Search

Find a vulnerability

Search criteria

    10 vulnerabilities found for Turbolinux Home by Turbolinux, Inc.

    JVNDB-2006-000753

    Vulnerability from jvndb - Published: 2008-05-21 00:00 - Updated:2008-05-21 00:00

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2006/JVNDB-2006-000753.html",
      "dc:date": "2008-05-21T00:00+09:00",
      "dcterms:issued": "2008-05-21T00:00+09:00",
      "dcterms:modified": "2008-05-21T00:00+09:00",
      "description": "The cig.rb class in Ruby cannot handle HTTP requests with MIME multipart data set with an invalid boundry, which could trigger an infinate loop and result in consuming a large amount of CPU respurces.",
      "link": "https://jvndb.jvn.jp/en/contents/2006/JVNDB-2006-000753.html",
      "sec:cpe": [
        {
          "#text": "cpe:/a:ruby-lang:ruby",
          "@product": "Ruby",
          "@vendor": "Ruby",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:misc:miraclelinux_asianux_server",
          "@product": "Asianux Server",
          "@vendor": "Cybertrust Japan Co., Ltd.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:redhat:enterprise_linux",
          "@product": "Red Hat Enterprise Linux",
          "@vendor": "Red Hat, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:redhat:enterprise_linux_desktop",
          "@product": "Red Hat Enterprise Linux Desktop",
          "@vendor": "Red Hat, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:turbolinux:turbolinux",
          "@product": "Turbolinux",
          "@vendor": "Turbolinux, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:turbolinux:turbolinux_appliance_server",
          "@product": "Turbolinux Appliance Server",
          "@vendor": "Turbolinux, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:turbolinux:turbolinux_desktop",
          "@product": "Turbolinux Desktop",
          "@vendor": "Turbolinux, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:turbolinux:turbolinux_fuji",
          "@product": "Turbolinux FUJI",
          "@vendor": "Turbolinux, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:turbolinux:turbolinux_home",
          "@product": "Turbolinux Home",
          "@vendor": "Turbolinux, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:turbolinux:turbolinux_multimedia",
          "@product": "Turbolinux Multimedia",
          "@vendor": "Turbolinux, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:turbolinux:turbolinux_personal",
          "@product": "Turbolinux Personal",
          "@vendor": "Turbolinux, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:turbolinux:turbolinux_server",
          "@product": "Turbolinux Server",
          "@vendor": "Turbolinux, Inc.",
          "@version": "2.2"
        }
      ],
      "sec:cvss": {
        "@score": "5.0",
        "@severity": "Medium",
        "@type": "Base",
        "@vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
        "@version": "2.0"
      },
      "sec:identifier": "JVNDB-2006-000753",
      "sec:references": [
        {
          "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5467",
          "@id": "CVE-2006-5467",
          "@source": "CVE"
        },
        {
          "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-5467",
          "@id": "CVE-2006-5467",
          "@source": "NVD"
        },
        {
          "#text": "http://secunia.com/advisories/13123/",
          "@id": "SA13123",
          "@source": "SECUNIA"
        },
        {
          "#text": "http://www.securityfocus.com/bid/20777",
          "@id": "20777",
          "@source": "BID"
        },
        {
          "#text": "http://www.frsirt.com/english/advisories/2006/4244",
          "@id": "FrSIRT/ADV-2006-4244",
          "@source": "FRSIRT"
        }
      ],
      "title": "Ruby cgi.rb Denial of Service Vulnerability"
    }

