[Secure-testing-commits] r41653 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Wed May 11 21:10:12 UTC 2016
Author: sectracker
Date: 2016-05-11 21:10:12 +0000 (Wed, 11 May 2016)
New Revision: 41653
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-05-11 20:49:58 UTC (rev 41652)
+++ data/CVE/list 2016-05-11 21:10:12 UTC (rev 41653)
@@ -1,5 +1,6 @@
-CVE-2016-4581
+CVE-2016-4573
RESERVED
+CVE-2016-4581
- linux <unfixed>
NOTE: https://git.kernel.org/linus/5ec0811d30378ae104f250bfc9b3640242d81e3f (v4.6-rc7)
CVE-2016-4579
@@ -8,6 +9,7 @@
CVE-2016-4572
RESERVED
CVE-2016-4574 [incomplete fix for CVE-2016-4356]
+ RESERVED
- libksba 1.3.4-3
[jessie] - libksba <not-affected> (Incomplete fix not applied)
[wheezy] - libksba <not-affected> (Incomplete fix not applied)
@@ -75,8 +77,7 @@
RESERVED
CVE-2016-4545
RESERVED
-CVE-2016-4561 [HTML-escape error messages, in one case avoiding potential cross-site scripting]
- RESERVED
+CVE-2016-4561 (Cross-site scripting (XSS) vulnerability in the cgierror function in ...)
{DSA-3571-1 DLA-463-1}
- ikiwiki 3.20160506
NOTE: http://source.ikiwiki.branchable.com/?p=source.git;a=commitdiff;h=32ef584dc5abb6ddb9f794f94ea0b2934967bba7
@@ -115,23 +116,20 @@
NOTE: Introduced by: https://git.kernel.org/linus/0246e64d9a5fcd4805198de59b9b5cf1f974eb41 (v3.18-rc1)
NOTE: Exploitable since: https://git.kernel.org/linus/1be7f75d1668d6296b80bf35dcf6762393530afc (v4.4-rc1)
NOTE: http://www.openwall.com/lists/oss-security/2016/05/06/4
-CVE-2016-4556
- RESERVED
+CVE-2016-4556 (Double free vulnerability in Esi.cc in Squid 3.x before 3.5.18 and 4.x ...)
- squid3 3.5.19-1 (bug #823968)
- squid <not-affected> (Does not affect 2.x)
NOTE: http://www.squid-cache.org/Advisories/SQUID-2016_9.txt
NOTE: http://www.squid-cache.org/Versions/v3/3.4/changesets/SQUID-2016_9.patch
NOTE: http://www.squid-cache.org/Versions/v3/3.5/changesets/SQUID-2016_9.patch
-CVE-2016-4555
- RESERVED
+CVE-2016-4555 (client_side_request.cc in Squid 3.x before 3.5.18 and 4.x before ...)
- squid3 3.5.19-1 (bug #823968)
[wheezy] - squid3 <not-affected> (3.1 not vulnerable)
- squid <not-affected> (Does not affect 2.x)
NOTE: http://www.squid-cache.org/Advisories/SQUID-2016_9.txt
NOTE: http://www.squid-cache.org/Versions/v3/3.4/changesets/SQUID-2016_9.patch
NOTE: http://www.squid-cache.org/Versions/v3/3.5/changesets/SQUID-2016_9.patch
-CVE-2016-4554 [Header Smuggling issue in HTTP Request processing]
- RESERVED
+CVE-2016-4554 (mime_header.cc in Squid before 3.5.18 allows remote attackers to ...)
- squid3 3.5.19-1 (bug #823968)
- squid <removed>
NOTE: http://www.squid-cache.org/Advisories/SQUID-2016_8.txt
@@ -141,8 +139,7 @@
NOTE: http://www.squid-cache.org/Versions/v3/3.4/changesets/squid-3.4-13236.patch
NOTE: http://www.squid-cache.org/Versions/v3/3.5/changesets/squid-3.5-14038.patch
NOTE: Regression and fix: http://bugs.squid-cache.org/show_bug.cgi?id=4515
-CVE-2016-4553 [Cache Poisoning issue in HTTP Request handling]
- RESERVED
+CVE-2016-4553 (client_side.cc in Squid before 3.5.18 and 4.x before 4.0.10 does not ...)
