Author: carnil Date: 2015-09-19 15:04:22 +0000 (Sat, 19 Sep 2015) New Revision: 36755
Modified: data/CVE/list Log: Process another batch of NFUs Modified: data/CVE/list =================================================================== --- data/CVE/list 2015-09-19 13:50:26 UTC (rev 36754) +++ data/CVE/list 2015-09-19 15:04:22 UTC (rev 36755) @@ -3066,7 +3066,7 @@ CVE-2015-5917 RESERVED CVE-2015-5916 (The Apple Pay component in Apple iOS before 9 allows remote terminals ...) - TODO: check + NOT-FOR-US: Apple CVE-2015-5915 RESERVED CVE-2015-5914 @@ -3074,7 +3074,7 @@ CVE-2015-5913 RESERVED CVE-2015-5912 (The CFNetwork FTPProtocol component in Apple iOS before 9 allows ...) - TODO: check + NOT-FOR-US: Apple CVE-2015-5911 (Multiple unspecified vulnerabilities in Twisted in Wiki Server in ...) TODO: check CVE-2015-5910 (IDE Xcode Server in Apple Xcode before 7.0 does not ensure that server ...) @@ -3088,11 +3088,11 @@ CVE-2015-5906 (The HTML form implementation in WebKit in Apple iOS before 9 does not ...) NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix CVE-2015-5905 (Safari in Apple iOS before 9 allows remote attackers to spoof the ...) - TODO: check + NOT-FOR-US: Apple CVE-2015-5904 (Safari in Apple iOS before 9 allows remote attackers to spoof the ...) - TODO: check + NOT-FOR-US: Apple CVE-2015-5903 (The kernel in Apple iOS before 9 allows local users to gain privileges ...) - TODO: check + NOT-FOR-US: Apple CVE-2015-5902 RESERVED CVE-2015-5901 @@ -3100,21 +3100,21 @@ CVE-2015-5900 RESERVED CVE-2015-5899 (libpthread in the kernel in Apple iOS before 9 allows local users to ...) - TODO: check + NOT-FOR-US: Apple CVE-2015-5898 (CFNetwork in Apple iOS before 9 relies on the hardware UID for its ...) - TODO: check + NOT-FOR-US: Apple CVE-2015-5897 RESERVED CVE-2015-5896 (The kernel in Apple iOS before 9 allows local users to gain privileges ...) - TODO: check + NOT-FOR-US: Apple CVE-2015-5895 (Multiple unspecified vulnerabilities in SQLite before 3.8.10.2, as ...) - TODO: check + NOT-FOR-US: Apple CVE-2015-5894 RESERVED CVE-2015-5893 RESERVED CVE-2015-5892 (Siri in Apple iOS before 9 allows physically proximate attackers to ...) - TODO: check + NOT-FOR-US: Apple CVE-2015-5891 RESERVED CVE-2015-5890 @@ -3128,29 +3128,29 @@ CVE-2015-5886 RESERVED CVE-2015-5885 (The CFNetwork Cookies component in Apple iOS before 9 allows remote ...) - TODO: check + NOT-FOR-US: Apple CVE-2015-5884 RESERVED CVE-2015-5883 RESERVED CVE-2015-5882 (The processor_set_tasks API implementation in Apple iOS before 9 ...) - TODO: check + NOT-FOR-US: Apple CVE-2015-5881 RESERVED CVE-2015-5880 (CoreAnimation in Apple iOS before 9 allows attackers to bypass ...) - TODO: check + NOT-FOR-US: Apple CVE-2015-5879 (XNU in the kernel in Apple iOS before 9 does not properly validate the ...) - TODO: check + NOT-FOR-US: Apple CVE-2015-5878 RESERVED CVE-2015-5877 RESERVED CVE-2015-5876 (dyld in Dev Tools in Apple iOS before 9 allows attackers to execute ...) - TODO: check + NOT-FOR-US: Apple CVE-2015-5875 RESERVED CVE-2015-5874 (CoreText in Apple iOS before 9 and iTunes before 12.3 allows remote ...) - TODO: check + NOT-FOR-US: Apple CVE-2015-5873 RESERVED CVE-2015-5872 @@ -3160,11 +3160,11 @@ CVE-2015-5870 RESERVED CVE-2015-5869 (The Neighbor Discovery (ND) protocol implementation in the IPv6 stack ...) - TODO: check + NOT-FOR-US: Apple CVE-2015-5868 (The kernel in Apple iOS before 9 allows local users to gain privileges ...) - TODO: check + NOT-FOR-US: Apple CVE-2015-5867 (IOHIDFamily in Apple iOS before 9 allows attackers to execute ...) - TODO: check + NOT-FOR-US: Apple CVE-2015-5866 RESERVED CVE-2015-5865 @@ -3172,21 +3172,21 @@ CVE-2015-5864 RESERVED CVE-2015-5863 (IOStorageFamily in Apple iOS before 9 does not properly initialize an ...) - TODO: check + NOT-FOR-US: Apple CVE-2015-5862 (The Audio component in Apple iOS before 9 allows remote attackers to ...) - TODO: check + NOT-FOR-US: Apple CVE-2015-5861 (SpringBoard in Apple iOS before 9 allows physically proximate ...) - TODO: check + NOT-FOR-US: Apple CVE-2015-5860 (The CFNetwork HTTPProtocol component in Apple iOS before 9 mishandles ...) - TODO: check + NOT-FOR-US: Apple CVE-2015-5859 RESERVED CVE-2015-5858 (The CFNetwork HTTPProtocol component in Apple iOS before 9 allows ...) - TODO: check + NOT-FOR-US: Apple CVE-2015-5857 (Mail in Apple iOS before 9 allows remote attackers to use an ...) - TODO: check + NOT-FOR-US: Apple CVE-2015-5856 (The Application Store component in Apple iOS before 9 allows remote ...) - TODO: check + NOT-FOR-US: Apple CVE-2015-5855 (Apple iOS before 9 allows attackers to discover the e-mail address of ...) TODO: check CVE-2015-5854 @@ -3196,51 +3196,51 @@ CVE-2015-5852 RESERVED CVE-2015-5851 (The convenience initializer in the Multipeer Connectivity component in ...) - TODO: check + NOT-FOR-US: Apple CVE-2015-5850 (AppleKeyStore in Apple iOS before 9 allows physically proximate ...) - TODO: check + NOT-FOR-US: Apple CVE-2015-5849 RESERVED CVE-2015-5848 (IOAcceleratorFamily in Apple iOS before 9 allows local users to gain ...) - TODO: check + NOT-FOR-US: Apple CVE-2015-5847 (The Disk Images component in Apple iOS before 9 allows local users to ...) - TODO: check + NOT-FOR-US: Apple CVE-2015-5846 (IOKit in the kernel in Apple iOS before 9 allows attackers to execute ...) - TODO: check + NOT-FOR-US: Apple CVE-2015-5845 (IOKit in the kernel in Apple iOS before 9 allows attackers to execute ...) - TODO: check + NOT-FOR-US: Apple CVE-2015-5844 (IOKit in the kernel in Apple iOS before 9 allows attackers to execute ...) - TODO: check + NOT-FOR-US: Apple CVE-2015-5843 (IOMobileFrameBuffer in Apple iOS before 9 allows local users to gain ...) - TODO: check + NOT-FOR-US: Apple CVE-2015-5842 (XNU in the kernel in Apple iOS before 9 does not properly initialize ...) - TODO: check + NOT-FOR-US: Apple CVE-2015-5841 (The CFNetwork Proxies component in Apple iOS before 9 does not ...) - TODO: check + NOT-FOR-US: Apple CVE-2015-5840 (The checkint division routines in removefile in Apple iOS before 9 ...) - TODO: check + NOT-FOR-US: Apple CVE-2015-5839 (dyld in Apple iOS before 9 allows attackers to bypass a code-signing ...) - TODO: check + NOT-FOR-US: Apple CVE-2015-5838 (SpringBoard in Apple iOS