[Secure-testing-commits] r37669 - data/CVE

Thu Nov 12 09:10:16 UTC 2015

Author: sectracker
Date: 2015-11-12 09:10:16 +0000 (Thu, 12 Nov 2015)
New Revision: 37669

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2015-11-11 20:58:46 UTC (rev 37668)
+++ data/CVE/list	2015-11-12 09:10:16 UTC (rev 37669)
@@ -1,3 +1,5 @@
+CVE-2015-8105 (Cross-site scripting (XSS) vulnerability in program/js/app.js in ...)
+	TODO: check
 CVE-2015-XXXX [directory traversal in servefile]
 	- servefile 0.4.4-1
 	[jessie] - servefile <no-dsa> (Minor issue)
@@ -142,16 +144,16 @@
 	RESERVED
 CVE-2015-8047
 	RESERVED
-CVE-2015-8046
-	RESERVED
+CVE-2015-8046 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 ...)
+	TODO: check
 CVE-2015-8045
 	RESERVED
-CVE-2015-8044
-	RESERVED
-CVE-2015-8043
-	RESERVED
-CVE-2015-8042
-	RESERVED
+CVE-2015-8044 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 ...)
+	TODO: check
+CVE-2015-8043 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 ...)
+	TODO: check
+CVE-2015-8042 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 ...)
+	TODO: check
 CVE-2015-8040 (The rtsp_getdlsendtime method in the CNC_Ctrl control in Samsung ...)
 	NOT-FOR-US: Samsung SmartViewer
 CVE-2015-8039 (Samsung SmartViewer allow remote attackers to execute arbitrary code ...)
@@ -252,8 +254,7 @@
 CVE-2015-XXXX
 	- cinnamon-settings-daemon <unfixed>
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/10/28/3
-CVE-2015-8025 [xscreensaver aborts when unpluging second monitor cable when asking password]
-	RESERVED
+CVE-2015-8025 (driver/subprocs.c in XScreenSaver before 5.34 does not properly ...)
 	{DLA-338-1}
 	- xscreensaver 5.34-1 (bug #802914)
 	NOTE: http://pkgs.fedoraproject.org/cgit/xscreensaver.git/plain/xscreensaver-5.33-0002-Modify-sigchld_hander-in_signal_hander_p-mechanism.patch?id=b57f59f3482fedf70ce7a3541094e2512290139f
@@ -298,14 +299,14 @@
 	RESERVED
 CVE-2015-7996
 	RESERVED
-CVE-2015-7994
-	RESERVED
-CVE-2015-7993
-	RESERVED
-CVE-2015-7992
-	RESERVED
-CVE-2015-7991
-	RESERVED
+CVE-2015-7994 (The SQL interface in SAP HANA DB 1.00.73.00.389160 (NewDB100_REL) ...)
+	TODO: check
+CVE-2015-7993 (The Extended Application Services (aka XS or XS Engine) in SAP HANA DB ...)
+	TODO: check
+CVE-2015-7992 (SAP HANA DB 1.00.73.00.389160 (NewDB100_REL) allows remote ...)
+	TODO: check
+CVE-2015-7991 (The Web Dispatcher service in SAP HANA DB 1.00.73.00.389160 ...)
+	TODO: check
 CVE-2015-7988
 	RESERVED
 CVE-2015-7987
@@ -799,8 +800,8 @@
 	RESERVED
 CVE-2015-7829 (Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, ...)
 	NOT-FOR-US: Adobe
-CVE-2015-7828
-	RESERVED
+CVE-2015-7828 (SAP HANA Database 1.00 SPS10 and earlier do not require ...)
+	TODO: check
 CVE-2015-7827
 	RESERVED
 CVE-2015-7826
@@ -1343,32 +1344,32 @@
 	RESERVED
 CVE-2015-7664
 	RESERVED
-CVE-2015-7663
-	RESERVED
-CVE-2015-7662
-	RESERVED
-CVE-2015-7661
-	RESERVED
-CVE-2015-7660
-	RESERVED
-CVE-2015-7659
-	RESERVED
-CVE-2015-7658
-	RESERVED
-CVE-2015-7657
-	RESERVED
-CVE-2015-7656
-	RESERVED
-CVE-2015-7655
-	RESERVED
-CVE-2015-7654
-	RESERVED
-CVE-2015-7653
-	RESERVED
-CVE-2015-7652
-	RESERVED
-CVE-2015-7651
-	RESERVED
+CVE-2015-7663 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 ...)
+	TODO: check
+CVE-2015-7662 (Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on ...)
+	TODO: check
+CVE-2015-7661 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 ...)
+	TODO: check
+CVE-2015-7660 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 ...)
+	TODO: check
+CVE-2015-7659 (Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on ...)
+	TODO: check
+CVE-2015-7658 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 ...)
+	TODO: check
+CVE-2015-7657 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 ...)
+	TODO: check
+CVE-2015-7656 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 ...)
+	TODO: check
+CVE-2015-7655 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 ...)
+	TODO: check
+CVE-2015-7654 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 ...)
+	TODO: check
+CVE-2015-7653 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 ...)
+	TODO: check
+CVE-2015-7652 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 ...)
+	TODO: check
+CVE-2015-7651 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 ...)
+	TODO: check
 CVE-2015-7650 (Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, ...)
 	TODO: check
 CVE-2015-7649 (Adobe Shockwave Player before 12.2.1.171 allows attackers to execute ...)
@@ -4902,8 +4903,8 @@
 	RESERVED
 CVE-2015-6124
 	RESERVED
-CVE-2015-6123
-	RESERVED
+CVE-2015-6123 (Cross-site scripting (XSS) vulnerability in Microsoft Excel for Mac ...)
+	TODO: check
 CVE-2015-6122
 	RESERVED
 CVE-2015-6121
@@ -4918,20 +4919,20 @@
 	RESERVED
 CVE-2015-6116
 	RESERVED
-CVE-2015-6115
-	RESERVED
+CVE-2015-6115 (Microsoft .NET Framework 2.0 SP2, 3.5, and 3.5.1 allows remote ...)
+	TODO: check
 CVE-2015-6114
 	RESERVED
-CVE-2015-6113
-	RESERVED
-CVE-2015-6112
-	RESERVED
-CVE-2015-6111
-	RESERVED
+CVE-2015-6113 (The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+	TODO: check
+CVE-2015-6112 (SChannel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+	TODO: check
+CVE-2015-6111 (IPSec in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold ...)
+	TODO: check
 CVE-2015-6110
 	RESERVED
-CVE-2015-6109
-	RESERVED
+CVE-2015-6109 (The kernel in Microsoft Windows 8.1, Windows Server 2012 R2, Windows ...)
+	TODO: check
 CVE-2015-6108
 	RESERVED
 CVE-2015-6107
@@ -4940,94 +4941,94 @@
 	RESERVED
 CVE-2015-6105
 	RESERVED
-CVE-2015-6104
-	RESERVED
-CVE-2015-6103
-	RESERVED
-CVE-2015-6102
-	RESERVED
-CVE-2015-6101
-	RESERVED
-CVE-2015-6100
-	RESERVED
-CVE-2015-6099
-	RESERVED
-CVE-2015-6098
-	RESERVED
-CVE-2015-6097
-	RESERVED
-CVE-2015-6096
-	RESERVED
-CVE-2015-6095
-	RESERVED
-CVE-2015-6094
-	RESERVED
-CVE-2015-6093
-	RESERVED
-CVE-2015-6092
-	RESERVED
-CVE-2015-6091
-	RESERVED
+CVE-2015-6104 (The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows ...)
+	TODO: check
+CVE-2015-6103 (The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows ...)
+	TODO: check
+CVE-2015-6102 (The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+	TODO: check
+CVE-2015-6101 (The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+	TODO: check
+CVE-2015-6100 (The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+	TODO: check
+CVE-2015-6099 (Cross-site scripting (XSS) vulnerability in ASP.NET in Microsoft .NET ...)
+	TODO: check
+CVE-2015-6098 (Buffer overflow in the Network Driver Interface Standard (NDIS) ...)
+	TODO: check
+CVE-2015-6097 (Heap-based buffer overflow in Windows Journal in Microsoft Windows ...)