    JVNDB-2007-000295

    Vulnerability from jvndb - Published: 2008-05-21 00:00 - Updated:2009-08-06 11:39
    Severity
    N/A (UNKNOWN) - -
    Summary
    APOP password recovery vulnerability
    Details
    POP3 is a protocol for receiving email from mail servers. APOP is an authentication mechanism used by the POP3 protocol. It is reported that APOP passwords could be recovered by third parties. In its successful attack, the attacker spoofs itself as the mail server, provides challenge strings to the client, and collects the responses from the client. The attacker should repeat this process for a certain period of time without alerting the user of the attack.
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000295.html",
      "dc:date": "2009-08-06T11:39+09:00",
      "dcterms:issued": "2008-05-21T00:00+09:00",
      "dcterms:modified": "2009-08-06T11:39+09:00",
      "description": "POP3 is a protocol for receiving email from mail servers. APOP is an authentication mechanism used by the POP3 protocol.\r\n\r\nIt is reported that APOP passwords could be recovered by third parties.\r\n\r\nIn its successful attack, the attacker spoofs itself as the mail server, provides challenge strings to the client, and collects the responses from the client. The attacker should repeat this process for a certain period of time without alerting the user of the attack.",
      "link": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000295.html",
      "sec:cpe": [
        {
          "#text": "cpe:/a:claws_mail:claws_mail",
          "@product": "Claws Mail",
          "@vendor": "Claws Mail",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:fetchmail:fetchmail",
          "@product": "Fetchmail",
          "@vendor": "Fetchmail Project",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:mozilla:seamonkey",
          "@product": "Mozilla SeaMonkey",
          "@vendor": "mozilla.org contributors",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:mozilla:thunderbird",
          "@product": "Mozilla Thunderbird",
          "@vendor": "mozilla.org contributors",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:mutt:mutt",
          "@product": "Mutt",
          "@vendor": "Mutt",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:redhat:rhel_optional_productivity_applications",
          "@product": "RHEL Optional Productivity Applications",
          "@vendor": "Red Hat, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:sylpheed:sylpheed",
          "@product": "Sylpheed",
          "@vendor": "Sylpheed",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:hp:hp-ux",
          "@product": "HP-UX",
          "@vendor": "Hewlett-Packard Development Company,L.P",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:misc:miraclelinux_asianux_server",
          "@product": "Asianux Server",
          "@vendor": "Cybertrust Japan Co., Ltd.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:redhat:enterprise_linux",
          "@product": "Red Hat Enterprise Linux",
          "@vendor": "Red Hat, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:redhat:enterprise_linux_desktop",
          "@product": "Red Hat Enterprise Linux Desktop",
          "@vendor": "Red Hat, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:redhat:enterprise_linux_eus",
          "@product": "Red Hat Enterprise Linux EUS",
          "@vendor": "Red Hat, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:redhat:linux_advanced_workstation",
          "@product": "Red Hat Linux Advanced Workstation",
          "@vendor": "Red Hat, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:redhat:rhel_desktop_workstation",
          "@product": "RHEL Desktop Workstation",
          "@vendor": "Red Hat, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:turbolinux:turbolinux",
          "@product": "Turbolinux",
          "@vendor": "Turbolinux, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:turbolinux:turbolinux_desktop",
          "@product": "Turbolinux Desktop",
          "@vendor": "Turbolinux, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:turbolinux:turbolinux_fuji",
          "@product": "Turbolinux FUJI",
          "@vendor": "Turbolinux, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:turbolinux:turbolinux_home",
          "@product": "Turbolinux Home",
          "@vendor": "Turbolinux, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:turbolinux:turbolinux_multimedia",
          "@product": "Turbolinux Multimedia",
          "@vendor": "Turbolinux, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:turbolinux:turbolinux_personal",
          "@product": "Turbolinux Personal",
          "@vendor": "Turbolinux, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:turbolinux:turbolinux_server",
          "@product": "Turbolinux Server",
          "@vendor": "Turbolinux, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:turbolinux:turbolinux_wizpy",
          "@product": "wizpy",
          "@vendor": "Turbolinux, Inc.",
          "@version": "2.2"
        }
      ],
      "sec:cvss": {
        "@score": "5.4",
        "@severity": "Medium",
        "@type": "Base",
        "@vector": "AV:N/AC:H/Au:N/C:C/I:N/A:N",
        "@version": "2.0"
      },
      "sec:identifier": "JVNDB-2007-000295",
      "sec:references": [
        {
          "#text": "http://jvn.jp/cert/JVNTA07-151A/index.html",
          "@id": "JVNTA07-151A",
          "@source": "JVN"
        },
        {
          "#text": "http://jvn.jp/en/jp/JVN19445002/index.html",
          "@id": "JVN#19445002",
          "@source": "JVN"
        },
        {
          "#text": "http://jvn.jp/tr/TRTA07-151A/index.html",
          "@id": "TRTA07-151A",
          "@source": "JVNTR"
        },
        {
          "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1558",
          "@id": "CVE-2007-1558",
          "@source": "CVE"
        },
        {
          "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1558",
          "@id": "CVE-2007-1558",
          "@source": "NVD"
        },
        {
          "#text": "http://www.us-cert.gov/cas/alerts/SA07-151A.html",
          "@id": "SA07-151A",
          "@source": "CERT-SA"
        },
        {
          "#text": "http://www.us-cert.gov/cas/techalerts/TA07-151A.html",
          "@id": "TA07-151A",
          "@source": "CERT-TA"
        },
        {
          "#text": "http://www.securityfocus.com/bid/23257",
          "@id": "23257",
          "@source": "BID"
        },
        {
          "#text": "http://www.securitytracker.com/id?1018008",
          "@id": "1018008",
          "@source": "SECTRACK"
        },
        {
          "#text": "http://www.frsirt.com/english/advisories/2007/1466",
          "@id": "FrSIRT/ADV-2007-1466",
          "@source": "FRSIRT"
        },
        {
          "#text": "http://www.frsirt.com/english/advisories/2007/1480",
          "@id": "FrSIRT/ADV-2007-1480",
          "@source": "FRSIRT"
        },
        {
          "#text": "http://www.frsirt.com/english/advisories/2007/1468",
          "@id": "FrSIRT/ADV-2007-1468",
          "@source": "FRSIRT"
        },
        {
          "#text": "http://www.frsirt.com/english/advisories/2007/1467",
          "@id": "FrSIRT/ADV-2007-1467",
          "@source": "FRSIRT"
        },
        {
          "#text": "http://www.ietf.org/rfc/rfc1939.txt",
          "@id": "RFC1939:Post Office Protocol - Version 3",
          "@source": "IETF"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-264",
          "@title": "Permissions(CWE-264)"
        }
      ],
      "title": "APOP password recovery vulnerability"
    }