- squid3 3.5.19-1 (bug #823968)
[wheezy] - squid3 <not-affected> (issue introduced by CVE-2009-0801 fix, not applied in wheezy)
- squid <not-affected> (Does not affect 2.x)
@@ -730,6 +727,7 @@
NOTE: http://www.openwall.com/lists/oss-security/2016/04/29/3
CVE-2015-8869 [buffer overflow and information leak]
RESERVED
+ {DLA-466-1}
- ocaml <unfixed>
NOTE: https://github.com/ocaml/ocaml/commit/659615c7b100a89eafe6253e7a5b9d84d0e8df74#diff-a97df53e3ebc59bb457191b496c90762
NOTE: http://www.openwall.com/lists/oss-security/2016/04/29/1
@@ -1182,66 +1180,66 @@
RESERVED
CVE-2016-4118
RESERVED
-CVE-2016-4117
- RESERVED
-CVE-2016-4116
- RESERVED
-CVE-2016-4115
- RESERVED
-CVE-2016-4114
- RESERVED
-CVE-2016-4113
- RESERVED
-CVE-2016-4112
- RESERVED
-CVE-2016-4111
- RESERVED
-CVE-2016-4110
- RESERVED
-CVE-2016-4109
- RESERVED
-CVE-2016-4108
- RESERVED
-CVE-2016-4107
- RESERVED
-CVE-2016-4106
- RESERVED
-CVE-2016-4105
- RESERVED
-CVE-2016-4104
- RESERVED
-CVE-2016-4103
- RESERVED
-CVE-2016-4102
- RESERVED
-CVE-2016-4101
- RESERVED
-CVE-2016-4100
- RESERVED
-CVE-2016-4099
- RESERVED
-CVE-2016-4098
- RESERVED
-CVE-2016-4097
- RESERVED
-CVE-2016-4096
- RESERVED
+CVE-2016-4117 (Adobe Flash Player 21.0.0.226 and earlier allows remote attackers to ...)
+ TODO: check
+CVE-2016-4116 (Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and ...)
+ TODO: check
+CVE-2016-4115 (Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and ...)
+ TODO: check
+CVE-2016-4114 (Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and ...)
+ TODO: check
+CVE-2016-4113 (Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and ...)
+ TODO: check
+CVE-2016-4112 (Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and ...)
+ TODO: check
+CVE-2016-4111 (Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and ...)
+ TODO: check
+CVE-2016-4110 (Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and ...)
+ TODO: check
+CVE-2016-4109 (Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and ...)
+ TODO: check
+CVE-2016-4108 (Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and ...)
+ TODO: check
+CVE-2016-4107 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+ TODO: check
+CVE-2016-4106 (Untrusted search path vulnerability in Adobe Reader and Acrobat before ...)
+ TODO: check
+CVE-2016-4105 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+ TODO: check
+CVE-2016-4104 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+ TODO: check
+CVE-2016-4103 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+ TODO: check
+CVE-2016-4102 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+ TODO: check
+CVE-2016-4101 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+ TODO: check
+CVE-2016-4100 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+ TODO: check
+CVE-2016-4099 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+ TODO: check
+CVE-2016-4098 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+ TODO: check
+CVE-2016-4097 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+ TODO: check
+CVE-2016-4096 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+ TODO: check
CVE-2016-4095
RESERVED
-CVE-2016-4094
- RESERVED
-CVE-2016-4093
- RESERVED
-CVE-2016-4092
- RESERVED
-CVE-2016-4091
- RESERVED
-CVE-2016-4090
- RESERVED
-CVE-2016-4089
- RESERVED
-CVE-2016-4088
- RESERVED
+CVE-2016-4094 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+ TODO: check
+CVE-2016-4093 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+ TODO: check
+CVE-2016-4092 (Heap-based buffer overflow in Adobe Reader and Acrobat before 11.0.16, ...)
