Author: sectracker
Date: 2017-07-12 09:10:14 +0000 (Wed, 12 Jul 2017)
New Revision: 53405
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-07-12 06:44:02 UTC (rev 53404)
+++ data/CVE/list 2017-07-12 09:10:14 UTC (rev 53405)
@@ -1,3 +1,29 @@
+CVE-2017-11184
+ RESERVED
+CVE-2017-11183
+ RESERVED
+CVE-2017-11182 (In Rise Ultimate Project Manager v1.8, XSS vulnerabilities
were found ...)
+ TODO: check
+CVE-2017-11181 (In Rise Ultimate Project Manager v1.8, XSS vulnerabilities
were found ...)
+ TODO: check
+CVE-2017-11180 (FineCMS through 2017-07-11 has stored XSS in the logging
functionality, ...)
+ TODO: check
+CVE-2017-11179 (FineCMS through 2017-07-11 has stored XSS in route=admin when
modifying ...)
+ TODO: check
+CVE-2017-11178 (In FineCMS through 2017-07-11,
application/core/controller/style.php ...)
+ TODO: check
+CVE-2017-11177
+ RESERVED
+CVE-2017-11176 (The mq_notify function in the Linux kernel through 4.11.9 does
not set ...)
+ TODO: check
+CVE-2017-11175
+ RESERVED
+CVE-2017-11174
+ RESERVED
+CVE-2017-11173
+ RESERVED
+CVE-2017-11172
+ RESERVED
CVE-2017-1000096
NOT-FOR-US: Jenkins plugin
CVE-2017-1000095
@@ -6803,16 +6829,16 @@
RESERVED
CVE-2017-8622
RESERVED
-CVE-2017-8621
- RESERVED
+CVE-2017-8621 (Microsoft Exchange Server 2010 SP3, Exchange Server 2013 SP3,
Exchange ...)
+ TODO: check
CVE-2017-8620
RESERVED
-CVE-2017-8619
- RESERVED
-CVE-2017-8618
- RESERVED
-CVE-2017-8617
- RESERVED
+CVE-2017-8619 (Microsoft Edge on Windows 10 Gold, 1511, 1607, and 1703, and
Windows ...)
+ TODO: check
+CVE-2017-8618 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server
2008 R2 ...)
+ TODO: check
+CVE-2017-8617 (Microsoft Edge in Windows 10 1703 Microsoft Edge allows a
remote code ...)
+ TODO: check
CVE-2017-8616
RESERVED
CVE-2017-8615
@@ -6823,118 +6849,118 @@
NOT-FOR-US: Azure AD Connect Password writeback
CVE-2017-8612
RESERVED
-CVE-2017-8611
- RESERVED
-CVE-2017-8610
- RESERVED
-CVE-2017-8609
- RESERVED
-CVE-2017-8608
- RESERVED
-CVE-2017-8607
- RESERVED
-CVE-2017-8606
- RESERVED
-CVE-2017-8605
- RESERVED
-CVE-2017-8604
- RESERVED
-CVE-2017-8603
- RESERVED
-CVE-2017-8602
- RESERVED
-CVE-2017-8601
- RESERVED
+CVE-2017-8611 (Microsoft Edge on Microsoft Windows 10 Gold, 1511, 1607, and
1703, and ...)
+ TODO: check
+CVE-2017-8610 (Microsoft Edge in Microsoft Windows 10 1703 allows an attacker
to ...)
+ TODO: check
+CVE-2017-8609 (Microsoft Internet Explorer in Microsoft Windows 10 Gold, 1511,
1607, ...)
+ TODO: check
+CVE-2017-8608 (Microsoft browsers in Microsoft Windows Server 2008 and R2,
Windows ...)
+ TODO: check
+CVE-2017-8607 (Microsoft browsers in Microsoft Windows 7, Windows Server 2008
and R2, ...)
+ TODO: check
+CVE-2017-8606 (Microsoft browsers in Microsoft Windows 7, Windows Server 2008
and R2, ...)
+ TODO: check
+CVE-2017-8605 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and
1703, and ...)
+ TODO: check
+CVE-2017-8604 (Microsoft Edge in Microsoft Windows 10 1511, 1607, and 1703,
and ...)
+ TODO: check
+CVE-2017-8603 (Microsoft Edge in Microsoft Windows 10 1511, 1607, and 1703,
and ...)
+ TODO: check
+CVE-2017-8602 (Microsoft browsers on Microsoft Windows 7 SP1, Windows Server
2008 R2 ...)
+ TODO: check
+CVE-2017-8601 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and
1703, and ...)