    JVNDB-2005-000530

    Vulnerability from jvndb - Published: 2008-05-21 00:00 - Updated:2008-05-21 00:00
    Severity
    N/A (UNKNOWN) - -
    Summary
    Vulnerability in multiple web browsers allowing request spoofing attacks
    Details
    Multiple web browsers contain a vulnerability in the processing of XmlHttpRequest objects. XmlHttpRequest objects available in JavaScript provide a function to communicate with a server without reloading a web page. In general, JavaScript only allows communication within the same domain of the web page; however, an attacker could bypass this restriction by exploiting this vulnerability.
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2005/JVNDB-2005-000530.html",
      "dc:date": "2008-05-21T00:00+09:00",
      "dcterms:issued": "2008-05-21T00:00+09:00",
      "dcterms:modified": "2008-05-21T00:00+09:00",
      "description": "Multiple web browsers contain a vulnerability in the processing of XmlHttpRequest objects. XmlHttpRequest objects available in JavaScript provide a function to communicate with a server without reloading a web page.\r\n\r\nIn general, JavaScript only allows communication within the same domain of the web page; however, an attacker could bypass this restriction by exploiting this vulnerability.",
      "link": "https://jvndb.jvn.jp/en/contents/2005/JVNDB-2005-000530.html",
      "sec:cpe": [
        {
          "#text": "cpe:/a:mozilla:firefox",
          "@product": "Mozilla Firefox",
          "@vendor": "mozilla.org contributors",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:mozilla:mozilla_suite",
          "@product": "Mozilla Suite",
          "@vendor": "mozilla.org contributors",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:opera:opera_browser",
          "@product": "Opera",
          "@vendor": "Opera Software ASA",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:misc:miraclelinux_asianux_server",
          "@product": "Asianux Server",
          "@vendor": "Cybertrust Japan Co., Ltd.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:redhat:enterprise_linux",
          "@product": "Red Hat Enterprise Linux",
          "@vendor": "Red Hat, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:redhat:enterprise_linux_desktop",
          "@product": "Red Hat Enterprise Linux Desktop",
          "@vendor": "Red Hat, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:redhat:linux_advanced_workstation",
          "@product": "Red Hat Linux Advanced Workstation",
          "@vendor": "Red Hat, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:turbolinux:turbolinux",
          "@product": "Turbolinux",
          "@vendor": "Turbolinux, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:turbolinux:turbolinux_desktop",
          "@product": "Turbolinux Desktop",
          "@vendor": "Turbolinux, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:turbolinux:turbolinux_home",
          "@product": "Turbolinux Home",
          "@vendor": "Turbolinux, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:turbolinux:turbolinux_multimedia",
          "@product": "Turbolinux Multimedia",
          "@vendor": "Turbolinux, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:turbolinux:turbolinux_personal",
          "@product": "Turbolinux Personal",
          "@vendor": "Turbolinux, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:turbolinux:turbolinux_server",
          "@product": "Turbolinux Server",
          "@vendor": "Turbolinux, Inc.",
          "@version": "2.2"
        }
      ],
      "sec:cvss": {
        "@score": "5.0",
        "@severity": "Medium",
        "@type": "Base",
        "@vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
        "@version": "2.0"
      },
      "sec:identifier": "JVNDB-2005-000530",
      "sec:references": [
        {
          "#text": "http://jvn.jp/en/jp/JVN31226748/",
          "@id": "JVN#31226748",
          "@source": "JVN"
        },
        {
          "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2703",
          "@id": "CVE-2005-2703",
          "@source": "CVE"
        },
        {
          "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2005-2703",
          "@id": "CVE-2005-2703",
          "@source": "NVD"
        },
        {
          "#text": "http://secunia.com/advisories/16911/",
          "@id": "SA16911",
          "@source": "SECUNIA"
        },
        {
          "#text": "http://www.securityfocus.com/bid/14923",
          "@id": "14923",
          "@source": "BID"
        },
        {
          "#text": "http://www.frsirt.com/english/advisories/2005/1824",
          "@id": "FrSIRT/ADV-2005-1824",
          "@source": "FRSIRT"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-94",
          "@title": "Code Injection(CWE-94)"
        }
      ],
      "title": "Vulnerability in multiple web browsers allowing request spoofing attacks"
    }

    JVNDB-2004-000473

    Vulnerability from jvndb - Published: 2008-05-21 00:00 - Updated:2008-05-21 00:00

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2004/JVNDB-2004-000473.html",
      "dc:date": "2008-05-21T00:00+09:00",
      "dcterms:issued": "2008-05-21T00:00+09:00",
      "dcterms:modified": "2008-05-21T00:00+09:00",
      "description": "Ruby cgi.rb enters an infinite loop which leads it into Ddenial of Service (DoS) due to improper input validation.",
      "link": "https://jvndb.jvn.jp/en/contents/2004/JVNDB-2004-000473.html",
      "sec:cpe": [
        {
          "#text": "cpe:/a:ruby-lang:ruby",
          "@product": "Ruby",
          "@vendor": "Ruby",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:misc:miraclelinux_asianux_server",
          "@product": "Asianux Server",
          "@vendor": "Cybertrust Japan Co., Ltd.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:redhat:enterprise_linux",
          "@product": "Red Hat Enterprise Linux",
          "@vendor": "Red Hat, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:redhat:enterprise_linux_desktop",
          "@product": "Red Hat Enterprise Linux Desktop",
          "@vendor": "Red Hat, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:turbolinux:turbolinux",
          "@product": "Turbolinux",
          "@vendor": "Turbolinux, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:turbolinux:turbolinux_desktop",
          "@product": "Turbolinux Desktop",
          "@vendor": "Turbolinux, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:turbolinux:turbolinux_home",
          "@product": "Turbolinux Home",
          "@vendor": "Turbolinux, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:turbolinux:turbolinux_server",
          "@product": "Turbolinux Server",
          "@vendor": "Turbolinux, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:turbolinux:turbolinux_workstation",
          "@product": "Turbolinux Workstation",
          "@vendor": "Turbolinux, Inc.",
          "@version": "2.2"
        }
      ],
      "sec:cvss": {
        "@score": "5.0",
        "@severity": "Medium",
        "@type": "Base",
        "@vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
        "@version": "2.0"
      },
      "sec:identifier": "JVNDB-2004-000473",
      "sec:references": [
        {
          "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0983",
          "@id": "CVE-2004-0983",
          "@source": "CVE"
        },
        {
          "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2004-0983",
          "@id": "CVE-2004-0983",
          "@source": "NVD"
        },
        {
          "#text": "http://secunia.com/advisories/13123/",
          "@id": "SA13123",
          "@source": "SECUNIA"
        },
        {
          "#text": "http://www.securityfocus.com/bid/11618",
          "@id": "11618",
          "@source": "BID"
        },
        {
          "#text": "http://xforce.iss.net/xforce/xfdb/17985",
          "@id": "17985",
          "@source": "XF"
        },
        {
          "#text": "http://securitytracker.com/id?1012120",
          "@id": "1012120",
          "@source": "SECTRACK"
        }
      ],
      "title": "Ruby cgi.rb Denial of Service Vulnerability"
    }

