Download
| Alert*
oval:org.secpod.oval:def:602051
Emanuele Rocca discovered that ppp, a daemon implementing the Point-to-Point Protocol, was subject to a buffer overflow when communicating with a RADIUS server. This would allow unauthenticated users to cause a denial-of-service by crashing the daemon. oval:org.secpod.oval:def:52421 linux: Linux kernel Details: USN-2516-1 fixed vulnerabilities in the Linux kernel, and the fix in USN-2516-2 was incomplete. There was an unrelated regression in the use of the virtual counter on arm64 architectures. This update fixes the problem. We apologize for the inconvenience. Original adviso ... oval:org.secpod.oval:def:52424 firefox: Mozilla Open Source web browser Details: USN-2505-1 fixed vulnerabilities in Firefox. This update removed the deprecated quot;-remotequot; command-line switch that some older software still depends on. This update fixes the problem. We apologize for the inconvenience. Original advisory USN- ... oval:org.secpod.oval:def:104698 Keystone is a Python implementation of the OpenStack identity service API. This package contains the Keystone daemon. oval:org.secpod.oval:def:104616 Keystone is a Python implementation of the OpenStack identity service API. This package contains the Keystone daemon. oval:org.secpod.oval:def:52433 python-django: High-level Python web development framework Several security issues were fixed in Django. oval:org.secpod.oval:def:104802 Libarchive is a programming library that can create and read several different streaming archive formats, including most popular tar variants, several cpio formats, and both BSD and GNU ar variants. It can also write shar archives and read ISO9660 CDROM images and ZIP archives. oval:org.secpod.oval:def:104801 Libarchive is a programming library that can create and read several different streaming archive formats, including most popular tar variants, several cpio formats, and both BSD and GNU ar variants. It can also write shar archives and read ISO9660 CDROM images and ZIP archives. oval:org.secpod.oval:def:104829 Libarchive is a programming library that can create and read several different streaming archive formats, including most popular tar variants, several cpio formats, and both BSD and GNU ar variants. It can also write shar archives and read ISO9660 CDROM images and ZIP archives. oval:org.secpod.oval:def:104828 Libarchive is a programming library that can create and read several different streaming archive formats, including most popular tar variants, several cpio formats, and both BSD and GNU ar variants. It can also write shar archives and read ISO9660 CDROM images and ZIP archives. oval:org.secpod.oval:def:52491 apport: automatically generate crash reports for debugging Apport could be tricked into creating arbitrary files as an administrator, resulting in privilege escalation. oval:org.secpod.oval:def:1502089 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:52476 libmodule-signature-perl: module to manipulate CPAN SIGNATURE files Several security issues were fixed in Module::Signature. oval:org.secpod.oval:def:602098 The update for libmodule-signature-perl issued as DSA-3261-1 introduced a regression in the handling of the --skip option of cpansign. Updated packages are now available to address this regression. For reference, the original advisory text follows. Multiple vulnerabilities were discovered in libmodu ... oval:org.secpod.oval:def:602099 Multiple vulnerabilities were discovered in libmodule-signature-perl, a Perl module to manipulate CPAN SIGNATURE files. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2015-3406 John Lightsey discovered that Module::Signature could parses the unsigned portion ... oval:org.secpod.oval:def:1801080 CVE-2018-14349: Heap Overflow in imap/command.c¶ Fixed In Version:¶ mutt 1.10.1 oval:org.secpod.oval:def:1801082 CVE-2018-14349: Heap Overflow in imap/command.c¶ Fixed In Version:¶ mutt 1.10.1 oval:org.secpod.oval:def:1801083 CVE-2018-14349: Heap Overflow in imap/command.c¶ Fixed In Version:¶ mutt 1.10.1 oval:org.secpod.oval:def:1801084 CVE-2018-14349: Heap Overflow in imap/command.c¶ Fixed In Version:¶ mutt 1.10.1 oval:org.secpod.oval:def:33747 The host is installed with PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7 or 9.4.x before 9.4.2 and is prone to a double free vulnerability. A flaw is present in the application, which fails to properly handle session shutdown sequence. Successful exploitation ... oval:org.secpod.oval:def:602558 Yves Younan of Cisco Talos discovered several vulnerabilities in the MXit protocol support in pidgin, a multi-protocol instant messaging client. A remote attacker can take advantage of these flaws to cause a denial of service , overwrite files, information disclosure, or potentially to execute arbit ... oval:org.secpod.oval:def:10642 The host is installed with Puppet 2.6.x before 2.6.18, 2.7.x before 2.7.21, 3.1.x before 3.1.1 or Puppet Enterprise before 1.2.7 or 2.7.x before 2.7.2 and is prone to security bypass vulnerability. A flaw is present in the applications, which fail to handle the default configuration for puppet maste ... oval:org.secpod.oval:def:10645 The host is installed with Puppet before 2.6.18, 2.7.x before 2.7.21 or 3.1.x before 3.1.1 or Puppet Enterprise before 1.2.7 or 2.7.x before 2.7.2 and is prone to arbitrary code-execution vulnerability. A flaw is present in the application, which fails to handle a crafted HTTP request. Successful ex ... oval:org.secpod.oval:def:10646 The host is installed with Puppet 2.6 before 2.6.18, 2.7.x before 2.7.21 or 3.1.x before 3.1.1 or Puppet Enterprise before 1.2.7 or 2.7.x before 2.7.2 and is prone to security-bypass vulnerability. A flaw is present in the application, which fails to handle certain security restrictions. Successful ... oval:org.secpod.oval:def:10647 The host is installed with Puppet before 2.6.18, 2.7.x before 2.7.21 or 3.1.x before 3.1.1 or Puppet Enterprise before 1.2.7 or 2.7.x before 2.7.2 and is prone to remote code execution vulnerability. A flaw is present in the application, which fails to handle a crafted catalog request. Successful ex ... oval:org.secpod.oval:def:106079 Poppler, a PDF rendering library, is a fork of the xpdf PDF viewer developed by Derek Noonburg of Glyph and Cog, LLC. oval:org.secpod.oval:def:34244 poppler: PDF rendering library poppler could be made to crash or run programs if it opened a specially crafted file. oval:org.secpod.oval:def:106073 Poppler, a PDF rendering library, is a fork of the xpdf PDF viewer developed by Derek Noonburg of Glyph and Cog, LLC. oval:org.secpod.oval:def:25574 binutils: GNU assembler, linker and binary utilities Applications from GNU binutils could be made to crash, run programs, or delete arbitrary files as your login if they opened a specially crafted file. oval:org.secpod.oval:def:601805 Multiple vulnerabilities have been discovered in Pidgin, a multi-protocol instant messaging client: CVE-2014-3694 It was discovered that the SSL/TLS plugins failed to validate the basic constraints extension in intermediate CA certificates. CVE-2014-3695 Yves Younan and Richard Johnson discovered th ... oval:org.secpod.oval:def:21527 The host is installed with Pidgin before 2.10.10 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle a crafted certificate. Successful exploitation allows attackers to spoof servers and obtain sensitive information. oval:org.secpod.oval:def:1502005 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:107885 Pidgin allows you to talk to anyone using a variety of messaging protocols including AIM, MSN, Yahoo!, Jabber, Bonjour, Gadu-Gadu, ICQ, IRC, Novell Groupwise, QQ, Lotus Sametime, SILC, Simple and Zephyr. These protocols are implemented using a modular, easy to use design. To use a protocol, just add ... oval:org.secpod.oval:def:25575 binutils: GNU assembler, linker and binary utilities Applications from GNU binutils could be made to crash, run programs, or delete arbitrary files as your login if they opened a specially crafted file. oval:org.secpod.oval:def:108443 The FreeType engine is a free and portable font rendering engine, developed to provide advanced font support for a variety of platforms and environments. FreeType is a library which can open and manages font files as well as efficiently load, hint and render individual glyphs. FreeType is not a font ... oval:org.secpod.oval:def:25169 The host is installed with glibc on Red Hat Enterprise Linux 7 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to handle a long line containing wide characters. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:24036 The host is installed with e2fsprogs before 1.42.9-7 on Redhat Enterprise Linux 7 and before 1.42.12-21 on Redhat Enterprise Linux 6 and is prone to a heap-based buffer overflow vulnerability. A flaw is present in the application, which causes a crafted block group descriptor to be marked as dirty. ... oval:org.secpod.oval:def:24037 The host is installed with e2fsprogs before 1.42.9-7 on Redhat Enterprise Linux 7 and before 1.42.12-21 on Redhat Enterprise Linux 6 and is prone to a heap-based buffer overflow vulnerability. A flaw is present in the application, which causes a crafted block group descriptor to be marked as dirty. ... oval:org.secpod.oval:def:1200097 ClamAV before 0.98.7 allows remote attackers to cause a denial of service via a crafted y0da cryptor file. ClamAV before 0.98.7 allows remote attackers to cause a denial of service via a crafted xz archive file. ClamAV before 0.98.7 allows remote attackers to cause a denial of service via a craft ... oval:org.secpod.oval:def:108852 This package contains the tools required to unpack, build and upload Debian source packages. This package also contains the programs dpkg which used to handle the installation and removal of packages on a Debian system. This package also contains dselect, an interface for managing the installation ... oval:org.secpod.oval:def:52452 dpkg: Debian package management system dpkg could be tricked into bypassing source package signature checks. oval:org.secpod.oval:def:602034 Jann Horn discovered that the source package integrity verification in dpkg-source can be bypassed via a specially crafted Debian source control file . Note that this flaw only affects extraction of local Debian source packages via dpkg-source but not the installation of packages from the Debian arc ... oval:org.secpod.oval:def:108853 This package contains the tools required to unpack, build and upload Debian source packages. This package also contains the programs dpkg which used to handle the installation and removal of packages on a Debian system. This package also contains dselect, an interface for managing the installation ... oval:org.secpod.oval:def:52436 batik: xml.apache.org SVG Library Batik could be made to consume resources or expose sensitive information. oval:org.secpod.oval:def:109162 Batik is a Java technology based toolkit for applications that want to use images in the Scalable Vector Graphics format for various purposes, such as viewing, generation or manipulation. oval:org.secpod.oval:def:109139 Batik is a Java technology based toolkit for applications that want to use images in the Scalable Vector Graphics format for various purposes, such as viewing, generation or manipulation. oval:org.secpod.oval:def:602012 Nicolas Gregoire and Kevin Schaller discovered that Batik, a toolkit for processing SVG images, would load XML external entities by default. If a user or automated system were tricked into opening a specially crafted SVG file, an attacker could possibly obtain access to arbitrary files or cause reso ... oval:org.secpod.oval:def:109103 Batik is a Java technology based toolkit for applications that want to use images in the Scalable Vector Graphics format for various purposes, such as viewing, generation or manipulation. oval:org.secpod.oval:def:602011 Daniel Chatfield discovered that python-django, a high-level Python web development framework, incorrectly handled user-supplied redirect URLs. A remote attacker could use this flaw to perform a cross-site scripting attack. oval:org.secpod.oval:def:25792 python-django: High-level Python web development framework Several security issues were fixed in Django. oval:org.secpod.oval:def:602384 Aris Adamantiadis discovered that libssh, a tiny C SSH library, incorrectly generated a short ephemeral secret for the diffie-hellman-group1 and diffie-hellman-group14 key exchange methods. The resulting secret is 128 bits long, instead of the recommended sizes of 1024 and 2048 bits respectively. Th ... oval:org.secpod.oval:def:702507 dpkg: Debian package management system dpkg could be tricked into bypassing source package signature checks. oval:org.secpod.oval:def:702505 libtasn1-6: Library to manage ASN.1 structures - libtasn1-3: Library to manage ASN.1 structures Libtasn1 could be made to crash or run programs if it processed specially crafted data. oval:org.secpod.oval:def:702969 gtk+2.0: GTK+ graphical user interface library - gtk+3.0: GTK+ graphical user interface library GTK+ could be made to crash or run programs as your login if it processed a specially crafted image. oval:org.secpod.oval:def:702968 eog: Eye of GNOME graphics viewer program Eye of GNOME could be made to crash or run programs as your login if it opened a specially crafted image. oval:org.secpod.oval:def:701623 libyaml-libyaml-perl: Perl interface to libyaml, a YAML implementation libyaml-libyaml-perl could be made to crash or run programs if it opened a specially crafted YAML file. oval:org.secpod.oval:def:600986 Multiple vulnerabilities were discovered in Puppet, a centralized configuration management system. CVE-2013-1640 An authenticated malicious client may request its catalog from the puppet master, and cause the puppet master to execute arbitrary code. The puppet master must be made to invoke the `temp ... oval:org.secpod.oval:def:204181 FreeType is a free, high-quality, portable font engine that can open and manage font files. It also loads, hints, and renders individual glyphs efficiently. Multiple integer overflow flaws and an integer signedness flaw, leading to heap-based buffer overflows, were found in the way FreeType handled ... oval:org.secpod.oval:def:204563 The dnsmasq packages contain Dnsmasq, a lightweight DNS forwarder and DHCP server. Security Fix: * A heap buffer overflow was found in dnsmasq in the code responsible for building DNS replies. An attacker could send crafted DNS packets to dnsmasq which would cause it to crash or, potentially, exec ... oval:org.secpod.oval:def:26790 The libXfont package provides the X.Org libXfont runtime library. X.Org is an open source implementation of the X Window System. An integer overflow flaw was found in the way libXfont processed certain Glyph Bitmap Distribution Format fonts. A malicious, local user could use this flaw to crash the X ... oval:org.secpod.oval:def:1300184 A vulnerability has been found and corrected in libarchive: Fabian Yamaguchi reported a read buffer overflow flaw in libarchive on 64-bit systems where sizeof is equal to 8. In the archive_write_zip_data function in libarchive/ archive_write_set_format_zip.c, the "s" parameter is of type s ... oval:org.secpod.oval:def:601203 Florian Weimer of the Red Hat Product Security Team discovered a heap-based buffer overflow flaw in LibYAML, a fast YAML 1.1 parser and emitter library. A remote attacker could provide a YAML document with a specially-crafted tag that, when parsed by an application using libyaml, would cause the app ... oval:org.secpod.oval:def:601224 Florian Weimer of the Red Hat Product Security Team discovered a heap-based buffer overflow flaw in LibYAML, a fast YAML 1.1 parser and emitter library. A remote attacker could provide a YAML document with a specially-crafted tag that, when parsed by an application using libyaml, would cause the app ... oval:org.secpod.oval:def:204595 Libtasn1 is a library that provides Abstract Syntax Notation One parsing and structures management, and Distinguished Encoding Rules encoding and decoding functions. The following packages have been upgraded to a later upstream version: libtasn1 . Security Fix: * A heap-based buffer overflow flaw ... oval:org.secpod.oval:def:703136 glibc: GNU C Library - eglibc: GNU C Library Details: USN-2985-1 fixed vulnerabilities in the GNU C Library. The fix for CVE-2014-9761 introduced a regression which affected applications that use the libm library but were not fully restarted after the upgrade. This update removes the fix for CVE-201 ... oval:org.secpod.oval:def:33125 The host is installed with Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.65 or 8.x before 8.0.27 and is prone to a directory traversal vulnerability. A flaw is present in RequestUtil.java, which fails to handle a /.. (slash dot dot) in a pathname used by a web application in a getResource, getReso ... oval:org.secpod.oval:def:702265 pidgin: graphical multi-protocol instant messaging client for X Several security issues were fixed in Pidgin. oval:org.secpod.oval:def:701162 keystone: OpenStack identity service Keystone could be made to fill server disks with error messages. oval:org.secpod.oval:def:702498 firefox: Mozilla Open Source web browser Firefox could be made to bypass SSL certificate verification. oval:org.secpod.oval:def:702497 mailman: Powerful, web-based mailing list manager Mailman could be made to run programs if it processed a specially crafted list name. oval:org.secpod.oval:def:702471 python-django: High-level Python web development framework Several security issues were fixed in Django. oval:org.secpod.oval:def:702476 libarchive: Library to read/write archive files libarchive could be made to crash or overwrite files. oval:org.secpod.oval:def:203653 Mailman is a program used to help manage email discussion lists. It was found that mailman did not sanitize the list name before passing it to certain MTAs. A local attacker could use this flaw to execute arbitrary code as the user running mailman. This update also fixes the following bugs: * Previ ... oval:org.secpod.oval:def:203658 PostgreSQL is an advanced object-relational database management system . A double-free flaw was found in the connection handling. An unauthenticated attacker could exploit this flaw to crash the PostgreSQL back end by disconnecting at approximately the same time as the authentication time out is tri ... oval:org.secpod.oval:def:702477 batik: xml.apache.org SVG Library Batik could be made to consume resources or expose sensitive information. oval:org.secpod.oval:def:702468 libxfont: X11 font rasterisation library libXfont could be made to crash or run programs as an administrator if it opened a specially crafted bdf font file. oval:org.secpod.oval:def:701365 libxml2: GNOME XML library Details: USN-1904-1 fixed vulnerabilities in libxml2. The update caused a regression for certain users. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-1904-1 introduced a regression in libxml2. oval:org.secpod.oval:def:702453 firefox: Mozilla Open Source web browser Details: USN-2505-1 fixed vulnerabilities in Firefox. This update removed the deprecated quot;-remotequot; command-line switch that some older software still depends on. This update fixes the problem. We apologize for the inconvenience. Original advisory USN- ... oval:org.secpod.oval:def:702449 linux: Linux kernel Details: USN-2516-1 fixed vulnerabilities in the Linux kernel, and the fix in USN-2516-2 was incomplete. There was an unrelated regression in the use of the virtual counter on arm64 architectures. This update fixes the problem. We apologize for the inconvenience. Original adviso ... oval:org.secpod.oval:def:702448 linux-lts-trusty: Linux hardware enablement kernel from Trusty Details: USN-2515-1 fixed vulnerabilities in the Linux kernel. There was an unrelated regression in the use of the virtual counter on arm64 architectures. This update fixes the problem. We apologize for the inconvenience. Original advis ... oval:org.secpod.oval:def:702430 freetype: FreeType 2 is a font engine library FreeType could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:702428 e2fsprogs: ext2/ext3/ext4 file system utilities e2fsprogs could be made to crash or run programs as an administrator if it processed a specially crafted filesystem image. oval:org.secpod.oval:def:701560 libyaml: Fast YAML 1.1 parser and emitter library LibYAML could be made to crash or run programs if it opened specially crafted yaml document. oval:org.secpod.oval:def:702419 unzip: De-archiver for .zip files unzip could be made to run programs if it opened a specially crafted file. oval:org.secpod.oval:def:702407 binutils: GNU assembler, linker and binary utilities Applications from GNU binutils could be made to crash, run programs, or delete arbitrary files as your login if they opened a specially crafted file. oval:org.secpod.oval:def:1500945 The tt_face_load_hdmx function in truetype/ttpload.c in FreeType before 2.5.4 does not establish a minimum record size, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted TrueType font. oval:org.secpod.oval:def:1500946 The tt_face_load_hdmx function in truetype/ttpload.c in FreeType before 2.5.4 does not establish a minimum record size, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted TrueType font. oval:org.secpod.oval:def:703726 gdb: GNU Debugger Several security issues were fixed in gdb. oval:org.secpod.oval:def:204272 The binutils packages provide a set of binary utilities. Multiple buffer overflow flaws were found in the libbdf library used by various binutils utilities. If a user were tricked into processing a specially crafted file with an application using the libbdf library, it could cause the application to ... oval:org.secpod.oval:def:203584 FreeType is a free, high-quality, portable font engine that can open and manage font files. It also loads, hints, and renders individual glyphs efficiently. Multiple integer overflow flaws and an integer signedness flaw, leading to heap-based buffer overflows, were found in the way FreeType handled ... oval:org.secpod.oval:def:110328 Photos, like Documents, Music and Videos, is one of the core GNOME applications meant for find and reminding the user about her content. oval:org.secpod.oval:def:703000 linux-lts-wily: Linux hardware enablement kernel from Wily for Trusty Details: USN-2908-2 fixed vulnerabilities in the Ubuntu 15.10 Linux kernel backported to Ubuntu 14.04 LTS. An incorrect locking fix caused a regression that broke graphics displays for Ubuntu 14.04 LTS guests running the Ubuntu 15 ... oval:org.secpod.oval:def:703245 libidn: implementation of IETF IDN specifications Several security issues were fixed in Libidn. oval:org.secpod.oval:def:26785 The libXfont package provides the X.Org libXfont runtime library. X.Org is an open source implementation of the X Window System. An integer overflow flaw was found in the way libXfont processed certain Glyph Bitmap Distribution Format fonts. A malicious, local user could use this flaw to crash the X ... oval:org.secpod.oval:def:26778 The host is installed with LibreOffice before 4.3.7, 4.4.x before 4.4.2 or Apache OpenOffice before 4.1.2 and is prone to an out-of-bounds write vulnerability. A flaw is present in the application, which fails to handle a crafted HWP document. Successful exploitation could allow attackers to crash ... oval:org.secpod.oval:def:204868 Mutt is a low resource, highly configurable, text-based MIME e-mail client. Mutt supports most e-mail storing formats, such as mbox and Maildir, as well as most protocols, including POP3 and IMAP. Security Fix: * mutt: Remote code injection vulnerability to an IMAP mailbox * mutt: Remote Code Execu ... oval:org.secpod.oval:def:702575 apport: automatically generate crash reports for debugging Apport could be tricked into creating arbitrary files as an administrator, resulting in privilege escalation. oval:org.secpod.oval:def:702572 postgresql-9.4: Object-relational SQL database - postgresql-9.3: Object-relational SQL database - postgresql-9.1: Object-relational SQL database Several security issues were fixed in PostgreSQL. oval:org.secpod.oval:def:702552 libmodule-signature-perl: module to manipulate CPAN SIGNATURE files Several security issues were fixed in Module::Signature. oval:org.secpod.oval:def:701210 puppet: Centralized configuration management Several security issues were fixed in Puppet. oval:org.secpod.oval:def:203722 The libXfont package provides the X.Org libXfont runtime library. X.Org is an open source implementation of the X Window System. An integer overflow flaw was found in the way libXfont processed certain Glyph Bitmap Distribution Format fonts. A malicious, local user could use this flaw to crash the ... oval:org.secpod.oval:def:702520 libreoffice: Office productivity suite LibreOffice could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:702528 ppp: Point-to-Point Protocol ppp could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:702997 linux-lts-utopic: Linux hardware enablement kernel from Utopic for Trusty Details: USN-2909-1 fixed vulnerabilities in the Ubuntu 14.10 Linux kernel backported to Ubuntu 14.04 LTS. An incorrect locking fix caused a regression that broke graphics displays for Ubuntu 14.04 LTS guests running the Ubunt ... oval:org.secpod.oval:def:702510 libxrender: X11 Rendering Extension client library - libx11: X11 client-side library libx11 could be made to crash or run programs if it processed specially crafted data. oval:org.secpod.oval:def:702999 linux: Linux kernel Details: USN-2908-1 fixed vulnerabilities in the Linux kernel for Ubuntu 15.10. An incorrect locking fix caused a regression that broke graphics displays for Ubuntu 15.10 guests running within VMWare virtual machines. This update fixes the problem. We apologize for the inconvenie ... oval:org.secpod.oval:def:702998 linux-lts-vivid: Linux hardware enablement kernel from Vivid for Trusty Details: USN-2910-1 fixed vulnerabilities in the Ubuntu 15.04 Linux kernel backported to Ubuntu 14.04 LTS. An incorrect locking fix caused a regression that broke graphics displays for Ubuntu 14.04 LTS guests running the Ubuntu ... oval:org.secpod.oval:def:1801090 In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name. oval:org.secpod.oval:def:1801091 In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name. oval:org.secpod.oval:def:1801087 In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name. oval:org.secpod.oval:def:1801089 In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name. oval:org.secpod.oval:def:1800125 Parsing the Rich Text Format character style index was insufficiently checked for validity. Documents can be constructed which dereference an iterator to the first entry of an empty STL container. Fixed In: libreoffice 5.1.4, libreoffice 5.2.0 oval:org.secpod.oval:def:21792 The host is installed with LibreOffice before 4.3.5 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted RTF file. Successful exploitation could allow attackers to cause a denial of service (invalid write operation and crash) and poss ... oval:org.secpod.oval:def:26859 The host is installed with LibreOffice before 4.3.7001, 4.4.x before 4.4.2002 or Apache OpenOffice before 4.1.2 and is prone to an out-of-bounds write vulnerability. A flaw is present in the application, which fails to handle a crafted HWP document. Successful exploitation could allow attackers to c ... oval:org.secpod.oval:def:110422 SSH is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forwarded over the sec ... oval:org.secpod.oval:def:110559 SSH is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forwarded over the sec ... oval:org.secpod.oval:def:703528 glibc: GNU C Library - eglibc: GNU C Library Several security issues were fixed in the GNU C Library. oval:org.secpod.oval:def:110610 QEMU is a generic and open source processor emulator which achieves a good emulation speed by using dynamic translation. QEMU has two operating modes: * Full system emulation. In this mode, QEMU emulates a full system , including a processor and various peripherials. It can be used to launch differe ... oval:org.secpod.oval:def:110588 QEMU is a generic and open source processor emulator which achieves a good emulation speed by using dynamic translation. QEMU has two operating modes: * Full system emulation. In this mode, QEMU emulates a full system , including a processor and various peripherials. It can be used to launch differe ... oval:org.secpod.oval:def:702923 libvirt: Libvirt virtualization toolkit Several security issues were fixed in libvirt. oval:org.secpod.oval:def:110368 QEMU is a generic and open source processor emulator which achieves a good emulation speed by using dynamic translation. QEMU has two operating modes: * Full system emulation. In this mode, QEMU emulates a full system , including a processor and various peripherials. It can be used to launch differe ... oval:org.secpod.oval:def:110338 QEMU is a generic and open source processor emulator which achieves a good emulation speed by using dynamic translation. QEMU has two operating modes: * Full system emulation. In this mode, QEMU emulates a full system , including a processor and various peripherials. It can be used to launch differe ... oval:org.secpod.oval:def:110318 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:110310 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:400632 This update for glibc fixes the following security issues: - CVE-2015-7547: A stack-based buffer overflow in getaddrinfo allowed remote attackers to cause a crash or execute arbitrary code via crafted and timed DNS responses - CVE-2015-8777: Insufficient checking of LD_POINTER_GUARD environment var ... oval:org.secpod.oval:def:400783 This update for glibc fixes the following security issues: - CVE-2015-7547: A stack-based buffer overflow in getaddrinfo allowed remote attackers to cause a crash or execute arbitrary code via crafted and timed DNS responses - CVE-2015-8777: Insufficient checking of LD_POINTER_GUARD environment var ... oval:org.secpod.oval:def:25177 The host is installed with qemu-kvm on Red Hat Enterprise Linux 7 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to limit resources used to process the header and payload of an incoming frame. Successful exploitation could allow attackers to cras ... oval:org.secpod.oval:def:203754 KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the user-space component for running virtual machines using KVM. It was found that the QEMU"s websocket frame decoder processed incoming frames without limiting resources used to process the ... oval:org.secpod.oval:def:703131 glibc: GNU C Library - eglibc: GNU C Library Several security issues were fixed in the GNU C Library. oval:org.secpod.oval:def:1500992 The glibc packages provide the standard C libraries , POSIX thread libraries , standard math libraries , and the Name Server Caching Daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. A buffer overflow flaw was found in the way glibc ... oval:org.secpod.oval:def:204208 The glibc packages provide the standard C libraries , POSIX thread libraries , standard math libraries , and the Name Server Caching Daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. It was discovered that, under certain circumstanc ... oval:org.secpod.oval:def:25777 glibc: GNU C Library - eglibc: GNU C Library Several security issues were fixed in the GNU C Library. oval:org.secpod.oval:def:25778 glibc: GNU C Library - eglibc: GNU C Library Several security issues were fixed in the GNU C Library. oval:org.secpod.oval:def:702437 glibc: GNU C Library - eglibc: GNU C Library Several security issues were fixed in the GNU C Library. oval:org.secpod.oval:def:109214 Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY principle. oval:org.secpod.oval:def:105737 Keystone is a Python implementation of the OpenStack identity service API. This package contains the Keystone daemon. oval:org.secpod.oval:def:104908 Keystone is a Python implementation of the OpenStack identity service API. This package contains the Keystone daemon. oval:org.secpod.oval:def:104824 Keystone is a Python implementation of the OpenStack identity service API. This package contains the Keystone daemon. oval:org.secpod.oval:def:52407 unzip: De-archiver for .zip files unzip could be made to run programs if it opened a specially crafted file. oval:org.secpod.oval:def:52489 postgresql-9.4: Object-relational SQL database - postgresql-9.3: Object-relational SQL database - postgresql-9.1: Object-relational SQL database Several security issues were fixed in PostgreSQL. oval:org.secpod.oval:def:1200106 A double-free flaw was found in the connection handling. An unauthenticated attacker could exploit this flaw to crash the PostgreSQL back end by disconnecting at approximately the same time as the authentication time out is triggered. It was discovered that PostgreSQL did not properly check the retu ... oval:org.secpod.oval:def:1200105 Multiple integer overflow flaws and an integer signedness flaw, leading to heap-based buffer overflows, were found in the way FreeType handled Mac fonts. If a specially crafted font file was loaded by an application linked against FreeType, it could cause the application to crash or, potentially, ex ... oval:org.secpod.oval:def:1200109 Double free vulnerability in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 allows remote attackers to cause a denial of service by closing an SSL session at a time when the authentication timeout will expire during the session shutdow ... oval:org.secpod.oval:def:52431 libxfont: X11 font rasterisation library libXfont could be made to crash or run programs as an administrator if it opened a specially crafted bdf font file. oval:org.secpod.oval:def:52414 freetype: FreeType 2 is a font engine library FreeType could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:1200102 Double free vulnerability in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 allows remote attackers to cause a denial of service by closing an SSL session at a time when the authentication timeout will expire during the session shutdow ... oval:org.secpod.oval:def:501649 The libXfont package provides the X.Org libXfont runtime library. X.Org is an open source implementation of the X Window System. An integer overflow flaw was found in the way libXfont processed certain Glyph Bitmap Distribution Format fonts. A malicious, local user could use this flaw to crash the ... oval:org.secpod.oval:def:203616 The glibc packages provide the standard C libraries , POSIX thread libraries , standard math libraries , and the Name Server Caching Daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. A buffer overflow flaw was found in the way glibc ... oval:org.secpod.oval:def:602006 Ilja van Sprundel, Alan Coopersmith and William Robinet discovered multiple issues in libxfont"s code to process BDF fonts, which might result in privilege escalation. oval:org.secpod.oval:def:203657 PostgreSQL is an advanced object-relational database management system . A double-free flaw was found in the connection handling. An unauthenticated attacker could exploit this flaw to crash the PostgreSQL back end by disconnecting at approximately the same time as the authentication time out is tri ... oval:org.secpod.oval:def:108527 X.Org X11 libXfont runtime library oval:org.secpod.oval:def:1200062 An integer overflow flaw was found in the way libXfont processed certain Glyph Bitmap Distribution Format fonts. A malicious, local user could use this flaw to crash the X.Org server or, potentially, execute arbitrary code with the privileges of the X.Org server. An integer truncation flaw was disc ... oval:org.secpod.oval:def:601984 Mateusz Jurczyk discovered multiple vulnerabilities in Freetype. Opening malformed fonts may result in denial of service or the execution of arbitrary code. oval:org.secpod.oval:def:203573 FreeType is a free, high-quality, portable font engine that can open and manage font files. It also loads, hints, and renders individual glyphs efficiently. Multiple integer overflow flaws and an integer signedness flaw, leading to heap-based buffer overflows, were found in the way FreeType handled ... oval:org.secpod.oval:def:501539 FreeType is a free, high-quality, portable font engine that can open and manage font files. It also loads, hints, and renders individual glyphs efficiently. Multiple integer overflow flaws and an integer signedness flaw, leading to heap-based buffer overflows, were found in the way FreeType handled ... oval:org.secpod.oval:def:602358 Mateusz Jurczyk discovered multiple vulnerabilities in Freetype. Opening malformed fonts may result in denial of service or the execution of arbitrary code. oval:org.secpod.oval:def:602111 Several vulnerabilities have been found in PostgreSQL-9.4, a SQL database system. CVE-2015-3165 SSL clients disconnecting just before the authentication timeout expires can cause the server to crash. CVE-2015-3166 The replacement implementation of snprintf failed to check for errors reported by th ... oval:org.secpod.oval:def:602109 Several vulnerabilities have been found in PostgreSQL-9.1, a SQL database system. CVE-2015-3165 SSL clients disconnecting just before the authentication timeout expires can cause the server to crash. CVE-2015-3166 The replacement implementation of snprintf failed to check for errors reported by th ... oval:org.secpod.oval:def:1501055 PostgreSQL is an advanced object-relational database management system . A double-free flaw was found in the connection handling. An unauthenticated attacker could exploit this flaw to crash the PostgreSQL back end by disconnecting at approximately the same time as the authentication time out is tri ... oval:org.secpod.oval:def:1501054 PostgreSQL is an advanced object-relational database management system . A double-free flaw was found in the connection handling. An unauthenticated attacker could exploit this flaw to crash the PostgreSQL back end by disconnecting at approximately the same time as the authentication time out is tri ... oval:org.secpod.oval:def:108438 The FreeType engine is a free and portable font rendering engine, developed to provide advanced font support for a variety of platforms and environments. FreeType is a library which can open and manages font files as well as efficiently load, hint and render individual glyphs. FreeType is not a font ... oval:org.secpod.oval:def:602124 The update for postgresql-9.1 in DSA-3269-1 introduced a regression which can causes PostgreSQL to refuse to restart after an unexpected shutdown or when restoring from a binary backup. Updated packages are now available to address this regression. Please refer to the upstream Bug FAQ for additional ... oval:org.secpod.oval:def:203710 The libXfont package provides the X.Org libXfont runtime library. X.Org is an open source implementation of the X Window System. An integer overflow flaw was found in the way libXfont processed certain Glyph Bitmap Distribution Format fonts. A malicious, local user could use this flaw to crash the ... oval:org.secpod.oval:def:501586 PostgreSQL is an advanced object-relational database management system . A double-free flaw was found in the connection handling. An unauthenticated attacker could exploit this flaw to crash the PostgreSQL back end by disconnecting at approximately the same time as the authentication time out is tri ... oval:org.secpod.oval:def:204173 Mailman is a program used to help manage e-mail discussion lists. It was found that mailman did not sanitize the list name before passing it to certain MTAs. A local attacker could use this flaw to execute arbitrary code as the user running mailman. It was found that mailman stored private email me ... oval:org.secpod.oval:def:52446 mailman: Powerful, web-based mailing list manager Mailman could be made to run programs if it processed a specially crafted list name. oval:org.secpod.oval:def:52463 libreoffice: Office productivity suite LibreOffice could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:52454 libxrender: X11 Rendering Extension client library - libx11: X11 client-side library libx11 could be made to crash or run programs if it processed specially crafted data. oval:org.secpod.oval:def:204565 The dnsmasq packages contain Dnsmasq, a lightweight DNS forwarder and DHCP server. Security Fix: * A heap buffer overflow was found in dnsmasq in the code responsible for building DNS replies. An attacker could send crafted DNS packets to dnsmasq which would cause it to crash or, potentially, exec ... oval:org.secpod.oval:def:204311 The X11 libraries provide library routines that are used within all X Window applications. Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way various X11 client libraries handled certain protocol data. An attacker able to submit invalid protocol data to an ... oval:org.secpod.oval:def:204314 The X11 libraries provide library routines that are used within all X Window applications. Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way various X11 client libraries handled certain protocol data. An attacker able to submit invalid protocol data to an ... oval:org.secpod.oval:def:204313 The X11 libraries provide library routines that are used within all X Window applications. Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way various X11 client libraries handled certain protocol data. An attacker able to submit invalid protocol data to an ... oval:org.secpod.oval:def:204301 The X11 libraries provide library routines that are used within all X Window applications. Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way various X11 client libraries handled certain protocol data. An attacker able to submit invalid protocol data to an ... oval:org.secpod.oval:def:204304 The X11 libraries provide library routines that are used within all X Window applications. Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way various X11 client libraries handled certain protocol data. An attacker able to submit invalid protocol data to an ... oval:org.secpod.oval:def:204302 The X11 libraries provide library routines that are used within all X Window applications. Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way various X11 client libraries handled certain protocol data. An attacker able to submit invalid protocol data to an ... oval:org.secpod.oval:def:204308 The X11 libraries provide library routines that are used within all X Window applications. Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way various X11 client libraries handled certain protocol data. An attacker able to submit invalid protocol data to an ... oval:org.secpod.oval:def:204307 The X11 libraries provide library routines that are used within all X Window applications. Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way various X11 client libraries handled certain protocol data. An attacker able to submit invalid protocol data to an ... oval:org.secpod.oval:def:501609 LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extend ... oval:org.secpod.oval:def:501614 Mailman is a program used to help manage e-mail discussion lists. It was found that mailman did not sanitize the list name before passing it to certain MTAs. A local attacker could use this flaw to execute arbitrary code as the user running mailman. It was found that mailman stored private email me ... oval:org.secpod.oval:def:602027 A path traversal vulnerability was discovered in Mailman, the mailing list manager. Installations using a transport script to interface with their MTA instead of static aliases were vulnerable to a path traversal attack. To successfully exploit this, an attacker needs write access on the local file ... oval:org.secpod.oval:def:1200094 It was found that mailman did not sanitize the list name before passing it to certain MTAs. A local attacker could use this flaw to execute arbitrary code as the user running mailman. It was found that mailman stored private email messages in a world-readable directory. A local user could use this f ... oval:org.secpod.oval:def:602041 Abhishek Arya discovered a buffer overflow in the MakeBigReq macro provided by libx11, which could result in denial of service or the execution of arbitrary code. Several other xorg packages will be recompiled against the fixed package after the release of this update. For detailed information on t ... oval:org.secpod.oval:def:602062 It was discovered that missing input sanitising in Libreoffice"s filter for HWP documents may result in the execution of arbitrary code if a malformed document is opened. oval:org.secpod.oval:def:108804 LibreOffice is an Open Source, community-developed, office productivity suite. It includes the key desktop applications, such as a word processor, spreadsheet, presentation manager, formula editor and drawing program, with a user interface and feature set similar to other office suites. Sophisticate ... oval:org.secpod.oval:def:204293 The X11 libraries provide library routines that are used within all X Window applications. Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way various X11 client libraries handled certain protocol data. An attacker able to submit invalid protocol data to an ... oval:org.secpod.oval:def:204292 The X11 libraries provide library routines that are used within all X Window applications. Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way various X11 client libraries handled certain protocol data. An attacker able to submit invalid protocol data to an ... oval:org.secpod.oval:def:204291 The X11 libraries provide library routines that are used within all X Window applications. Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way various X11 client libraries handled certain protocol data. An attacker able to submit invalid protocol data to an ... oval:org.secpod.oval:def:204290 The X11 libraries provide library routines that are used within all X Window applications. Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way various X11 client libraries handled certain protocol data. An attacker able to submit invalid protocol data to an ... oval:org.secpod.oval:def:204294 The X11 libraries provide library routines that are used within all X Window applications. Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way various X11 client libraries handled certain protocol data. An attacker able to submit invalid protocol data to an ... oval:org.secpod.oval:def:204281 The X11 libraries provide library routines that are used within all X Window applications. Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way various X11 client libraries handled certain protocol data. An attacker able to submit invalid protocol data to an ... oval:org.secpod.oval:def:204286 The X11 libraries provide library routines that are used within all X Window applications. Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way various X11 client libraries handled certain protocol data. An attacker able to submit invalid protocol data to an ... oval:org.secpod.oval:def:204284 The X11 libraries provide library routines that are used within all X Window applications. Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way various X11 client libraries handled certain protocol data. An attacker able to submit invalid protocol data to an ... oval:org.secpod.oval:def:204283 The X11 libraries provide library routines that are used within all X Window applications. Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way various X11 client libraries handled certain protocol data. An attacker able to submit invalid protocol data to an ... oval:org.secpod.oval:def:204289 The X11 libraries provide library routines that are used within all X Window applications. Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way various X11 client libraries handled certain protocol data. An attacker able to submit invalid protocol data to an ... oval:org.secpod.oval:def:204287 The X11 libraries provide library routines that are used within all X Window applications. Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way various X11 client libraries handled certain protocol data. An attacker able to submit invalid protocol data to an ... oval:org.secpod.oval:def:108822 Mailman is software to help manage email discussion lists, much like Majordomo and Smartmail. Unlike most similar products, Mailman gives each mailing list a webpage, and allows users to subscribe, unsubscribe, etc. over the Web. Even the list manager can administer his or her list entirely from the ... oval:org.secpod.oval:def:204275 The X11 libraries provide library routines that are used within all X Window applications. Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way various X11 client libraries handled certain protocol data. An attacker able to submit invalid protocol data to an ... oval:org.secpod.oval:def:204274 The X11 libraries provide library routines that are used within all X Window applications. Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way various X11 client libraries handled certain protocol data. An attacker able to submit invalid protocol data to an ... oval:org.secpod.oval:def:204277 The X11 libraries provide library routines that are used within all X Window applications. Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way various X11 client libraries handled certain protocol data. An attacker able to submit invalid protocol data to an ... oval:org.secpod.oval:def:1501041 Mailman is a program used to help manage email discussion lists. It was found that mailman did not sanitize the list name before passing it to certain MTAs. A local attacker could use this flaw to execute arbitrary code as the user running mailman. This update also fixes the following bugs: * Previ ... oval:org.secpod.oval:def:204224 LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extend ... oval:org.secpod.oval:def:1501083 A path traversal vulnerability was discovered in Mailman, the mailing list manager. Installations using a transport script to interface with their MTA instead of static aliases were vulnerable to a path traversal attack. To successfully exploit this, an attacker needs write access on the local file ... oval:org.secpod.oval:def:1501089 LibreOffice is an Open Source, community-developed, office productivity suite. It includes the key desktop applications, such as a word processor, spreadsheet, presentation manager, formula editor and drawing program, with a user interface and feature set similar to other office suites. Sophisticate ... oval:org.secpod.oval:def:108835 LibreOffice is an Open Source, community-developed, office productivity suite. It includes the key desktop applications, such as a word processor, spreadsheet, presentation manager, formula editor and drawing program, with a user interface and feature set similar to other office suites. Sophisticate ... oval:org.secpod.oval:def:501580 Mailman is a program used to help manage email discussion lists. It was found that mailman did not sanitize the list name before passing it to certain MTAs. A local attacker could use this flaw to execute arbitrary code as the user running mailman. This update also fixes the following bugs: * Previ ... oval:org.secpod.oval:def:204869 Mutt is a low resource, highly configurable, text-based MIME e-mail client. Mutt supports most e-mail storing formats, such as mbox and Maildir, as well as most protocols, including POP3 and IMAP. Security Fix: * mutt: Remote code injection vulnerability to an IMAP mailbox * mutt: Remote Code Execu ... oval:org.secpod.oval:def:1200108 A heap-based buffer overflow flaw was found in e2fsprogs. A specially crafted Ext2/3/4 file system could cause an application using the ext2fs library to crash or, possibly, execute arbitrary code. oval:org.secpod.oval:def:52412 e2fsprogs: ext2/ext3/ext4 file system utilities e2fsprogs could be made to crash or run programs as an administrator if it processed a specially crafted filesystem image. oval:org.secpod.oval:def:108393 The e2fsprogs package contains a number of utilities for creating, checking, modifying, and correcting any inconsistencies in second, third and fourth extended filesystems. E2fsprogs contains e2fsck , mke2fs , debugfs , tune2fs , and most of the other core ext2fs filesystem utilities. You should in ... oval:org.secpod.oval:def:108470 The e2fsprogs package contains a number of utilities for creating, checking, modifying, and correcting any inconsistencies in second, third and fourth extended filesystems. E2fsprogs contains e2fsck , mke2fs , debugfs , tune2fs , and most of the other core ext2fs filesystem utilities. You should in ... oval:org.secpod.oval:def:108436 The e2fsprogs package contains a number of utilities for creating, checking, modifying, and correcting any inconsistencies in second, third and fourth extended filesystems. E2fsprogs contains e2fsck , mke2fs , debugfs , tune2fs , and most of the other core ext2fs filesystem utilities. You should in ... oval:org.secpod.oval:def:108465 The e2fsprogs package contains a number of utilities for creating, checking, modifying, and correcting any inconsistencies in second, third and fourth extended filesystems. E2fsprogs contains e2fsck , mke2fs , debugfs , tune2fs , and most of the other core ext2fs filesystem utilities. You should in ... oval:org.secpod.oval:def:1200190 A heap-based buffer overflow flaw was found in e2fsprogs. A specially crafted Ext2/3/4 file system could cause an application using the ext2fs library to crash or, possibly, execute arbitrary code. oval:org.secpod.oval:def:1501997 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501806 The glibc packages provide the standard C libraries , POSIX thread libraries , standard math libraries , and the name service cache daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix: * A stack overflow vulnerability was ... oval:org.secpod.oval:def:110483 The glibc package contains standard libraries which are used by multiple programs on the system. In order to save disk space and memory, as well as to make upgrading easier, common system code is kept in one place and shared between programs. This particular package contains the most important sets ... oval:org.secpod.oval:def:1600762 Unbounded stack allocation in catopen functionA stack based buffer overflow vulnerability was found in the catopen function. An excessively long string passed to the function could cause it to crash or, potentially, execute arbitrary code.Integer overflow in hcreate and hcreate_rAn integer overflow ... oval:org.secpod.oval:def:602376 Several vulnerabilities have been fixed in the GNU C Library, glibc. The first vulnerability listed below is considered to have critical impact. CVE-2015-7547 The Google Security Team and Red Hat discovered that the glibc host name resolver function, getaddrinfo, when processing AF_UNSPEC queries , ... oval:org.secpod.oval:def:502002 The glibc packages provide the standard C libraries , POSIX thread libraries , standard math libraries , and the name service cache daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix: * A stack overflow vulnerability was ... oval:org.secpod.oval:def:1200122 A buffer overflow flaw was found in the way glibc"s gethostbyname_r and other related functions computed the size of a buffer when passed a misaligned buffer as input. An attacker able to make an application call any of these functions with a misaligned buffer could use this flaw to crash the applic ... oval:org.secpod.oval:def:52417 glibc: GNU C Library - eglibc: GNU C Library Several security issues were fixed in the GNU C Library. oval:org.secpod.oval:def:1200040 A buffer overflow flaw was found in the way glibc"s gethostbyname_r and other related functions computed the size of a buffer when passed a misaligned buffer as input. An attacker able to make an application call any of these functions with a misaligned buffer could use this flaw to crash the applic ... oval:org.secpod.oval:def:1501252 It was discovered that, under certain circumstances, glibc's getaddrinfo() function would send DNS queries to random file descriptors. An attacker could potentially use this flaw to send DNS queries to unintended recipients, resulting in information disclosure or data loss due to the application enc ... oval:org.secpod.oval:def:501700 The glibc packages provide the standard C libraries , POSIX thread libraries , standard math libraries , and the Name Server Caching Daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. It was discovered that, under certain circumstanc ... oval:org.secpod.oval:def:602373 Several vulnerabilities have been fixed in the GNU C Library, eglibc. The CVE-2015-7547 vulnerability listed below is considered to have critical impact. CVE-2014-8121 Robin Hack discovered that the nss_files database did not correctly implement enumeration interleaved with name-based or ID-based lo ... oval:org.secpod.oval:def:501562 The glibc packages provide the standard C libraries , POSIX thread libraries , standard math libraries , and the Name Server Caching Daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. A buffer overflow flaw was found in the way glibc ... oval:org.secpod.oval:def:108708 A library that provides Abstract Syntax Notation One parsing and structures management, and Distinguished Encoding Rules encoding and decoding functions. oval:org.secpod.oval:def:1501967 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:52450 libtasn1-6: Library to manage ASN.1 structures - libtasn1-3: Library to manage ASN.1 structures Libtasn1 could be made to crash or run programs if it processed specially crafted data. oval:org.secpod.oval:def:602037 Hanno Boeck discovered a stack-based buffer overflow in the asn1_der_decoding function in Libtasn1, a library to manage ASN.1 structures. A remote attacker could take advantage of this flaw to cause an application using the Libtasn1 library to crash, or potentially to execute arbitrary code. oval:org.secpod.oval:def:502112 Libtasn1 is a library that provides Abstract Syntax Notation One parsing and structures management, and Distinguished Encoding Rules encoding and decoding functions. The following packages have been upgraded to a later upstream version: libtasn1 . Security Fix: * A heap-based buffer overflow flaw ... oval:org.secpod.oval:def:108727 A library that provides Abstract Syntax Notation One parsing and structures management, and Distinguished Encoding Rules encoding and decoding functions. oval:org.secpod.oval:def:108744 libtasn1 is the ASN.1 library used in GNUTLS. This package contains the MinGW Windows cross compiled libtasn1 library. oval:org.secpod.oval:def:108747 GnuTLS TLS/SSL encryption library. This library is cross-compiled for MinGW. oval:org.secpod.oval:def:108738 libtasn1 is the ASN.1 library used in GNUTLS. This package contains the MinGW Windows cross compiled libtasn1 library. oval:org.secpod.oval:def:52435 libarchive: Library to read/write archive files libarchive could be made to crash or overwrite files. oval:org.secpod.oval:def:1200142 A directory traversal flaw was found in the strip and objcopy utilities. A specially crafted file could cause strip or objdump to overwrite an arbitrary file writable by the user running either of these utilities.A buffer overflow flaw was found in the way various binutils utilities processed certai ... oval:org.secpod.oval:def:52403 binutils: GNU assembler, linker and binary utilities Applications from GNU binutils could be made to crash, run programs, or delete arbitrary files as your login if they opened a specially crafted file. oval:org.secpod.oval:def:108149 This is a cross-compilation version of GNU Binutils, which can be used to assemble and link binaries for the arm-none-eabi platform. This Binutils package is based on the CodeSourcery 2014.05-28 release, which includes improved ARM target support compared to the corresponding FSF release. CodeSource ... oval:org.secpod.oval:def:108144 This is a Cross Compiling version of GNU binutils, which can be used to assemble and link binaries for the avr platform, instead of for the native arm platform. oval:org.secpod.oval:def:108345 Binutils is a collection of binary utilities, including ar , as , gprof , ld , nm , objcopy , objdump , ranlib , readelf , size , strings , strip , and addr2line . oval:org.secpod.oval:def:601916 In DSA 3123 the binutils package was updated for several security issues. This update adds rebuilt packages for binutils-mingw-w64, so these will take advantage of the fixes. For reference the original advisory text follows. Multiple security issues have been found in binutils, a toolbox for binary ... oval:org.secpod.oval:def:1501250 The remote host is missing a patch containing a security fix, which affects the following package(s): binutils oval:org.secpod.oval:def:501707 The binutils packages provide a set of binary utilities. Multiple buffer overflow flaws were found in the libbdf library used by various binutils utilities. If a user were tricked into processing a specially crafted file with an application using the libbdf library, it could cause the application to ... oval:org.secpod.oval:def:108230 Cross compiled binutils which understand Windows executables and DLLs. oval:org.secpod.oval:def:108020 This is a cross-compilation version of GNU Binutils, which can be used to assemble and link binaries for the arm-none-eabi platform. This Binutils package is based on the CodeSourcery 2014.05-28 release, which includes improved ARM target support compared to the corresponding FSF release. CodeSource ... oval:org.secpod.oval:def:108021 This is a Cross Compiling version of GNU binutils, which can be used to assemble and link binaries for the avr platform, instead of for the native x86_64 platform. oval:org.secpod.oval:def:108025 This is a Cross Compiling version of GNU binutils, which can be used to assemble and link binaries for the avr platform, instead of for the native arm platform. oval:org.secpod.oval:def:108259 Cross compiled binutils which understand Windows executables and DLLs. oval:org.secpod.oval:def:108012 This is a cross-compilation version of GNU Binutils, which can be used to assemble and link binaries for the arm-none-eabi platform. This Binutils package is based on the CodeSourcery 2014.05-28 release, which includes improved ARM target support compared to the corresponding FSF release. CodeSource ... oval:org.secpod.oval:def:601906 Multiple security issues have been found in binutils, a toolbox for binary file manipulation. These vulnerabilities include multiple memory safety errors, buffer overflows, use-after-frees and other implementation errors may lead to the execution of arbitrary code, the bypass of security restriction ... oval:org.secpod.oval:def:108331 Binutils is a collection of binary utilities, including ar , as , gprof , ld , nm , objcopy , objdump , ranlib , readelf , size , strings , strip , and addr2line . oval:org.secpod.oval:def:701359 libxml2: GNOME XML library Several security issues were fixed in libxml2. oval:org.secpod.oval:def:24000 The host is installed with Mozilla Firefox before 37.0 and is prone to a denial of service vulnerability. A flaw is present in the application, which uses incompatible approaches to the deallocation of memory for simple-type arrays. Successful exploitation could allow attackers to cause a denial of ... oval:org.secpod.oval:def:24001 The host is missing a critical security update according to Mozilla advisory, MSFA-2015-36. The update is required to fix a denial of service vulnerability. A flaw is present in the application, which uses incompatible approaches to the deallocation of memory for simple-type arrays. Successful explo ... oval:org.secpod.oval:def:24002 The host is installed with Mozilla Firefox before 37.0 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle vectors that trigger rendering of 2D graphics content. Successful exploitation could allow attackers to execute arbitrary code or caus ... oval:org.secpod.oval:def:24003 The host is installed with Mozilla Firefox before 37.0 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle vectors that trigger rendering of 2D graphics content. Successful exploitation could allow attackers to execute arbitrary code or caus ... oval:org.secpod.oval:def:24004 The host is missing a critical security update according to Mozilla advisory, MSFA-2015-38. The update is required to a denial of service vulnerability. A flaw is present in the application, which fails to handle vectors that trigger rendering of 2D graphics content. Successful exploitation could al ... oval:org.secpod.oval:def:24005 The host is installed with Mozilla Firefox before 37.0 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted HTML document containing a SOURCE element. Successful exploitation could allow attackers to execute arbitrary code or cause ... oval:org.secpod.oval:def:24006 The host is installed with Mozilla Firefox before 37.0 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted HTML document. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service (use-aft ... oval:org.secpod.oval:def:24007 The host is missing a critical security update according to Mozilla advisory, MSFA-2015-39. The update is required to a denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted HTML document. Successful exploitation could allow attackers to execute arbit ... oval:org.secpod.oval:def:24008 The host is installed with Mozilla Firefox before 37.0 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to handle certain content navigation that leverages the reachability of a privileged window with an unintended persistence of access to ... oval:org.secpod.oval:def:24009 The host is missing a critical security update according to Mozilla advisory, MSFA-2015-42. The update is required to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to handle certain content navigation that leverages the reachability of a privileged wind ... oval:org.secpod.oval:def:24049 The host is installed with Mozilla Firefox before 37.0.1 and is prone to a security bypass vulnerability. A flaw is present in the application, which does not properly handle an Alt-Svc header specification in the HTTP/2 response. Successful exploitation could allow attackers to bypass the SSL certi ... oval:org.secpod.oval:def:52447 firefox: Mozilla Open Source web browser Firefox could be made to bypass SSL certificate verification. oval:org.secpod.oval:def:24050 The host is missing a critical security update according to Mozilla advisory, MFSA-2015-44. The update is required to fix a security bypass vulnerability. A flaw is present in the application, which does not properly handle an Alt-Svc header specification in the HTTP/2 response. Successful exploitat ... oval:org.secpod.oval:def:600998 Brad Hill of iSEC Partners discovered that many XML implementations are vulnerable to external entity expansion issues, which can be used for various purposes such as firewall circumvention, disguising an IP address, and denial-of-service. libxml2 was susceptible to these problems when performing st ... oval:org.secpod.oval:def:52420 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:1500406 Updated samba packages that fix three security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are available f ... oval:org.secpod.oval:def:52445 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:52401 file: Tool to determine file types file could be made to crash if it opened a specially crafted file. oval:org.secpod.oval:def:203215 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. It was discovered that the Samba Web Administration Tool did not protect against being opened in a web p ... oval:org.secpod.oval:def:52413 samba: SMB/CIFS file, print, and login server for Unix Samba could be made to run programs as an administrator if it received specially crafted network traffic. oval:org.secpod.oval:def:105824 Samba is the standard Windows interoperability suite of programs for Linux and Unix. oval:org.secpod.oval:def:52419 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:1500266 Updated samba3x packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ra ... oval:org.secpod.oval:def:1300212 A vulnerability has been found and corrected in samba: Integer overflow in the read_nttrans_ea_list function in nttrans.c in smbd in Samba 3.x before 3.5.22, 3.6.x before 3.6.17, and 4.x before 4.0.8 allows remote attackers to cause a denial of service via a malformed packet . The updated packages ... oval:org.secpod.oval:def:702491 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:106156 Samba is the standard Windows interoperability suite of programs for Linux and Unix. oval:org.secpod.oval:def:106104 Samba is the standard Windows interoperability suite of programs for Linux and Unix. oval:org.secpod.oval:def:106583 Samba is the standard Windows interoperability suite of programs for Linux and Unix. oval:org.secpod.oval:def:702441 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:702446 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:1500912 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. An uninitialized pointer use flaw was found in the Samba daemon. A malicious Samba client could send specia ... oval:org.secpod.oval:def:1500914 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. An uninitialized pointer use flaw was found in the Samba daemon. A malicious Samba client could send specia ... oval:org.secpod.oval:def:1500913 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. An uninitialized pointer use flaw was found in the Samba daemon. A malicious Samba client could send specia ... oval:org.secpod.oval:def:1500916 Mozilla developers and community identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these ... oval:org.secpod.oval:def:1500915 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. An uninitialized pointer use flaw was found in the Samba daemon. A malicious Samba client could send specia ... oval:org.secpod.oval:def:1500917 Mozilla developers and community identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these ... oval:org.secpod.oval:def:1500919 Mozilla developers and community identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these ... oval:org.secpod.oval:def:702429 samba: SMB/CIFS file, print, and login server for Unix Samba could be made to run programs as an administrator if it received specially crafted network traffic. oval:org.secpod.oval:def:1500920 Mozilla developers and community identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these ... oval:org.secpod.oval:def:1500938 Multiple unspecified vulnerabilities in the browser engine in Mozilla Thunderbird before 31.