[Secure-testing-commits] r57274 - data/CVE

security tracker role sectracker at moszumanska.debian.org
Fri Nov 3 09:11:04 UTC 2017


Author: sectracker
Date: 2017-11-03 09:11:04 +0000 (Fri, 03 Nov 2017)
New Revision: 57274

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-11-03 06:17:15 UTC (rev 57273)
+++ data/CVE/list	2017-11-03 09:11:04 UTC (rev 57274)
@@ -1,3 +1,5 @@
+CVE-2017-16511
+	RESERVED
 CVE-2017-1000171
 	RESERVED
 CVE-2017-1000157
@@ -54,7 +56,7 @@
 	RESERVED
 CVE-2017-1000131
 	RESERVED
-CVE-2017-16510 [Unsafe queries with wpdb->prepare]
+CVE-2017-16510 (WordPress before 4.8.3 is affected by an issue where $wpdb->prepare() ...)
 	- wordpress 4.8.3+dfsg-1 (bug #880528)
 	NOTE: https://wpvulndb.com/vulnerabilities/8941
 	NOTE: https://github.com/WordPress/WordPress/commit/a2693fd8602e3263b5925b9d799ddd577202167d
@@ -650,8 +652,8 @@
 	RESERVED
 CVE-2017-16238
 	RESERVED
-CVE-2017-16237
-	RESERVED
+CVE-2017-16237 (In Vir.IT eXplorer Anti-Virus before 8.5.42, the driver file ...)
+	TODO: check
 CVE-2017-16236
 	RESERVED
 CVE-2017-16235
@@ -1631,12 +1633,15 @@
 CVE-2017-15956 (ConverTo Video Downloader & Converter 1.4.1 allows Arbitrary File ...)
 	NOT-FOR-US: ConverTo Video Downloader
 CVE-2017-15955 (bchunk (related to BinChunker) 1.2.0 and 1.2.1 is vulnerable to an ...)
+	{DLA-1158-1}
 	- bchunk <unfixed> (bug #880116)
 	NOTE: https://github.com/extramaster/bchunk/issues/4
 CVE-2017-15954 (bchunk (related to BinChunker) 1.2.0 and 1.2.1 is vulnerable to a ...)
+	{DLA-1158-1}
 	- bchunk <unfixed> (bug #880116)
 	NOTE: https://github.com/extramaster/bchunk/issues/3
 CVE-2017-15953 (bchunk (related to BinChunker) 1.2.0 and 1.2.1 is vulnerable to a ...)
+	{DLA-1158-1}
 	- bchunk <unfixed> (bug #880116)
 	NOTE: https://github.com/extramaster/bchunk/issues/2
 CVE-2017-15952
@@ -2006,27 +2011,38 @@
 	NOT-FOR-US: XnView
 CVE-2017-15801 (XnView Classic for Windows Version 2.43 allows attackers to cause a ...)
 	NOT-FOR-US: XnView
-CVE-2017-15800 (IrfanView version 4.50 (64bit) allows attackers to execute arbitrary ...)
+CVE-2017-15800
+	REJECTED
 	NOT-FOR-US: IrfanView
-CVE-2017-15799 (IrfanView version 4.50 (64bit) allows attackers to cause a denial of ...)
+CVE-2017-15799
+	REJECTED
 	NOT-FOR-US: IrfanView
-CVE-2017-15798 (IrfanView version 4.50 (64bit) allows attackers to cause a denial of ...)
+CVE-2017-15798
+	REJECTED
 	NOT-FOR-US: IrfanView
-CVE-2017-15797 (IrfanView version 4.50 (64bit) allows attackers to execute arbitrary ...)
+CVE-2017-15797
+	REJECTED
 	NOT-FOR-US: IrfanView
-CVE-2017-15796 (IrfanView version 4.50 (64bit) allows attackers to cause a denial of ...)
+CVE-2017-15796
+	REJECTED
 	NOT-FOR-US: IrfanView
-CVE-2017-15795 (IrfanView version 4.50 (64bit) allows attackers to cause a denial of ...)
+CVE-2017-15795
+	REJECTED
 	NOT-FOR-US: IrfanView
-CVE-2017-15794 (IrfanView version 4.50 (64bit) allows attackers to cause a denial of ...)
+CVE-2017-15794
+	REJECTED
 	NOT-FOR-US: IrfanView
-CVE-2017-15793 (IrfanView version 4.50 (64bit) allows attackers to execute arbitrary ...)
+CVE-2017-15793
+	REJECTED
 	NOT-FOR-US: IrfanView
-CVE-2017-15792 (IrfanView version 4.50 (64bit) allows attackers to cause a denial of ...)
+CVE-2017-15792
+	REJECTED
 	NOT-FOR-US: IrfanView
-CVE-2017-15791 (IrfanView version 4.50 (64bit) allows attackers to cause a denial of ...)
+CVE-2017-15791
+	REJECTED
 	NOT-FOR-US: IrfanView
-CVE-2017-15790 (IrfanView version 4.50 (64bit) allows attackers to cause a denial of ...)
