[Secure-testing-commits] r54170 - data/CVE

security tracker role sectracker at moszumanska.debian.org
Tue Aug 1 09:10:14 UTC 2017


Author: sectracker
Date: 2017-08-01 09:10:14 +0000 (Tue, 01 Aug 2017)
New Revision: 54170

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-08-01 09:07:56 UTC (rev 54169)
+++ data/CVE/list	2017-08-01 09:10:14 UTC (rev 54170)
@@ -1,3 +1,745 @@
+CVE-2017-12131 (The Easy Testimonials plugin 3.0.4 for WordPress has XSS in ...)
+	TODO: check
+CVE-2017-12130
+	RESERVED
+CVE-2017-12129
+	RESERVED
+CVE-2017-12128
+	RESERVED
+CVE-2017-12127
+	RESERVED
+CVE-2017-12126
+	RESERVED
+CVE-2017-12125
+	RESERVED
+CVE-2017-12124
+	RESERVED
+CVE-2017-12123
+	RESERVED
+CVE-2017-12122
+	RESERVED
+CVE-2017-12121
+	RESERVED
+CVE-2017-12120
+	RESERVED
+CVE-2017-12119
+	RESERVED
+CVE-2017-12118
+	RESERVED
+CVE-2017-12117
+	RESERVED
+CVE-2017-12116
+	RESERVED
+CVE-2017-12115
+	RESERVED
+CVE-2017-12114
+	RESERVED
+CVE-2017-12113
+	RESERVED
+CVE-2017-12112
+	RESERVED
+CVE-2017-12111
+	RESERVED
+CVE-2017-12110
+	RESERVED
+CVE-2017-12109
+	RESERVED
+CVE-2017-12108
+	RESERVED
+CVE-2017-12107
+	RESERVED
+CVE-2017-12106
+	RESERVED
+CVE-2017-12105
+	RESERVED
+CVE-2017-12104
+	RESERVED
+CVE-2017-12103
+	RESERVED
+CVE-2017-12102
+	RESERVED
+CVE-2017-12101
+	RESERVED
+CVE-2017-12100
+	RESERVED
+CVE-2017-12099
+	RESERVED
+CVE-2017-12098
+	RESERVED
+CVE-2017-12097
+	RESERVED
+CVE-2017-12096
+	RESERVED
+CVE-2017-12095
+	RESERVED
+CVE-2017-12094
+	RESERVED
+CVE-2017-12093
+	RESERVED
+CVE-2017-12092
+	RESERVED
+CVE-2017-12091
+	RESERVED
+CVE-2017-12090
+	RESERVED
+CVE-2017-12089
+	RESERVED
+CVE-2017-12088
+	RESERVED
+CVE-2017-12087
+	RESERVED
+CVE-2017-12086
+	RESERVED
+CVE-2017-12085
+	RESERVED
+CVE-2017-12084
+	RESERVED
+CVE-2017-12083
+	RESERVED
+CVE-2017-12082
+	RESERVED
+CVE-2017-12081
+	RESERVED
+CVE-2017-12080
+	RESERVED
+CVE-2017-12079
+	RESERVED
+CVE-2017-12078
+	RESERVED
+CVE-2017-12077
+	RESERVED
+CVE-2017-12076
+	RESERVED
+CVE-2017-12075
+	RESERVED
+CVE-2017-12074
+	RESERVED
+CVE-2017-12073
+	RESERVED
+CVE-2017-12072
+	RESERVED
+CVE-2017-12071
+	RESERVED
+CVE-2017-12070
+	RESERVED
+CVE-2017-12069
+	RESERVED
+CVE-2017-12068 (The Event List plugin 0.7.9 for WordPress has XSS in the slug array ...)
+	TODO: check
+CVE-2017-12067 (Potrace 1.14 has a heap-based buffer over-read in the interpolate_cubic ...)
+	TODO: check
+CVE-2017-12066 (Cross-site scripting (XSS) vulnerability in aggregate_graphs.php in ...)