+ TODO: check
CVE-2017-8600
RESERVED
-CVE-2017-8599
- RESERVED
-CVE-2017-8598
- RESERVED
+CVE-2017-8599 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and
1703, and ...)
+ TODO: check
+CVE-2017-8598 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and
1703, and ...)
+ TODO: check
CVE-2017-8597
RESERVED
-CVE-2017-8596
- RESERVED
-CVE-2017-8595
- RESERVED
-CVE-2017-8594
- RESERVED
+CVE-2017-8596 (Microsoft Edge in Microsoft Windows 10 1607, and 1703, and
Windows ...)
+ TODO: check
+CVE-2017-8595 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and
1703, and ...)
+ TODO: check
+CVE-2017-8594 (Internet Explorer on Microsoft Windows 8.1 and Windows RT 8.1,
and ...)
+ TODO: check
CVE-2017-8593
RESERVED
-CVE-2017-8592
- RESERVED
+CVE-2017-8592 (Microsoft browsers on when Microsoft Windows 7 SP1, Windows
Server ...)
+ TODO: check
CVE-2017-8591
RESERVED
-CVE-2017-8590
- RESERVED
-CVE-2017-8589
- RESERVED
-CVE-2017-8588
- RESERVED
-CVE-2017-8587
- RESERVED
+CVE-2017-8590 (Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1,
Windows ...)
+ TODO: check
+CVE-2017-8589 (Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1,
Windows ...)
+ TODO: check
+CVE-2017-8588 (Microsoft WordPad in Windows Server 2008 SP2 and R2 SP1,
Windows 7 ...)
+ TODO: check
+CVE-2017-8587 (Windows Explorer in Windows Server 2008 SP2 and R2 SP1, Windows
7 SP1, ...)
+ TODO: check
CVE-2017-8586
RESERVED
-CVE-2017-8585
- RESERVED
-CVE-2017-8584
- RESERVED
+CVE-2017-8585 (Microsoft .NET Framework 4.6, 4.6.1, 4.6.2, and 4.7 allow an
attacker ...)
+ TODO: check
+CVE-2017-8584 (Windows 10 1607 and Windows Server 2016 allow an attacker to
execute ...)
+ TODO: check
CVE-2017-8583
RESERVED
-CVE-2017-8582
- RESERVED
-CVE-2017-8581
- RESERVED
-CVE-2017-8580
- RESERVED
+CVE-2017-8582 (HTTP.sys in Microsoft Windows Server 2008 SP2 and R2 SP1,
Windows 7 ...)
+ TODO: check
+CVE-2017-8581 (Win32k in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows
7 SP1, ...)
+ TODO: check
+CVE-2017-8580 (Win32k in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows
7 SP1, ...)
+ TODO: check
CVE-2017-8579 (The DirectX component in Microsoft Windows 10 Gold, 1511, 1607,
1703, ...)
NOT-FOR-US: Microsoft
-CVE-2017-8578
- RESERVED
-CVE-2017-8577
- RESERVED
+CVE-2017-8578 (Win32k in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows
7 SP1, ...)
+ TODO: check
+CVE-2017-8577 (Win32k in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows
7 SP1, ...)
+ TODO: check
CVE-2017-8576 (The graphics component in Microsoft Windows 10 Gold, 1511,
1607, 1703, ...)
NOT-FOR-US: Microsoft
CVE-2017-8575 (The kernel in Microsoft Windows 10 Gold, 1511, 1607, 1703, and
Windows ...)
NOT-FOR-US: Windows
-CVE-2017-8574
- RESERVED
-CVE-2017-8573
- RESERVED
+CVE-2017-8574 (Graphics in Microsoft Windows 10 1607, 1703, and Windows Server
2016 ...)
+ TODO: check
+CVE-2017-8573 (Graphics in Microsoft Windows Server 2008 SP2 and R2 SP1,
Windows 7 ...)
+ TODO: check
CVE-2017-8572
RESERVED
CVE-2017-8571
RESERVED
-CVE-2017-8570
- RESERVED
-CVE-2017-8569
- RESERVED
+CVE-2017-8570 (Microsoft Office allows a remote code execution vulnerability
due to ...)
+ TODO: check
+CVE-2017-8569 (Microsoft SharePoint Server allows an elevation of privilege
...)
