[Secure-testing-commits] r37669 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Thu Nov 12 09:10:16 UTC 2015
Author: sectracker
Date: 2015-11-12 09:10:16 +0000 (Thu, 12 Nov 2015)
New Revision: 37669
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-11-11 20:58:46 UTC (rev 37668)
+++ data/CVE/list 2015-11-12 09:10:16 UTC (rev 37669)
@@ -1,3 +1,5 @@
+CVE-2015-8105 (Cross-site scripting (XSS) vulnerability in program/js/app.js in ...)
+ TODO: check
CVE-2015-XXXX [directory traversal in servefile]
- servefile 0.4.4-1
[jessie] - servefile <no-dsa> (Minor issue)
@@ -142,16 +144,16 @@
RESERVED
CVE-2015-8047
RESERVED
-CVE-2015-8046
- RESERVED
+CVE-2015-8046 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 ...)
+ TODO: check
CVE-2015-8045
RESERVED
-CVE-2015-8044
- RESERVED
-CVE-2015-8043
- RESERVED
-CVE-2015-8042
- RESERVED
+CVE-2015-8044 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 ...)
+ TODO: check
+CVE-2015-8043 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 ...)
+ TODO: check
+CVE-2015-8042 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 ...)
+ TODO: check
CVE-2015-8040 (The rtsp_getdlsendtime method in the CNC_Ctrl control in Samsung ...)
NOT-FOR-US: Samsung SmartViewer
CVE-2015-8039 (Samsung SmartViewer allow remote attackers to execute arbitrary code ...)
@@ -252,8 +254,7 @@
CVE-2015-XXXX
- cinnamon-settings-daemon <unfixed>
NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/10/28/3
-CVE-2015-8025 [xscreensaver aborts when unpluging second monitor cable when asking password]
- RESERVED
+CVE-2015-8025 (driver/subprocs.c in XScreenSaver before 5.34 does not properly ...)
{DLA-338-1}
- xscreensaver 5.34-1 (bug #802914)
NOTE: http://pkgs.fedoraproject.org/cgit/xscreensaver.git/plain/xscreensaver-5.33-0002-Modify-sigchld_hander-in_signal_hander_p-mechanism.patch?id=b57f59f3482fedf70ce7a3541094e2512290139f
@@ -298,14 +299,14 @@
RESERVED
CVE-2015-7996
RESERVED
-CVE-2015-7994
- RESERVED
-CVE-2015-7993
- RESERVED
-CVE-2015-7992
- RESERVED
-CVE-2015-7991
- RESERVED
+CVE-2015-7994 (The SQL interface in SAP HANA DB 1.00.73.00.389160 (NewDB100_REL) ...)
+ TODO: check
+CVE-2015-7993 (The Extended Application Services (aka XS or XS Engine) in SAP HANA DB ...)
+ TODO: check
+CVE-2015-7992 (SAP HANA DB 1.00.73.00.389160 (NewDB100_REL) allows remote ...)
+ TODO: check
+CVE-2015-7991 (The Web Dispatcher service in SAP HANA DB 1.00.73.00.389160 ...)
+ TODO: check
CVE-2015-7988
RESERVED
CVE-2015-7987
@@ -799,8 +800,8 @@
RESERVED
CVE-2015-7829 (Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, ...)
NOT-FOR-US: Adobe
-CVE-2015-7828
- RESERVED
+CVE-2015-7828 (SAP HANA Database 1.00 SPS10 and earlier do not require ...)
+ TODO: check
CVE-2015-7827
RESERVED
CVE-2015-7826
@@ -1343,32 +1344,32 @@
RESERVED
CVE-2015-7664
RESERVED
-CVE-2015-7663
- RESERVED
-CVE-2015-7662
- RESERVED
-CVE-2015-7661
- RESERVED
-CVE-2015-7660
- RESERVED
-CVE-2015-7659
- RESERVED
-CVE-2015-7658
- RESERVED
-CVE-2015-7657
- RESERVED
-CVE-2015-7656
- RESERVED
-CVE-2015-7655
- RESERVED
-CVE-2015-7654
- RESERVED
-CVE-2015-7653
- RESERVED
-CVE-2015-7652
- RESERVED
-CVE-2015-7651
- RESERVED
+CVE-2015-7663 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 ...)
