[Secure-testing-commits] r53484 - data/CVE

Fri, 14 Jul 2017 02:10:30 -0700 

Author: sectracker
Date: 2017-07-14 09:10:13 +0000 (Fri, 14 Jul 2017)
New Revision: 53484

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-07-14 09:06:49 UTC (rev 53483)
+++ data/CVE/list       2017-07-14 09:10:13 UTC (rev 53484)
@@ -1,3 +1,37 @@
+CVE-2017-11328 (Heap buffer overflow in the yr_object_array_set_item() 
function in ...)
+       TODO: check
+CVE-2017-11327
+       RESERVED
+CVE-2017-11326
+       RESERVED
+CVE-2017-11325
+       RESERVED
+CVE-2017-11324
+       RESERVED
+CVE-2017-11323
+       RESERVED
+CVE-2017-11322
+       RESERVED
+CVE-2017-11321
+       RESERVED
+CVE-2017-11320
+       RESERVED
+CVE-2017-11319
+       RESERVED
+CVE-2017-11318 (Cobian Backup 11 client allows man-in-the-middle attackers to 
add and ...)
+       TODO: check
+CVE-2017-11317
+       RESERVED
+CVE-2017-11316
+       RESERVED
+CVE-2017-11315
+       RESERVED
+CVE-2017-11314
+       RESERVED
+CVE-2017-11313
+       RESERVED
+CVE-2017-11312
+       RESERVED
 CVE-2017-11311 (soundlib/Load_psm.cpp in OpenMPT through 1.26.12.00 and 
libopenmpt ...)
        - libopenmpt <unfixed> (bug #867579)
        [stretch] - libopenmpt <no-dsa> (Scheduled for point release)
@@ -2344,8 +2378,8 @@
        NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2682
        NOTE: Fixed by: 
https://github.com/vadz/libtiff/commit/fb3dc46a2fcf6197ff3b93fc76f0c37fddc0333b
        NOTE: The issue is addressed with the same commit as for CVE-2017-9403
-CVE-2017-9814
-       RESERVED
+CVE-2017-9814 (cairo-truetype-subset.c in cairo 1.15.6 and earlier allows 
remote ...)
+       TODO: check
 CVE-2017-9813
        RESERVED
 CVE-2017-9812
@@ -23751,17 +23785,15 @@
        RESERVED
 CVE-2017-3104
        RESERVED
-CVE-2017-3103
-       RESERVED
-CVE-2017-3102
-       RESERVED
-CVE-2017-3101
-       RESERVED
-CVE-2017-3100
-       RESERVED
+CVE-2017-3103 (Adobe Connect versions 9.6.1 and earlier have a stored 
cross-site ...)
+       TODO: check
+CVE-2017-3102 (Adobe Connect versions 9.6.1 and earlier have a reflected 
cross-site ...)
+       TODO: check
+CVE-2017-3101 (Adobe Connect versions 9.6.1 and earlier have a clickjacking 
...)
+       TODO: check
+CVE-2017-3100 (Adobe Flash Player versions 26.0.0.131 and earlier have an 
exploitable ...)
        NOT-FOR-US: Adobe Flash
-CVE-2017-3099
-       RESERVED
+CVE-2017-3099 (Adobe Flash Player versions 26.0.0.131 and earlier have an 
exploitable ...)
        NOT-FOR-US: Adobe Flash
 CVE-2017-3098 (Adobe Captivate versions 9 and earlier have a remote code 
execution ...)
        NOT-FOR-US: Adobe
@@ -23799,8 +23831,7 @@
        NOT-FOR-US: Adobe Flash
 CVE-2017-3081 (Adobe Flash Player versions 25.0.0.171 and earlier have an 
exploitable ...)
        NOT-FOR-US: Adobe Flash
-CVE-2017-3080
-       RESERVED
+CVE-2017-3080 (Adobe Flash Player versions 26.0.0.131 and earlier have a 
security ...)
        NOT-FOR-US: Adobe Flash
 CVE-2017-3079 (Adobe Flash Player versions 25.0.0.171 and earlier have an 
exploitable ...)
        NOT-FOR-US: Adobe Flash


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to