+ TODO: check
CVE-2017-8568
RESERVED
CVE-2017-8567
RESERVED
-CVE-2017-8566
- RESERVED
-CVE-2017-8565
- RESERVED
-CVE-2017-8564
- RESERVED
-CVE-2017-8563
- RESERVED
-CVE-2017-8562
- RESERVED
-CVE-2017-8561
- RESERVED
-CVE-2017-8560
- RESERVED
-CVE-2017-8559
- RESERVED
+CVE-2017-8566 (Microsoft Windows 1607, 1703, and Windows Server 2016 allows an
...)
+ TODO: check
+CVE-2017-8565 (Windows PowerShell in Windows Server 2008 SP2 and R2 SP1,
Windows 7 ...)
+ TODO: check
+CVE-2017-8564 (Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1,
...)
+ TODO: check
+CVE-2017-8563 (Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1,
Windows ...)
+ TODO: check
+CVE-2017-8562 (Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012
and R2, ...)
+ TODO: check
+CVE-2017-8561 (Windows kernel in Microsoft Windows 8.1, Windows Server 2012
Gold and ...)
+ TODO: check
+CVE-2017-8560 (Microsoft Exchange Server 2010 SP3, Exchange Server 2013 SP3,
Exchange ...)
+ TODO: check
+CVE-2017-8559 (Microsoft Exchange Server 2010 SP3, Exchange Server 2013 SP3,
Exchange ...)
+ TODO: check
CVE-2017-8558 (The Microsoft Malware Protection Engine running on Microsoft
Forefront ...)
NOT-FOR-US: Microsoft
-CVE-2017-8557
- RESERVED
-CVE-2017-8556
- RESERVED
+CVE-2017-8557 (Windows System Information Console in Windows Server 2008 SP2
and R2 ...)
+ TODO: check
+CVE-2017-8556 (Graphics in Microsoft Windows Server 2008 SP2 and R2 SP1,
Windows 7 ...)
+ TODO: check
CVE-2017-8555 (Microsoft Edge in Microsoft Windows 10 1703 allows an attacker
to ...)
NOT-FOR-US: Microsoft
CVE-2017-8554 (The kernel in Microsoft Windows 7 SP1, Windows Server 2008 SP2
and R2 ...)
@@ -7041,10 +7067,10 @@
NOT-FOR-US: Microsoft
CVE-2017-8503
RESERVED
-CVE-2017-8502
- RESERVED
-CVE-2017-8501
- RESERVED
+CVE-2017-8502 (Microsoft Office allows a remote code execution vulnerability
due to ...)
+ TODO: check
+CVE-2017-8501 (Microsoft Office allows a remote code execution vulnerability
due to ...)
+ TODO: check
CVE-2017-8500
RESERVED
CVE-2017-8499 (Microsoft Edge in Windows 10 1703 allows an attacker to execute
...)
@@ -7055,8 +7081,8 @@
NOT-FOR-US: Microsoft
CVE-2017-8496 (Microsoft Edge in Windows 10 1607 and Windows Server 2016
allows an ...)
NOT-FOR-US: Microsoft
-CVE-2017-8495
- RESERVED
+CVE-2017-8495 (Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1,
Windows ...)
+ TODO: check
CVE-2017-8494 (Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows
Server ...)
NOT-FOR-US: Microsoft
CVE-2017-8493 (Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012
R2, ...)
@@ -7073,8 +7099,8 @@
NOT-FOR-US: Microsoft
CVE-2017-8487 (Windows OLE in Windows XP and Windows Server 2003 allows an
attacker ...)
NOT-FOR-US: Microsoft
-CVE-2017-8486
- RESERVED
+CVE-2017-8486 (Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1,
Windows ...)
+ TODO: check
CVE-2017-8485 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1,
Windows 7 ...)
NOT-FOR-US: Microsoft
CVE-2017-8484 (Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1,
Windows ...)
@@ -7111,16 +7137,16 @@
NOT-FOR-US: Microsoft
CVE-2017-8468 (Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012
R2, ...)
NOT-FOR-US: Microsoft
-CVE-2017-8467
- RESERVED
+CVE-2017-8467 (Graphics in Microsoft Windows 7 SP1, Windows Server 2008 SP2
and R2 ...)
+ TODO: check
CVE-2017-8466 (Windows Cursor in Windows 8.1, Windows Server 2012 Gold and R2,
...)
NOT-FOR-US: Microsoft
CVE-2017-8465 (Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012
R2, ...)
NOT-FOR-US: Microsoft
CVE-2017-8464 (Windows Shell in Microsoft Windows Server 2008 SP2 and R2 SP1,
Windows ...)
