Author: sectracker Date: 2017-08-09 09:10:20 +0000 (Wed, 09 Aug 2017) New Revision: 54469
Modified: data/CVE/list Log: automatic update Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-08-09 08:35:12 UTC (rev 54468) +++ data/CVE/list 2017-08-09 09:10:20 UTC (rev 54469) @@ -10810,8 +10810,8 @@ RESERVED CVE-2017-8692 RESERVED -CVE-2017-8691 - RESERVED +CVE-2017-8691 (Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allow an ...) + TODO: check CVE-2017-8690 RESERVED CVE-2017-8689 @@ -10844,90 +10844,90 @@ RESERVED CVE-2017-8675 RESERVED -CVE-2017-8674 - RESERVED -CVE-2017-8673 - RESERVED -CVE-2017-8672 - RESERVED -CVE-2017-8671 - RESERVED -CVE-2017-8670 - RESERVED -CVE-2017-8669 - RESERVED -CVE-2017-8668 - RESERVED +CVE-2017-8674 (Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to ...) + TODO: check +CVE-2017-8673 (The Remote Desktop Protocol (RDP) implementation in Microsoft Windows ...) + TODO: check +CVE-2017-8672 (Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows ...) + TODO: check +CVE-2017-8671 (Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows ...) + TODO: check +CVE-2017-8670 (Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server ...) + TODO: check +CVE-2017-8669 (Microsoft browsers in Microsoft Windows 7 SP1, Windows Server 2008 R2 ...) + TODO: check +CVE-2017-8668 (The Volume Manager Extension Driver in Microsoft Windows 7 SP1, ...) + TODO: check CVE-2017-8667 RESERVED -CVE-2017-8666 - RESERVED +CVE-2017-8666 (Microsoft Win32k in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, ...) + TODO: check CVE-2017-8665 RESERVED -CVE-2017-8664 - RESERVED +CVE-2017-8664 (Windows Hyper-V in Windows 8.1, Windows Server 2012 Gold and R2, ...) + TODO: check CVE-2017-8663 (Microsoft Outlook 2007 SP3, Outlook 2010 SP2, Outlook 2013 SP1, ...) NOT-FOR-US: Microsoft -CVE-2017-8662 - RESERVED -CVE-2017-8661 - RESERVED +CVE-2017-8662 (Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to ...) + TODO: check +CVE-2017-8661 (Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server ...) + TODO: check CVE-2017-8660 RESERVED -CVE-2017-8659 - RESERVED +CVE-2017-8659 (Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to ...) + TODO: check CVE-2017-8658 RESERVED -CVE-2017-8657 - RESERVED -CVE-2017-8656 - RESERVED -CVE-2017-8655 - RESERVED -CVE-2017-8654 - RESERVED -CVE-2017-8653 - RESERVED -CVE-2017-8652 - RESERVED -CVE-2017-8651 - RESERVED -CVE-2017-8650 - RESERVED +CVE-2017-8657 (Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows ...) + TODO: check +CVE-2017-8656 (Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server ...) + TODO: check +CVE-2017-8655 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and ...) + TODO: check +CVE-2017-8654 (Microsoft SharePoint Server 2010 Service Pack 2 allows a cross-site ...) + TODO: check +CVE-2017-8653 (Microsoft browsers in Microsoft Windows 7 SP1, Windows Server 2008 SP2 ...) + TODO: check +CVE-2017-8652 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and ...) + TODO: check +CVE-2017-8651 (Internet Explorer in Microsoft Windows Server 2008 SP2 and Windows ...) + TODO: check +CVE-2017-8650 (Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to ...) + TODO: check CVE-2017-8649 RESERVED CVE-2017-8648 RESERVED -CVE-2017-8647 - RESERVED -CVE-2017-8646 - RESERVED -CVE-2017-8645 - RESERVED -CVE-2017-8644 - RESERVED +CVE-2017-8647 (Microsoft Edge in Windows 10 1703 allows an attacker to execute ...) + TODO: check +CVE-2017-8646 (Microsoft Edge in Windows 10 1511, 1607, 1703, and Windows Server 2016 ...) + TODO: check +CVE-2017-8645 (Microsoft Edge in Windows 10 1511, 1607, 1703, and Windows Server 2016 ...) + TODO: check +CVE-2017-8644 (Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and ...) + TODO: check CVE-2017-8643 RESERVED -CVE-2017-8642 - RESERVED -CVE-2017-8641 - RESERVED -CVE-2017-8640 - RESERVED -CVE-2017-8639 - RESERVED -CVE-2017-8638 - RESERVED -CVE-2017-8637 - RESERVED -CVE-2017-8636 - RESERVED -CVE-2017-8635 - RESERVED -CVE-2017-8634 - RESERVED -CVE-2017-8633 - RESERVED +CVE-2017-8642 (Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to ...) + TODO: check +CVE-2017-8641 (Microsoft browsers in Microsoft Windows 7 SP1, Windows Server 2008 R2 ...) + TODO: check +CVE-2017-8640 (Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, and Windows ...) + TODO: check +CVE-2017-8639 (Microsoft Edge in Windows 10 1607, 1703, and Windows Server 2016 ...) + TODO: check +CVE-2017-8638 (Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to ...) + TODO: check +CVE-2017-8637 (Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to ...) + TODO: check +CVE-2017-8636 (Microsoft browsers in Microsoft Windows 7 SP1, Windows Server 2008 R2 ...) + TODO: check +CVE-2017-8635 (Microsoft browsers in Microsoft Windows 7 SP1, Windows Server 2008 R2 ...) + TODO: check +CVE-2017-8634 (Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to ...) + TODO: check +CVE-2017-8633 (Windows Error Reporting (WER) in Windows Server 2008 SP2 and R2 SP1, ...) + TODO: check CVE-2017-8632 RESERVED CVE-2017-8631 @@ -10938,22 +10938,22 @@ RESERVED CVE-2017-8628 RESERVED -CVE-2017-8627 - RESERVED +CVE-2017-8627 (Windows Subsystem for Linux in Windows 10 1703, allows a denial of ...) + TODO: check CVE-2017-8626 RESERVED -CVE-2017-8625 - RESERVED -CVE-2017-8624 - RESERVED -CVE-2017-8623 - RESERVED -CVE-2017-8622 - RESERVED +CVE-2017-8625 (Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, and Windows ...) + TODO: check +CVE-2017-8624 (CLFS in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows ...) + TODO: check +CVE-2017-8623 (Windows Hyper-V in Windows 10 1607, 1703, and Windows Server 2016 ...) + TODO: check +CVE-2017-8622 (Windows Subsystem for Linux in Windows 10 1703 allows an elevation of ...) + TODO: check CVE-2017-8621 (Microsoft Exchange Server 2010 SP3, Exchange Server 2013 SP3, Exchange ...) NOT-FOR-US: Microsoft -CVE-2017-8620 - RESERVED +CVE-2017-8620 (Windows Search in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, ...) + TODO: check CVE-2017-8619 (Microsoft Edge on Windows 10 Gold, 1511, 1607, and 1703, and Windows ...) NOT-FOR-US: Microsoft CVE-2017-8618 (Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 ...) @@ -11006,12 +11006,12 @@ NOT-FOR-US: Microsoft CVE-2017-8594 (Internet Explorer on Microsoft Windows 8.1 and Windows RT 8.1, and ...) NOT-FOR-US: Microsoft -CVE-2017-8593 - RESERVED +CVE-2017-8593 (Microsoft Win32k in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, ...) + TODO: check CVE-2017-8592 (Microsoft browsers on when Microsoft Windows 7 SP1, Windows Server ...) NOT-FOR-US: Microsoft -CVE-2017-8591 - RESERVED +CVE-2017-8591 (Windows Input Method Editor (IME) in Windows 8.1, Windows Server 2012 ...) + TODO: check CVE-2017-8590 (Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows ...) NOT-FOR-US: Microsoft CVE-2017-8589 (Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows ...) @@ -11160,8 +11160,8 @@ RESERVED CVE-2017-8517 (Microsoft browsers in Microsoft Windows Server 2008 SP2 and R2 SP1, ...) NOT-FOR-US: Microsoft -CVE-2017-8516 - RESERVED +CVE-2017-8516 (Microsoft SQL Server Analysis Services in Microsoft SQL Server 2012, ...) + TODO: check CVE-2017-8515 (Microsoft Windows 10 1511, 1607, and 1703, and Windows Server 2016 ...) NOT-FOR-US: Microsoft CVE-2017-8514 (An information disclosure vulnerability exists when Microsoft ...) @@ -11186,8 +11186,8 @@ RESERVED CVE-2017-8504 (Microsoft Edge in Windows 10 1607 and 1703, and Windows Server 2016 ...) NOT-FOR-US: Microsoft -CVE-2017-8503 - RESERVED +CVE-2017-8503 (Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows ...) + TODO: check CVE-2017-8502 (Microsoft Office allows a remote code execution vulnerability due to ...) NOT-FOR-US: Microsoft CVE-2017-8501 (Microsoft Office allows a remote code execution vulnerability due to ...) @@ -39374,8 +39374,8 @@ NOT-FOR-US: Microsoft CVE-2017-0294 (Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows ...) NOT-FOR-US: Microsoft -CVE-2017-0293 - RESERVED +CVE-2017-0293 (Microsoft Windows PDF Library in Windows Server 2008 R2 SP1, Windows ...) + TODO: check CVE-2017-0292 (Windows PDF in Windows 8.1, Windows Server 2012 Gold and R2, Windows ...) NOT-FOR-US: Microsoft CVE-2017-0291 (Windows PDF in Windows 8.1, Windows Server 2012 Gold and R2, Windows ...) @@ -39460,8 +39460,8 @@ NOT-FOR-US: Microsoft CVE-2017-0251 RESERVED -CVE-2017-0250 - RESERVED +CVE-2017-0250 (Microsoft JET Database Engine in Windows Server 2008 SP2 and R2 SP1, ...) + TODO: check CVE-2017-0249 (An elevation of privilege vulnerability exists when the ASP.NET Core ...) NOT-FOR-US: Microsoft CVE-2017-0248 (Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and ...) @@ -39612,8 +39612,8 @@ NOT-FOR-US: Microsoft CVE-2017-0175 (The Windows kernel in Windows Server 2008 SP2 and R2 SP1, and Windows ...) NOT-FOR-US: Microsoft -CVE-2017-0174 - RESERVED +CVE-2017-0174 (Windows NetBIOS in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, ...) + TODO: check CVE-2017-0173 (Microsoft Windows 10 1607 and Windows Server 2016 allow an attacker to ...) NOT-FOR-US: Microsoft CVE-2017-0172 @@ -49366,8 +49366,7 @@ RESERVED CVE-2016-5245 RESERVED -CVE-2016-4456 [GNUTLS-SA-2016-1] - RESERVED +CVE-2016-4456 (The "GNUTLS_KEYLOGFILE" environment variable in gnutls 3.4.12 allows ...) - gnutls28 3.4.13-1 [jessie] - gnutls28 <not-affected> (Introduced in 3.4.12) NOTE: http://gnutls.org/security.html#GNUTLS-SA-2016-1 @@ -151632,8 +151631,7 @@ RESERVED - libxerces2-java <unfixed> (unimportant) NOTE: Negligable impact for Xerces -CVE-2012-0880 [xerces-c hash table collisions CPU usage DoS] - RESERVED +CVE-2012-0880 (Apache Xerces-C++ allows remote attackers to cause a denial of service ...) - xerces-c <unfixed> (unimportant) NOTE: Negligable impact for Xerces CVE-2012-0879 (The I/O implementation for block devices in the Linux kernel before ...) @@ -151879,8 +151877,7 @@ CVE-2012-0804 (Heap-based buffer overflow in the proxy_connect function in ...) {DSA-2407-1} - cvs 2:1.12.13+real-7 -CVE-2012-0803 - RESERVED +CVE-2012-0803 (The WS-SP UsernameToken policy in Apache CXF 2.4.5 and 2.5.1 allows ...) NOT-FOR-US: Apache CXF CVE-2012-0802 (Multiple buffer overflows in Spamdyke before 4.3.0 might allow remote ...) NOT-FOR-US: spamdyke @@ -155896,8 +155893,7 @@ [squeeze] - namazu2 <no-dsa> (Minor issue) CVE-2011-4344 (Cross-site scripting (XSS) vulnerability in Jenkins Core in Jenkins ...) - jenkins-winstone 0.9.10-jenkins-29+dfsg-1 (bug #649900) -CVE-2011-4343 - RESERVED +CVE-2011-4343 (Information disclosure vulnerability in Apache MyFaces Core 2.0.1 ...) NOT-FOR-US: Apache MyFaces CVE-2011-4342 (PHP remote file inclusion vulnerability in wp_xml_export.php in the ...) NOT-FOR-US: Wordpress plugin @@ -171198,8 +171194,7 @@ CVE-2009-5004 RESERVED - qpid-cpp <not-affected> (Fixed before initial upload to archive) -CVE-2010-3845 - RESERVED +CVE-2010-3845 (libapache-authenhook-perl 2.00-04 stores usernames and passwords in ...) - libapache-authenhook-perl 2.00-04+pristine-2 (low; bug #599712) [lenny] - libapache-authenhook-perl 2.00-04+pristine-1+lenny1 CVE-2010-4237 @@ -175699,8 +175694,8 @@ CVE-2010-2246 (feh before 1.8, when the --wget-timestamp option is enabled, might ...) - feh 1.8-1 (low; bug #587205) [lenny] - feh <no-dsa> (Minor issue) -CVE-2010-2245 - RESERVED +CVE-2010-2245 (XML External Entity (XXE) vulnerability in Apache Wink 1.1.1 and ...) + TODO: check CVE-2010-2244 (The AvahiDnsPacket function in avahi-core/socket.c in avahi-daemon in ...) {DSA-2086-1} - avahi 0.6.26-1 _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits