Author: carnil
Date: 2015-09-19 15:04:22 +0000 (Sat, 19 Sep 2015)
New Revision: 36755
Modified:
data/CVE/list
Log:
Process another batch of NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-09-19 13:50:26 UTC (rev 36754)
+++ data/CVE/list 2015-09-19 15:04:22 UTC (rev 36755)
@@ -3066,7 +3066,7 @@
CVE-2015-5917
RESERVED
CVE-2015-5916 (The Apple Pay component in Apple iOS before 9 allows remote
terminals ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-5915
RESERVED
CVE-2015-5914
@@ -3074,7 +3074,7 @@
CVE-2015-5913
RESERVED
CVE-2015-5912 (The CFNetwork FTPProtocol component in Apple iOS before 9
allows ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-5911 (Multiple unspecified vulnerabilities in Twisted in Wiki Server
in ...)
TODO: check
CVE-2015-5910 (IDE Xcode Server in Apple Xcode before 7.0 does not ensure that
server ...)
@@ -3088,11 +3088,11 @@
CVE-2015-5906 (The HTML form implementation in WebKit in Apple iOS before 9
does not ...)
NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome
sec team will know and fix
CVE-2015-5905 (Safari in Apple iOS before 9 allows remote attackers to spoof
the ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-5904 (Safari in Apple iOS before 9 allows remote attackers to spoof
the ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-5903 (The kernel in Apple iOS before 9 allows local users to gain
privileges ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-5902
RESERVED
CVE-2015-5901
@@ -3100,21 +3100,21 @@
CVE-2015-5900
RESERVED
CVE-2015-5899 (libpthread in the kernel in Apple iOS before 9 allows local
users to ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-5898 (CFNetwork in Apple iOS before 9 relies on the hardware UID for
its ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-5897
RESERVED
CVE-2015-5896 (The kernel in Apple iOS before 9 allows local users to gain
privileges ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-5895 (Multiple unspecified vulnerabilities in SQLite before 3.8.10.2,
as ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-5894
RESERVED
CVE-2015-5893
RESERVED
CVE-2015-5892 (Siri in Apple iOS before 9 allows physically proximate
attackers to ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-5891
RESERVED
CVE-2015-5890
@@ -3128,29 +3128,29 @@
CVE-2015-5886
RESERVED
CVE-2015-5885 (The CFNetwork Cookies component in Apple iOS before 9 allows
remote ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-5884
RESERVED
CVE-2015-5883
RESERVED
CVE-2015-5882 (The processor_set_tasks API implementation in Apple iOS before
9 ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-5881
RESERVED
CVE-2015-5880 (CoreAnimation in Apple iOS before 9 allows attackers to bypass
...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-5879 (XNU in the kernel in Apple iOS before 9 does not properly
validate the ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-5878
RESERVED
CVE-2015-5877
RESERVED
CVE-2015-5876 (dyld in Dev Tools in Apple iOS before 9 allows attackers to
execute ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-5875
RESERVED
CVE-2015-5874 (CoreText in Apple iOS before 9 and iTunes before 12.3 allows
remote ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-5873
RESERVED
CVE-2015-5872
@@ -3160,11 +3160,11 @@
CVE-2015-5870
RESERVED
CVE-2015-5869 (The Neighbor Discovery (ND) protocol implementation in the IPv6
stack ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-5868 (The kernel in Apple iOS before 9 allows local users to gain
privileges ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-5867 (IOHIDFamily in Apple iOS before 9 allows attackers to execute
...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-5866
RESERVED
CVE-2015-5865
@@ -3172,21 +3172,21 @@
CVE-2015-5864
RESERVED
CVE-2015-5863 (IOStorageFamily in Apple iOS before 9 does not properly
initialize an ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-5862 (The Audio component in Apple iOS before 9 allows remote
attackers to ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-5861 (SpringBoard in Apple iOS before 9 allows physically proximate
...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-5860 (The CFNetwork HTTPProtocol component in Apple iOS before 9
mishandles ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-5859
RESERVED
CVE-2015-5858 (The CFNetwork HTTPProtocol component in Apple iOS before 9
allows ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-5857 (Mail in Apple iOS before 9 allows remote attackers to use an
...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-5856 (The Application Store component in Apple iOS before 9 allows
remote ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-5855 (Apple iOS before 9 allows attackers to discover the e-mail
address of ...)