+ TODO: check
+CVE-2015-7662 (Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on ...)
+ TODO: check
+CVE-2015-7661 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 ...)
+ TODO: check
+CVE-2015-7660 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 ...)
+ TODO: check
+CVE-2015-7659 (Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on ...)
+ TODO: check
+CVE-2015-7658 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 ...)
+ TODO: check
+CVE-2015-7657 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 ...)
+ TODO: check
+CVE-2015-7656 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 ...)
+ TODO: check
+CVE-2015-7655 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 ...)
+ TODO: check
+CVE-2015-7654 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 ...)
+ TODO: check
+CVE-2015-7653 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 ...)
+ TODO: check
+CVE-2015-7652 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 ...)
+ TODO: check
+CVE-2015-7651 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 ...)
+ TODO: check
CVE-2015-7650 (Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, ...)
TODO: check
CVE-2015-7649 (Adobe Shockwave Player before 12.2.1.171 allows attackers to execute ...)
@@ -4902,8 +4903,8 @@
RESERVED
CVE-2015-6124
RESERVED
-CVE-2015-6123
- RESERVED
+CVE-2015-6123 (Cross-site scripting (XSS) vulnerability in Microsoft Excel for Mac ...)
+ TODO: check
CVE-2015-6122
RESERVED
CVE-2015-6121
@@ -4918,20 +4919,20 @@
RESERVED
CVE-2015-6116
RESERVED
-CVE-2015-6115
- RESERVED
+CVE-2015-6115 (Microsoft .NET Framework 2.0 SP2, 3.5, and 3.5.1 allows remote ...)
+ TODO: check
CVE-2015-6114
RESERVED
-CVE-2015-6113
- RESERVED
-CVE-2015-6112
- RESERVED
-CVE-2015-6111
- RESERVED
+CVE-2015-6113 (The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+ TODO: check
+CVE-2015-6112 (SChannel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+ TODO: check
+CVE-2015-6111 (IPSec in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold ...)
+ TODO: check
CVE-2015-6110
RESERVED
-CVE-2015-6109
- RESERVED
+CVE-2015-6109 (The kernel in Microsoft Windows 8.1, Windows Server 2012 R2, Windows ...)
+ TODO: check
CVE-2015-6108
RESERVED
CVE-2015-6107
@@ -4940,94 +4941,94 @@
RESERVED
CVE-2015-6105
RESERVED
-CVE-2015-6104
- RESERVED
-CVE-2015-6103
- RESERVED
-CVE-2015-6102
- RESERVED
-CVE-2015-6101
- RESERVED
-CVE-2015-6100
- RESERVED
-CVE-2015-6099
- RESERVED
-CVE-2015-6098
- RESERVED
-CVE-2015-6097
- RESERVED
-CVE-2015-6096
- RESERVED
-CVE-2015-6095
- RESERVED
-CVE-2015-6094
- RESERVED
-CVE-2015-6093
- RESERVED
-CVE-2015-6092
- RESERVED
-CVE-2015-6091
- RESERVED
+CVE-2015-6104 (The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows ...)
+ TODO: check
+CVE-2015-6103 (The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows ...)
+ TODO: check
+CVE-2015-6102 (The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+ TODO: check
+CVE-2015-6101 (The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+ TODO: check
+CVE-2015-6100 (The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+ TODO: check
+CVE-2015-6099 (Cross-site scripting (XSS) vulnerability in ASP.NET in Microsoft .NET ...)
+ TODO: check
+CVE-2015-6098 (Buffer overflow in the Network Driver Interface Standard (NDIS) ...)
+ TODO: check
+CVE-2015-6097 (Heap-based buffer overflow in Windows Journal in Microsoft Windows ...)
+ TODO: check
+CVE-2015-6096 (The XML DTD parser in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, ...)
+ TODO: check
+CVE-2015-6095 (Kerberos in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+ TODO: check
+CVE-2015-6094 (Microsoft Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel ...)