+ TODO: check
+CVE-2016-4091 (Heap-based buffer overflow in Adobe Reader and Acrobat before 11.0.16, ...)
+ TODO: check
+CVE-2016-4090 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+ TODO: check
+CVE-2016-4089 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+ TODO: check
+CVE-2016-4088 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+ TODO: check
CVE-2016-4340 [Privilege escalation via "impersonate" feature]
RESERVED
- gitlab <unfixed> (bug #823290)
@@ -10750,194 +10748,194 @@
NOTE: Upstream commit: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=d9a3b33d2c9f996537b7f1d0246dee2d0120cefb (v2.5.0-rc1)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1283722
NOTE: http://www.openwall.com/lists/oss-security/2015/12/24/1
-CVE-2016-1130
- RESERVED
-CVE-2016-1129
- RESERVED
-CVE-2016-1128
- RESERVED
-CVE-2016-1127
- RESERVED
-CVE-2016-1126
- RESERVED
-CVE-2016-1125
- RESERVED
-CVE-2016-1124
- RESERVED
-CVE-2016-1123
- RESERVED
-CVE-2016-1122
- RESERVED
-CVE-2016-1121
- RESERVED
-CVE-2016-1120
- RESERVED
-CVE-2016-1119
- RESERVED
-CVE-2016-1118
- RESERVED
-CVE-2016-1117
- RESERVED
-CVE-2016-1116
- RESERVED
-CVE-2016-1115
- RESERVED
-CVE-2016-1114
- RESERVED
-CVE-2016-1113
- RESERVED
-CVE-2016-1112
- RESERVED
+CVE-2016-1130 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+ TODO: check
+CVE-2016-1129 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+ TODO: check
+CVE-2016-1128 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+ TODO: check
+CVE-2016-1127 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+ TODO: check
+CVE-2016-1126 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+ TODO: check
+CVE-2016-1125 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+ TODO: check
+CVE-2016-1124 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+ TODO: check
+CVE-2016-1123 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+ TODO: check
+CVE-2016-1122 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+ TODO: check
+CVE-2016-1121 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+ TODO: check
+CVE-2016-1120 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+ TODO: check
+CVE-2016-1119 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+ TODO: check
+CVE-2016-1118 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+ TODO: check
+CVE-2016-1117 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+ TODO: check
+CVE-2016-1116 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+ TODO: check
+CVE-2016-1115 (Adobe ColdFusion 10 before Update 19, 11 before Update 8, and 2016 ...)
+ TODO: check
+CVE-2016-1114 (Adobe ColdFusion 10 before Update 19, 11 before Update 8, and 2016 ...)
+ TODO: check
+CVE-2016-1113 (Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 10 before ...)
+ TODO: check
+CVE-2016-1112 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+ TODO: check
CVE-2016-1111 (Double free vulnerability in Adobe Reader and Acrobat before 11.0.14, ...)
TODO: check
-CVE-2016-1110
- RESERVED
-CVE-2016-1109
- RESERVED
-CVE-2016-1108
- RESERVED
-CVE-2016-1107
- RESERVED
-CVE-2016-1106
- RESERVED
-CVE-2016-1105
- RESERVED
-CVE-2016-1104
- RESERVED
-CVE-2016-1103
- RESERVED
-CVE-2016-1102
- RESERVED
-CVE-2016-1101
- RESERVED
-CVE-2016-1100
- RESERVED
-CVE-2016-1099
- RESERVED
-CVE-2016-1098
- RESERVED
-CVE-2016-1097
- RESERVED
-CVE-2016-1096
- RESERVED
-CVE-2016-1095
- RESERVED
-CVE-2016-1094
- RESERVED
-CVE-2016-1093
- RESERVED
-CVE-2016-1092
- RESERVED
+CVE-2016-1110 (Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and ...)
+ TODO: check
+CVE-2016-1109 (Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and ...)
+ TODO: check
+CVE-2016-1108 (Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and ...)
+ TODO: check
+CVE-2016-1107 (Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and ...)
+ TODO: check
+CVE-2016-1106 (Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and ...)
+ TODO: check
+CVE-2016-1105 (Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and ...)
+ TODO: check
+CVE-2016-1104 (Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and ...)
