[Secure-testing-commits] r46109 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Thu Nov 10 21:10:15 UTC 2016
Author: sectracker
Date: 2016-11-10 21:10:15 +0000 (Thu, 10 Nov 2016)
New Revision: 46109
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-11-10 20:01:54 UTC (rev 46108)
+++ data/CVE/list 2016-11-10 21:10:15 UTC (rev 46109)
@@ -1,3 +1,9 @@
+CVE-2016-9261
+ RESERVED
+CVE-2016-9260
+ RESERVED
+CVE-2016-9259
+ RESERVED
CVE-2017-0305
RESERVED
CVE-2017-0304
@@ -18,6 +24,7 @@
- ming <unfixed> (bug #843928)
NOTE: https://blogs.gentoo.org/ago/2016/11/07/libming-listmp3-global-buffer-overflow-in-printmp3headers-listmp3-c
CVE-2016-9262 [use after free in jas_realloc (jas_malloc.c)]
+ RESERVED
- jasper <removed>
NOTE: Fixed by: https://github.com/mdadams/jasper/commit/634ce8e8a5accc0fa05dd2c20d42b4749d4b2735
NOTE: https://blogs.gentoo.org/ago/2016/11/07/jasper-use-after-free-in-jas_realloc-jas_malloc-c
@@ -5878,130 +5885,130 @@
RESERVED
CVE-2016-7257
RESERVED
-CVE-2016-7256
- RESERVED
-CVE-2016-7255
- RESERVED
-CVE-2016-7254
- RESERVED
-CVE-2016-7253
- RESERVED
-CVE-2016-7252
- RESERVED
-CVE-2016-7251
- RESERVED
-CVE-2016-7250
- RESERVED
-CVE-2016-7249
- RESERVED
-CVE-2016-7248
- RESERVED
-CVE-2016-7247
- RESERVED
-CVE-2016-7246
- RESERVED
-CVE-2016-7245
- RESERVED
-CVE-2016-7244
- RESERVED
-CVE-2016-7243
- RESERVED
-CVE-2016-7242
- RESERVED
-CVE-2016-7241
- RESERVED
-CVE-2016-7240
- RESERVED
-CVE-2016-7239
- RESERVED
-CVE-2016-7238
- RESERVED
-CVE-2016-7237
- RESERVED
-CVE-2016-7236
- RESERVED
-CVE-2016-7235
- RESERVED
-CVE-2016-7234
- RESERVED
-CVE-2016-7233
- RESERVED
-CVE-2016-7232
- RESERVED
-CVE-2016-7231
- RESERVED
-CVE-2016-7230
- RESERVED
-CVE-2016-7229
- RESERVED
-CVE-2016-7228
- RESERVED
-CVE-2016-7227
- RESERVED
-CVE-2016-7226
- RESERVED
-CVE-2016-7225
- RESERVED
-CVE-2016-7224
- RESERVED
-CVE-2016-7223
- RESERVED
-CVE-2016-7222
- RESERVED
-CVE-2016-7221
- RESERVED
-CVE-2016-7220
- RESERVED
+CVE-2016-7256 (atmfd.dll in the Windows font library in Microsoft Windows Vista SP2, ...)
+ TODO: check
+CVE-2016-7255 (The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server ...)
+ TODO: check
+CVE-2016-7254 (Microsoft SQL Server 2012 SP2 and 2012 SP3 does not properly perform a ...)
+ TODO: check
+CVE-2016-7253 (The agent in Microsoft SQL Server 2012 SP2, 2012 SP3, 2014 SP1, 2014 ...)
+ TODO: check
+CVE-2016-7252 (Microsoft SQL Server 2016 mishandles the FILESTREAM path, which allows ...)
+ TODO: check
+CVE-2016-7251 (Cross-site scripting (XSS) vulnerability in the MDS API in Microsoft ...)
+ TODO: check
+CVE-2016-7250 (Microsoft SQL Server 2014 SP1, 2014 SP2, and 2016 does not properly ...)
+ TODO: check
+CVE-2016-7249 (Microsoft SQL Server 2016 does not properly perform a cast of an ...)