+ TODO: check
+CVE-2015-6093 (Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office ...)
+ TODO: check
+CVE-2015-6092 (Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 ...)
+ TODO: check
+CVE-2015-6091 (Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 ...)
+ TODO: check
CVE-2015-6090
RESERVED
-CVE-2015-6089
- RESERVED
-CVE-2015-6088
- RESERVED
-CVE-2015-6087
- RESERVED
-CVE-2015-6086
- RESERVED
-CVE-2015-6085
- RESERVED
-CVE-2015-6084
- RESERVED
+CVE-2015-6089 (The Microsoft (1) VBScript and (2) JScript engines, as used in ...)
+ TODO: check
+CVE-2015-6088 (Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow ...)
+ TODO: check
+CVE-2015-6087 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ...)
+ TODO: check
+CVE-2015-6086 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+ TODO: check
+CVE-2015-6085 (Microsoft Internet Explorer 10 and 11 allows remote attackers to ...)
+ TODO: check
+CVE-2015-6084 (Microsoft Internet Explorer 10 and 11 allows remote attackers to ...)
+ TODO: check
CVE-2015-6083
RESERVED
-CVE-2015-6082
- RESERVED
-CVE-2015-6081
- RESERVED
-CVE-2015-6080
- RESERVED
-CVE-2015-6079
- RESERVED
-CVE-2015-6078
- RESERVED
-CVE-2015-6077
- RESERVED
-CVE-2015-6076
- RESERVED
-CVE-2015-6075
- RESERVED
-CVE-2015-6074
- RESERVED
-CVE-2015-6073
- RESERVED
-CVE-2015-6072
- RESERVED
-CVE-2015-6071
- RESERVED
-CVE-2015-6070
- RESERVED
-CVE-2015-6069
- RESERVED
-CVE-2015-6068
- RESERVED
+CVE-2015-6082 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+ TODO: check
+CVE-2015-6081 (Microsoft Internet Explorer 8 through 11 allows remote attackers to ...)
+ TODO: check
+CVE-2015-6080 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+ TODO: check
+CVE-2015-6079 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+ TODO: check
+CVE-2015-6078 (Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow ...)
+ TODO: check
+CVE-2015-6077 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+ TODO: check
+CVE-2015-6076 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ...)
+ TODO: check
+CVE-2015-6075 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+ TODO: check
+CVE-2015-6074 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ...)
+ TODO: check
+CVE-2015-6073 (Microsoft Internet Explorer 11 and Microsoft Edge allow remote ...)
+ TODO: check
+CVE-2015-6072 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+ TODO: check
+CVE-2015-6071 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ...)
+ TODO: check
+CVE-2015-6070 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ...)
+ TODO: check
+CVE-2015-6069 (Microsoft Internet Explorer 8 through 11 allows remote attackers to ...)
+ TODO: check
+CVE-2015-6068 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
+ TODO: check
CVE-2015-6067
RESERVED
-CVE-2015-6066
- RESERVED
-CVE-2015-6065
- RESERVED
-CVE-2015-6064
- RESERVED
+CVE-2015-6066 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ...)
+ TODO: check
+CVE-2015-6065 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...)
+ TODO: check
+CVE-2015-6064 (Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote ...)
+ TODO: check
CVE-2015-6063
RESERVED
CVE-2015-6062
RESERVED
-CVE-2015-6061
- RESERVED
+CVE-2015-6061 (Cross-site scripting (XSS) vulnerability in Microsoft Skype for ...)
+ TODO: check
CVE-2015-6060
RESERVED
CVE-2015-6059 (The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 ...)
@@ -5072,8 +5073,8 @@
RESERVED
CVE-2015-6039 (Cross-site scripting (XSS) vulnerability in Microsoft SharePoint ...)
NOT-FOR-US: Microsoft
-CVE-2015-6038
- RESERVED
+CVE-2015-6038 (Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 ...)
+ TODO: check
CVE-2015-6037 (Cross-site scripting (XSS) vulnerability in Microsoft Excel Services ...)
