[Secure-testing-commits] r49385 - data/CVE

Fri Mar 3 09:10:17 UTC 2017

Author: sectracker
Date: 2017-03-03 09:10:17 +0000 (Fri, 03 Mar 2017)
New Revision: 49385

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2017-03-03 08:15:11 UTC (rev 49384)
+++ data/CVE/list	2017-03-03 09:10:17 UTC (rev 49385)
@@ -1,3 +1,13 @@
+CVE-2017-6446
+	RESERVED
+CVE-2017-6445
+	RESERVED
+CVE-2017-6444
+	RESERVED
+CVE-2017-6443
+	RESERVED
+CVE-2002-2447
+	RESERVED
 CVE-2017-XXXX [dns: out of bound memory read]
 	- suricata <unfixed>
 	NOTE: https://redmine.openinfosecfoundation.org/issues/2022
@@ -939,12 +949,12 @@
 	RESERVED
 CVE-2017-6105
 	RESERVED
-CVE-2017-6104
-	RESERVED
-CVE-2017-6103
-	RESERVED
-CVE-2017-6102
-	RESERVED
+CVE-2017-6104 (Remote file upload vulnerability in Wordpress Plugin Mobile App Native ...)
+	TODO: check
+CVE-2017-6103 (Persistent XSS Vulnerability in Wordpress plugin AnyVar v0.1.1. ...)
+	TODO: check
+CVE-2017-6102 (Persistent XSS in wordpress plugin rockhoist-badges v1.2.2. ...)
+	TODO: check
 CVE-2017-6384 (Memory leak in the login_user function in saslserv/main.c in ...)
 	- atheme-services 7.2.9-1 (bug #855588)
 	[jessie] - atheme-services <not-affected> (versions prior to 7.2.7 not vulnerable)
@@ -8898,8 +8908,8 @@
 	[wheezy] - openjdk-6 <end-of-life>
 CVE-2017-3230
 	RESERVED
-CVE-2016-9892
-	RESERVED
+CVE-2016-9892 (The esets_daemon service in ESET Endpoint Antivirus for macOS before ...)
+	TODO: check
 CVE-2016-9891 (Cross-site scripting (XSS) vulnerability in admin/media.php and ...)
 	- dotclear <removed>
 CVE-2016-9890
@@ -16462,8 +16472,7 @@
 	NOTE: Since 7.0.72-3, src:tomcat7 only builds the Servlet API
 	- tomcat6 6.0.41-3
 	NOTE: Since 6.0.41-3, src:tomcat6 only builds a servlet and docs in Jessie
-CVE-2016-10071 [mat file out of bound]
-	RESERVED
+CVE-2016-10071 (coders/mat.c in ImageMagick before 6.9.4-0 allows remote attackers to ...)
 	{DSA-3726-1 DLA-756-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #845246)
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1545366
@@ -16478,8 +16487,7 @@
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/131
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/b173a352397877775c51c9a0e9d59eb6ce24c455
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
-CVE-2016-10069 [Add check for invalid mat file]
-	RESERVED
+CVE-2016-10069 (coders/mat.c in ImageMagick before 6.9.4-5 allows remote attackers to ...)
 	{DSA-3726-1 DLA-756-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #845244)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/8a370f9ab120faf182aa160900ba692ba8e2bcf0
@@ -16503,8 +16511,7 @@
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/301
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/174de08d7c81ce147689f3b1c73fadd6bf1c023c
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/ce98a7acbcfca7f0a178f4b1e7b957e419e0cc99 (master)
-CVE-2016-10068 [Prevent fault in MSL interpreter]
-	RESERVED
+CVE-2016-10068 (The MSL interpreter in ImageMagick before 6.9.6-4 allows remote ...)
 	{DLA-756-1}
 	- imagemagick 8:6.9.6.5+dfsg-1 (bug #845241)
 	NOTE: https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=30797
@@ -16517,8 +16524,7 @@
 	[wheezy] - imagemagick <not-affected> (Vulnerable code using layer_info[i].info introduced later)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/4ec444f4eab88cf4bec664fafcf9cab50bc5ff6a
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
-CVE-2016-10067
-	RESERVED
+CVE-2016-10067 (magick/memory.c in ImageMagick before 6.9.4-5 allows remote attackers ...)
 	{DSA-3726-1 DLA-756-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #845213)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/0474237508f39c4f783208123431815f1ededb76
@@ -16537,20 +16543,17 @@
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/134463b926fa965571aa4febd61b810be5e7da05
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1545183
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
-CVE-2016-10064 [Better check for bufferoverflow for TIFF handling]
-	RESERVED
+CVE-2016-10064 (Buffer overflow in coders/tiff.c in ImageMagick before 6.9.5-1 allows ...)
 	{DSA-3726-1 DLA-756-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #845202)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/f8877abac8e568b2f339cca70c2c3c1b6eaec288
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
-CVE-2016-10063 [Check validity of extend during TIFF file reading]
-	RESERVED
+CVE-2016-10063 (Buffer overflow in coders/tiff.c in ImageMagick before 6.9.5-1 allows ...)
 	{DSA-3726-1 DLA-756-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #845198)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/2bb6941a2d557f26a2f2049ade466e118eeaab91
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
-CVE-2016-10062 [fwrite issue in ReadGROUP4Image]
-	RESERVED
+CVE-2016-10062 (The ReadGROUP4Image function in coders/tiff.c in ImageMagick does not ...)
 	{DSA-3799-1}
 	- imagemagick 8:6.9.7.4+dfsg-1 (bug #849439)
 	[wheezy] - imagemagick <no-dsa> (Minor issue)
@@ -16570,8 +16573,7 @@
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/4e914bbe371433f0590cefdf3bd5f3a5710069f9
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/196
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
-CVE-2016-10060
-	RESERVED
+CVE-2016-10060 (The ConcatenateImages function in MagickWand/magick-cli.c in ...)
 	{DLA-756-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #845196)
 	[jessie] - imagemagick <not-affected> (Vulnerable code not present)