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. oval:org.secpod.oval:def:702402 file: Tool to determine file types file could be made to crash if it opened a specially crafted file. oval:org.secpod.oval:def:23999 The host is missing a critical security update according to Mozilla advisory, MSFA-2015-34. The update is required to fix an information disclosure vulnerability. A flaw is present in the application, which fails to handle an image that is improperly handled during transformation. Successful exploit ... oval:org.secpod.oval:def:23998 The host is installed with Mozilla Firefox before 37.0 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle an image that is improperly handled during transformation. Successful exploitation could allow attackers to obtain sensitive inf ... oval:org.secpod.oval:def:23997 The host is missing a critical security update according to Mozilla advisory, MSFA-2015-32. The update is required to fix security bypass vulnerability. A flaw is present in the application, which fails to handle unknown vectors. Successful exploitation could allow man-in-the-middle attackers to byp ... oval:org.secpod.oval:def:23996 The host is installed with Mozilla Firefox before 37.0 and is prone to security bypass vulnerability. A flaw is present in the application, which fails to handle unknown vectors. Successful exploitation could allow man-in-the-middle attackers to bypass an intended user-confirmation requirement by de ... oval:org.secpod.oval:def:1500317 Updated samba4 packages that fix one security issue and two bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are ... oval:org.secpod.oval:def:502177 Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with th ... oval:org.secpod.oval:def:601969 Richard van Eeden of Microsoft Vulnerability Research discovered that Samba, a SMB/CIFS file, print, and login server for Unix, contains a flaw in the netlogon server code which allows remote code execution with root privileges from an unauthenticated connection. oval:org.secpod.oval:def:1500303 Updated samba packages that fix three security issues, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System base scores, which give det ... oval:org.secpod.oval:def:601976 Multiple security issues have been found in Icedove, Debian"s version of the Mozilla Thunderbird mail and news client: Multiple memory safety errors and implementation errors may lead to the execution of arbitrary code or information disclosure. oval:org.secpod.oval:def:601972 Multiple security issues have been found in Iceweasel, Debian"s version of the Mozilla Firefox web browser: Multiple memory safety errors and implementation errors may lead to the execution of arbitrary code or information disclosure. oval:org.secpod.oval:def:204216 Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. A ... oval:org.secpod.oval:def:203583 Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. A ... oval:org.secpod.oval:def:23689 The host is installed with Mozilla Firefox before 36.0 and is prone to a clickjacking attack vulnerability. A flaw is present in the application, which fails to properly handle an API call that originates from a background tab. Successful exploitation could allow attackers to conduct spoofing and cl ... oval:org.secpod.oval:def:23688 The host is missing a moderate security update according to Mozilla advisory, MFSA2015-25. The update is required to fix an user-assisted arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle a crafted web site that is accessed with unspecified ... oval:org.secpod.oval:def:23690 The host is missing a moderate security update according to Mozilla advisory, MFSA2015-26. The update is required to fix a clickjacking attack vulnerability. A flaw is present in the application, which fails to properly handle an API call that originates from a background tab. Successful exploitatio ... oval:org.secpod.oval:def:107173 Samba is the standard Windows interoperability suite of programs for Linux and Unix. oval:org.secpod.oval:def:23692 The host is missing a security update according to Mozilla advisory, MFSA2015-27. The update is required to fix a Caja compiler javaScript sandbox bypass vulnerability. A flaw is present in the application, which fails to properly restrict transitions of JavaScript objects from a non-extensible stat ... oval:org.secpod.oval:def:23691 The host is installed with Mozilla Firefox before 36.0 and is prone to a Caja compiler javaScript sandbox bypass vulnerability. A flaw is present in the application, which fails to properly restrict transitions of JavaScript objects from a non-extensible state to an extensible state. Successful expl ... oval:org.secpod.oval:def:23679 The host is installed with Mozilla Firefox before 36.0 and is prone to a stack based buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a malformed MP3 file. Successful exploitation could allow attackers to disclose sensitive information. oval:org.secpod.oval:def:106072 Samba is the standard Windows interoperability suite of programs for Linux and Unix. oval:org.secpod.oval:def:23678 The host is missing an important security update according to Mozilla advisory, MFSA2015-20. The update is required to fix a denial of service vulnerability. A flaw is present in the applications, which fails to properly handle a crafted Cascading Style Sheets (CSS) token sequence. Successful exploi ... oval:org.secpod.oval:def:23677 The host is installed with Mozilla Firefox before 36.0 and is prone to a denial of service vulnerability. A flaw is present in the applications, which fails to properly handle a crafted Cascading Style Sheets (CSS) token sequence. Successful exploitation could allow attackers to execute arbitrary co ... oval:org.secpod.oval:def:23687 The host is installed with Mozilla Firefox before 36.0 and is prone to an user-assisted arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle a crafted web site that is accessed with unspecified mouse and keyboard actions. Successful exploitatio ... oval:org.secpod.oval:def:23684 The host is missing a security update according to Mozilla advisory, MFSA2015-23. Thr update is required to fix an use-after-free vulnerabilities. The flaws are present in the application, which fails to properly handle incorrect macro expansion. Successful exploitation could allow attackers to prod ... oval:org.secpod.oval:def:23683 The host is installed with Mozilla Firefox before 36.0 and is prone to multiple use-after-free vulnerabilities. The flaws are present in the application, which fails to properly handle incorrect macro expansion. Successful exploitation could allow attackers to produce unspecified impact. oval:org.secpod.oval:def:23682 The host is missing a moderate security update according to Mozilla advisory, MFSA2015-22. The update is required to fix a denial of service vulnerability. A flaw is present in the application, which fails to properly handle vectors that trigger use of DrawTarget and the Cairo library for image draw ... oval:org.secpod.oval:def:23681 The host is installed with Mozilla Firefox before 36.0 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle vectors that trigger use of DrawTarget and the Cairo library for image drawing. Successful exploitation could allow attackers ... oval:org.secpod.oval:def:23680 The host is missing an important security update according to Mozilla advisory, MFSA2015-21. The update is required to fix a stack based buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a malformed MP3 file. Successful exploitation could allow attac ... oval:org.secpod.oval:def:203564 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. An uninitialized pointer use flaw was found in the Samba daemon. A malicious Samba client could send specia ... oval:org.secpod.oval:def:203563 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. An uninitialized pointer use flaw was found in the Samba daemon. A malicious Samba client could send specia ... oval:org.secpod.oval:def:203562 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. An uninitialized pointer use flaw was found in the Samba daemon. A malicious Samba client could send specia ... oval:org.secpod.oval:def:203561 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. An uninitialized pointer use flaw was found in the Samba daemon. A malicious Samba client could send specia ... oval:org.secpod.oval:def:203568 Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. A ... oval:org.secpod.oval:def:203567 Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with th ... oval:org.secpod.oval:def:203566 Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. A ... oval:org.secpod.oval:def:203565 Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with th ... oval:org.secpod.oval:def:203569 Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with th ... oval:org.secpod.oval:def:107340 Samba is the standard Windows interoperability suite of programs for Linux and Unix. oval:org.secpod.oval:def:501501 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. An uninitialized pointer use flaw was found in the Samba daemon . A malicious Samba client could send spe ... oval:org.secpod.oval:def:501503 Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with th ... oval:org.secpod.oval:def:501502 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. An uninitialized pointer use flaw was found in the Samba daemon . A malicious Samba client could send spe ... oval:org.secpod.oval:def:501505 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. An uninitialized pointer use flaw was found in the Samba daemon . A malicious Samba client could send spe ... oval:org.secpod.oval:def:501504 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. An uninitialized pointer use flaw was found in the Samba daemon . A malicious Samba client could send spe ... oval:org.secpod.oval:def:501507 Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. A ... oval:org.secpod.oval:def:501506 Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. A ... oval:org.secpod.oval:def:108451 Samba is the standard Windows interoperability suite of programs for Linux and Unix. oval:org.secpod.oval:def:108454 Samba is the standard Windows interoperability suite of programs for Linux and Unix. oval:org.secpod.oval:def:501132 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. It was discovered that the Samba Web Administration Tool did not protect against being opened in a web p ... oval:org.secpod.oval:def:501136 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. An integer overflow flaw was found in the way Samba handled an Extended Attribute list provided by a cli ... oval:org.secpod.oval:def:23669 The host is installed with Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 and is prone to an use-after-free vulnerability. A flaw is present in the applications, which fails to properly handle crafted content during IndexedDB index creation. Successful exploit ... oval:org.secpod.oval:def:23668 The host is missing a security update according to Mozilla advisory, MFSA2015-15. The update is required to fix a man in the middle attack vulnerability. A flaw is present in the application, which fails to use TLS to access TURN or STUN server. Successful exploitation could allow attackers to disco ... oval:org.secpod.oval:def:23667 The host is installed with Mozilla Firefox before 36.0 and is prone to a man in the middle attack vulnerability. A flaw is present in the application, which fails to use TLS to access TURN or STUN server. Successful exploitation could allow attackers to discover credentials by spoofing a server. oval:org.secpod.oval:def:23666 The host is missing a moderate security update according to Mozilla advisory, MFSA2015-14. The update is required to fix a denial of service vulnerability. A flaw is present in the application, which fails to properly allocate memory for copying an unspecified string to a shader's compilation log. S ... oval:org.secpod.oval:def:23672 The host is missing a critical security update according to Mozilla advisory, MFSA2015-17. The update is required to fix a buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a crafted MP4 video during playback. Successful exploitation could allow atta ... oval:org.secpod.oval:def:23671 The host is installed with Mozilla Firefox before 36.0 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a crafted MP4 video during playback. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:23670 The host is missing a critical security update according to Mozilla advisory, MFSA-2015-16. The update is required to fix an use-after-free vulnerability. A flaw is present in the applications, which fails to properly handle crafted content during IndexedDB index creation. Successful exploitation co ... oval:org.secpod.oval:def:23665 The host is installed with Mozilla Firefox before 36.0 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly allocate memory for copying an unspecified string to a shader's compilation log. Successful exploitation could allow attackers to cr ... oval:org.secpod.oval:def:23664 The host is missing a moderate security update according to Mozilla advisory, MFSA2015-13. The update is required to fix a man in the middle attack vulnerability. A flaw is present in the application, which fails to handle unknown vectors. Successful exploitation could allow attackers to bypass key ... oval:org.secpod.oval:def:23663 The host is installed with Mozilla Firefox before 36.0 and is prone to a man in the middle attack vulnerability. A flaw is present in the application, which fails to handle unknown vectors. Successful exploitation could allow attackers to bypass key pinning (HPKP) and HTTP Strict Transport Security ... oval:org.secpod.oval:def:105350 Samba is the standard Windows interoperability suite of programs for Linux and Unix. oval:org.secpod.oval:def:601905 Multiple security issues have been found in file, a tool/library to determine a file type. Processing a malformed file could result in denial of service. Most of the changes are related to parsing ELF files. As part of the fixes, several limits on aspects of the detection were added or tightened, so ... oval:org.secpod.oval:def:701426 samba: SMB/CIFS file, print, and login server for Unix Samba could be made to hang if it received specially crafted network traffic. oval:org.secpod.oval:def:52480 qemu: Machine emulator and virtualizer - qemu-kvm: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:52459 mysql-5.5: MySQL database Several security issues were fixed in MySQL. oval:org.secpod.oval:def:1501135 MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon and many client programs and libraries. This update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory p ... oval:org.secpod.oval:def:203691 MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon and many client programs and libraries. This update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory p ... oval:org.secpod.oval:def:109186 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:109208 QEMU is a generic and open source processor emulator which achieves a good emulation speed by using dynamic translation. QEMU has two operating modes: * Full system emulation. In this mode, QEMU emulates a full system , including a processor and various peripherials. It can be used to launch differe ... oval:org.secpod.oval:def:109225 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:602467 Shayan Sadigh discovered a vulnerability in OpenSSH: If PAM support is enabled and the sshd PAM configuration is configured to read user- specified environment variables and the "UseLogin" option is enabled, a local user may escalate her privileges to root. In Debian "UseLogin" i ... oval:org.secpod.oval:def:1800190 CVE-2016-4962, XSA-175: Unsanitised guest input in libxl device handling code. CVE-2016-4480, XSA-176: x86 software guest page walk PS bit handling flaw. CVE-2016-4963, XSA-178: Unsanitised driver domain input in libxl device handling. CVE-2016-3710 CVE-2016-3712, XSA-179: QEMU: Banked access to VGA ... oval:org.secpod.oval:def:501670 KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the user-space component for running virtual machines using KVM. It was found that the QEMU"s websocket frame decoder processed incoming frames without limiting resources used to process the ... oval:org.secpod.oval:def:109222 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:109402 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:25795 qemu: Machine emulator and virtualizer - qemu-kvm: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:703321 linux: Linux kernel The system could be made to run programs as an administrator. oval:org.secpod.oval:def:703320 linux: Linux kernel The system could be made to run programs as an administrator. oval:org.secpod.oval:def:501630 MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon and many client programs and libraries. This update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory p ... oval:org.secpod.oval:def:703325 linux-raspi2: Linux kernel for Raspberry Pi 2 The system could be made to run programs as an administrator. oval:org.secpod.oval:def:703315 linux: Linux kernel The system could be made to run programs as an administrator. oval:org.secpod.oval:def:703314 linux-lts-xenial: Linux hardware enablement kernel from Xenial for Trusty The system could be made to run programs as an administrator. oval:org.secpod.oval:def:703319 linux-lts-trusty: Linux hardware enablement kernel from Trusty for Precise The system could be made to run programs as an administrator. oval:org.secpod.oval:def:602050 Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to the new upstream version 5.5.43 oval:org.secpod.oval:def:703317 linux-ti-omap4: Linux kernel for OMAP4 The system could be made to run programs as an administrator. oval:org.secpod.oval:def:400672 qemu was updated to fix 37 security issues. These security issues were fixed: - CVE-2016-4439: Avoid OOB access in 53C9X emulation - CVE-2016-4441: Avoid OOB access in 53C9X emulation - CVE-2016-4952: Avoid OOB access in Vmware PV SCSI emulation - CVE-2015-8817: Avoid OOB access in PCI DMA I/O - ... oval:org.secpod.oval:def:400637 qemu was updated to fix 29 security issues. These security issues were fixed: - CVE-2016-4439: Avoid OOB access in 53C9X emulation - CVE-2016-4441: Avoid OOB access in 53C9X emulation - CVE-2016-4952: Avoid OOB access in Vmware PV SCSI emulation - CVE-2015-8817: Avoid OOB access in PCI dma I/O - ... oval:org.secpod.oval:def:602088 Several vulnerabilities were discovered in the qemu virtualisation solution: CVE-2014-9718 It was discovered that the IDE controller emulation is susceptible to denial of service. CVE-2015-1779 Daniel P. Berrange discovered a denial of service vulnerability in the VNC web socket decoder. CVE-2015-27 ... oval:org.secpod.oval:def:400618 This update for xen to version 4.5.3 fixes the several issues. These security issues were fixed: - CVE-2016-6258: Potential privilege escalation in PV guests . - CVE-2016-6259: Missing SMAP whitelisting in 32-bit exception / event delivery . - CVE-2016-5337: The megasas_ctrl_get_info function allo ... oval:org.secpod.oval:def:108802 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:108817 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:1501202 KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the user-space component for running virtual machines using KVM. It was found that the QEMU"s websocket frame decoder processed incoming frames without limiting resources used to process the ... oval:org.secpod.oval:def:25185 The host is installed with kernel on Red Hat Enterprise Linux 6 or 7 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle fork(2) and close(2) system calls with an 'int80' entry. Successful exploitation could allow attackers to es ... oval:org.secpod.oval:def:703098 openssh: secure shell for secure access to remote machines Several security issues were fixed in OpenSSH. oval:org.secpod.oval:def:110561 QEMU is a generic and open source processor emulator which achieves a good emulation speed by using dynamic translation. QEMU has two operating modes: * Full system emulation. In this mode, QEMU emulates a full system , including a processor and various peripherials. It can be used to launch differe ... oval:org.secpod.oval:def:24536 The host is installed with MySQL 5.1.73 and earlier on Red Hat Enterprise Linux 6, MySQL 5.0.95 and earlier on Red Hat Enterprise Linux 5, mariadb 5.5.41 and earlier on Red Hat Enterprise Linux 7 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handl ... oval:org.secpod.oval:def:24539 The host is installed with MySQL 5.1.73 and earlier on Red Hat Enterprise Linux 6, MySQL 5.0.95 and earlier on Red Hat Enterprise Linux 5, mariadb 5.5.41 and earlier on Red Hat Enterprise Linux 7 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handl ... oval:org.secpod.oval:def:24540 The host is installed with MySQL 5.1.73 and earlier on Red Hat Enterprise Linux 6, MySQL 5.0.95 and earlier on Red Hat Enterprise Linux 5, mariadb 5.5.41 and earlier on Red Hat Enterprise Linux 7 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handl ... oval:org.secpod.oval:def:24541 The host is installed with MySQL 5.1.73 and earlier on Red Hat Enterprise Linux 6, MySQL 5.0.95 and earlier on Red Hat Enterprise Linux 5, mariadb 5.5.41 and earlier on Red Hat Enterprise Linux 7 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handl ... oval:org.secpod.oval:def:24542 The host is installed with MySQL 5.1.73 and earlier on Red Hat Enterprise Linux 6, MySQL 5.0.95 and earlier on Red Hat Enterprise Linux 5, mariadb 5.5.41 and earlier on Red Hat Enterprise Linux 7 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handl ... oval:org.secpod.oval:def:24543 The host is installed with MySQL 5.1.73 and earlier on Red Hat Enterprise Linux 6, MySQL 5.0.95 and earlier on Red Hat Enterprise Linux 5, mariadb 5.5.41 and earlier on Red Hat Enterprise Linux 7 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handl ... oval:org.secpod.oval:def:110577 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:108686 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:1800268 CVE-2016-3157, XSA-171: I/O port access privilege escalation in x86-64 Linux IRET and POPF do not modify EFLAGS.IOPL when executed by code at a privilege level other than zero. Since PV Xen guests run at privilege level 3 , to compensate for this the context switching of EFLAGS.IOPL requires the gue ... oval:org.secpod.oval:def:108681 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:110542 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:26757 The host is installed with Oracle MySQL 5.5.x through 5.5.42 or MySQL 5.6.x through 5.6.23 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle vectors related to Server : Compiling. Successful exploitation allows remote authenticated use ... oval:org.secpod.oval:def:26759 The host is installed with Oracle MySQL 5.5.x through 5.5.42 or MySQL 5.6.x through 5.6.23 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle vectors related to Server : Optimizer. Successful exploitation allows remote authenticated use ... oval:org.secpod.oval:def:109311 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:26747 The host is installed with Oracle MySQL 5.5.x through 5.5.41 or MySQL 5.6.x through 5.6.22 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle vectors related to InnoDB : DML. Successful exploitation allows remote authenticated users to ... oval:org.secpod.oval:def:26749 The host is installed with Oracle MySQL 5.5.x through 5.5.41 or MySQL 5.6.x through 5.6.22 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle unknown vectors related to Server : Security : Privileges. Successful exploitation allows remo ... oval:org.secpod.oval:def:26748 The host is installed with Oracle MySQL 5.5.x through 5.5.41 or MySQL 5.6.x through 5.6.22 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle unknown vectors related to Server : Security : Encryption. Successful exploitation allows remo ... oval:org.secpod.oval:def:501995 OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fix: * It was discovered that the OpenSSH sshd daemon fetched PAM environment settings before running t ... oval:org.secpod.oval:def:26756 The host is installed with Oracle MySQL 5.5.x through 5.5.42 or MySQL 5.6.x through 5.6.23 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle vectors related to Server : Federated. Successful exploitation allows remote authenticated use ... oval:org.secpod.oval:def:108696 QEMU is a generic and open source processor emulator which achieves a good emulation speed by using dynamic translation. QEMU has two operating modes: * Full system emulation. In this mode, QEMU emulates a full system , including a processor and various peripherials. It can be used to launch differe ... oval:org.secpod.oval:def:108883 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:108879 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:110505 QEMU is a generic and open source processor emulator which achieves a good emulation speed by using dynamic translation. QEMU has two operating modes: * Full system emulation. In this mode, QEMU emulates a full system , including a processor and various peripherials. It can be used to launch differe ... oval:org.secpod.oval:def:702557 qemu: Machine emulator and virtualizer - qemu-kvm: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:108863 QEMU is a generic and open source processor emulator which achieves a good emulation speed by using dynamic translation. QEMU has two operating modes: * Full system emulation. In this mode, QEMU emulates a full system , including a processor and various peripherials. It can be used to launch differe ... oval:org.secpod.oval:def:24742 The host is installed with kernel in RHEL 6 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to properly decode encrypted filenames. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:702516 mysql-5.5: MySQL database Several security issues were fixed in MySQL. oval:org.secpod.oval:def:602469 Multiple security vulnerabilities have been discovered in the Tomcat servlet and JSP engine, which may result in information disclosure, the bypass of CSRF protections and bypass of the SecurityManager. oval:org.secpod.oval:def:33121 The host is installed with Apache Tomcat 7.x before 7.0.68, 8.x before 8.0.31 or 9.x before 9.0.0.M3 and is prone to a security bypass vulnerability. A flaw is present in the setGlobalContext method, which does not consider whether ResourceLinkFactory.setGlobalContext callers are authorized. Success ... oval:org.secpod.oval:def:33120 The host is installed with Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.31 or 9.x before 9.0.0.M2 and is prone to a security bypass vulnerability. A flaw is present in the application, which does not place org.apache.catalina.manager.StatusManagerServlet on the org/apache/catal ... oval:org.secpod.oval:def:33119 The host is installed with Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.31 or 9.x before 9.0.0.M2 and is prone to a security bypass vulnerability. A flaw is present in the session-persistence implementation, which mishandles session attributes. Successful exploitation allows re ... oval:org.secpod.oval:def:400638 This update for tomcat fixes the following security issues. Tomcat has been updated from 7.0.55 to 7.0.68. * CVE-2015-5174: Directory traversal vulnerability in RequestUtil.java in Apache Tomcat allowed remote authenticated users to bypass intended SecurityManager restrictions and list a parent dire ... oval:org.secpod.oval:def:602436 Multiple security vulnerabilities have been fixed in the Tomcat servlet and JSP engine, which may result on bypass of security manager restrictions, information disclosure, denial of service or session fixation. oval:org.secpod.oval:def:110343 Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Tomcat is developed in an open and participatory e ... oval:org.secpod.oval:def:400782 This update for tomcat fixes the following issues: Tomcat 8 was updated from 8.0.23 to 8.0.32, to fix bugs and security issues. Fixed security issues: * CVE-2015-5174: Directory traversal vulnerability in RequestUtil.java in Apache Tomcat allowed remote authenticated users to bypass intended Securit ... oval:org.secpod.oval:def:1600343 A directory traversal vulnerability in RequestUtil.java was discovered which allows remote authenticated users to bypass intended SecurityManager restrictions and list a parent directory via a /.. in a pathname used by a web application in a getResource, getResourceAsStream, or getResourcePaths cal ... oval:org.secpod.oval:def:1600336 ResourceLinkFactory.setGlobalContext is a public method and was discovered to be accessible by web applications running under a security manager without any checks. This allowed a malicious web application to inject a malicious global context that could in turn be used to disrupt other web applicati ... oval:org.secpod.oval:def:1600351 A directory traversal vulnerability in RequestUtil.java was discovered which allows remote authenticated users to bypass intended SecurityManager restrictions and list a parent directory via a /.. in a pathname used by a web application in a getResource, getResourceAsStream, or getResourcePaths cal ... oval:org.secpod.oval:def:1600357 ResourceLinkFactory.setGlobalContext is a public method and was discovered to be accessible by web applications running under a security manager without any checks. This allowed a malicious web application to inject a malicious global context that could in turn be used to disrupt other web applicati ... oval:org.secpod.oval:def:1600384 A directory traversal vulnerability in RequestUtil.java was discovered which allows remote authenticated users to bypass intended SecurityManager restrictions and list a parent directory via a /.. in a pathname used by a web application in a getResource, getResourceAsStream, or getResourcePaths cal ... oval:org.secpod.oval:def:33123 The host is installed with Apache Tomcat 7.x before 7.0.66, 8.x before 8.0.30 or 9.x before 9.0.0.M2 and is prone to a session fixation vulnerability. A flaw is present in the session-persistence implementation, which fails to handle different session settings used for deployments of multiple versio ... oval:org.secpod.oval:def:33122 The host is installed with Apache Tomcat 7.x before 7.0.68, 8.x before 8.0.31 or 9.x before 9.0.0.M2 and is prone to a security bypass vulnerability. A flaw is present in the Manager and Host Manager applications, which establish sessions and send CSRF tokens for arbitrary new requests. Successful e ... oval:org.secpod.oval:def:33124 The host is installed with Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.67, 8.x before 8.0.30 or 9.x before 9.0.0.M2 and is prone to an information disclosure vulnerability. A flaw is present in the Mapper component, which processes redirects before considering security constraints and Filters. S ... oval:org.secpod.oval:def:1501600 Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. Security Fix: * It was discovered that the Tomcat packages installed configuration file /usr/lib/tmpfiles.d/tomcat.conf writeable to the tomcat group. A member of the group or a malicious web application dep ... oval:org.secpod.oval:def:32756 The host is installed with Oracle MySQL through 5.6.27 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails vectors related to DML. Successful exploitation allows remote authenticated users to affect availability. oval:org.secpod.oval:def:1901036 Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier allows remote authenticated users to affect availability via vectors related to DML. oval:org.secpod.oval:def:1901154 Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier and 5.7.9 allows remote authenticated users to affect availability via vectors related to DML, a different vulnerability than CVE-2016-0504. oval:org.secpod.oval:def:1901191 Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier and 5.7.9 allows remote authenticated users to affect availability via unknown vectors related to replication. oval:org.secpod.oval:def:32740 The host is installed with Oracle MySQL through 5.6.27 or 5.7.9 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails vectors related to DML. Successful exploitation allows remote authenticated users to affect availability. oval:org.secpod.oval:def:32739 The host is installed with Oracle MySQL through 5.6.27 or 5.7.9 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails vectors related to DML. Successful exploitation allows remote authenticated users to affect availability. oval:org.secpod.oval:def:32747 The host is installed with Oracle MySQL through 5.6.27 or 5.7.9 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails unknown vectors related to replication. Successful exploitation allows remote authenticated users to affect availability. oval:org.secpod.oval:def:1901258 Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier and 5.7.9 allows remote authenticated users to affect availability via vectors related to DML, a different vulnerability than CVE-2016-0503. oval:org.secpod.oval:def:39490 glibc: GNU C Library - eglibc: GNU C Library Several security issues were fixed in the GNU C Library. oval:org.secpod.oval:def:1800593 CVE-2016-6263: Crash when given invalid UTF-8 data on input CVE-2015-8948: Out-of-bounds read due to use of fgets with fixed-size buffer CVE-2016-6262: Out-of-bounds read when reading zero byte as input CVE-2016-6261: Out of bounds stack read in idna_to_ascii_4i Fixed In Version: libidn 1.33 oval:org.secpod.oval:def:36851 libidn: implementation of IETF IDN specifications Several security issues were fixed in Libidn. oval:org.secpod.oval:def:113356 The glibc package contains standard libraries which are used by multiple programs on the system. In order to save disk space and memory, as well as to make upgrading easier, common system code is kept in one place and shared between programs. This particular package contains the most important sets ... oval:org.secpod.oval:def:602603 Hanno Boeck discovered multiple vulnerabilities in libidn, the GNU library for Internationalized Domain Names, allowing a remote attacker to cause a denial of service against an application using the libidn library . oval:org.secpod.oval:def:1501778 Quick emulator (QEMU) built with the Cirrus CLGD 54xx VGA emulator support is vulnerable to an out-of-bounds access issue. It could occur while copying VGA data via bitblt copy in backward mode. A privileged user inside a guest could use this flaw to crash the QEMU process resulting in DoS or potent ... oval:org.secpod.oval:def:1501736 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:501821 KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm packages provide the user-space component for running virtual machines using KVM. Security Fix: * An out-of-bounds read/write access flaw was found in the way QEMU"s VGA emulation with VESA BIOS Extensions ... oval:org.secpod.oval:def:602497 Several vulnerabilities were discovered in qemu, a fast processor emulator. CVE-2016-3710 Wei Xiao and Qinghao Tang of 360.cn Inc discovered an out-of-bounds read and write flaw in the QEMU VGA module. A privileged guest user could use this flaw to execute arbitrary code on the host with the privile ... oval:org.secpod.oval:def:703107 qemu: Machine emulator and virtualizer - qemu-kvm: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:34611 qemu: Machine emulator and virtualizer - qemu-kvm: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:50337 Integer overflow in the gdk_cairo_set_source_pixbuf function in gdk/gdkcairo.c in GTK+ before 3.9.8, as used in eom, gnome-photos, eog, gambas3, thunar, pinpoint, and possibly other applications, allows remote attackers to cause a denial of service (crash) via a large image file, which triggers a la ... oval:org.secpod.oval:def:703069 libtasn1-6: Library to manage ASN.1 structures Details: USN-2957-1 fixed a vulnerability in Libtasn1. This update provides the corresponding update for Ubuntu 16.04 LTS. Original advisory Libtasn1 could be made to hang if it processed specially crafted data. oval:org.secpod.oval:def:501983 Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fix: * Quick emulator built with the Cirrus CLGD 54xx VGA emulator support is vulnerabl ... oval:org.secpod.oval:def:502000 Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fix: * An integer overflow flaw and an out-of-bounds read flaw were found in the way QEM ... oval:org.secpod.oval:def:1800506 CVE-2016-9013: User with hardcoded password created when running tests on Oracle. When running tests with an Oracle database, Django creates a temporary database user. In older versions, if a password isn"t manually specified in the database settings TEST dictionary, a hardcoded password is used. Th ... oval:org.secpod.oval:def:602724 Peter Wu discovered that a use-after-free in the pscd PC/SC daemon of PCSC-Lite might result in denial of service or potentially privilege escalation. oval:org.secpod.oval:def:1501599 Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. Security Fix: * It was discovered that the Tomcat packages installed configuration file /usr/lib/tmpfiles.d/tomcat.conf writeable to the tomcat group. A member of the group or a malicious web application dep ... oval:org.secpod.oval:def:602547 Aleksandar Nikolic discovered that missing input sanitising in the RTF parser in Libreoffice may result in the execution of arbitrary code if a malformed documented is opened. oval:org.secpod.oval:def:501881 Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. Security Fix: * It was discovered that the Tomcat packages installed certain configuration files read by the Tomcat initialization script as writeable to the tomcat group. A member of the group or a malicio ... oval:org.secpod.oval:def:501887 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A race condition was found in the way the Linux kernel"s memory subsystem handled the copy-on-write breakage of private read-only memory mappings. An unprivileged, local user could use this flaw to ... oval:org.secpod.oval:def:703337 python-django: High-level Python web development framework Several security issues were fixed in Django. oval:org.secpod.oval:def:703323 linux: Linux kernel The system could be made to run programs as an administrator. oval:org.secpod.oval:def:703316 linux-snapdragon: Linux kernel for Snapdragon Processors The system could be made to run programs as an administrator. oval:org.secpod.oval:def:703318 linux-raspi2: Linux kernel for Raspberry Pi 2 The system could be made to run programs as an administrator. oval:org.secpod.oval:def:602859 Several vulnerabilities were discovered in Django, a high-level Python web development framework. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2016-9013 Marti Raudsepp reported that a user with a hardcoded password is created when running tests with an Orac ... oval:org.secpod.oval:def:602602 Hanno Boeck and Marcin Noga discovered multiple vulnerabilities in libarchive; processing malformed archives may result in denial of service or the execution of arbitrary code. oval:org.secpod.oval:def:602648 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2015-8956 It was discovered that missing input sanitising in RFCOMM Bluetooth socket handling may result in denial of service or information leak. CVE ... oval:org.secpod.oval:def:602593 Felix Doerre and Vladimir Klebanov from the Karlsruhe Institute of Technology discovered a flaw in the mixing functions of GnuPG"s random number generator. An attacker who obtains 4640 bits from the RNG can trivially predict the next 160 bits of output. A first analysis on the impact of this bug for ... oval:org.secpod.oval:def:602592 Felix Doerre and Vladimir Klebanov from the Karlsruhe Institute of Technology discovered a flaw in the mixing functions of Libgcrypt"s random number generator. An attacker who obtains 4640 bits from the RNG can trivially predict the next 160 bits of output. A first analysis on the impact of this bug ... oval:org.secpod.oval:def:703240 libgcrypt20: LGPL Crypto library - libgcrypt11: LGPL Crypto library Libgcrypt incorrectly generated random numbers. oval:org.secpod.oval:def:703238 gnupg: GNU privacy guard - a free PGP replacement GnuPG incorrectly generated random numbers. oval:org.secpod.oval:def:703435 pcsc-lite: Middleware to access a smart card using PC/SC PCSC-Lite could be made to crash or run programs as an administrator if it received specially crafted input. oval:org.secpod.oval:def:703828 dnsmasq: Small caching DNS proxy and DHCP/TFTP server Several security issues were fixed in Dnsmasq. oval:org.secpod.oval:def:113295 Dnsmasq is lightweight, easy to configure DNS forwarder and DHCP server. It is designed to provide DNS and, optionally, DHCP, to a small network. It can serve the names of local machines which are not in the global DNS. The DHCP server integrates with the DNS server and allows machines with DHCP-all ... oval:org.secpod.oval:def:52873 gdb: GNU Debugger Several security issues were fixed in gdb. oval:org.secpod.oval:def:1502012 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502020 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:603116 Felix Wilhelm, Fermin J. Serna, Gabriel Campana, Kevin Hamacher, Ron Bowes and Gynvael Coldwind of the Google Security Team discovered several vulnerabilities in dnsmasq, a small caching DNS proxy and DHCP/TFTP server, which may result in denial of service, information leak or the execution of arbit ... oval:org.secpod.oval:def:53145 Felix Wilhelm, Fermin J. Serna, Gabriel Campana, Kevin Hamacher, Ron Bowes and Gynvael Coldwind of the Google Security Team discovered several vulnerabilities in dnsmasq, a small caching DNS proxy and DHCP/TFTP server, which may result in denial of service, information leak or the execution of arbit ... oval:org.secpod.oval:def:113341 Dnsmasq is lightweight, easy to configure DNS forwarder and DHCP server. It is designed to provide DNS and, optionally, DHCP, to a small network. It can serve the names of local machines which are not in the global DNS. The DHCP server integrates with the DNS server and allows machines with DHCP-all ... oval:org.secpod.oval:def:502144 The dnsmasq packages contain Dnsmasq, a lightweight DNS forwarder and DHCP server. Security Fix: * A heap buffer overflow was found in dnsmasq in the code responsible for building DNS replies. An attacker could send crafted DNS packets to dnsmasq which would cause it to crash or, potentially, exec ... oval:org.secpod.oval:def:502143 The dnsmasq packages contain Dnsmasq, a lightweight DNS forwarder and DHCP server. Security Fix: * A heap buffer overflow was found in dnsmasq in the code responsible for building DNS replies. An attacker could send crafted DNS packets to dnsmasq which would cause it to crash or, potentially, exec ... oval:org.secpod.oval:def:113604 Dnsmasq is lightweight, easy to configure DNS forwarder and DHCP server. It is designed to provide DNS and, optionally, DHCP, to a small network. It can serve the names of local machines which are not in the global DNS. The DHCP server integrates with the DNS server and allows machines with DHCP-all ... oval:org.secpod.oval:def:51908 dnsmasq: Small caching DNS proxy and DHCP/TFTP server Several security issues were fixed in Dnsmasq. oval:org.secpod.oval:def:1600780 Information leak in the DHCPv6 relay codeAn information leak was found in dnsmasq in the DHCPv6 relay code. An attacker on the local network could send crafted DHCPv6 packets to dnsmasq causing it to forward the contents of process memory, potentially leaking sensitive data. Memory exhaustion vulner ... oval:org.secpod.oval:def:1200147 A flaw in libjpeg-turbo was reported that could lead to a local denial of service when processing a specially-crafted JPEG issue. oval:org.secpod.oval:def:53567 The host is installed with Apple Mac OS X 10.12.6, 10.13.6 or 10.14.3 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle an issue in perl. Successful exploitation allows an attacker to cause unspecified impact. oval:org.secpod.oval:def:53350 Jakub Wilk discovered a directory traversal flaw in the Archive::Tar module, allowing an attacker to overwrite any file writable by the extracting user via a specially crafted tar archive. oval:org.secpod.oval:def:1502253 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:704204 perl: Practical Extraction and Report Language Perl could be made to overwrite arbitrary files if it received a specially crafted archive file. oval:org.secpod.oval:def:114665 Archive::Tar provides an object oriented mechanism for handling tar files. It provides class methods for quick and easy files handling while also allowing for the creation of tar file objects for custom manipulation. If you have the IO::Zlib module installed, Archive::Tar will also support compresse ... oval:org.secpod.oval:def:114659 Archive::Tar provides an object oriented mechanism for handling tar files. It provides class methods for quick and easy files handling while also allowing for the creation of tar file objects for custom manipulation. If you have the IO::Zlib module installed, Archive::Tar will also support compresse ... oval:org.secpod.oval:def:603428 Jakub Wilk discovered a directory traversal flaw in the Archive::Tar module, allowing an attacker to overwrite any file writable by the extracting user via a specially crafted tar archive. oval:org.secpod.oval:def:108493 The libjpeg-turbo package contains a library of functions for manipulating JPEG images. oval:org.secpod.oval:def:108227 MinGW Windows cross compiled Libjpeg-turbo library. oval:org.secpod.oval:def:51088 perl: Practical Extraction and Report Language Perl could be made to overwrite arbitrary files if it received a specially crafted archive file. oval:org.secpod.oval:def:1700075 An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. pop.c does not forbid characters that may have unsafe interaction with message-cache pathnames, as demonstrated by a #039;/#039; character.An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. They al ... oval:org.secpod.oval:def:1502298 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502297 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:502352 Mutt is a low resource, highly configurable, text-based MIME e-mail client. Mutt supports most e-mail storing formats, such as mbox and Maildir, as well as most protocols, including POP3 and IMAP. Security Fix: * mutt: Remote code injection vulnerability to an IMAP mailbox * mutt: Remote Code Execu ... oval:org.secpod.oval:def:704178 mutt: text-based mailreader supporting MIME, GPG, PGP and threading Several security issues were fixed in Mutt. oval:org.secpod.oval:def:114862 Mutt is a small but very powerful text-based MIME mail client. Mutt is highly configurable, and is well suited to the