+ TODO: check
+CVE-2016-1103 (Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and ...)
+ TODO: check
+CVE-2016-1102 (Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and ...)
+ TODO: check
+CVE-2016-1101 (Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and ...)
+ TODO: check
+CVE-2016-1100 (Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and ...)
+ TODO: check
+CVE-2016-1099 (Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and ...)
+ TODO: check
+CVE-2016-1098 (Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and ...)
+ TODO: check
+CVE-2016-1097 (Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and ...)
+ TODO: check
+CVE-2016-1096 (Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and ...)
+ TODO: check
+CVE-2016-1095 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+ TODO: check
+CVE-2016-1094 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+ TODO: check
+CVE-2016-1093 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+ TODO: check
+CVE-2016-1092 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+ TODO: check
CVE-2016-1091
RESERVED
-CVE-2016-1090
- RESERVED
+CVE-2016-1090 (Untrusted search path vulnerability in Adobe Reader and Acrobat before ...)
+ TODO: check
CVE-2016-1089
RESERVED
-CVE-2016-1088
- RESERVED
-CVE-2016-1087
- RESERVED
-CVE-2016-1086
- RESERVED
-CVE-2016-1085
- RESERVED
-CVE-2016-1084
- RESERVED
-CVE-2016-1083
- RESERVED
-CVE-2016-1082
- RESERVED
-CVE-2016-1081
- RESERVED
-CVE-2016-1080
- RESERVED
-CVE-2016-1079
- RESERVED
-CVE-2016-1078
- RESERVED
-CVE-2016-1077
- RESERVED
-CVE-2016-1076
- RESERVED
-CVE-2016-1075
- RESERVED
-CVE-2016-1074
- RESERVED
-CVE-2016-1073
- RESERVED
-CVE-2016-1072
- RESERVED
-CVE-2016-1071
- RESERVED
-CVE-2016-1070
- RESERVED
-CVE-2016-1069
- RESERVED
-CVE-2016-1068
- RESERVED
-CVE-2016-1067
- RESERVED
-CVE-2016-1066
- RESERVED
-CVE-2016-1065
- RESERVED
-CVE-2016-1064
- RESERVED
-CVE-2016-1063
- RESERVED
-CVE-2016-1062
- RESERVED
-CVE-2016-1061
- RESERVED
-CVE-2016-1060
- RESERVED
-CVE-2016-1059
- RESERVED
-CVE-2016-1058
- RESERVED
-CVE-2016-1057
- RESERVED
-CVE-2016-1056
- RESERVED
-CVE-2016-1055
- RESERVED
-CVE-2016-1054
- RESERVED
-CVE-2016-1053
- RESERVED
-CVE-2016-1052
- RESERVED
-CVE-2016-1051
- RESERVED
-CVE-2016-1050
- RESERVED
-CVE-2016-1049
- RESERVED
-CVE-2016-1048
- RESERVED
-CVE-2016-1047
- RESERVED
-CVE-2016-1046
- RESERVED
-CVE-2016-1045
- RESERVED
-CVE-2016-1044
- RESERVED
-CVE-2016-1043
- RESERVED
-CVE-2016-1042
- RESERVED
-CVE-2016-1041
- RESERVED
-CVE-2016-1040
- RESERVED
-CVE-2016-1039
- RESERVED
-CVE-2016-1038
- RESERVED
-CVE-2016-1037
- RESERVED
+CVE-2016-1088 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+ TODO: check
+CVE-2016-1087 (Untrusted search path vulnerability in Adobe Reader and Acrobat before ...)