+CVE-2017-15790
+	REJECTED
 	NOT-FOR-US: IrfanView
 CVE-2017-15789 (XnView Classic for Windows Version 2.43 allows attackers to execute ...)
 	NOT-FOR-US: XnView
@@ -17801,6 +17817,7 @@
 CVE-2017-10389 (Vulnerability in the Oracle Hospitality Suite8 component of Oracle ...)
 	NOT-FOR-US: Oracle
 CVE-2017-10388 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...)
+	{DSA-4015-1}
 	- openjdk-9 9.0.1+11-1
 	- openjdk-8 8u151-b12-1
 	- openjdk-7 <removed>
@@ -17880,18 +17897,21 @@
 CVE-2017-10358 (Vulnerability in the Oracle Hyperion Financial Reporting component of ...)
 	NOT-FOR-US: Oracle
 CVE-2017-10357 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...)
+	{DSA-4015-1}
 	- openjdk-9 9.0.1+11-1
 	- openjdk-8 8u151-b12-1
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
 CVE-2017-10356 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...)
+	{DSA-4015-1}
 	- openjdk-9 9.0.1+11-1
 	- openjdk-8 8u151-b12-1
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
 CVE-2017-10355 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...)
+	{DSA-4015-1}
 	- openjdk-9 9.0.1+11-1
 	- openjdk-8 8u151-b12-1
 	- openjdk-7 <removed>
@@ -17906,34 +17926,40 @@
 CVE-2017-10351 (Vulnerability in the PeopleSoft Enterprise PT PeopleTools component of ...)
 	NOT-FOR-US: Oracle
 CVE-2017-10350 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...)
+	{DSA-4015-1}
 	- openjdk-9 9.0.1+11-1
 	- openjdk-8 8u151-b12-1
 	- openjdk-7 <removed>
 CVE-2017-10349 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...)
+	{DSA-4015-1}
 	- openjdk-9 9.0.1+11-1
 	- openjdk-8 8u151-b12-1
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
 CVE-2017-10348 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...)
+	{DSA-4015-1}
 	- openjdk-9 9.0.1+11-1
 	- openjdk-8 8u151-b12-1
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
 CVE-2017-10347 (Vulnerability in the Java SE, JRockit component of Oracle Java SE ...)
+	{DSA-4015-1}
 	- openjdk-9 9.0.1+11-1
 	- openjdk-8 8u151-b12-1
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
 CVE-2017-10346 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...)
+	{DSA-4015-1}
 	- openjdk-9 9.0.1+11-1
 	- openjdk-8 8u151-b12-1
 	- openjdk-7 <removed>
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
 CVE-2017-10345 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...)
+	{DSA-4015-1}
 	- openjdk-9 9.0.1+11-1
 	- openjdk-8 8u151-b12-1
 	- openjdk-7 <removed>
@@ -18049,6 +18075,7 @@
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
 CVE-2017-10295 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...)
+	{DSA-4015-1}
 	- openjdk-9 9.0.1+11-1
 	- openjdk-8 8u151-b12-1
 	- openjdk-7 <removed>
@@ -18080,6 +18107,7 @@
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
 CVE-2017-10285 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...)
+	{DSA-4015-1}
 	- openjdk-9 9.0.1+11-1
 	- openjdk-8 8u151-b12-1
 	- openjdk-7 <removed>
@@ -18096,6 +18124,7 @@
 CVE-2017-10282
 	RESERVED
 CVE-2017-10281 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...)
+	{DSA-4015-1}
 	- openjdk-9 9.0.1+11-1
 	- openjdk-8 8u151-b12-1
 	- openjdk-7 <removed>
@@ -18118,6 +18147,7 @@
 CVE-2017-10275 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of ...)
 	NOT-FOR-US: Oracle
 CVE-2017-10274 (Vulnerability in the Java SE component of Oracle Java SE ...)
+	{DSA-4015-1}
 	- openjdk-9 9.0.1+11-1
 	- openjdk-8 8u151-b12-1
 	- openjdk-7 <removed>




More information about the Secure-testing-commits mailing list