    JVNDB-2007-000176

    Vulnerability from jvndb - Published: 2008-05-21 00:00 - Updated:2008-05-21 00:00

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000176.html",
      "dc:date": "2008-05-21T00:00+09:00",
      "dcterms:issued": "2008-05-21T00:00+09:00",
      "dcterms:modified": "2008-05-21T00:00+09:00",
      "description": "Mozilla Firefox, web browser from Mozilla Corporation and Mozilla Japan, contains a cross-site scripting vulnerability.\r\n\r\nMozilla Firefox interprets HTML data improperly and activates event handlers for invalid HTML elements, leading to a cross-site scripting vulnerability.",
      "link": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000176.html",
      "sec:cpe": [
        {
          "#text": "cpe:/a:mozilla:firefox",
          "@product": "Mozilla Firefox",
          "@vendor": "mozilla.org contributors",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:mozilla:seamonkey",
          "@product": "Mozilla SeaMonkey",
          "@vendor": "mozilla.org contributors",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:redhat:rhel_optional_productivity_applications",
          "@product": "RHEL Optional Productivity Applications",
          "@vendor": "Red Hat, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:hp:hp-ux",
          "@product": "HP-UX",
          "@vendor": "Hewlett-Packard Development Company,L.P",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:misc:miraclelinux_asianux_server",
          "@product": "Asianux Server",
          "@vendor": "Cybertrust Japan Co., Ltd.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:redhat:enterprise_linux",
          "@product": "Red Hat Enterprise Linux",
          "@vendor": "Red Hat, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:redhat:enterprise_linux_desktop",
          "@product": "Red Hat Enterprise Linux Desktop",
          "@vendor": "Red Hat, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:redhat:linux_advanced_workstation",
          "@product": "Red Hat Linux Advanced Workstation",
          "@vendor": "Red Hat, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:redhat:rhel_desktop_workstation",
          "@product": "RHEL Desktop Workstation",
          "@vendor": "Red Hat, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:turbolinux:turbolinux",
          "@product": "Turbolinux",
          "@vendor": "Turbolinux, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:turbolinux:turbolinux_desktop",
          "@product": "Turbolinux Desktop",
          "@vendor": "Turbolinux, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:turbolinux:turbolinux_home",
          "@product": "Turbolinux Home",
          "@vendor": "Turbolinux, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:turbolinux:turbolinux_multimedia",
          "@product": "Turbolinux Multimedia",
          "@vendor": "Turbolinux, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:turbolinux:turbolinux_personal",
          "@product": "Turbolinux Personal",
          "@vendor": "Turbolinux, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:turbolinux:turbolinux_server",
          "@product": "Turbolinux Server",
          "@vendor": "Turbolinux, Inc.",
          "@version": "2.2"
        }
      ],
      "sec:cvss": {
        "@score": "4.3",
        "@severity": "Medium",
        "@type": "Base",
        "@vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
        "@version": "2.0"
      },
      "sec:identifier": "JVNDB-2007-000176",
      "sec:references": [
        {
          "#text": "http://jvn.jp/en/jp/JVN38605899/index.html",
          "@id": "JVN#38605899",
          "@source": "JVN"
        },
        {
          "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0995",
          "@id": "CVE-2007-0995",
          "@source": "CVE"
        },
        {
          "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-0995",
          "@id": "CVE-2007-0995",
          "@source": "NVD"
        },
        {
          "#text": "http://secunia.com/advisories/24205/",
          "@id": "SA24205",
          "@source": "SECUNIA"
        },
        {
          "#text": "http://secunia.com/advisories/24238/",
          "@id": "SA24238",
          "@source": "SECUNIA"
        },
        {
          "#text": "http://www.securityfocus.com/bid/22694",
          "@id": "22694",
          "@source": "BID"
        },
        {
          "#text": "http://www.frsirt.com/english/advisories/2007/0718",
          "@id": "FrSIRT/ADV-2007-0718",
          "@source": "FRSIRT"
        }
      ],
      "title": "Mozilla Firefox cross-site scripting vulnerability"
    }

    JVNDB-2004-000323

    Vulnerability from jvndb - Published: 2008-05-21 00:00 - Updated:2008-05-21 00:00

