[Secure-testing-commits] r56639 - data/CVE

Moritz Muehlenhoff Thu, 12 Oct 2017 02:18:05 -0700

Author: jmm
Date: 2017-10-12 09:16:58 +0000 (Thu, 12 Oct 2017)
New Revision: 56639


Modified:
   data/CVE/list
Log:
new sqlite issue
NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-10-12 09:15:23 UTC (rev 56638)
+++ data/CVE/list       2017-10-12 09:16:58 UTC (rev 56639)
@@ -3,7 +3,8 @@
 CVE-2017-15287
        RESERVED
 CVE-2017-15286 (SQLite 3.20.1 has a NULL pointer dereference in 
tableColumnList in ...)
-       TODO: check
+       - sqlite3 <unfixed> (low)
+       NOTE: https://github.com/Ha0Team/crash-of-sqlite3/blob/master/poc.md
 CVE-2017-15285 (X-Cart 5.2.23, 5.3.1.9, 5.3.2.13, and 5.3.3 is vulnerable to 
Remote ...)
        NOT-FOR-US: X-Cart
 CVE-2017-15284 (Cross-Site Scripting exists in OctoberCMS 1.0.425 (aka Build 
425), ...)
@@ -1908,9 +1909,9 @@
 CVE-2017-14589
        RESERVED
 CVE-2017-14588 (Various resources in Atlassian FishEye and Crucible before 
version ...)
-       TODO: check
+       NOT-FOR-US: Atlassian
 CVE-2017-14587 (The administration user deletion resource in Atlassian FishEye 
and ...)
-       TODO: check
+       NOT-FOR-US: Atlassian
 CVE-2017-14586
        RESERVED
 CVE-2017-14585


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r56639 - data/CVE

Reply via email to