[Secure-testing-commits] r50086 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Mon Mar 27 09:10:13 UTC 2017
Author: sectracker
Date: 2017-03-27 09:10:12 +0000 (Mon, 27 Mar 2017)
New Revision: 50086
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-03-27 08:35:40 UTC (rev 50085)
+++ data/CVE/list 2017-03-27 09:10:12 UTC (rev 50086)
@@ -1,5 +1,5 @@
-CVE-2017-7269
- RESERVED
+CVE-2017-7269 (Buffer overflow in the ScStoragePathFromUrl function in the WebDAV ...)
+ TODO: check
CVE-2017-7268
RESERVED
CVE-2017-7267
@@ -770,6 +770,7 @@
NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=b814a36d3440de95f2ac6eaa4fc7935c322ea456
NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=43a444f9c5bfd44b4304eafd78338e21d54bea14
CVE-2017-6967 (xrdp 0.9.1 calls the PAM function auth_start_session() in an incorrect ...)
+ {DLA-872-1}
[experimental] - xrdp 0.9.2~20170325-1~exp1
- xrdp <unfixed> (bug #858143)
NOTE: https://bugs.launchpad.net/ubuntu/+source/xrdp/+bug/1672742
@@ -3148,14 +3149,14 @@
NOT-FOR-US: CMS Made Simple
CVE-2017-6070 (CMS Made Simple version 1.x Form Builder before version 0.8.1.6 allows ...)
NOT-FOR-US: CMS Made Simple
-CVE-2017-6069
- RESERVED
-CVE-2017-6068
- RESERVED
-CVE-2017-6067
- RESERVED
-CVE-2017-6066
- RESERVED
+CVE-2017-6069 (Subrion CMS 4.0.5 has CSRF in admin/blog/add/. The attacker can add any ...)
+ TODO: check
+CVE-2017-6068 (Subrion CMS 4.0.5 has CSRF in admin/blocks/add/. The attacker can ...)
+ TODO: check
+CVE-2017-6067 (Symphony 2.6.9 has XSS in publish/notes/edit/##/saved/ via the bottom ...)
+ TODO: check
+CVE-2017-6066 (Subrion CMS 4.0.5 has CSRF in admin/languages/edit/1/. The attacker can ...)
+ TODO: check
CVE-2017-6065 (SQL injection vulnerability in ...)
NOT-FOR-US: GenixCMS
CVE-2017-6064
@@ -3266,8 +3267,8 @@
{DSA-3811-1 DLA-826-1}
- wireshark 2.2.5+g440fd4d-2 (bug #855408)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13416
-CVE-2017-6013
- RESERVED
+CVE-2017-6013 (Subrion CMS 4.0.5.10 has SQL injection in admin/database/ via the query ...)
+ TODO: check
CVE-2017-6012
RESERVED
CVE-2017-6011 (An issue was discovered in icoutils 0.31.1. An out-of-bounds read ...)
@@ -3291,8 +3292,8 @@
RESERVED
CVE-2017-6007
RESERVED
-CVE-2017-6006
- RESERVED
+CVE-2017-6006 (Symphony 2.6.11 has XSS in publish/articles/new/ via the Body field. ...)
+ TODO: check
CVE-2017-6005
RESERVED
CVE-2017-6004 (The compile_bracket_matchingpath function in pcre_jit_compile.c in PCRE ...)
@@ -3301,10 +3302,10 @@
[wheezy] - pcre3 <not-affected> (Vulnerable code introduced later)
NOTE: https://vcs.pcre.org/pcre/code/trunk/pcre_jit_compile.c?r1=1676&r2=1680&view=patch
NOTE: https://bugs.exim.org/show_bug.cgi?id=2035
-CVE-2017-6003
- RESERVED
-CVE-2017-6002
- RESERVED
+CVE-2017-6003 (dotCMS 3.7.0 has XSS reachable from ext/languages_manager/edit_language ...)
+ TODO: check
+CVE-2017-6002 (Subrion CMS 4.0.5.10 has CSRF in admin/blog/add/. The attacker can add ...)
+ TODO: check
CVE-2014-9919
RESERVED
CVE-2014-9918
More information about the Secure-testing-commits
mailing list