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2004/JVNDB-2004-000323.html",
      "dc:date": "2008-05-21T00:00+09:00",
      "dcterms:issued": "2008-05-21T00:00+09:00",
      "dcterms:modified": "2008-05-21T00:00+09:00",
      "description": "Ruby uses CGI::Session\u0027s FileStore. FileStore creates a session file with improper permission and this could lead to session information leak.",
      "link": "https://jvndb.jvn.jp/en/contents/2004/JVNDB-2004-000323.html",
      "sec:cpe": [
        {
          "#text": "cpe:/a:ruby-lang:ruby",
          "@product": "Ruby",
          "@vendor": "Ruby",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:redhat:enterprise_linux",
          "@product": "Red Hat Enterprise Linux",
          "@vendor": "Red Hat, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:redhat:enterprise_linux_desktop",
          "@product": "Red Hat Enterprise Linux Desktop",
          "@vendor": "Red Hat, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:turbolinux:turbolinux",
          "@product": "Turbolinux",
          "@vendor": "Turbolinux, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:turbolinux:turbolinux_desktop",
          "@product": "Turbolinux Desktop",
          "@vendor": "Turbolinux, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:turbolinux:turbolinux_home",
          "@product": "Turbolinux Home",
          "@vendor": "Turbolinux, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:turbolinux:turbolinux_server",
          "@product": "Turbolinux Server",
          "@vendor": "Turbolinux, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:turbolinux:turbolinux_workstation",
          "@product": "Turbolinux Workstation",
          "@vendor": "Turbolinux, Inc.",
          "@version": "2.2"
        }
      ],
      "sec:cvss": {
        "@score": "2.1",
        "@severity": "Low",
        "@type": "Base",
        "@vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
        "@version": "2.0"
      },
      "sec:identifier": "JVNDB-2004-000323",
      "sec:references": [
        {
          "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0755",
          "@id": "CVE-2004-0755",
          "@source": "CVE"
        },
        {
          "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2004-0755",
          "@id": "CVE-2004-0755",
          "@source": "NVD"
        },
        {
          "#text": "http://www.securityfocus.com/bid/10946",
          "@id": "10946",
          "@source": "BID"
        },
        {
          "#text": "http://xforce.iss.net/xforce/xfdb/16996",
          "@id": "16996",
          "@source": "XF"
        }
      ],
      "title": "Ruby CGI Session Management Insecure File Permission Vulnerability"
    }

    JVNDB-2005-000199

    Vulnerability from jvndb - Published: 2008-05-21 00:00 - Updated:2008-05-21 00:00
    Severity
    N/A (UNKNOWN) - -
    Summary
    Sylpheed Filename Buffer Overflow Vulnerability
    Details
    Sylpheed contains a buffer overflow vulnerability exploitable via attachements with MIME-encoded filename.
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2005/JVNDB-2005-000199.html",
      "dc:date": "2008-05-21T00:00+09:00",
      "dcterms:issued": "2008-05-21T00:00+09:00",
      "dcterms:modified": "2008-05-21T00:00+09:00",
      "description": "Sylpheed contains a buffer overflow vulnerability exploitable via attachements with MIME-encoded filename.",
      "link": "https://jvndb.jvn.jp/en/contents/2005/JVNDB-2005-000199.html",
      "sec:cpe": [
        {
          "#text": "cpe:/a:sylpheed:sylpheed",
          "@product": "Sylpheed",
          "@vendor": "Sylpheed",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:turbolinux:turbolinux",
          "@product": "Turbolinux",
          "@vendor": "Turbolinux, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:turbolinux:turbolinux_desktop",
          "@product": "Turbolinux Desktop",
          "@vendor": "Turbolinux, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:turbolinux:turbolinux_home",
          "@product": "Turbolinux Home",
          "@vendor": "Turbolinux, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:turbolinux:turbolinux_server",
          "@product": "Turbolinux Server",
          "@vendor": "Turbolinux, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:turbolinux:turbolinux_workstation",
          "@product": "Turbolinux Workstation",
          "@vendor": "Turbolinux, Inc.",
          "@version": "2.2"
        }
      ],
      "sec:cvss": {
        "@score": "5.1",
        "@severity": "Medium",
        "@type": "Base",
        "@vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
        "@version": "2.0"
      },
      "sec:identifier": "JVNDB-2005-000199",
      "sec:references": [
        {
          "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0926",
          "@id": "CVE-2005-0926",
          "@source": "CVE"
        },
        {
          "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2005-0926",
          "@id": "CVE-2005-0926",
          "@source": "NVD"
        },
        {
          "#text": "http://www.securityfocus.com/bid/12934",
          "@id": "12934",
          "@source": "BID"
        }
      ],
      "title": "Sylpheed Filename Buffer Overflow Vulnerability"
    }

    JVNDB-2006-000808

    Vulnerability from jvndb - Published: 2008-05-21 00:00 - Updated:2008-11-14 12:20