TODO: check
CVE-2015-5854
@@ -3196,51 +3196,51 @@
CVE-2015-5852
RESERVED
CVE-2015-5851 (The convenience initializer in the Multipeer Connectivity
component in ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-5850 (AppleKeyStore in Apple iOS before 9 allows physically proximate
...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-5849
RESERVED
CVE-2015-5848 (IOAcceleratorFamily in Apple iOS before 9 allows local users to
gain ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-5847 (The Disk Images component in Apple iOS before 9 allows local
users to ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-5846 (IOKit in the kernel in Apple iOS before 9 allows attackers to
execute ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-5845 (IOKit in the kernel in Apple iOS before 9 allows attackers to
execute ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-5844 (IOKit in the kernel in Apple iOS before 9 allows attackers to
execute ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-5843 (IOMobileFrameBuffer in Apple iOS before 9 allows local users to
gain ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-5842 (XNU in the kernel in Apple iOS before 9 does not properly
initialize ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-5841 (The CFNetwork Proxies component in Apple iOS before 9 does not
...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-5840 (The checkint division routines in removefile in Apple iOS
before 9 ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-5839 (dyld in Apple iOS before 9 allows attackers to bypass a
code-signing ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-5838 (SpringBoard in Apple iOS before 9 does not properly restrict
access to ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-5837 (PluginKit in Apple iOS before 9 allows attackers to bypass an
intended ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-5836
RESERVED
CVE-2015-5835 (Apple iOS before 9 allows attackers to obtain sensitive
information ...)
TODO: check
CVE-2015-5834 (IOAcceleratorFamily in Apple iOS before 9 allows attackers to
obtain ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-5833
RESERVED
CVE-2015-5832 (The iTunes Store component in Apple iOS before 9 does not
properly ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-5831 (NetworkExtension in the kernel in Apple iOS before 9 does not
properly ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-5830
RESERVED
CVE-2015-5829 (Data Detectors Engine in Apple iOS before 9 allows remote
attackers to ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-5828
RESERVED
CVE-2015-5827 (WebKit in Apple iOS before 9 allows remote attackers to bypass
the ...)
@@ -3250,7 +3250,7 @@
CVE-2015-5825 (WebKit in Apple iOS before 9 does not properly restrict the ...)
NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome
sec team will know and fix
CVE-2015-5824 (The NSURL implementation in the CFNetwork SSL component in
Apple iOS ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-5823 (WebKit, as used in JavaScriptCore in Apple iOS before 9 and
iTunes ...)
NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome
sec team will know and fix
CVE-2015-5822 (WebKit, as used in JavaScriptCore in Apple iOS before 9 and
iTunes ...)
@@ -3322,7 +3322,7 @@
CVE-2015-5789 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3,
allows ...)
NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome
sec team will know and fix
CVE-2015-5788 (The WebKit Canvas implementation in Apple iOS before 9 allows
remote ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-5787
RESERVED
CVE-2015-5786 (Apple QuickTime before 7.7.8 allows remote attackers to execute
...)
@@ -3346,7 +3346,7 @@
CVE-2015-5777 (CoreMedia Playback in Apple iOS before 8.4.1 and OS X before
10.10.5 ...)
NOT-FOR-US: Apple OS X
CVE-2015-5776 (Libinfo in Apple iOS before 8.4.1 and OS X before 10.10.5
allows ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-5775 (FontParser in Apple iOS before 8.4.1 and OS X before 10.10.5
allows ...)
NOT-FOR-US: Apple OS X
CVE-2015-5774 (Buffer overflow in IOHIDFamily in Apple iOS before 8.4.1 and OS
X ...)
@@ -3364,13 +3364,13 @@
CVE-2015-5768 (AppleGraphicsControl in Apple OS X before 10.10.5 allows
attackers to ...)
NOT-FOR-US: Apple OS X
CVE-2015-5767 (The user interface in Safari in Apple iOS before 9 allows
remote ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-5766 (Directory traversal vulnerability in Air Traffic in Apple iOS
before ...)
NOT-FOR-US: Apple OS X
CVE-2015-5765 (The user interface in Safari in Apple iOS before 9 allows
remote ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-5764 (The user interface in Safari in Apple iOS before 9 allows
remote ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-5763 (ntfs in Apple OS X before 10.10.5 allows local users to gain
...)
NOT-FOR-US: Apple OS X
CVE-2015-5762
@@ -3384,7 +3384,7 @@
CVE-2015-5758 (ImageIO in Apple iOS before 8.4.1 and OS X before 10.10.5
allows ...)
NOT-FOR-US: Apple OS X
CVE-2015-5757 (libpthread in Apple iOS before 8.4.1 and OS X before 10.10.5
allows ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-5756 (FontParser in Apple iOS before 8.4.1 and OS X before 10.10.5
allows ...)
NOT-FOR-US: Apple OS X
CVE-2015-5755 (CoreText in Apple iOS before 8.4.1 and OS X before 10.10.5
allows ...)
@@ -8667,31 +8667,31 @@
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11036
NOTE: https://www.wireshark.org/security/wnpa-sec-2015-12.html
CVE-2015-3807 (libxml2 in Apple iOS before 8.4.1 and OS X before 10.10.5
allows ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-3806 (Apple iOS before 8.4.1 and OS X before 10.10.5 allow local
users to ...)
TODO: check
CVE-2015-3805 (Apple iOS before 8.4.1 and OS X before 10.10.5 allow local
users to ...)
NOT-FOR-US: Apple OS X
CVE-2015-3804 (FontParser in Apple iOS before 8.4.1 and OS X before 10.10.5
allows ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-3803 (Apple iOS before 8.4.1 and OS X before 10.10.5 allow local
users to ...)
NOT-FOR-US: Apple OS X
CVE-2015-3802 (Apple iOS before 8.4.1 and OS X before 10.10.5 allow local
users to ...)
NOT-FOR-US: Apple OS X
CVE-2015-3801 (The document.cookie API implementation in the CFNetwork Cookies
...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-3800 (The DiskImages component in Apple iOS before 8.4.1 and OS X
before ...)
NOT-FOR-US: Apple OS X
CVE-2015-3799 (The Apple ID OD plug-in in Apple OS X before 10.10.5 allows
attackers ...)
NOT-FOR-US: Apple OS X
CVE-2015-3798 (The TRE library in Libc in Apple iOS before 8.4.1 and OS X
before ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-3797 (The TRE library in Libc in Apple iOS before 8.4.1 and OS X
before ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-3796 (The TRE library in Libc in Apple iOS before 8.4.1 and OS X
before ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-3795 (libxpc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows
...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-3794 (The Speech UI in Apple OS X before 10.10.5, when speech alerts
are ...)
NOT-FOR-US: Apple OS X
CVE-2015-3793 (CFPreferences in Apple iOS before 8.4.1 allows attackers to
bypass the ...)
@@ -8725,7 +8725,7 @@
CVE-2015-3779 (QuickTime 7 in Apple OS X before 10.10.5 allows remote
attackers to ...)
NOT-FOR-US: QuickTime
CVE-2015-3778 (bootp in Apple iOS before 8.4.1 and OS X before 10.10.5 allows
remote ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-3777 (Multiple buffer overflows in blued in the Bluetooth subsystem
in Apple ...)
NOT-FOR-US: Apple OS X
CVE-2015-3776 (IOKit in Apple iOS before 8.4.1 and OS X before 10.10.5 allows
...)
@@ -23201,7 +23201,7 @@
[squeeze] - kfreebsd-8 <not-affected> (kfreebsd-i386/amd64 not
supported in Squeeze LTS)
NOTE: https://security.FreeBSD.org/advisories/FreeBSD-SA-15:02.kmem.asc
CVE-2014-8611 (The __sflush function in fflush.c in stdio in libc in FreeBSD
10.1 and ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2014-8610 (AndroidManifest.xml in Android before 5.0.0 does not require
the ...)
NOT-FOR-US: Android
CVE-2014-8609 (The addAccount method in ...)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