before 9 does not properly restrict access to ...) - TODO: check + NOT-FOR-US: Apple CVE-2015-5837 (PluginKit in Apple iOS before 9 allows attackers to bypass an intended ...) - TODO: check + NOT-FOR-US: Apple CVE-2015-5836 RESERVED CVE-2015-5835 (Apple iOS before 9 allows attackers to obtain sensitive information ...) TODO: check CVE-2015-5834 (IOAcceleratorFamily in Apple iOS before 9 allows attackers to obtain ...) - TODO: check + NOT-FOR-US: Apple CVE-2015-5833 RESERVED CVE-2015-5832 (The iTunes Store component in Apple iOS before 9 does not properly ...) - TODO: check + NOT-FOR-US: Apple CVE-2015-5831 (NetworkExtension in the kernel in Apple iOS before 9 does not properly ...) - TODO: check + NOT-FOR-US: Apple CVE-2015-5830 RESERVED CVE-2015-5829 (Data Detectors Engine in Apple iOS before 9 allows remote attackers to ...) - TODO: check + NOT-FOR-US: Apple CVE-2015-5828 RESERVED CVE-2015-5827 (WebKit in Apple iOS before 9 allows remote attackers to bypass the ...) @@ -3250,7 +3250,7 @@ CVE-2015-5825 (WebKit in Apple iOS before 9 does not properly restrict the ...) NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix CVE-2015-5824 (The NSURL implementation in the CFNetwork SSL component in Apple iOS ...) - TODO: check + NOT-FOR-US: Apple CVE-2015-5823 (WebKit, as used in JavaScriptCore in Apple iOS before 9 and iTunes ...) NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix CVE-2015-5822 (WebKit, as used in JavaScriptCore in Apple iOS before 9 and iTunes ...) @@ -3322,7 +3322,7 @@ CVE-2015-5789 (WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows ...) NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix CVE-2015-5788 (The WebKit Canvas implementation in Apple iOS before 9 allows remote ...) - TODO: check + NOT-FOR-US: Apple CVE-2015-5787 RESERVED CVE-2015-5786 (Apple QuickTime before 7.7.8 allows remote attackers to execute ...) @@ -3346,7 +3346,7 @@ CVE-2015-5777 (CoreMedia Playback in Apple iOS before 8.4.1 and OS X before 10.10.5 ...) NOT-FOR-US: Apple OS X CVE-2015-5776 (Libinfo in Apple iOS before 8.4.1 and OS X before 10.10.5 allows ...) - TODO: check + NOT-FOR-US: Apple CVE-2015-5775 (FontParser in Apple iOS before 8.4.1 and OS X before 10.10.5 allows ...) NOT-FOR-US: Apple OS X CVE-2015-5774 (Buffer overflow in IOHIDFamily in Apple iOS before 8.4.1 and OS X ...) @@ -3364,13 +3364,13 @@ CVE-2015-5768 (AppleGraphicsControl in Apple OS X before 10.10.5 allows attackers to ...) NOT-FOR-US: Apple OS X CVE-2015-5767 (The user interface in Safari in Apple iOS before 9 allows remote ...) - TODO: check + NOT-FOR-US: Apple CVE-2015-5766 (Directory traversal vulnerability in Air Traffic in Apple iOS before ...) NOT-FOR-US: Apple OS X CVE-2015-5765 (The user interface in Safari in Apple iOS before 9 allows remote ...) - TODO: check + NOT-FOR-US: Apple CVE-2015-5764 (The user interface in Safari in Apple iOS before 9 allows remote ...) - TODO: check + NOT-FOR-US: Apple CVE-2015-5763 (ntfs in Apple OS X before 10.10.5 allows local users to gain ...) NOT-FOR-US: Apple OS X CVE-2015-5762 @@ -3384,7 +3384,7 @@ CVE-2015-5758 (ImageIO in Apple iOS before 8.4.1 