[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff jmm at debian.org
Fri Oct 11 16:28:37 BST 2019 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9997b749 by Moritz Muehlenhoff at 2019-10-11T15:28:22Z
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -35635,17 +35635,17 @@ CVE-2019-5051 (An exploitable heap-based buffer overflow vulnerability exists wh
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2019-0820
 	NOTE: https://hg.libsdl.org/SDL_image/rev/e7e9786a1a34
 CVE-2019-5050 (A specifically crafted PDF file can lead to a heap corruption when ope ...)
-	TODO: check
+	NOT-FOR-US: NitroPDF
 CVE-2019-5049
 	RESERVED
 CVE-2019-5048 (A specifically crafted PDF file can lead to a heap corruption when ope ...)
-	TODO: check
+	NOT-FOR-US: NitroPDF
 CVE-2019-5047 (An exploitable Use After Free vulnerability exists in the CharProcs pa ...)
-	TODO: check
+	NOT-FOR-US: NitroPDF
 CVE-2019-5046 (A specifically crafted jpeg2000 file embedded in a PDF file can lead t ...)
-	TODO: check
+	NOT-FOR-US: NitroPDF
 CVE-2019-5045 (A specifically crafted jpeg2000 file embedded in a PDF file can lead t ...)
-	TODO: check
+	NOT-FOR-US: NitroPDF
 CVE-2019-5044
 	REJECTED
 CVE-2019-5043
@@ -46876,19 +46876,19 @@ CVE-2019-1374
 CVE-2019-1373
 	RESERVED
 CVE-2019-1372 (An remote code execution vulnerability exists when Azure App Service/  ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1371 (A remote code execution vulnerability exists when Internet Explorer im ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1370
 	RESERVED
 CVE-2019-1369 (An information disclosure vulnerability exists when affected Open Encl ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1368 (A security feature bypass exists when Windows Secure Boot improperly r ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1367 (A remote code execution vulnerability exists in the way that the scrip ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1366 (A remote code execution vulnerability exists in the way that the Chakr ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1365 (An elevation of privilege vulnerability exists when Microsoft IIS Serv ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1364 (An elevation of privilege vulnerability exists in Windows when the Win ...)
@@ -46936,77 +46936,77 @@ CVE-2019-1344 (An information disclosure vulnerability exists in the way that th
 CVE-2019-1343 (A denial of service vulnerability exists when Windows improperly handl ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1342 (An elevation of privilege vulnerability exists when Windows Error Repo ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1341 (An elevation of privilege vulnerability exists when umpo.dll of the Po ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1340 (An elevation of privilege vulnerability exists in Windows AppX Deploym ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1339 (An elevation of privilege vulnerability exists when Windows Error Repo ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1338 (A security feature bypass vulnerability exists in Microsoft Windows wh ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1337 (An information disclosure vulnerability exists when Windows Update Cli ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1336 (An elevation of privilege vulnerability exists in the Microsoft Window ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1335 (A remote code execution vulnerability exists in the way that the Chakr ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1334 (An information disclosure vulnerability exists when the Windows kernel ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1333 (A remote code execution vulnerability exists in the Windows Remote Des ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1332
 	RESERVED
 CVE-2019-1331 (A remote code execution vulnerability exists in Microsoft Excel softwa ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1330 (An elevation of privilege vulnerability exists in Microsoft SharePoint ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1329 (An elevation of privilege vulnerability exists when Microsoft SharePoi ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1328 (A spoofing vulnerability exists when Microsoft SharePoint Server does  ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1327 (A remote code execution vulnerability exists in Microsoft Excel softwa ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1326 (A denial of service vulnerability exists in Remote Desktop Protocol (R ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1325 (An elevation of privilege vulnerability exists in the Windows redirect ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1324
 	RESERVED
 CVE-2019-1323 (An elevation of privilege vulnerability exists in the Microsoft Window ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1322 (An elevation of privilege vulnerability exists when Windows improperly ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1321 (An elevation of privilege vulnerability exists when Windows CloudStore ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1320 (An elevation of privilege vulnerability exists when Windows improperly ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1319 (An elevation of privilege vulnerability exists in Windows Error Report ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1318 (A spoofing vulnerability exists when Transport Layer Security (TLS) ac ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1317 (A denial of service vulnerability exists when Windows improperly handl ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1316 (An elevation of privilege vulnerability exists in Microsoft Windows Se ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1315 (An elevation of privilege vulnerability exists when Windows Error Repo ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1314 (A security feature bypass vulnerability exists in Windows 10 Mobile wh ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1313 (An information disclosure vulnerability exists in Microsoft SQL Server ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1312
 	RESERVED
 CVE-2019-1311 (A remote code execution vulnerability exists when the Windows Imaging  ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1310
 	RESERVED
 CVE-2019-1309
 	RESERVED
 CVE-2019-1308 (A remote code execution vulnerability exists in the way that the Chakr ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1307 (A remote code execution vulnerability exists in the way that the Chakr ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1306 (A remote code execution vulnerability exists when Azure DevOps Server  ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1305 (A Cross-site Scripting (XSS) vulnerability exists when Team Foundation ...)