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2006/JVNDB-2006-000808.html",
      "dc:date": "2008-11-14T12:20+09:00",
      "dcterms:issued": "2008-05-21T00:00+09:00",
      "dcterms:modified": "2008-11-14T12:20+09:00",
      "description": "cgi.rb, a standard library in Ruby, contains a denial of service vulnerability.\r\n\r\nThis vulnerability is different from CVE-2006-5467.",
      "link": "https://jvndb.jvn.jp/en/contents/2006/JVNDB-2006-000808.html",
      "sec:cpe": [
        {
          "#text": "cpe:/a:ruby-lang:ruby",
          "@product": "Ruby",
          "@vendor": "Ruby",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:misc:miraclelinux_asianux_server",
          "@product": "Asianux Server",
          "@vendor": "Cybertrust Japan Co., Ltd.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:redhat:enterprise_linux",
          "@product": "Red Hat Enterprise Linux",
          "@vendor": "Red Hat, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:redhat:enterprise_linux_desktop",
          "@product": "Red Hat Enterprise Linux Desktop",
          "@vendor": "Red Hat, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:turbolinux:turbolinux",
          "@product": "Turbolinux",
          "@vendor": "Turbolinux, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:turbolinux:turbolinux_appliance_server",
          "@product": "Turbolinux Appliance Server",
          "@vendor": "Turbolinux, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:turbolinux:turbolinux_desktop",
          "@product": "Turbolinux Desktop",
          "@vendor": "Turbolinux, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:turbolinux:turbolinux_fuji",
          "@product": "Turbolinux FUJI",
          "@vendor": "Turbolinux, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:turbolinux:turbolinux_home",
          "@product": "Turbolinux Home",
          "@vendor": "Turbolinux, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:turbolinux:turbolinux_multimedia",
          "@product": "Turbolinux Multimedia",
          "@vendor": "Turbolinux, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:turbolinux:turbolinux_personal",
          "@product": "Turbolinux Personal",
          "@vendor": "Turbolinux, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:turbolinux:turbolinux_server",
          "@product": "Turbolinux Server",
          "@vendor": "Turbolinux, Inc.",
          "@version": "2.2"
        }
      ],
      "sec:cvss": {
        "@score": "5.0",
        "@severity": "Medium",
        "@type": "Base",
        "@vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
        "@version": "2.0"
      },
      "sec:identifier": "JVNDB-2006-000808",
      "sec:references": [
        {
          "#text": "http://jvn.jp/en/jp/JVN84798830/index.html",
          "@id": "JVN#84798830",
          "@source": "JVN"
        },
        {
          "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6303",
          "@id": "CVE-2006-6303",
          "@source": "CVE"
        },
        {
          "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-6303",
          "@id": "CVE-2006-6303",
          "@source": "NVD"
        },
        {
          "#text": "http://secunia.com/advisories/13123/",
          "@id": "SA13123",
          "@source": "SECUNIA"
        },
        {
          "#text": "http://www.securityfocus.com/bid/21441",
          "@id": "21441",
          "@source": "BID"
        },
        {
          "#text": "http://xforce.iss.net/xforce/xfdb/30734",
          "@id": "30734",
          "@source": "XF"
        },
        {
          "#text": "http://securitytracker.com/id?1017363",
          "@id": "1017363",
          "@source": "SECTRACK"
        },
        {
          "#text": "http://www.frsirt.com/english/advisories/2006/4855",
          "@id": "FrSIRT/ADV-2006-4855",
          "@source": "FRSIRT"
        },
        {
          "#text": "http://jvndb.jvn.jp/ja/contents/2006/JVNDB-2006-000808.html",
          "@id": "JVNDB-2006-000808",
          "@source": "JVNDB_Ja"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-399",
          "@title": "Resource Management Errors(CWE-399)"
        }
      ],
      "title": "Denial of service vulnerability in Ruby CGI library (cgi.rb)"
    }

    JVNDB-2005-000163

    Vulnerability from jvndb - Published: 2008-05-21 00:00 - Updated:2008-05-21 00:00
    Severity
    N/A (UNKNOWN) - -
    Summary
    Sylpheed Email Header Buffer Overflow Vulnerability with non-ASCII Characters
    Details
    Sylpheed does not validate input data properly, which could lead to buffer overflow when it receives a message with the header containing non-ASCII characters.
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2005/JVNDB-2005-000163.html",
      "dc:date": "2008-05-21T00:00+09:00",
      "dcterms:issued": "2008-05-21T00:00+09:00",
      "dcterms:modified": "2008-05-21T00:00+09:00",
      "description": "Sylpheed does not validate input data properly, which could lead to buffer overflow when it receives a message with the header containing non-ASCII characters.",
      "link": "https://jvndb.jvn.jp/en/contents/2005/JVNDB-2005-000163.html",
      "sec:cpe": [
        {
          "#text": "cpe:/a:sylpheed:sylpheed",
          "@product": "Sylpheed",
          "@vendor": "Sylpheed",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:redhat:enterprise_linux",
          "@product": "Red Hat Enterprise Linux",
          "@vendor": "Red Hat, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:redhat:linux_advanced_workstation",
          "@product": "Red Hat Linux Advanced Workstation",
          "@vendor": "Red Hat, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:turbolinux:turbolinux",
          "@product": "Turbolinux",
          "@vendor": "Turbolinux, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:turbolinux:turbolinux_desktop",
          "@product": "Turbolinux Desktop",
          "@vendor": "Turbolinux, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:turbolinux:turbolinux_home",
          "@product": "Turbolinux Home",
          "@vendor": "Turbolinux, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:turbolinux:turbolinux_server",
          "@product": "Turbolinux Server",
          "@vendor": "Turbolinux, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:turbolinux:turbolinux_workstation",
          "@product": "Turbolinux Workstation",
          "@vendor": "Turbolinux, Inc.",
          "@version": "2.2"
        }
      ],
      "sec:cvss": {
        "@score": "5.1",
        "@severity": "Medium",
        "@type": "Base",
        "@vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
        "@version": "2.0"
      },
      "sec:identifier": "JVNDB-2005-000163",
      "sec:references": [
        {
          "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0667",
          "@id": "CVE-2005-0667",
          "@source": "CVE"
        },
        {
          "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2005-0667",
          "@id": "CVE-2005-0667",
          "@source": "NVD"
        },
        {
          "#text": "http://secunia.com/advisories/14491/",
          "@id": "SA14491",
          "@source": "SECUNIA"
        },
        {
          "#text": "http://www.securityfocus.com/bid/12730",
          "@id": "12730",
          "@source": "BID"
        }
      ],
      "title": "Sylpheed Email Header Buffer Overflow Vulnerability with non-ASCII Characters"
    }

