[Secure-testing-commits] r37488 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sun Nov 1 16:10:08 UTC 2015
Author: carnil
Date: 2015-11-01 16:10:08 +0000 (Sun, 01 Nov 2015)
New Revision: 37488
Modified:
data/CVE/list
Log:
Add another round of NFU in Apple and Microsoft products
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-11-01 16:04:53 UTC (rev 37487)
+++ data/CVE/list 2015-11-01 16:10:08 UTC (rev 37488)
@@ -2485,7 +2485,7 @@
CVE-2015-7032 (The Apple iWork application before 2.6 for iOS, Apple Keynote before ...)
TODO: check
CVE-2015-7031 (The Web Service component in Apple OS X Server before 5.0.15 omits an ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-7030 (The Swift implementation in Apple Xcode before 7.1 mishandles type ...)
TODO: check
CVE-2015-7029
@@ -2501,105 +2501,105 @@
CVE-2015-7024
RESERVED
CVE-2015-7023 (CFNetwork in Apple iOS before 9.1 and OS X before 10.11.1 does not ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-7022 (The Telephony subsystem in Apple iOS before 9.1 allows attackers to ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-7021 (The Graphics Drivers subsystem in Apple OS X before 10.11.1 allows ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-7020 (The NVIDIA driver in the Graphics Drivers subsystem in Apple OS X ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-7019 (The NVIDIA driver in the Graphics Drivers subsystem in Apple OS X ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-7018 (FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-7017 (CoreText in Apple iOS before 9.1, OS X before 10.11.1, and iTunes ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-7016 (The MCX Application Restrictions component in Apple OS X before ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-7015 (Heap-based buffer overflow in the DNS client library in configd in ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-7014 (WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-7013 (WebKit, as used in Apple Safari before 9.0.1 and iTunes before 12.3.1, ...)
TODO: check
CVE-2015-7012 (WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-7011 (WebKit, as used in Apple Safari before 9.0.1 and iTunes before 12.3.1, ...)
TODO: check
CVE-2015-7010 (FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-7009 (FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-7008 (FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-7007 (Script Editor in Apple OS X before 10.11.1 allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-7006 (Directory traversal vulnerability in the BOM (aka Bill of Materials) ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-7005 (WebKit, as used in Apple iOS before 9.1, allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-7004 (The kernel in Apple iOS before 9.1 allows attackers to cause a denial ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-7003 (coreaudiod in Audio in Apple OS X before 10.11.1 does not initialize ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-7002 (WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-7001
RESERVED
CVE-2015-7000 (Notification Center in Apple iOS before 9.1 mishandles changes to ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-6999 (The OCSP client in Apple iOS before 9.1 does not check for certificate ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-6998
RESERVED
CVE-2015-6997 (The X.509 certificate-trust implementation in Apple iOS before 9.1 ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-6996 (IOAcceleratorFamily in Apple iOS before 9.1, OS X before 10.11.1, and ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-6995 (The Disk Images component in Apple iOS before 9.1 and OS X before ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-6994 (The kernel in Apple iOS before 9.1 and OS X before 10.11.1 mishandles ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-6993 (FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-6992 (CoreText in Apple iOS before 9.1, OS X before 10.11.1, and iTunes ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-6991 (FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-6990 (FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-6989 (Grand Central Dispatch in Apple iOS before 9.1, OS X before 10.11.1, ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-6988 (The kernel in Apple iOS before 9.1 and OS X before 10.11.1 does not ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-6987 (The File Bookmark component in Apple OS X before 10.11.1 allows local ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-6986 (com.apple.driver.AppleVXD393 in the Graphics Driver subsystem in Apple ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-6985 (Apple Type Services (ATS) in Apple OS X before 10.11.1 allows remote ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-6984 (libarchive in Apple OS X before 10.11.1 allows attackers to write to ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-6983 (Double free vulnerability in Apple iOS before 9.1 and OS X before ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-6982 (WebKit, as used in Apple iOS before 9.1, allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-6981 (WebKit, as used in Apple iOS before 9.1, allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-6980
RESERVED
CVE-2015-6979 (GasGauge in Apple iOS before 9.1 allows attackers to execute arbitrary ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-6978 (FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-6977 (FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-6976 (FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-6975 (CoreText in Apple iOS before 9.1, OS X before 10.11.1, and iTunes ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-6974 (IOHIDFamily in Apple iOS before 9.1, OS X before 10.11.1, and watchOS ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-6973 (Multiple cross-site request forgery (CSRF) vulnerabilities in Ignite ...)
NOT-FOR-US: Openfire
CVE-2015-6972 (Multiple cross-site scripting (XSS) vulnerabilities in Ignite Realtime ...)
@@ -4752,9 +4752,9 @@
CVE-2015-6059 (The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 ...)
TODO: check
CVE-2015-6058 (Microsoft Edge mishandles HTML attributes in HTTP responses, which ...)
- TODO: check
+ NOT-FOR-US: Microsoft Edge
CVE-2015-6057 (Microsoft Edge allows remote attackers to obtain sensitive information ...)
- TODO: check
+ NOT-FOR-US: Microsoft Edge
CVE-2015-6056 (The (1) JScript and (2) VBScript engines in Microsoft Internet ...)
NOT-FOR-US: Microsoft Internet Explorer
CVE-2015-6055 (The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 ...)
@@ -5167,53 +5167,53 @@
CVE-2015-5946
RESERVED
CVE-2015-5945 (The Sandbox subsystem in Apple OS X before 10.11.1 allows local users ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-5944 (CoreText in Apple OS X before 10.11.1 allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-5943 (SecurityAgent in Apple OS X before 10.11.1 does not prevent synthetic ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-5942 (FontParser in Apple iOS before 9.1, OS X before 10.11.1, and watchOS ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-5941
RESERVED
CVE-2015-5940 (The Accelerate Framework component in Apple iOS before 9.1 and OS X ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-5939 (ImageIO in Apple iOS before 9.1, OS X before 10.11.1, and watchOS ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-5938 (ImageIO in Apple OS X before 10.11.1 allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-5937 (ImageIO in Apple iOS before 9.1, OS X before 10.11.1, and watchOS ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-5936 (ImageIO in Apple iOS before 9.1, OS X before 10.11.1, and watchOS ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-5935 (ImageIO in Apple iOS before 9.1, OS X before 10.11.1, and watchOS ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-5934 (Audio in Apple OS X before 10.11.1 allows remote attackers to execute ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-5933 (Audio in Apple OS X before 10.11.1 allows remote attackers to execute ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-5932 (The kernel in Apple OS X before 10.11.1 allows local users to gain ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-5931 (WebKit, as used in Apple Safari before 9.0.1 and iTunes before 12.3.1, ...)
TODO: check
CVE-2015-5930 (WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-5929 (WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-5928 (WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-5927 (FontParser in Apple iOS before 9.1, OS X before 10.11.1, and watchOS ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-5926 (The CoreGraphics component in Apple iOS before 9.1, OS X before ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-5925 (The CoreGraphics component in Apple iOS before 9.1, OS X before ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-5924 (The OpenGL implementation in Apple iOS before 9.1 and OS X before ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-5923 (Apple iOS before 9.0.2 does not properly restrict the options ...)
TODO: check
CVE-2015-5922 (Unspecified vulnerability in International Components for Unicode ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2015-5921 (WebKit in Apple iOS before 9 mishandles "Content-Disposition: ...)
NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
CVE-2015-5920 (The Software Update component in Apple iTunes before 12.3 does not ...)
More information about the Secure-testing-commits
mailing list