Author: sectracker
Date: 2015-07-22 21:10:17 +0000 (Wed, 22 Jul 2015)
New Revision: 35632
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-07-22 20:51:26 UTC (rev 35631)
+++ data/CVE/list 2015-07-22 21:10:17 UTC (rev 35632)
@@ -1,3 +1,7 @@
+CVE-2015-5611 (Unspecified vulnerability in Uconnect 15.26.1, as used in
certain Fiat ...)
+ TODO: check
+CVE-2015-5610 (The RSM (aka RSMWinService) service in SolarWinds N-Able
N-Central ...)
+ TODO: check
CVE-2015-5609
RESERVED
CVE-2015-5608
@@ -374,8 +378,8 @@
RESERVED
CVE-2015-5465
RESERVED
-CVE-2015-5464
- RESERVED
+CVE-2015-5464 (Unspecified vulnerability on the Gemalto SafeNet Luna HSM has
unknown ...)
+ TODO: check
CVE-2015-5463
RESERVED
CVE-2015-5462
@@ -1095,7 +1099,7 @@
RESERVED
- linux <unfixed>
[wheezy] - linux <undetermined>
- - linux-2.6 <undetermined>
+ - linux-2.6 <undetermined>
NOTE:
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9b6e6a8334d56354853f9c255d1395c2ba570e0a
NOTE: Same fix as for CVE-2015-3290.
NOTE: Some form of crash is likely in principle since 3.3.
@@ -2266,15 +2270,13 @@
NOT-FOR-US: SwiftKey language-pack update implementation on Samsung
devices
CVE-2012-6692 (Cross-site scripting (XSS) vulnerability in
js/wp-seo-metabox.js in ...)
NOT-FOR-US: WordPress plugin wordpress-seo
-CVE-2015-4652 [GSM DTAP dissector could crash]
- RESERVED
+CVE-2015-4652 (epan/dissectors/packet-gsm_a_dtap.c in the GSM DTAP dissector
in ...)
{DSA-3294-1}
- wireshark 1.12.6+gee1fce6-1
[wheezy] - wireshark <not-affected> (Vulnerable code not present)
[squeeze] - wireshark <not-affected> (Vulnerable code not present)
NOTE: http://www.wireshark.org/security/wnpa-sec-2015-20.html
-CVE-2015-4651 [WCCP dissector crash]
- RESERVED
+CVE-2015-4651 (The dissect_wccp2r1_address_table_info function in ...)
{DSA-3294-1}
- wireshark 1.12.6+gee1fce6-1
[wheezy] - wireshark <not-affected> (Vulnerable code not present)
@@ -2324,7 +2326,7 @@
RESERVED
CVE-2015-4634 [SQL injection in graphs.php]
RESERVED
- {DLA-278-1}
+ {DSA-3312-1 DLA-278-1}
- cacti 0.8.8e+ds1-1
NOTE: http://bugs.cacti.net/view.php?id=2577
NOTE: http://svn.cacti.net/viewvc?view=rev&revision=7731
@@ -2469,8 +2471,8 @@
NOT-FOR-US: WordPress plugin nextend-twitter-connect
CVE-2015-4555
RESERVED
-CVE-2015-4554
- RESERVED
+CVE-2015-4554 (Multiple unspecified vulnerabilities in TIBCO Spotfire Client
and ...)
+ TODO: check
CVE-2015-4553
RESERVED
CVE-2015-4552
@@ -3053,8 +3055,8 @@
RESERVED
CVE-2015-4284
RESERVED
-CVE-2015-4283
- RESERVED
+CVE-2015-4283 (Cisco Videoscape Policy Resource Manager (PRM) 3.5.4 allows
remote ...)
+ TODO: check
CVE-2015-4282
RESERVED
CVE-2015-4281
@@ -3121,16 +3123,16 @@
RESERVED
CVE-2015-4250
RESERVED
-CVE-2015-4249 (Multiple cross-site scripting (XSS) vulnerabilities in Cisco
WebEx ...)
- TODO: check
+CVE-2015-4249
+ REJECTED
CVE-2015-4248
RESERVED
CVE-2015-4247
- RESERVED
-CVE-2015-4246
- RESERVED
+ REJECTED
+CVE-2015-4246 (Cross-site scripting (XSS) vulnerability in Cisco WebEx Meeting
Center ...)
+ TODO: check
CVE-2015-4245
- RESERVED
+ REJECTED
CVE-2015-4244 (The boot implementation on Cisco ASR 5000 and 5500 devices with
...)
TODO: check
CVE-2015-4243 (The PPPoE establishment implementation in Cisco IOS XE 3.5.0S
on ASR ...)
@@ -5906,12 +5908,12 @@
TODO: double check for erliest introducing version
CVE-2015-3290
RESERVED
- - linux <unfixed>
- [wheezy] - linux <not-affected> (Introduced in 3.13)
- - linux-2.6 <not-affected> (Introduced in 3.13)
- NOTE:
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9d05041679904b12c12421cbcf9cb5f4860a8d7b
(prerequisite)
- NOTE:
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0e181bb58143cb4a2e8f01c281b0816cd0e4798e
(prerequisite)
- NOTE:
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9b6e6a8334d56354853f9c255d1395c2ba570e0a
+ - linux <unfixed>
+ [wheezy] - linux <not-affected> (Introduced in 3.13)
+ - linux-2.6 <not-affected> (Introduced in 3.13)
+ NOTE:
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9d05041679904b12c12421cbcf9cb5f4860a8d7b
(prerequisite)
+ NOTE:
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0e181bb58143cb4a2e8f01c281b0816cd0e4798e
(prerequisite)
+ NOTE:
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9b6e6a8334d56354853f9c255d1395c2ba570e0a
CVE-2015-3289
RESERVED
CVE-2015-3288
@@ -7177,8 +7179,8 @@
RESERVED
CVE-2015-2870
RESERVED
-CVE-2015-2869
- RESERVED
+CVE-2015-2869 (The FileInfo plugin before 2.22 for Ghisler Total Commander
allows ...)
+ TODO: check
CVE-2015-2868
RESERVED
CVE-2015-2867
@@ -9549,8 +9551,8 @@
RESERVED
CVE-2015-2135
RESERVED
-CVE-2015-2134
- RESERVED
+CVE-2015-2134 (Cross-site request forgery (CSRF) vulnerability in HP System
...)
+ TODO: check
CVE-2015-2133
RESERVED
CVE-2015-2132
@@ -10108,10 +10110,10 @@
NOT-FOR-US: IBM WebSphere Portal
CVE-2015-1907 (The Administration and Reporting Tool in IBM Rational License
Key ...)
NOT-FOR-US: IBM Rational License Key Server
-CVE-2015-1906
- RESERVED
-CVE-2015-1905
- RESERVED
+CVE-2015-1906 (Cross-site scripting (XSS) vulnerability in the REST API in IBM
...)
+ TODO: check
+CVE-2015-1905 (The REST API in IBM Business Process Manager (BPM) 7.5.x
through ...)
+ TODO: check
CVE-2015-1904
RESERVED
CVE-2015-1903 (Stack-based buffer overflow in IBM Domino 8.5 before 8.5.3 FP6
IF7 and ...)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
