[Secure-testing-commits] r56032 - data/CVE

Fri, 22 Sep 2017 14:11:06 -0700 

Author: sectracker
Date: 2017-09-22 21:10:17 +0000 (Fri, 22 Sep 2017)
New Revision: 56032

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-09-22 21:07:22 UTC (rev 56031)
+++ data/CVE/list       2017-09-22 21:10:17 UTC (rev 56032)
@@ -1,3 +1,35 @@
+CVE-2017-14717 (In EPESI 1.8.2 rev20170830, there is Stored XSS in the Tasks 
...)
+       TODO: check
+CVE-2017-14716 (In EPESI 1.8.2 rev20170830, there is Stored XSS in the Tasks 
Title ...)
+       TODO: check
+CVE-2017-14715 (In EPESI 1.8.2 rev20170830, there is Stored XSS in the Tasks 
Alerts ...)
+       TODO: check
+CVE-2017-14714 (In EPESI 1.8.2 rev20170830, there is Stored XSS in the 
Phonecalls ...)
+       TODO: check
+CVE-2017-14713 (In EPESI 1.8.2 rev20170830, there is Stored XSS in the 
Phonecalls ...)
+       TODO: check
+CVE-2017-14712 (In EPESI 1.8.2 rev20170830, there is Stored XSS in the Tasks 
Phonecall ...)
+       TODO: check
+CVE-2017-14711
+       RESERVED
+CVE-2017-14710
+       RESERVED
+CVE-2017-14709
+       RESERVED
+CVE-2017-14708
+       RESERVED
+CVE-2017-14707
+       RESERVED
+CVE-2017-14706 (DenyAll WAF before 6.4.1 allows unauthenticated remote 
attackers to ...)
+       TODO: check
+CVE-2017-14705 (DenyAll WAF before 6.4.1 allows unauthenticated remote command 
...)
+       TODO: check
+CVE-2017-14704
+       RESERVED
+CVE-2017-14703
+       RESERVED
+CVE-2017-14702
+       RESERVED
 CVE-2017-XXXX [Cross-site scripting (XSS) vulnerability in the link modal]
        - wordpress 4.8.2+dfsg-1 (bug #876274)
 CVE-2017-XXXX [Cross-site scripting (XSS) vulnerability in template names]
@@ -30,8 +62,8 @@
        RESERVED
 CVE-2017-14695
        RESERVED
-CVE-2017-14694
-       RESERVED
+CVE-2017-14694 (Foxit Reader 8.3.2.25013 allows attackers to execute arbitrary 
code or ...)
+       TODO: check
 CVE-2017-14693 (IrfanView 4.44 - 32bit allows attackers to cause a denial of 
service or ...)
        NOT-FOR-US: IrfanView
 CVE-2017-14692 (STDU Viewer 1.6.375 allows attackers to execute arbitrary code 
or cause ...)
@@ -1685,14 +1717,14 @@
        RESERVED
 CVE-2017-14082
        RESERVED
-CVE-2017-14081
-       RESERVED
-CVE-2017-14080
-       RESERVED
-CVE-2017-14079
-       RESERVED
-CVE-2017-14078
-       RESERVED
+CVE-2017-14081 (Proxy command injection vulnerabilities in Trend Micro Mobile 
Security ...)
+       TODO: check
+CVE-2017-14080 (Authentication bypass vulnerability in Trend Micro Mobile 
Security ...)
+       TODO: check
+CVE-2017-14079 (Unrestricted file uploads in Trend Micro Mobile Security 
(Enterprise) ...)
+       TODO: check
+CVE-2017-14078 (SQL Injection vulnerabilities in Trend Micro Mobile Security 
...)
+       TODO: check
 CVE-2017-14098 (In the pjsip channel driver (res_pjsip) in Asterisk 13.x 
before 13.17.1 ...)
        - asterisk 1:13.17.1~dfsg-1 (bug #873909)
        [stretch] - asterisk <not-affected> (Vulnerable code not present; issue 
introduced in 13.15)
@@ -9136,10 +9168,10 @@
        RESERVED
 CVE-2017-11397
        RESERVED
-CVE-2017-11396
-       RESERVED
-CVE-2017-11395
-       RESERVED
+CVE-2017-11396 (Vulnerability issues with the web service inspection of input 
...)
+       TODO: check
+CVE-2017-11395 (Command injection vulnerability in Trend Micro Smart 
Protection Server ...)
+       TODO: check
 CVE-2017-11394 (Proxy command injection vulnerability in Trend Micro 
OfficeScan 11 and ...)
        NOT-FOR-US: Trend Micro
 CVE-2017-11393 (Proxy command injection vulnerability in Trend Micro 
OfficeScan 11 and ...)
@@ -14724,8 +14756,8 @@
        RESERVED
 CVE-2017-9394
        RESERVED
-CVE-2017-9393
-       RESERVED
+CVE-2017-9393 (CA Identity Manager r12.6 to r12.6 SP8, 14.0, and 14.1 allows 
remote ...)
+       TODO: check
 CVE-2017-9392
        RESERVED
 CVE-2017-9391
@@ -24137,6 +24169,7 @@
 CVE-2017-6421 (In the touch controller function in all Qualcomm products with 
Android ...)
        NOT-FOR-US: Qualcomm components for Android
 CVE-2017-6420 (The wwunpack function in libclamav/wwunpack.c in ClamAV 0.99.2 
allows ...)
+       {DLA-1105-1}
        - clamav 0.99.3~beta1+dfsg-1
        [stretch] - clamav <no-dsa> (Gets updated via -updates)
        [jessie] - clamav <no-dsa> (Gets updated via -updates)
@@ -24155,6 +24188,7 @@
        NOTE: src:clamav source package.
        NOTE: libmspack: 
https://github.com/kyz/libmspack/commit/6139a0b9e93fcb7fcf423e56aa825bc869e02229
 CVE-2017-6418 (libclamav/message.c in ClamAV 0.99.2 allows remote attackers to 
cause a ...)
+       {DLA-1105-1}
        - clamav 0.99.3~beta1+dfsg-1
        [stretch] - clamav <no-dsa> (Gets updated via -updates)
        [jessie] - clamav <no-dsa> (Gets updated via -updates)
@@ -24296,7 +24330,7 @@
 CVE-2017-6363
        RESERVED
 CVE-2017-6362 (Double free vulnerability in the gdImagePngPtr function in 
libgd2 ...)
-       {DSA-3961-1}
+       {DSA-3961-1 DLA-1106-1}
        - libgd2 2.2.5-1
        NOTE: https://github.com/libgd/libgd/issues/381
        NOTE: 
https://github.com/libgd/libgd/commit/56ce6ef068b954ad28379e83cca04feefc51320c
@@ -24609,8 +24643,8 @@
        RESERVED
 CVE-2017-6278
        RESERVED
-CVE-2017-6277
-       RESERVED
+CVE-2017-6277 (NVIDIA Windows GPU Display Driver contains a vulnerability in 
the ...)
+       TODO: check
 CVE-2017-6276
        RESERVED
 CVE-2017-6275
@@ -24619,28 +24653,25 @@
        RESERVED
 CVE-2017-6273
        RESERVED
-CVE-2017-6272
-       RESERVED
+CVE-2017-6272 (NVIDIA GPU Display Driver contains a vulnerability in the 
kernel mode ...)
        - nvidia-graphics-drivers <unfixed> (bug #876414)
        - nvidia-graphics-drivers-legacy-340xx <undetermined>
        - nvidia-graphics-drivers-legacy-304xx <undetermined>
        NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/4544
-CVE-2017-6271
-       RESERVED
-CVE-2017-6270
-       RESERVED
-CVE-2017-6269
-       RESERVED
-CVE-2017-6268
-       RESERVED
-CVE-2017-6267
-       RESERVED
+CVE-2017-6271 (NVIDIA Windows GPU Display Driver contains a vulnerability in 
the ...)
+       TODO: check
+CVE-2017-6270 (NVIDIA Windows GPU Display Driver contains a vulnerability in 
the ...)
+       TODO: check
+CVE-2017-6269 (NVIDIA Windows GPU Display Driver contains a vulnerability in 
the ...)
+       TODO: check
+CVE-2017-6268 (NVIDIA Windows GPU Display Driver contains a vulnerability in 
the ...)
+       TODO: check
+CVE-2017-6267 (NVIDIA GPU Display Driver contains a vulnerability in the 
kernel mode ...)
        - nvidia-graphics-drivers <unfixed> (bug #876414)
        - nvidia-graphics-drivers-legacy-340xx <undetermined>
        - nvidia-graphics-drivers-legacy-304xx <undetermined>
        NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/4544
-CVE-2017-6266
-       RESERVED
+CVE-2017-6266 (NVIDIA GPU Display Driver contains a vulnerability in the 
kernel mode ...)
        - nvidia-graphics-drivers <unfixed> (bug #876414)
        - nvidia-graphics-drivers-legacy-340xx <undetermined>
        - nvidia-graphics-drivers-legacy-304xx <undetermined>
@@ -31873,8 +31904,8 @@
        RESERVED
 CVE-2017-3771
        RESERVED
-CVE-2017-3770
-       RESERVED
+CVE-2017-3770 (Privilege escalation vulnerability in LXCA versions earlier 
than 1.3.2 ...)
+       TODO: check
 CVE-2017-3769
        RESERVED
 CVE-2017-3768
@@ -31887,8 +31918,8 @@
        RESERVED
 CVE-2017-3764
        RESERVED
-CVE-2017-3763
-       RESERVED
+CVE-2017-3763 (An attacker who obtains access to the location where the LXCA 
file ...)
+       TODO: check
 CVE-2017-3762
        RESERVED
 CVE-2017-3761


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to