Author: sectracker
Date: 2017-03-15 09:10:13 +0000 (Wed, 15 Mar 2017)
New Revision: 49701
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-03-15 07:34:33 UTC (rev 49700)
+++ data/CVE/list 2017-03-15 09:10:13 UTC (rev 49701)
@@ -1,3 +1,25 @@
+CVE-2017-6910
+ RESERVED
+CVE-2017-6909 (An issue was discovered in Shimmie <= 2.5.1. The
vulnerability exists ...)
+ TODO: check
+CVE-2017-6908 (An issue was discovered in concrete5 <= 5.6.3.4. The
vulnerability ...)
+ TODO: check
+CVE-2017-6907 (An issue was discovered in Open.GL before 2017-03-13. The
vulnerability ...)
+ TODO: check
+CVE-2017-6906 (An issue was discovered in SiberianCMS before 4.10.0. The
vulnerability ...)
+ TODO: check
+CVE-2017-6905 (An issue was discovered in concrete5 <= 5.6.3.4. The
vulnerability ...)
+ TODO: check
+CVE-2017-6904
+ RESERVED
+CVE-2017-6902 (Unrestricted file upload vulnerability in 'file upload' modules
in ...)
+ TODO: check
+CVE-2017-6901
+ RESERVED
+CVE-2017-6900
+ RESERVED
+CVE-2017-6899
+ RESERVED
CVE-2017-6898
RESERVED
CVE-2017-6897
@@ -26,7 +48,7 @@
RESERVED
CVE-2017-6885
RESERVED
-CVE-2017-6903
+CVE-2017-6903 (In ioquake3 before 2017-03-14, the auto-downloading feature has
...)
- ioquake3 1.36+u20161101+dfsg1-2 (bug #857699)
- iortcw 1.50a+dfsg1-3 (bug #857714)
NOTE:
https://ioquake3.org/2017/03/13/important-security-update-please-update-ioquake3-immediately/
@@ -178,7 +200,8 @@
NOTE: https://github.com/mpruett/audiofile/issues/32
NOTE:
https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-msadpcminitializecoefficients-msadpcm-cpp
NOTE:
https://github.com/mpruett/audiofile/commit/c48e4c6503f7dabd41f11d4c9c7b7f8960e7f2c0
-CVE-2016-10252
+CVE-2016-10252 (Memory leak in the IsOptionMember function in
MagickCore/option.c in ...)
+ {DSA-3808-1}
- imagemagick 8:6.9.6.2+dfsg-2 (bug #857426)
NOTE: Fixed by:
http://git.imagemagick.org/repos/ImageMagick/commit/6790815c75bdea0357df5564345847856e995d6b
CVE-2016-10251 [use of uninitialized value in jpc_pi_nextcprl (jpc_t2cod.c)]
@@ -1433,32 +1456,32 @@
[jessie] - php5 5.6.29+dfsg-0+deb8u1
NOTE: Fixed in 7.1.0, 7.0.14, 5.6.29
NOTE: PHP Bug: https://bugs.php.net/bug.php?id=69090
-CVE-2015-8993
- RESERVED
-CVE-2015-8992
- RESERVED
-CVE-2015-8991
- RESERVED
-CVE-2015-8990
- RESERVED
-CVE-2015-8989
- RESERVED
-CVE-2015-8988
- RESERVED
-CVE-2015-8987
- RESERVED
-CVE-2015-8986
- RESERVED
-CVE-2014-9921
- RESERVED
-CVE-2014-9920
- RESERVED
-CVE-2013-7462
- RESERVED
-CVE-2013-7461
- RESERVED
-CVE-2013-7460
- RESERVED
+CVE-2015-8993 (Malicious file execution vulnerability in Intel Security
CloudAV ...)
+ TODO: check
+CVE-2015-8992 (Malicious file execution vulnerability in Intel Security
WebAdvisor ...)
+ TODO: check
+CVE-2015-8991 (Malicious file execution vulnerability in Intel Security McAfee
...)
+ TODO: check
+CVE-2015-8990 (Detection bypass vulnerability in Intel Security Advanced
Threat ...)
+ TODO: check
+CVE-2015-8989 (Unsalted password vulnerability in the Enterprise Manager (web
portal) ...)
+ TODO: check
+CVE-2015-8988 (Unquoted executable path vulnerability in Client Management and
...)
+ TODO: check
+CVE-2015-8987 (Man-in-the-middle (MitM) attack vulnerability in non-Mac OS
agents in ...)
+ TODO: check
+CVE-2015-8986 (Sandbox detection evasion vulnerability in hardware appliances
in ...)
+ TODO: check
+CVE-2014-9921 (Information disclosure vulnerability in McAfee (now Intel
Security) ...)