@@ -47142,9 +47142,9 @@ CVE-2019-1241 (A remote code execution vulnerability exists when the Windows Jet
 CVE-2019-1240 (A remote code execution vulnerability exists when the Windows Jet Data ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1239 (A remote code execution vulnerability exists in the way that the VBScr ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1238 (A remote code execution vulnerability exists in the way that the VBScr ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1237 (A remote code execution vulnerability exists in the way that the Chakr ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1236 (A remote code execution vulnerability exists in the way that the VBScr ...)
@@ -47160,7 +47160,7 @@ CVE-2019-1232 (An elevation of privilege vulnerability exists when the Diagnosti
 CVE-2019-1231 (An information disclosure vulnerability exists in the way Rome SDK han ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1230 (An information disclosure vulnerability exists when the Windows Hyper- ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1229 (An elevation of privilege vulnerability exists in Dynamics On-Premise  ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1228 (An information disclosure vulnerability exists when the Windows kernel ...)
@@ -47288,7 +47288,7 @@ CVE-2019-1168 (An elevation of privilege exists in the p2pimsvc service where an
 CVE-2019-1167 (A security feature bypass vulnerability exists in Windows Defender App ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1166 (A tampering vulnerability exists in Microsoft Windows when a man-in-th ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1165
 	RESERVED
 CVE-2019-1164 (An elevation of privilege vulnerability exists when the Windows kernel ...)
@@ -47482,7 +47482,7 @@ CVE-2019-1072 (A remote code execution vulnerability exists when Azure DevOps Se
 CVE-2019-1071 (An information disclosure vulnerability exists when the Windows kernel ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1070 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1069 (An elevation of privilege vulnerability exists in the way the Task Sch ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1068 (A remote code execution vulnerability exists in Microsoft SQL Server w ...)
@@ -47502,7 +47502,7 @@ CVE-2019-1062 (A remote code execution vulnerability exists in the way that the
 CVE-2019-1061
 	RESERVED
 CVE-2019-1060 (A remote code execution vulnerability exists when the Microsoft XML Co ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-1059 (A remote code execution vulnerability exists in the way that the scrip ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1058
@@ -48418,7 +48418,7 @@ CVE-2019-0610 (A remote code execution vulnerability exists in the way that the
 CVE-2019-0609 (A remote code execution vulnerability exists in the way the scripting  ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0608 (A spoofing vulnerability exists when Microsoft Browsers does not prope ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2019-0607 (A remote code execution vulnerability exists in the way that the scrip ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-0606 (A remote code execution vulnerability exists when Internet Explorer im ...)
@@ -53163,7 +53163,7 @@ CVE-2019-0070 (An Improper Input Validation weakness allows a malicious local at
 CVE-2019-0069 (On EX4600, QFX5100 Series, NFX Series, QFX10K Series, QFX5110, QFX5200 ...)
 	NOT-FOR-US: Juniper
 CVE-2019-0068 (The SRX flowd process, responsible for packet forwarding, may crash an ...)
-	TODO: check
+	NOT-FOR-US: Juniper
 CVE-2019-0067 (Receipt of a specific link-local IPv6 packet destined to the RE may ca ...)
 	NOT-FOR-US: Juniper
 CVE-2019-0066 (An unexpected status return value weakness in the Next-Generation Mult ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/9997b74938f2fa30faba5ae2ba5a08eabbd7ab14

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/9997b74938f2fa30faba5ae2ba5a08eabbd7ab14
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191011/36021c76/attachment.html>

More information about the debian-security-tracker-commits mailing list