Author: sectracker
Date: 2017-09-18 21:10:17 +0000 (Mon, 18 Sep 2017)
New Revision: 55885

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-09-18 20:48:11 UTC (rev 55884)
+++ data/CVE/list       2017-09-18 21:10:17 UTC (rev 55885)
@@ -1,89 +1,91 @@
-CVE-2017-14580
+CVE-2017-14581
        RESERVED
-CVE-2017-14579
-       RESERVED
-CVE-2017-14578
-       RESERVED
-CVE-2017-14577
-       RESERVED
-CVE-2017-14576
-       RESERVED
-CVE-2017-14575
-       RESERVED
-CVE-2017-14574
-       RESERVED
-CVE-2017-14573
-       RESERVED
-CVE-2017-14572
-       RESERVED
-CVE-2017-14571
-       RESERVED
-CVE-2017-14570
-       RESERVED
-CVE-2017-14569
-       RESERVED
-CVE-2017-14568
-       RESERVED
-CVE-2017-14567
-       RESERVED
-CVE-2017-14566
-       RESERVED
-CVE-2017-14565
-       RESERVED
-CVE-2017-14564
-       RESERVED
-CVE-2017-14563
-       RESERVED
-CVE-2017-14562
-       RESERVED
-CVE-2017-14561
-       RESERVED
-CVE-2017-14560
-       RESERVED
-CVE-2017-14559
-       RESERVED
-CVE-2017-14558
-       RESERVED
-CVE-2017-14557
-       RESERVED
-CVE-2017-14556
-       RESERVED
-CVE-2017-14555
-       RESERVED
-CVE-2017-14554
-       RESERVED
-CVE-2017-14553
-       RESERVED
-CVE-2017-14552
-       RESERVED
-CVE-2017-14551
-       RESERVED
-CVE-2017-14550
-       RESERVED
-CVE-2017-14549
-       RESERVED
-CVE-2017-14548
-       RESERVED
-CVE-2017-14547
-       RESERVED
-CVE-2017-14546
-       RESERVED
-CVE-2017-14545
-       RESERVED
-CVE-2017-14544
-       RESERVED
-CVE-2017-14543
-       RESERVED
-CVE-2017-14542
-       RESERVED
-CVE-2017-14541
-       RESERVED
-CVE-2017-14540
-       RESERVED
-CVE-2017-14539
-       RESERVED
-CVE-2017-14538
-       RESERVED
+CVE-2017-14580 (XnView Classic for Windows Version 2.41 allows attackers to 
execute ...)
+       TODO: check
+CVE-2017-14579 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code 
or cause ...)
+       TODO: check
+CVE-2017-14578 (IrfanView 4.44 - 32bit allows attackers to cause a denial of 
service or ...)
+       TODO: check
+CVE-2017-14577 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code 
or cause ...)
+       TODO: check
+CVE-2017-14576 (STDU Viewer 1.6.375 allows attackers to cause a denial of 
service or ...)
+       TODO: check
+CVE-2017-14575 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code 
or cause ...)
+       TODO: check
+CVE-2017-14574 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code 
or cause ...)
+       TODO: check
+CVE-2017-14573 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code 
or cause ...)
+       TODO: check
+CVE-2017-14572 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code 
or cause ...)
+       TODO: check
+CVE-2017-14571 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code 
or cause ...)
+       TODO: check
+CVE-2017-14570 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code 
or cause ...)
+       TODO: check
+CVE-2017-14569 (STDU Viewer 1.6.375 allows attackers to cause a denial of 
service or ...)
+       TODO: check
+CVE-2017-14568 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code 
or cause ...)
+       TODO: check
+CVE-2017-14567 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code 
or cause ...)
+       TODO: check
+CVE-2017-14566 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code 
or cause ...)
+       TODO: check
+CVE-2017-14565 (STDU Viewer 1.6.375 allows attackers to cause a denial of 
service or ...)
+       TODO: check
+CVE-2017-14564 (STDU Viewer 1.6.375 allows attackers to cause a denial of 
service or ...)
+       TODO: check
+CVE-2017-14563 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code 
or cause ...)
+       TODO: check
+CVE-2017-14562 (STDU Viewer 1.6.375 allows attackers to cause a denial of 
service or ...)
+       TODO: check
+CVE-2017-14561 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code 
or cause ...)
+       TODO: check
+CVE-2017-14560 (STDU Viewer 1.6.375 allows attackers to cause a denial of 
service or ...)
+       TODO: check
+CVE-2017-14559 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code 
or cause ...)
+       TODO: check
+CVE-2017-14558 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code 
or cause ...)
+       TODO: check
+CVE-2017-14557 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code 
or cause ...)
+       TODO: check
+CVE-2017-14556 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code 
or cause ...)
+       TODO: check
+CVE-2017-14555 (STDU Viewer 1.6.375 allows attackers to cause a denial of 
service or ...)
+       TODO: check
+CVE-2017-14554 (STDU Viewer 1.6.375 allows attackers to cause a denial of 
service or ...)
+       TODO: check
+CVE-2017-14553 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code 
or cause ...)
+       TODO: check
+CVE-2017-14552 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code 
or cause ...)
+       TODO: check
+CVE-2017-14551 (STDU Viewer 1.6.375 allows attackers to cause a denial of 
service or ...)
+       TODO: check
+CVE-2017-14550 (STDU Viewer 1.6.375 allows attackers to cause a denial of 
service or ...)
+       TODO: check
+CVE-2017-14549 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code 
or cause ...)