+ TODO: check
+CVE-2016-7248 (Microsoft Video Control in Microsoft Windows Vista SP2, Windows 7 SP1, ...)
+ TODO: check
+CVE-2016-7247 (Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT ...)
+ TODO: check
+CVE-2016-7246 (The kernel-mode drivers in Microsoft Windows Server 2008 R2 SP1, ...)
+ TODO: check
+CVE-2016-7245 (Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office ...)
+ TODO: check
+CVE-2016-7244 (Microsoft Office 2007 SP3 allows remote attackers to cause a denial of ...)
+ TODO: check
+CVE-2016-7243 (The Chakra JavaScript scripting engine in Microsoft Edge allows remote ...)
+ TODO: check
+CVE-2016-7242 (The Chakra JavaScript scripting engine in Microsoft Edge allows remote ...)
+ TODO: check
+CVE-2016-7241 (Microsoft Internet Explorer 11 and Microsoft Edge allow remote ...)
+ TODO: check
+CVE-2016-7240 (The Chakra JavaScript scripting engine in Microsoft Edge allows remote ...)
+ TODO: check
+CVE-2016-7239 (The RegEx class in the XSS filter in Microsoft Internet Explorer 9 ...)
+ TODO: check
+CVE-2016-7238 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, ...)
+ TODO: check
+CVE-2016-7237 (Local Security Authority Subsystem Service (LSASS) in Microsoft ...)
+ TODO: check
+CVE-2016-7236 (Microsoft Excel 2010 SP2, Excel for Mac 2011, Excel 2016 for Mac, and ...)
+ TODO: check
+CVE-2016-7235 (Microsoft Word 2007, Office 2010 SP2, Word 2010 SP2, Word for Mac ...)
+ TODO: check
+CVE-2016-7234 (Microsoft Word 2007, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, ...)
+ TODO: check
+CVE-2016-7233 (Microsoft Word 2007, Office 2010 SP2, Word 2010 SP2, Word for Mac ...)
+ TODO: check
+CVE-2016-7232 (Microsoft Word 2007, Office 2010 SP2, Word 2010 SP2, Word for Mac ...)
+ TODO: check
+CVE-2016-7231 (Microsoft Excel 2007 SP3, Excel for Mac 2011, Office Compatibility ...)
+ TODO: check
+CVE-2016-7230 (Microsoft PowerPoint 2010 SP2, PowerPoint Viewer, and Office Web Apps ...)
+ TODO: check
+CVE-2016-7229 (Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 ...)
+ TODO: check
+CVE-2016-7228 (Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 ...)
+ TODO: check
+CVE-2016-7227 (The scripting engines in Microsoft Internet Explorer 9 through 11 and ...)
+ TODO: check
+CVE-2016-7226 (Virtual Hard Disk Driver in Windows 10 Gold, 1511, and 1607 and ...)
+ TODO: check
+CVE-2016-7225 (Virtual Hard Disk Driver in Windows 10 Gold, 1511, and 1607 and ...)
+ TODO: check
+CVE-2016-7224 (Virtual Hard Disk Driver in Microsoft Windows 8.1, Windows Server 2012 ...)
+ TODO: check
+CVE-2016-7223 (Virtual Hard Disk Driver in Microsoft Windows 8.1, Windows Server 2012 ...)
+ TODO: check
+CVE-2016-7222 (Task Scheduler in Microsoft Windows 10 Gold, 1511, and 1607 and ...)
+ TODO: check
+CVE-2016-7221 (Input Method Editor (IME) in Microsoft Windows Vista SP2, Windows ...)
+ TODO: check
+CVE-2016-7220 (Virtual Secure Mode in Microsoft Windows 10 allows local users to ...)
+ TODO: check
CVE-2016-7219
RESERVED
-CVE-2016-7218
- RESERVED
-CVE-2016-7217
- RESERVED
-CVE-2016-7216
- RESERVED
-CVE-2016-7215
- RESERVED
-CVE-2016-7214
- RESERVED
-CVE-2016-7213
- RESERVED
-CVE-2016-7212
- RESERVED
+CVE-2016-7218 (Bowser.sys in the kernel-mode drivers in Microsoft Windows Vista SP2, ...)
+ TODO: check
+CVE-2016-7217 (Media Foundation in Microsoft Windows 8.1, Windows Server 2012 Gold ...)
+ TODO: check
+CVE-2016-7216 (The kernel API in Microsoft Windows Vista SP2, Windows Server 2008 SP2 ...)
+ TODO: check
+CVE-2016-7215 (The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server ...)
+ TODO: check
+CVE-2016-7214 (The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server ...)
+ TODO: check
+CVE-2016-7213 (Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 ...)
+ TODO: check
+CVE-2016-7212 (Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, ...)
+ TODO: check
CVE-2016-7211 (The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server ...)
TODO: check
-CVE-2016-7210
- RESERVED
-CVE-2016-7209
- RESERVED
-CVE-2016-7208
- RESERVED
+CVE-2016-7210 (atmfd.dll in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+ TODO: check
+CVE-2016-7209 (Microsoft Edge allows remote attackers to spoof web content via a ...)
+ TODO: check
+CVE-2016-7208 (The Chakra JavaScript scripting engine in Microsoft Edge allows remote ...)
+ TODO: check
CVE-2016-7207
RESERVED
CVE-2016-7206
RESERVED
-CVE-2016-7205
- RESERVED
-CVE-2016-7204
- RESERVED
-CVE-2016-7203
- RESERVED
-CVE-2016-7202
- RESERVED
-CVE-2016-7201
- RESERVED
-CVE-2016-7200
- RESERVED
-CVE-2016-7199
- RESERVED
-CVE-2016-7198
- RESERVED
+CVE-2016-7205 (Animation Manager in Microsoft Windows Server 2008 R2 SP1, Windows 7 ...)
+ TODO: check
+CVE-2016-7204 (Microsoft Edge allows remote attackers to access arbitrary "My ...)
+ TODO: check
+CVE-2016-7203 (The Chakra JavaScript scripting engine in Microsoft Edge allows remote ...)
+ TODO: check
+CVE-2016-7202 (The Chakra JavaScript scripting engine in Microsoft Edge allows remote ...)
+ TODO: check
+CVE-2016-7201 (The Chakra JavaScript scripting engine in Microsoft Edge allows remote ...)
+ TODO: check
+CVE-2016-7200 (The Chakra JavaScript scripting engine in Microsoft Edge allows remote ...)
+ TODO: check
+CVE-2016-7199 (Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow ...)
+ TODO: check
+CVE-2016-7198 (Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow ...)
+ TODO: check
CVE-2016-7197
RESERVED
-CVE-2016-7196
- RESERVED
-CVE-2016-7195
- RESERVED
+CVE-2016-7196 (Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote ...)
+ TODO: check
+CVE-2016-7195 (Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow ...)
+ TODO: check
CVE-2016-7194 (The Chakra JavaScript engine in Microsoft Edge allows remote attackers ...)
TODO: check
CVE-2016-7193 (Microsoft Word 2007 SP2, Office 2010 SP2, Word 2013 SP1, Word 2013 RT ...)
@@ -6022,8 +6029,8 @@
RESERVED
CVE-2016-7185 (The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server ...)
TODO: check
-CVE-2016-7184
- RESERVED
+CVE-2016-7184 (The Common Log File System (CLFS) driver in Microsoft Windows Vista ...)
+ TODO: check
CVE-2016-7183
RESERVED
CVE-2016-7182 (The Graphics component in Microsoft Windows Vista SP2; Windows Server ...)
@@ -10716,7 +10723,7 @@
RESERVED
CVE-2016-5853
RESERVED
-CVE-2016-5852 (For the NVIDIA Quadro, NVS, GeForce products, GFE GameStream and NVTray ...)
+CVE-2016-5852 (For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and ...)
TODO: check
CVE-2016-5850 (Cross-site scripting (XSS) vulnerability in the volume backup service ...)
NOT-FOR-US: Huawei
@@ -13950,7 +13957,7 @@
RESERVED
CVE-2016-5045
RESERVED
-CVE-2016-5025 (For the NVIDIA Quadro, NVS, GeForce products, improper sanitization of ...)
