Download
| Alert*
oval:org.secpod.oval:def:66436
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.7.0 ESR. Security Fix: * Mozilla: Memory safety bugs fixed in Firefox 67 and Firefox ESR 60.7 * Mozilla: Cross-origin theft of images with creat ... oval:org.secpod.oval:def:66438 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.7.0. Security Fix: * Mozilla: Memory safety bugs fixed in Firefox 67 and Firefox ESR 60.7 * Mozilla: Cross-origin theft of images with createImageBitmap * Mozilla: Stealing of cross-domain ... oval:org.secpod.oval:def:89003187 This update for java-1_8_0-openjdk to version 8u222 fixes the following issues: Security issues fixed: - CVE-2019-2745: Improved ECC Implementation . - CVE-2019-2762: Exceptional throw cases . - CVE-2019-2766: Improve file protocol handling . - CVE-2019-2769: Better copies of CopiesList . - CVE-2019 ... oval:org.secpod.oval:def:89003427 This update for java-1_7_1-ibm fixes the following issues: Update to Java 7.1 Service Refresh 4 Fix Pack 50. Security issues fixed: - CVE-2019-11771: IBM Security Update July 2019 - CVE-2019-11775: IBM Security Update July 2019 - CVE-2019-4473: IBM Security Update July 2019 - CVE-2019-7317: Fixed ... oval:org.secpod.oval:def:705096 openjdk-lts: Open Source Java implementation Several security issues were fixed in OpenJDK 11. oval:org.secpod.oval:def:705097 openjdk-8: Open Source Java implementation Several security issues were fixed in OpenJDK. oval:org.secpod.oval:def:54970 The host is missing a critical security update according to Mozilla advisory, MFSA2019-13. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to execute arbitrary code. oval:org.secpod.oval:def:57523 The host is installed with Oracle Java SE through 7u221, 8u212, 11.0.3 or 12.0.1 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to AWT. Successful exploitation allows attackers to affect integrity and availability. oval:org.secpod.oval:def:54971 The host is missing a critical security update according to Mozilla advisory, MFSA2019-14. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to execute arbitrary code. oval:org.secpod.oval:def:89003105 This update for MozillaFirefox fixes the following issues: Security issues fixed: - CVE-2019-11691: Use-after-free in XMLHttpRequest - CVE-2019-11692: Use-after-free removing listeners in the event listener manager - CVE-2019-11693: Buffer overflow in WebGL bufferdata on Linux - CVE-2019-11694: Unin ... oval:org.secpod.oval:def:57637 The host is installed with Oracle Java SE through 7u221, 8u212, 11.0.3 or 12.0.1 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to AWT. Successful exploitation allows attackers to affect integrity and availability. oval:org.secpod.oval:def:502731 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.7.0 ESR. Security Fix: * Mozilla: Memory safety bugs fixed in Firefox 67 and Firefox ESR 60.7 * Mozilla: Cross-origin theft of images with creat ... oval:org.secpod.oval:def:505567 IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7R1 SR4-FP50. Security Fix: * IBM JDK: Failure to privatize a value pulled out of the loop by versioning * OpenJDK: Insufficient checks ... oval:org.secpod.oval:def:1700179 Mozilla: Buffer overflow in WebGL bufferdata on Linux Mozilla: Use-after-free in XMLHttpRequest Cross-origin images can be read in violation of the same-origin policy by exporting an image after using createImageBitmap to read the image and then rendering the resulting bitmap image within a canvas e ... oval:org.secpod.oval:def:1801474 A vulnerability was found in libpng 1.6.36. The function png_image_free in png.c has a use-after-free because png_image_free_function is called under png_safe_execute. This flaw is in the PNG Simplified API, which was introduced upstream in libpng-1.6.0. Previous versions of libpng are not affected. oval:org.secpod.oval:def:502733 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.7.0 ESR. Security Fix: * Mozilla: Memory safety bugs fixed in Firefox 67 and Firefox ESR 60.7 * Mozilla: Cross-origin theft of images with creat ... oval:org.secpod.oval:def:505924 IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP40. Security Fix: * IBM JDK: Out-of-bounds access in the String.getBytes method * IBM JDK: Failure to privatize a value pulled out of the ... oval:org.secpod.oval:def:502732 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.7.0 ESR. Security Fix: * Mozilla: Memory safety bugs fixed in Firefox 67 and Firefox ESR 60.7 * Mozilla: Cross-origin theft of images with creat ... oval:org.secpod.oval:def:2103889 Cross-origin images can be read in violation of the same-origin policy by exporting an image after using createImageBitmap to read the image and then rendering the resulting bitmap image within a canvas element. This vulnerability affects Firefox < 66. oval:org.secpod.oval:def:1000752 The remote host is missing a patch 152923-31 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:704926 libpng1.6: PNG file library libpng be made to crash or run programs if it opened a specially crafted file. oval:org.secpod.oval:def:1000754 The remote host is missing a patch 152924-31 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:1000677 The remote host is missing a patch 152928-21 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:89050925 This update for libpng16 fixes the following issues: Security issues fixed: - CVE-2019-7317: Fixed a use-after-free vulnerability, triggered when png_image_free was called under png_safe_execute . - CVE-2018-13785: Fixed a wrong calculation of row_factor in the png_check_chunk_length function in png ... oval:org.secpod.oval:def:2000246 png_image_free in png.c in libpng 1.6.36 has a use-after-free because png_image_free_function is called under png_safe_execute. oval:org.secpod.oval:def:1502623 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:603853 A use-after-free vulnerability was discovered in the png_image_free function in the libpng PNG library, which could lead to denial of service or potentially the execution of arbitrary code if a malformed image is processed. oval:org.secpod.oval:def:603930 Multiple security issues have been found in Thunderbird: Multiple vulnerabilities may lead to the execution of arbitrary code or denial of service. oval:org.secpod.oval:def:115923 The libpng package contains a library of functions for creating and manipulating PNG image format files. PNG is a bit-mapped graphics format similar to the GIF format. PNG was created to replace the GIF format, since GIF uses a patented data compression algorithm. Libpng should be installed if you ... oval:org.secpod.oval:def:54582 A use-after-free vulnerability was discovered in the png_image_free function in the libpng PNG library, which could lead to denial of service or potentially the execution of arbitrary code if a malformed image is processed. oval:org.secpod.oval:def:89000388 This update for libpng16 fixes the following issues: Security issues fixed: - CVE-2019-7317: Fixed a use-after-free vulnerability, triggered when png_image_free was called under png_safe_execute . - CVE-2017-12652: Fixed an Input Validation Error related to the length of chunks . oval:org.secpod.oval:def:205210 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.7.0 ESR. Security Fix: * Mozilla: Memory safety bugs fixed in Firefox 67 and Firefox ESR 60.7 * Mozilla: Cross-origin theft of images with creat ... oval:org.secpod.oval:def:55036 The host is missing a critical security update according to Mozilla advisory, MFSA2019-15. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to crash the service. oval:org.secpod.oval:def:55037 The host is missing a critical security update according to Mozilla advisory, MFSA2019-15. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to crash the service. oval:org.secpod.oval:def:55305 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code. oval:org.secpod.oval:def:1801420 A vulnerability was found in libpng 1.6.36. The function png_image_free in png.c has a use-after-free because png_image_free_function is called under png_safe_execute. This flaw is in the PNG Simplified API, which was introduced upstream in libpng-1.6.0. Previous versions of libpng are not affected. oval:org.secpod.oval:def:205212 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.7.0 ESR. Security Fix: * Mozilla: Memory safety bugs fixed in Firefox 67 and Firefox ESR 60.7 * Mozilla: Cross-origin theft of images with creat ... oval:org.secpod.oval:def:205213 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.7.0. Security Fix: * Mozilla: Memory safety bugs fixed in Firefox 67 and Firefox ESR 60.7 * Mozilla: Cross-origin theft of images with createImageBitmap * Mozilla: Stealing of cross-domain ... oval:org.secpod.oval:def:55307 Multiple security issues have been found in Thunderbird: Multiple vulnerabilities may lead to the execution of arbitrary code or denial of service. oval:org.secpod.oval:def:205214 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.7.0. Security Fix: * Mozilla: Memory safety bugs fixed in Firefox 67 and Firefox ESR 60.7 * Mozilla: Cross-origin theft of images with createImageBitmap * Mozilla: Stealing of cross-domain ... oval:org.secpod.oval:def:704957 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:1801426 A vulnerability was found in libpng 1.6.36. The function png_image_free in png.c has a use-after-free because png_image_free_function is called under png_safe_execute. This flaw is in the PNG Simplified API, which was introduced upstream in libpng-1.6.0. Previous versions of libpng are not affected. oval:org.secpod.oval:def:60350 The host is missing a patch containing a security fixes, which affects the following package(s): Java oval:org.secpod.oval:def:58350 openjdk-lts: Open Source Java implementation Several security issues were fixed in OpenJDK 11. oval:org.secpod.oval:def:58351 openjdk-8: Open Source Java implementation Several security issues were fixed in OpenJDK. oval:org.secpod.oval:def:89003246 This update for java-1_8_0-ibm fixes the following issues: Update to Java 8.0 Service Refresh 5 Fix Pack 40. Security issues fixed: - CVE-2019-11771: IBM Security Update July 2019 - CVE-2019-11772: IBM Security Update July 2019 - CVE-2019-11775: IBM Security Update July 2019 - CVE-2019-4473: IBM ... oval:org.secpod.oval:def:505462 IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7R1 SR4-FP50. Security Fix: * IBM JDK: Failure to privatize a value pulled out of the loop by versioning * OpenJDK: Insufficient checks ... oval:org.secpod.oval:def:54590 libpng1.6: PNG file library libpng be made to crash or run programs if it opened a specially crafted file. oval:org.secpod.oval:def:54993 The host is missing a critical security update according to Mozilla advisory, MFSA2019-13. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to execute arbitrary code. oval:org.secpod.oval:def:603928 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code. oval:org.secpod.oval:def:505466 IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP40. Security Fix: * IBM JDK: Out-of-bounds access in the String.getBytes method * IBM JDK: Failure to privatize a value pulled out of the ... oval:org.secpod.oval:def:55004 Oracle Java SE through 7u221, 8u212, 11.0.3 or 12.0.1, Mozilla Firefox 67, Mozilla Firefox ESR 60.7 and Mozilla Thunderbird 60.7: A use-after-free vulnerability was discovered in the png_image_free function in the libpng library. This could lead to denial of service or a potentially exploitable cras ... oval:org.secpod.oval:def:89003404 This update for java-1_7_1-ibm fixes the following issues: Update to Java 7.1 Service Refresh 4 Fix Pack 50. Security issues fixed: - CVE-2019-11771: IBM Security Update July 2019 - CVE-2019-11775: IBM Security Update July 2019 - CVE-2019-4473: IBM Security Update July 2019 - CVE-2019-7317: Fixed ... oval:org.secpod.oval:def:57536 The host is installed with Oracle Java SE through 7u221, 8u212, 11.0.3 or 12.0.1 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to AWT. Successful exploitation allows attackers to affect integrity and availability. oval:org.secpod.oval:def:54983 Mozilla Firefox 67, Mozilla Firefox ESR 60.7, Mozilla Thunderbird 60.7, Java 7u221, 8u212, 11.0.3 and 12.0.2: A use-after-free vulnerability was discovered in the <code>png_image_free</code> function in the libpng library. This could lead to denial of service or a potentially exploitable crash when ... oval:org.secpod.oval:def:505423 IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP40. Security Fix: * IBM JDK: Out-of-bounds access in the String.getBytes method * IBM JDK: Failure to privatize a value pulled out of the ... oval:org.secpod.oval:def:505429 IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP40. Security Fix: * IBM JDK: Out-of-bounds access in the String.getBytes method * IBM JDK: Failure to privatize a value pulled out of the ... oval:org.secpod.oval:def:55318 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:89050866 This update for libpng16 fixes the following issues: Security issues fixed: - CVE-2019-7317: Fixed a use-after-free vulnerability, triggered when png_image_free was called under png_safe_execute . - CVE-2018-13785: Fixed a wrong calculation of row_factor in the png_check_chunk_length function in png ... oval:org.secpod.oval:def:1801414 A vulnerability was found in libpng 1.6.36. The function png_image_free in png.c has a use-after-free because png_image_free_function is called under png_safe_execute. This flaw is in the PNG Simplified API, which was introduced upstream in libpng-1.6.0. Previous versions of libpng are not affected. oval:org.secpod.oval:def:1700193 OpenJDK: Insufficient restriction of privileges in AccessController OpenJDK: Unbounded memory allocation during deserialization in Collections libpng: png_image_free in png.c in libpng has a use-after-free because png_image_free_function is called under png_safe_execute. OpenJDK: Insufficient chec ... oval:org.secpod.oval:def:1801416 A vulnerability was found in libpng 1.6.36. The function png_image_free in png.c has a use-after-free because png_image_free_function is called under png_safe_execute. This flaw is in the PNG Simplified API, which was introduced upstream in libpng-1.6.0. Previous versions of libpng are not affected. oval:org.secpod.oval:def:1502526 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1000615 The remote host is missing a patch 152926-31 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:1502646 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:89050627 This update for MozillaFirefox fixes the following issues: Security issues fixed: - CVE-2019-11691: Use-after-free in XMLHttpRequest - CVE-2019-11692: Use-after-free removing listeners in the event listener manager - CVE-2019-11693: Buffer overflow in WebGL bufferdata on Linux - CVE-2019-11694: Unin ... oval:org.secpod.oval:def:1502525 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:704972 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:1000650 The remote host is missing a patch 152927-21 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:55051 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code. oval:org.secpod.oval:def:1901902 png_image_free in png.c in libpng 1.6.36 has a use-after-free because png_image_free_function is called under png_safe_execute. oval:org.secpod.oval:def:503130 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.7.0. Security Fix: * Mozilla: Memory safety bugs fixed in Firefox 67 and Firefox ESR 60.7 * Mozilla: Cross-origin theft of images with createImageBitmap * Mozilla: Stealing of cross-domain ... oval:org.secpod.oval:def:503132 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.7.0. Security Fix: * Mozilla: Memory safety bugs fixed in Firefox 67 and Firefox ESR 60.7 * Mozilla: Cross-origin theft of images with createImageBitmap * Mozilla: Stealing of cross-domain ... oval:org.secpod.oval:def:503131 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.7.0. Security Fix: * Mozilla: Memory safety bugs fixed in Firefox 67 and Firefox ESR 60.7 * Mozilla: Cross-origin theft of images with createImageBitmap * Mozilla: Stealing of cross-domain ... oval:org.secpod.oval:def:91661 Oracle Solaris 11 - ( CVE-2018-14550 ) oval:org.secpod.oval:def:55059 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:57625 The host is installed with Oracle Java SE through 7u221, 8u212, 11.0.3 or 12.0.1 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to AWT. Successful exploitation allows attackers to affect integrity and availability. oval:org.secpod.oval:def:54994 The host is missing a critical security update according to Mozilla advisory, MFSA2019-14. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to execute arbitrary code. oval:org.secpod.oval:def:1502530 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502531 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:89003072 This update for libpng16 fixes the following issues: Security issues fixed: - CVE-2019-7317: Fixed a use-after-free vulnerability, triggered when png_image_free was called under png_safe_execute . - CVE-2017-12652: Fixed an Input Validation Error related to the length of chunks . oval:org.secpod.oval:def:1000768 The remote host is missing a patch 152925-31 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:89003429 This update for java-1_7_0-openjdk to version 7u231 fixes the following issues: Security issues fixed: - CVE_2019-2426: Improve web server connections . - CVE-2019-2745: Improved ECC Implementation . - CVE-2019-2762: Exceptional throw cases . - CVE-2019-2766: Improve file protocol handling . - CVE-2 ... |