mail power user with advanced features like key bindings, keyboard macros, mail threading, regular expression searches and a powerful pattern matching language for selecting groups o ... oval:org.secpod.oval:def:114859 Mutt is a small but very powerful text-based MIME mail client. Mutt is highly configurable, and is well suited to the mail power user with advanced features like key bindings, keyboard macros, mail threading, regular expression searches and a powerful pattern matching language for selecting groups o ... oval:org.secpod.oval:def:704326 mutt: text-based mailreader supporting MIME, GPG, PGP and threading Details: USN-3719-1 fixed vulnerabilities in Mutt. Unfortunately, the fixes were not correctly applied to the packaging for Mutt in Ubuntu 16.04 LTS. This update corrects the oversight. We apologize for the inconvenience. Original a ... oval:org.secpod.oval:def:1501959 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:110198 MariaDB is a community developed branch of MySQL. MariaDB is a multi-user, multi-threaded SQL database server. It is a client/server implementation consisting of a server daemon and many different client programs and libraries. The base package contains the standard MariaDB/MySQL client programs an ... oval:org.secpod.oval:def:52682 mysql-5.6: MySQL database - mysql-5.5: MySQL database Several security issues were fixed in MySQL. oval:org.secpod.oval:def:1900743 Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to Optimizer. oval:org.secpod.oval:def:1900731 Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Client. NOTE: the previous ... oval:org.secpod.oval:def:203888 MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded to a newer upstream version: MariaDB . Refer to the MariaDB Release Notes listed in the References section for a complete list of changes. Security Fix: * It wa ... oval:org.secpod.oval:def:1600443 It was found that the MariaDB client library did not properly check host names against server identities noted in the X.509 certificates when establishing secure connections using TLS/SSL. A man-in-the-middle attacker could possibly use this flaw to impersonate a server to a client. Unspecified vuln ... oval:org.secpod.oval:def:400641 mariadb was updated to version 10.0.25 to fix 25 security issues. These security issues were fixed: - CVE-2016-0505: Unspecified vulnerability allowed remote authenticated users to affect availability via unknown vectors related to Options . - CVE-2016-0546: Unspecified vulnerability allowed local u ... oval:org.secpod.oval:def:1501424 MariaDB is a community developed branch of MySQL. MariaDB is a multi-user, multi-threaded SQL database server. It is a client/server implementation consisting of a server daemon and many different client programs and libraries. The base package contains the standard MariaDB/MySQL client programs and ... oval:org.secpod.oval:def:1901110 Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via vectors related to DML. oval:org.secpod.oval:def:1901121 Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect integrity via unknown vectors related to encryption. oval:org.secpod.oval:def:1901332 Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to Optimizer. oval:org.secpod.oval:def:32758 The host is installed with Oracle MySQL through 5.5.46 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails unknown vectors related to Optimizer. Successful exploitation allows remote authenticated users to affect availability. oval:org.secpod.oval:def:32753 The host is installed with Oracle MySQL through 5.5.46, through 5.6.27 or 5.7.9 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails vectors related to DML. Successful exploitation allows remote authenticated users to affect availability. oval:org.secpod.oval:def:32754 The host is installed with Oracle MySQL through 5.5.46, through 5.6.27 or 5.7.9 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails unknown vectors related to Optimizer. Successful exploitation allows remote authenticated users to affect availability. oval:org.secpod.oval:def:32746 The host is installed with Oracle MySQL through 5.5.46, through 5.6.27 or 5.7.9 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails vectors related to UDF. Successful exploitation allows remote authenticated users to affect availability. oval:org.secpod.oval:def:32748 The host is installed with Oracle MySQL through 5.5.46, through 5.6.27 or 5.7.9 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails unknown vectors related to encryption. Successful exploitation allows remote authenticated users to affect integrity. oval:org.secpod.oval:def:32742 The host is installed with Oracle MySQL through 5.5.46, through 5.6.27 or 5.7.9 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails unknown vectors related to Client. Successful exploitation allows local users to affect confidentiality, integrity, and avai ... oval:org.secpod.oval:def:110278 MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files. oval:org.secpod.oval:def:110258 MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files. oval:org.secpod.oval:def:110256 MariaDB is a community developed branch of MySQL. MariaDB is a multi-user, multi-threaded SQL database server. It is a client/server implementation consisting of a server daemon and many different client programs and libraries. The base package contains the standard MariaDB/MySQL client programs an ... oval:org.secpod.oval:def:602353 Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to the new upstream version 5.5.47 oval:org.secpod.oval:def:602351 Several issues have been discovered in the MariaDB database server. The vulnerabilities are addressed by upgrading MariaDB to the new upstream version 10.0.23. Please see the MariaDB 10.0 Release Notes for further details: https://mariadb.com/kb/en/mariadb/mariadb-10023-release-notes/ oval:org.secpod.oval:def:501798 MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded to a newer upstream version: MariaDB . Refer to the MariaDB Release Notes listed in the References section for a complete list of changes. Security Fix: * It wa ... oval:org.secpod.oval:def:1901284 Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via vectors related to UDF. oval:org.secpod.oval:def:1600337 wolfSSL before 3.6.8 does not properly handle faults associated with the Chinese Remainder Theorem process when allowing ephemeral key exchange without low memory optimizations on a server, which makes it easier for remote attackers to obtain private RSA keys by capturing TLS handshakes, also know ... oval:org.secpod.oval:def:1800668 CVE-2016-2047: MariaDB 10.1.10 CVE-2016-0616: MariaDB 10.1.10 CVE-2016-0610: MariaDB 10.1.9 CVE-2016-0609: MariaDB 10.1.10 CVE-2016-0608: MariaDB 10.1.10 CVE-2016-0606: MariaDB 10.1.10 CVE-2016-0600: MariaDB 10.1.10 CVE-2016-0598: MariaDB 10.1.10 CVE-2016-0597: MariaDB 10.1.10 CVE-2016-0596: MariaDB ... oval:org.secpod.oval:def:400733 mariadb was updated to version 10.0.25 to fix 25 security issues. These security issues were fixed: - CVE-2016-0505: Unspecified vulnerability allowed remote authenticated users to affect availability via unknown vectors related to Options . - CVE-2016-0546: Unspecified vulnerability allowed local u ... oval:org.secpod.oval:def:108505 The libjpeg-turbo package contains a library of functions for manipulating JPEG images. oval:org.secpod.oval:def:108248 MinGW Windows cross compiled Libjpeg-turbo library. oval:org.secpod.oval:def:602416 Several vulnerabilities were discovered in JasPer, a library for manipulating JPEG-2000 files. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2016-1577 Jacob Baines discovered a double-free flaw in the jas_iccattrval_destroy function. A remote attacker could ... oval:org.secpod.oval:def:602531 Multiple security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors, buffer overflows and other implementation errors may lead to the execution of arbitrary code or spoofing. Wait, Firefox? No more references to Iceweasel? That"s right, Debian no longer applies ... oval:org.secpod.oval:def:602589 Multiple security issues have been found in Icedove, Debian"s version of the Mozilla Thunderbird mail client: Multiple memory safety errors may lead to the execution of arbitrary code or denial of service. oval:org.secpod.oval:def:33674 The host is installed with Apple Mac OS X or Server 10.9.5, 10.10.5 or 10.11.x before 10.11.4 or Apple Safari before 9.1 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle a malicious crafted XML. Successful exploitation co ... oval:org.secpod.oval:def:1501988 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:703164 linux-lts-wily: Linux hardware enablement kernel from Wily for Trusty Several security issues were fixed in the kernel. oval:org.secpod.oval:def:703160 linux-lts-vivid: Linux hardware enablement kernel from Vivid for Trusty Several security issues were fixed in the kernel. oval:org.secpod.oval:def:703158 linux-lts-utopic: Linux hardware enablement kernel from Utopic for Trusty Several security issues were fixed in the kernel. oval:org.secpod.oval:def:110403 The kernel meta package oval:org.secpod.oval:def:704151 libjpeg-turbo: library for handling JPEG files libjpeg-turbo could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:110473 The kernel meta package oval:org.secpod.oval:def:111284 Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Tomcat is developed in an open and participatory e ... oval:org.secpod.oval:def:111287 Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Tomcat is developed in an open and participatory e ... oval:org.secpod.oval:def:703196 tomcat8: Servlet and JSP engine Tomcat could be made to hang if it received specially crafted network traffic. oval:org.secpod.oval:def:703188 tomcat7: Servlet and JSP engine - tomcat6: Servlet and JSP engine Several security issues were fixed in Tomcat. oval:org.secpod.oval:def:602553 The TERASOLUNA Framework Development Team discovered a denial of service vulnerability in Apache Commons FileUpload, a package to make it easy to add robust, high-performance, file upload capability to servlets and web applications. A remote attacker can take advantage of this flaw by sending file u ... oval:org.secpod.oval:def:602549 The TERASOLUNA Framework Development Team discovered a denial of service vulnerability in Apache Commons FileUpload, a package to make it easy to add robust, high-performance, file upload capability to servlets and web applications. A remote attacker can take advantage of this flaw by sending file u ... oval:org.secpod.oval:def:602545 Multiple security vulnerabilities have been discovered in the Tomcat servlet and JSP engine, which may result in information disclosure, the bypass of CSRF protections, bypass of the SecurityManager or denial of service. oval:org.secpod.oval:def:1600439 A denial of service vulnerability was identified in Commons FileUpload that occurred when the length of the multipart boundary was just below the size of the buffer used to read the uploaded file if the boundary was the typical tens of bytes long. oval:org.secpod.oval:def:1501655 Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. The following packages have been upgraded to a newer upstream version: tomcat . Security Fix: * A CSRF flaw was found in Tomcat"s the index pages for the Manager and Host Manager applications. These applic ... oval:org.secpod.oval:def:35821 The host is installed with Apache Tomcat 7.x before 7.0.70, 8.x before 8.0.36, 8.5.x before 8.5.3 or 9.x before 9.0.0.M7 and is prone to a denial of service vulnerability. A flaw is present in the MultipartStream class in Apache Commons Fileupload, which fails to handle a long boundary string. Succe ... oval:org.secpod.oval:def:35820 tomcat7: Servlet and JSP engine - tomcat6: Servlet and JSP engine Several security issues were fixed in Tomcat. oval:org.secpod.oval:def:35819 tomcat7: Servlet and JSP engine - tomcat6: Servlet and JSP engine Several security issues were fixed in Tomcat. oval:org.secpod.oval:def:602320 Several vulnerabilities were discovered in libxml2, a library providing support to read, modify and write XML and HTML files. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause that application to use an excessive am ... oval:org.secpod.oval:def:501720 The libxml2 library is a development toolbox providing the implementation of various XML standards. Several denial of service flaws were found in libxml2, a library providing support for reading, modifying, and writing XML and HTML files. A remote attacker could provide a specially crafted XML or HT ... oval:org.secpod.oval:def:1501303 The key_gc_unused_keys function in security/keys/gc.c in the Linux kernel allows local users to cause a denial of service (OOPS) via crafted keyctl commands. oval:org.secpod.oval:def:1501307 Race condition in the IPC object implementation in the Linux kernel allows local users to gain privileges by triggering an ipc_addid call that leads to uid and gid comparisons against uninitialized data, related to msg.c, shm.c, and util.c. oval:org.secpod.oval:def:52438 linux-lts-utopic: Linux hardware enablement kernel from Utopic Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702482 linux-lts-utopic: Linux hardware enablement kernel from Utopic Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702475 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702645 linux-lts-trusty: Linux hardware enablement kernel from Trusty Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702643 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702638 linux-lts-utopic: Linux hardware enablement kernel from Utopic Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702602 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:1501293 The key_gc_unused_keys function in security/keys/gc.c in the Linux kernel allows local users to cause a denial of service (OOPS) via crafted keyctl commands. oval:org.secpod.oval:def:1501298 Race condition in the IPC object implementation in the Linux kernel allows local users to gain privileges by triggering an ipc_addid call that leads to uid and gid comparisons against uninitialized data, related to msg.c, shm.c, and util.c. oval:org.secpod.oval:def:602150 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service, information leaks or data corruption. CVE-2015-1805 Red Hat discovered that the pipe iovec read and write implementations may iterate over the iovec twice but will modify the ... oval:org.secpod.oval:def:702593 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:1501937 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:24743 The host is installed with kernel in RHEL 7 and is prone to an unprivileged module load vulnerability. A flaw is present in the application, which fails to properly handle request_module() call. Successful exploitation could allow attackers to load any installed module. oval:org.secpod.oval:def:52473 clamav: Anti-virus utility for Unix ClamAV could be made to crash or run programs if it processed a specially crafted file. oval:org.secpod.oval:def:30883 The host is installed with Apple Mac OS X or Server 10.6.8 before 10.11 and is prone to an use-after-free vulnerability. A flaw is present in the application, which fails to properly handle vectors that trigger an attempted renaming of a Phar archive to the name of an existing file. Successful explo ... oval:org.secpod.oval:def:52429 php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:1501139 MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. It was found that the MySQL client library permitted but did not require a client to use SSL/TLS when establishing a secure connection to a MySQL server using the "--ssl" option. A man-in-the- ... oval:org.secpod.oval:def:501820 The file command is used to identify a particular file according to the type of data the file contains. It can identify many different file types, including Executable and Linkable Format binary files, system libraries, RPM packages, and different graphics formats. Security Fix: * Multiple flaws we ... oval:org.secpod.oval:def:203693 MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. It was found that the MySQL client library permitted but did not require a client to use SSL/TLS when establishing a secure connection to a MySQL server using the "--ssl" option. A man-in-the- ... oval:org.secpod.oval:def:204124 The file command is used to identify a particular file according to the type of data the file contains. It can identify many different file types, including Executable and Linkable Format binary files, system libraries, RPM packages, and different graphics formats. Security Fix: * Multiple flaws we ... oval:org.secpod.oval:def:501640 MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. It was found that the MySQL client library permitted but did not require a client to use SSL/TLS when establishing a secure connection to a MySQL server using the --ssl option. A man-in-the-middle attac ... oval:org.secpod.oval:def:602015 The previous update for php5, DSA-3198-1, introduced a regression causing segmentation faults when using SoapClient::__setSoapHeader. Updated packages are now available to address this regression. For reference, the original advisory text follows. Multiple vulnerabilities have been discovered in the ... oval:org.secpod.oval:def:203664 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A flaw was found in the way PHP parsed multipart HTTP POST requests. A specially crafted request could cause PHP to use an excessive amount of CPU time. An uninitialized pointer use flaw was found in PHP"s Exif ex ... oval:org.secpod.oval:def:203655 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A flaw was found in the way the PHP module for the Apache httpd web server handled pipelined requests. A remote attacker could use this flaw to trigger the execution of a PHP script in a deinitialized interpreter, ... oval:org.secpod.oval:def:702466 php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:1200084 The ELF parser in file 5.08 through 5.21 allows remote attackers to cause a denial of service via a large number of notes. The ELF parser in file before 5.21 allows remote attackers to cause a denial of service via a large number of program or section headers or invalid capabilities. It was rep ... oval:org.secpod.oval:def:108806 Clam AntiVirus is an anti-virus toolkit for UNIX. The main purpose of this software is the integration with mail servers . The package provides a flexible and scalable multi-threaded daemon, a command line scanner, and a tool for automatic updating via Internet. The programs are based on a shared li ... oval:org.secpod.oval:def:1200048 A buffer overflow vulnerability was found in PHP"s phar implementation. See https://bugs.php.net/bug.php?id=69324 for more details. A use-after-free flaw was found in PHP"s phar paths implementation. A malicious script author could possibly use this flaw to disclose certain portions of server memo ... oval:org.secpod.oval:def:204215 The file command is used to identify a particular file according to the type of data the file contains. It can identify many different file types, including Executable and Linkable Format binary files, system libraries, RPM packages, and different graphics formats. Multiple denial of service flaws ... oval:org.secpod.oval:def:601998 Multiple vulnerabilities have been discovered in the PHP language: CVE-2015-2301 Use-after-free in the phar extension. CVE-2015-2331 Emmanuel Law discovered an integer overflow in the processing of ZIP archives, resulting in denial of service or potentially the execution of arbitrary code. oval:org.secpod.oval:def:1501042 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A flaw was found in the way the PHP module for the Apache httpd web server handled pipelined requests. A remote attacker could use this flaw to trigger the execution of a PHP script in a deinitialized interpreter, ... oval:org.secpod.oval:def:501713 The file command is used to identify a particular file according to the type of data the file contains. It can identify many different file types, including Executable and Linkable Format binary files, system libraries, RPM packages, and different graphics formats. Multiple denial of service flaws ... oval:org.secpod.oval:def:1501460 The file command is used to identify a particular file according to the type of data the file contains. It can identify many different file types, including Executable and Linkable Format binary files, system libraries, RPM packages, and different graphics formats. Security Fix: * Multiple flaws wer ... oval:org.secpod.oval:def:1501240 The remote host is missing a patch containing a security fix, which affects the following package(s): file oval:org.secpod.oval:def:30961 The host is missing a security update according to Apple advisory, APPLE-SA-2015-09-30-3. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code, dis ... oval:org.secpod.oval:def:1501060 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A flaw was found in the way PHP parsed multipart HTTP POST requests. A specially crafted request could cause PHP to use an excessive amount of CPU time. An uninitialized pointer use flaw was found in PHP"s Exif ex ... oval:org.secpod.oval:def:108430 The file command is used to identify a particular file according to the type of data contained by the file. File can identify many different file types, including ELF binaries, system libraries, RPM packages, and different graphics formats. oval:org.secpod.oval:def:108468 The glibc package contains standard libraries which are used by multiple programs on the system. In order to save disk space and memory, as well as to make upgrading easier, common system code is kept in one place and shared between programs. This particular package contains the most important sets ... oval:org.secpod.oval:def:602168 Several issues have been discovered in the MariaDB database server. The vulnerabilities are addressed by upgrading MariaDB to the new upstream version 10.0.20. Please see the MariaDB 10.0 Release Notes for further details: https://mariadb.com/kb/en/mariadb/mariadb-10017-release-notes/ https://mariad ... oval:org.secpod.oval:def:702542 clamav: Anti-virus utility for Unix ClamAV could be made to crash or run programs if it processed a specially crafted file. oval:org.secpod.oval:def:501581 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A flaw was found in the way the PHP module for the Apache httpd web server handled pipelined requests. A remote attacker could use this flaw to trigger the execution of a PHP script in a deinitialized interpreter, ... oval:org.secpod.oval:def:501590 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A flaw was found in the way PHP parsed multipart HTTP POST requests. A specially crafted request could cause PHP to use an excessive amount of CPU time. An uninitialized pointer use flaw was found in PHP"s Exif ex ... oval:org.secpod.oval:def:108850 Clam AntiVirus is an anti-virus toolkit for UNIX. The main purpose of this software is the integration with mail servers . The package provides a flexible and scalable multi-threaded daemon, a command line scanner, and a tool for automatic updating via Internet. The programs are based on a shared li ... oval:org.secpod.oval:def:52484 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:1501102 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:1501108 Moderate: Oracle Linux 5 Unbreakable Enterprise kernel security update. oval:org.secpod.oval:def:1501111 Moderate: Oracle Linux 6 Unbreakable Enterprise kernel security update. oval:org.secpod.oval:def:1501115 Moderate: Oracle Linux 6 Unbreakable Enterprise kernel security update. oval:org.secpod.oval:def:1501116 Moderate: Oracle Linux 5 Unbreakable Enterprise kernel security update. oval:org.secpod.oval:def:602074 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2014-8159 It was found that the Linux kernel"s InfiniBand/RDMA subsystem did not properly sanitize input parameters while registering memory regions f ... oval:org.secpod.oval:def:702601 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:52500 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:24035 The host is installed with linux kernel before 3.18.5 and is prone to a denial of service vulnerability. A flaw is present in the application, when the guest OS lacks SYSENTER MSR initialization. Successful exploitation allows guest OS users to gain guest OS privileges or cause a denial of service ( ... oval:org.secpod.oval:def:25172 The host is installed with kernel on Red Hat Enterprise Linux 6 or 7 and is prone to an use-after-free vulnerability. A flaw is present in the application, which fails to properly handle rename operations. Successful exploitation could allow attackers to escalate privileges on the affected system. oval:org.secpod.oval:def:1501096 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:1501063 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A NULL pointer dereference flaw was found in the way the Linux kernel"s virtual console implementation handled reference counting when accessing pseudo-terminal device files . A local, unprivileged attacker could ... oval:org.secpod.oval:def:1501065 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A NULL pointer dereference flaw was found in the way the Linux kernel"s virtual console implementation handled reference counting when accessing pseudo-terminal device files . A local, unprivileged attacker could ... oval:org.secpod.oval:def:1501072 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A NULL pointer dereference flaw was found in the way the Linux kernel"s virtual console implementation handled reference counting when accessing pseudo-terminal device files . A local, unprivileged attacker could ... oval:org.secpod.oval:def:1501075 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A NULL pointer dereference flaw was found in the way the Linux kernel"s virtual console implementation handled reference counting when accessing pseudo-terminal device files . A local, unprivileged attacker could ... oval:org.secpod.oval:def:702597 linux-lts-vivid: Linux hardware enablement kernel from Vivid Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702595 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702594 linux-lts-trusty: Linux hardware enablement kernel from Trusty Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702599 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702598 linux-lts-utopic: Linux hardware enablement kernel from Utopic Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702563 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702565 linux-lts-trusty: Linux hardware enablement kernel from Trusty Several security issues were fixed in the kernel. oval:org.secpod.oval:def:204140 Expat is a C library for parsing XML documents. Security Fix: * An out-of-bounds read flaw was found in the way Expat processed certain input. A remote attacker could send specially crafted XML that, when parsed by an application using the Expat library, would cause that application to crash or, pos ... oval:org.secpod.oval:def:602506 Gustavo Grieco discovered that Expat, an XML parsing C library, does not properly handle certain kinds of malformed input documents, resulting in buffer overflows during processing and error reporting. A remote attacker can take advantage of this flaw to cause an application using the Expat library ... oval:org.secpod.oval:def:51563 expat: XML parsing C library Expat could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:703172 xmlrpc-c: Lightweight RPC library based on XML and HTTP Several security issues were fixed in XML-RPC for C and C++. oval:org.secpod.oval:def:51609 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:703112 expat: XML parsing C library Expat could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:110629 This is expat, the C library for parsing XML, written by James Clark. Expat is a stream oriented XML parser. This means that you register handlers with the parser prior to starting the parse. These handlers are called when the parser discovers the associated structures in the document being parsed. ... oval:org.secpod.oval:def:110858 This is expat, the C library for parsing XML, written by James Clark. Expat is a stream oriented XML parser. This means that you register handlers with the parser prior to starting the parse. These handlers are called when the parser discovers the associated structures in the document being parsed. ... oval:org.secpod.oval:def:1600483 CVE-2016-0718 : Out-of-bounds read flaw An out-of-bounds read flaw was found in the way Expat processed certain input. A remote attacker could send specially crafted XML that, when parsed by an application using the Expat library, would cause that application to crash or, possibly, execute arbitrary ... oval:org.secpod.oval:def:36618 The host is missing an important security update according to Mozilla advisory, MFSA2016-68. The update is required to fix an out-of-bounds read vulnerability. A flaw is present in the application, which fail to handle malformed XML data. Successful exploitation allows remote attackers to read other ... oval:org.secpod.oval:def:36617 The host is installed with Mozilla Firefox before 48.0 and is prone to an out-of-bounds read vulnerability. A flaw is present in the application, which fails to handle malformed XML data. Successful exploitation allows remote attackers to read other inaccessible memory. oval:org.secpod.oval:def:204045 Expat is a C library for parsing XML documents. Security Fix: * An out-of-bounds read flaw was found in the way Expat processed certain input. A remote attacker could send specially crafted XML that, when parsed by an application using the Expat library, would cause that application to crash or, pos ... oval:org.secpod.oval:def:1501684 Expat is a C library for parsing XML documents. Security Fix: * An out-of-bounds read flaw was found in the way Expat processed certain input. A remote attacker could send specially crafted XML that, when parsed by an application using the Expat library, would cause that application to crash or, pos ... oval:org.secpod.oval:def:1501685 Expat is a C library for parsing XML documents. Security Fix: * An out-of-bounds read flaw was found in the way Expat processed certain input. A remote attacker could send specially crafted XML that, when parsed by an application using the Expat library, would cause that application to crash or, pos ... oval:org.secpod.oval:def:34942 The host is installed with RHEL 6 or 7 and is prone to an out-of-bounds heap read vulnerability. A flaw is present in the application, which fails to handle a malformed input document. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:501941 Expat is a C library for parsing XML documents. Security Fix: * An out-of-bounds read flaw was found in the way Expat processed certain input. A remote attacker could send specially crafted XML that, when parsed by an application using the Expat library, would cause that application to crash or, pos ... oval:org.secpod.oval:def:36289 The host is installed with Apple Mac OS X or Server 10.11.x before 10.11.6 or apple itunes before 12.6 or mozilla firefox before 48.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle unknown vectors. Successful exploitation could ... oval:org.secpod.oval:def:703220 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:1901278 Expat allows context-dependent attackers to cause a denial of service or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow. oval:org.secpod.oval:def:110714 This is expat, the C library for parsing XML, written by James Clark. Expat is a stream oriented XML parser. This means that you register handlers with the parser prior to starting the parse. These handlers are called when the parser discovers the associated structures in the document being parsed. ... oval:org.secpod.oval:def:400755 This update for expat fixes the following issues: Security issue fixed: - CVE-2016-0718: Fix Expat XML parser that mishandles certain kinds of malformed input documents. - CVE-2015-1283: Fix multiple integer overflows oval:org.secpod.oval:def:39507 The host is missing a critical security update according to Apple advisory, APPLE-SA-2017-03-22-1. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted vectors. Successful exploitation allows attackers to execute arb ... oval:org.secpod.oval:def:39508 The host is missing a security update according to Apple advisory, APPLE-SA-2017-03-22-2. The update is required to fix multiple vulnerabilities in Apple iTunes. The flaws are present in SQLite and expat which fails to handle vectors related to iTunes, crafted xml files. Successful exploitation coul ... oval:org.secpod.oval:def:52468 linux-lts-utopic: Linux hardware enablement kernel from Utopic Several security issues were fixed in the kernel. oval:org.secpod.oval:def:1501145 Stack-based buffer overflow in the get_matching_model_microcode function in arch/x86/kernel/cpu/microcode/intel_early.c in the Linux kernel allows context-dependent attackers to gain privileges by constructing a crafted microcode header and leveraging root privileges for write access to the initrd. oval:org.secpod.oval:def:52416 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:108372 The kernel meta package oval:org.secpod.oval:def:203683 The kernel packages contain the Linux kernel, the core of any Linux operating system. * An integer overflow flaw was found in the way the Linux kernel"s netfilter connection tracking implementation loaded extensions. An attacker on a local network could potentially send a sequence of specially craft ... oval:org.secpod.oval:def:501627 The kernel packages contain the Linux kernel, the core of any Linux operating system. * An integer overflow flaw was found in the way the Linux kernel"s netfilter connection tracking implementation loaded extensions. An attacker on a local network could potentially send a sequence of specially craft ... oval:org.secpod.oval:def:702436 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702434 linux-lts-trusty: Linux hardware enablement kernel from Trusty Several security issues were fixed in the kernel. oval:org.secpod.oval:def:24343 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:602172 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation or denial of service. CVE-2015-3290 Andy Lutomirski discovered that the Linux kernel does not properly handle nested NMIs. A local, unprivileged user could use this flaw for privilege escalation. ... oval:org.secpod.oval:def:702530 linux-lts-utopic: Linux hardware enablement kernel from Utopic Several security issues were fixed in the kernel. oval:org.secpod.oval:def:24029 The host is missing a critical security update according to Mozilla advisory, MFSA-2015-38. The update is required to a denial of service vulnerability. A flaw is present in the application, which fails to handle vectors that trigger rendering of 2D graphics content. Successful exploitation could al ... oval:org.secpod.oval:def:24032 The host is missing a critical security update according to Mozilla advisory, MFSA-2015-39. The update is required to a denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted HTML document. Successful exploitation could allow attackers to execute arbit ... oval:org.secpod.oval:def:24033 The host is installed with Mozilla Firefox before 37.0 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to handle certain content navigation that leverages the reachability of a privileged window with an unintended persistence of access to ... oval:org.secpod.oval:def:24034 The host is missing a critical security update according to Mozilla advisory, MFSA-2015-42. The update is required to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to handle certain content navigation that leverages the reachability of a privileged wind ... oval:org.secpod.oval:def:24030 The host is installed with Mozilla Firefox before 37.0 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted HTML document containing a SOURCE element. Successful exploitation could allow attackers to execute arbitrary code or cause ... oval:org.secpod.oval:def:24031 The host is installed with Mozilla Firefox before 37.0 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted HTML document. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service (use-aft ... oval:org.secpod.oval:def:24021 The host is installed with Mozilla Firefox before 37.0 and is prone to security bypass vulnerability. A flaw is present in the application, which fails to handle unknown vectors. Successful exploitation could allow man-in-the-middle attackers to bypass an intended user-confirmation requirement by de ... oval:org.secpod.oval:def:24022 The host is missing a critical security update according to Mozilla advisory, MFSA-2015-32. The update is required to fix security bypass vulnerability. A flaw is present in the application, which fails to handle unknown vectors. Successful exploitation could allow man-in-the-middle attackers to byp ... oval:org.secpod.oval:def:24023 The host is installed with Mozilla Firefox before 37.0 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle an image that is improperly handled during transformation. Successful exploitation could allow attackers to obtain sensitive inf ... oval:org.secpod.oval:def:24024 The host is missing a critical security update according to Mozilla advisory, MFSA-2015-34. The update is required to fix an information disclosure vulnerability. A flaw is present in the application, which fails to handle an image that is improperly handled during transformation. Successful exploit ... oval:org.secpod.oval:def:24025 The host is installed with Mozilla Firefox before 37.0 and is prone to a denial of service vulnerability. A flaw is present in the application, which uses incompatible approaches to the deallocation of memory for simple-type arrays. Successful exploitation could allow attackers to cause a denial of ... oval:org.secpod.oval:def:24026 The host is missing a critical security update according to Mozilla advisory, MFSA-2015-36. The update is required to fix a denial of service vulnerability. A flaw is present in the application, which uses incompatible approaches to the deallocation of memory for simple-type arrays. Successful explo ... oval:org.secpod.oval:def:24027 The host is installed with Mozilla Firefox before 37.0 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle vectors that trigger rendering of 2D graphics content. Successful exploitation could allow attackers to execute arbitrary code or caus ... oval:org.secpod.oval:def:24028 The host is installed with Mozilla Firefox before 37.0 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle vectors that trigger rendering of 2D graphics content. Successful exploitation could allow attackers to execute arbitrary code or caus ... oval:org.secpod.oval:def:24051 The host is installed with Mozilla Firefox before 37.0.1 and is prone to a security bypass vulnerability. A flaw is present in the application, which does not properly handle an Alt-Svc header specification in the HTTP/2 response. Successful exploitation could allow attackers to bypass the SSL certi ... oval:org.secpod.oval:def:24052 The host is missing a critical security update according to Mozilla advisory, MFSA-2015-44. The update is required to fix a security bypass vulnerability. A flaw is present in the application, which does not properly handle an Alt-Svc header specification in the HTTP/2 response. Successful exploitat ... oval:org.secpod.oval:def:23632 The host is installed with Mozilla Firefox before 36.0 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly allocate memory for copying an unspecified string to a shader's compilation log. Successful exploitation could allow attackers to cr ... oval:org.secpod.oval:def:23631 The host is missing a moderate security update according to Mozilla advisory, MFSA-2015-13. The update is required to fix a man in the middle attack vulnerability. A flaw is present in the application, which fails to handle unknown vectors. Successful exploitation could allow attackers to bypass key ... oval:org.secpod.oval:def:23630 The host is installed with Mozilla Firefox before 36.0 and is prone to a man in the middle attack vulnerability. A flaw is present in the application, which fails to handle unknown vectors. Successful exploitation could allow attackers to bypass key pinning (HPKP) and HTTP Strict Transport Security ... oval:org.secpod.oval:def:23659 The host is missing a security update according to Mozilla advisory, MFSA-2015-27. The update is required to fix a Caja compiler javaScript sandbox bypass vulnerability. A flaw is present in the application, which fails to properly restrict transitions of JavaScript objects from a non-extensible sta ... oval:org.secpod.oval:def:23658 The host is installed with Mozilla Firefox before 36.0 and is prone to a Caja compiler javaScript sandbox bypass vulnerability. A flaw is present in the application, which fails to properly restrict transitions of JavaScript objects from a non-extensible state to an extensible state. Successful expl ... oval:org.secpod.oval:def:23657 The host is missing a moderate security update according to Mozilla advisory, MFSA-2015-26. The update is required to fix a clickjacking attack vulnerability. A flaw is present in the application, which fails to properly handle an API call that originates from a background tab. Successful exploitati ... oval:org.secpod.oval:def:23656 The host is installed with Mozilla Firefox before 36.0 and is prone to a clickjacking attack vulnerability. A flaw is present in the application, which fails to properly handle an API call that originates from a background tab. Successful exploitation could allow attackers to conduct spoofing and cl ... oval:org.secpod.oval:def:23655 The host is missing a moderate security update according to Mozilla advisory, MFSA-2015-25. The update is required to fix an user-assisted arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle a crafted web site that is accessed with unspecified ... oval:org.secpod.oval:def:23649 The host is missing a moderate security update according to Mozilla advisory, MFSA-2015-22. The update is required to fix a denial of service vulnerability. A flaw is present in the application, which fails to properly handle vectors that trigger use of DrawTarget and the Cairo library for image dra ... oval:org.secpod.oval:def:23648 The host is installed with Mozilla Firefox before 36.0 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle vectors that trigger use of DrawTarget and the Cairo library for image drawing. Successful exploitation could allow attackers ... oval:org.secpod.oval:def:23647 The host is missing an important security update according to Mozilla advisory, MFSA-2015-21. The update is required to fix a stack based buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a malformed MP3 file. Successful exploitation could allow atta ... oval:org.secpod.oval:def:23646 The host is installed with Mozilla Firefox before 36.0 and is prone to a stack based buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a malformed MP3 file. Successful exploitation could allow attackers to disclose sensitive information. oval:org.secpod.oval:def:23645 The host is missing an important security update according to Mozilla advisory, MFSA-2015-20. The update is required to fix a denial of service vulnerability. A flaw is present in the applications, which fails to properly handle a crafted Cascading Style Sheets (CSS) token sequence. Successful explo ... oval:org.secpod.oval:def:23644 The host is installed with Mozilla Firefox before 36.0 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a crafted Cascading Style Sheets (CSS) token sequence. Successful exploitation could allow attackers to execute arbitrary cod ... oval:org.secpod.oval:def:23654 The host is installed with Mozilla Firefox before 36.0 and is prone to an user-assisted arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle a crafted web site that is accessed with unspecified mouse and keyboard actions. Successful exploitatio ... oval:org.secpod.oval:def:23651 The host is missing a security update according to Mozilla advisory, MFSA-2015-23. Thr update is required to fix an use-after-free vulnerabilities. The flaws are present in the application, which fails to properly handle incorrect macro expansion. Successful exploitation could allow attackers to pro ... oval:org.secpod.oval:def:23650 The host is installed with Mozilla Firefox before 36.0 and is prone to multiple use-after-free vulnerabilities. The flaws are present in the application, which fails to properly handle incorrect macro expansion. Successful exploitation could allow attackers to produce unspecified impact. oval:org.secpod.oval:def:23639 The host is missing a critical security update according to Mozilla advisory, MFSA-2015-17. The update is required to fix a buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a crafted MP4 video during playback. Successful exploitation could allow att ... oval:org.secpod.oval:def:23638 The host is installed with Mozilla Firefox before 36.0 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a crafted MP4 video during playback. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:23637 The host is missing a critical security update according to Mozilla advisory, MFSA-2015-16. The update is required to fix an use-after-free vulnerability. A flaw is present in the applications, which fails to properly handle crafted content during IndexedDB index creation. Successful exploitation co ... oval:org.secpod.oval:def:23636 The host is installed with Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 and is prone to an use-after-free vulnerability. A flaw is present in the applications, which fails to properly handle crafted content during IndexedDB index creation. Successful exploit ... oval:org.secpod.oval:def:23635 The host is missing a security update according to Mozilla advisory, MFSA-2015-15. The update is required to fix a man in the middle attack vulnerability. A flaw is present in the application, which fails to use TLS to access TURN or STUN server. Successful exploitation could allow attackers to disc ... oval:org.secpod.oval:def:23634 The host is installed with Mozilla Firefox before 36.0 and is prone to a man in the middle attack vulnerability. A flaw is present in the application, which fails to use TLS to access TURN or STUN server. Successful exploitation could allow attackers to discover credentials by spoofing a server. oval:org.secpod.oval:def:23633 The host is missing a moderate security update according to Mozilla advisory, MFSA-2015-14. The update is required to fix a denial of service vulnerability. A flaw is present in the application, which fails to properly allocate memory for copying an unspecified string to a shader's compilation log. ... oval:org.secpod.oval:def:36575 The host is missing an important security update according to Mozilla advisory, MFSA2016-68. The update is required to fix an out-of-bounds read vulnerability. A flaw is present in the application, which fail to handle malformed XML data. Successful exploitation allows remote attackers to read other ... oval:org.secpod.oval:def:36574 The host is installed with Mozilla Firefox before 48.0 or iTunes before 12.6 and is prone to an out-of-bounds read vulnerability. A flaw is present in the application, which fails to handle malformed XML data. Successful exploitation allows remote attackers to read other inaccessible memory. oval:org.secpod.oval:def:1200008 A buffer overflow flaw was found in the way the Linux kernel"s Intel AES-NI instructions optimized version of the RFC4106 GCM mode decryption functionality handled fragmented packets. A remote attacker could use this flaw to crash, or potentially escalate their privileges on, a system over a connect ... oval:org.secpod.oval:def:108395 The kernel package contains the Linux kernel , the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. oval:org.secpod.oval:def:108880 The kernel package contains the Linux kernel , the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. oval:org.secpod.oval:def:53540 The host is installed with Apple Mac OS X through 10.12.6, 10.13.6 or 10.14.3 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle multiple issues. Successful exploitation allows attackers to execute arbitrary code or read restricted memo ... oval:org.secpod.oval:def:109128 The kernel meta package oval:org.secpod.oval:def:203648 The kernel packages contain the Linux kernel, the core of any Linux operating system. * It was found that the Linux kernel"s implementation of vectored pipe read and write functionality did not take into account the I/O vectors that were already processed when retrying after a failed atomic access o ... oval:org.secpod.oval:def:109211 The kernel meta package oval:org.secpod.oval:def:109462 The kernel meta package oval:org.secpod.oval:def:108569 The kernel meta package oval:org.secpod.oval:def:109409 The kernel meta package oval:org.secpod.oval:def:203674 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A NULL pointer dereference flaw was found in the way the Linux kernel"s virtual console implementation handled reference counting when accessing pseudo-terminal device files . A local, unprivileged attacker could ... oval:org.secpod.oval:def:108525 The kernel meta package oval:org.secpod.oval:def:108752 The kernel meta package oval:org.secpod.oval:def:601968 Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, information leaks or privilege escalation. CVE-2013-7421 / CVE-2014-9644 It was discovered that the Crypto API allowed unprivileged users to load arbitrary kernel modules. A local user can use this ... oval:org.secpod.oval:def:1501040 The kernel packages contain the Linux kernel, the core of any Linux operating system. * It was found that the Linux kernel"s implementation of vectored pipe read and write functionality did not take into account the I/O vectors that were already processed when retrying after a failed atomic access o ... oval:org.secpod.oval:def:1501044 arch/x86/kernel/entry_64.S in the Linux kernel before 3.19.2 does not prevent the TS_COMPAT flag from reaching a user-mode task, which might allow local users to bypass the seccomp or audit protection mechanism via a crafted application that uses the (1) fork or (2) close system call, as demonstrate ... oval:org.secpod.oval:def:1501045 arch/x86/kernel/entry_64.S in the Linux kernel before 3.19.2 does not prevent the TS_COMPAT flag from reaching a user-mode task, which might allow local users to bypass the seccomp or audit protection mechanism via a crafted application that uses the (1) fork or (2) close system call, as demonstrate ... oval:org.secpod.oval:def:1501048 arch/x86/kernel/entry_64.S in the Linux kernel before 3.19.2 does not prevent the TS_COMPAT flag from reaching a user-mode task, which might allow local users to bypass the seccomp or audit protection mechanism via a crafted application that uses the (1) fork or (2) close system call, as demonstrate ... oval:org.secpod.oval:def:1501049 arch/x86/kernel/entry_64.S in the Linux kernel before 3.19.2 does not prevent the TS_COMPAT flag from reaching a user-mode task, which might allow local users to bypass the seccomp or audit protection mechanism via a crafted application that uses the (1) fork or (2) close system call, as demonstrate ... oval:org.secpod.oval:def:109262 The kernel meta package oval:org.secpod.oval:def:108491 The kernel meta package oval:org.secpod.oval:def:1501052 arch/x86/kernel/entry_64.S in the Linux kernel before 3.19.2 does not prevent the TS_COMPAT flag from reaching a user-mode task, which might allow local users to bypass the seccomp or audit protection mechanism via a crafted application that uses the (1) fork or (2) close system call, as demonstrate ... oval:org.secpod.oval:def:1501050 arch/x86/kernel/entry_64.S in the Linux kernel before 3.19.2 does not prevent the TS_COMPAT flag from reaching a user-mode task, which might allow local users to bypass the seccomp or audit protection mechanism via a crafted application that uses the (1) fork or (2) close system call, as demonstrate ... oval:org.secpod.oval:def:1501070 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A NULL pointer dereference flaw was found in the way the Linux kernel"s virtual console implementation handled reference counting when accessing pseudo-terminal device files . A local, unprivileged attacker could ... oval:org.secpod.oval:def:501583 The kernel packages contain the Linux kernel, the core of any Linux operating system. * It was found that the Linux kernel"s implementation of vectored pipe read and write functionality did not take into account the I/O vectors that were already processed when retrying after a failed atomic access o ... oval:org.secpod.oval:def:108851 The kernel meta package oval:org.secpod.oval:def:501595 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A NULL pointer dereference flaw was found in the way the Linux kernel"s virtual console implementation handled reference counting when accessing pseudo-terminal device files . A local, unprivileged attacker could ... oval:org.secpod.oval:def:603536 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2018-6554 A memory leak in the irda_bind function in the irda subsystem was discovered. A local user can take advantage of this flaw to cause a denial ... oval:org.secpod.oval:def:52117 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-kvm: Linux kernel for cloud environments - linux-raspi2: Linux kernel for Raspberry Pi 2 - linux-snapdragon: Linux kernel for Snapdragon processors Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:53431 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2018-6554 A memory leak in the irda_bind function in the irda subsystem was discovered. A local user can take advantage of this flaw to cause a denial ... oval:org.secpod.oval:def:52951 linux-aws: Linux kernel for Amazon Web Services systems - linux-lts-xenial: Linux hardware enablement kernel from Xenial for Trusty Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:704331 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-kvm: Linux kernel for cloud environments - linux-raspi2: Linux kernel for Raspberry Pi 2 - linux-snapdragon: Linux kernel for Snapdragon processors Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:704329 linux-aws: Linux kernel for Amazon Web Services systems - linux-lts-xenial: Linux hardware enablement kernel from Xenial for Trusty Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:1502082 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501818 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501821 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502175 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:51166 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oem: Linux kernel for OEM processors - li ... oval:org.secpod.oval:def:52434 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:52415 linux-lts-utopic: Linux hardware enablement kernel from Utopic Several security issues were fixed in the kernel. oval:org.secpod.oval:def:704464 linux-aws-hwe: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-hwe: Linux hardware enablement kernel Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:704467 linux-azure: Linux kernel for Microsoft Azure Cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:704455 linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-hwe: Linux hardware enablement kernel Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:704458 linux-azure: Linux kernel for Microsoft Azure Cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:702481 linux-lts-trusty: Linux hardware enablement kernel from Trusty Several security issues were fixed in the kernel. oval:org.secpod.oval:def:704429 linux: Linux kernel Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:704427 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oem: Linux kernel for OEM processors - li ... oval:org.secpod.oval:def:702474 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702479 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702478 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702431 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702435 linux-lts-utopic: Linux hardware enablement kernel from Utopic Several security issues were fixed in the kernel. oval:org.secpod.oval:def:51185 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oem: Linux kernel for OEM processors - li ... oval:org.secpod.oval:def:52122 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-kvm: Linux kernel for cloud environments - linux-raspi2: Linux kernel for Raspberry Pi 2 - linux-snapdragon: Linux kernel for Snapdragon processors Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:704390 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oem: Linux kernel for OEM processors - li ... oval:org.secpod.oval:def:704392 linux: Linux kernel Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:52952 linux-aws: Linux kernel for Amazon Web Services systems - linux-lts-xenial: Linux hardware enablement kernel from Xenial for Trusty Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:52957 linux: Linux kernel Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:52961 linux: Linux kernel Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:52964 linux-azure: Linux kernel for Microsoft Azure Cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:52963 linux-azure: Linux kernel for Microsoft Azure Cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:704354 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-kvm: Linux kernel for cloud environments - linux-raspi2: Linux kernel for Raspberry Pi 2 - linux-snapdragon: Linux kernel for Snapdragon processors Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:704355 linux-aws: Linux kernel for Amazon Web Services systems - linux-lts-xenial: Linux hardware enablement kernel from Xenial for Trusty Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:1501947 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501966 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:53003 linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-hwe: Linux hardware enablement kernel Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:53009 linux-aws-hwe: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-hwe: Linux hardware enablement kernel Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:1600880 Fragmentation attacks possible when EDNS0 is enabledThe DNS stub resolver in the GNU C Library before version 2.26, when EDNS support is enabled, will solicit large UDP responses from name servers, potentially simplifying off-path DNS spoofing attacks due to IP fragmentation.Buffer overflow in glob ... oval:org.secpod.oval:def:1502176 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:602524 Several vulnerabilities were discovered in libxml2, a library providing support to read, modify and write XML and HTML files. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause a denial-of-service against the applica ... oval:org.secpod.oval:def:34287 The host is installed with Apple iTunes before 12.4.2 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation allows attackers to crash the service. oval:org.secpod.oval:def:34616 The host is missing a security update according to Apple advisory, APPLE-SA-2016-05-16-4. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle unspecified vectors. Successful exploitation could allow remote attackers to caus ... oval:org.secpod.oval:def:34666 The host is installed with Apple Mac OS X or Server 10.9.5, 10.10.5 or 10.11.x before 10.11.5 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle unspecified vectors. Successful exploitation could allow remote attackers to an unexpe ... oval:org.secpod.oval:def:34667 The host is installed with Apple Mac OS X or Server 10.9.5, 10.10.5 or 10.11.x before 10.11.5 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle unspecified vectors. Successful exploitation could allow remote attackers to an unexpe ... oval:org.secpod.oval:def:34664 The host is installed with Apple Mac OS X or Server 10.9.5, 10.10.5 or 10.11.x before 10.11.5 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle unspecified vectors. Successful exploitation could allow remote attackers to an unexpe ... oval:org.secpod.oval:def:34665 The host is installed with Apple Mac OS X or Server 10.9.5, 10.10.5 or 10.11.x before 10.11.5 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle unspecified vectors. Successful exploitation could allow remote attackers to an unexpe ... oval:org.secpod.oval:def:34662 The host is installed with Apple Mac OS X or Server 10.9.5, 10.10.5 or 10.11.x before 10.11.5 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle unspecified vectors. Successful exploitation could allow remote attackers to an unexpe ... oval:org.secpod.oval:def:34663 The host is installed with Apple Mac OS X or Server 10.9.5, 10.10.5 or 10.11.x before 10.11.6 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle unspecified vectors. Successful exploitation could allow remote attackers to have unsp ... oval:org.secpod.oval:def:34660 The host is installed with Apple Mac OS X or Server 10.9.5, 10.10.5 or 10.11.x before 10.11.5 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle unspecified vectors. Successful exploitation could allow remote attackers to an unexpe ... oval:org.secpod.oval:def:34661 The host is installed with Apple Mac OS X or Server 10.9.5, 10.10.5 or 10.11.x before 10.11.5 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle unspecified vectors. Successful exploitation could allow remote attackers to an unexpe ... oval:org.secpod.oval:def:36255 The host is missing a security update according to Apple advisory APPLE-SA-2016-07-18-6. The update is required to fix multiple memory corruption vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows attackers to crash the servi ... oval:org.secpod.oval:def:36326 The host is missing a security update according to Apple advisory APPLE-SA-2016-07-18-1. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted website. Successful exploitation allows attackers to crash the service, disclose th ... oval:org.secpod.oval:def:702982 linux-lts-wily: Linux hardware enablement kernel from Wily Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702986 linux-raspi2: Linux kernel for Raspberry Pi 2 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702984 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702989 linux-lts-vivid: Linux hardware enablement kernel from Vivid Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702987 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:602546 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2015-7515, CVE-2016-2184, CVE-2016-2185, CVE-2016-2186, CVE-2016-2187, CVE-2016-3136, CVE-2016-3137, CVE-2016-3138, CVE-2016-3140 Ralf Spenneberg of O ... oval:org.secpod.oval:def:703163 linux-lts-trusty: Linux hardware enablement kernel from Trusty for Precise Several security issues were fixed in the kernel. oval:org.secpod.oval:def:703162 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:703155 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:703138 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:1800383 x86: inconsistent cachability flags on guest mappings. Multiple mappings of the same physical page with different cachability setting can cause problems. While one category affects only guests themselves , the other category being Machine Check exceptions can be fatal to entire hosts. oval:org.secpod.oval:def:703103 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:703102 linux-lts-trusty: Linux hardware enablement kernel from Trusty for Precise Several security issues were fixed in the kernel. oval:org.secpod.oval:def:703101 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:703106 linux-lts-wily: Linux hardware enablement kernel from Wily for Trusty Several security issues were fixed in the kernel. oval:org.secpod.oval:def:703104 linux-lts-utopic: Linux hardware enablement kernel from Utopic for Trusty Several security issues were fixed in the kernel. oval:org.secpod.oval:def:1501819 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501817 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501822 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501820 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:702891 linux-lts-trusty: Linux hardware enablement kernel from Trusty Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702895 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702899 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702882 linux-lts-vivid: Linux hardware enablement kernel from Vivid Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702885 linux-lts-wily: Linux hardware enablement kernel from Wily Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702888 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702879 linux-lts-utopic: Linux hardware enablement kernel from Utopic Several security issues were fixed in the kernel. oval:org.secpod.oval:def:1501863 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501860 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:703099 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:703097 linux-lts-vivid: Linux hardware enablement kernel from Vivid for Trusty Several security issues were fixed in the kernel. oval:org.secpod.oval:def:703095 linux-raspi2: Linux kernel for Raspberry Pi 2 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:703094 linux-lts-xenial: Linux hardware enablement kernel from Xenial for Trusty Several security issues were fixed in the kernel. oval:org.secpod.oval:def:703093 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:703092 linux-snapdragon: Linux kernel for Snapdragon Processors Several security issues were fixed in the kernel. oval:org.secpod.oval:def:602404 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service, information leak or data loss. CVE-2013-4312 Tetsuo Handa discovered that users can use pipes queued on local sockets to allocate an unfair share of kernel memory, leading to ... oval:org.secpod.oval:def:602324 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak. CVE-2015-7513 It was discovered that a local user permitted to use the x86 KVM subsystem could configure the PIT emulation to cause a denial of service . C ... oval:org.secpod.oval:def:703024 linux-lts-utopic: Linux hardware enablement kernel from Utopic for Trusty Several security issues were fixed in the kernel. oval:org.secpod.oval:def:703023 linux-lts-vivid: Linux hardware enablement kernel from Vivid for Trusty Several security issues were fixed in the kernel. oval:org.secpod.oval:def:400709 xen was updated to fix 44 security issues. These security issues were fixed: - CVE-2013-4533: Buffer overflow in the pxa2xx_ssp_load function in hw/arm/pxa2xx.c allowed remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted s->rx_level value in a savevm ima ... oval:org.secpod.oval:def:501998 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * It was discovered that a remote attacker could leverage the generation of IPv6 atomic fragments to trigger the use of fragmentation in an arbitrary IPv6 flow and could subsequently perform any type ... oval:org.secpod.oval:def:1600345 An integer overflow vulnerability was found in xt_alloc_table_info, which on 32-bit systems can lead to small structure allocation and a copy_from_user based heap corruption. In the mark_source_chains function it is possible for a user-supplied ipt_entry structure to have a large next_offset field. ... oval:org.secpod.oval:def:702991 linux-lts-utopic: Linux hardware enablement kernel from Utopic Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702990 linux-lts-trusty: Linux hardware enablement kernel from Trusty Several security issues were fixed in the kernel. oval:org.secpod.oval:def:400737 xen was updated to fix 46 security issues. These security issues were fixed: - CVE-2013-4527: Buffer overflow in hw/timer/hpet.c might have allowed remote attackers to execute arbitrary code via vectors related to the number of timers . - CVE-2013-4529: Buffer overflow in hw/pci/pcie_aer.c allowed r ... oval:org.secpod.oval:def:501622 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way Linux kernel"s Transparent Huge Pages implementation handled non-huge page migration. A local, unprivileged user could use this flaw to crash the kernel by migrating transparent hugep ... oval:org.secpod.oval:def:702432 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702438 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:501694 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel"s file system implementation handled rename operations in which the source was inside and the destination was outside of a bind mount. A privileged user inside a conta ... oval:org.secpod.oval:def:1500949 Stack-based buffer overflow in the ttusbdecfe_dvbs_diseqc_send_master_cmd function in drivers/media/usb/ttusb-dec/ttusbdecfe.c in the Linux kernel before 3.17.4 allows local users to cause a denial of service (system crash) or possibly gain privileges via a large message length in an ioctl call. oval:org.secpod.oval:def:1500950 Stack-based buffer overflow in the ttusbdecfe_dvbs_diseqc_send_master_cmd function in drivers/media/usb/ttusb-dec/ttusbdecfe.c in the Linux kernel before 3.17.4 allows local users to cause a denial of service (system crash) or possibly gain privileges via a large message length in an ioctl call. oval:org.secpod.oval:def:204270 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel"s file system implementation handled rename operations in which the source was inside and the destination was outside of a bind mount. A privileged user inside a conta ... oval:org.secpod.oval:def:1501253 The flaws were found in the way the Linux kernel's file system implementation handled rename operations in which the source was inside and the destination was outside of a bind mount. A privileged user inside a container could use this flaw to escape the bind mount and, potentially, escalate their p ... oval:org.secpod.oval:def:204242 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way Linux kernel"s Transparent Huge Pages implementation handled non-huge page migration. A local, unprivileged user could use this flaw to crash the kernel by migrating transparent hugep ... |