[Secure-testing-commits] r52523 - data/CVE

Mon Jun 12 21:10:13 UTC 2017

Author: sectracker
Date: 2017-06-12 21:10:13 +0000 (Mon, 12 Jun 2017)
New Revision: 52523

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2017-06-12 19:43:16 UTC (rev 52522)
+++ data/CVE/list	2017-06-12 21:10:13 UTC (rev 52523)
@@ -1,3 +1,107 @@
+CVE-2017-9601
+	RESERVED
+CVE-2017-9600
+	RESERVED
+CVE-2017-9599
+	RESERVED
+CVE-2017-9598
+	RESERVED
+CVE-2017-9597
+	RESERVED
+CVE-2017-9596
+	RESERVED
+CVE-2017-9595
+	RESERVED
+CVE-2017-9594
+	RESERVED
+CVE-2017-9593
+	RESERVED
+CVE-2017-9592
+	RESERVED
+CVE-2017-9591
+	RESERVED
+CVE-2017-9590
+	RESERVED
+CVE-2017-9589
+	RESERVED
+CVE-2017-9588
+	RESERVED
+CVE-2017-9587
+	RESERVED
+CVE-2017-9586
+	RESERVED
+CVE-2017-9585
+	RESERVED
+CVE-2017-9584
+	RESERVED
+CVE-2017-9583
+	RESERVED
+CVE-2017-9582
+	RESERVED
+CVE-2017-9581
+	RESERVED
+CVE-2017-9580
+	RESERVED
+CVE-2017-9579
+	RESERVED
+CVE-2017-9578
+	RESERVED
+CVE-2017-9577
+	RESERVED
+CVE-2017-9576
+	RESERVED
+CVE-2017-9575
+	RESERVED
+CVE-2017-9574
+	RESERVED
+CVE-2017-9573
+	RESERVED
+CVE-2017-9572
+	RESERVED
+CVE-2017-9571
+	RESERVED
+CVE-2017-9570
+	RESERVED
+CVE-2017-9569
+	RESERVED
+CVE-2017-9568
+	RESERVED
+CVE-2017-9567
+	RESERVED
+CVE-2017-9566
+	RESERVED
+CVE-2017-9565
+	RESERVED
+CVE-2017-9564
+	RESERVED
+CVE-2017-9563
+	RESERVED
+CVE-2017-9562
+	RESERVED
+CVE-2017-9561
+	RESERVED
+CVE-2017-9560
+	RESERVED
+CVE-2017-9559
+	RESERVED
+CVE-2017-9558
+	RESERVED
+CVE-2017-9557 (register.ghp in EFS Software Easy Chat Server versions 2.0 to 3.1 ...)
+	TODO: check
+CVE-2017-9556
+	RESERVED
+CVE-2017-9555
+	RESERVED
+CVE-2017-9554
+	RESERVED
+CVE-2017-9553
+	RESERVED
+CVE-2017-9552
+	RESERVED
+CVE-2015-9097 (The mail gem before 2.5.5 for Ruby (aka A Really Ruby Mail Library) is ...)
+	TODO: check
+CVE-2015-9096 (Net::SMTP in Ruby before 2.4.0 is vulnerable to SMTP command injection ...)
+	TODO: check
 CVE-2017-9551
 	RESERVED
 CVE-2017-9550
@@ -353,8 +457,8 @@
 	NOT-FOR-US: Spiffy Calendar plugin for WordPress
 CVE-2017-9419
 	RESERVED
-CVE-2017-9418
-	RESERVED
+CVE-2017-9418 (SQL injection vulnerability in the WP-Testimonials plugin 3.4.1 for ...)
+	TODO: check
 CVE-2017-9417 (Broadcom BCM43xx Wi-Fi chips allow remote attackers to execute ...)
 	NOT-FOR-US: Broadcom hardware issue
 CVE-2017-9416 (Directory traversal vulnerability in tools.file_open in Odoo 8.0, 9.0, ...)
@@ -784,7 +888,7 @@
 	RESERVED
 CVE-2015-9060
 	RESERVED
-CVE-2014-9984 [nscd aborts with "*** glibc detected *** /usr/sbin/nscd: realloc(): invalid next size"]
+CVE-2014-9984 (nscd in the GNU C Library (aka glibc or libc6) before version 2.20 does ...)
 	- glibc 2.19-14
 	- eglibc <removed>
 	NOTE: Upstream bug: https://sourceware.org/bugzilla/show_bug.cgi?id=16695
@@ -5292,13 +5396,11 @@
 	- hadoop <itp> (bug #793644)
 CVE-2017-7668
 	RESERVED
-CVE-2017-7667
-	RESERVED
+CVE-2017-7667 (Apache NiFi before 0.7.4 and 1.x before 1.3.0 need to establish the ...)
 	NOT-FOR-US: Apache NiFi
 CVE-2017-7666
 	RESERVED
-CVE-2017-7665
-	RESERVED
+CVE-2017-7665 (In Apache NiFi before 0.7.4 and 1.x before 1.3.0, there are certain ...)
 	NOT-FOR-US: Apache NiFi
 CVE-2017-7664
 	RESERVED
@@ -7683,8 +7785,8 @@
 	RESERVED
 CVE-2017-6893
 	RESERVED
-CVE-2017-6892
-	RESERVED
+CVE-2017-6892 (In libsndfile version 1.0.28, an error in the "aiff_read_chanmap()" ...)
+	TODO: check
 CVE-2017-6891 (Two errors in the "asn1_find_node()" function (lib/parser_aux.c) ...)
 	{DSA-3861-1 DLA-950-1}
 	- libtasn1-6 4.10-1.1 (bug #863186)
@@ -10278,15 +10380,19 @@
 	NOTE: Since 7.0.72-3, src:tomcat7 only builds the Servlet API
 	NOTE: https://bz.apache.org/bugzilla/show_bug.cgi?id=57544
 CVE-2017-5981 (seeko.c in zziplib 0.13.62 allows remote attackers to cause a denial ...)
+	{DSA-3878-1}
 	- zziplib 0.13.62-3.1 (bug #854727)
 	NOTE: http://blogs.gentoo.org/ago/2017/02/09/zziplib-assertion-failure-in-seeko-c/
 CVE-2017-5980 (The zzip_mem_entry_new function in memdisk.c in zziplib 0.13.62 allows ...)
+	{DSA-3878-1}
 	- zziplib 0.13.62-3.1 (bug #854727)
 	NOTE: http://blogs.gentoo.org/ago/2017/02/09/zziplib-null-pointer-dereference-in-zzip_mem_entry_new-memdisk-c/
 CVE-2017-5979 (The prescan_entry function in fseeko.c in zziplib 0.13.62 allows ...)
+	{DSA-3878-1}
 	- zziplib 0.13.62-3.1 (bug #854727)
 	NOTE: http://blogs.gentoo.org/ago/2017/02/09/zziplib-null-pointer-dereference-in-prescan_entry-fseeko-c/
 CVE-2017-5978 (The zzip_mem_entry_new function in memdisk.c in zziplib 0.13.62 allows ...)
+	{DSA-3878-1}
 	- zziplib 0.13.62-3.1 (bug #854727)
 	NOTE: http://blogs.gentoo.org/ago/2017/02/09/zziplib-out-of-bounds-read-in-zzip_mem_entry_new-memdisk-c/
 CVE-2017-5977 (The zzip_mem_entry_extra_block function in memdisk.c in zziplib ...)
@@ -10295,12 +10401,15 @@
 	[jessie] - zziplib <no-dsa> (Minor issue)
 	NOTE: http://blogs.gentoo.org/ago/2017/02/09/zziplib-invalid-memory-read-in-zzip_mem_entry_extra_block-memdisk-c/
 CVE-2017-5976 (Heap-based buffer overflow in the zzip_mem_entry_extra_block function ...)
+	{DSA-3878-1}
 	- zziplib 0.13.62-3.1 (bug #854727)
 	NOTE: http://blogs.gentoo.org/ago/2017/02/09/zziplib-heap-based-buffer-overflow-in-zzip_mem_entry_extra_block-memdisk-c/
 CVE-2017-5975 (Heap-based buffer overflow in the __zzip_get64 function in fetch.c in ...)
+	{DSA-3878-1}
 	- zziplib 0.13.62-3.1 (bug #854727)
 	NOTE: http://blogs.gentoo.org/ago/2017/02/09/zziplib-heap-based-buffer-overflow-in-__zzip_get64-fetch-c/
 CVE-2017-5974 (Heap-based buffer overflow in the __zzip_get32 function in fetch.c in ...)
+	{DSA-3878-1}
 	- zziplib 0.13.62-3.1 (bug #854727)
 	NOTE: http://blogs.gentoo.org/ago/2017/02/09/zziplib-heap-based-buffer-overflow-in-__zzip_get32-fetch-c/
 CVE-2017-5973 (The xhci_kick_epctx function in hw/usb/hcd-xhci.c in QEMU (aka Quick ...)
@@ -23113,12 +23222,12 @@
 	RESERVED
 CVE-2017-1279
 	RESERVED
-CVE-2017-1278
-	RESERVED
+CVE-2017-1278 (IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 and 6.0 is vulnerable to ...)
+	TODO: check
 CVE-2017-1277
 	RESERVED
-CVE-2017-1276
-	RESERVED
+CVE-2017-1276 (IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 and 6.0 is vulnerable to ...)
+	TODO: check
 CVE-2017-1275
 	RESERVED
 CVE-2017-1274 (IBM Domino 8.5.3, and 9.0 is vulnerable to a stack based overflow in ...)
@@ -23175,8 +23284,8 @@
 	RESERVED
 CVE-2017-1248
 	RESERVED
-CVE-2017-1247
-	RESERVED
+CVE-2017-1247 (IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 and 6.0 is vulnerable to ...)
+	TODO: check
 CVE-2017-1246
 	RESERVED
 CVE-2017-1245
@@ -23241,8 +23350,8 @@
 	RESERVED
 CVE-2017-1215
 	RESERVED
-CVE-2017-1214
-	RESERVED
+CVE-2017-1214 (IBM iNotes 8.5 and 9.0 could allow a remote attacker to send a ...)
+	TODO: check
 CVE-2017-1213
 	RESERVED
 CVE-2017-1212
@@ -27402,9 +27511,9 @@
 	NOT-FOR-US: Siemens SIMATIC
 CVE-2016-9158 (A vulnerability in SIEMENS SIMATIC S7-300 PN CPUs before V3.X.14 and ...)
 	NOT-FOR-US: Siemens SIMATIC
-CVE-2016-9157 (A vulnerability in Siemens SICAM PAS (all versions including V8.08) ...)
+CVE-2016-9157 (A vulnerability in Siemens SICAM PAS (all versions before V8.09) could ...)
 	NOT-FOR-US: Siemens SICAM PAS
-CVE-2016-9156 (A vulnerability in Siemens SICAM PAS (all versions including V8.08) ...)
+CVE-2016-9156 (A vulnerability in Siemens SICAM PAS (all versions before V8.09) could ...)
 	NOT-FOR-US: Siemens SICAM PAS
 CVE-2016-9155 (The following SIEMENS branded IP Camera Models CCMW3025, CVMW3025-IR, ...)
 	NOT-FOR-US: Siemens


