[Secure-testing-commits] r49733 - data/CVE

security tracker role sectracker at moszumanska.debian.org
Fri Mar 17 09:10:12 UTC 2017 

Author: sectracker
Date: 2017-03-17 09:10:12 +0000 (Fri, 17 Mar 2017)
New Revision: 49733

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-03-17 08:38:18 UTC (rev 49732)
+++ data/CVE/list	2017-03-17 09:10:12 UTC (rev 49733)
@@ -1,6 +1,37 @@
+CVE-2017-6967
+	RESERVED
+CVE-2017-6966
+	RESERVED
+CVE-2017-6965
+	RESERVED
+CVE-2017-6964
+	RESERVED
+CVE-2017-6963
+	RESERVED
+CVE-2017-6962
+	RESERVED
+CVE-2017-6961
+	RESERVED
+CVE-2017-6960
+	RESERVED
+CVE-2017-6959
+	RESERVED
+CVE-2017-6958
+	RESERVED
+CVE-2017-6957
+	RESERVED
+CVE-2017-6956
+	RESERVED
+CVE-2017-6955
+	RESERVED
+CVE-2017-6954
+	RESERVED
+CVE-2017-6953
+	RESERVED
+CVE-2017-6952 (Integer overflow in the cs_winkernel_malloc function in winkernel_mm.c ...)
+	TODO: check
 CVE-2017-9999
 	REJECTED
-	TODO: check
 CVE-2017-6951 (The keyring_search_aux function in security/keys/keyring.c in the Linux ...)
 	- linux <undetermined>
 	TODO: check, status yet unclear, tracked for now in kernel-sec
@@ -1108,41 +1139,49 @@
 CVE-2017-6475
 	RESERVED
 CVE-2017-6474 (In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a NetScaler ...)
+	{DLA-858-1}
 	- wireshark 2.2.5+g440fd4d-2
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-07.html
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=a998c9195f183d85f5b0bbeebba21a2d4d303d47
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13429
 CVE-2017-6473 (In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a K12 file ...)
+	{DLA-858-1}
 	- wireshark 2.2.5+g440fd4d-2
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-09.html
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=7edc761a01cda8e1b37677f673985582330317d2
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13431
 CVE-2017-6472 (In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is an RTMPT ...)
+	{DLA-858-1}
 	- wireshark 2.2.5+g440fd4d-2
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-04.html
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=2b3a0909beff8963b390034c594e0b6be6a4e531
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13347
 CVE-2017-6471 (In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a WSP ...)
+	{DLA-858-1}
 	- wireshark 2.2.5+g440fd4d-2
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-05.html
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=62afef41277dfac37f515207ca73d33306e3302b
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13348
 CVE-2017-6470 (In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is an IAX2 ...)
+	{DLA-858-1}
 	- wireshark 2.2.5+g440fd4d-2
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-10.html
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=0b89174ef4c531a1917437fff586fe525ee7bf2d
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13432
 CVE-2017-6469 (In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is an LDSS ...)
+	{DLA-858-1}
 	- wireshark 2.2.5+g440fd4d-2
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-03.html
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=4f753c127082d5e28abf482d6d175cbfee6661f7
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13346
 CVE-2017-6468 (In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a NetScaler ...)
+	{DLA-858-1}
 	- wireshark 2.2.5+g440fd4d-2
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-08.html
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=9f3bc84b7e7e435c50b8b68f0fc526d0f5676cbf
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13430
 CVE-2017-6467 (In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a Netscaler ...)
+	{DLA-858-1}
 	- wireshark 2.2.5+g440fd4d-2
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-11.html
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=284ad58d288722a8725401967bff0c4455488f0c
@@ -3648,6 +3687,7 @@
 	NOTE: https://github.com/netblue30/firejail/commit/b8a4ff9775318ca5e679183884a6a63f3da8f863 (0.9.44.6)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/29/4
 CVE-2016-10187 (The E-book viewer in calibre before 2.75 allows remote attackers to ...)
+	{DLA-859-1}
 	- calibre 2.75.1+dfsg-1 (bug #853004)
 	NOTE: Upstream report: https://launchpad.net/bugs/1651728
 	NOTE: Upstream fix: https://github.com/kovidgoyal/calibre/commit/3a89718664cb8cce0449d1758eee585ed0d0433c
@@ -3805,10 +3845,12 @@
 	NOTE: Introduced in (master): http://git.savannah.gnu.org/cgit/screen.git/commit/?id=c575c40c9bd7653470639da32e06faed0a9b2ec4
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/24/10
 CVE-2017-5597 (In Wireshark 2.2.0 to 2.2.3 and 2.0.0 to 2.0.9, the DHCPv6 dissector ...)
