel-mode driver in Windows Server 2008 SP2 and R2 SP1, and
...)
+ TODO: check
+CVE-2017-8551 (An elevation of privilege vulnerability exists when Microsoft
...)
+ TODO: check
+CVE-2017-8550 (A remote code execution vulnerability exists in Skype for
Business ...)
+ TODO: check
+CVE-2017-8549 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and
1703, and ...)
+ TODO: check
+CVE-2017-8548 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and
1703, and ...)
+ TODO: check
+CVE-2017-8547 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server
2008 R2 ...)
+ TODO: check
CVE-2017-8546
RESERVED
-CVE-2017-8545
- RESERVED
-CVE-2017-8544
- RESERVED
-CVE-2017-8543
- RESERVED
+CVE-2017-8545 (A spoofing vulnerability exists in when Microsoft Outlook for
Mac does ...)
+ TODO: check
+CVE-2017-8544 (Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1,
Windows ...)
+ TODO: check
+CVE-2017-8543 (Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1,
Windows ...)
+ TODO: check
CVE-2017-8542 (The Microsoft Malware Protection Engine running on Microsoft
Forefront ...)
NOT-FOR-US: Microsoft
CVE-2017-8541 (The Microsoft Malware Protection Engine running on Microsoft
Forefront ...)
@@ -3032,68 +3120,68 @@
NOT-FOR-US: Microsoft
CVE-2017-8535 (The Microsoft Malware Protection Engine running on Microsoft
Forefront ...)
NOT-FOR-US: Microsoft
-CVE-2017-8534
- RESERVED
-CVE-2017-8533
- RESERVED
-CVE-2017-8532
- RESERVED
-CVE-2017-8531
- RESERVED
-CVE-2017-8530
- RESERVED
-CVE-2017-8529
- RESERVED
-CVE-2017-8528
- RESERVED
-CVE-2017-8527
- RESERVED
+CVE-2017-8534 (Uniscribe in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1,
...)
+ TODO: check
+CVE-2017-8533 (Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1,
Windows ...)
+ TODO: check
+CVE-2017-8532 (Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1,
Windows ...)
+ TODO: check
+CVE-2017-8531 (Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1,
Windows ...)
+ TODO: check
+CVE-2017-8530 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and
1703, and ...)
+ TODO: check
+CVE-2017-8529 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server
2008 R2 ...)
+ TODO: check
+CVE-2017-8528 (Uniscribe in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1,
...)
+ TODO: check
+CVE-2017-8527 (Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1,
Windows ...)
+ TODO: check
CVE-2017-8526
RESERVED
CVE-2017-8525
RESERVED
-CVE-2017-8524
- RESERVED
-CVE-2017-8523
- RESERVED
-CVE-2017-8522
- RESERVED
-CVE-2017-8521
- RESERVED
-CVE-2017-8520
- RESERVED
-CVE-2017-8519
- RESERVED
+CVE-2017-8524 (Microsoft browsers in Microsoft Windows 7 SP1, Windows Server
2008 R2 ...)
+ TODO: check
+CVE-2017-8523 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and
1703, and ...)
+ TODO: check
+CVE-2017-8522 (Microsoft browsers in Microsoft Windows 8.1 and Windows RT 8.1,
...)
+ TODO: check
+CVE-2017-8521 (Microsoft Edge in Windows 10 1703 allows an attacker to execute
...)
+ TODO: check
+CVE-2017-8520 (Microsoft Edge in Windows 10 1703 allows an attacker to execute
...)
+ TODO: check
+CVE-2017-8519 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server
2008 and ...)
+ TODO: check
CVE-2017-8518
RESERVED
-CVE-2017-8517
- RESERVED
+CVE-2017-8517 (Microsoft browsers in Microsoft Windows Server 2008 SP2 and R2
SP1, ...)
+ TODO: check
CVE-2017-8516
RESERVED
-CVE-2017-8515
- RESERVED
-CVE-2017-8514
- RESERVED
-CVE-2017-8513
- RESERVED
-CVE-2017-8512
- RESERVED
-CVE-2017-8511
- RESERVED
-CVE-2017-8510
- RESERVED
-CVE-2017-8509
- RESERVED
-CVE-2017-8508
- RESERVED
-CVE-2017-8507
- RESERVED
-CVE-2017-8506
- RESERVED
+CVE-2017-8515 (Microsoft Windows 10 1511, 1607, and 1703, and Windows Server
2016 ...)
+ TODO: check
+CVE-2017-8514 (An information disclosure vulnerability exists when Microsoft
...)
+ TODO: check
+CVE-2017-8513 (A remote code execution vulnerability exists in Microsoft
PowerPoint ...)
+ TODO: check
+CVE-2017-8512 (A remote code execution vulnerability exists in Microsoft
Office when ...)
+ TODO: check
+CVE-2017-8511 (A remote code execution vulnerability exists in Microsoft
Office when ...)
+ TODO: check
+CVE-2017-8510 (A remote code execution vulnerability exists in Microsoft
Office when ...)
+ TODO: check
+CVE-2017-8509 (A remote code execution vulnerability exists in Microsoft
Office when ...)
+ TODO: check
+CVE-2017-8508 (A security feature bypass vulnerability exists in Microsoft
Office ...)
+ TODO: check
+CVE-2017-8507 (A remote code execution vulnerability exists in the way
Microsoft ...)
+ TODO: check
+CVE-2017-8506 (A remote code execution vulnerability exists in Microsoft
Office when ...)
+ TODO: check
CVE-2017-8505
RESERVED
-CVE-2017-8504
- RESERVED
+CVE-2017-8504 (Microsoft Edge in Windows 10 1607 and 1703, and Windows Server
2016 ...)
+ TODO: check
CVE-2017-8503
RESERVED
CVE-2017-8502
@@ -3102,86 +3190,86 @@
RESERVED
CVE-2017-8500
RESERVED
-CVE-2017-8499
- RESERVED
-CVE-2017-8498
- RESERVED
-CVE-2017-8497
- RESERVED
-CVE-2017-8496
- RESERVED
+CVE-2017-8499 (Microsoft Edge in Windows 10 1703 allows an attacker to execute
...)
+ TODO: check
+CVE-2017-8498 (Microsoft Edge in Windows 10 1607 and 1703, and Windows Server
2016 ...)
+ TODO: check
+CVE-2017-8497 (Microsoft Edge in Windows 10 1607 and Windows Server 2016
allows an ...)
+ TODO: check
+CVE-2017-8496 (Microsoft Edge in Windows 10 1607 and Windows Server 2016
allows an ...)
+ TODO: check
CVE-2017-8495
RESERVED
-CVE-2017-8494
- RESERVED
-CVE-2017-8493
- RESERVED
-CVE-2017-8492
- RESERVED
-CVE-2017-8491
- RESERVED
-CVE-2017-8490
- RESERVED
-CVE-2017-8489
- RESERVED
-CVE-2017-8488
- RESERVED
+CVE-2017-8494 (Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows
Server ...)
+ TODO: check
+CVE-2017-8493 (Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012
R2, ...)
+ TODO: check
+CVE-2017-8492 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1,
Windows 7 ...)
+ TODO: check
+CVE-2017-8491 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1,
Windows 7 ...)
+ TODO: check
+CVE-2017-8490 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1,
Windows 7 ...)
+ TODO: check
+CVE-2017-8489 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1,
Windows 7 ...)
+ TODO: check
+CVE-2017-8488 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1,
Windows 7 ...)
+ TODO: check
CVE-2017-8487
RESERVED
CVE-2017-8486
RESERVED
-CVE-2017-8485
- RESERVED
-CVE-2017-8484
- RESERVED
-CVE-2017-8483
- RESERVED
-CVE-2017-8482
- RESERVED
-CVE-2017-8481
- RESERVED
-CVE-2017-8480
- RESERVED
-CVE-2017-8479
- RESERVED
-CVE-2017-8478
- RESERVED
-CVE-2017-8477
- RESERVED
-CVE-2017-8476
- RESERVED
-CVE-2017-8475
- RESERVED
-CVE-2017-8474
- RESERVED
-CVE-2017-8473
- RESERVED
-CVE-2017-8472
- RESERVED
-CVE-2017-8471
- RESERVED
-CVE-2017-8470
- RESERVED
-CVE-2017-8469
- RESERVED
-CVE-2017-8468
- RESERVED
+CVE-2017-8485 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1,
Windows 7 ...)