+	TODO: check
+CVE-2017-12065 (spikekill.php in Cacti before 1.1.16 might allow remote attackers to ...)
+	TODO: check
+CVE-2017-12064 (The csv_log_html function in library/edihistory/edih_csv_inc.php in ...)
+	TODO: check
+CVE-2017-12063
+	RESERVED
+CVE-2017-12062
+	RESERVED
+CVE-2017-12061
+	RESERVED
+CVE-2017-12060
+	RESERVED
+CVE-2017-12059
+	RESERVED
+CVE-2017-12058
+	RESERVED
+CVE-2017-12057
+	RESERVED
+CVE-2017-12056
+	RESERVED
+CVE-2017-12055
+	RESERVED
+CVE-2017-12054
+	RESERVED
+CVE-2017-12053
+	RESERVED
+CVE-2017-12052
+	RESERVED
+CVE-2017-12051
+	RESERVED
+CVE-2017-12050
+	RESERVED
+CVE-2017-12049
+	RESERVED
+CVE-2017-12048
+	RESERVED
+CVE-2017-12047
+	RESERVED
+CVE-2017-12046
+	RESERVED
+CVE-2017-12045
+	RESERVED
+CVE-2017-12044
+	RESERVED
+CVE-2017-12043
+	RESERVED
+CVE-2017-12042
+	RESERVED
+CVE-2017-12041
+	RESERVED
+CVE-2017-12040
+	RESERVED
+CVE-2017-12039
+	RESERVED
+CVE-2017-12038
+	RESERVED
+CVE-2017-12037
+	RESERVED
+CVE-2017-12036
+	RESERVED
+CVE-2017-12035
+	RESERVED
+CVE-2017-12034
+	RESERVED
+CVE-2017-12033
+	RESERVED
+CVE-2017-12032
+	RESERVED
+CVE-2017-12031
+	RESERVED
+CVE-2017-12030
+	RESERVED
+CVE-2017-12029
+	RESERVED
+CVE-2017-12028
+	RESERVED
+CVE-2017-12027
+	RESERVED
+CVE-2017-12026
+	RESERVED
+CVE-2017-12025
+	RESERVED
+CVE-2017-12024
+	RESERVED
+CVE-2017-12023
+	RESERVED
+CVE-2017-12022
+	RESERVED
+CVE-2017-12021
+	RESERVED
+CVE-2017-12020
+	RESERVED
+CVE-2017-12019
+	RESERVED
+CVE-2017-12018
+	RESERVED
+CVE-2017-12017
+	RESERVED
+CVE-2017-12016
+	RESERVED
+CVE-2017-12015
+	RESERVED
+CVE-2017-12014
+	RESERVED
+CVE-2017-12013
+	RESERVED
+CVE-2017-12012
+	RESERVED
+CVE-2017-12011
+	RESERVED
+CVE-2017-12010
+	RESERVED
+CVE-2017-12009
+	RESERVED
+CVE-2017-12008
+	RESERVED
+CVE-2017-12007
+	RESERVED
+CVE-2017-12006
+	RESERVED
+CVE-2017-12005
+	RESERVED
+CVE-2017-12004
+	RESERVED
+CVE-2017-12003
+	RESERVED
+CVE-2017-12002
+	RESERVED
+CVE-2017-12001
+	RESERVED
+CVE-2017-12000
+	RESERVED
+CVE-2017-11999
+	RESERVED
+CVE-2017-11998
+	RESERVED
+CVE-2017-11997
+	RESERVED
+CVE-2017-11996
+	RESERVED
+CVE-2017-11995
+	RESERVED
+CVE-2017-11994
+	RESERVED
+CVE-2017-11993
+	RESERVED
+CVE-2017-11992
+	RESERVED
+CVE-2017-11991
+	RESERVED
+CVE-2017-11990
+	RESERVED
+CVE-2017-11989
+	RESERVED
+CVE-2017-11988
+	RESERVED
+CVE-2017-11987
+	RESERVED
+CVE-2017-11986
+	RESERVED
+CVE-2017-11985
+	RESERVED
+CVE-2017-11984
+	RESERVED
+CVE-2017-11983
+	RESERVED
+CVE-2017-11982
+	RESERVED
+CVE-2017-11981
+	RESERVED
+CVE-2017-11980
+	RESERVED
+CVE-2017-11979
+	RESERVED
+CVE-2017-11978
+	RESERVED
+CVE-2017-11977
+	RESERVED
+CVE-2017-11976
+	RESERVED
+CVE-2017-11975
+	RESERVED
+CVE-2017-11974
+	RESERVED
+CVE-2017-11973
+	RESERVED
+CVE-2017-11972
+	RESERVED
+CVE-2017-11971
+	RESERVED
+CVE-2017-11970
+	RESERVED
+CVE-2017-11969
+	RESERVED
+CVE-2017-11968
+	RESERVED
+CVE-2017-11967
+	RESERVED
+CVE-2017-11966
+	RESERVED
+CVE-2017-11965
+	RESERVED
+CVE-2017-11964
+	RESERVED
+CVE-2017-11963
+	RESERVED
+CVE-2017-11962
+	RESERVED
+CVE-2017-11961
+	RESERVED
+CVE-2017-11960
+	RESERVED
+CVE-2017-11959
+	RESERVED
+CVE-2017-11958
+	RESERVED
+CVE-2017-11957
+	RESERVED
+CVE-2017-11956
+	RESERVED
+CVE-2017-11955
+	RESERVED
+CVE-2017-11954
+	RESERVED
+CVE-2017-11953
+	RESERVED
+CVE-2017-11952
+	RESERVED
+CVE-2017-11951
+	RESERVED
+CVE-2017-11950
+	RESERVED
+CVE-2017-11949
+	RESERVED
+CVE-2017-11948
+	RESERVED
+CVE-2017-11947
+	RESERVED
+CVE-2017-11946
+	RESERVED
+CVE-2017-11945
+	RESERVED
+CVE-2017-11944
+	RESERVED
+CVE-2017-11943
+	RESERVED
+CVE-2017-11942
+	RESERVED
+CVE-2017-11941
+	RESERVED
+CVE-2017-11940
+	RESERVED
+CVE-2017-11939
+	RESERVED
+CVE-2017-11938
+	RESERVED
+CVE-2017-11937
+	RESERVED
+CVE-2017-11936
+	RESERVED
+CVE-2017-11935
+	RESERVED
+CVE-2017-11934
+	RESERVED
+CVE-2017-11933
+	RESERVED
+CVE-2017-11932
+	RESERVED
+CVE-2017-11931
+	RESERVED
+CVE-2017-11930
+	RESERVED
+CVE-2017-11929
+	RESERVED
+CVE-2017-11928
+	RESERVED
+CVE-2017-11927
+	RESERVED
+CVE-2017-11926
+	RESERVED
+CVE-2017-11925
+	RESERVED
+CVE-2017-11924
+	RESERVED
+CVE-2017-11923
+	RESERVED
+CVE-2017-11922
+	RESERVED
+CVE-2017-11921
+	RESERVED
+CVE-2017-11920
+	RESERVED
+CVE-2017-11919
+	RESERVED
+CVE-2017-11918
+	RESERVED
+CVE-2017-11917
+	RESERVED
+CVE-2017-11916
+	RESERVED
+CVE-2017-11915
+	RESERVED
+CVE-2017-11914
+	RESERVED
+CVE-2017-11913
+	RESERVED
+CVE-2017-11912
+	RESERVED
+CVE-2017-11911
+	RESERVED
+CVE-2017-11910
+	RESERVED
+CVE-2017-11909
+	RESERVED
+CVE-2017-11908
+	RESERVED
+CVE-2017-11907
+	RESERVED
+CVE-2017-11906
+	RESERVED
+CVE-2017-11905
+	RESERVED
+CVE-2017-11904
+	RESERVED
+CVE-2017-11903
+	RESERVED
+CVE-2017-11902
+	RESERVED
+CVE-2017-11901
+	RESERVED
+CVE-2017-11900
+	RESERVED
+CVE-2017-11899
+	RESERVED
+CVE-2017-11898
+	RESERVED
+CVE-2017-11897
+	RESERVED
+CVE-2017-11896
+	RESERVED
+CVE-2017-11895
+	RESERVED
+CVE-2017-11894
+	RESERVED
+CVE-2017-11893
+	RESERVED
+CVE-2017-11892
+	RESERVED
+CVE-2017-11891
+	RESERVED
+CVE-2017-11890
+	RESERVED
+CVE-2017-11889
+	RESERVED
+CVE-2017-11888
+	RESERVED
+CVE-2017-11887
+	RESERVED
+CVE-2017-11886
+	RESERVED
+CVE-2017-11885
+	RESERVED
+CVE-2017-11884
+	RESERVED
+CVE-2017-11883
+	RESERVED
+CVE-2017-11882
+	RESERVED
+CVE-2017-11881
+	RESERVED
+CVE-2017-11880
+	RESERVED
+CVE-2017-11879
+	RESERVED
+CVE-2017-11878
+	RESERVED
+CVE-2017-11877
+	RESERVED
+CVE-2017-11876
+	RESERVED
+CVE-2017-11875
+	RESERVED
+CVE-2017-11874
+	RESERVED
+CVE-2017-11873
+	RESERVED
+CVE-2017-11872
+	RESERVED
+CVE-2017-11871
+	RESERVED
+CVE-2017-11870
+	RESERVED
+CVE-2017-11869
+	RESERVED
+CVE-2017-11868
+	RESERVED
+CVE-2017-11867
+	RESERVED
+CVE-2017-11866
+	RESERVED
+CVE-2017-11865
+	RESERVED
+CVE-2017-11864
+	RESERVED
+CVE-2017-11863
+	RESERVED
+CVE-2017-11862
+	RESERVED
+CVE-2017-11861
+	RESERVED
+CVE-2017-11860
+	RESERVED
+CVE-2017-11859
+	RESERVED
+CVE-2017-11858
+	RESERVED
+CVE-2017-11857
+	RESERVED
+CVE-2017-11856
+	RESERVED
+CVE-2017-11855
+	RESERVED
+CVE-2017-11854
+	RESERVED
+CVE-2017-11853
+	RESERVED
+CVE-2017-11852
+	RESERVED
+CVE-2017-11851
+	RESERVED
+CVE-2017-11850
+	RESERVED
+CVE-2017-11849
+	RESERVED
+CVE-2017-11848
+	RESERVED
+CVE-2017-11847
+	RESERVED
+CVE-2017-11846
+	RESERVED
+CVE-2017-11845
+	RESERVED
+CVE-2017-11844
+	RESERVED
+CVE-2017-11843
+	RESERVED
+CVE-2017-11842
+	RESERVED
+CVE-2017-11841
+	RESERVED
+CVE-2017-11840
+	RESERVED
+CVE-2017-11839
+	RESERVED
+CVE-2017-11838
+	RESERVED
+CVE-2017-11837
+	RESERVED
+CVE-2017-11836
+	RESERVED
+CVE-2017-11835
+	RESERVED
+CVE-2017-11834
+	RESERVED
+CVE-2017-11833
+	RESERVED
+CVE-2017-11832
+	RESERVED
+CVE-2017-11831
+	RESERVED
+CVE-2017-11830
+	RESERVED
+CVE-2017-11829
+	RESERVED
+CVE-2017-11828
+	RESERVED
+CVE-2017-11827
+	RESERVED
+CVE-2017-11826
+	RESERVED
+CVE-2017-11825
+	RESERVED
+CVE-2017-11824
+	RESERVED
+CVE-2017-11823
+	RESERVED
+CVE-2017-11822
+	RESERVED
+CVE-2017-11821
+	RESERVED
+CVE-2017-11820
+	RESERVED
+CVE-2017-11819
+	RESERVED
+CVE-2017-11818
+	RESERVED
+CVE-2017-11817
+	RESERVED
+CVE-2017-11816
+	RESERVED
+CVE-2017-11815
+	RESERVED
+CVE-2017-11814
+	RESERVED
+CVE-2017-11813
+	RESERVED
+CVE-2017-11812
+	RESERVED
+CVE-2017-11811
+	RESERVED
+CVE-2017-11810
+	RESERVED
+CVE-2017-11809
+	RESERVED
+CVE-2017-11808
+	RESERVED
+CVE-2017-11807
+	RESERVED
+CVE-2017-11806
+	RESERVED
+CVE-2017-11805
+	RESERVED
+CVE-2017-11804
+	RESERVED
+CVE-2017-11803
+	RESERVED
+CVE-2017-11802
+	RESERVED
+CVE-2017-11801
+	RESERVED
+CVE-2017-11800
+	RESERVED
+CVE-2017-11799
+	RESERVED
+CVE-2017-11798
+	RESERVED
+CVE-2017-11797
+	RESERVED
+CVE-2017-11796
+	RESERVED
+CVE-2017-11795
+	RESERVED
+CVE-2017-11794
+	RESERVED
+CVE-2017-11793
+	RESERVED
+CVE-2017-11792
+	RESERVED
+CVE-2017-11791
+	RESERVED
+CVE-2017-11790
+	RESERVED
+CVE-2017-11789
+	RESERVED
+CVE-2017-11788
+	RESERVED
+CVE-2017-11787
+	RESERVED
+CVE-2017-11786
+	RESERVED
+CVE-2017-11785
+	RESERVED
+CVE-2017-11784
+	RESERVED
+CVE-2017-11783
+	RESERVED
+CVE-2017-11782
+	RESERVED
+CVE-2017-11781
+	RESERVED
+CVE-2017-11780
+	RESERVED
+CVE-2017-11779
+	RESERVED
+CVE-2017-11778
+	RESERVED
+CVE-2017-11777
+	RESERVED
+CVE-2017-11776
+	RESERVED
+CVE-2017-11775
+	RESERVED
+CVE-2017-11774
+	RESERVED
+CVE-2017-11773
+	RESERVED
+CVE-2017-11772
+	RESERVED
+CVE-2017-11771
+	RESERVED
+CVE-2017-11770
+	RESERVED
+CVE-2017-11769
+	RESERVED
+CVE-2017-11768
+	RESERVED
+CVE-2017-11767
+	RESERVED
+CVE-2017-11766
+	RESERVED
+CVE-2017-11765
+	RESERVED
+CVE-2017-11764
+	RESERVED
+CVE-2017-11763
+	RESERVED
+CVE-2017-11762
+	RESERVED
+CVE-2017-11761
+	RESERVED
 CVE-2017-11760 (uploadImage.php in ProjeQtOr before 6.3.2 allows remote authenticated ...)
 	NOT-FOR-US: ProjeQtOr
 CVE-2017-11759
@@ -131,10 +873,10 @@
 CVE-2017-11728 (A heap-based buffer over-read was found in the function OpCode (called ...)
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/82
-CVE-2017-11727
-	RESERVED
-CVE-2017-11726
-	RESERVED
+CVE-2017-11727 (services/system_io/actionprocessor/Contact.rails in ConnectWise Manage ...)
+	TODO: check
+CVE-2017-11726 (services/system_io/actionprocessor/System.rails in ConnectWise Manage ...)
+	TODO: check
 CVE-2017-11725 (The share function in Thycotic Secret Server before 10.2.000019 ...)
 	NOT-FOR-US: Thycotic Secret Server
 CVE-2017-11723 (Directory traversal vulnerability in plugins/ImageManager/backend.php ...)
@@ -199,6 +941,7 @@
 CVE-2017-11715 (job/uploadfile_save.php in MetInfo through 5.3.17 blocks the .php ...)
 	NOT-FOR-US: MetInfo
 CVE-2017-11714 (psi/ztoken.c in Artifex Ghostscript 9.21 mishandles references to the ...)
+	{DLA-1048-1}
 	- ghostscript <unfixed> (bug #869977)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698158
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=671fd59eb657743aa86fbc1895cb15872a317caa
@@ -377,8 +1120,8 @@
 	RESERVED
 CVE-2017-11649
 	RESERVED
-CVE-2017-11648
-	RESERVED
+CVE-2017-11648 (Techroutes TR 1803-3G Wireless Cellular Router/Modem 2.4.25 devices do ...)
+	TODO: check
 CVE-2017-11647 (NetComm Wireless 4GT101W routers with Hardware: 0.01 / Software: ...)
 	NOT-FOR-US: NetComm Wireless 4GT101W routers
 CVE-2017-11646 (NetComm Wireless 4GT101W routers with Hardware: 0.01 / Software: ...)
@@ -3755,6 +4498,7 @@
 CVE-2017-9836 (Cross-site scripting (XSS) vulnerability in Piwigo 2.9.1 allows remote ...)
 	- piwigo <removed>
 CVE-2017-9835 (The gs_alloc_ref_array function in psi/ialloc.c in Artifex Ghostscript ...)
+	{DLA-1048-1}
 	- ghostscript <unfixed> (bug #869907)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697985
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=cfde94be1d4286bc47633c6e6eaf4e659bd78066
@@ -5570,6 +6314,7 @@
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698064
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=961b10cdd71403072fb99401a45f3bef6ce53626
 CVE-2017-9739 (The Ins_JMPR function in base/ttinterp.c in Artifex Ghostscript ...)
+	{DLA-1048-1}
 	- ghostscript <unfixed> (bug #869910)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698063
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=c501a58f8d5650c8ba21d447c0d6f07eafcb0f15
@@ -5600,10 +6345,12 @@
 CVE-2017-9728 (In uClibc 0.9.33.2, there is an out-of-bounds read in the get_subexp ...)
 	- uclibc <unfixed> (unimportant)
 CVE-2017-9727 (The gx_ttfReader__Read function in base/gxttfb.c in Artifex Ghostscript ...)
+	{DLA-1048-1}
 	- ghostscript <unfixed> (bug #869913)
 	NOTE: http://bugs.ghostscript.com/show_bug.cgi?id=698056
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=937ccd17ac65935633b2ebc06cb7089b91e17e6b
 CVE-2017-9726 (The Ins_MDRP function in base/ttinterp.c in Artifex Ghostscript ...)
+	{DLA-1048-1}
 	- ghostscript <unfixed> (bug #869915)
 	NOTE: http://bugs.ghostscript.com/show_bug.cgi?id=698055
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=7755e67116e8973ee0e3b22d653df026a84fa01b
@@ -5871,10 +6618,12 @@
 CVE-2017-9613 (Stored Cross-site scripting (XSS) vulnerability in SAP SuccessFactors ...)
 	NOT-FOR-US: SAP SuccessFactors
 CVE-2017-9612 (The Ins_IP function in base/ttinterp.c in Artifex Ghostscript GhostXPS ...)
+	{DLA-1048-1}
 	- ghostscript <unfixed> (bug #869916)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698026
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=98f6da60b9d463c617e631fc254cf6d66f2e8e3c
 CVE-2017-9611 (The Ins_MIRP function in base/ttinterp.c in Artifex Ghostscript ...)
+	{DLA-1048-1}
 	- ghostscript <unfixed> (bug #869917)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698024
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=c7c55972758a93350882c32147801a3485b010fe
@@ -13448,7 +14197,7 @@
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1000
 	NOTE: https://git.libav.org/?p=libav.git;a=commit;h=522d850e68ec4b77d3477b3c8f55b1ba00a9d69a
 CVE-2017-7207 (The mem_get_bits_rectangle function in Artifex Software, Inc. ...)
-	{DSA-3838-1}
+	{DSA-3838-1 DLA-1048-1}
 	- ghostscript 9.20~dfsg-3 (bug #858350)
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=309eca4e0a31ea70dcc844812691439312dad091
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697676
@@ -26395,36 +27144,42 @@
 	RESERVED
 CVE-2017-2839 [Rdp Client License Read Challenge Packet Denial of Service]
 	RESERVED
+	{DSA-3923-1}
 	- freerdp 1.1.0~git20140921.1.440916e+dfsg1-14 (bug #869880)
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0341
 	NOTE: http://blog.talosintelligence.com/2017/07/vulnerbility-spotlight-freerdp-multiple.html
 	NOTE: https://github.com/FreeRDP/FreeRDP/commit/03ab68318966c3a22935a02838daaea7b7fbe96c (1.1)
 CVE-2017-2838 [Rdp Client License Read Product Info Denial of Service]
 	RESERVED
+	{DSA-3923-1}
 	- freerdp 1.1.0~git20140921.1.440916e+dfsg1-14 (bug #869880)
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0340
 	NOTE: http://blog.talosintelligence.com/2017/07/vulnerbility-spotlight-freerdp-multiple.html
 	NOTE: https://github.com/FreeRDP/FreeRDP/commit/03ab68318966c3a22935a02838daaea7b7fbe96c (1.1)
 CVE-2017-2837 [Rdp Client GCC Read Server Security Data Denial of Service]
 	RESERVED
+	{DSA-3923-1}
 	- freerdp 1.1.0~git20140921.1.440916e+dfsg1-14 (bug #869880)
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0339
 	NOTE: http://blog.talosintelligence.com/2017/07/vulnerbility-spotlight-freerdp-multiple.html
 	NOTE: https://github.com/FreeRDP/FreeRDP/commit/03ab68318966c3a22935a02838daaea7b7fbe96c (1.1)
 CVE-2017-2836 [Rdp Client Read Server Proprietary Certificate Denial of Service]
 	RESERVED
+	{DSA-3923-1}
 	- freerdp 1.1.0~git20140921.1.440916e+dfsg1-14 (bug #869880)
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0338
 	NOTE: http://blog.talosintelligence.com/2017/07/vulnerbility-spotlight-freerdp-multiple.html
 	NOTE: https://github.com/FreeRDP/FreeRDP/commit/03ab68318966c3a22935a02838daaea7b7fbe96c (1.1)
 CVE-2017-2835 [Out-of-bounds write in rdp_recv_tpkt_pdu]
 	RESERVED
+	{DSA-3923-1}
 	- freerdp 1.1.0~git20140921.1.440916e+dfsg1-14 (bug #869880)
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0337
 	NOTE: http://blog.talosintelligence.com/2017/07/vulnerbility-spotlight-freerdp-multiple.html
 	NOTE: https://github.com/FreeRDP/FreeRDP/commit/03ab68318966c3a22935a02838daaea7b7fbe96c (1.1)
 CVE-2017-2834 [Out-of-bounds write in license_recv()]
 	RESERVED
+	{DSA-3923-1}
 	- freerdp 1.1.0~git20140921.1.440916e+dfsg1-14 (bug #869880)
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0336
 	NOTE: http://blog.talosintelligence.com/2017/07/vulnerbility-spotlight-freerdp-multiple.html
@@ -29419,8 +30174,8 @@
 	RESERVED
 CVE-2017-1497
 	RESERVED
-CVE-2017-1496
-	RESERVED
+CVE-2017-1496 (IBM Sterling B2B Integrator Standard Edition 5.2.x is vulnerable to ...)
+	TODO: check
 CVE-2017-1495
 	RESERVED
 CVE-2017-1494
@@ -29491,8 +30246,8 @@
 	RESERVED
 CVE-2017-1461
 	RESERVED
-CVE-2017-1460
-	RESERVED
+CVE-2017-1460 (IBM i OSPF 6.1, 7.1, 7.2, and 7.3 is vulnerable when a rogue router ...)