+	{DLA-858-1}
 	- wireshark 2.2.4+gcc3dc1b-1
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-02.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13345
 CVE-2017-5596 (In Wireshark 2.2.0 to 2.2.3 and 2.0.0 to 2.0.9, the ASTERIX dissector ...)
+	{DLA-858-1}
 	- wireshark 2.2.4+gcc3dc1b-1
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-01.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13344
@@ -22217,314 +22259,314 @@
 	RESERVED
 CVE-2017-0155
 	RESERVED
-CVE-2017-0154
-	RESERVED
+CVE-2017-0154 (Microsoft Internet Explorer 11 on Windows 10, 1511, and 1606 and ...)
+	TODO: check
 CVE-2017-0153
 	RESERVED
 CVE-2017-0152
 	RESERVED
-CVE-2017-0151
-	RESERVED
-CVE-2017-0150
-	RESERVED
-CVE-2017-0149
-	RESERVED
-CVE-2017-0148
-	RESERVED
-CVE-2017-0147
-	RESERVED
-CVE-2017-0146
-	RESERVED
-CVE-2017-0145
-	RESERVED
-CVE-2017-0144
-	RESERVED
-CVE-2017-0143
-	RESERVED
+CVE-2017-0151 (A remote code execution vulnerability exists in the way affected ...)
+	TODO: check
+CVE-2017-0150 (A remote code execution vulnerability exists in the way affected ...)
+	TODO: check
+CVE-2017-0149 (Microsoft Internet Explorer 9 through 11 allow remote attackers to ...)
+	TODO: check
+CVE-2017-0148 (The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 ...)
+	TODO: check
+CVE-2017-0147 (The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 ...)
+	TODO: check
+CVE-2017-0146 (The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 ...)
+	TODO: check
+CVE-2017-0145 (The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 ...)
+	TODO: check
+CVE-2017-0144 (The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 ...)
+	TODO: check
+CVE-2017-0143 (The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 ...)
+	TODO: check
 CVE-2017-0142
 	RESERVED
-CVE-2017-0141
-	RESERVED
-CVE-2017-0140
-	RESERVED
+CVE-2017-0141 (A remote code execution vulnerability exists in the way affected ...)
+	TODO: check
+CVE-2017-0140 (Microsoft Edge allows remote attackers to bypass the Same Origin ...)
+	TODO: check
 CVE-2017-0139
 	RESERVED
-CVE-2017-0138
-	RESERVED
-CVE-2017-0137
-	RESERVED
-CVE-2017-0136
-	RESERVED
-CVE-2017-0135
-	RESERVED
-CVE-2017-0134
-	RESERVED
-CVE-2017-0133
-	RESERVED
-CVE-2017-0132
-	RESERVED
-CVE-2017-0131
-	RESERVED
-CVE-2017-0130
-	RESERVED
-CVE-2017-0129
-	RESERVED
-CVE-2017-0128
-	RESERVED
-CVE-2017-0127
-	RESERVED
-CVE-2017-0126
-	RESERVED
-CVE-2017-0125
-	RESERVED
-CVE-2017-0124
-	RESERVED
-CVE-2017-0123
-	RESERVED
-CVE-2017-0122
-	RESERVED
-CVE-2017-0121
-	RESERVED
-CVE-2017-0120
-	RESERVED
-CVE-2017-0119
-	RESERVED
-CVE-2017-0118
-	RESERVED
-CVE-2017-0117
-	RESERVED
-CVE-2017-0116
-	RESERVED
-CVE-2017-0115
-	RESERVED
-CVE-2017-0114
-	RESERVED
-CVE-2017-0113
-	RESERVED
-CVE-2017-0112
-	RESERVED
-CVE-2017-0111
-	RESERVED
-CVE-2017-0110
-	RESERVED
-CVE-2017-0109
-	RESERVED
-CVE-2017-0108
-	RESERVED
-CVE-2017-0107
-	RESERVED
+CVE-2017-0138 (A remote code execution vulnerability exists in the way affected ...)
+	TODO: check
+CVE-2017-0137 (A remote code execution vulnerability exists in the way affected ...)
+	TODO: check
+CVE-2017-0136 (A remote code execution vulnerability exists in the way affected ...)
+	TODO: check
+CVE-2017-0135 (Microsoft Edge allows remote attackers to bypass the Same Origin ...)
+	TODO: check
+CVE-2017-0134 (A remote code execution vulnerability exists in the way affected ...)
+	TODO: check
+CVE-2017-0133 (A remote code execution vulnerability exists in the way affected ...)
+	TODO: check
+CVE-2017-0132 (A remote code execution vulnerability exists in the way affected ...)
+	TODO: check
+CVE-2017-0131 (A remote code execution vulnerability exists in the way affected ...)
+	TODO: check
+CVE-2017-0130 (The scripting engine in Microsoft Internet Explorer 9 through 11 ...)
+	TODO: check
+CVE-2017-0129 (Microsoft Lync for Mac 2011 fails to properly validate certificates, ...)
+	TODO: check
+CVE-2017-0128 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+	TODO: check
+CVE-2017-0127 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+	TODO: check
+CVE-2017-0126 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+	TODO: check
+CVE-2017-0125 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+	TODO: check
+CVE-2017-0124 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+	TODO: check
+CVE-2017-0123 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+	TODO: check
+CVE-2017-0122 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+	TODO: check
+CVE-2017-0121 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+	TODO: check
+CVE-2017-0120 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+	TODO: check
+CVE-2017-0119 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+	TODO: check
+CVE-2017-0118 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+	TODO: check
+CVE-2017-0117 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+	TODO: check
+CVE-2017-0116 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+	TODO: check
+CVE-2017-0115 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+	TODO: check
+CVE-2017-0114 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+	TODO: check
+CVE-2017-0113 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+	TODO: check
+CVE-2017-0112 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+	TODO: check
+CVE-2017-0111 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+	TODO: check
+CVE-2017-0110 (Cross-site scripting (XSS) vulnerability in Microsoft Exchange Outlook ...)
+	TODO: check
+CVE-2017-0109 (Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and ...)
+	TODO: check
+CVE-2017-0108 (The Windows Graphics Component in Microsoft Office 2007 SP3; 2010 SP2; ...)
+	TODO: check
+CVE-2017-0107 (Microsoft SharePoint Server fails to sanitize crafted web requests, ...)
+	TODO: check
 CVE-2017-0106
 	RESERVED
-CVE-2017-0105
-	RESERVED
-CVE-2017-0104
-	RESERVED
-CVE-2017-0103
-	RESERVED
-CVE-2017-0102
-	RESERVED
-CVE-2017-0101
-	RESERVED
-CVE-2017-0100
-	RESERVED
-CVE-2017-0099
-	RESERVED
-CVE-2017-0098
-	RESERVED
-CVE-2017-0097
-	RESERVED
-CVE-2017-0096
-	RESERVED
-CVE-2017-0095
-	RESERVED
-CVE-2017-0094
-	RESERVED
+CVE-2017-0105 (Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word for Mac ...)
+	TODO: check
+CVE-2017-0104 (The iSNS Server service in Microsoft Windows Server 2008 SP2 and R2, ...)
+	TODO: check
+CVE-2017-0103 (The kernel API in Microsoft Windows Vista SP2, Windows Server 2008 SP2 ...)
+	TODO: check
+CVE-2017-0102 (Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 ...)
+	TODO: check
+CVE-2017-0101 (The kernel-mode drivers in Transaction Manager in Microsoft Windows ...)
+	TODO: check
+CVE-2017-0100 (A DCOM object in Helppane.exe in Microsoft Windows 7 SP1; Windows ...)
+	TODO: check
+CVE-2017-0099 (Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and ...)
+	TODO: check
+CVE-2017-0098 (Hyper-V in Microsoft Windows 10 Gold, 1511, and 1607; and Windows ...)
+	TODO: check
+CVE-2017-0097 (Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and ...)
+	TODO: check
+CVE-2017-0096 (Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and ...)
+	TODO: check
+CVE-2017-0095 (Hyper-V in Microsoft Windows 10 Gold, 1511, and 1607 and Windows ...)
+	TODO: check
+CVE-2017-0094 (A remote code execution vulnerability exists in the way affected ...)