+ TODO: check
+CVE-2016-1086 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+ TODO: check
+CVE-2016-1085 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+ TODO: check
+CVE-2016-1084 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+ TODO: check
+CVE-2016-1083 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+ TODO: check
+CVE-2016-1082 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+ TODO: check
+CVE-2016-1081 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+ TODO: check
+CVE-2016-1080 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+ TODO: check
+CVE-2016-1079 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+ TODO: check
+CVE-2016-1078 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+ TODO: check
+CVE-2016-1077 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+ TODO: check
+CVE-2016-1076 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+ TODO: check
+CVE-2016-1075 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+ TODO: check
+CVE-2016-1074 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+ TODO: check
+CVE-2016-1073 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+ TODO: check
+CVE-2016-1072 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+ TODO: check
+CVE-2016-1071 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+ TODO: check
+CVE-2016-1070 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+ TODO: check
+CVE-2016-1069 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+ TODO: check
+CVE-2016-1068 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+ TODO: check
+CVE-2016-1067 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+ TODO: check
+CVE-2016-1066 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+ TODO: check
+CVE-2016-1065 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+ TODO: check
+CVE-2016-1064 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+ TODO: check
+CVE-2016-1063 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+ TODO: check
+CVE-2016-1062 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+ TODO: check
+CVE-2016-1061 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+ TODO: check
+CVE-2016-1060 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+ TODO: check
+CVE-2016-1059 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+ TODO: check
+CVE-2016-1058 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+ TODO: check
+CVE-2016-1057 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+ TODO: check
+CVE-2016-1056 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+ TODO: check
+CVE-2016-1055 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+ TODO: check
+CVE-2016-1054 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+ TODO: check
+CVE-2016-1053 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+ TODO: check
+CVE-2016-1052 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+ TODO: check
+CVE-2016-1051 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+ TODO: check
+CVE-2016-1050 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+ TODO: check
+CVE-2016-1049 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+ TODO: check
+CVE-2016-1048 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+ TODO: check
+CVE-2016-1047 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+ TODO: check
+CVE-2016-1046 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+ TODO: check
+CVE-2016-1045 (Use-after-free vulnerability in Adobe Reader and Acrobat before ...)
+ TODO: check
+CVE-2016-1044 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+ TODO: check
+CVE-2016-1043 (Integer overflow in Adobe Reader and Acrobat before 11.0.16, Acrobat ...)
+ TODO: check
+CVE-2016-1042 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+ TODO: check
+CVE-2016-1041 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+ TODO: check
+CVE-2016-1040 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+ TODO: check
+CVE-2016-1039 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+ TODO: check
+CVE-2016-1038 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+ TODO: check
+CVE-2016-1037 (Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC ...)
+ TODO: check
CVE-2016-1036 (Cross-site scripting (XSS) vulnerability in Adobe Analytics ...)
TODO: check
CVE-2016-1035 (Adobe RoboHelp Server 9 before 9.0.1 mishandles SQL queries, which ...)
@@ -13618,68 +13616,68 @@
RESERVED
CVE-2016-0199
RESERVED
-CVE-2016-0198
- RESERVED
-CVE-2016-0197
- RESERVED
-CVE-2016-0196
- RESERVED
-CVE-2016-0195
- RESERVED
-CVE-2016-0194
- RESERVED
-CVE-2016-0193
- RESERVED
-CVE-2016-0192
- RESERVED
-CVE-2016-0191
- RESERVED
-CVE-2016-0190
- RESERVED
-CVE-2016-0189
- RESERVED
-CVE-2016-0188
- RESERVED
-CVE-2016-0187
- RESERVED
-CVE-2016-0186
- RESERVED
-CVE-2016-0185
- RESERVED
-CVE-2016-0184
- RESERVED
-CVE-2016-0183
- RESERVED
-CVE-2016-0182
- RESERVED
-CVE-2016-0181
- RESERVED
-CVE-2016-0180
- RESERVED
-CVE-2016-0179
- RESERVED
-CVE-2016-0178
- RESERVED
+CVE-2016-0198 (Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 ...)
+ TODO: check
+CVE-2016-0197 (dxgkrnl.sys in the DirectX Graphics kernel subsystem in the ...)
+ TODO: check
+CVE-2016-0196 (The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server ...)
+ TODO: check
+CVE-2016-0195 (The Imaging Component in Microsoft Windows Vista SP2, Windows Server ...)
+ TODO: check
+CVE-2016-0194 (Microsoft Internet Explorer 10 and 11 allows remote attackers to ...)
+ TODO: check
+CVE-2016-0193 (The Chakra JavaScript engine in Microsoft Edge allows remote attackers ...)