    JVNDB-2005-000727

    Vulnerability from jvndb - Published: 2008-05-21 00:00 - Updated:2014-05-22 18:03
    Severity
    N/A (UNKNOWN) - -
    Summary
    mod_imap cross-site scripting vulnerability
    Details
    The "mod_imap" and "mod_imagemap" modules of the Apache HTTP Server are used for implementing server-side image map processing. mod_imap and mod_imagemap are affected by a cross-site scripting vulnerability when referer values are used in an image map in such a way that they do not handle HTTP_REFERER properly.
    Impacted products
    Apache Software Foundation Apache HTTP Server
    Hitachi, Ltd Cosminexus Application Server Enterprise
    Hitachi, Ltd Cosminexus Application Server Standard
    Hitachi, Ltd Cosminexus Application Server Version 5
    Hitachi, Ltd Cosminexus Developer Light Version 6
    Hitachi, Ltd Cosminexus Developer Professional Version 6
    Hitachi, Ltd Cosminexus Developer Standard Version 6
    Hitachi, Ltd Cosminexus Developer Version 5
    Hitachi, Ltd Cosminexus Server - Enterprise Edition
    Hitachi, Ltd Cosminexus Server - Standard Edition
    Hitachi, Ltd Cosminexus Server - Standard Edition Version 4
    Hitachi, Ltd Cosminexus Server - Web Edition
    Hitachi, Ltd Cosminexus Server - Web Edition Version 4
    Hitachi, Ltd Hitachi Web Server
    Hitachi, Ltd uCosminexus Application Server Enterprise
    Hitachi, Ltd uCosminexus Application Server Smart Edition
    Hitachi, Ltd uCosminexus Application Server Standard
    Hitachi, Ltd uCosminexus Developer
    Hitachi, Ltd uCosminexus Developer Light
    Hitachi, Ltd uCosminexus Developer Standard
    Hitachi, Ltd uCosminexus Service Architect
    Hitachi, Ltd uCosminexus Service Platform
    IBM Corporation IBM HTTP Server
    Oracle Corporation Oracle HTTP Server
    Apple Inc. Apple Mac OS X
    Apple Inc. Apple Mac OS X Server
    Hewlett-Packard Development Company,L.P HP-UX
    Cybertrust Japan Co., Ltd. Asianux Server
    Red Hat, Inc. Red Hat Enterprise Linux
    Red Hat, Inc. Red Hat Linux Advanced Workstation
    Sun Microsystems, Inc. Sun Solaris
    Turbolinux, Inc. Turbolinux
    Turbolinux, Inc. Turbolinux Desktop
    Turbolinux, Inc. Turbolinux FUJI
    Turbolinux, Inc. Turbolinux Home
    Turbolinux, Inc. Turbolinux Multimedia
    Turbolinux, Inc. Turbolinux Personal
    Turbolinux, Inc. Turbolinux Server
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2005/JVNDB-2005-000727.html",
      "dc:date": "2014-05-22T18:03+09:00",
      "dcterms:issued": "2008-05-21T00:00+09:00",
      "dcterms:modified": "2014-05-22T18:03+09:00",
      "description": "The \"mod_imap\" and \"mod_imagemap\" modules of the Apache HTTP Server are used for implementing server-side image map processing.\r\nmod_imap and mod_imagemap are affected by a cross-site scripting vulnerability when referer values are used in an image map in such a way that they do not handle HTTP_REFERER properly.",
      "link": "https://jvndb.jvn.jp/en/contents/2005/JVNDB-2005-000727.html",
      "sec:cpe": [
        {
          "#text": "cpe:/a:apache:http_server",
          "@product": "Apache HTTP Server",
          "@vendor": "Apache Software Foundation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:hitachi:cosminexus_application_server_enterprise",
          "@product": "Cosminexus Application Server Enterprise",
          "@vendor": "Hitachi, Ltd",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:hitachi:cosminexus_application_server_standard",
          "@product": "Cosminexus Application Server Standard",
          "@vendor": "Hitachi, Ltd",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:hitachi:cosminexus_application_server_version_5",
          "@product": "Cosminexus Application Server Version 5",
          "@vendor": "Hitachi, Ltd",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:hitachi:cosminexus_developer_light_version_6",
          "@product": "Cosminexus Developer Light Version 6",
          "@vendor": "Hitachi, Ltd",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:hitachi:cosminexus_developer_professional_version_6",
          "@product": "Cosminexus Developer Professional Version 6",
          "@vendor": "Hitachi, Ltd",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:hitachi:cosminexus_developer_standard_version_6",
          "@product": "Cosminexus Developer Standard Version 6",
          "@vendor": "Hitachi, Ltd",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:hitachi:cosminexus_developer_version_5",
          "@product": "Cosminexus Developer Version 5",
          "@vendor": "Hitachi, Ltd",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:hitachi:cosminexus_server_-_enterprise_edition",
          "@product": "Cosminexus Server - Enterprise Edition",
          "@vendor": "Hitachi, Ltd",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:hitachi:cosminexus_server_-_standard_edition",
          "@product": "Cosminexus Server - Standard Edition",
          "@vendor": "Hitachi, Ltd",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:hitachi:cosminexus_server_-_standard_edition_version_4",
          "@product": "Cosminexus Server - Standard Edition Version 4",
          "@vendor": "Hitachi, Ltd",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:hitachi:cosminexus_server_-_web_edition",
          "@product": "Cosminexus Server - Web Edition",
          "@vendor": "Hitachi, Ltd",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:hitachi:cosminexus_server_-_web_edition_version_4",
          "@product": "Cosminexus Server - Web Edition Version 4",
          "@vendor": "Hitachi, Ltd",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:hitachi:hitachi_web_server",
          "@product": "Hitachi Web Server",
          "@vendor": "Hitachi, Ltd",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:hitachi:ucosminexus_application_server_enterprise",
          "@product": "uCosminexus Application Server Enterprise",
          "@vendor": "Hitachi, Ltd",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:hitachi:ucosminexus_application_server_smart_edition",
          "@product": "uCosminexus Application Server Smart Edition",
          "@vendor": "Hitachi, Ltd",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:hitachi:ucosminexus_application_server_standard",
          "@product": "uCosminexus Application Server Standard",
          "@vendor": "Hitachi, Ltd",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:hitachi:ucosminexus_developer",
          "@product": "uCosminexus Developer",
          "@vendor": "Hitachi, Ltd",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:hitachi:ucosminexus_developer_light",
          "@product": "uCosminexus Developer Light",
          "@vendor": "Hitachi, Ltd",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:hitachi:ucosminexus_developer_standard",
          "@product": "uCosminexus Developer Standard",
          "@vendor": "Hitachi, Ltd",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:hitachi:ucosminexus_service_architect",
          "@product": "uCosminexus Service Architect",
          "@vendor": "Hitachi, Ltd",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:hitachi:ucosminexus_service_platform",
          "@product": "uCosminexus Service Platform",
          "@vendor": "Hitachi, Ltd",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:ibm:http_server",
          "@product": "IBM HTTP Server",
          "@vendor": "IBM Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:oracle:http_server",
          "@product": "Oracle HTTP Server",
          "@vendor": "Oracle Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:apple:mac_os_x",
          "@product": "Apple Mac OS X",
          "@vendor": "Apple Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:apple:mac_os_x_server",
          "@product": "Apple Mac OS X Server",
          "@vendor": "Apple Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:hp:hp-ux",
          "@product": "HP-UX",
          "@vendor": "Hewlett-Packard Development Company,L.P",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:misc:miraclelinux_asianux_server",
          "@product": "Asianux Server",
          "@vendor": "Cybertrust Japan Co., Ltd.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:redhat:enterprise_linux",
          "@product": "Red Hat Enterprise Linux",
          "@vendor": "Red Hat, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:redhat:linux_advanced_workstation",
          "@product": "Red Hat Linux Advanced Workstation",
          "@vendor": "Red Hat, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:sun:solaris",
          "@product": "Sun Solaris",
          "@vendor": "Sun Microsystems, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:turbolinux:turbolinux",
          "@product": "Turbolinux",
          "@vendor": "Turbolinux, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:turbolinux:turbolinux_desktop",
          "@product": "Turbolinux Desktop",
          "@vendor": "Turbolinux, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:turbolinux:turbolinux_fuji",
          "@product": "Turbolinux FUJI",
          "@vendor": "Turbolinux, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:turbolinux:turbolinux_home",
          "@product": "Turbolinux Home",
          "@vendor": "Turbolinux, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:turbolinux:turbolinux_multimedia",
          "@product": "Turbolinux Multimedia",
          "@vendor": "Turbolinux, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:turbolinux:turbolinux_personal",
          "@product": "Turbolinux Personal",
          "@vendor": "Turbolinux, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:turbolinux:turbolinux_server",
          "@product": "Turbolinux Server",
          "@vendor": "Turbolinux, Inc.",
          "@version": "2.2"
        }
      ],
      "sec:cvss": {
        "@score": "4.3",
        "@severity": "Medium",
        "@type": "Base",
        "@vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
        "@version": "2.0"
      },
      "sec:identifier": "JVNDB-2005-000727",
      "sec:references": [
        {
          "#text": "http://jvn.jp/en/jp/JVN06045169/index.html",
          "@id": "JVN#06045169",
          "@source": "JVN"
        },
        {
          "#text": "https://jvn.jp/en/tr/TRTA08-079A/index.html",
          "@id": "TRTA08-079A",
          "@source": "JVNTR"
        },
        {
          "#text": "https://jvn.jp/en/tr/TRTA08-150A/index.html",
          "@id": "TRTA08-150A",
          "@source": "JVNTR"
        },
        {
          "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3352",
          "@id": "CVE-2005-3352",
          "@source": "CVE"
        },
        {
          "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2005-3352",
          "@id": "CVE-2005-3352",
          "@source": "NVD"
        },
        {
          "#text": "http://www.us-cert.gov/cas/alerts/SA08-079A.html",
          "@id": "SA08-079A",
          "@source": "CERT-SA"
        },
        {
          "#text": "http://www.us-cert.gov/cas/alerts/SA08-150A.html",
          "@id": "SA08-150A",
          "@source": "CERT-SA"
        },
        {
          "#text": "http://www.us-cert.gov/cas/techalerts/TA08-079A.html",
          "@id": "TA08-079A",
          "@source": "CERT-TA"
        },
        {
          "#text": "http://www.us-cert.gov/cas/techalerts/TA08-150A.html",
          "@id": "TA08-150A",
          "@source": "CERT-TA"
        },
        {
          "#text": "http://www.securityfocus.com/bid/15834",
          "@id": "15834",
          "@source": "BID"
        }
      ],
      "title": "mod_imap cross-site scripting vulnerability"
    }