+ TODO: check
+CVE-2017-8484 (Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1,
Windows ...)
+ TODO: check
+CVE-2017-8483 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1,
Windows 7 ...)
+ TODO: check
+CVE-2017-8482 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1,
Windows 7 ...)
+ TODO: check
+CVE-2017-8481 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1,
Windows 7 ...)
+ TODO: check
+CVE-2017-8480 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1,
Windows 7 ...)
+ TODO: check
+CVE-2017-8479 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1,
Windows 7 ...)
+ TODO: check
+CVE-2017-8478 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1,
Windows 7 ...)
+ TODO: check
+CVE-2017-8477 (Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1,
Windows ...)
+ TODO: check
+CVE-2017-8476 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1,
Windows 7 ...)
+ TODO: check
+CVE-2017-8475 (Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1,
Windows ...)
+ TODO: check
+CVE-2017-8474 (The kernel in Microsoft Windows Server 2008 R2 SP1, Windows 7
SP1, ...)
+ TODO: check
+CVE-2017-8473 (Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1,
Windows ...)
+ TODO: check
+CVE-2017-8472 (Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1,
and ...)
+ TODO: check
+CVE-2017-8471 (Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1,
Windows ...)
+ TODO: check
+CVE-2017-8470 (Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1,
Windows ...)
+ TODO: check
+CVE-2017-8469 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1,
Windows 7 ...)
+ TODO: check
+CVE-2017-8468 (Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012
R2, ...)
+ TODO: check
CVE-2017-8467
RESERVED
-CVE-2017-8466
- RESERVED
-CVE-2017-8465
- RESERVED
-CVE-2017-8464
- RESERVED
+CVE-2017-8466 (Windows Cursor in Windows 8.1, Windows Server 2012 Gold and R2,
...)
+ TODO: check
+CVE-2017-8465 (Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012
R2, ...)
+ TODO: check
+CVE-2017-8464 (Windows Shell in Microsoft Windows Server 2008 SP2 and R2 SP1,
Windows ...)
+ TODO: check
CVE-2017-8463
RESERVED
-CVE-2017-8462
- RESERVED
+CVE-2017-8462 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1,
Windows 7 ...)
+ TODO: check
CVE-2017-8461
RESERVED
-CVE-2017-8460
- RESERVED
+CVE-2017-8460 (Windows PDF in Windows 8.1, Windows Server 2012 Gold and R2,
Windows ...)
+ TODO: check
CVE-2017-8459 (** DISPUTED ** Brave 0.12.4 has a Status Bar Obfuscation issue
in which ...)
NOT-FOR-US: Brave
CVE-2017-8458 (Brave 0.12.4 has a URI Obfuscation issue in which a string such
as ...)
@@ -4683,16 +4771,16 @@
RESERVED
CVE-2017-7915 (An Improper Restriction of Excessive Authentication Attempts
issue was ...)
NOT-FOR-US: Moxa
-CVE-2017-7914
- RESERVED
+CVE-2017-7914 (A Missing Authorization issue was discovered in Rockwell
Automation ...)
+ TODO: check
CVE-2017-7913 (A Plaintext Storage of a Password issue was discovered in Moxa
OnCell ...)
NOT-FOR-US: Moxa
CVE-2017-7912
RESERVED
CVE-2017-7911 (A Code Injection issue was discovered in CyberVision Kaa IoT
Platform, ...)
NOT-FOR-US: CyberVision Kaa IoT Platform
-CVE-2017-7910
- RESERVED
+CVE-2017-7910 (A Stack-Based Buffer Overflow issue was discovered in Digital
Canal ...)
+ TODO: check
CVE-2017-7909 (A Use of Client-Side Authentication issue was discovered in
Advantech ...)
NOT-FOR-US: Advantech
CVE-2017-7908
@@ -7973,6 +8061,7 @@
CVE-2017-6893
RESERVED
CVE-2017-6892 (In libsndfile version 1.0.28, an error in the
"aiff_read_chanmap()" ...)