+ TODO: check
+CVE-2016-0192 (Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow ...)
+ TODO: check
+CVE-2016-0191 (The Chakra JavaScript engine in Microsoft Edge allows remote attackers ...)
+ TODO: check
+CVE-2016-0190 (Volume Manager Driver in Microsoft Windows 8.1, Windows Server 2012 ...)
+ TODO: check
+CVE-2016-0189 (The Microsoft (1) JScript 5.8 and (2) VBScript 5.7 and 5.8 engines, as ...)
+ TODO: check
+CVE-2016-0188 (The User Mode Code Integrity (UMCI) implementation in Device Guard in ...)
+ TODO: check
+CVE-2016-0187 (The Microsoft (1) JScript 5.8 and (2) VBScript 5.8 engines, as used in ...)
+ TODO: check
+CVE-2016-0186 (The Chakra JavaScript engine in Microsoft Edge allows remote attackers ...)
+ TODO: check
+CVE-2016-0185 (Media Center in Microsoft Windows Vista SP2, Windows 7 SP1, and ...)
+ TODO: check
+CVE-2016-0184 (Use-after-free vulnerability in GDI in Microsoft Windows Vista SP2, ...)
+ TODO: check
+CVE-2016-0183 (The Windows font library in Microsoft Office 2010 SP2, Word 2010 SP2, ...)
+ TODO: check
+CVE-2016-0182 (Windows Journal in Microsoft Windows Vista SP2, Windows 7 SP1, Windows ...)
+ TODO: check
+CVE-2016-0181 (Microsoft Windows 10 Gold and 1511 allows local users to bypass the ...)
+ TODO: check
+CVE-2016-0180 (The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+ TODO: check
+CVE-2016-0179 (Windows Shell in Microsoft Windows 8.1, Windows Server 2012 R2, ...)
+ TODO: check
+CVE-2016-0178 (The RPC NDR Engine in Microsoft Windows Vista SP2, Windows Server 2008 ...)
+ TODO: check
CVE-2016-0177
RESERVED
-CVE-2016-0176
- RESERVED
-CVE-2016-0175
- RESERVED
-CVE-2016-0174
- RESERVED
-CVE-2016-0173
- RESERVED
+CVE-2016-0176 (dxgkrnl.sys in the DirectX Graphics kernel subsystem in the ...)
+ TODO: check
+CVE-2016-0175 (The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server ...)
+ TODO: check
+CVE-2016-0174 (The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server ...)
+ TODO: check
+CVE-2016-0173 (The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server ...)
+ TODO: check
CVE-2016-0172
RESERVED
-CVE-2016-0171
- RESERVED
-CVE-2016-0170
- RESERVED
-CVE-2016-0169
- RESERVED
-CVE-2016-0168
- RESERVED
+CVE-2016-0171 (The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server ...)
+ TODO: check
+CVE-2016-0170 (GDI in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 ...)
+ TODO: check
+CVE-2016-0169 (GDI in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 ...)
+ TODO: check
+CVE-2016-0168 (GDI in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 ...)
+ TODO: check
CVE-2016-0167 (The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server ...)
NOT-FOR-US: Microsoft Windows
CVE-2016-0166 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
@@ -13711,14 +13709,14 @@
NOT-FOR-US: Microsoft Internet Explorer
CVE-2016-0153 (OLE in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 ...)
NOT-FOR-US: Microsoft Windows
-CVE-2016-0152
- RESERVED
+CVE-2016-0152 (Internet Information Services (IIS) in Microsoft Windows Vista SP2 and ...)
+ TODO: check
CVE-2016-0151 (The Client-Server Run-time Subsystem (CSRSS) in Microsoft Windows 8.1, ...)
NOT-FOR-US: Microsoft Windows
CVE-2016-0150 (HTTP.sys in Microsoft Windows 10 Gold and 1511 allows remote attackers ...)
NOT-FOR-US: Microsoft Windows
-CVE-2016-0149
- RESERVED
+CVE-2016-0149 (Microsoft .NET Framework 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, and ...)
