[Secure-testing-commits] r37689 - data/CVE

security tracker role Fri, 13 Nov 2015 13:12:03 -0800

Author: sectracker
Date: 2015-11-13 21:10:11 +0000 (Fri, 13 Nov 2015)
New Revision: 37689


Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2015-11-13 19:21:40 UTC (rev 37688)
+++ data/CVE/list       2015-11-13 21:10:11 UTC (rev 37689)
@@ -1,3 +1,7 @@
+CVE-2015-8125
+       RESERVED
+CVE-2015-8124
+       RESERVED
 CVE-2015-8123
        RESERVED
 CVE-2015-8122
@@ -34,7 +38,7 @@
        RESERVED
 CVE-2015-8106
        RESERVED
-CVE-2015-8126 [libpng buffer overflow in png_set_PLTE]
+CVE-2015-8126 (Multiple buffer overflows in the (1) png_set_PLTE and (2) 
png_get_PLTE ...)
        - libpng <unfixed>
        NOTE: http://www.openwall.com/lists/oss-security/2015/11/12/2
        TODO: check (should be fixed in 1.6.19, 1.5.24, 1.4.17, 1.2.54, and 
1.0.64)
@@ -595,8 +599,8 @@
        RESERVED
 CVE-2015-7906
        RESERVED
-CVE-2015-7905
-       RESERVED
+CVE-2015-7905 (Unitronics VisiLogic OPLC IDE before 9.8.02 allows remote 
attackers to ...)
+       TODO: check
 CVE-2015-7904 (Unrestricted file upload vulnerability in Infinite Automation 
Mango ...)
        TODO: check
 CVE-2015-7903 (SQL injection vulnerability in Infinite Automation Mango 
Automation ...)
@@ -4241,8 +4245,8 @@
        RESERVED
 CVE-2015-6479
        RESERVED
-CVE-2015-6478
-       RESERVED
+CVE-2015-6478 (Unitronics VisiLogic OPLC IDE before 9.8.02 does not properly 
restrict ...)
+       TODO: check
 CVE-2015-6477 (Multiple cross-site scripting (XSS) vulnerabilities in the Wind 
Farm ...)
        TODO: check
 CVE-2015-6476 (Advantech EKI-122x-BE devices with firmware before 1.65, 
EKI-132x ...)
@@ -4465,8 +4469,8 @@
        RESERVED
 CVE-2015-6367
        RESERVED
-CVE-2015-6366
-       RESERVED
+CVE-2015-6366 (Cisco IOS 15.2(04)M6 and 15.4(03)S lets physical-interface ACLs 
...)
+       TODO: check
 CVE-2015-6365
        RESERVED
 CVE-2015-6364
@@ -5099,8 +5103,8 @@
        NOT-FOR-US: Microsoft Internet Explorer
 CVE-2015-6046 (Microsoft Internet Explorer 9 through 11 allows remote 
attackers to ...)
        NOT-FOR-US: Microsoft Internet Explorer
-CVE-2015-6045
-       RESERVED
+CVE-2015-6045 (Use-after-free vulnerability in the CElement object 
implementation in ...)
+       TODO: check
 CVE-2015-6044 (Microsoft Internet Explorer 8 allows remote attackers to gain 
...)
        NOT-FOR-US: Microsoft Internet Explorer
 CVE-2015-6043
@@ -15005,8 +15009,7 @@
        RESERVED
 CVE-2015-2699
        RESERVED
-CVE-2015-2698 [memory corruption caused due to original patch for 
CVE-2015-2696]
-       RESERVED
+CVE-2015-2698 (The iakerb_gss_export_sec_context function in 
lib/gssapi/krb5/iakerb.c ...)
        - krb5 1.13.2+dfsg-4
        [jessie] - krb5 <not-affected> (Only affected when applying original 
patch for CVE-2015-2696 only)
        [wheezy] - krb5 <not-affected> (Only affected when applying original 
patch for CVE-2015-2696 only)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r37689 - data/CVE

Reply via email to