NOT-FOR-US: Microsoft
-CVE-2017-8463
- RESERVED
+CVE-2017-8463 (Windows Shell in Windows Server 2008 SP2 and R2 SP1, Windows 7
SP1, ...)
+ TODO: check
CVE-2017-8462 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1,
Windows 7 ...)
NOT-FOR-US: Microsoft
CVE-2017-8461 (Windows RPC with Routing and Remote Access enabled in Windows
XP and ...)
@@ -10131,6 +10157,7 @@
NOTE:
https://gitlab.com/gnutls/gnutls/commit/e1d6c59a7b0392fb3b8b75035614084a53e2c8c9
CVE-2017-7506
RESERVED
+ {DSA-3907-1}
- spice <unfixed> (bug #868083)
CVE-2017-7505 (Foreman since version 1.5 is vulnerable to an incorrect
authorization ...)
- foreman <itp> (bug #663101)
@@ -24544,6 +24571,7 @@
NOTE: Fixed by:
https://git.kernel.org/linus/43a6684519ab0a6c52024b5e25322476cabad893
CVE-2017-2670
RESERVED
+ {DSA-3906-1}
- undertow 1.4.18-1 (bug #864405)
NOTE: Fixed by
https://github.com/undertow-io/undertow/commit/9bfe9fbbb595d51157b61693f072895f7dbadd1d
NOTE: https://issues.jboss.org/browse/UNDERTOW-1035
@@ -24564,6 +24592,7 @@
- foreman <itp> (bug #663101)
CVE-2017-2666
RESERVED
+ {DSA-3906-1}
- undertow 1.4.18-1 (bug #864405)
NOTE: https://issues.jboss.org/browse/UNDERTOW-1101
NOTE: Fixed by
https://github.com/undertow-io/undertow/commit/1e72647818c9fb31b693a953b1ae595a6c82eb7f
@@ -25862,13 +25891,13 @@
CVE-2017-2148 (Cross-site scripting vulnerability in WN-AC1167GR firmware
version ...)
NOT-FOR-US: WN-AC1167GR firmware
CVE-2017-2147 (Cross-site scripting vulnerability in WP Statistics version
12.0.4 and ...)
- NOT-FOR-US: WP Statistics
+ NOT-FOR-US: WP Statistics
CVE-2017-2146 (Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to
4.2.4 ...)
- NOT-FOR-US: Cybozu Garoon
+ NOT-FOR-US: Cybozu Garoon
CVE-2017-2145 (Session fixation vulnerability in Cybozu Garoon 4.0.0 to 4.2.4
allows ...)
- NOT-FOR-US: Cybozu Garoon
+ NOT-FOR-US: Cybozu Garoon
CVE-2017-2144 (Cybozu Garoon 3.0.0 to 4.2.4 may allow an attacker to lock
another ...)
- NOT-FOR-US: Cybozu Garoon
+ NOT-FOR-US: Cybozu Garoon
CVE-2017-2143 (CS-Cart Japanese Edition v4.3.10-jp-1 and earlier, CS-Cart
Multivendor ...)
NOT-FOR-US: CS-Cart
CVE-2017-2142 (Buffer overflow in WN-G300R3 firmware Ver.1.03 and earlier
allows ...)
@@ -35019,8 +35048,8 @@
NOT-FOR-US: Microsoft
CVE-2017-0244 (The kernel in Windows Server 2008 SP2 and R2 SP1, and Windows 7
SP1 ...)
NOT-FOR-US: Microsoft
-CVE-2017-0243
- RESERVED
+CVE-2017-0243 (Microsoft Office allows a remote code execution vulnerability
due to ...)
+ TODO: check
CVE-2017-0242 (An information disclosure vulnerability exists in the way some
ActiveX ...)
NOT-FOR-US: Microsoft
CVE-2017-0241 (An elevation of privilege vulnerability exists when Microsoft
Edge ...)
@@ -35165,8 +35194,8 @@
RESERVED
CVE-2017-0171 (Windows DNS Server allows a denial of service vulnerability
when ...)
NOT-FOR-US: Microsoft
-CVE-2017-0170
- RESERVED
+CVE-2017-0170 (Windows Performance Monitor in Windows Server 2008 SP2 and R2
SP1, ...)
+ TODO: check
CVE-2017-0169 (An information disclosure vulnerability exists when Windows
Hyper-V ...)
NOT-FOR-US: Microsoft
CVE-2017-0168 (An information disclosure vulnerability exists when the Windows
...)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