+	TODO: check
 CVE-2017-0093
 	RESERVED
-CVE-2017-0092
-	RESERVED
-CVE-2017-0091
-	RESERVED
-CVE-2017-0090
-	RESERVED
-CVE-2017-0089
-	RESERVED
-CVE-2017-0088
-	RESERVED
-CVE-2017-0087
-	RESERVED
-CVE-2017-0086
-	RESERVED
-CVE-2017-0085
-	RESERVED
-CVE-2017-0084
-	RESERVED
-CVE-2017-0083
-	RESERVED
-CVE-2017-0082
-	RESERVED
-CVE-2017-0081
-	RESERVED
-CVE-2017-0080
-	RESERVED
-CVE-2017-0079
-	RESERVED
-CVE-2017-0078
-	RESERVED
+CVE-2017-0092 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+	TODO: check
+CVE-2017-0091 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+	TODO: check
+CVE-2017-0090 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+	TODO: check
+CVE-2017-0089 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+	TODO: check
+CVE-2017-0088 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+	TODO: check
+CVE-2017-0087 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+	TODO: check
+CVE-2017-0086 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+	TODO: check
+CVE-2017-0085 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+	TODO: check
+CVE-2017-0084 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+	TODO: check
+CVE-2017-0083 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+	TODO: check
+CVE-2017-0082 (The kernel-mode drivers in Microsoft Windows 10 Gold and 1511 allow ...)
+	TODO: check
+CVE-2017-0081 (The kernel-mode drivers in Microsoft Windows 8.1; Windows Server 2012 ...)
+	TODO: check
+CVE-2017-0080 (The kernel-mode drivers in Microsoft Windows 10 Gold, 1511, and 1607 ...)
+	TODO: check
+CVE-2017-0079 (The kernel-mode drivers in Windows 8.1; Windows Server 2012 R2; ...)
+	TODO: check
+CVE-2017-0078 (The kernel-mode drivers in Microsoft Windows 8.1; Windows Server 2012 ...)
+	TODO: check
 CVE-2017-0077
 	RESERVED
-CVE-2017-0076
-	RESERVED
-CVE-2017-0075
-	RESERVED
-CVE-2017-0074
-	RESERVED
-CVE-2017-0073
-	RESERVED
-CVE-2017-0072
-	RESERVED
-CVE-2017-0071
-	RESERVED
-CVE-2017-0070
-	RESERVED
-CVE-2017-0069
-	RESERVED
-CVE-2017-0068
-	RESERVED
-CVE-2017-0067
-	RESERVED
-CVE-2017-0066
-	RESERVED
-CVE-2017-0065
-	RESERVED
+CVE-2017-0076 (Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and ...)
+	TODO: check
+CVE-2017-0075 (Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and ...)
+	TODO: check
+CVE-2017-0074 (Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and ...)
+	TODO: check
+CVE-2017-0073 (The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; ...)
+	TODO: check
+CVE-2017-0072 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...)
+	TODO: check
+CVE-2017-0071 (A remote code execution vulnerability exists in the way affected ...)
+	TODO: check
+CVE-2017-0070 (A remote code execution vulnerability exists in the way affected ...)
+	TODO: check
+CVE-2017-0069 (Microsoft Edge allows remote attackers to spoof web content via a ...)
+	TODO: check
+CVE-2017-0068 (Browsers in Microsoft Edge allow remote attackers to obtain sensitive ...)
+	TODO: check
+CVE-2017-0067 (A remote code execution vulnerability exists in the way affected ...)
+	TODO: check
+CVE-2017-0066 (Microsoft Edge allows remote attackers to bypass the Same Origin ...)
+	TODO: check
+CVE-2017-0065 (Microsoft Edge allows remote attackers to obtain sensitive information ...)
+	TODO: check
 CVE-2017-0064
 	RESERVED
-CVE-2017-0063
-	RESERVED
-CVE-2017-0062
-	RESERVED
-CVE-2017-0061
-	RESERVED
-CVE-2017-0060
-	RESERVED
-CVE-2017-0059
-	RESERVED
+CVE-2017-0063 (The Color Management Module (ICM32.dll) memory handling functionality ...)
+	TODO: check
+CVE-2017-0062 (The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; ...)
+	TODO: check
+CVE-2017-0061 (The Color Management Module (ICM32.dll) memory handling functionality ...)
+	TODO: check
+CVE-2017-0060 (The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; ...)
+	TODO: check
+CVE-2017-0059 (Microsoft Internet Explorer 9 through 11 allow remote attackers to ...)
+	TODO: check
 CVE-2017-0058
 	RESERVED
-CVE-2017-0057
-	RESERVED
-CVE-2017-0056
-	RESERVED
-CVE-2017-0055
-	RESERVED
+CVE-2017-0057 (DNS client in Microsoft Windows 8.1; Windows Server 2012 R2, Windows ...)
+	TODO: check
+CVE-2017-0056 (The kernel-mode drivers in Microsoft Windows Vista SP2; Windows Server ...)
+	TODO: check
+CVE-2017-0055 (Microsoft Internet Information Server (IIS) in Windows Vista SP2; ...)
+	TODO: check
 CVE-2017-0054
 	RESERVED
-CVE-2017-0053
-	RESERVED
-CVE-2017-0052
-	RESERVED
-CVE-2017-0051
-	RESERVED
-CVE-2017-0050
-	RESERVED
-CVE-2017-0049
-	RESERVED
+CVE-2017-0053 (Microsoft Office 2010 SP2, Office Compatibility Pack SP3, Word 2007 ...)
+	TODO: check
+CVE-2017-0052 (Microsoft Office Compatibility Pack SP3, Excel 2007 SP3, Excel Viewer, ...)
+	TODO: check
+CVE-2017-0051 (Microsoft Windows 10 1607 and Windows Server 2016 allow remote ...)
+	TODO: check
+CVE-2017-0050 (The kernel API in Microsoft Windows Vista SP2; Windows Server 2008 SP2 ...)
+	TODO: check
+CVE-2017-0049 (The VBScript engine in Microsoft Internet Explorer 11 allows remote ...)
+	TODO: check
 CVE-2017-0048
 	RESERVED
-CVE-2017-0047
-	RESERVED
+CVE-2017-0047 (The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; ...)
+	TODO: check
 CVE-2017-0046
 	RESERVED
-CVE-2017-0045
-	RESERVED
+CVE-2017-0045 (Windows DVD Maker in Windows 7 SP1, Windows Server 2008 SP2 and R2 ...)
+	TODO: check
 CVE-2017-0044
 	RESERVED
-CVE-2017-0043
-	RESERVED
-CVE-2017-0042
-	RESERVED
+CVE-2017-0043 (Active Directory Federation Services in Microsoft Windows 10 1607, ...)
+	TODO: check
+CVE-2017-0042 (Windows Media Player in Microsoft Windows 8.1; Windows Server 2012 R2; ...)
+	TODO: check
 CVE-2017-0041
 	RESERVED
-CVE-2017-0040
-	RESERVED
-CVE-2017-0039
-	RESERVED
+CVE-2017-0040 (The scripting engine in Microsoft Internet Explorer 9 through 11 ...)
+	TODO: check
+CVE-2017-0039 (Microsoft Windows Vista SP2 and Server 2008 SP2 mishandle dynamic link ...)
+	TODO: check
 CVE-2017-0038 (gdi32.dll in Graphics Device Interface (GDI) in Microsoft Windows Vista ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0037 (Microsoft Internet Explorer 11 and Microsoft Edge have a type confusion ...)
+CVE-2017-0037 (Microsoft Internet Explorer 10 and 11 and Microsoft Edge have a type ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-0036
 	RESERVED
-CVE-2017-0035
-	RESERVED
-CVE-2017-0034
-	RESERVED
-CVE-2017-0033
-	RESERVED
-CVE-2017-0032
-	RESERVED
-CVE-2017-0031
-	RESERVED
-CVE-2017-0030
-	RESERVED
-CVE-2017-0029
-	RESERVED
+CVE-2017-0035 (A remote code execution vulnerability exists in the way affected ...)
+	TODO: check
+CVE-2017-0034 (A remote code execution vulnerability exists when Microsoft Edge ...)
+	TODO: check
+CVE-2017-0033 (Microsoft Internet Explorer 11 and Microsoft Edge allow remote ...)
+	TODO: check
+CVE-2017-0032 (A remote code execution vulnerability exists in the way affected ...)
+	TODO: check
+CVE-2017-0031 (Microsoft Office 2010 SP2, Office Compatibility Pack SP3, Word 2007 ...)
+	TODO: check
+CVE-2017-0030 (Microsoft Office 2010 SP2, Office Compatibility Pack SP3, Office Web ...)
+	TODO: check
+CVE-2017-0029 (Microsoft Office 2010 SP2, Word 2010 SP2, Word 2013 RT SP1, and Word ...)