and OS X before 10.10.5 allows ...) NOT-FOR-US: Apple OS X CVE-2015-5757 (libpthread in Apple iOS before 8.4.1 and OS X before 10.10.5 allows ...) - TODO: check + NOT-FOR-US: Apple CVE-2015-5756 (FontParser in Apple iOS before 8.4.1 and OS X before 10.10.5 allows ...) NOT-FOR-US: Apple OS X CVE-2015-5755 (CoreText in Apple iOS before 8.4.1 and OS X before 10.10.5 allows ...) @@ -8667,31 +8667,31 @@ NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11036 NOTE: https://www.wireshark.org/security/wnpa-sec-2015-12.html CVE-2015-3807 (libxml2 in Apple iOS before 8.4.1 and OS X before 10.10.5 allows ...) - TODO: check + NOT-FOR-US: Apple CVE-2015-3806 (Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to ...) TODO: check CVE-2015-3805 (Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to ...) NOT-FOR-US: Apple OS X CVE-2015-3804 (FontParser in Apple iOS before 8.4.1 and OS X before 10.10.5 allows ...) - TODO: check + NOT-FOR-US: Apple CVE-2015-3803 (Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to ...) NOT-FOR-US: Apple OS X CVE-2015-3802 (Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to ...) NOT-FOR-US: Apple OS X CVE-2015-3801 (The document.cookie API implementation in the CFNetwork Cookies ...) - TODO: check + NOT-FOR-US: Apple CVE-2015-3800 (The DiskImages component in Apple iOS before 8.4.1 and OS X before ...) NOT-FOR-US: Apple OS X CVE-2015-3799 (The Apple ID OD plug-in in Apple OS X before 10.10.5 allows attackers ...) NOT-FOR-US: Apple OS X CVE-2015-3798 (The TRE library in Libc in Apple iOS before 8.4.1 and OS X before ...) - TODO: check + NOT-FOR-US: Apple CVE-2015-3797 (The TRE library in Libc in Apple iOS before 8.4.1 and OS X before ...) - TODO: check + NOT-FOR-US: Apple CVE-2015-3796 (The TRE library in Libc in Apple iOS before 8.4.1 and OS X before ...) - TODO: check + NOT-FOR-US: Apple CVE-2015-3795 (libxpc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows ...) - TODO: check + NOT-FOR-US: Apple CVE-2015-3794 (The Speech UI in Apple OS X before 10.10.5, when speech alerts are ...) NOT-FOR-US: Apple OS X CVE-2015-3793 (CFPreferences in Apple iOS before 8.4.1 allows attackers to bypass the ...) @@ -8725,7 +8725,7 @@ CVE-2015-3779 (QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to ...) NOT-FOR-US: QuickTime CVE-2015-3778 (bootp in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote ...) - TODO: check + NOT-FOR-US: Apple CVE-2015-3777 (Multiple buffer overflows in blued in the Bluetooth subsystem in Apple ...) NOT-FOR-US: Apple OS X CVE-2015-3776 (IOKit in Apple iOS before 8.4.1 and OS X before 10.10.5 allows ...) @@ -23201,7 +23201,7 @@ [squeeze] - kfreebsd-8 <not-affected> (kfreebsd-i386/amd64 not supported in Squeeze LTS) NOTE: https://security.FreeBSD.org/advisories/FreeBSD-SA-15:02.kmem.asc CVE-2014-8611 (The __sflush function in fflush.c in stdio in libc in FreeBSD 10.1 and ...) - TODO: check + NOT-FOR-US: Apple CVE-2014-8610 (AndroidManifest.xml in Android before 5.0.0 does not require the ...) NOT-FOR-US: Android CVE-2014-8609 (The addAccount method in ...) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits