[Secure-testing-commits] r49701 - data/CVE

security tracker role sectracker at moszumanska.debian.org
Wed Mar 15 09:10:13 UTC 2017 

Author: sectracker
Date: 2017-03-15 09:10:13 +0000 (Wed, 15 Mar 2017)
New Revision: 49701

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-03-15 07:34:33 UTC (rev 49700)
+++ data/CVE/list	2017-03-15 09:10:13 UTC (rev 49701)
@@ -1,3 +1,25 @@
+CVE-2017-6910
+	RESERVED
+CVE-2017-6909 (An issue was discovered in Shimmie <= 2.5.1. The vulnerability exists ...)
+	TODO: check
+CVE-2017-6908 (An issue was discovered in concrete5 <= 5.6.3.4. The vulnerability ...)
+	TODO: check
+CVE-2017-6907 (An issue was discovered in Open.GL before 2017-03-13. The vulnerability ...)
+	TODO: check
+CVE-2017-6906 (An issue was discovered in SiberianCMS before 4.10.0. The vulnerability ...)
+	TODO: check
+CVE-2017-6905 (An issue was discovered in concrete5 <= 5.6.3.4. The vulnerability ...)
+	TODO: check
+CVE-2017-6904
+	RESERVED
+CVE-2017-6902 (Unrestricted file upload vulnerability in 'file upload' modules in ...)
+	TODO: check
+CVE-2017-6901
+	RESERVED
+CVE-2017-6900
+	RESERVED
+CVE-2017-6899
+	RESERVED
 CVE-2017-6898
 	RESERVED
 CVE-2017-6897
@@ -26,7 +48,7 @@
 	RESERVED
 CVE-2017-6885
 	RESERVED
-CVE-2017-6903
+CVE-2017-6903 (In ioquake3 before 2017-03-14, the auto-downloading feature has ...)
 	- ioquake3 1.36+u20161101+dfsg1-2 (bug #857699)
 	- iortcw 1.50a+dfsg1-3 (bug #857714)
 	NOTE: https://ioquake3.org/2017/03/13/important-security-update-please-update-ioquake3-immediately/
@@ -178,7 +200,8 @@
 	NOTE: https://github.com/mpruett/audiofile/issues/32
 	NOTE: https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-msadpcminitializecoefficients-msadpcm-cpp
 	NOTE: https://github.com/mpruett/audiofile/commit/c48e4c6503f7dabd41f11d4c9c7b7f8960e7f2c0
-CVE-2016-10252
+CVE-2016-10252 (Memory leak in the IsOptionMember function in MagickCore/option.c in ...)
+	{DSA-3808-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #857426)
 	NOTE: Fixed by: http://git.imagemagick.org/repos/ImageMagick/commit/6790815c75bdea0357df5564345847856e995d6b
 CVE-2016-10251 [use of uninitialized value in jpc_pi_nextcprl (jpc_t2cod.c)]
@@ -1433,32 +1456,32 @@
 	[jessie] - php5 5.6.29+dfsg-0+deb8u1
 	NOTE: Fixed in 7.1.0, 7.0.14, 5.6.29
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=69090
-CVE-2015-8993
-	RESERVED
-CVE-2015-8992
-	RESERVED
-CVE-2015-8991
-	RESERVED
-CVE-2015-8990
-	RESERVED
-CVE-2015-8989
-	RESERVED
-CVE-2015-8988
-	RESERVED
-CVE-2015-8987
-	RESERVED
-CVE-2015-8986
-	RESERVED
-CVE-2014-9921
-	RESERVED
-CVE-2014-9920
-	RESERVED
-CVE-2013-7462
-	RESERVED
-CVE-2013-7461
-	RESERVED
-CVE-2013-7460
-	RESERVED
+CVE-2015-8993 (Malicious file execution vulnerability in Intel Security CloudAV ...)
+	TODO: check
+CVE-2015-8992 (Malicious file execution vulnerability in Intel Security WebAdvisor ...)
+	TODO: check
+CVE-2015-8991 (Malicious file execution vulnerability in Intel Security McAfee ...)
+	TODO: check
+CVE-2015-8990 (Detection bypass vulnerability in Intel Security Advanced Threat ...)
+	TODO: check
+CVE-2015-8989 (Unsalted password vulnerability in the Enterprise Manager (web portal) ...)
+	TODO: check
+CVE-2015-8988 (Unquoted executable path vulnerability in Client Management and ...)
+	TODO: check
+CVE-2015-8987 (Man-in-the-middle (MitM) attack vulnerability in non-Mac OS agents in ...)
+	TODO: check
+CVE-2015-8986 (Sandbox detection evasion vulnerability in hardware appliances in ...)
+	TODO: check
+CVE-2014-9921 (Information disclosure vulnerability in McAfee (now Intel Security) ...)
+	TODO: check
+CVE-2014-9920 (Unauthorized execution of binary vulnerability in McAfee (now Intel ...)
+	TODO: check
+CVE-2013-7462 (A directory traversal vulnerability in the web application in McAfee ...)
+	TODO: check
+CVE-2013-7461 (A write protection and execution bypass vulnerability in McAfee (now ...)
+	TODO: check
+CVE-2013-7460 (A write protection and execution bypass vulnerability in McAfee (now ...)
+	TODO: check
 CVE-2017-6355 (Integer overflow in the vrend_create_shader function in ...)
 	- virglrenderer <unfixed>
 	NOTE: Fixed by: https://cgit.freedesktop.org/virglrenderer/commit/?id=93761787b29f37fa627dea9082cdfc1a1ec608d6 (0.6.0)
@@ -8068,8 +8091,8 @@
 	RESERVED
 CVE-2017-3900
 	RESERVED
-CVE-2017-3899
-	RESERVED
+CVE-2017-3899 (SQL injection vulnerability in Intel Security Advanced Threat Defense ...)
+	TODO: check
 CVE-2017-3898
 	RESERVED
 CVE-2017-3897
@@ -22794,52 +22817,52 @@
 	RESERVED
 CVE-2016-8028
 	RESERVED
-CVE-2016-8027
-	RESERVED
-CVE-2016-8026
-	RESERVED
-CVE-2016-8025
-	RESERVED
-CVE-2016-8024
-	RESERVED
-CVE-2016-8023
-	RESERVED
-CVE-2016-8022
-	RESERVED
-CVE-2016-8021
-	RESERVED
-CVE-2016-8020
-	RESERVED
-CVE-2016-8019
-	RESERVED
-CVE-2016-8018
-	RESERVED
-CVE-2016-8017
-	RESERVED
-CVE-2016-8016
-	RESERVED
+CVE-2016-8027 (SQL injection vulnerability in core services in Intel Security McAfee ...)
+	TODO: check
+CVE-2016-8026 (Arbitrary command execution vulnerability in Intel Security McAfee ...)
+	TODO: check
+CVE-2016-8025 (SQL injection vulnerability in Intel Security VirusScan Enterprise ...)
+	TODO: check
+CVE-2016-8024 (Improper neutralization of CRLF sequences in HTTP headers ...)
+	TODO: check
+CVE-2016-8023 (Authentication bypass by assumed-immutable data vulnerability in Intel ...)
+	TODO: check
+CVE-2016-8022 (Authentication bypass by spoofing vulnerability in Intel Security ...)
+	TODO: check
+CVE-2016-8021 (Improper verification of cryptographic signature vulnerability in ...)
+	TODO: check
+CVE-2016-8020 (Improper control of generation of code vulnerability in Intel Security ...)
+	TODO: check
+CVE-2016-8019 (Cross-site scripting (XSS) vulnerability in attributes in Intel ...)
+	TODO: check
+CVE-2016-8018 (Cross-site request forgery (CSRF) vulnerability in Intel Security ...)
+	TODO: check
+CVE-2016-8017 (Special element injection vulnerability in Intel Security VirusScan ...)
+	TODO: check
+CVE-2016-8016 (Information exposure in Intel Security VirusScan Enterprise Linux ...)
+	TODO: check
 CVE-2016-8015
 	RESERVED
 CVE-2016-8014
 	RESERVED
 CVE-2016-8013
 	RESERVED
-CVE-2016-8012
-	RESERVED
-CVE-2016-8011
-	RESERVED
-CVE-2016-8010
-	RESERVED
-CVE-2016-8009
-	RESERVED
-CVE-2016-8008
-	RESERVED
-CVE-2016-8007
-	RESERVED
+CVE-2016-8012 (Access control vulnerability in Intel Security Data Loss Prevention ...)
+	TODO: check
+CVE-2016-8011 (Cross-site scripting vulnerability in Intel Security McAfee Endpoint ...)
+	TODO: check
+CVE-2016-8010 (Application protections bypass vulnerability in Intel Security McAfee ...)
+	TODO: check
+CVE-2016-8009 (Privilege escalation vulnerability in Intel Security McAfee ...)
+	TODO: check
+CVE-2016-8008 (Privilege escalation vulnerability in Windows 7 and Windows 10 in ...)
+	TODO: check
+CVE-2016-8007 (Authentication bypass vulnerability in McAfee Host Intrusion ...)
+	TODO: check
 CVE-2016-8006 (Authentication bypass vulnerability in Enterprise Security Manager ...)
 	NOT-FOR-US: Intel Security McAfee Security Information and Event Management
-CVE-2016-8005
-	RESERVED
+CVE-2016-8005 (File extension filtering vulnerability in Intel Security McAfee Email ...)
+	TODO: check
 CVE-2016-8004
 	RESERVED
 CVE-2016-8003

More information about the Secure-testing-commits mailing list