+ TODO: check
CVE-2016-0148 (Microsoft .NET Framework 4.6 and 4.6.1 mishandles library loading, ...)
NOT-FOR-US: Microsoft .NET
CVE-2016-0147 (Microsoft XML Core Services 3.0 allows remote attackers to execute ...)
@@ -13735,8 +13733,8 @@
RESERVED
CVE-2016-0141
RESERVED
-CVE-2016-0140
- RESERVED
+CVE-2016-0140 (Microsoft Office 2007 SP3, Office 2010 SP2, Word Automation Services ...)
+ TODO: check
CVE-2016-0139 (Microsoft Excel 2010 SP2, Word for Mac 2011, and Excel Viewer allow ...)
NOT-FOR-US: Microsoft Excel
CVE-2016-0138
@@ -13763,8 +13761,8 @@
NOT-FOR-US: Microsoft Windows
CVE-2016-0127 (Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 ...)
NOT-FOR-US: Microsoft Word
-CVE-2016-0126
- RESERVED
+CVE-2016-0126 (Microsoft Office 2013 SP1, 2013 RT SP1, and 2016 allows remote ...)
+ TODO: check
CVE-2016-0125 (Microsoft Edge mishandles the Referer policy, which allows remote ...)
NOT-FOR-US: Microsoft
CVE-2016-0124 (Microsoft Edge allows remote attackers to execute arbitrary code or ...)
@@ -19786,7 +19784,7 @@
- libevent 2.0.21-stable-2
[squeeze] - libevent <not-affected> (Only for issues in 2.0.x and 2.1.x)
NOTE: Split from CVE-2014-6272
-CVE-2015-6524 (The LDAPLoginModule implementation the Java Authentication and ...)
+CVE-2015-6524 (The LDAPLoginModule implementation in the Java Authentication and ...)
- activemq 5.6.0+dfsg1-4 (low)
[wheezy] - activemq 5.6.0+dfsg-1+deb7u1
NOTE: http://activemq.apache.org/security-advisories.data/CVE-2014-3612-announcement.txt
@@ -54707,7 +54705,7 @@
{DSA-3022-1 DLA-64-1}
- curl 7.38.0-1
NOTE: http://curl.haxx.se/docs/adv_20140910A.html
-CVE-2014-3612 (The LDAPLoginModule implementation the Java Authentication and ...)
+CVE-2014-3612 (The LDAPLoginModule implementation in the Java Authentication and ...)
- activemq 5.6.0+dfsg1-4 (low; bug #777196)
[wheezy] - activemq 5.6.0+dfsg-1+deb7u1
NOTE: http://activemq.apache.org/security-advisories.data/CVE-2014-3612-announcement.txt
@@ -60541,7 +60539,7 @@
- dotclear 2.6.2+dfsg-1
CVE-2014-1612 (Cross-site scripting (XSS) vulnerability in login.esp in the Web ...)
NOT-FOR-US: Mediatrix
-CVE-2014-1610 (MediaWiki 1.22.x before 1.22.2, 1.21.x before 1.21.5 and 1.19.x before ...)
+CVE-2014-1610 (MediaWiki 1.22.x before 1.22.2, 1.21.x before 1.21.5, and 1.19.x ...)
{DSA-2891-1}
- mediawiki 1:1.19.11+dfsg-1
[squeeze] - mediawiki <end-of-life>
@@ -83387,7 +83385,7 @@
NOT-FOR-US: IBM Domino
CVE-2013-0486 (Memory leak in the HTTP server in IBM Domino 8.5.x allows remote ...)
NOT-FOR-US: IBM Domino
-CVE-2013-0485 (Unspecified vulnerability in IBM Java SDK before 7 before SR4-FP1, 6 ...)
+CVE-2013-0485 (Unspecified vulnerability in IBM Java SDK 7 before SR4-FP1, 6 before ...)
NOT-FOR-US: IBM Java SDK
CVE-2013-0484 (The server process in IBM Cognos TM1 10.1.x before 10.1.1 FP1 allows ...)
NOT-FOR-US: IBM Cognos TM1
More information about the Secure-testing-commits
mailing list