+CVE-2016-5025 (For the NVIDIA Quadro, NVS, and GeForce products, improper ...)
TODO: check
CVE-2016-5024
RESERVED
@@ -14384,11 +14391,11 @@
- xen 4.8.0~rc3-1
[wheezy] - xen <no-dsa> (Too intrusive to backport, libvirt doesn't have libxl driver enabled)
NOTE: http://xenbits.xen.org/xsa/advisory-175.html
-CVE-2016-4961 (For the NVIDIA Quadro, NVS, GeForce products, improper sanitization of ...)
+CVE-2016-4961 (For the NVIDIA Quadro, NVS, and GeForce products, improper ...)
TODO: check
-CVE-2016-4960 (For the NVIDIA Quadro, NVS, GeForce products, the NVIDIA ...)
+CVE-2016-4960 (For the NVIDIA Quadro, NVS, and GeForce products, the NVIDIA ...)
TODO: check
-CVE-2016-4959 (For the NVIDIA Quadro, NVS, GeForce products, there is a Remote Desktop ...)
+CVE-2016-4959 (For the NVIDIA Quadro, NVS, and GeForce products, there is a Remote ...)
TODO: check
CVE-2016-4958
RESERVED
@@ -18999,30 +19006,30 @@
TODO: check
CVE-2016-3344 (The Secure Kernel Mode feature in Microsoft Windows 10 Gold and 1511 ...)
TODO: check
-CVE-2016-3343
- RESERVED
-CVE-2016-3342
- RESERVED
+CVE-2016-3343 (The Common Log File System (CLFS) driver in Microsoft Windows Vista ...)
+ TODO: check
+CVE-2016-3342 (The Common Log File System (CLFS) driver in Microsoft Windows Vista ...)
+ TODO: check
CVE-2016-3341 (The kernel-mode drivers in Transaction Manager in Microsoft Windows ...)
TODO: check
-CVE-2016-3340
- RESERVED
+CVE-2016-3340 (The Common Log File System (CLFS) driver in Microsoft Windows Vista ...)
+ TODO: check
CVE-2016-3339
RESERVED
-CVE-2016-3338
- RESERVED
+CVE-2016-3338 (The Common Log File System (CLFS) driver in Microsoft Windows Vista ...)
+ TODO: check
CVE-2016-3337
RESERVED
CVE-2016-3336
RESERVED
-CVE-2016-3335
- RESERVED
-CVE-2016-3334
- RESERVED
-CVE-2016-3333
- RESERVED
-CVE-2016-3332
- RESERVED
+CVE-2016-3335 (The Common Log File System (CLFS) driver in Microsoft Windows Vista ...)
+ TODO: check
+CVE-2016-3334 (The Common Log File System (CLFS) driver in Microsoft Windows Vista ...)
+ TODO: check
+CVE-2016-3333 (The Common Log File System (CLFS) driver in Microsoft Windows Vista ...)
+ TODO: check
+CVE-2016-3332 (The Common Log File System (CLFS) driver in Microsoft Windows Vista ...)
+ TODO: check
CVE-2016-3331 (Microsoft Internet Explorer 11 and Microsoft Edge allow remote ...)
TODO: check
CVE-2016-3330 (Microsoft Edge allows remote attackers to execute arbitrary code or ...)
@@ -19363,7 +19370,7 @@
RESERVED
CVE-2016-3173
RESERVED
-CVE-2016-3161 (For the NVIDIA Quadro, NVS, GeForce products, GFE GameStream and NVTray ...)
+CVE-2016-3161 (For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and ...)
TODO: check
CVE-2016-3160
RESERVED
@@ -30210,8 +30217,8 @@
TODO: check
CVE-2016-0027
RESERVED
-CVE-2016-0026
- RESERVED
+CVE-2016-0026 (The Common Log File System (CLFS) driver in Microsoft Windows Vista ...)
+ TODO: check
CVE-2016-0025 (Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 ...)
TODO: check
CVE-2016-0024 (The Chakra JavaScript engine in Microsoft Edge allows remote attackers ...)
More information about the Secure-testing-commits
mailing list