+       TODO: check
+CVE-2017-14548 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code 
or cause ...)
+       TODO: check
+CVE-2017-14547 (STDU Viewer 1.6.375 allows attackers to cause a denial of 
service or ...)
+       TODO: check
+CVE-2017-14546 (STDU Viewer 1.6.375 allows attackers to cause a denial of 
service or ...)
+       TODO: check
+CVE-2017-14545 (STDU Viewer 1.6.375 allows attackers to cause a denial of 
service or ...)
+       TODO: check
+CVE-2017-14544 (STDU Viewer 1.6.375 allows attackers to cause a denial of 
service or ...)
+       TODO: check
+CVE-2017-14543 (STDU Viewer 1.6.375 allows attackers to cause a denial of 
service or ...)
+       TODO: check
+CVE-2017-14542 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code 
or cause ...)
+       TODO: check
+CVE-2017-14541 (XnView Classic for Windows Version 2.40 allows attackers to 
cause a ...)
+       TODO: check
+CVE-2017-14540 (IrfanView 4.44 - 32bit allows attackers to cause a denial of 
service or ...)
+       TODO: check
+CVE-2017-14539 (IrfanView 4.44 - 32bit allows attackers to cause a denial of 
service or ...)
+       TODO: check
+CVE-2017-14538 (XnView Classic for Windows Version 2.40 allows attackers to 
execute ...)
+       TODO: check
 CVE-2017-14537
        RESERVED
 CVE-2017-14536
@@ -205,6 +207,7 @@
        - libarchive <unfixed> (bug #875966)
        NOTE: https://github.com/libarchive/libarchive/issues/949
 CVE-2017-14500 (Improper Neutralization of Special Elements used in an OS 
Command in ...)
+       {DSA-3977-1}
        - newsbeuter 2.9-7 (bug #876004)
        NOTE: http://openwall.com/lists/oss-security/2017/09/16/1
        NOTE: newsbeuter-2.9.x: 
https://github.com/akrennmair/newsbeuter/commit/26f5a4350f3ab5507bb8727051c87bb04660f333
@@ -2080,7 +2083,7 @@
        NOT-FOR-US: ONOS
 CVE-2017-13762 (ONOS versions 1.8.0, 1.9.0, and 1.10.0 are vulnerable to XSS. 
...)
        NOT-FOR-US: ONOS
-CVE-2017-13761 (The Fastly CDN module before 1.2.26 for Magneto2, when used 
with a ...)
+CVE-2017-13761 (The Fastly CDN module before 1.2.26 for Magento2, when used 
with a ...)
        NOT-FOR-US: Fastly CDN module for Magento2
 CVE-2017-13760 (In The Sleuth Kit (TSK) 4.4.2, fls hangs on a corrupt exfat 
image in ...)
        - sleuthkit <unfixed> (unimportant; bug #873724)
@@ -11668,8 +11671,7 @@
        NOTE: http://subversion.apache.org/security/CVE-2017-9800-advisory.txt
 CVE-2017-9799 (It was found that under some situations and configurations of 
Apache ...)
        NOT-FOR-US: Apache Storm
-CVE-2017-9798
-       RESERVED
+CVE-2017-9798 (Apache httpd allows remote attackers to read secret data from 
process ...)
        - apache2 <unfixed> (bug #876109)
        NOTE: 
https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html
        NOTE: https://github.com/hannob/optionsbleed
@@ -24548,8 +24550,8 @@
        RESERVED
 CVE-2017-6148
        RESERVED
-CVE-2017-6147
-       RESERVED
+CVE-2017-6147 (In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link 
Controller, ...)
+       TODO: check
 CVE-2017-6146
        RESERVED
 CVE-2017-6145
@@ -34597,6 +34599,7 @@
 CVE-2017-2863 (An out-of-bounds write vulnerability exists in the PDF parsing 
...)
        NOT-FOR-US: Iceni Infix
 CVE-2017-2862 (An exploitable heap overflow vulnerability exists in the ...)
+       {DSA-3978-1}
        - gdk-pixbuf <unfixed> (bug #874552)
        NOTE: 
https://git.gnome.org/browse/gdk-pixbuf/commit/?id=c2a40a92fe3df4111ed9da51fe3368c079b86926
        NOTE: 
https://git.gnome.org/browse/gdk-pixbuf/commit/?id=6dd89e126a277460faafc1f679db44ccf78446fb
@@ -40340,8 +40343,7 @@
        {DSA-3731-1}
        - chromium-browser 55.0.2883.75-1
        [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-0380 [Stack disclosure in hidden services logs when SafeLogging 
disabled]
-       RESERVED
+CVE-2017-0380 (The rend_service_intro_established function in or/rendservice.c 
in Tor ...)
        - tor <unfixed>
        [jessie] - tor <not-affected> (Issue introduced in 0.2.7.2-alpha)
        [wheezy] - tor <not-affected> (Issue introduced in 0.2.7.2-alpha)
@@ -107035,8 +107037,8 @@
        RESERVED
 CVE-2014-6107 (IBM Security Identity Manager 6.x before 6.0.0.3 IF14 allows 
remote ...)
        NOT-FOR-US: IBM
-CVE-2014-6106
-       RESERVED
+CVE-2014-6106 (Cross-site request forgery (CSRF) vulnerability in IBM Security 
...)
+       TODO: check
 CVE-2014-6105 (IBM Security Identity Manager 6.x before 6.0.0.3 IF14 allows 
remote ...)
        NOT-FOR-US: IBM
 CVE-2014-6104


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to