+	TODO: check
+CVE-2015-6096 (The XML DTD parser in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, ...)
+	TODO: check
+CVE-2015-6095 (Kerberos in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+	TODO: check
+CVE-2015-6094 (Microsoft Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel ...)
+	TODO: check
+CVE-2015-6093 (Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office ...)
+	TODO: check
+CVE-2015-6092 (Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 ...)
+	TODO: check
+CVE-2015-6091 (Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 ...)
+	TODO: check
 CVE-2015-6090
 	RESERVED
-CVE-2015-6089
-	RESERVED
-CVE-2015-6088
-	RESERVED
-CVE-2015-6087
-	RESERVED
-CVE-2015-6086
-	RESERVED
-CVE-2015-6085
-	RESERVED
-CVE-2015-6084
-	RESERVED
+CVE-2015-6089 (The Microsoft (1) VBScript and (2) JScript engines, as used in ...)
+	TODO: check
+CVE-2015-6088 (Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow ...)
+	TODO: check
+CVE-2015-6087 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ...)
+	TODO: check
+CVE-2015-6086 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+	TODO: check
+CVE-2015-6085 (Microsoft Internet Explorer 10 and 11 allows remote attackers to ...)
+	TODO: check
+CVE-2015-6084 (Microsoft Internet Explorer 10 and 11 allows remote attackers to ...)
+	TODO: check
 CVE-2015-6083
 	RESERVED
-CVE-2015-6082
-	RESERVED
-CVE-2015-6081
-	RESERVED
-CVE-2015-6080
-	RESERVED
-CVE-2015-6079
-	RESERVED
-CVE-2015-6078
-	RESERVED
-CVE-2015-6077
-	RESERVED
-CVE-2015-6076
-	RESERVED
-CVE-2015-6075
-	RESERVED
-CVE-2015-6074
-	RESERVED
-CVE-2015-6073
-	RESERVED
-CVE-2015-6072
-	RESERVED
-CVE-2015-6071
-	RESERVED
-CVE-2015-6070
-	RESERVED
-CVE-2015-6069
-	RESERVED
-CVE-2015-6068
-	RESERVED
+CVE-2015-6082 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+	TODO: check
+CVE-2015-6081 (Microsoft Internet Explorer 8 through 11 allows remote attackers to ...)
+	TODO: check
+CVE-2015-6080 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+	TODO: check
+CVE-2015-6079 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+	TODO: check
+CVE-2015-6078 (Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow ...)
+	TODO: check
+CVE-2015-6077 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+	TODO: check
+CVE-2015-6076 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ...)
+	TODO: check
+CVE-2015-6075 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+	TODO: check
+CVE-2015-6074 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ...)
+	TODO: check
+CVE-2015-6073 (Microsoft Internet Explorer 11 and Microsoft Edge allow remote ...)
+	TODO: check
+CVE-2015-6072 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+	TODO: check
+CVE-2015-6071 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ...)
+	TODO: check
+CVE-2015-6070 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ...)
+	TODO: check
+CVE-2015-6069 (Microsoft Internet Explorer 8 through 11 allows remote attackers to ...)
+	TODO: check
+CVE-2015-6068 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+	TODO: check
 CVE-2015-6067
 	RESERVED
-CVE-2015-6066
-	RESERVED
-CVE-2015-6065
-	RESERVED
-CVE-2015-6064
-	RESERVED
+CVE-2015-6066 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ...)
+	TODO: check
+CVE-2015-6065 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+	TODO: check
+CVE-2015-6064 (Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote ...)
+	TODO: check
 CVE-2015-6063
 	RESERVED
 CVE-2015-6062
 	RESERVED
-CVE-2015-6061
-	RESERVED
+CVE-2015-6061 (Cross-site scripting (XSS) vulnerability in Microsoft Skype for ...)
+	TODO: check
 CVE-2015-6060
 	RESERVED
 CVE-2015-6059 (The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 ...)
@@ -5072,8 +5073,8 @@
 	RESERVED
 CVE-2015-6039 (Cross-site scripting (XSS) vulnerability in Microsoft SharePoint ...)