+ {DLA-985-1}
- libsndfile <unfixed> (bug #864704)
[stretch] - libsndfile <no-dsa> (Minor issue)
[jessie] - libsndfile <no-dsa> (Minor issue)
@@ -14321,8 +14410,7 @@
RESERVED
CVE-2017-4987
RESERVED
-CVE-2017-4986
- RESERVED
+CVE-2017-4986 (EMC ESRS VE 3.18 or earlier contains Authentication Bypass that
could ...)
NOT-FOR-US: EMC
CVE-2017-4985
RESERVED
@@ -14332,8 +14420,7 @@
NOT-FOR-US: EMC Data Domain OS
CVE-2017-4982 (EMC Mainframe Enablers ResourcePak Base versions 7.6.0, 8.0.0,
and ...)
NOT-FOR-US: EMC Mainframe
-CVE-2017-4981
- RESERVED
+CVE-2017-4981 (EMC RSA BSAFE Cert-C before 2.9.0.5 contains a potential
improper ...)
NOT-FOR-US: EMC
CVE-2017-4980 (EMC Isilon OneFS is affected by a path traversal vulnerability
that may ...)
NOT-FOR-US: EMC
@@ -30741,44 +30828,44 @@
NOTE: Upstream fix:
https://gitlab.com/gnutls/gnutls/commit/964632f37dfdfb914ebc5e49db4fa29af35b1de9
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1374266
NOTE: http://www.openwall.com/lists/oss-security/2016/09/18/3
-CVE-2017-0300
- RESERVED
-CVE-2017-0299
- RESERVED
-CVE-2017-0298
- RESERVED
-CVE-2017-0297
- RESERVED
-CVE-2017-0296
- RESERVED
-CVE-2017-0295
- RESERVED
-CVE-2017-0294
- RESERVED
+CVE-2017-0300 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1,
Windows 7 ...)
+ TODO: check
+CVE-2017-0299 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1,
Windows 7 ...)
+ TODO: check
+CVE-2017-0298 (A DCOM object in Helppane.exe in Microsoft Windows Server 2008
SP2 and ...)
+ TODO: check
+CVE-2017-0297 (The kernel in Microsoft Windows Server 2008 R2 SP1, Windows 7
SP1, ...)
+ TODO: check
+CVE-2017-0296 (Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1,
Windows ...)
+ TODO: check
+CVE-2017-0295 (Microsoft Windows 10 1607 and 1703, and Windows Server 2016
allow an ...)
+ TODO: check
+CVE-2017-0294 (Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1,
Windows ...)
+ TODO: check
CVE-2017-0293
RESERVED
-CVE-2017-0292
- RESERVED
-CVE-2017-0291
- RESERVED
+CVE-2017-0292 (Windows PDF in Windows 8.1, Windows Server 2012 Gold and R2,
Windows ...)
+ TODO: check
+CVE-2017-0291 (Windows PDF in Windows 8.1, Windows Server 2012 Gold and R2,
Windows ...)
+ TODO: check
CVE-2017-0290 (The Microsoft Malware Protection Engine running on Microsoft
Forefront ...)
NOT-FOR-US: Microsoft
-CVE-2017-0289
- RESERVED
-CVE-2017-0288
- RESERVED
-CVE-2017-0287
- RESERVED
-CVE-2017-0286
- RESERVED
-CVE-2017-0285
- RESERVED
-CVE-2017-0284
- RESERVED
-CVE-2017-0283
- RESERVED
-CVE-2017-0282
- RESERVED
+CVE-2017-0289 (Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1,
Windows ...)
+ TODO: check
+CVE-2017-0288 (Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1,
Windows ...)
+ TODO: check
+CVE-2017-0287 (Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1,
Windows ...)
+ TODO: check
+CVE-2017-0286 (Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1,
Windows ...)
+ TODO: check
+CVE-2017-0285 (Uniscribe in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1,
...)
+ TODO: check
+CVE-2017-0284 (Uniscribe in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1,
...)
+ TODO: check
+CVE-2017-0283 (Uniscribe in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1,
...)
+ TODO: check
+CVE-2017-0282 (Uniscribe in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1,
...)