+	TODO: check
 CVE-2017-1459
 	RESERVED
 CVE-2017-1458
@@ -29639,8 +30394,8 @@
 	RESERVED
 CVE-2017-1387
 	RESERVED
-CVE-2017-1386
-	RESERVED
+CVE-2017-1386 (IBM API Connect 5.0.0.0 could allow a user to bypass policy ...)
+	TODO: check
 CVE-2017-1385
 	RESERVED
 CVE-2017-1384
@@ -29671,8 +30426,8 @@
 	NOT-FOR-US: IBM
 CVE-2017-1371 (Builder tools running in the IBM TRIRIGA Application Platform 3.3, ...)
 	NOT-FOR-US: IBM
-CVE-2017-1370
-	RESERVED
+CVE-2017-1370 (IBM Jazz Reporting Service (JRS) 5.0 and 6.0 could disclose sentive ...)
+	TODO: check
 CVE-2017-1369
 	RESERVED
 CVE-2017-1368
@@ -29747,8 +30502,8 @@
 	RESERVED
 CVE-2017-1333
 	RESERVED
-CVE-2017-1332
-	RESERVED
+CVE-2017-1332 (IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This ...)
+	TODO: check
 CVE-2017-1331
 	RESERVED
 CVE-2017-1330
@@ -29805,8 +30560,8 @@
 	NOT-FOR-US: IBM
 CVE-2017-1304 (IBM has identified a vulnerability with IBM Spectrum Scale/GPFS ...)
 	NOT-FOR-US: IBM
-CVE-2017-1303
-	RESERVED
+CVE-2017-1303 (IBM WebSphere Portal and Web Content Manager 7.0, 8.0, 8.5, and 9.0 is ...)
+	TODO: check
 CVE-2017-1302 (IBM Sterling B2B Integrator Standard Edition 5.2 could allow a local ...)
 	NOT-FOR-US: IBM
 CVE-2017-1301
@@ -29957,8 +30712,8 @@
 	RESERVED
 CVE-2017-1228
 	RESERVED
-CVE-2017-1227
-	RESERVED
+CVE-2017-1227 (IBM Tivoli Endpoint Manager could allow a unauthorized user to consume ...)
+	TODO: check
 CVE-2017-1226
 	RESERVED
 CVE-2017-1225
@@ -30726,18 +31481,18 @@
 	RESERVED
 CVE-2016-9720 (IBM QRadar 7.2 discloses sensitive information to unauthorized users. ...)
 	NOT-FOR-US: IBM
-CVE-2016-9719
-	RESERVED
-CVE-2016-9718
-	RESERVED
-CVE-2016-9717
-	RESERVED
-CVE-2016-9716
-	RESERVED
-CVE-2016-9715
-	RESERVED
-CVE-2016-9714
-	RESERVED
+CVE-2016-9719 (IBM InfoSphere Master Data Management Server 10.1. 11.0. 11.3, 11.4, ...)
+	TODO: check
+CVE-2016-9718 (IBM InfoSphere Master Data Management Server 10.1. 11.0. 11.3, 11.4, ...)
+	TODO: check
+CVE-2016-9717 (HTTP Parameter Override is identified in the IBM Infosphere Master ...)
+	TODO: check
+CVE-2016-9716 (IBM InfoSphere Master Data Management Server 11.0, 11.3, 11.4, 11.5, ...)
+	TODO: check
+CVE-2016-9715 (IBM InfoSphere Master Data Management Server 11.0, 11.3, 11.4, 11.5, ...)
+	TODO: check
+CVE-2016-9714 (IBM InfoSphere Master Data Management Server 10.1, 11.0, 11.3, 11.4, ...)
+	TODO: check
 CVE-2016-9713
 	RESERVED
 CVE-2016-9712




More information about the Secure-testing-commits mailing list