Author: jmm Date: 2017-02-15 18:03:05 +0000 (Wed, 15 Feb 2017) New Revision: 48960
Modified: data/CVE/list Log: NFUs Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-02-15 17:55:08 UTC (rev 48959) +++ data/CVE/list 2017-02-15 18:03:05 UTC (rev 48960) @@ -38024,43 +38024,43 @@ CVE-2016-2484 (libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x ...) NOT-FOR-US: libstagefright CVE-2016-2483 (The mm-video-v4l2 venc component in mediaserver in Android 4.x before ...) - TODO: check + NOT-FOR-US: Android Mediaserver CVE-2016-2482 (The mm-video-v4l2 vdec component in mediaserver in Android 4.x before ...) - TODO: check + NOT-FOR-US: Android Mediaserver CVE-2016-2481 (The mm-video-v4l2 venc component in mediaserver in Android 4.x before ...) - TODO: check + NOT-FOR-US: Android Mediaserver CVE-2016-2480 (The mm-video-v4l2 vidc component in mediaserver in Android 4.x before ...) - TODO: check + NOT-FOR-US: Android Mediaserver CVE-2016-2479 (The mm-video-v4l2 vdec component in mediaserver in Android 4.x before ...) - TODO: check + NOT-FOR-US: Android Mediaserver CVE-2016-2478 (mm-video-v4l2/vidc/vdec/src/omx_vdec_msm8974.cpp in mediaserver in ...) - TODO: check + NOT-FOR-US: Android Mediaserver CVE-2016-2477 (mm-video-v4l2/vidc/vdec/src/omx_vdec_msm8974.cpp in mediaserver in ...) - TODO: check + NOT-FOR-US: Android Mediaserver CVE-2016-2476 (mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x ...) - TODO: check + NOT-FOR-US: Android Mediaserver CVE-2016-2475 (The Broadcom Wi-Fi driver in Android before 2016-06-01 on Nexus 5, ...) - TODO: check + NOT-FOR-US: Broadcom driver for Android CVE-2016-2474 (The Qualcomm Wi-Fi driver in Android before 2016-06-01 on Nexus 5X ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2016-2473 (The Qualcomm Wi-Fi driver in Android before 2016-06-01 on Nexus 7 ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2016-2472 (The Qualcomm Wi-Fi driver in Android before 2016-06-01 on Nexus 7 ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2016-2471 (The Qualcomm Wi-Fi driver in Android before 2016-06-01 on Nexus 7 ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2016-2470 (The Qualcomm Wi-Fi driver in Android before 2016-06-01 on Nexus 7 ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2016-2469 (The Qualcomm sound driver in Android before 2016-06-01 on Nexus 5, 6, ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2016-2468 (The Qualcomm GPU driver in Android before 2016-06-01 on Nexus 5, 5X, ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2016-2467 (The Qualcomm sound driver in Android before 2016-06-01 on Nexus 5 ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2016-2466 (The Qualcomm sound driver in Android before 2016-06-01 on Nexus 6 ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2016-2465 (The Qualcomm video driver in Android before 2016-06-01 on Nexus 5, 5X, ...) - TODO: check + NOT-FOR-US: Qualcomm driver for Android CVE-2016-2464 (libvpx in libwebm in mediaserver in Android 4.x before 4.4.4, 5.0.x ...) TODO: check CVE-2016-2463 (Multiple integer overflows in the h264dec component in libstagefright ...) @@ -38839,7 +38839,7 @@ CVE-2016-2247 REJECTED CVE-2016-2246 (HP ThinPro 4.4 through 6.1 mishandles the keyboard layout control ...) - TODO: check + NOT-FOR-US: HP ThinPro CVE-2016-2245 (HP Support Assistant before 8.1.52.1 allows remote attackers to bypass ...) NOT-FOR-US: HP Support Assistant CVE-2016-2244 (HP LaserJet printers and MFPs and OfficeJet Enterprise printers with ...) @@ -38884,7 +38884,7 @@ NOTE: Possibly introduced after http://vcs.pcre.org/pcre?view=revision&revision=1266 NOTE: Fixed by: http://vcs.pcre.org/pcre?view=revision&revision=1638 (8.39) CVE-2016-2242 (Exponent CMS 2.x before 2.3.7 Patch 3 allows remote attackers to ...) - TODO: check + NOT-FOR-US: Exponent CMS CVE-2016-2241 RESERVED CVE-2016-2240 @@ -43142,7 +43142,7 @@ NOTE: https://github.com/Dolibarr/dolibarr/issues/4291 NOTE: https://github.com/GPCsolutions/dolibarr/commit/0d3181324c816bdf664ca5e1548dfe8eb05c54f8 CVE-2015-8684 (Exponent CMS before 2.3.7 does not properly restrict the types of ...) - TODO: check + NOT-FOR-US: Exponent CMS CVE-2015-8682 (The Video0 driver in Huawei P8 smartphones with software GRA-UL00 ...) TODO: check CVE-2015-8681 (The ovisp driver in Huawei P8 smartphones with software GRA-TL00 ...) @@ -46134,15 +46134,15 @@ CVE-2015-8524 (Cross-site scripting (XSS) vulnerability in Process Portal in IBM ...) NOT-FOR-US: IBM CVE-2015-8523 (The server in IBM Tivoli Storage Manager FastBack 5.5.x and 6.x before ...) - TODO: check + NOT-FOR-US: IBM CVE-2015-8522 (Buffer overflow in the server in IBM Tivoli Storage Manager FastBack ...) - TODO: check + NOT-FOR-US: IBM CVE-2015-8521 (Buffer overflow in the server in IBM Tivoli Storage Manager FastBack ...) - TODO: check + NOT-FOR-US: IBM CVE-2015-8520 (Buffer overflow in the server in IBM Tivoli Storage Manager FastBack ...) - TODO: check + NOT-FOR-US: IBM CVE-2015-8519 (Buffer overflow in the server in IBM Tivoli Storage Manager FastBack ...) - TODO: check + NOT-FOR-US: IBM CVE-2015-8518 RESERVED CVE-2015-8517 @@ -46234,11 +46234,11 @@ CVE-2016-0198 (Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 ...) NOT-FOR-US: Microsoft CVE-2016-0197 (dxgkrnl.sys in the DirectX Graphics kernel subsystem in the ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2016-0196 (The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server ...) NOT-FOR-US: Microsoft CVE-2016-0195 (The Imaging Component in Microsoft Windows Vista SP2, Windows Server ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2016-0194 (Microsoft Internet Explorer 10 and 11 allows remote attackers to ...) NOT-FOR-US: Microsoft CVE-2016-0193 (The Chakra JavaScript engine in Microsoft Edge allows remote attackers ...) @@ -46248,35 +46248,35 @@ CVE-2016-0191 (The Chakra JavaScript engine in Microsoft Edge allows remote attackers ...) NOT-FOR-US: Microsoft CVE-2016-0190 (Volume Manager Driver in Microsoft Windows 8.1, Windows Server 2012 ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2016-0189 (The Microsoft (1) JScript 5.8 and (2) VBScript 5.7 and 5.8 engines, as ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2016-0188 (The User Mode Code Integrity (UMCI) implementation in Device Guard in ...) NOT-FOR-US: Microsoft CVE-2016-0187 (The Microsoft (1) JScript 5.8 and (2) VBScript 5.8 engines, as used in ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2016-0186 (The Chakra JavaScript engine in Microsoft Edge allows remote attackers ...) NOT-FOR-US: Microsoft CVE-2016-0185 (Media Center in Microsoft Windows Vista SP2, Windows 7 SP1, and ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2016-0184 (Use-after-free vulnerability in GDI in Microsoft Windows Vista SP2, ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2016-0183 (The Windows font library in Microsoft Office 2010 SP2, Word 2010 SP2, ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2016-0182 (Windows Journal in Microsoft Windows Vista SP2, Windows 7 SP1, Windows ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2016-0181 (Microsoft Windows 10 Gold and 1511 allows local users to bypass the ...) NOT-FOR-US: Microsoft CVE-2016-0180 (The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2016-0179 (Windows Shell in Microsoft Windows 8.1, Windows Server 2012 R2, ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2016-0178 (The RPC NDR Engine in Microsoft Windows Vista SP2, Windows Server 2008 ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2016-0177 RESERVED CVE-2016-0176 (dxgkrnl.sys in the DirectX Graphics kernel subsystem in the ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2016-0175 (The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server ...) NOT-FOR-US: Microsoft CVE-2016-0174 (The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server ...) @@ -46288,11 +46288,11 @@ CVE-2016-0171 (The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server ...) NOT-FOR-US: Microsoft CVE-2016-0170 (GDI in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2016-0169 (GDI in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2016-0168 (GDI in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2016-0167 (The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server ...) NOT-FOR-US: Microsoft Windows CVE-2016-0166 (Microsoft Internet Explorer 11 allows remote attackers to execute ...) @@ -46324,13 +46324,13 @@ CVE-2016-0153 (OLE in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 ...) NOT-FOR-US: Microsoft Windows CVE-2016-0152 (Internet Information Services (IIS) in Microsoft Windows Vista SP2 and ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2016-0151 (The Client-Server Run-time Subsystem (CSRSS) in Microsoft Windows 8.1, ...) NOT-FOR-US: Microsoft Windows CVE-2016-0150 (HTTP.sys in Microsoft Windows 10 Gold and 1511 allows remote attackers ...) NOT-FOR-US: Microsoft Windows CVE-2016-0149 (Microsoft .NET Framework 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, and ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2016-0148 (Microsoft .NET Framework 4.6 and 4.6.1 mishandles library loading, ...) NOT-FOR-US: Microsoft .NET CVE-2016-0147 (Microsoft XML Core Services 3.0 allows remote attackers to execute ...) @@ -46344,9 +46344,9 @@ CVE-2016-0143 (The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server ...) NOT-FOR-US: Microsoft Windows CVE-2016-0142 (Video Control in Microsoft Windows Vista SP2, Windows 7 SP1, Windows ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2016-0141 (The Visual Basic macros in Microsoft Office 2007 SP3, 2010 SP2, 2013 ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2016-0140 (Microsoft Office 2007 SP3, Office 2010 SP2, Word Automation Services ...) NOT-FOR-US: Microsoft CVE-2016-0139 (Microsoft Excel 2010 SP2, Word for Mac 2011, and Excel Viewer allow ...) @@ -46354,7 +46354,7 @@ CVE-2016-0138 (Microsoft Exchange Server 2007 SP3, 2010 SP3, 2013 SP1, 2013 ...) NOT-FOR-US: Microsoft CVE-2016-0137 (The Click-to-Run (C2R) implementation in Microsoft Office 2013 SP1 and ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2016-0136 (Microsoft Excel 2007 SP3, Excel 2010 SP2, Office Compatibility Pack ...) NOT-FOR-US: Microsoft Excel CVE-2016-0135 (The Secondary Logon Service in Microsoft Windows 10 Gold and 1511 ...) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits