[Secure-testing-commits] r52836 - data/CVE

security tracker role Fri, 23 Jun 2017 02:10:54 -0700

Author: sectracker
Date: 2017-06-23 09:10:13 +0000 (Fri, 23 Jun 2017)
New Revision: 52836


Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-06-23 08:25:55 UTC (rev 52835)
+++ data/CVE/list       2017-06-23 09:10:13 UTC (rev 52836)
@@ -1312,10 +1312,10 @@
        NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21600
 CVE-2017-9777
        RESERVED
-CVE-2017-9776
-       RESERVED
-CVE-2017-9775
-       RESERVED
+CVE-2017-9776 (Integer overflow leading to Heap buffer overflow in 
JBIG2Stream.cc in ...)
+       TODO: check
+CVE-2017-9775 (Stack buffer overflow in GfxState.cc in pdftocairo in Poppler 
before ...)
+       TODO: check
 CVE-2017-9774 (Remote Code Execution was found in Horde_Image 2.x before 2.5.0 
via a ...)
        - php-horde-image <unfixed> (bug #865505)
        NOTE: https://lists.horde.org/archives/announce/2017/001234.html
@@ -2507,8 +2507,8 @@
        NOT-FOR-US: WebsiteBaker
 CVE-2017-9357
        RESERVED
-CVE-2017-9356
-       RESERVED
+CVE-2017-9356 (Sitecore.NET 7.1 through 7.2 has a Cross Site Scripting 
Vulnerability ...)
+       TODO: check
 CVE-2017-9358 (A memory exhaustion vulnerability exists in Asterisk Open 
Source 13.x ...)
        - asterisk 1:13.14.1~dfsg-2 (bug #863906)
        [jessie] - asterisk <not-affected> (11.x series not affected)
@@ -22123,12 +22123,12 @@
        NOTE: Wheezy do not have any elliptic curve functionality. Jessie is 
affected however.
 CVE-2017-2783 (An exploitable heap corruption vulnerability exists in the ...)
        NOT-FOR-US: AntennaHouse
-CVE-2017-2782
-       RESERVED
-CVE-2017-2781
-       RESERVED
-CVE-2017-2780
-       RESERVED
+CVE-2017-2782 (An integer overflow vulnerability exists in the X509 
certificate ...)
+       TODO: check
+CVE-2017-2781 (An exploitable heap buffer overflow vulnerability exists in the 
X509 ...)
+       TODO: check
+CVE-2017-2780 (An exploitable heap buffer overflow vulnerability exists in the 
X509 ...)
+       TODO: check
 CVE-2017-2779
        RESERVED
 CVE-2017-2778
@@ -26166,8 +26166,8 @@
        RESERVED
 CVE-2017-0898
        RESERVED
-CVE-2017-0897
-       RESERVED
+CVE-2017-0897 (ExpressionEngine version 2.x &lt; 2.11.8 and version 3.x &lt; 
3.5.5 create ...)
+       TODO: check
 CVE-2017-0896 (Zulip Server 1.5.1 and below suffer from an error in the ...)
        - zulip-server <itp> (bug #800052)
 CVE-2017-0895 (Nextcloud Server before 10.0.4 and 11.0.2 are vulnerable to 
disclosure ...)


_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r52836 - data/CVE

Reply via email to