NOT-FOR-US: Microsoft
CVE-2015-6036
@@ -7554,18 +7555,15 @@
CVE-2015-5215
RESERVED
NOT-FOR-US: Ipsilon
-CVE-2015-5214
- RESERVED
+CVE-2015-5214 (LibreOffice before 4.4.6 and 5.x before 5.0.1 and Apache OpenOffice ...)
{DSA-3394-1}
- libreoffice 1:5.0.1~rc2-1
NOTE: https://www.libreoffice.org/about-us/security/advisories/cve-2015-5214/
-CVE-2015-5213
- RESERVED
+CVE-2015-5213 (Integer overflow in LibreOffice before 4.4.5 and Apache OpenOffice ...)
{DSA-3394-1}
- libreoffice 1:5.0.1~rc1-1
NOTE: https://www.libreoffice.org/about-us/security/advisories/cve-2015-5213/
-CVE-2015-5212
- RESERVED
+CVE-2015-5212 (Integer underflow in LibreOffice before 4.4.5 and Apache OpenOffice ...)
{DSA-3394-1}
- libreoffice 1:5.0.1~rc1-1
NOTE: https://www.libreoffice.org/about-us/security/advisories/cve-2015-5212/
@@ -9351,8 +9349,7 @@
RESERVED
CVE-2015-4552 (Cross-site scripting (XSS) vulnerability in the quick edit function in ...)
NOT-FOR-US: MyBB
-CVE-2015-4551
- RESERVED
+CVE-2015-4551 (LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2 uses the ...)
{DSA-3394-1}
- libreoffice 1:5.0.1~rc1-1
NOTE: https://www.libreoffice.org/about-us/security/advisories/cve-2015-4551/
@@ -15507,8 +15504,8 @@
NOT-FOR-US: Microsoft Exchange
CVE-2015-2504 (Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, ...)
NOT-FOR-US: Microsoft .NET Framework
-CVE-2015-2503
- RESERVED
+CVE-2015-2503 (Microsoft Access 2007 SP3, Excel 2007 SP3, InfoPath 2007 SP3, OneNote ...)
+ TODO: check
CVE-2015-2502 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ...)
NOT-FOR-US: Microsoft Internet Explorer
CVE-2015-2501 (Microsoft Internet Explorer 9 allows remote attackers to execute ...)
@@ -15557,8 +15554,8 @@
NOT-FOR-US: Microsoft .NET Framework
CVE-2015-2479 (The RyuJIT compiler in Microsoft .NET Framework 4.6 produces incorrect ...)
NOT-FOR-US: Microsoft .NET Framework
-CVE-2015-2478
- RESERVED
+CVE-2015-2478 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, ...)
+ TODO: check
CVE-2015-2477 (Microsoft Office 2007 SP3, Office for Mac 2011, Office for Mac 2016, ...)
NOT-FOR-US: Microsoft Office
CVE-2015-2476 (The WebDAV client in Microsoft Windows Vista SP2, Windows Server 2008 ...)
@@ -15659,8 +15656,8 @@
NOT-FOR-US: Microsoft Windows
CVE-2015-2428 (Object Manager in Microsoft Windows Vista SP2, Windows Server 2008 SP2 ...)
NOT-FOR-US: Microsoft Windows
-CVE-2015-2427
- RESERVED
+CVE-2015-2427 (Microsoft Internet Explorer 9 allows remote attackers to execute ...)
+ TODO: check
CVE-2015-2426 (Buffer underflow in atmfd.dll in the Windows Adobe Type Manager ...)
NOT-FOR-US: Microsoft Adobe Type Manager Library
CVE-2015-2425 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
@@ -19388,8 +19385,7 @@
[jessie] - chromium-browser <no-dsa> (minor issue)
[wheezy] - chromium-browser <end-of-life>
[squeeze] - chromium-browser <end-of-life>
-CVE-2015-1302
- RESERVED
+CVE-2015-1302 (The PDF viewer in Google Chrome before 46.0.2490.86 does not properly ...)
- chromium-browser <unfixed>
[wheezy] - chromium-browser <end-of-life>
[squeeze] - chromium-browser <end-of-life>
More information about the Secure-testing-commits
mailing list