+	TODO: check
 CVE-2017-0028
 	RESERVED
-CVE-2017-0027
-	RESERVED
-CVE-2017-0026
-	RESERVED
-CVE-2017-0025
-	RESERVED
-CVE-2017-0024
-	RESERVED
-CVE-2017-0023
-	RESERVED
-CVE-2017-0022
-	RESERVED
-CVE-2017-0021
-	RESERVED
-CVE-2017-0020
-	RESERVED
-CVE-2017-0019
-	RESERVED
-CVE-2017-0018
-	RESERVED
-CVE-2017-0017
-	RESERVED
-CVE-2017-0016
-	RESERVED
-CVE-2017-0015
-	RESERVED
-CVE-2017-0014
-	RESERVED
+CVE-2017-0027 (Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 RT SP1, Excel ...)
+	TODO: check
+CVE-2017-0026 (The kernel-mode drivers in Microsoft Windows 10 Gold, 1511, and 1607 ...)
+	TODO: check
+CVE-2017-0025 (The kernel-mode drivers in Microsoft Windows Vista; Windows Server ...)
+	TODO: check
+CVE-2017-0024 (The kernel-mode drivers in Microsoft Windows 10 1607 and Windows ...)
+	TODO: check
+CVE-2017-0023 (The PDF library in Microsoft Edge; Windows 8.1; Windows Server 2012 ...)
+	TODO: check
+CVE-2017-0022 (Microsoft XML Core Services (MSXML) in Windows 10 Gold, 1511, and ...)
+	TODO: check
+CVE-2017-0021 (Hyper-V in Microsoft Windows 10 1607 and Windows Server 2016 does not ...)
+	TODO: check
+CVE-2017-0020 (Microsoft Excel 2016, Excel 2010 SP2, Excel 2013 RT SP1, and Office ...)
+	TODO: check
+CVE-2017-0019 (Microsoft Word 2016 allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2017-0018 (Microsoft Internet Explorer 10 and 11 allow remote attackers to ...)
+	TODO: check
+CVE-2017-0017 (The RegEx class in the XSS filter in Microsoft Edge allows remote ...)
+	TODO: check
+CVE-2017-0016 (Microsoft Windows 10 Gold, 1511, and 1607; Windows 8.1; Windows RT ...)
+	TODO: check
+CVE-2017-0015 (A remote code execution vulnerability exists in the way affected ...)
+	TODO: check
+CVE-2017-0014 (The Windows Graphics Component in Microsoft Office 2010 SP2; Windows ...)
+	TODO: check
 CVE-2017-0013
 	RESERVED
-CVE-2017-0012
-	RESERVED
-CVE-2017-0011
-	RESERVED
-CVE-2017-0010
-	RESERVED
-CVE-2017-0009
-	RESERVED
-CVE-2017-0008
-	RESERVED
-CVE-2017-0007
-	RESERVED
-CVE-2017-0006
-	RESERVED
-CVE-2017-0005
-	RESERVED
+CVE-2017-0012 (Microsoft Internet Explorer 11 and Microsoft Edge allow remote ...)
+	TODO: check
+CVE-2017-0011 (Microsoft Edge allows remote attackers to obtain sensitive information ...)
+	TODO: check
+CVE-2017-0010 (A remote code execution vulnerability exists in the way affected ...)
+	TODO: check
+CVE-2017-0009 (Microsoft Internet Explorer 9 through 11 allow remote attackers to ...)
+	TODO: check
+CVE-2017-0008 (Microsoft Internet Explorer 9 through 11 allow remote attackers to ...)
+	TODO: check
+CVE-2017-0007 (Device Guard in Microsoft Windows 10 Gold, 1511, 1607, and Windows ...)
+	TODO: check
+CVE-2017-0006 (Microsoft Excel 2007 SP3, Office Compatibility Pack SP3, Excel Viewer, ...)
+	TODO: check
+CVE-2017-0005 (The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; ...)
+	TODO: check
 CVE-2017-0004 (The Local Security Authority Subsystem Service (LSASS) in Microsoft ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-0003 (Microsoft Word 2016 and SharePoint Enterprise Server 2016 allow remote ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-0002 (Microsoft Edge allows remote attackers to bypass the Same Origin ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0001
-	RESERVED
+CVE-2017-0001 (The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; ...)
+	TODO: check
 CVE-2016-8200
 	RESERVED
 CVE-2016-8199

More information about the Secure-testing-commits mailing list