+ TODO: check
+CVE-2014-9920 (Unauthorized execution of binary vulnerability in McAfee (now
Intel ...)
+ TODO: check
+CVE-2013-7462 (A directory traversal vulnerability in the web application in
McAfee ...)
+ TODO: check
+CVE-2013-7461 (A write protection and execution bypass vulnerability in McAfee
(now ...)
+ TODO: check
+CVE-2013-7460 (A write protection and execution bypass vulnerability in McAfee
(now ...)
+ TODO: check
CVE-2017-6355 (Integer overflow in the vrend_create_shader function in ...)
- virglrenderer <unfixed>
NOTE: Fixed by:
https://cgit.freedesktop.org/virglrenderer/commit/?id=93761787b29f37fa627dea9082cdfc1a1ec608d6
(0.6.0)
@@ -8068,8 +8091,8 @@
RESERVED
CVE-2017-3900
RESERVED
-CVE-2017-3899
- RESERVED
+CVE-2017-3899 (SQL injection vulnerability in Intel Security Advanced Threat
Defense ...)
+ TODO: check
CVE-2017-3898
RESERVED
CVE-2017-3897
@@ -22794,52 +22817,52 @@
RESERVED
CVE-2016-8028
RESERVED
-CVE-2016-8027
- RESERVED
-CVE-2016-8026
- RESERVED
-CVE-2016-8025
- RESERVED
-CVE-2016-8024
- RESERVED
-CVE-2016-8023
- RESERVED
-CVE-2016-8022
- RESERVED
-CVE-2016-8021
- RESERVED
-CVE-2016-8020
- RESERVED
-CVE-2016-8019
- RESERVED
-CVE-2016-8018
- RESERVED
-CVE-2016-8017
- RESERVED
-CVE-2016-8016
- RESERVED
+CVE-2016-8027 (SQL injection vulnerability in core services in Intel Security
McAfee ...)
+ TODO: check
+CVE-2016-8026 (Arbitrary command execution vulnerability in Intel Security
McAfee ...)
+ TODO: check
+CVE-2016-8025 (SQL injection vulnerability in Intel Security VirusScan
Enterprise ...)
+ TODO: check
+CVE-2016-8024 (Improper neutralization of CRLF sequences in HTTP headers ...)
+ TODO: check
+CVE-2016-8023 (Authentication bypass by assumed-immutable data vulnerability
in Intel ...)
+ TODO: check
+CVE-2016-8022 (Authentication bypass by spoofing vulnerability in Intel
Security ...)
+ TODO: check
+CVE-2016-8021 (Improper verification of cryptographic signature vulnerability
in ...)
+ TODO: check
+CVE-2016-8020 (Improper control of generation of code vulnerability in Intel
Security ...)
+ TODO: check
+CVE-2016-8019 (Cross-site scripting (XSS) vulnerability in attributes in Intel
...)
+ TODO: check
+CVE-2016-8018 (Cross-site request forgery (CSRF) vulnerability in Intel
Security ...)
+ TODO: check
+CVE-2016-8017 (Special element injection vulnerability in Intel Security
VirusScan ...)
+ TODO: check
+CVE-2016-8016 (Information exposure in Intel Security VirusScan Enterprise
Linux ...)
+ TODO: check
CVE-2016-8015
RESERVED
CVE-2016-8014
RESERVED
CVE-2016-8013
RESERVED
-CVE-2016-8012
- RESERVED
-CVE-2016-8011
- RESERVED
-CVE-2016-8010
- RESERVED
-CVE-2016-8009
- RESERVED
-CVE-2016-8008
- RESERVED
-CVE-2016-8007
- RESERVED
+CVE-2016-8012 (Access control vulnerability in Intel Security Data Loss
Prevention ...)
+ TODO: check
+CVE-2016-8011 (Cross-site scripting vulnerability in Intel Security McAfee
Endpoint ...)
+ TODO: check
+CVE-2016-8010 (Application protections bypass vulnerability in Intel Security
McAfee ...)
+ TODO: check
+CVE-2016-8009 (Privilege escalation vulnerability in Intel Security McAfee ...)
+ TODO: check
+CVE-2016-8008 (Privilege escalation vulnerability in Windows 7 and Windows 10
in ...)
+ TODO: check
+CVE-2016-8007 (Authentication bypass vulnerability in McAfee Host Intrusion
...)
+ TODO: check
CVE-2016-8006 (Authentication bypass vulnerability in Enterprise Security
Manager ...)
NOT-FOR-US: Intel Security McAfee Security Information and Event
Management
-CVE-2016-8005
- RESERVED
+CVE-2016-8005 (File extension filtering vulnerability in Intel Security McAfee
Email ...)
+ TODO: check
CVE-2016-8004
RESERVED
CVE-2016-8003
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
