diff options
author | security tracker role <sectracker@soriano.debian.org> | 2020-08-29 20:10:21 +0000 |
---|---|---|
committer | security tracker role <sectracker@soriano.debian.org> | 2020-08-29 20:10:21 +0000 |
commit | 2dbde904f3082ab585900d6e80d3bef9b23cdf7b (patch) | |
tree | 611f02d2d9ca3d9fed7262d9420bf4e95daa5675 /data/CVE/2017.list | |
parent | d1b08084917315bc7f090661b858101da0208986 (diff) |
automatic update
Diffstat (limited to 'data/CVE/2017.list')
-rw-r--r-- | data/CVE/2017.list | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/data/CVE/2017.list b/data/CVE/2017.list index 9db318ab22..4a8b23718a 100644 --- a/data/CVE/2017.list +++ b/data/CVE/2017.list @@ -5700,13 +5700,14 @@ CVE-2017-16909 (An error related to the "LibRaw::panasonic_load_raw()" function NOTE: https://secuniaresearch.flexerasoftware.com/secunia_research/2017-19 NOTE: https://github.com/LibRaw/LibRaw/commit/2f59bac59dbcbf6bbcf01a9f3eed74307e96ca7e CVE-2017-16908 (In Horde Groupware 5.2.19, there is XSS via the Name field during crea ...) + {DLA-2350-1} - php-horde-kronolith 4.2.24-1 (bug #909738) [jessie] - php-horde-kronolith <not-affected> (vulnerable code not present) NOTE: http://code610.blogspot.com/2017/11/rce-via-xss-horde-5219.html NOTE: https://bugs.horde.org/ticket/14857 NOTE: https://github.com/horde/kronolith/commit/39f740068ad21618f6f70b6e37855c61cadbd716 CVE-2017-16907 (In Horde Groupware 5.2.19 and 5.2.21, there is XSS via the Color field ...) - {DLA-1536-1 DLA-1535-1} + {DLA-2349-1 DLA-2348-1 DLA-1536-1 DLA-1535-1} - php-horde 5.2.18+debian0-1 (bug #909739) - php-horde-core 2.31.3+debian0-1 (bug #909800) NOTE: http://code610.blogspot.com/2017/11/rce-via-xss-horde-5219.html @@ -5714,7 +5715,7 @@ CVE-2017-16907 (In Horde Groupware 5.2.19 and 5.2.21, there is XSS via the Color NOTE: php-horde: https://github.com/horde/base/commit/fb2113bbcd04bd4a28c46aad0889fb0a3979a230 NOTE: php-horde-core: https://github.com/horde/Core/commit/ecea6ea740419e19122a50579ba2903c1cb71d7a CVE-2017-16906 (In Horde Groupware 5.2.19-5.2.22, there is XSS via the URL field in a ...) - {DLA-1537-1} + {DLA-2351-1 DLA-1537-1} - php-horde-kronolith 4.2.24-1 (bug #909737) NOTE: http://code610.blogspot.com/2017/11/rce-via-xss-horde-5219.html NOTE: https://bugs.horde.org/ticket/14857 @@ -10411,6 +10412,7 @@ CVE-2017-15237 CVE-2017-15236 (Tiandy IP cameras 5.56.17.120 do not properly restrict a certain propr ...) NOT-FOR-US: Tiandy IP cameras CVE-2017-15235 (The File Manager (gollem) module 3.0.11 in Horde Groupware 5.2.21 allo ...) + {DLA-2352-1} - php-horde-gollem 3.0.12-1 [jessie] - php-horde-gollem <no-dsa> (Minor issue) NOTE: https://blogs.securiteam.com/index.php/archives/3454 @@ -28341,6 +28343,7 @@ CVE-2017-9116 (In OpenEXR 2.2.0, an invalid read of size 1 in the uncompress fun NOTE: https://www.openwall.com/lists/oss-security/2017/05/12/5 NOTE: https://github.com/openexr/openexr/issues/232 CVE-2017-9115 (In OpenEXR 2.2.0, an invalid write of size 2 in the = operator functio ...) + {DSA-4755-1} - openexr <unfixed> (bug #873885) [stretch] - openexr <no-dsa> (Minor issue) [jessie] - openexr <no-dsa> (Minor issue) @@ -28348,6 +28351,7 @@ CVE-2017-9115 (In OpenEXR 2.2.0, an invalid write of size 2 in the = operator fu NOTE: https://www.openwall.com/lists/oss-security/2017/05/12/5 NOTE: https://github.com/openexr/openexr/issues/232 CVE-2017-9114 (In OpenEXR 2.2.0, an invalid read of size 1 in the refill function in ...) + {DSA-4755-1} - openexr <unfixed> (bug #873885) [stretch] - openexr <no-dsa> (Minor issue) [jessie] - openexr <no-dsa> (Minor issue) @@ -28355,6 +28359,7 @@ CVE-2017-9114 (In OpenEXR 2.2.0, an invalid read of size 1 in the refill functio NOTE: https://www.openwall.com/lists/oss-security/2017/05/12/5 NOTE: https://github.com/openexr/openexr/issues/232 CVE-2017-9113 (In OpenEXR 2.2.0, an invalid write of size 1 in the bufferedReadPixels ...) + {DSA-4755-1} - openexr <unfixed> (low; bug #873885) [stretch] - openexr <no-dsa> (Minor issue) [jessie] - openexr <no-dsa> (Minor issue) @@ -28369,6 +28374,7 @@ CVE-2017-9112 (In OpenEXR 2.2.0, an invalid read of size 1 in the getBits functi NOTE: https://www.openwall.com/lists/oss-security/2017/05/12/5 NOTE: https://github.com/openexr/openexr/issues/232 CVE-2017-9111 (In OpenEXR 2.2.0, an invalid write of size 8 in the storeSSE function ...) + {DSA-4755-1} - openexr <unfixed> (bug #873885) [stretch] - openexr <no-dsa> (Minor issue) [jessie] - openexr <no-dsa> (Minor issue) |