 	NOT-FOR-US: Microsoft
-CVE-2015-6038
-	RESERVED
+CVE-2015-6038 (Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 ...)
+	TODO: check
 CVE-2015-6037 (Cross-site scripting (XSS) vulnerability in Microsoft Excel Services ...)
 	NOT-FOR-US: Microsoft
 CVE-2015-6036
@@ -7554,18 +7555,15 @@
 CVE-2015-5215
 	RESERVED
 	NOT-FOR-US: Ipsilon
-CVE-2015-5214
-	RESERVED
+CVE-2015-5214 (LibreOffice before 4.4.6 and 5.x before 5.0.1 and Apache OpenOffice ...)
 	{DSA-3394-1}
 	- libreoffice 1:5.0.1~rc2-1
 	NOTE: https://www.libreoffice.org/about-us/security/advisories/cve-2015-5214/
-CVE-2015-5213
-	RESERVED
+CVE-2015-5213 (Integer overflow in LibreOffice before 4.4.5 and Apache OpenOffice ...)
 	{DSA-3394-1}
 	- libreoffice 1:5.0.1~rc1-1
 	NOTE: https://www.libreoffice.org/about-us/security/advisories/cve-2015-5213/
-CVE-2015-5212
-	RESERVED
+CVE-2015-5212 (Integer underflow in LibreOffice before 4.4.5 and Apache OpenOffice ...)
 	{DSA-3394-1}
 	- libreoffice 1:5.0.1~rc1-1
 	NOTE: https://www.libreoffice.org/about-us/security/advisories/cve-2015-5212/
@@ -9351,8 +9349,7 @@
 	RESERVED
 CVE-2015-4552 (Cross-site scripting (XSS) vulnerability in the quick edit function in ...)
 	NOT-FOR-US: MyBB
-CVE-2015-4551
-	RESERVED
+CVE-2015-4551 (LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2 uses the ...)
 	{DSA-3394-1}
 	- libreoffice 1:5.0.1~rc1-1
 	NOTE: https://www.libreoffice.org/about-us/security/advisories/cve-2015-4551/
@@ -15507,8 +15504,8 @@
 	NOT-FOR-US: Microsoft Exchange
 CVE-2015-2504 (Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, ...)
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2015-2503
-	RESERVED
+CVE-2015-2503 (Microsoft Access 2007 SP3, Excel 2007 SP3, InfoPath 2007 SP3, OneNote ...)
+	TODO: check
 CVE-2015-2502 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2015-2501 (Microsoft Internet Explorer 9 allows remote attackers to execute ...)
@@ -15557,8 +15554,8 @@
 	NOT-FOR-US: Microsoft .NET Framework
 CVE-2015-2479 (The RyuJIT compiler in Microsoft .NET Framework 4.6 produces incorrect ...)
 	NOT-FOR-US: Microsoft .NET Framework
-CVE-2015-2478
-	RESERVED
+CVE-2015-2478 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, ...)
+	TODO: check
 CVE-2015-2477 (Microsoft Office 2007 SP3, Office for Mac 2011, Office for Mac 2016, ...)
 	NOT-FOR-US: Microsoft Office
 CVE-2015-2476 (The WebDAV client in Microsoft Windows Vista SP2, Windows Server 2008 ...)
@@ -15659,8 +15656,8 @@
 	NOT-FOR-US: Microsoft Windows
 CVE-2015-2428 (Object Manager in Microsoft Windows Vista SP2, Windows Server 2008 SP2 ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2015-2427
-	RESERVED
+CVE-2015-2427 (Microsoft Internet Explorer 9 allows remote attackers to execute ...)
+	TODO: check
 CVE-2015-2426 (Buffer underflow in atmfd.dll in the Windows Adobe Type Manager ...)
 	NOT-FOR-US: Microsoft Adobe Type Manager Library
 CVE-2015-2425 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
@@ -19388,8 +19385,7 @@
 	[jessie] - chromium-browser <no-dsa> (minor issue)
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1302
-	RESERVED
+CVE-2015-1302 (The PDF viewer in Google Chrome before 46.0.2490.86 does not properly ...)
 	- chromium-browser <unfixed>
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>