+ TODO: check
CVE-2017-0281 (Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1,
Office ...)
NOT-FOR-US: Microsoft
CVE-2017-0280 (The Microsoft Server Message Block 1.0 (SMBv1) allows denial of
...)
@@ -30821,8 +30908,8 @@
NOT-FOR-US: Microsoft
CVE-2017-0261 (Microsoft Office 2010 SP2, Office 2013 SP1, and Office 2016
allow a ...)
NOT-FOR-US: Microsoft
-CVE-2017-0260
- RESERVED
+CVE-2017-0260 (A remote code execution vulnerability exists in Microsoft
Office when ...)
+ TODO: check
CVE-2017-0259 (The Windows kernel in Microsoft Windows 8.1, Windows Server
2012 R2, ...)
NOT-FOR-US: Microsoft
CVE-2017-0258 (The Windows kernel in Microsoft Windows Server 2008 SP2 and R2
SP1, ...)
@@ -30903,16 +30990,16 @@
NOT-FOR-US: Microsoft
CVE-2017-0220 (The Windows kernel in Windows Server 2008 SP2 and R2 SP1,
Windows 7 ...)
NOT-FOR-US: Microsoft
-CVE-2017-0219
- RESERVED
-CVE-2017-0218
- RESERVED
+CVE-2017-0219 (Microsoft Windows 10 Gold, Windows 10 1511, Windows 10 1607,
and ...)
+ TODO: check
+CVE-2017-0218 (Microsoft Windows 10 Gold, Windows 10 1511, Windows 10 1607,
and ...)
+ TODO: check
CVE-2017-0217
RESERVED
-CVE-2017-0216
- RESERVED
-CVE-2017-0215
- RESERVED
+CVE-2017-0216 (Microsoft Windows 10 1511, Windows 10 1607, and Windows Server
2016 ...)
+ TODO: check
+CVE-2017-0215 (Microsoft Windows 10 1607 and Windows Server 2016 allow an
attacker to ...)
+ TODO: check
CVE-2017-0214 (Windows COM in Microsoft Windows Server 2008 SP2 and R2 SP1,
Windows 7 ...)
NOT-FOR-US: Microsoft
CVE-2017-0213 (Windows COM Aggregate Marshaler in Microsoft Windows Server
2008 SP2 ...)
@@ -30955,8 +31042,8 @@
NOT-FOR-US: Microsoft
CVE-2017-0194 (Microsoft Excel 2007 SP3, Microsoft Excel 2010 SP2, and Office
...)
NOT-FOR-US: Microsoft
-CVE-2017-0193
- RESERVED
+CVE-2017-0193 (Windows Hyper-V in Microsoft Windows Server 2008 SP2 and R2
SP1, ...)
+ TODO: check
CVE-2017-0192 (The Adobe Type Manager Font Driver (ATMFD.dll) in Microsoft
Windows ...)
NOT-FOR-US: Microsoft
CVE-2017-0191 (A denial of service vulnerability exists in the way that
Windows 7, ...)
@@ -30995,8 +31082,8 @@
NOT-FOR-US: Microsoft
CVE-2017-0174
RESERVED
-CVE-2017-0173
- RESERVED
+CVE-2017-0173 (Microsoft Windows 10 1607 and Windows Server 2016 allow an
attacker to ...)
+ TODO: check
CVE-2017-0172
RESERVED
CVE-2017-0171 (Windows DNS Server allows a denial of service vulnerability
when ...)
@@ -56135,7 +56222,8 @@
- foomatic-filters 4.0.17-7 (bug #807993)
NOTE:
http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7419
NOTE: http://www.openwall.com/lists/oss-security/2015/12/13/2
-CVE-2015-9097 [ruby-mail: SMTP injection via recipient email addresses]
+CVE-2015-9097 (The mail gem before 2.5.5 for Ruby (aka A Really Ruby Mail
Library) is ...)
+ {DLA-489-1}
- ruby-mail 2.6.1+dfsg1-1
NOTE:
https://github.com/mikel/mail/commit/72befdc4dab3e6e288ce226a7da2aa474cf5be83
NOTE: CVE Request:
http://www.openwall.com/lists/oss-security/2015/12/11/3
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
