[Secure-testing-commits] r36459 - data/CVE
David Prévot
taffit at moszumanska.debian.org
Thu Sep 3 23:28:40 UTC 2015
Author: taffit
Date: 2015-09-03 23:28:39 +0000 (Thu, 03 Sep 2015)
New Revision: 36459
Modified:
data/CVE/list
Log:
Add CVE-2015-{471{6..8},6670}/owncloud and CVE-2015-4715/php-dropbox
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-09-03 22:48:27 UTC (rev 36458)
+++ data/CVE/list 2015-09-03 23:28:39 UTC (rev 36459)
@@ -286,8 +286,11 @@
RESERVED
CVE-2015-6671
RESERVED
-CVE-2015-6670
- RESERVED
+CVE-2015-6670 [Calendar export: Authorization Bypass Through User-Controlled Key]
+ RESERVED
+ - owncloud 7.0.8~dfsg-1
+ [experimental] - owncloud-calendar 0.7.3-1
+ NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2015-015
CVE-2015-6669
RESERVED
CVE-2015-6668
@@ -5117,14 +5120,22 @@
RESERVED
CVE-2015-4719
RESERVED
-CVE-2015-4718
+CVE-2015-4718 [Command injection when using external SMB storage]
RESERVED
-CVE-2015-4717
+ - owncloud 7.0.6+dfsg-1
+ NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2015-008
+CVE-2015-4717 [Resource Exthaustion when sanitizing filenames]
RESERVED
-CVE-2015-4716
+ - owncloud 7.0.6+dfsg-1
+ NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2015-007
+CVE-2015-4716 [Local file inclusion on MS Windows Platform]
RESERVED
-CVE-2015-4715
+ - owncloud 7.0.6+dfsg-1
+ NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2015-006
+CVE-2015-4715 [Mounted Dropbox storage allows "Dropbox.com" to access any file]
RESERVED
+ - php-dropbox 1.0.0-4
+ NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2015-005
CVE-2015-4714 (Cross-site scripting (XSS) vulnerability in the DreamBox DM500-S ...)
NOT-FOR-US: DreamBox DM500-S
CVE-2015-4713 (SQL injection vulnerability in ApPHP Hotel Site 3.x.x allows remote ...)
More information about the Secure-testing-commits
mailing list